michael@0: # This Source Code Form is subject to the terms of the Mozilla Public michael@0: # License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: # file, You can obtain one at http://mozilla.org/MPL/2.0/. michael@0: michael@0: scenario CRLDP michael@0: michael@0: entity Root michael@0: type Root michael@0: michael@0: entity CA0 michael@0: type Intermediate michael@0: issuer Root michael@0: michael@0: entity CA1 michael@0: type Intermediate michael@0: crldp CA0 michael@0: issuer CA0 michael@0: serial 10 michael@0: aia CA0:Root michael@0: michael@0: entity EE11 michael@0: type EE michael@0: crldp CA0 michael@0: issuer CA1 michael@0: michael@0: entity CA2 michael@0: type Intermediate michael@0: crldp CA0 michael@0: issuer CA0 michael@0: serial 20 michael@0: aia CA0:Root michael@0: michael@0: entity EE21 michael@0: type EE michael@0: issuer CA2 michael@0: michael@0: entity EE1 michael@0: type EE michael@0: crldp CA0 michael@0: issuer CA0 michael@0: serial 30 michael@0: aia CA0:Root michael@0: michael@0: entity EE2 michael@0: type EE michael@0: crldp CA0 michael@0: issuer CA0 michael@0: serial 40 michael@0: aia CA0:Root michael@0: michael@0: crl Root michael@0: crl CA0 michael@0: crl CA1 michael@0: crl CA2 michael@0: michael@0: revoke CA0 michael@0: serial 20 michael@0: michael@0: revoke CA0 michael@0: serial 40 michael@0: michael@0: copycrl CA0 michael@0: michael@0: db All michael@0: michael@0: import Root::CTu,CTu,CTu michael@0: michael@0: # intermediate CA - OK, EE - OK michael@0: verify EE11:CA1 michael@0: cert CA1:CA0 michael@0: trust Root: michael@0: fetch michael@0: rev_type chain michael@0: rev_flags requireFreshInfo michael@0: rev_mtype crl michael@0: result pass michael@0: michael@0: # intermediate CA - revoked, EE - OK michael@0: verify EE21:CA2 michael@0: cert CA2:CA0 michael@0: trust Root: michael@0: fetch michael@0: rev_type chain michael@0: rev_flags requireFreshInfo michael@0: rev_mtype crl michael@0: result fail michael@0: michael@0: # direct EE - OK michael@0: verify EE1:CA0 michael@0: trust Root: michael@0: fetch michael@0: rev_type leaf michael@0: rev_flags requireFreshInfo michael@0: rev_mtype crl michael@0: result pass michael@0: michael@0: # direct EE - revoked michael@0: verify EE2:CA0 michael@0: trust Root: michael@0: fetch michael@0: rev_type leaf michael@0: rev_flags requireFreshInfo michael@0: rev_mtype crl michael@0: result fail michael@0: