The Tor Browser / file diff

diff: security/nss/tests/chains/scenarios/ocsp.cfg

security/nss/tests/chains/scenarios/ocsp.cfg

changeset 0
6474c204b198
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/security/nss/tests/chains/scenarios/ocsp.cfg	Wed Dec 31 06:09:35 2014 +0100
     1.3 @@ -0,0 +1,177 @@
     1.4 +# This Source Code Form is subject to the terms of the Mozilla Public
     1.5 +# License, v. 2.0. If a copy of the MPL was not distributed with this
     1.6 +# file, You can obtain one at http://mozilla.org/MPL/2.0/.
     1.7 +
     1.8 +scenario OCSP
     1.9 +
    1.10 +check_ocsp OCSPEE11OCSPCA1:d
    1.11 +
    1.12 +db OCSPRoot
    1.13 +import OCSPRoot:d:CT,C,C
    1.14 +
    1.15 +db OCSPCA1
    1.16 +import_key OCSPCA1
    1.17 +
    1.18 +crl OCSPCA1
    1.19 +
    1.20 +revoke OCSPCA1
    1.21 +  serial 3
    1.22 +
    1.23 +revoke OCSPCA1
    1.24 +  serial 4 
    1.25 +
    1.26 +testdb OCSPRoot
    1.27 +
    1.28 +#EE - OK, CA - OK
    1.29 +verify OCSPEE11OCSPCA1:d
    1.30 +  cert OCSPCA1OCSPRoot:d
    1.31 +  trust OCSPRoot
    1.32 +  rev_type leaf
    1.33 +  rev_flags requireFreshInfo
    1.34 +  rev_mtype ocsp
    1.35 +  result pass
    1.36 +
    1.37 +#EE - revoked, CA - OK
    1.38 +verify OCSPEE12OCSPCA1:d
    1.39 +  cert OCSPCA1OCSPRoot:d
    1.40 +  trust OCSPRoot
    1.41 +  rev_type leaf
    1.42 +  rev_flags requireFreshInfo
    1.43 +  rev_mtype ocsp
    1.44 +  result fail
    1.45 +
    1.46 +#EE - unknown 
    1.47 +verify OCSPEE15OCSPCA1:d
    1.48 +  cert OCSPCA1OCSPRoot:d
    1.49 +  trust OCSPRoot
    1.50 +  rev_type leaf
    1.51 +  rev_mtype ocsp
    1.52 +  result pass
    1.53 +
    1.54 +#EE - unknown, requireFreshInfo
    1.55 +verify OCSPEE15OCSPCA1:d
    1.56 +  cert OCSPCA1OCSPRoot:d
    1.57 +  trust OCSPRoot
    1.58 +  rev_type leaf
    1.59 +  rev_flags requireFreshInfo
    1.60 +  rev_mtype ocsp
    1.61 +  result fail
    1.62 +
    1.63 +#EE - OK, CA - revoked, leaf, no fresh info
    1.64 +verify OCSPEE21OCSPCA2:d
    1.65 +  cert OCSPCA2OCSPRoot:d
    1.66 +  trust OCSPRoot
    1.67 +  rev_type leaf
    1.68 +  rev_mtype ocsp
    1.69 +  result pass
    1.70 +
    1.71 +#EE - OK, CA - revoked, leaf, requireFreshInfo
    1.72 +verify OCSPEE21OCSPCA2:d
    1.73 +  cert OCSPCA2OCSPRoot:d
    1.74 +  trust OCSPRoot
    1.75 +  rev_type leaf
    1.76 +  rev_flags requireFreshInfo
    1.77 +  rev_mtype ocsp
    1.78 +  result fail
    1.79 +
    1.80 +#EE - OK, CA - revoked, chain, requireFreshInfo
    1.81 +verify OCSPEE21OCSPCA2:d
    1.82 +  cert OCSPCA2OCSPRoot:d
    1.83 +  trust OCSPRoot
    1.84 +  rev_type chain
    1.85 +  rev_flags requireFreshInfo
    1.86 +  rev_mtype ocsp
    1.87 +  result fail
    1.88 +
    1.89 +#EE - OK, CA - unknown
    1.90 +verify OCSPEE31OCSPCA3:d
    1.91 +  cert OCSPCA3OCSPRoot:d
    1.92 +  trust OCSPRoot
    1.93 +  rev_type leaf
    1.94 +  rev_mtype ocsp
    1.95 +  result pass
    1.96 +
    1.97 +#EE - OK, CA - unknown, requireFreshInfo
    1.98 +verify OCSPEE31OCSPCA3:d
    1.99 +  cert OCSPCA3OCSPRoot:d
   1.100 +  trust OCSPRoot
   1.101 +  rev_type leaf
   1.102 +  rev_flags requireFreshInfo
   1.103 +  rev_mtype ocsp
   1.104 +  result fail
   1.105 +
   1.106 +#EE - revoked, doNotUse
   1.107 +verify OCSPEE12OCSPCA1:d
   1.108 +  cert OCSPCA1OCSPRoot:d
   1.109 +  trust OCSPRoot
   1.110 +  rev_type leaf
   1.111 +  rev_mtype ocsp
   1.112 +  rev_mflags doNotUse
   1.113 +  result pass
   1.114 +
   1.115 +#EE - revoked, forbidFetching
   1.116 +verify OCSPEE12OCSPCA1:d
   1.117 +  cert OCSPCA1OCSPRoot:d
   1.118 +  trust OCSPRoot
   1.119 +  rev_type leaf
   1.120 +  rev_mtype ocsp
   1.121 +  rev_mflags forbidFetching
   1.122 +  result pass
   1.123 +
   1.124 +#EE - unknown status, failIfNoInfo
   1.125 +verify OCSPEE15OCSPCA1:d
   1.126 +  cert OCSPCA1OCSPRoot:d
   1.127 +  trust OCSPRoot
   1.128 +  rev_type leaf
   1.129 +  rev_mtype ocsp
   1.130 +  rev_mflags failIfNoInfo
   1.131 +  result fail
   1.132 +
   1.133 +#EE - OK, CA - revoked, leaf, failIfNoInfo
   1.134 +verify OCSPEE21OCSPCA2:d
   1.135 +  cert OCSPCA2OCSPRoot:d
   1.136 +  trust OCSPRoot
   1.137 +  rev_type leaf
   1.138 +  rev_mtype ocsp
   1.139 +  rev_mflags failIfNoInfo
   1.140 +  result fail
   1.141 +
   1.142 +testdb OCSPCA1
   1.143 +
   1.144 +#EE - OK on OCSP, revoked locally - should fail ??
   1.145 +# two things about this test: crl is not imported into the db and
   1.146 +# cert 13 is not revoked by crl.
   1.147 +verify OCSPEE13OCSPCA1:d
   1.148 +  cert OCSPCA1OCSPRoot:d
   1.149 +  trust OCSPCA1
   1.150 +  rev_type leaf
   1.151 +  rev_flags testLocalInfoFirst
   1.152 +  rev_mtype ocsp
   1.153 +  result pass
   1.154 +
   1.155 +db OCSPRoot1
   1.156 +import OCSPRoot:d:CT,C,C
   1.157 +
   1.158 +verify OCSPEE23OCSPCA2:d
   1.159 +  cert OCSPCA2OCSPRoot:d
   1.160 +  trust OCSPRoot
   1.161 +  rev_type chain
   1.162 +  rev_mtype ocsp
   1.163 +  rev_type leaf
   1.164 +  rev_mtype ocsp
   1.165 +  result fail
   1.166 +
   1.167 +db OCSPRoot2
   1.168 +import OCSPRoot:d:T,,
   1.169 +
   1.170 +# bug 527438
   1.171 +# expected result of this test is FAIL
   1.172 +verify OCSPEE23OCSPCA2:d
   1.173 +  cert OCSPCA2OCSPRoot:d
   1.174 +  trust OCSPRoot
   1.175 +  rev_type chain
   1.176 +  rev_mtype ocsp
   1.177 +  rev_type leaf
   1.178 +  rev_mtype ocsp
   1.179 +  result pass
   1.180 +

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial