The Tor Browser / file comparison

comparison: security/nss/tests/chains/scenarios/ocsp.cfg

security/nss/tests/chains/scenarios/ocsp.cfg

branch
TOR_BUG_9701
changeset 15
b8a032363ba2
equal deleted inserted replaced
-1:000000000000 0:bc590dd883d9
1 # This Source Code Form is subject to the terms of the Mozilla Public
2 # License, v. 2.0. If a copy of the MPL was not distributed with this
3 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
4
5 scenario OCSP
6
7 check_ocsp OCSPEE11OCSPCA1:d
8
9 db OCSPRoot
10 import OCSPRoot:d:CT,C,C
11
12 db OCSPCA1
13 import_key OCSPCA1
14
15 crl OCSPCA1
16
17 revoke OCSPCA1
18 serial 3
19
20 revoke OCSPCA1
21 serial 4
22
23 testdb OCSPRoot
24
25 #EE - OK, CA - OK
26 verify OCSPEE11OCSPCA1:d
27 cert OCSPCA1OCSPRoot:d
28 trust OCSPRoot
29 rev_type leaf
30 rev_flags requireFreshInfo
31 rev_mtype ocsp
32 result pass
33
34 #EE - revoked, CA - OK
35 verify OCSPEE12OCSPCA1:d
36 cert OCSPCA1OCSPRoot:d
37 trust OCSPRoot
38 rev_type leaf
39 rev_flags requireFreshInfo
40 rev_mtype ocsp
41 result fail
42
43 #EE - unknown
44 verify OCSPEE15OCSPCA1:d
45 cert OCSPCA1OCSPRoot:d
46 trust OCSPRoot
47 rev_type leaf
48 rev_mtype ocsp
49 result pass
50
51 #EE - unknown, requireFreshInfo
52 verify OCSPEE15OCSPCA1:d
53 cert OCSPCA1OCSPRoot:d
54 trust OCSPRoot
55 rev_type leaf
56 rev_flags requireFreshInfo
57 rev_mtype ocsp
58 result fail
59
60 #EE - OK, CA - revoked, leaf, no fresh info
61 verify OCSPEE21OCSPCA2:d
62 cert OCSPCA2OCSPRoot:d
63 trust OCSPRoot
64 rev_type leaf
65 rev_mtype ocsp
66 result pass
67
68 #EE - OK, CA - revoked, leaf, requireFreshInfo
69 verify OCSPEE21OCSPCA2:d
70 cert OCSPCA2OCSPRoot:d
71 trust OCSPRoot
72 rev_type leaf
73 rev_flags requireFreshInfo
74 rev_mtype ocsp
75 result fail
76
77 #EE - OK, CA - revoked, chain, requireFreshInfo
78 verify OCSPEE21OCSPCA2:d
79 cert OCSPCA2OCSPRoot:d
80 trust OCSPRoot
81 rev_type chain
82 rev_flags requireFreshInfo
83 rev_mtype ocsp
84 result fail
85
86 #EE - OK, CA - unknown
87 verify OCSPEE31OCSPCA3:d
88 cert OCSPCA3OCSPRoot:d
89 trust OCSPRoot
90 rev_type leaf
91 rev_mtype ocsp
92 result pass
93
94 #EE - OK, CA - unknown, requireFreshInfo
95 verify OCSPEE31OCSPCA3:d
96 cert OCSPCA3OCSPRoot:d
97 trust OCSPRoot
98 rev_type leaf
99 rev_flags requireFreshInfo
100 rev_mtype ocsp
101 result fail
102
103 #EE - revoked, doNotUse
104 verify OCSPEE12OCSPCA1:d
105 cert OCSPCA1OCSPRoot:d
106 trust OCSPRoot
107 rev_type leaf
108 rev_mtype ocsp
109 rev_mflags doNotUse
110 result pass
111
112 #EE - revoked, forbidFetching
113 verify OCSPEE12OCSPCA1:d
114 cert OCSPCA1OCSPRoot:d
115 trust OCSPRoot
116 rev_type leaf
117 rev_mtype ocsp
118 rev_mflags forbidFetching
119 result pass
120
121 #EE - unknown status, failIfNoInfo
122 verify OCSPEE15OCSPCA1:d
123 cert OCSPCA1OCSPRoot:d
124 trust OCSPRoot
125 rev_type leaf
126 rev_mtype ocsp
127 rev_mflags failIfNoInfo
128 result fail
129
130 #EE - OK, CA - revoked, leaf, failIfNoInfo
131 verify OCSPEE21OCSPCA2:d
132 cert OCSPCA2OCSPRoot:d
133 trust OCSPRoot
134 rev_type leaf
135 rev_mtype ocsp
136 rev_mflags failIfNoInfo
137 result fail
138
139 testdb OCSPCA1
140
141 #EE - OK on OCSP, revoked locally - should fail ??
142 # two things about this test: crl is not imported into the db and
143 # cert 13 is not revoked by crl.
144 verify OCSPEE13OCSPCA1:d
145 cert OCSPCA1OCSPRoot:d
146 trust OCSPCA1
147 rev_type leaf
148 rev_flags testLocalInfoFirst
149 rev_mtype ocsp
150 result pass
151
152 db OCSPRoot1
153 import OCSPRoot:d:CT,C,C
154
155 verify OCSPEE23OCSPCA2:d
156 cert OCSPCA2OCSPRoot:d
157 trust OCSPRoot
158 rev_type chain
159 rev_mtype ocsp
160 rev_type leaf
161 rev_mtype ocsp
162 result fail
163
164 db OCSPRoot2
165 import OCSPRoot:d:T,,
166
167 # bug 527438
168 # expected result of this test is FAIL
169 verify OCSPEE23OCSPCA2:d
170 cert OCSPCA2OCSPRoot:d
171 trust OCSPRoot
172 rev_type chain
173 rev_mtype ocsp
174 rev_type leaf
175 rev_mtype ocsp
176 result pass
177

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial