diff options
author | cvs2hg <devnull@localhost> | 2010-04-08 14:29:00 +0000 |
---|---|---|
committer | cvs2hg <devnull@localhost> | 2010-04-08 14:29:00 +0000 |
commit | 47919aeb84bb2e4e6ccee964e85e717211fb9124 (patch) | |
tree | 7cd818d2c41a5a7e17fa6586f4b064add94ba79f /security/nss/tests/chains/scenarios | |
parent | 73a8f0fb87a5fdc1a806f8ffa916a0e0d066f4ec (diff) | |
download | nss-hg-NSSCKBI_1_79_RTM.tar.gz |
fixup commit for tag 'NSSCKBI_1_79_RTM'NSSCKBI_1_79_RTM
Diffstat (limited to 'security/nss/tests/chains/scenarios')
20 files changed, 0 insertions, 2774 deletions
diff --git a/security/nss/tests/chains/scenarios/aia.cfg b/security/nss/tests/chains/scenarios/aia.cfg deleted file mode 100644 index 000e00051..000000000 --- a/security/nss/tests/chains/scenarios/aia.cfg +++ /dev/null @@ -1,67 +0,0 @@ -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Network Security Services (NSS) -# -# The Initial Developer of the Original Code is Sun Microsystems, Inc. -# Portions created by the Initial Developer are Copyright (C) 2009 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -scenario AIA - -entity Root - type Root - -entity CA1 - type Intermediate - issuer Root - -entity CA2 - type Intermediate - issuer CA1 - aia CA1:Root - -entity User - type EE - issuer CA2 - -testdb User - -verify User:CA2 - cert CA2:CA1 - trust Root: - result fail - -verify User:CA2 - cert CA2:CA1 - trust Root: - fetch - result pass - diff --git a/security/nss/tests/chains/scenarios/anypolicy.cfg b/security/nss/tests/chains/scenarios/anypolicy.cfg deleted file mode 100644 index c6a989fa6..000000000 --- a/security/nss/tests/chains/scenarios/anypolicy.cfg +++ /dev/null @@ -1,109 +0,0 @@ -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Network Security Services (NSS) -# -# The Initial Developer of the Original Code is Sun Microsystems, Inc. -# Portions created by the Initial Developer are Copyright (C) 2009 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -scenario AnyPolicy - -entity RootCA - type Root - -entity CA1 - type Intermediate - issuer RootCA - policy any - -entity CA2 - type Intermediate - issuer CA1 - policy OID.1.0 - inhibit 0 - -entity CA3 - type Intermediate - issuer CA1 - policy OID.1.0 - -entity User1 - type EE - issuer CA2 - policy OID.1.0 - -entity User2 - type EE - issuer CA2 - policy any - -entity User3 - type EE - issuer CA3 - policy any - -db All - -import RootCA:: -import CA1:RootCA: -import CA2:CA1: -import CA3:CA1: - -verify User1:CA2 - trust RootCA - policy OID.1.0 - result pass - -verify User1:CA2 - trust RootCA - policy OID.2.0 - result fail - -verify User2:CA2 - trust RootCA - policy OID.1.0 - result fail - -verify User2:CA2 - trust RootCA - policy OID.2.0 - result fail - -verify User3:CA3 - trust RootCA - policy OID.1.0 - result pass - -verify User3:CA3 - trust RootCA - policy OID.2.0 - result fail - diff --git a/security/nss/tests/chains/scenarios/anypolicywithlevel.cfg b/security/nss/tests/chains/scenarios/anypolicywithlevel.cfg deleted file mode 100644 index a24dcae51..000000000 --- a/security/nss/tests/chains/scenarios/anypolicywithlevel.cfg +++ /dev/null @@ -1,407 +0,0 @@ -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Network Security Services (NSS) -# -# The Initial Developer of the Original Code is Sun Microsystems, Inc. -# Portions created by the Initial Developer are Copyright (C) 2009 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -scenario AnyPolicyWithLevel - -entity RootCA - type Root - -entity CA1 - type Intermediate - issuer RootCA - policy any - inhibit 1 - -entity CA12 - type Intermediate - issuer CA1 - policy any - -entity CA13 - type Intermediate - issuer CA12 - policy OID.1.0 - -entity EE1 - type EE - issuer CA13 - policy OID.1.0 - -entity CA22 - type Intermediate - issuer CA1 - policy any - -entity CA23 - type Intermediate - issuer CA22 - policy any - -entity EE2 - type EE - issuer CA23 - policy OID.1.0 - -entity CA32 - type Intermediate - issuer CA1 - policy any - inhibit 1 - -entity CA33 - type Intermediate - issuer CA32 - policy any - -entity EE3 - type EE - issuer CA33 - policy OID.1.0 - -entity CA42 - type Intermediate - issuer CA1 - policy any - policy OID.1.0 - -entity CA43 - type Intermediate - issuer CA42 - policy any - policy OID.1.0 - -entity EE4 - type EE - issuer CA43 - policy OID.1.0 - -entity CA52 - type Intermediate - issuer CA1 - policy any - policy OID.1.0 - -entity CA53 - type Intermediate - issuer CA52 - policy any - -entity EE5 - type EE - issuer CA53 - policy OID.1.0 - -entity CA61 - type Intermediate - issuer RootCA - policy any - inhibit 5 - -entity CA62 - type Intermediate - issuer CA61 - policy any - -entity EE62 - type EE - issuer CA62 - policy OID.1.0 - -entity CA63 - type Intermediate - issuer CA62 - policy any - -entity EE63 - type EE - issuer CA63 - policy OID.1.0 - -entity CA64 - type Intermediate - issuer CA63 - policy any - -entity EE64 - type EE - issuer CA64 - policy OID.1.0 - -entity CA65 - type Intermediate - issuer CA64 - policy any - -entity EE65 - type EE - issuer CA65 - policy OID.1.0 - -entity CA66 - type Intermediate - issuer CA65 - policy any - -entity EE66 - type EE - issuer CA66 - policy OID.1.0 - -entity CA67 - type Intermediate - issuer CA66 - policy any - -entity EE67 - type EE - issuer CA67 - policy OID.1.0 - -db All - -verify EE1:CA13 - cert RootCA: - cert CA1:RootCA - cert CA12:CA1 - cert CA13:CA12 - trust RootCA: - policy OID.1.0 - result pass - -verify EE1:CA13 - cert RootCA: - cert CA1:RootCA - cert CA12:CA1 - cert CA13:CA12 - trust RootCA: - policy OID.2.0 - result fail - -verify EE1:CA13 - cert RootCA: - cert CA1:RootCA - cert CA12:CA1 - cert CA13:CA12 - trust RootCA: - policy OID.2.5.29.32.0 - result pass - -verify EE2:CA23 - cert RootCA: - cert CA1:RootCA - cert CA22:CA1 - cert CA23:CA22 - trust RootCA: - policy OID.1.0 - result fail - -verify EE2:CA23 - cert RootCA: - cert CA1:RootCA - cert CA22:CA1 - cert CA23:CA22 - trust RootCA: - policy OID.2.0 - result fail - -verify EE2:CA23 - cert RootCA: - cert CA1:RootCA - cert CA22:CA1 - cert CA23:CA22 - trust RootCA: - policy OID.2.5.29.32.0 - result fail - -verify EE3:CA33 - cert RootCA: - cert CA1:RootCA - cert CA32:CA1 - cert CA33:CA32 - trust RootCA: - policy OID.1.0 - result fail - -verify EE3:CA33 - cert RootCA: - cert CA1:RootCA - cert CA32:CA1 - cert CA33:CA32 - trust RootCA: - policy OID.2.0 - result fail - -verify EE3:CA33 - cert RootCA: - cert CA1:RootCA - cert CA32:CA1 - cert CA33:CA32 - trust RootCA: - policy OID.2.5.29.32.0 - result fail - -verify EE4:CA43 - cert RootCA: - cert CA1:RootCA - cert CA42:CA1 - cert CA43:CA42 - trust RootCA: - policy OID.1.0 - result pass - -verify EE4:CA43 - cert RootCA: - cert CA1:RootCA - cert CA42:CA1 - cert CA43:CA42 - trust RootCA: - policy OID.2.0 - result fail - -verify EE4:CA43 - cert RootCA: - cert CA1:RootCA - cert CA42:CA1 - cert CA43:CA42 - trust RootCA: - policy OID.2.5.29.32.0 - result pass - -verify EE5:CA53 - cert RootCA: - cert CA1:RootCA - cert CA52:CA1 - cert CA53:CA52 - trust RootCA: - policy OID.1.0 - result fail - -verify EE5:CA53 - cert RootCA: - cert CA1:RootCA - cert CA52:CA1 - cert CA53:CA52 - trust RootCA: - policy OID.2.0 - result fail - -verify EE5:CA53 - cert RootCA: - cert CA1:RootCA - cert CA52:CA1 - cert CA53:CA52 - trust RootCA: - policy OID.2.5.29.32.0 - result fail - -verify EE62:CA62 - cert RootCA: - cert CA61:RootCA - cert CA62:CA61 - cert CA63:CA62 - cert CA64:CA63 - cert CA65:CA64 - cert CA66:CA65 - cert CA67:CA66 - trust RootCA: - policy OID.1.0 - result pass - -verify EE63:CA63 - cert RootCA: - cert CA61:RootCA - cert CA62:CA61 - cert CA63:CA62 - cert CA64:CA63 - cert CA65:CA64 - cert CA66:CA65 - cert CA67:CA66 - trust RootCA: - policy OID.1.0 - result pass - -verify EE64:CA64 - cert RootCA: - cert CA61:RootCA - cert CA62:CA61 - cert CA63:CA62 - cert CA64:CA63 - cert CA65:CA64 - cert CA66:CA65 - cert CA67:CA66 - trust RootCA: - policy OID.1.0 - result pass - -verify EE65:CA65 - cert RootCA: - cert CA61:RootCA - cert CA62:CA61 - cert CA63:CA62 - cert CA64:CA63 - cert CA65:CA64 - cert CA66:CA65 - cert CA67:CA66 - trust RootCA: - policy OID.1.0 - result pass - -verify EE66:CA66 - cert RootCA: - cert CA61:RootCA - cert CA62:CA61 - cert CA63:CA62 - cert CA64:CA63 - cert CA65:CA64 - cert CA66:CA65 - cert CA67:CA66 - trust RootCA: - policy OID.1.0 - result pass - -verify EE67:CA67 - cert RootCA: - cert CA61:RootCA - cert CA62:CA61 - cert CA63:CA62 - cert CA64:CA63 - cert CA65:CA64 - cert CA66:CA65 - cert CA67:CA66 - trust RootCA: - policy OID.1.0 - result fail - diff --git a/security/nss/tests/chains/scenarios/bridge.cfg b/security/nss/tests/chains/scenarios/bridge.cfg deleted file mode 100644 index 172b1a019..000000000 --- a/security/nss/tests/chains/scenarios/bridge.cfg +++ /dev/null @@ -1,138 +0,0 @@ -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Network Security Services (NSS) -# -# The Initial Developer of the Original Code is Sun Microsystems, Inc. -# Portions created by the Initial Developer are Copyright (C) 2009 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -scenario Bridge - -entity Army - type Root - -entity Navy - type Root - -entity Bridge - type Bridge - issuer Army - issuer Navy - -entity User - type EE - issuer Bridge - -db All - -import Army:: -import Navy:: - -verify User:Bridge - cert Bridge:Navy - trust Navy - result pass - -verify User:Bridge - cert Bridge:Army - trust Army - result pass - -verify User:Bridge - cert Bridge:Navy - trust Army - result fail - -import Bridge:Army: -import Bridge:Navy: - -verify User:Bridge - trust Army - result pass - -verify User:Bridge - trust Navy - result pass - -db ArmyOnly - -import Army::C,, - -verify User:Bridge - result fail - -verify User:Bridge - cert Bridge:Navy - result fail - -verify User:Bridge - cert Bridge:Navy - cert Navy: - result fail - -verify User:Bridge - cert Bridge:Navy - cert Navy: - trust Navy: - result pass - -verify User:Bridge - cert Bridge:Navy - trust Navy: - result pass - -db NavyOnly - -import Navy::C,, - -verify User:Bridge - result fail - -verify User:Bridge - cert Bridge:Army - result fail - -verify User:Bridge - cert Bridge:Army - cert Army: - result fail - -verify User:Bridge - cert Bridge:Army - cert Army: - trust Army: - result pass - -verify User:Bridge - cert Bridge:Army - trust Army: - result pass - diff --git a/security/nss/tests/chains/scenarios/bridgewithaia.cfg b/security/nss/tests/chains/scenarios/bridgewithaia.cfg deleted file mode 100644 index 94a634fc2..000000000 --- a/security/nss/tests/chains/scenarios/bridgewithaia.cfg +++ /dev/null @@ -1,86 +0,0 @@ -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Network Security Services (NSS) -# -# The Initial Developer of the Original Code is Sun Microsystems, Inc. -# Portions created by the Initial Developer are Copyright (C) 2009 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -scenario BridgeWithAIA - -entity Army - type Root - -entity Navy - type Root - -entity Bridge - type Bridge - issuer Army - issuer Navy - -entity CA1 - type Intermediate - issuer Bridge - aia Bridge - -entity EE1 - type EE - issuer CA1 - -testdb EE1 - -verify EE1:CA1 - cert CA1:Bridge - trust Army: - result fail - -verify EE1:CA1 - cert CA1:Bridge - trust Army: - fetch -# should pass, bug 435314 -# temporary result - test fails only with dbm cert db - result dbm:fail all:pass - -verify EE1:CA1 - cert CA1:Bridge - trust Navy: - fetch - result pass - -verify EE1:CA1 - cert CA1:Bridge - cert Bridge:Army - trust Navy: - fetch - result pass - diff --git a/security/nss/tests/chains/scenarios/bridgewithhalfaia.cfg b/security/nss/tests/chains/scenarios/bridgewithhalfaia.cfg deleted file mode 100644 index 5d1a7ee0d..000000000 --- a/security/nss/tests/chains/scenarios/bridgewithhalfaia.cfg +++ /dev/null @@ -1,121 +0,0 @@ -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Network Security Services (NSS) -# -# The Initial Developer of the Original Code is Sun Microsystems, Inc. -# Portions created by the Initial Developer are Copyright (C) 2009 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -scenario BridgeWithHalfAIA - -entity Army - type Root - -entity Navy - type Root - -entity Bridge - type Bridge - issuer Army - issuer Navy - -entity CA1 - type Intermediate - issuer Bridge - aia Bridge - -entity EE1 - type EE - issuer CA1 - -entity CA2 - type Intermediate - issuer Bridge - aia Bridge:Navy - -entity EE2 - type EE - issuer CA2 - -testdb EE1 - -verify EE1:CA1 - cert CA1:Bridge - trust Army: - result fail - -verify EE1:CA1 - cert CA1:Bridge - trust Army: - fetch -# should pass, bug 435314 -# temporary result - test fails only with dbm cert db - result dbm:fail all:pass - -verify EE1:CA1 - cert CA1:Bridge - trust Navy: - fetch - result pass - -verify EE1:CA1 - cert CA1:Bridge - cert Bridge:Army - trust Navy: - fetch - result pass - -verify EE2:CA2 - cert Bridge:Army - trust Army: - fetch - result fail - -verify EE2:CA2 - cert CA2:Bridge - cert Bridge:Army - trust Army: - fetch - result pass - -verify EE2:CA2 - cert CA2:Bridge - trust Navy: - fetch - result pass - -verify EE2:CA2 - cert CA2:Bridge - cert Bridge:Army - trust Navy: - fetch - result pass - diff --git a/security/nss/tests/chains/scenarios/bridgewithpolicyextensionandmapping.cfg b/security/nss/tests/chains/scenarios/bridgewithpolicyextensionandmapping.cfg deleted file mode 100644 index cd5cd523b..000000000 --- a/security/nss/tests/chains/scenarios/bridgewithpolicyextensionandmapping.cfg +++ /dev/null @@ -1,219 +0,0 @@ -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Network Security Services (NSS) -# -# The Initial Developer of the Original Code is Sun Microsystems, Inc. -# Portions created by the Initial Developer are Copyright (C) 2009 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -scenario BridgeWithPolicyExtensionAndMapping - -entity Army - type Root - -entity Navy - type Root - -entity CAArmy - type Intermediate - issuer Army - policy OID.1.0 - policy OID.1.1 - -entity CANavy - type Intermediate - issuer Navy - policy OID.2.0 - policy OID.2.1 - -entity Bridge - type Bridge - issuer CAArmy - policy OID.1.0 - policy OID.1.1 - mapping OID.1.1:OID.2.1 - issuer CANavy - policy OID.2.0 - policy OID.2.1 - mapping OID.2.1:OID.1.1 - -entity CA1 - type Intermediate - issuer Bridge - policy OID.1.1 - policy OID.2.1 - -entity CA2 - type Intermediate - issuer Bridge - policy OID.1.0 - policy OID.2.0 - -entity EE1 - type EE - issuer CA1 - policy OID.2.1 - -entity EE2 - type EE - issuer CA2 - policy OID.2.0 - -testdb - -verify EE1:CA1 - cert CA1:Bridge - cert Bridge:CAArmy - cert CAArmy:Army - trust Army: - policy OID.1.0 - result fail - -verify EE1:CA1 - cert CA1:Bridge - cert Bridge:CAArmy - cert CAArmy:Army - trust Army: - policy OID.1.1 - result pass - -verify EE1:CA1 - cert CA1:Bridge - cert Bridge:CAArmy - cert CAArmy:Army - trust Army: - policy OID.2.0 - result fail - -verify EE1:CA1 - cert CA1:Bridge - cert Bridge:CAArmy - cert CAArmy:Army - trust Army: - policy OID.2.1 - result fail - -verify EE1:CA1 - cert CA1:Bridge - cert Bridge:CANavy - cert CANavy:Navy - trust Navy: - policy OID.1.0 - result fail - -verify EE1:CA1 - cert CA1:Bridge - cert Bridge:CANavy - cert CANavy:Navy - trust Navy: - policy OID.1.1 - result fail - -verify EE1:CA1 - cert CA1:Bridge - cert Bridge:CANavy - cert CANavy:Navy - trust Navy: - policy OID.2.0 - result fail - -verify EE1:CA1 - cert CA1:Bridge - cert Bridge:CANavy - cert CANavy:Navy - trust Navy: - policy OID.2.1 - result fail - -verify EE2:CA2 - cert CA2:Bridge - cert Bridge:CANavy - cert CANavy:Navy - trust Navy: - policy OID.1.0 - result fail - -verify EE2:CA2 - cert CA2:Bridge - cert Bridge:CANavy - cert CANavy:Navy - trust Navy: - policy OID.1.1 - result fail - -verify EE2:CA2 - cert CA2:Bridge - cert Bridge:CANavy - cert CANavy:Navy - trust Navy: - policy OID.2.0 - result pass - -verify EE2:CA2 - cert CA2:Bridge - cert Bridge:CANavy - cert CANavy:Navy - trust Navy: - policy OID.2.1 - result fail - -verify EE2:CA2 - cert CA2:Bridge - cert Bridge:CAArmy - cert CAArmy:Army - trust Army: - policy OID.1.0 - result fail - -verify EE2:CA2 - cert CA2:Bridge - cert Bridge:CAArmy - cert CAArmy:Army - trust Army: - policy OID.1.1 - result fail - -verify EE2:CA2 - cert CA2:Bridge - cert Bridge:CAArmy - cert CAArmy:Army - trust Army: - policy OID.2.0 - result fail - -verify EE2:CA2 - cert CA2:Bridge - cert Bridge:CAArmy - cert CAArmy:Army - trust Army: - policy OID.2.1 - result fail - diff --git a/security/nss/tests/chains/scenarios/crldp.cfg b/security/nss/tests/chains/scenarios/crldp.cfg deleted file mode 100644 index a86b18a35..000000000 --- a/security/nss/tests/chains/scenarios/crldp.cfg +++ /dev/null @@ -1,137 +0,0 @@ -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Network Security Services (NSS) -# -# The Initial Developer of the Original Code is Sun Microsystems, Inc. -# Portions created by the Initial Developer are Copyright (C) 2009 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -scenario CRLDP - -entity Root - type Root - -entity CA0 - type Intermediate - issuer Root - -entity CA1 - type Intermediate - crldp CA0 - issuer CA0 - serial 10 - aia CA0:Root - -entity EE11 - type EE - crldp CA0 - issuer CA1 - -entity CA2 - type Intermediate - crldp CA0 - issuer CA0 - serial 20 - aia CA0:Root - -entity EE21 - type EE - issuer CA2 - -entity EE1 - type EE - crldp CA0 - issuer CA0 - serial 30 - aia CA0:Root - -entity EE2 - type EE - crldp CA0 - issuer CA0 - serial 40 - aia CA0:Root - -crl Root -crl CA0 -crl CA1 -crl CA2 - -revoke CA0 - serial 20 - -revoke CA0 - serial 40 - -copycrl CA0 - -db All - -import Root::CTu,CTu,CTu - -# intermediate CA - OK, EE - OK -verify EE11:CA1 - cert CA1:CA0 - trust Root: - fetch - rev_type chain - rev_flags requireFreshInfo - rev_mtype crl - result pass - -# intermediate CA - revoked, EE - OK -verify EE21:CA2 - cert CA2:CA0 - trust Root: - fetch - rev_type chain - rev_flags requireFreshInfo - rev_mtype crl - result fail - -# direct EE - OK -verify EE1:CA0 - trust Root: - fetch - rev_type leaf - rev_flags requireFreshInfo - rev_mtype crl - result pass - -# direct EE - revoked -verify EE2:CA0 - trust Root: - fetch - rev_type leaf - rev_flags requireFreshInfo - rev_mtype crl - result fail - diff --git a/security/nss/tests/chains/scenarios/dsa.cfg b/security/nss/tests/chains/scenarios/dsa.cfg deleted file mode 100644 index 6348a2a41..000000000 --- a/security/nss/tests/chains/scenarios/dsa.cfg +++ /dev/null @@ -1,104 +0,0 @@ -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Network Security Services (NSS) -# -# The Initial Developer of the Original Code is Sun Microsystems, Inc. -# Portions created by the Initial Developer are Copyright (C) 2009 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -scenario DSA - -entity Root - type Root - ctype dsa - -entity CA1 - type Intermediate - issuer Root - ctype dsa - -entity EE1 - type EE - issuer CA1 - ctype dsa - -entity CA2 - type Intermediate - issuer Root - ctype dsa - -entity EE2 - type EE - issuer CA2 - ctype rsa - -entity CA3 - type Intermediate - issuer Root - ctype rsa - -entity EE3 - type EE - issuer CA3 - ctype dsa - -entity CA4 - type Intermediate - issuer Root - ctype rsa - -entity EE4 - type EE - issuer CA4 - ctype rsa - -db All - -verify EE1:CA1 - cert CA1:Root - trust Root: - result pass - -verify EE2:CA2 - cert CA2:Root - trust Root: - result pass - -verify EE3:CA3 - cert CA3:Root - trust Root: - result pass - -verify EE4:CA4 - cert CA4:Root - trust Root: - result pass - diff --git a/security/nss/tests/chains/scenarios/explicitPolicy.cfg b/security/nss/tests/chains/scenarios/explicitPolicy.cfg deleted file mode 100644 index 4b6ea2207..000000000 --- a/security/nss/tests/chains/scenarios/explicitPolicy.cfg +++ /dev/null @@ -1,110 +0,0 @@ -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Network Security Services (NSS) -# -# The Initial Developer of the Original Code is Sun Microsystems, Inc. -# Portions created by the Initial Developer are Copyright (C) 2009 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -scenario explicitPolicy - -entity Root - type Root - -entity nonEVCA - type Intermediate - issuer Root - -entity EVCA - type Intermediate - issuer Root - policy OID.1.0 - -entity otherEVCA - type Intermediate - issuer Root - policy OID.2.0 - -entity validEV - type EE - issuer EVCA - policy OID.1.0 - -entity invalidEV - type EE - issuer nonEVCA - policy OID.1.0 - -entity wrongEVOID - type EE - issuer otherEVCA - policy OID.1.0 - -db All - -verify validEV:EVCA - cert EVCA:Root - cert Root: - trust Root: - policy OID.1.0 - result pass - -verify invalidEV:nonEVCA - cert nonEVCA:Root - cert Root: - trust Root: - policy OID.1.0 - result fail - -verify wrongEVOID:otherEVCA - cert otherEVCA:Root - cert Root: - trust Root: - policy OID.1.0 - result fail - -import Root::C,C,C - -verify validEV:EVCA - cert EVCA:Root - policy OID.1.0 - result pass - -verify invalidEV:nonEVCA - cert nonEVCA:Root - policy OID.1.0 - result fail - -verify wrongEVOID:otherEVCA - cert otherEVCA:Root - policy OID.1.0 - result fail - diff --git a/security/nss/tests/chains/scenarios/extension.cfg b/security/nss/tests/chains/scenarios/extension.cfg deleted file mode 100644 index bc476feab..000000000 --- a/security/nss/tests/chains/scenarios/extension.cfg +++ /dev/null @@ -1,134 +0,0 @@ -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Network Security Services (NSS) -# -# The Initial Developer of the Original Code is Sun Microsystems, Inc. -# Portions created by the Initial Developer are Copyright (C) 2009 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -scenario Extension - -entity Root - type Root - -entity CA1 - type Intermediate - issuer Root - policy OID.1.0 - -entity CA2 - type Intermediate - issuer CA1 - policy OID.1.0 - -entity User - type EE - issuer CA2 - policy OID.1.0 - -db All - -verify User:CA2 - cert CA2:CA1 - cert CA1:Root - cert Root: - trust Root: - policy OID.1.0 - result pass - -verify User:CA2 - cert CA2:CA1 - cert CA1:Root - cert Root: - trust Root: - policy OID.2.0 - result fail - -verify User:CA2 - cert CA2:CA1 - cert CA1:Root - trust CA1:Root - policy OID.1.0 - result pass - -verify User:CA2 - cert CA2:CA1 - cert CA1:Root - trust CA1:Root - policy OID.2.0 - result fail - -verify User:CA2 - cert CA2:CA1 - trust CA2:CA1 - policy OID.1.0 - result pass - -verify User:CA2 - cert CA2:CA1 - trust CA2:CA1 - policy OID.2.0 - result fail - -import Root:: -import CA1:Root: -import CA2:CA1: - -verify User:CA2 - trust Root - policy OID.1.0 - result pass - -verify User:CA2 - trust Root - policy OID.2.0 - result fail - -verify User:CA2 - trust CA1 - policy OID.1.0 - result pass - -verify User:CA2 - trust CA1 - policy OID.2.0 - result fail - -verify User:CA2 - trust CA2 - policy OID.1.0 - result pass - -verify User:CA2 - trust CA2 - policy OID.2.0 - result fail - diff --git a/security/nss/tests/chains/scenarios/extension2.cfg b/security/nss/tests/chains/scenarios/extension2.cfg deleted file mode 100644 index 0de74a82b..000000000 --- a/security/nss/tests/chains/scenarios/extension2.cfg +++ /dev/null @@ -1,172 +0,0 @@ -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Network Security Services (NSS) -# -# The Initial Developer of the Original Code is Sun Microsystems, Inc. -# Portions created by the Initial Developer are Copyright (C) 2009 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -scenario Extension2 - -entity Root - type Root - -entity CA1 - type Intermediate - issuer Root - policy OID.1.0 - policy OID.2.0 - -entity CA2 - type Intermediate - issuer CA1 - policy OID.1.0 - policy OID.2.0 - -entity User1 - type EE - issuer CA2 - policy OID.1.0 - -entity User2 - type EE - issuer CA2 - policy OID.1.0 - policy OID.2.0 - -db All - -verify User1:CA2 - cert CA2:CA1 - cert CA1:Root - cert Root: - trust Root: - policy OID.1.0 - result pass - -verify User1:CA2 - cert CA2:CA1 - cert CA1:Root - cert Root: - trust Root: - policy OID.2.0 - result fail - -verify User1:CA2 - cert CA2:CA1 - cert CA1:Root - trust CA1:Root - policy OID.1.0 - result pass - -verify User1:CA2 - cert CA2:CA1 - cert CA1:Root - trust CA1:Root - policy OID.2.0 - result fail - -verify User1:CA2 - cert CA2:CA1 - trust CA2:CA1 - policy OID.1.0 - result pass - -verify User1:CA2 - cert CA2:CA1 - trust CA2:CA1 - policy OID.2.0 - result fail - -import Root:: -import CA1:Root: -import CA2:CA1: - -verify User1:CA2 - trust Root - policy OID.1.0 - result pass - -verify User1:CA2 - trust Root - policy OID.2.0 - result fail - -verify User1:CA2 - trust CA1 - policy OID.1.0 - result pass - -verify User1:CA2 - trust CA1 - policy OID.2.0 - result fail - -verify User1:CA2 - trust CA2 - policy OID.1.0 - result pass - -verify User1:CA2 - trust CA2 - policy OID.2.0 - result fail - -verify User2:CA2 - trust Root - policy OID.1.0 - result pass - -verify User2:CA2 - trust Root - policy OID.2.0 - result pass - -verify User2:CA2 - trust CA1 - policy OID.1.0 - result pass - -verify User2:CA2 - trust CA1 - policy OID.2.0 - result pass - -verify User2:CA2 - trust CA2 - policy OID.1.0 - result pass - -verify User2:CA2 - trust CA2 - policy OID.2.0 - result pass - diff --git a/security/nss/tests/chains/scenarios/mapping.cfg b/security/nss/tests/chains/scenarios/mapping.cfg deleted file mode 100644 index ab58ee5b6..000000000 --- a/security/nss/tests/chains/scenarios/mapping.cfg +++ /dev/null @@ -1,95 +0,0 @@ -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Network Security Services (NSS) -# -# The Initial Developer of the Original Code is Sun Microsystems, Inc. -# Portions created by the Initial Developer are Copyright (C) 2009 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -scenario Mapping - -entity Root - type Root - -entity CA1 - type Intermediate - issuer Root - policy OID.1.0 - mapping OID.1.0:OID.1.1 - -entity CA2 - type Intermediate - issuer CA1 - policy OID.1.1 - -entity User - type EE - issuer CA2 - policy OID.1.1 - -db All - -import Root:: -import CA1:Root: -import CA2:CA1: - -verify User:CA2 - trust Root - policy OID.1.0 -# should fail, bug 430859 - result pass - -verify User:CA2 - trust Root - policy OID.1.1 -# should pass, bug 430859 - result fail - -verify User:CA2 - trust CA1 - policy OID.1.0 - result fail - -verify User:CA2 - trust CA1 - policy OID.1.1 - result pass - -verify User:CA2 - trust CA2 - policy OID.1.0 - result fail - -verify User:CA2 - trust CA2 - policy OID.1.1 - result pass - diff --git a/security/nss/tests/chains/scenarios/mapping2.cfg b/security/nss/tests/chains/scenarios/mapping2.cfg deleted file mode 100644 index 6f99c87fb..000000000 --- a/security/nss/tests/chains/scenarios/mapping2.cfg +++ /dev/null @@ -1,103 +0,0 @@ -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Network Security Services (NSS) -# -# The Initial Developer of the Original Code is Sun Microsystems, Inc. -# Portions created by the Initial Developer are Copyright (C) 2009 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -scenario Mapping2 - -entity Root - type Root - -entity CA1 - type Intermediate - issuer Root - policy OID.1.0 - -entity CA2 - type Intermediate - issuer CA1 - policy OID.1.0 - mapping OID.1.0:OID.1.1 - -entity CA3 - type Intermediate - issuer CA2 - policy OID.1.1 - -entity User - type EE - issuer CA3 - policy OID.1.1 - -db All - -import Root:: -import CA1:Root: -import CA2:CA1: -import CA3:CA2: - -verify User:CA3 - trust Root - policy OID.1.0 -# should fail, bug 430859 - result pass - -verify User:CA3 - trust Root - policy OID.1.1 -# should pass, bug 430859 - result fail - -verify User:CA3 - trust CA1 - policy OID.1.0 -# should fail, bug 430859 - result pass - -verify User:CA3 - trust CA1 - policy OID.1.1 -# should pass, bug 430859 - result fail - -verify User:CA3 - trust CA2 - policy OID.1.0 - result fail - -verify User:CA3 - trust CA2 - policy OID.1.1 - result pass - diff --git a/security/nss/tests/chains/scenarios/megabridge_3_2.cfg b/security/nss/tests/chains/scenarios/megabridge_3_2.cfg deleted file mode 100644 index 08268cb35..000000000 --- a/security/nss/tests/chains/scenarios/megabridge_3_2.cfg +++ /dev/null @@ -1,162 +0,0 @@ -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Network Security Services (NSS) -# -# The Initial Developer of the Original Code is Sun Microsystems, Inc. -# Portions created by the Initial Developer are Copyright (C) 2009 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -scenario MegaBridge_3_2 - -entity Root1 - type Root - -entity Root2 - type Root - -entity Root3 - type Root - -entity Root4 - type Root - -entity Root5 - type Root - -entity Root6 - type Root - -entity Root7 - type Root - -entity Root8 - type Root - -entity Root9 - type Root - -entity Bridge11 - type Bridge - issuer Root1 - issuer Root2 - issuer Root3 - -entity Bridge12 - type Bridge - issuer Root4 - issuer Root5 - issuer Root6 - -entity Bridge13 - type Bridge - issuer Root7 - issuer Root8 - issuer Root9 - -entity Bridge21 - type Bridge - issuer Bridge11 - issuer Bridge12 - issuer Bridge13 - -entity CA1 - type Intermediate - issuer Bridge21 - -entity EE1 - type EE - issuer CA1 - -testdb EE1 - -verify EE1:CA1 - cert CA1:Bridge21 - cert Bridge21:Bridge11 - cert Bridge11:Root1 - trust Root1: - result pass - -verify EE1:CA1 - cert CA1:Bridge21 - cert Bridge21:Bridge11 - cert Bridge11:Root2 - trust Root2: - result pass - -verify EE1:CA1 - cert CA1:Bridge21 - cert Bridge21:Bridge11 - cert Bridge11:Root3 - trust Root3: - result pass - -verify EE1:CA1 - cert CA1:Bridge21 - cert Bridge21:Bridge12 - cert Bridge12:Root4 - trust Root4: - result pass - -verify EE1:CA1 - cert CA1:Bridge21 - cert Bridge21:Bridge12 - cert Bridge12:Root5 - trust Root5: - result pass - -verify EE1:CA1 - cert CA1:Bridge21 - cert Bridge21:Bridge12 - cert Bridge12:Root6 - trust Root6: - result pass - -verify EE1:CA1 - cert CA1:Bridge21 - cert Bridge21:Bridge13 - cert Bridge13:Root7 - trust Root7: - result pass - -verify EE1:CA1 - cert CA1:Bridge21 - cert Bridge21:Bridge13 - cert Bridge13:Root8 - trust Root8: - result pass - -verify EE1:CA1 - cert CA1:Bridge21 - cert Bridge21:Bridge13 - cert Bridge13:Root9 - trust Root9: - result pass - diff --git a/security/nss/tests/chains/scenarios/ocsp.cfg b/security/nss/tests/chains/scenarios/ocsp.cfg deleted file mode 100644 index f70f8b688..000000000 --- a/security/nss/tests/chains/scenarios/ocsp.cfg +++ /dev/null @@ -1,209 +0,0 @@ -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Network Security Services (NSS) -# -# The Initial Developer of the Original Code is Sun Microsystems, Inc. -# Portions created by the Initial Developer are Copyright (C) 2009 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -scenario OCSP - -check_ocsp OCSPEE11:x - -db OCSPRoot -import OCSPRoot:x:CT,C,C - -db OCSPCA1 -import_key OCSPCA1 - -crl OCSPCA1 - -revoke OCSPCA1 - serial 3 - -revoke OCSPCA1 - serial 4 - -testdb OCSPRoot - -#EE - OK, CA - OK -verify OCSPEE11:x - cert OCSPCA1:x - trust OCSPRoot - rev_type leaf - rev_flags requireFreshInfo - rev_mtype ocsp - result pass - -#EE - revoked, CA - OK -verify OCSPEE12:x - cert OCSPCA1:x - trust OCSPRoot - rev_type leaf - rev_flags requireFreshInfo - rev_mtype ocsp - result fail - -#EE - unknown -verify OCSPEE15:x - cert OCSPCA1:x - trust OCSPRoot - rev_type leaf - rev_mtype ocsp - result pass - -#EE - unknown, requireFreshInfo -verify OCSPEE15:x - cert OCSPCA1:x - trust OCSPRoot - rev_type leaf - rev_flags requireFreshInfo - rev_mtype ocsp - result fail - -#EE - OK, CA - revoked, leaf, no fresh info -verify OCSPEE21:x - cert OCSPCA2:x - trust OCSPRoot - rev_type leaf - rev_mtype ocsp - result pass - -#EE - OK, CA - revoked, leaf, requireFreshInfo -verify OCSPEE21:x - cert OCSPCA2:x - trust OCSPRoot - rev_type leaf - rev_flags requireFreshInfo - rev_mtype ocsp - result fail - -#EE - OK, CA - revoked, chain, requireFreshInfo -verify OCSPEE21:x - cert OCSPCA2:x - trust OCSPRoot - rev_type chain - rev_flags requireFreshInfo - rev_mtype ocsp - result fail - -#EE - OK, CA - unknown -verify OCSPEE31:x - cert OCSPCA3:x - trust OCSPRoot - rev_type leaf - rev_mtype ocsp - result pass - -#EE - OK, CA - unknown, requireFreshInfo -verify OCSPEE31:x - cert OCSPCA3:x - trust OCSPRoot - rev_type leaf - rev_flags requireFreshInfo - rev_mtype ocsp - result fail - -#EE - revoked, doNotUse -verify OCSPEE12:x - cert OCSPCA1:x - trust OCSPRoot - rev_type leaf - rev_mtype ocsp - rev_mflags doNotUse - result pass - -#EE - revoked, forbidFetching -verify OCSPEE12:x - cert OCSPCA1:x - trust OCSPRoot - rev_type leaf - rev_mtype ocsp - rev_mflags forbidFetching - result pass - -#EE - unknown status, failIfNoInfo -verify OCSPEE15:x - cert OCSPCA1:x - trust OCSPRoot - rev_type leaf - rev_mtype ocsp - rev_mflags failIfNoInfo - result fail - -#EE - OK, CA - revoked, leaf, failIfNoInfo -verify OCSPEE21:x - cert OCSPCA2:x - trust OCSPRoot - rev_type leaf - rev_mtype ocsp - rev_mflags failIfNoInfo - result fail - -testdb OCSPCA1 - -#EE - OK on OCSP, revoked locally - should fail ?? -# two things about this test: crl is not imported into the db and -# cert 13 is not revoked by crl. -verify OCSPEE13:x - cert OCSPCA1:x - trust OCSPCA1 - rev_type leaf - rev_flags testLocalInfoFirst - rev_mtype ocsp - result pass - -db OCSPRoot1 -import OCSPRoot:x:CT,C,C - -verify OCSPEE23:x - cert OCSPCA2:x - trust OCSPRoot - rev_type chain - rev_mtype ocsp - rev_type leaf - rev_mtype ocsp - result fail - -db OCSPRoot2 -import OCSPRoot:x:T,, - -# bug 527438 -# expected result of this test is FAIL -verify OCSPEE23:x - cert OCSPCA2:x - trust OCSPRoot - rev_type chain - rev_mtype ocsp - rev_type leaf - rev_mtype ocsp - result pass - diff --git a/security/nss/tests/chains/scenarios/ocspd.cfg b/security/nss/tests/chains/scenarios/ocspd.cfg deleted file mode 100644 index c0894055f..000000000 --- a/security/nss/tests/chains/scenarios/ocspd.cfg +++ /dev/null @@ -1,169 +0,0 @@ -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Network Security Services (NSS) -# -# The Initial Developer of the Original Code is Sun Microsystems, Inc. -# Portions created by the Initial Developer are Copyright (C) 2009 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -scenario OCSPD - -#root CA -entity OCSPRoot - type Root - -#CA - OK -entity OCSPCA1 - type Intermediate - issuer OCSPRoot - serial 1 - ocsp 2600 - -#CA - revoked -entity OCSPCA2 - type Intermediate - issuer OCSPRoot - serial 2 - ocsp 2600 - -#CA - unknown status -entity OCSPCA3 - type Intermediate - issuer OCSPRoot - serial 3 - ocsp 2599 - -#EE - OK -entity OCSPEE11 - type EE - issuer OCSPCA1 - serial 1 - ocsp 2601 - -#EE - revoked on OCSP -entity OCSPEE12 - type EE - issuer OCSPCA1 - serial 2 - ocsp 2601 - -#EE - revoked on CRL -entity OCSPEE13 - type EE - issuer OCSPCA1 - serial 3 - ocsp 2601 - -#EE - revoked on OCSP and CRL -entity OCSPEE14 - type EE - issuer OCSPCA1 - serial 4 - ocsp 2601 - -#EE - unknown status -entity OCSPEE15 - type EE - issuer OCSPCA1 - serial 5 - ocsp 2599 - -#EE - valid EE, revoked CA -entity OCSPEE21 - type EE - issuer OCSPCA2 - serial 1 - ocsp 2602 - -#EE - revoked EE, revoked CA -entity OCSPEE22 - type EE - issuer OCSPCA2 - serial 2 - ocsp 2602 - -#EE - revoked EE, CA pointing to invalid OCSP -entity OCSPEE23 - type EE - issuer OCSPCA2 - serial 3 - ocsp 2599 - -#EE - valid EE, CA pointing to invalid OCSP -entity OCSPEE31 - type EE - issuer OCSPCA3 - serial 1 - ocsp 2603 - -#EE - revoked EE, CA pointing to invalid OCSP -entity OCSPEE32 - type EE - issuer OCSPCA3 - serial 2 - ocsp 2603 - -#EE - EE pointing to invalid OCSP, CA pointing to invalid OCSP -entity OCSPEE33 - type EE - issuer OCSPCA3 - serial 3 - ocsp 2599 - -crl OCSPRoot - -revoke OCSPRoot - serial 2 - -crl OCSPCA1 - -revoke OCSPCA1 - serial 2 - -revoke OCSPCA1 - serial 4 - -crl OCSPCA2 - -revoke OCSPCA2 - serial 2 - -revoke OCSPCA2 - serial 3 - -crl OCSPCA3 - -revoke OCSPCA3 - serial 2 - -revoke OCSPCA3 - serial 3 - diff --git a/security/nss/tests/chains/scenarios/realcerts.cfg b/security/nss/tests/chains/scenarios/realcerts.cfg deleted file mode 100644 index 124befb01..000000000 --- a/security/nss/tests/chains/scenarios/realcerts.cfg +++ /dev/null @@ -1,61 +0,0 @@ -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Network Security Services (NSS) -# -# The Initial Developer of the Original Code is Sun Microsystems, Inc. -# Portions created by the Initial Developer are Copyright (C) 2009 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -scenario RealCerts - -db All - -import TestCA.ca:x:CT,C,C -import TestUser50:x: -import TestUser51:x: -import PayPalRootCA:x:CT,C,C -import PayPalICA:x: -import PayPalEE:x: -import BrAirWaysBadSig:x: - -verify TestUser50:x - result pass - -verify TestUser51:x - result pass - -verify PayPalEE:x - policy OID.2.16.840.1.113733.1.7.23.6 - result pass - -verify BrAirWaysBadSig:x - result fail - diff --git a/security/nss/tests/chains/scenarios/revoc.cfg b/security/nss/tests/chains/scenarios/revoc.cfg deleted file mode 100644 index 6e6ea8eac..000000000 --- a/security/nss/tests/chains/scenarios/revoc.cfg +++ /dev/null @@ -1,118 +0,0 @@ -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Network Security Services (NSS) -# -# The Initial Developer of the Original Code is Sun Microsystems, Inc. -# Portions created by the Initial Developer are Copyright (C) 2009 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** - -scenario Revocation - -entity Root - type Root - serial 10 - -entity CA0 - type Intermediate - issuer Root - serial 11 - -entity CA1 - type Intermediate - issuer CA0 - serial 12 - -entity EE11 - type EE - issuer CA1 - serial 13 - -entity EE12 - type EE - issuer CA1 - serial 14 - -entity CA2 - type Intermediate - issuer CA0 - serial 15 - -entity EE21 - type EE - issuer CA2 - serial 16 - -crl Root -crl CA0 -crl CA1 -crl CA2 - -revoke CA1 - serial 14 - -revoke CA0 - serial 15 - -db All - -import Root::CTu,CTu,CTu -import CA0:Root: -import CA1:CA0: -import CA2:CA0: - -# EE11 - not revoked -verify EE11:CA1 - trust Root: - rev_type leaf - rev_mtype crl - result pass - -# EE12 - revoked -verify EE12:CA1 - trust Root: - rev_type leaf - rev_mtype crl - result fail - -# EE11 - CA1 not revoked -verify EE11:CA1 - trust Root: - rev_type chain - rev_mtype crl - result pass - -# EE21 - CA2 revoked -verify EE21:CA2 - trust Root: - rev_type chain - rev_mtype crl - result fail - diff --git a/security/nss/tests/chains/scenarios/scenarios b/security/nss/tests/chains/scenarios/scenarios deleted file mode 100644 index f3cd2beef..000000000 --- a/security/nss/tests/chains/scenarios/scenarios +++ /dev/null @@ -1,53 +0,0 @@ -# ***** BEGIN LICENSE BLOCK ***** -# Version: MPL 1.1/GPL 2.0/LGPL 2.1 -# -# The contents of this file are subject to the Mozilla Public License Version -# 1.1 (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at -# http://www.mozilla.org/MPL/ -# -# Software distributed under the License is distributed on an "AS IS" basis, -# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License -# for the specific language governing rights and limitations under the -# License. -# -# The Original Code is the Network Security Services (NSS) -# -# The Initial Developer of the Original Code is Sun Microsystems, Inc. -# Portions created by the Initial Developer are Copyright (C) 2009 -# the Initial Developer. All Rights Reserved. -# -# Contributor(s): -# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems -# -# Alternatively, the contents of this file may be used under the terms of -# either the GNU General Public License Version 2 or later (the "GPL"), or -# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), -# in which case the provisions of the GPL or the LGPL are applicable instead -# of those above. If you wish to allow use of your version of this file only -# under the terms of either the GPL or the LGPL, and not to allow others to -# use your version of this file under the terms of the MPL, indicate your -# decision by deleting the provisions above and replace them with the notice -# and other provisions required by the GPL or the LGPL. If you do not delete -# the provisions above, a recipient may use your version of this file under -# the terms of any one of the MPL, the GPL or the LGPL. -# -# ***** END LICENSE BLOCK ***** -bridge.cfg -megabridge_3_2.cfg -extension.cfg -extension2.cfg -anypolicy.cfg -anypolicywithlevel.cfg -explicitPolicy.cfg -mapping.cfg -mapping2.cfg -aia.cfg -bridgewithaia.cfg -bridgewithhalfaia.cfg -bridgewithpolicyextensionandmapping.cfg -realcerts.cfg -dsa.cfg -revoc.cfg -ocsp.cfg -crldp.cfg |