diff options
Diffstat (limited to 'security/nss/tests/chains/scenarios/bridgewithpolicyextensionandmapping.cfg')
-rw-r--r-- | security/nss/tests/chains/scenarios/bridgewithpolicyextensionandmapping.cfg | 219 |
1 files changed, 219 insertions, 0 deletions
diff --git a/security/nss/tests/chains/scenarios/bridgewithpolicyextensionandmapping.cfg b/security/nss/tests/chains/scenarios/bridgewithpolicyextensionandmapping.cfg new file mode 100644 index 000000000..cd5cd523b --- /dev/null +++ b/security/nss/tests/chains/scenarios/bridgewithpolicyextensionandmapping.cfg @@ -0,0 +1,219 @@ +# ***** BEGIN LICENSE BLOCK ***** +# Version: MPL 1.1/GPL 2.0/LGPL 2.1 +# +# The contents of this file are subject to the Mozilla Public License Version +# 1.1 (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# http://www.mozilla.org/MPL/ +# +# Software distributed under the License is distributed on an "AS IS" basis, +# WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License +# for the specific language governing rights and limitations under the +# License. +# +# The Original Code is the Network Security Services (NSS) +# +# The Initial Developer of the Original Code is Sun Microsystems, Inc. +# Portions created by the Initial Developer are Copyright (C) 2009 +# the Initial Developer. All Rights Reserved. +# +# Contributor(s): +# Slavomir Katuscak <slavomir.katuscak@sun.com>, Sun Microsystems +# +# Alternatively, the contents of this file may be used under the terms of +# either the GNU General Public License Version 2 or later (the "GPL"), or +# the GNU Lesser General Public License Version 2.1 or later (the "LGPL"), +# in which case the provisions of the GPL or the LGPL are applicable instead +# of those above. If you wish to allow use of your version of this file only +# under the terms of either the GPL or the LGPL, and not to allow others to +# use your version of this file under the terms of the MPL, indicate your +# decision by deleting the provisions above and replace them with the notice +# and other provisions required by the GPL or the LGPL. If you do not delete +# the provisions above, a recipient may use your version of this file under +# the terms of any one of the MPL, the GPL or the LGPL. +# +# ***** END LICENSE BLOCK ***** + +scenario BridgeWithPolicyExtensionAndMapping + +entity Army + type Root + +entity Navy + type Root + +entity CAArmy + type Intermediate + issuer Army + policy OID.1.0 + policy OID.1.1 + +entity CANavy + type Intermediate + issuer Navy + policy OID.2.0 + policy OID.2.1 + +entity Bridge + type Bridge + issuer CAArmy + policy OID.1.0 + policy OID.1.1 + mapping OID.1.1:OID.2.1 + issuer CANavy + policy OID.2.0 + policy OID.2.1 + mapping OID.2.1:OID.1.1 + +entity CA1 + type Intermediate + issuer Bridge + policy OID.1.1 + policy OID.2.1 + +entity CA2 + type Intermediate + issuer Bridge + policy OID.1.0 + policy OID.2.0 + +entity EE1 + type EE + issuer CA1 + policy OID.2.1 + +entity EE2 + type EE + issuer CA2 + policy OID.2.0 + +testdb + +verify EE1:CA1 + cert CA1:Bridge + cert Bridge:CAArmy + cert CAArmy:Army + trust Army: + policy OID.1.0 + result fail + +verify EE1:CA1 + cert CA1:Bridge + cert Bridge:CAArmy + cert CAArmy:Army + trust Army: + policy OID.1.1 + result pass + +verify EE1:CA1 + cert CA1:Bridge + cert Bridge:CAArmy + cert CAArmy:Army + trust Army: + policy OID.2.0 + result fail + +verify EE1:CA1 + cert CA1:Bridge + cert Bridge:CAArmy + cert CAArmy:Army + trust Army: + policy OID.2.1 + result fail + +verify EE1:CA1 + cert CA1:Bridge + cert Bridge:CANavy + cert CANavy:Navy + trust Navy: + policy OID.1.0 + result fail + +verify EE1:CA1 + cert CA1:Bridge + cert Bridge:CANavy + cert CANavy:Navy + trust Navy: + policy OID.1.1 + result fail + +verify EE1:CA1 + cert CA1:Bridge + cert Bridge:CANavy + cert CANavy:Navy + trust Navy: + policy OID.2.0 + result fail + +verify EE1:CA1 + cert CA1:Bridge + cert Bridge:CANavy + cert CANavy:Navy + trust Navy: + policy OID.2.1 + result fail + +verify EE2:CA2 + cert CA2:Bridge + cert Bridge:CANavy + cert CANavy:Navy + trust Navy: + policy OID.1.0 + result fail + +verify EE2:CA2 + cert CA2:Bridge + cert Bridge:CANavy + cert CANavy:Navy + trust Navy: + policy OID.1.1 + result fail + +verify EE2:CA2 + cert CA2:Bridge + cert Bridge:CANavy + cert CANavy:Navy + trust Navy: + policy OID.2.0 + result pass + +verify EE2:CA2 + cert CA2:Bridge + cert Bridge:CANavy + cert CANavy:Navy + trust Navy: + policy OID.2.1 + result fail + +verify EE2:CA2 + cert CA2:Bridge + cert Bridge:CAArmy + cert CAArmy:Army + trust Army: + policy OID.1.0 + result fail + +verify EE2:CA2 + cert CA2:Bridge + cert Bridge:CAArmy + cert CAArmy:Army + trust Army: + policy OID.1.1 + result fail + +verify EE2:CA2 + cert CA2:Bridge + cert Bridge:CAArmy + cert CAArmy:Army + trust Army: + policy OID.2.0 + result fail + +verify EE2:CA2 + cert CA2:Bridge + cert Bridge:CAArmy + cert CAArmy:Army + trust Army: + policy OID.2.1 + result fail + |