diff -r 000000000000 -r 6474c204b198 security/nss/tests/chains/scenarios/bridgewithpolicyextensionandmapping.cfg
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/security/nss/tests/chains/scenarios/bridgewithpolicyextensionandmapping.cfg	Wed Dec 31 06:09:35 2014 +0100
@@ -0,0 +1,187 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+scenario BridgeWithPolicyExtensionAndMapping
+
+entity Army
+  type Root
+
+entity Navy
+  type Root
+
+entity CAArmy
+  type Intermediate
+  issuer Army
+    policy OID.1.0
+    policy OID.1.1
+
+entity CANavy
+  type Intermediate
+  issuer Navy
+    policy OID.2.0
+    policy OID.2.1
+
+entity Bridge
+  type Bridge
+  issuer CAArmy
+    policy OID.1.0
+    policy OID.1.1
+    mapping OID.1.1:OID.2.1
+  issuer CANavy
+    policy OID.2.0
+    policy OID.2.1
+    mapping OID.2.1:OID.1.1
+
+entity CA1
+  type Intermediate
+  issuer Bridge
+    policy OID.1.1
+    policy OID.2.1
+
+entity CA2
+  type Intermediate
+  issuer Bridge
+    policy OID.1.0
+    policy OID.2.0
+
+entity EE1
+  type EE
+  issuer CA1
+    policy OID.2.1
+
+entity EE2
+  type EE
+  issuer CA2
+    policy OID.2.0
+
+testdb
+
+verify EE1:CA1
+  cert CA1:Bridge
+  cert Bridge:CAArmy
+  cert CAArmy:Army
+  trust Army:
+  policy OID.1.0
+  result fail
+
+verify EE1:CA1
+  cert CA1:Bridge
+  cert Bridge:CAArmy
+  cert CAArmy:Army
+  trust Army:
+  policy OID.1.1
+  result pass
+
+verify EE1:CA1
+  cert CA1:Bridge
+  cert Bridge:CAArmy
+  cert CAArmy:Army
+  trust Army:
+  policy OID.2.0
+  result fail
+
+verify EE1:CA1
+  cert CA1:Bridge
+  cert Bridge:CAArmy
+  cert CAArmy:Army
+  trust Army:
+  policy OID.2.1
+  result fail
+
+verify EE1:CA1
+  cert CA1:Bridge
+  cert Bridge:CANavy
+  cert CANavy:Navy
+  trust Navy:
+  policy OID.1.0
+  result fail
+
+verify EE1:CA1
+  cert CA1:Bridge
+  cert Bridge:CANavy
+  cert CANavy:Navy
+  trust Navy:
+  policy OID.1.1
+  result fail
+
+verify EE1:CA1
+  cert CA1:Bridge
+  cert Bridge:CANavy
+  cert CANavy:Navy
+  trust Navy:
+  policy OID.2.0
+  result fail
+
+verify EE1:CA1
+  cert CA1:Bridge
+  cert Bridge:CANavy
+  cert CANavy:Navy
+  trust Navy:
+  policy OID.2.1
+  result fail
+
+verify EE2:CA2
+  cert CA2:Bridge
+  cert Bridge:CANavy
+  cert CANavy:Navy
+  trust Navy:
+  policy OID.1.0
+  result fail
+
+verify EE2:CA2
+  cert CA2:Bridge
+  cert Bridge:CANavy
+  cert CANavy:Navy
+  trust Navy:
+  policy OID.1.1
+  result fail
+
+verify EE2:CA2
+  cert CA2:Bridge
+  cert Bridge:CANavy
+  cert CANavy:Navy
+  trust Navy:
+  policy OID.2.0
+  result pass
+
+verify EE2:CA2
+  cert CA2:Bridge
+  cert Bridge:CANavy
+  cert CANavy:Navy
+  trust Navy:
+  policy OID.2.1
+  result fail
+
+verify EE2:CA2
+  cert CA2:Bridge
+  cert Bridge:CAArmy
+  cert CAArmy:Army
+  trust Army:
+  policy OID.1.0
+  result fail
+
+verify EE2:CA2
+  cert CA2:Bridge
+  cert Bridge:CAArmy
+  cert CAArmy:Army
+  trust Army:
+  policy OID.1.1
+  result fail
+
+verify EE2:CA2
+  cert CA2:Bridge
+  cert Bridge:CAArmy
+  cert CAArmy:Army
+  trust Army:
+  policy OID.2.0
+  result fail
+
+verify EE2:CA2
+  cert CA2:Bridge
+  cert Bridge:CAArmy
+  cert CAArmy:Army
+  trust Army:
+  policy OID.2.1
+  result fail
+