The Tor Browser / annotate

security/nss/tests/chains/scenarios/ocsp.cfg@b8a032363ba2 (annotated)

security/nss/tests/chains/scenarios/ocsp.cfg

Thu, 22 Jan 2015 13:21:57 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Thu, 22 Jan 2015 13:21:57 +0100
branch
TOR_BUG_9701
changeset 15
b8a032363ba2
permissions
-rw-r--r--

Incorporate requested changes from Mozilla in review:
https://bugzilla.mozilla.org/show_bug.cgi?id=1123480#c6

michael@0 1 # This Source Code Form is subject to the terms of the Mozilla Public
michael@0 2 # License, v. 2.0. If a copy of the MPL was not distributed with this
michael@0 3 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
michael@0 4
michael@0 5 scenario OCSP
michael@0 6
michael@0 7 check_ocsp OCSPEE11OCSPCA1:d
michael@0 8
michael@0 9 db OCSPRoot
michael@0 10 import OCSPRoot:d:CT,C,C
michael@0 11
michael@0 12 db OCSPCA1
michael@0 13 import_key OCSPCA1
michael@0 14
michael@0 15 crl OCSPCA1
michael@0 16
michael@0 17 revoke OCSPCA1
michael@0 18 serial 3
michael@0 19
michael@0 20 revoke OCSPCA1
michael@0 21 serial 4
michael@0 22
michael@0 23 testdb OCSPRoot
michael@0 24
michael@0 25 #EE - OK, CA - OK
michael@0 26 verify OCSPEE11OCSPCA1:d
michael@0 27 cert OCSPCA1OCSPRoot:d
michael@0 28 trust OCSPRoot
michael@0 29 rev_type leaf
michael@0 30 rev_flags requireFreshInfo
michael@0 31 rev_mtype ocsp
michael@0 32 result pass
michael@0 33
michael@0 34 #EE - revoked, CA - OK
michael@0 35 verify OCSPEE12OCSPCA1:d
michael@0 36 cert OCSPCA1OCSPRoot:d
michael@0 37 trust OCSPRoot
michael@0 38 rev_type leaf
michael@0 39 rev_flags requireFreshInfo
michael@0 40 rev_mtype ocsp
michael@0 41 result fail
michael@0 42
michael@0 43 #EE - unknown
michael@0 44 verify OCSPEE15OCSPCA1:d
michael@0 45 cert OCSPCA1OCSPRoot:d
michael@0 46 trust OCSPRoot
michael@0 47 rev_type leaf
michael@0 48 rev_mtype ocsp
michael@0 49 result pass
michael@0 50
michael@0 51 #EE - unknown, requireFreshInfo
michael@0 52 verify OCSPEE15OCSPCA1:d
michael@0 53 cert OCSPCA1OCSPRoot:d
michael@0 54 trust OCSPRoot
michael@0 55 rev_type leaf
michael@0 56 rev_flags requireFreshInfo
michael@0 57 rev_mtype ocsp
michael@0 58 result fail
michael@0 59
michael@0 60 #EE - OK, CA - revoked, leaf, no fresh info
michael@0 61 verify OCSPEE21OCSPCA2:d
michael@0 62 cert OCSPCA2OCSPRoot:d
michael@0 63 trust OCSPRoot
michael@0 64 rev_type leaf
michael@0 65 rev_mtype ocsp
michael@0 66 result pass
michael@0 67
michael@0 68 #EE - OK, CA - revoked, leaf, requireFreshInfo
michael@0 69 verify OCSPEE21OCSPCA2:d
michael@0 70 cert OCSPCA2OCSPRoot:d
michael@0 71 trust OCSPRoot
michael@0 72 rev_type leaf
michael@0 73 rev_flags requireFreshInfo
michael@0 74 rev_mtype ocsp
michael@0 75 result fail
michael@0 76
michael@0 77 #EE - OK, CA - revoked, chain, requireFreshInfo
michael@0 78 verify OCSPEE21OCSPCA2:d
michael@0 79 cert OCSPCA2OCSPRoot:d
michael@0 80 trust OCSPRoot
michael@0 81 rev_type chain
michael@0 82 rev_flags requireFreshInfo
michael@0 83 rev_mtype ocsp
michael@0 84 result fail
michael@0 85
michael@0 86 #EE - OK, CA - unknown
michael@0 87 verify OCSPEE31OCSPCA3:d
michael@0 88 cert OCSPCA3OCSPRoot:d
michael@0 89 trust OCSPRoot
michael@0 90 rev_type leaf
michael@0 91 rev_mtype ocsp
michael@0 92 result pass
michael@0 93
michael@0 94 #EE - OK, CA - unknown, requireFreshInfo
michael@0 95 verify OCSPEE31OCSPCA3:d
michael@0 96 cert OCSPCA3OCSPRoot:d
michael@0 97 trust OCSPRoot
michael@0 98 rev_type leaf
michael@0 99 rev_flags requireFreshInfo
michael@0 100 rev_mtype ocsp
michael@0 101 result fail
michael@0 102
michael@0 103 #EE - revoked, doNotUse
michael@0 104 verify OCSPEE12OCSPCA1:d
michael@0 105 cert OCSPCA1OCSPRoot:d
michael@0 106 trust OCSPRoot
michael@0 107 rev_type leaf
michael@0 108 rev_mtype ocsp
michael@0 109 rev_mflags doNotUse
michael@0 110 result pass
michael@0 111
michael@0 112 #EE - revoked, forbidFetching
michael@0 113 verify OCSPEE12OCSPCA1:d
michael@0 114 cert OCSPCA1OCSPRoot:d
michael@0 115 trust OCSPRoot
michael@0 116 rev_type leaf
michael@0 117 rev_mtype ocsp
michael@0 118 rev_mflags forbidFetching
michael@0 119 result pass
michael@0 120
michael@0 121 #EE - unknown status, failIfNoInfo
michael@0 122 verify OCSPEE15OCSPCA1:d
michael@0 123 cert OCSPCA1OCSPRoot:d
michael@0 124 trust OCSPRoot
michael@0 125 rev_type leaf
michael@0 126 rev_mtype ocsp
michael@0 127 rev_mflags failIfNoInfo
michael@0 128 result fail
michael@0 129
michael@0 130 #EE - OK, CA - revoked, leaf, failIfNoInfo
michael@0 131 verify OCSPEE21OCSPCA2:d
michael@0 132 cert OCSPCA2OCSPRoot:d
michael@0 133 trust OCSPRoot
michael@0 134 rev_type leaf
michael@0 135 rev_mtype ocsp
michael@0 136 rev_mflags failIfNoInfo
michael@0 137 result fail
michael@0 138
michael@0 139 testdb OCSPCA1
michael@0 140
michael@0 141 #EE - OK on OCSP, revoked locally - should fail ??
michael@0 142 # two things about this test: crl is not imported into the db and
michael@0 143 # cert 13 is not revoked by crl.
michael@0 144 verify OCSPEE13OCSPCA1:d
michael@0 145 cert OCSPCA1OCSPRoot:d
michael@0 146 trust OCSPCA1
michael@0 147 rev_type leaf
michael@0 148 rev_flags testLocalInfoFirst
michael@0 149 rev_mtype ocsp
michael@0 150 result pass
michael@0 151
michael@0 152 db OCSPRoot1
michael@0 153 import OCSPRoot:d:CT,C,C
michael@0 154
michael@0 155 verify OCSPEE23OCSPCA2:d
michael@0 156 cert OCSPCA2OCSPRoot:d
michael@0 157 trust OCSPRoot
michael@0 158 rev_type chain
michael@0 159 rev_mtype ocsp
michael@0 160 rev_type leaf
michael@0 161 rev_mtype ocsp
michael@0 162 result fail
michael@0 163
michael@0 164 db OCSPRoot2
michael@0 165 import OCSPRoot:d:T,,
michael@0 166
michael@0 167 # bug 527438
michael@0 168 # expected result of this test is FAIL
michael@0 169 verify OCSPEE23OCSPCA2:d
michael@0 170 cert OCSPCA2OCSPRoot:d
michael@0 171 trust OCSPRoot
michael@0 172 rev_type chain
michael@0 173 rev_mtype ocsp
michael@0 174 rev_type leaf
michael@0 175 rev_mtype ocsp
michael@0 176 result pass
michael@0 177

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial