NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage
Search CSRC:

Public Key Infrastructures (PKI)

PKI Testing

Testing PKI Components

The National Institute of Standards and Technology (NIST) Information Technology Laboratory responds to industry and user needs for objective, neutral tests for information technology. ITL recognizes such tests as the enabling tools that help companies produce the next generation of products and services. It is a goal of the NIST PKI Program to develop such tests to help companies produce interoperable PKI components.

NIST worked with CygnaCom Solutions and BAE Systems to develop a suite of tests that will enable developers and validation laboratories to determine a PKI client application's conformance to the path processing rules as specified in X.509. As additional tests are developed, NIST will make the information necessary to perform the tests (e.g., descriptions of each test, the expected results of the test, and any certificates and certificate revocation lists necessary to perform the test) available on-line for both review and for use in testing applications.

Path Validation Testing Program

The Public Key Interoperability Test Suite (PKITS) is a comprehensive X.509 path validation test suite that was developed by NIST in conjunction with BAE Systems and NSA.  The PKITS path validation test suite is designed to cover most of the features specified in X.509 and RFC 3280.

Both test descriptions and test data are available for the PKITS path validation test suite:

  • Test descriptions - a PDF file containing descriptions of the tests in the test suite.
  • Test data - a zip file containing all of the data needed to run the tests. This includes all of the certificates and CRLs used in the tests, PKCS #12 files containing the private keys of each end entity (the password for each PKCS #12 file is "password"), signed S/MIME messages for each test, and an LDIF file that can be used to populate a directory with all of the certificates and CRLs used in the tests. The certificates and CRLs used in the test suite are also available in an LDAP directory (smime2.nist.gov, 129.6.20.71).
  • (PKITS version 1.0.1 was posted on April 14, 2011. The test descriptions and test data for PKITS version 1.0 will remain available for those wish to continue to use the original version of the test suite.)

NIST is currently developing a NIST Recommendation for X.509 Path Validation (May 2004). The NIST Recommendation specifies the set of functionality that NIST believes a Path Validation Module (PVM) needs to implement.  The NIST Recommendation specifies minimum functionality for two different environments: an Enterprise PVM that is designed to operate in a PKI that only spans a single organization; and a Bridge-enabled PVM that is designed to operate in a multi-organizational PKI.

In addition to specifying minimum functionality, the NIST Recommendation also specifies how PKITS can be used to verify that a PVM implements path validation correctly.  Appendix A of the NIST Recommendation includes a table listing every test in PKITS with an indication of whether that test needs to be run, depending on the set of functionality implemented by the PVM being tested. In order to make it easier to determine which tests need to be run for a given PVM, NIST has developed a program that generates a customized version of the table in Appendix A when provided with information about what functionality is implemented by the PVM being tested.

PKITS supersedes an earlier path validation test suite, Conformance Testing of Relying Party Client Certificate Path Processing Logic.  PKITS incorporates all of the tests from the earlier test suite, but also includes tests for many features that were not covered by the earlier test suite.

Path Discovery Testing Program

The path discovery test suite consists of a set of sample PKI architectures.  In each PKI architecture one CA is designated as the trust anchor and several end entity certificates have been issued.  Each test involves either locating all of the intermediate certificates and CRLs needed to validate an end entity certificate or determining that no valid certification path exists.

Both test descriptions and test data are available for the path discovery test suite:

  • Test descriptions - a PDF file containing descriptions of the tests in the test suite.
  • Test data - a zip file containing all of the data needed to run the tests. This includes all of the end entity certificates used in the tests, PKCS #12 files containing the private keys of each end entity (the password for each PKCS #12 file is "password"), signed S/MIME messages for each test, and a self-signed certificate for each of the trust anchors. The intermediate certificates and CRLs for the Directory based path discovery tests are available via LDAP at smime2.nist.gov.

The initial draft of the test suite contains three PKI architectures.  The three PKI architectures are all very similar, the main difference being the method by which intermediate certificates and CRLs may be located.  In one architecture, the certificates include LDAP URIs that indicate where certificates and CRLs may be found.  In another architecture, the certificates include HTTP URIs that indicate where certificates and CRLs may be found.  In the third architecture, the certificates do not include any information indicating where certificates and CRLS may be found, but the certificates and CRLs may be obtained from smime2.nist.gov using LDAP as specified in RFC 2587.

Each of the PKI architectures is designed to test a path discovery and validation module's abilities to perform path discovery at two different levels of complexity.  At the Rudimentary level, all end entity certificates are issued by CAs that are hierarchically subordinate to the trust anchor CA.  At the Basic level, end entity certificates are issued by CAs that are connected to the trust anchor CA by a mesh PKI architecture.  Path discovery and validation modules that are capable of discovering and validating all of the certification paths at the Rudimentary and Basic levels within the Directory based PKI architecture should be capable of discovering certification paths within the Federal PKI as it is currently constructed.

The path discovery test suite is intended for use with path discovery and validation modules whose path validation capabilities have already been successfully tested using PKITS. The Rudimentary path discovery tests require a path validation module that implements the functionality required for Enterprise PVMs as specified in the NIST Recommendation for X.509 Path Validation. The Basic path discovery tests additionally requires the path validation module to support processing name constraints for the directoryName name form, the policyMappings extension, the inhibitPolicyMapping field of the policyConstraints extension, and certificatePolicies extensions that assert the anyPolicy OID.

Mail List

A pkits@nist.gov email mailing list has been established for the submission of comments about PKITS, the NIST Recommendation for X.509 Path Validation, and the path discovery test suite. It is an unmoderated mailing list; messages addressed to this list are immediately distributed to all the addresses on the list. Only members are allowed to post messages to the list; however, anyone who wishes to do so may add themselves to the list.

To be added to the pkits mailing list send a message to pkits-request@nist.gov with a subject line of "subscribe" and an empty message body.

To unsubscribe from the list simply send a message to pkits-request@nist.gov with a subject line of "unsubscribe" and an empty message body.

Note: The LDAP directories and Web servers that contain the intermediate certificates and CRLs for the test suites may occasionally be taken off-line for service.  It may also be necessary to move the directories to a different server at some point.  If the directories are moved or taken off-line, a message will be sent to the pkits@nist.gov mail list.