From 4d9cec48b65e9d4f77fccecd612484340d3fa877 Mon Sep 17 00:00:00 2001 From: B2G Bumper Bot Date: Thu, 11 Jun 2015 01:45:29 -0700 Subject: [PATCH 001/297] Bumping gaia.json for 4 gaia revision(s) a=gaia-bump ======== https://hg.mozilla.org/integration/gaia-central/rev/895928dd5018 Author: George Desc: Merge pull request #30534 from cctuan/1035591 Bug 1035591 - Optimize the rest of js files in webapp-optimize.js ======== https://hg.mozilla.org/integration/gaia-central/rev/3963eb89aa95 Author: cctuan Desc: Bug 1035591 - Optimize the rest of js files in webapp-optimize.js ======== https://hg.mozilla.org/integration/gaia-central/rev/4b5d69ff31ef Author: George Desc: Merge pull request #30495 from cctuan/979827 Bug 979827 - [Build] check node version of environment. ======== https://hg.mozilla.org/integration/gaia-central/rev/f30ce7510ddd Author: cctuan Desc: Bug 979827 - [Build] check node version of environment. --- b2g/config/gaia.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/b2g/config/gaia.json b/b2g/config/gaia.json index ece878fe894..d6cb9d62940 100644 --- a/b2g/config/gaia.json +++ b/b2g/config/gaia.json @@ -1,9 +1,9 @@ { "git": { - "git_revision": "68269e7b6510930eb2f644f69d27d456c1bdec75", + "git_revision": "4560389c36e07bba9853d1ad9e57d4f081d5d42e", "remote": "https://git.mozilla.org/releases/gaia.git", "branch": "" }, - "revision": "32ad502c3fb2609f117b454d91d9e4f4e0a3d1da", + "revision": "895928dd50188f74af82bb74c9dcd54806bb37f6", "repo_path": "integration/gaia-central" } From ff7d5bc043899c210f2cadb0c15a62e616de6fb0 Mon Sep 17 00:00:00 2001 From: B2G Bumper Bot Date: Thu, 11 Jun 2015 01:47:25 -0700 Subject: [PATCH 002/297] Bumping manifests a=b2g-bump --- b2g/config/aries/sources.xml | 2 +- b2g/config/dolphin/sources.xml | 2 +- b2g/config/emulator-ics/sources.xml | 2 +- b2g/config/emulator-jb/sources.xml | 2 +- b2g/config/emulator-kk/sources.xml | 2 +- b2g/config/emulator-l/sources.xml | 2 +- b2g/config/emulator/sources.xml | 2 +- b2g/config/flame-kk/sources.xml | 2 +- b2g/config/nexus-4/sources.xml | 2 +- b2g/config/nexus-5-l/sources.xml | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/b2g/config/aries/sources.xml b/b2g/config/aries/sources.xml index 7792aa3364b..614e8097969 100644 --- a/b2g/config/aries/sources.xml +++ b/b2g/config/aries/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/dolphin/sources.xml b/b2g/config/dolphin/sources.xml index 1f296f3f119..5ffb0170d74 100644 --- a/b2g/config/dolphin/sources.xml +++ b/b2g/config/dolphin/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/emulator-ics/sources.xml b/b2g/config/emulator-ics/sources.xml index a3fc8ae6a55..5654dd8d36a 100644 --- a/b2g/config/emulator-ics/sources.xml +++ b/b2g/config/emulator-ics/sources.xml @@ -19,7 +19,7 @@ - + diff --git a/b2g/config/emulator-jb/sources.xml b/b2g/config/emulator-jb/sources.xml index ac47e2320c5..e3408fa9bfd 100644 --- a/b2g/config/emulator-jb/sources.xml +++ b/b2g/config/emulator-jb/sources.xml @@ -17,7 +17,7 @@ - + diff --git a/b2g/config/emulator-kk/sources.xml b/b2g/config/emulator-kk/sources.xml index f8e0c44df9b..913e618fb78 100644 --- a/b2g/config/emulator-kk/sources.xml +++ b/b2g/config/emulator-kk/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/emulator-l/sources.xml b/b2g/config/emulator-l/sources.xml index efe820cc43d..36151da2672 100644 --- a/b2g/config/emulator-l/sources.xml +++ b/b2g/config/emulator-l/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/emulator/sources.xml b/b2g/config/emulator/sources.xml index a3fc8ae6a55..5654dd8d36a 100644 --- a/b2g/config/emulator/sources.xml +++ b/b2g/config/emulator/sources.xml @@ -19,7 +19,7 @@ - + diff --git a/b2g/config/flame-kk/sources.xml b/b2g/config/flame-kk/sources.xml index 0022e7e8df8..ef0dfeda4e0 100644 --- a/b2g/config/flame-kk/sources.xml +++ b/b2g/config/flame-kk/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/nexus-4/sources.xml b/b2g/config/nexus-4/sources.xml index e391053054b..56bbc4e5c32 100644 --- a/b2g/config/nexus-4/sources.xml +++ b/b2g/config/nexus-4/sources.xml @@ -17,7 +17,7 @@ - + diff --git a/b2g/config/nexus-5-l/sources.xml b/b2g/config/nexus-5-l/sources.xml index 007c1a7c65b..e3fb36e9aeb 100644 --- a/b2g/config/nexus-5-l/sources.xml +++ b/b2g/config/nexus-5-l/sources.xml @@ -15,7 +15,7 @@ - + From 1fe4cba1315c0f36d7b0ab32d9e35a60307ed91d Mon Sep 17 00:00:00 2001 From: B2G Bumper Bot Date: Thu, 11 Jun 2015 02:00:28 -0700 Subject: [PATCH 003/297] Bumping gaia.json for 2 gaia revision(s) a=gaia-bump ======== https://hg.mozilla.org/integration/gaia-central/rev/342f81ba8afb Author: Dominic Kuo Desc: Merge pull request #30469 from dominickuo/bug-1172403 Bug 1172403 - [Music] Disable the fade-in animation for album art, r=jimporter ======== https://hg.mozilla.org/integration/gaia-central/rev/c80acf8dde0c Author: Dominic Kuo Desc: Bug 1172403 - [Music] Disable the fade-in animation for album art --- b2g/config/gaia.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/b2g/config/gaia.json b/b2g/config/gaia.json index d6cb9d62940..ae52e6c5a93 100644 --- a/b2g/config/gaia.json +++ b/b2g/config/gaia.json @@ -1,9 +1,9 @@ { "git": { - "git_revision": "4560389c36e07bba9853d1ad9e57d4f081d5d42e", + "git_revision": "1f89a95440766ad03a6406191588ee57ba6cbab0", "remote": "https://git.mozilla.org/releases/gaia.git", "branch": "" }, - "revision": "895928dd50188f74af82bb74c9dcd54806bb37f6", + "revision": "342f81ba8afb78b7b74f431873470ecd9eba460b", "repo_path": "integration/gaia-central" } From de3a5bd6436aa389a3818bbf46841f1dc215d3a8 Mon Sep 17 00:00:00 2001 From: B2G Bumper Bot Date: Thu, 11 Jun 2015 02:02:24 -0700 Subject: [PATCH 004/297] Bumping manifests a=b2g-bump --- b2g/config/aries/sources.xml | 2 +- b2g/config/dolphin/sources.xml | 2 +- b2g/config/emulator-ics/sources.xml | 2 +- b2g/config/emulator-jb/sources.xml | 2 +- b2g/config/emulator-kk/sources.xml | 2 +- b2g/config/emulator-l/sources.xml | 2 +- b2g/config/emulator/sources.xml | 2 +- b2g/config/flame-kk/sources.xml | 2 +- b2g/config/nexus-4/sources.xml | 2 +- b2g/config/nexus-5-l/sources.xml | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/b2g/config/aries/sources.xml b/b2g/config/aries/sources.xml index 614e8097969..492068a888c 100644 --- a/b2g/config/aries/sources.xml +++ b/b2g/config/aries/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/dolphin/sources.xml b/b2g/config/dolphin/sources.xml index 5ffb0170d74..c49acde6994 100644 --- a/b2g/config/dolphin/sources.xml +++ b/b2g/config/dolphin/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/emulator-ics/sources.xml b/b2g/config/emulator-ics/sources.xml index 5654dd8d36a..db0d6a64568 100644 --- a/b2g/config/emulator-ics/sources.xml +++ b/b2g/config/emulator-ics/sources.xml @@ -19,7 +19,7 @@ - + diff --git a/b2g/config/emulator-jb/sources.xml b/b2g/config/emulator-jb/sources.xml index e3408fa9bfd..11499a3f10e 100644 --- a/b2g/config/emulator-jb/sources.xml +++ b/b2g/config/emulator-jb/sources.xml @@ -17,7 +17,7 @@ - + diff --git a/b2g/config/emulator-kk/sources.xml b/b2g/config/emulator-kk/sources.xml index 913e618fb78..ca518cf135b 100644 --- a/b2g/config/emulator-kk/sources.xml +++ b/b2g/config/emulator-kk/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/emulator-l/sources.xml b/b2g/config/emulator-l/sources.xml index 36151da2672..ffa9922346e 100644 --- a/b2g/config/emulator-l/sources.xml +++ b/b2g/config/emulator-l/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/emulator/sources.xml b/b2g/config/emulator/sources.xml index 5654dd8d36a..db0d6a64568 100644 --- a/b2g/config/emulator/sources.xml +++ b/b2g/config/emulator/sources.xml @@ -19,7 +19,7 @@ - + diff --git a/b2g/config/flame-kk/sources.xml b/b2g/config/flame-kk/sources.xml index ef0dfeda4e0..940f7c7bfa9 100644 --- a/b2g/config/flame-kk/sources.xml +++ b/b2g/config/flame-kk/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/nexus-4/sources.xml b/b2g/config/nexus-4/sources.xml index 56bbc4e5c32..ac8d89c4fd6 100644 --- a/b2g/config/nexus-4/sources.xml +++ b/b2g/config/nexus-4/sources.xml @@ -17,7 +17,7 @@ - + diff --git a/b2g/config/nexus-5-l/sources.xml b/b2g/config/nexus-5-l/sources.xml index e3fb36e9aeb..32c008df0b4 100644 --- a/b2g/config/nexus-5-l/sources.xml +++ b/b2g/config/nexus-5-l/sources.xml @@ -15,7 +15,7 @@ - + From 7128d2dcf41d114c34c42822f2b685f0348823dd Mon Sep 17 00:00:00 2001 From: B2G Bumper Bot Date: Thu, 11 Jun 2015 02:20:15 -0700 Subject: [PATCH 005/297] Bumping gaia.json for 2 gaia revision(s) a=gaia-bump ======== https://hg.mozilla.org/integration/gaia-central/rev/150d304bae95 Author: Dominic Kuo Desc: Merge pull request #30477 from dominickuo/bug-1159610 Bug 1159610 - [Callscreen] Use the telephony's audio channel api to make telephony channel manageable by System app, r=gabrielesvelto ======== https://hg.mozilla.org/integration/gaia-central/rev/eec1474eea5f Author: Dominic Kuo Desc: Bug 1159610 - [Callscreen] Use the telephony's audio channel api to make telephony channel manageable by System app --- b2g/config/gaia.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/b2g/config/gaia.json b/b2g/config/gaia.json index ae52e6c5a93..8ac470d236e 100644 --- a/b2g/config/gaia.json +++ b/b2g/config/gaia.json @@ -1,9 +1,9 @@ { "git": { - "git_revision": "1f89a95440766ad03a6406191588ee57ba6cbab0", + "git_revision": "314cc9b2b56cfef14875101f2350aa3be15e7cae", "remote": "https://git.mozilla.org/releases/gaia.git", "branch": "" }, - "revision": "342f81ba8afb78b7b74f431873470ecd9eba460b", + "revision": "150d304bae955edb35fc1d470ccfcb7d1c27e0c4", "repo_path": "integration/gaia-central" } From 7ac70d41a3cf217044eb42258979a67fc783200e Mon Sep 17 00:00:00 2001 From: B2G Bumper Bot Date: Thu, 11 Jun 2015 02:22:11 -0700 Subject: [PATCH 006/297] Bumping manifests a=b2g-bump --- b2g/config/aries/sources.xml | 2 +- b2g/config/dolphin/sources.xml | 2 +- b2g/config/emulator-ics/sources.xml | 2 +- b2g/config/emulator-jb/sources.xml | 2 +- b2g/config/emulator-kk/sources.xml | 2 +- b2g/config/emulator-l/sources.xml | 2 +- b2g/config/emulator/sources.xml | 2 +- b2g/config/flame-kk/sources.xml | 2 +- b2g/config/nexus-4/sources.xml | 2 +- b2g/config/nexus-5-l/sources.xml | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/b2g/config/aries/sources.xml b/b2g/config/aries/sources.xml index 492068a888c..368c44ac060 100644 --- a/b2g/config/aries/sources.xml +++ b/b2g/config/aries/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/dolphin/sources.xml b/b2g/config/dolphin/sources.xml index c49acde6994..d9bb50edb59 100644 --- a/b2g/config/dolphin/sources.xml +++ b/b2g/config/dolphin/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/emulator-ics/sources.xml b/b2g/config/emulator-ics/sources.xml index db0d6a64568..fbe27aaedef 100644 --- a/b2g/config/emulator-ics/sources.xml +++ b/b2g/config/emulator-ics/sources.xml @@ -19,7 +19,7 @@ - + diff --git a/b2g/config/emulator-jb/sources.xml b/b2g/config/emulator-jb/sources.xml index 11499a3f10e..c1b4ba2bcb3 100644 --- a/b2g/config/emulator-jb/sources.xml +++ b/b2g/config/emulator-jb/sources.xml @@ -17,7 +17,7 @@ - + diff --git a/b2g/config/emulator-kk/sources.xml b/b2g/config/emulator-kk/sources.xml index ca518cf135b..a83b8905409 100644 --- a/b2g/config/emulator-kk/sources.xml +++ b/b2g/config/emulator-kk/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/emulator-l/sources.xml b/b2g/config/emulator-l/sources.xml index ffa9922346e..a29c1f08c0c 100644 --- a/b2g/config/emulator-l/sources.xml +++ b/b2g/config/emulator-l/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/emulator/sources.xml b/b2g/config/emulator/sources.xml index db0d6a64568..fbe27aaedef 100644 --- a/b2g/config/emulator/sources.xml +++ b/b2g/config/emulator/sources.xml @@ -19,7 +19,7 @@ - + diff --git a/b2g/config/flame-kk/sources.xml b/b2g/config/flame-kk/sources.xml index 940f7c7bfa9..a6765044123 100644 --- a/b2g/config/flame-kk/sources.xml +++ b/b2g/config/flame-kk/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/nexus-4/sources.xml b/b2g/config/nexus-4/sources.xml index ac8d89c4fd6..808090624e7 100644 --- a/b2g/config/nexus-4/sources.xml +++ b/b2g/config/nexus-4/sources.xml @@ -17,7 +17,7 @@ - + diff --git a/b2g/config/nexus-5-l/sources.xml b/b2g/config/nexus-5-l/sources.xml index 32c008df0b4..511e5882b6a 100644 --- a/b2g/config/nexus-5-l/sources.xml +++ b/b2g/config/nexus-5-l/sources.xml @@ -15,7 +15,7 @@ - + From 2e938e5ccbdb3fd420c3afefe353b9f491ea55b2 Mon Sep 17 00:00:00 2001 From: Yoshi Huang Date: Wed, 3 Jun 2015 14:35:09 +0800 Subject: [PATCH 007/297] Bug 1170097 - Part 1: Move OriginAttributeDictionary. r=bholley --- caps/BasePrincipal.h | 2 +- dom/webidl/ChromeUtils.webidl | 14 ++++++++++++++ dom/webidl/SystemDictionaries.webidl | 22 ---------------------- dom/webidl/moz.build | 1 - 4 files changed, 15 insertions(+), 24 deletions(-) delete mode 100644 dom/webidl/SystemDictionaries.webidl diff --git a/caps/BasePrincipal.h b/caps/BasePrincipal.h index 5a5576d33d4..377869b5526 100644 --- a/caps/BasePrincipal.h +++ b/caps/BasePrincipal.h @@ -11,7 +11,7 @@ #include "nsIScriptSecurityManager.h" #include "nsJSPrincipals.h" -#include "mozilla/dom/SystemDictionariesBinding.h" +#include "mozilla/dom/ChromeUtilsBinding.h" class nsIContentSecurityPolicy; class nsIObjectOutputStream; diff --git a/dom/webidl/ChromeUtils.webidl b/dom/webidl/ChromeUtils.webidl index db373fea98a..11683eb76a7 100644 --- a/dom/webidl/ChromeUtils.webidl +++ b/dom/webidl/ChromeUtils.webidl @@ -61,3 +61,17 @@ dictionary HeapSnapshotBoundaries { object debugger; boolean runtime; }; + +/** + * Used by principals and the script security manager to represent origin + * attributes. + * + * IMPORTANT: If you add any members here, you need to update the + * methods on mozilla::OriginAttributes, and bump the CIDs of all + * the principal implementations that use OriginAttributes in their + * nsISerializable implementations. + */ +dictionary OriginAttributesDictionary { + unsigned long appId = 0; + boolean inBrowser = false; +}; diff --git a/dom/webidl/SystemDictionaries.webidl b/dom/webidl/SystemDictionaries.webidl deleted file mode 100644 index 4205aae5ca0..00000000000 --- a/dom/webidl/SystemDictionaries.webidl +++ /dev/null @@ -1,22 +0,0 @@ -/* -*- Mode: IDL; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this file, - * You can obtain one at http://mozilla.org/MPL/2.0/. - * - * Copyright © 2012 W3C® (MIT, ERCIM, Keio), All Rights Reserved. W3C - * liability, trademark and document use rules apply. - */ - -/* - * Used by principals and the script security manager to represent origin - * attributes. - * - * IMPORTANT: If you add any members here, you need to update the - * methods on mozilla::OriginAttributes, and bump the CIDs of all - * the principal implementations that use OriginAttributes in their - * nsISerializable implementations. - */ -dictionary OriginAttributesDictionary { - unsigned long appId = 0; - boolean inBrowser = false; -}; diff --git a/dom/webidl/moz.build b/dom/webidl/moz.build index 9744a577079..4fbe39b5e93 100644 --- a/dom/webidl/moz.build +++ b/dom/webidl/moz.build @@ -512,7 +512,6 @@ WEBIDL_FILES = [ 'SVGViewElement.webidl', 'SVGZoomAndPan.webidl', 'SVGZoomEvent.webidl', - 'SystemDictionaries.webidl', 'Telephony.webidl', 'TelephonyCall.webidl', 'TelephonyCallGroup.webidl', From db6bee2b698a8e5a9b4ff21b3849fed7471289bf Mon Sep 17 00:00:00 2001 From: Yoshi Huang Date: Wed, 3 Jun 2015 14:38:55 +0800 Subject: [PATCH 008/297] Bug 1170097 - Part 2: Add originAttributesToCookieJar. r=bholley --- caps/BasePrincipal.cpp | 14 ++++++---- caps/BasePrincipal.h | 4 +++ dom/webidl/ChromeUtils.webidl | 9 +++++++ toolkit/devtools/server/ChromeUtils.cpp | 10 +++++++ toolkit/devtools/server/ChromeUtils.h | 5 ++++ .../unit/test_originAttributesToCookieJar.js | 26 +++++++++++++++++++ .../devtools/server/tests/unit/xpcshell.ini | 1 + 7 files changed, 64 insertions(+), 5 deletions(-) create mode 100644 toolkit/devtools/server/tests/unit/test_originAttributesToCookieJar.js diff --git a/caps/BasePrincipal.cpp b/caps/BasePrincipal.cpp index ae328a8de84..93a39fbfd54 100644 --- a/caps/BasePrincipal.cpp +++ b/caps/BasePrincipal.cpp @@ -115,6 +115,12 @@ OriginAttributes::PopulateFromSuffix(const nsACString& aStr) return usp->ForEach(iterator); } +void +OriginAttributes::CookieJar(nsACString& aStr) +{ + mozilla::GetJarPrefix(mAppId, mInBrowser, aStr); +} + BasePrincipal::BasePrincipal() {} @@ -223,7 +229,7 @@ BasePrincipal::GetJarPrefix(nsACString& aJarPrefix) { MOZ_ASSERT(AppId() != nsIScriptSecurityManager::UNKNOWN_APP_ID); - mozilla::GetJarPrefix(AppId(), IsInBrowserElement(), aJarPrefix); + mOriginAttributes.CookieJar(aJarPrefix); return NS_OK; } @@ -246,10 +252,8 @@ BasePrincipal::GetOriginSuffix(nsACString& aOriginAttributes) NS_IMETHODIMP BasePrincipal::GetCookieJar(nsACString& aCookieJar) { - // We just forward to .jarPrefix for now, which is a nice compact - // stringification of the (appId, inBrowser) tuple. This will eventaully be - // swapped out for an origin attribute - see the comment in nsIPrincipal.idl. - return GetJarPrefix(aCookieJar); + mOriginAttributes.CookieJar(aCookieJar); + return NS_OK; } NS_IMETHODIMP diff --git a/caps/BasePrincipal.h b/caps/BasePrincipal.h index 377869b5526..feb4aa9db12 100644 --- a/caps/BasePrincipal.h +++ b/caps/BasePrincipal.h @@ -28,6 +28,8 @@ public: mAppId = aAppId; mInBrowser = aInBrowser; } + explicit OriginAttributes(const OriginAttributesDictionary& aOther) + : OriginAttributesDictionary(aOther) {} bool operator==(const OriginAttributes& aOther) const { @@ -44,6 +46,8 @@ public: // returns an empty string. void CreateSuffix(nsACString& aStr) const; bool PopulateFromSuffix(const nsACString& aStr); + + void CookieJar(nsACString& aStr); }; /* diff --git a/dom/webidl/ChromeUtils.webidl b/dom/webidl/ChromeUtils.webidl index 11683eb76a7..64cab34a155 100644 --- a/dom/webidl/ChromeUtils.webidl +++ b/dom/webidl/ChromeUtils.webidl @@ -28,6 +28,15 @@ interface ChromeUtils { */ [Throws, NewObject] static HeapSnapshot readHeapSnapshot(DOMString filePath); + + /** + * A helper that converts OriginAttributesDictionary to cookie jar opaque + * identfier. + * + * @param originAttrs The originAttributes from the caller. + */ + static ByteString + originAttributesToCookieJar(optional OriginAttributesDictionary originAttrs); }; /** diff --git a/toolkit/devtools/server/ChromeUtils.cpp b/toolkit/devtools/server/ChromeUtils.cpp index 4e596835642..b2eb58c9c0f 100644 --- a/toolkit/devtools/server/ChromeUtils.cpp +++ b/toolkit/devtools/server/ChromeUtils.cpp @@ -11,6 +11,7 @@ #include "mozilla/devtools/HeapSnapshot.h" #include "mozilla/devtools/ZeroCopyNSIOutputStream.h" #include "mozilla/Attributes.h" +#include "mozilla/BasePrincipal.h" #include "mozilla/UniquePtr.h" #include "nsCRTGlue.h" @@ -428,5 +429,14 @@ ChromeUtils::ReadHeapSnapshot(GlobalObject& global, return HeapSnapshot::Create(cx, global, buffer.get(), size, rv); } +/* static */ void +ChromeUtils::OriginAttributesToCookieJar(GlobalObject& aGlobal, + const OriginAttributesDictionary& aAttrs, + nsCString& aCookieJar) +{ + OriginAttributes attrs(aAttrs); + attrs.CookieJar(aCookieJar); +} + } // namespace devtools } // namespace mozilla diff --git a/toolkit/devtools/server/ChromeUtils.h b/toolkit/devtools/server/ChromeUtils.h index 047194b3d3d..ef4e2180bc9 100644 --- a/toolkit/devtools/server/ChromeUtils.h +++ b/toolkit/devtools/server/ChromeUtils.h @@ -73,6 +73,11 @@ public: JSContext* cx, const nsAString& filePath, ErrorResult& rv); + + static void + OriginAttributesToCookieJar(dom::GlobalObject& aGlobal, + const dom::OriginAttributesDictionary& aAttrs, + nsCString& aCookieJar); }; } // namespace devtools diff --git a/toolkit/devtools/server/tests/unit/test_originAttributesToCookieJar.js b/toolkit/devtools/server/tests/unit/test_originAttributesToCookieJar.js new file mode 100644 index 00000000000..e4605707590 --- /dev/null +++ b/toolkit/devtools/server/tests/unit/test_originAttributesToCookieJar.js @@ -0,0 +1,26 @@ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +Cu.import("resource://gre/modules/Services.jsm"); +var ssm = Services.scriptSecurityManager; + +function run_test() { + const appId = 12; + var browserAttrs = {appId: appId, inBrowser: true}; + + // ChromeUtils.originAttributesToCookieJar should return the same value with + // the cookieJar of the principal created from the same origin attribute. + var cookieJar_1 = ChromeUtils.originAttributesToCookieJar(browserAttrs); + var dummy = Services.io.newURI("http://example.com", null, null); + var cookieJar_2 = ssm.createCodebasePrincipal(dummy, browserAttrs).cookieJar; + do_check_eq(cookieJar_1, cookieJar_2); + + // App and mozbrowser shouldn't have the same cookieJar identifier. + var appAttrs = {appId: appId, inBrowser: false}; + var cookieJar_3 = ChromeUtils.originAttributesToCookieJar(appAttrs); + do_check_neq(cookieJar_1, cookieJar_3); + + // If the attribute is null the cookieJar identifier should be empty. + var cookieJar_4 = ChromeUtils.originAttributesToCookieJar(); + do_check_eq(cookieJar_4, ""); +} diff --git a/toolkit/devtools/server/tests/unit/xpcshell.ini b/toolkit/devtools/server/tests/unit/xpcshell.ini index 9e92fa92c5d..2bb26409019 100644 --- a/toolkit/devtools/server/tests/unit/xpcshell.ini +++ b/toolkit/devtools/server/tests/unit/xpcshell.ini @@ -80,6 +80,7 @@ support-files = [test_eval-03.js] [test_eval-04.js] [test_eval-05.js] +[test_originAttributesToCookieJar.js] [test_promises_actor_attach.js] [test_promises_actor_exist.js] [test_promises_actor_list_promises.js] From 7c062f55ea76aad72acbc66ff6f941757b7e867e Mon Sep 17 00:00:00 2001 From: Yoshi Huang Date: Wed, 27 May 2015 16:10:42 +0800 Subject: [PATCH 009/297] Bug 1168300 - notify clear-cookiejar-data. r=sicking --- dom/apps/Webapps.jsm | 17 +++ dom/apps/tests/mochitest.ini | 1 + dom/apps/tests/test_bug_1168300.html | 115 ++++++++++++++++++ .../mozIApplicationClearPrivateDataParams.idl | 1 + 4 files changed, 134 insertions(+) create mode 100644 dom/apps/tests/test_bug_1168300.html diff --git a/dom/apps/Webapps.jsm b/dom/apps/Webapps.jsm index 1c537d2e979..31e5c8a206f 100644 --- a/dom/apps/Webapps.jsm +++ b/dom/apps/Webapps.jsm @@ -4861,7 +4861,24 @@ this.DOMApplicationRegistry = { browserOnly: browserOnly, QueryInterface: XPCOMUtils.generateQI([Ci.mozIApplicationClearPrivateDataParams]) }; + this._clearCookieJarData(appId, browserOnly); this._notifyCategoryAndObservers(subject, "webapps-clear-data", null, msg); + }, + + _clearCookieJarData: function(appId, browserOnly) { + let browserCookieJar = + ChromeUtils.originAttributesToCookieJar({appId: appId, + inBrowser: true}); + this._notifyCategoryAndObservers(null, "clear-cookiejar-data", + browserCookieJar); + + if (!browserOnly) { + let appCookieJar = + ChromeUtils.originAttributesToCookieJar({appId: appId, + inBrowser: false}); + this._notifyCategoryAndObservers(null, "clear-cookiejar-data", + appCookieJar); + } } }; diff --git a/dom/apps/tests/mochitest.ini b/dom/apps/tests/mochitest.ini index 4530a72d77a..8f4e4fcd1e2 100644 --- a/dom/apps/tests/mochitest.ini +++ b/dom/apps/tests/mochitest.ini @@ -41,6 +41,7 @@ skip-if = os == "android" || toolkit == "gonk" # embed-apps doesn't work in moch [test_app_update.html] skip-if = os == "android" || toolkit == "gonk" # embed-apps doesn't work in mochitest app [test_bug_795164.html] +[test_bug_1168300.html] [test_import_export.html] [test_install_dev_mode.html] [test_install_multiple_apps_origin.html] diff --git a/dom/apps/tests/test_bug_1168300.html b/dom/apps/tests/test_bug_1168300.html new file mode 100644 index 00000000000..884e7a2e0c1 --- /dev/null +++ b/dom/apps/tests/test_bug_1168300.html @@ -0,0 +1,115 @@ + + + + + + Test for Bug 1168300 + + + + + +Mozilla Bug 1168300 +

+ +
+
+ + diff --git a/dom/interfaces/apps/mozIApplicationClearPrivateDataParams.idl b/dom/interfaces/apps/mozIApplicationClearPrivateDataParams.idl index b468c9c371d..10b7efdd46c 100644 --- a/dom/interfaces/apps/mozIApplicationClearPrivateDataParams.idl +++ b/dom/interfaces/apps/mozIApplicationClearPrivateDataParams.idl @@ -16,4 +16,5 @@ interface mozIApplicationClearPrivateDataParams : nsISupports %{C++ #define TOPIC_WEB_APP_CLEAR_DATA "webapps-clear-data" +#define TOPIC_CLEAR_COOKIEJAR_DATA "clear-cookiejar-data" %} From d5c9646a41d074b049661e5f54f8e0e0b3fdcad5 Mon Sep 17 00:00:00 2001 From: B2G Bumper Bot Date: Thu, 11 Jun 2015 02:35:27 -0700 Subject: [PATCH 010/297] Bumping gaia.json for 2 gaia revision(s) a=gaia-bump ======== https://hg.mozilla.org/integration/gaia-central/rev/f59b5aa7523e Author: Julien Wajsberg Desc: Merge pull request #30508 from julienw/1146393-increase-picture-size Bug 1146393 - Increase allowed size for images r=schung ======== https://hg.mozilla.org/integration/gaia-central/rev/ef063c2c5fcf Author: Julien Wajsberg Desc: Bug 1146393 - Increase allowed size for images r=schung --- b2g/config/gaia.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/b2g/config/gaia.json b/b2g/config/gaia.json index 8ac470d236e..dce37575f37 100644 --- a/b2g/config/gaia.json +++ b/b2g/config/gaia.json @@ -1,9 +1,9 @@ { "git": { - "git_revision": "314cc9b2b56cfef14875101f2350aa3be15e7cae", + "git_revision": "0c0e988dca221e3294a0868f090956ee79c18a89", "remote": "https://git.mozilla.org/releases/gaia.git", "branch": "" }, - "revision": "150d304bae955edb35fc1d470ccfcb7d1c27e0c4", + "revision": "f59b5aa7523e90d1427f3a04b83b2f6a6456fcb5", "repo_path": "integration/gaia-central" } From cd4c0c1db15ef2ff7488bd2c67536c4adfcdb0d5 Mon Sep 17 00:00:00 2001 From: B2G Bumper Bot Date: Thu, 11 Jun 2015 02:37:22 -0700 Subject: [PATCH 011/297] Bumping manifests a=b2g-bump --- b2g/config/aries/sources.xml | 2 +- b2g/config/dolphin/sources.xml | 2 +- b2g/config/emulator-ics/sources.xml | 2 +- b2g/config/emulator-jb/sources.xml | 2 +- b2g/config/emulator-kk/sources.xml | 2 +- b2g/config/emulator-l/sources.xml | 2 +- b2g/config/emulator/sources.xml | 2 +- b2g/config/flame-kk/sources.xml | 2 +- b2g/config/nexus-4/sources.xml | 2 +- b2g/config/nexus-5-l/sources.xml | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/b2g/config/aries/sources.xml b/b2g/config/aries/sources.xml index 368c44ac060..a8e3da8166e 100644 --- a/b2g/config/aries/sources.xml +++ b/b2g/config/aries/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/dolphin/sources.xml b/b2g/config/dolphin/sources.xml index d9bb50edb59..154c7fa321e 100644 --- a/b2g/config/dolphin/sources.xml +++ b/b2g/config/dolphin/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/emulator-ics/sources.xml b/b2g/config/emulator-ics/sources.xml index fbe27aaedef..f1a0732d61f 100644 --- a/b2g/config/emulator-ics/sources.xml +++ b/b2g/config/emulator-ics/sources.xml @@ -19,7 +19,7 @@ - + diff --git a/b2g/config/emulator-jb/sources.xml b/b2g/config/emulator-jb/sources.xml index c1b4ba2bcb3..c8ab3f4fffe 100644 --- a/b2g/config/emulator-jb/sources.xml +++ b/b2g/config/emulator-jb/sources.xml @@ -17,7 +17,7 @@ - + diff --git a/b2g/config/emulator-kk/sources.xml b/b2g/config/emulator-kk/sources.xml index a83b8905409..ce6e93f7bde 100644 --- a/b2g/config/emulator-kk/sources.xml +++ b/b2g/config/emulator-kk/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/emulator-l/sources.xml b/b2g/config/emulator-l/sources.xml index a29c1f08c0c..ce145902b08 100644 --- a/b2g/config/emulator-l/sources.xml +++ b/b2g/config/emulator-l/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/emulator/sources.xml b/b2g/config/emulator/sources.xml index fbe27aaedef..f1a0732d61f 100644 --- a/b2g/config/emulator/sources.xml +++ b/b2g/config/emulator/sources.xml @@ -19,7 +19,7 @@ - + diff --git a/b2g/config/flame-kk/sources.xml b/b2g/config/flame-kk/sources.xml index a6765044123..8755d2aa88f 100644 --- a/b2g/config/flame-kk/sources.xml +++ b/b2g/config/flame-kk/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/nexus-4/sources.xml b/b2g/config/nexus-4/sources.xml index 808090624e7..6a742076e15 100644 --- a/b2g/config/nexus-4/sources.xml +++ b/b2g/config/nexus-4/sources.xml @@ -17,7 +17,7 @@ - + diff --git a/b2g/config/nexus-5-l/sources.xml b/b2g/config/nexus-5-l/sources.xml index 511e5882b6a..5036cdddf6f 100644 --- a/b2g/config/nexus-5-l/sources.xml +++ b/b2g/config/nexus-5-l/sources.xml @@ -15,7 +15,7 @@ - + From baefcba352f6cd74d6ccc96d73b44c6a9938c3c5 Mon Sep 17 00:00:00 2001 From: B2G Bumper Bot Date: Thu, 11 Jun 2015 04:00:24 -0700 Subject: [PATCH 012/297] Bumping gaia.json for 2 gaia revision(s) a=gaia-bump MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ======== https://hg.mozilla.org/integration/gaia-central/rev/936c694e939d Author: Borja Salguero Desc: Merge pull request #30517 from borjasalguero/bug_1173106 Bug 1173106 - [Contacts][NGA] Move contacts.Matcher to it own Object.… ======== https://hg.mozilla.org/integration/gaia-central/rev/4723e25178df Author: Borja Salguero Desc: Bug 1173106 - [Contacts][NGA] Move contacts.Matcher to it own Object. r=arcturus --- b2g/config/gaia.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/b2g/config/gaia.json b/b2g/config/gaia.json index dce37575f37..6c0f0286b5b 100644 --- a/b2g/config/gaia.json +++ b/b2g/config/gaia.json @@ -1,9 +1,9 @@ { "git": { - "git_revision": "0c0e988dca221e3294a0868f090956ee79c18a89", + "git_revision": "bdfc09c6a26eba3f036b085fed1adfc28379b495", "remote": "https://git.mozilla.org/releases/gaia.git", "branch": "" }, - "revision": "f59b5aa7523e90d1427f3a04b83b2f6a6456fcb5", + "revision": "936c694e939d3b270b7cadfe9c0e2bd47aacc63c", "repo_path": "integration/gaia-central" } From 352c33ec2bba5e54dc0497beb2b573279bf184d2 Mon Sep 17 00:00:00 2001 From: B2G Bumper Bot Date: Thu, 11 Jun 2015 04:02:20 -0700 Subject: [PATCH 013/297] Bumping manifests a=b2g-bump --- b2g/config/aries/sources.xml | 2 +- b2g/config/dolphin/sources.xml | 2 +- b2g/config/emulator-ics/sources.xml | 2 +- b2g/config/emulator-jb/sources.xml | 2 +- b2g/config/emulator-kk/sources.xml | 2 +- b2g/config/emulator-l/sources.xml | 2 +- b2g/config/emulator/sources.xml | 2 +- b2g/config/flame-kk/sources.xml | 2 +- b2g/config/nexus-4/sources.xml | 2 +- b2g/config/nexus-5-l/sources.xml | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/b2g/config/aries/sources.xml b/b2g/config/aries/sources.xml index a8e3da8166e..890a22a297a 100644 --- a/b2g/config/aries/sources.xml +++ b/b2g/config/aries/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/dolphin/sources.xml b/b2g/config/dolphin/sources.xml index 154c7fa321e..8c76f0c48e8 100644 --- a/b2g/config/dolphin/sources.xml +++ b/b2g/config/dolphin/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/emulator-ics/sources.xml b/b2g/config/emulator-ics/sources.xml index f1a0732d61f..6320b75dd05 100644 --- a/b2g/config/emulator-ics/sources.xml +++ b/b2g/config/emulator-ics/sources.xml @@ -19,7 +19,7 @@ - + diff --git a/b2g/config/emulator-jb/sources.xml b/b2g/config/emulator-jb/sources.xml index c8ab3f4fffe..d0c019592e0 100644 --- a/b2g/config/emulator-jb/sources.xml +++ b/b2g/config/emulator-jb/sources.xml @@ -17,7 +17,7 @@ - + diff --git a/b2g/config/emulator-kk/sources.xml b/b2g/config/emulator-kk/sources.xml index ce6e93f7bde..32529988d52 100644 --- a/b2g/config/emulator-kk/sources.xml +++ b/b2g/config/emulator-kk/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/emulator-l/sources.xml b/b2g/config/emulator-l/sources.xml index ce145902b08..c69b47df302 100644 --- a/b2g/config/emulator-l/sources.xml +++ b/b2g/config/emulator-l/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/emulator/sources.xml b/b2g/config/emulator/sources.xml index f1a0732d61f..6320b75dd05 100644 --- a/b2g/config/emulator/sources.xml +++ b/b2g/config/emulator/sources.xml @@ -19,7 +19,7 @@ - + diff --git a/b2g/config/flame-kk/sources.xml b/b2g/config/flame-kk/sources.xml index 8755d2aa88f..3a9155ddd54 100644 --- a/b2g/config/flame-kk/sources.xml +++ b/b2g/config/flame-kk/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/nexus-4/sources.xml b/b2g/config/nexus-4/sources.xml index 6a742076e15..717f6fafc44 100644 --- a/b2g/config/nexus-4/sources.xml +++ b/b2g/config/nexus-4/sources.xml @@ -17,7 +17,7 @@ - + diff --git a/b2g/config/nexus-5-l/sources.xml b/b2g/config/nexus-5-l/sources.xml index 5036cdddf6f..ccf58e33c4e 100644 --- a/b2g/config/nexus-5-l/sources.xml +++ b/b2g/config/nexus-5-l/sources.xml @@ -15,7 +15,7 @@ - + From 84a074ac7ef5015f0c807701129f93aee6cffa81 Mon Sep 17 00:00:00 2001 From: brian37ful Date: Wed, 10 Jun 2015 03:03:00 +0200 Subject: [PATCH 014/297] Bug 999300 - Part 1: Removed the Ril v5 legacy support. r=edgar --- dom/system/gonk/RadioInterfaceLayer.js | 2 - dom/system/gonk/ril_consts.js | 12 +- dom/system/gonk/ril_worker.js | 212 ++++++------------------- 3 files changed, 47 insertions(+), 179 deletions(-) diff --git a/dom/system/gonk/RadioInterfaceLayer.js b/dom/system/gonk/RadioInterfaceLayer.js index b5da83d0d19..25a1bab3899 100644 --- a/dom/system/gonk/RadioInterfaceLayer.js +++ b/dom/system/gonk/RadioInterfaceLayer.js @@ -732,8 +732,6 @@ WorkerMessenger.prototype = { quirks: { callstateExtraUint32: libcutils.property_get("ro.moz.ril.callstate_extra_int", "false") === "true", - v5Legacy: - libcutils.property_get("ro.moz.ril.v5_legacy", "true") === "true", requestUseDialEmergencyCall: libcutils.property_get("ro.moz.ril.dial_emergency_call", "false") === "true", simAppStateExtraFields: diff --git a/dom/system/gonk/ril_consts.js b/dom/system/gonk/ril_consts.js index d9a1ed65260..7c2f5f082f9 100644 --- a/dom/system/gonk/ril_consts.js +++ b/dom/system/gonk/ril_consts.js @@ -278,17 +278,7 @@ this.SMS_RETRY_MAX = 3; this.RADIO_STATE_OFF = 0; this.RADIO_STATE_UNAVAILABLE = 1; -this.RADIO_STATE_ON = 10; // RIL v7 - -// RIL v5 legacy constants: -this.RADIO_STATE_SIM_NOT_READY = 2; -this.RADIO_STATE_SIM_LOCKED_OR_ABSENT = 3; -this.RADIO_STATE_SIM_READY = 4; -this.RADIO_STATE_RUIM_NOT_READY = 5; -this.RADIO_STATE_RUIM_READY = 6; -this.RADIO_STATE_RUIM_LOCKED_OR_ABSENT = 7; -this.RADIO_STATE_NV_NOT_READY = 8; -this.RADIO_STATE_NV_READY = 9; +this.RADIO_STATE_ON = 10; // since RIL v7 this.CARD_STATE_ABSENT = 0; this.CARD_STATE_PRESENT = 1; diff --git a/dom/system/gonk/ril_worker.js b/dom/system/gonk/ril_worker.js index bd6811759dc..c87e8cb2f37 100644 --- a/dom/system/gonk/ril_worker.js +++ b/dom/system/gonk/ril_worker.js @@ -65,9 +65,6 @@ const ICC_MAX_LINEAR_FIXED_RECORDS = 0xfe; const GET_CURRENT_CALLS_RETRY_MAX = 3; let RILQUIRKS_CALLSTATE_EXTRA_UINT32; -// This may change at runtime since in RIL v6 and later, we get the version -// number via the UNSOLICITED_RIL_CONNECTED parcel. -let RILQUIRKS_V5_LEGACY; let RILQUIRKS_REQUEST_USE_DIAL_EMERGENCY_CALL; let RILQUIRKS_SIM_APP_STATE_EXTRA_FIELDS; // Needed for call-waiting on Peak device @@ -105,9 +102,6 @@ function RilObject(aContext) { this.pendingNetworkType = {}; this._receivedSmsCbPagesMap = {}; this._getCurrentCallsRetryCount = 0; - - // Init properties that are only initialized once. - this.v5Legacy = RILQUIRKS_V5_LEGACY; } RilObject.prototype = { context: null, @@ -116,7 +110,6 @@ RilObject.prototype = { * RIL version. */ version: null, - v5Legacy: null, /** * Call state of current conference group. @@ -377,11 +370,9 @@ RilObject.prototype = { enterICCPIN: function(options) { let Buf = this.context.Buf; Buf.newParcel(REQUEST_ENTER_SIM_PIN, options); - Buf.writeInt32(this.v5Legacy ? 1 : 2); + Buf.writeInt32(2); Buf.writeString(options.password); - if (!this.v5Legacy) { - Buf.writeString(options.aid || this.aid); - } + Buf.writeString(options.aid || this.aid); Buf.sendParcel(); }, @@ -396,11 +387,9 @@ RilObject.prototype = { enterICCPIN2: function(options) { let Buf = this.context.Buf; Buf.newParcel(REQUEST_ENTER_SIM_PIN2, options); - Buf.writeInt32(this.v5Legacy ? 1 : 2); + Buf.writeInt32(2); Buf.writeString(options.password); - if (!this.v5Legacy) { - Buf.writeString(options.aid || this.aid); - } + Buf.writeString(options.aid || this.aid); Buf.sendParcel(); }, @@ -433,12 +422,10 @@ RilObject.prototype = { changeICCPIN: function(options) { let Buf = this.context.Buf; Buf.newParcel(REQUEST_CHANGE_SIM_PIN, options); - Buf.writeInt32(this.v5Legacy ? 2 : 3); + Buf.writeInt32(3); Buf.writeString(options.password); Buf.writeString(options.newPassword); - if (!this.v5Legacy) { - Buf.writeString(options.aid || this.aid); - } + Buf.writeString(options.aid || this.aid); Buf.sendParcel(); }, @@ -455,12 +442,10 @@ RilObject.prototype = { changeICCPIN2: function(options) { let Buf = this.context.Buf; Buf.newParcel(REQUEST_CHANGE_SIM_PIN2, options); - Buf.writeInt32(this.v5Legacy ? 2 : 3); + Buf.writeInt32(3); Buf.writeString(options.password); Buf.writeString(options.newPassword); - if (!this.v5Legacy) { - Buf.writeString(options.aid || this.aid); - } + Buf.writeString(options.aid || this.aid); Buf.sendParcel(); }, @@ -474,17 +459,15 @@ RilObject.prototype = { * @param [optional] aid * AID value. */ - enterICCPUK: function(options) { - let Buf = this.context.Buf; - Buf.newParcel(REQUEST_ENTER_SIM_PUK, options); - Buf.writeInt32(this.v5Legacy ? 2 : 3); - Buf.writeString(options.password); - Buf.writeString(options.newPin); - if (!this.v5Legacy) { - Buf.writeString(options.aid || this.aid); - } - Buf.sendParcel(); - }, + enterICCPUK: function(options) { + let Buf = this.context.Buf; + Buf.newParcel(REQUEST_ENTER_SIM_PUK, options); + Buf.writeInt32(3); + Buf.writeString(options.password); + Buf.writeString(options.newPin); + Buf.writeString(options.aid || this.aid); + Buf.sendParcel(); + }, /** * Supplies ICC PUK2 and a new PIN2 to unlock the ICC. @@ -496,17 +479,15 @@ RilObject.prototype = { * @param [optional] aid * AID value. */ - enterICCPUK2: function(options) { - let Buf = this.context.Buf; - Buf.newParcel(REQUEST_ENTER_SIM_PUK2, options); - Buf.writeInt32(this.v5Legacy ? 2 : 3); - Buf.writeString(options.password); - Buf.writeString(options.newPin); - if (!this.v5Legacy) { - Buf.writeString(options.aid || this.aid); - } - Buf.sendParcel(); - }, + enterICCPUK2: function(options) { + let Buf = this.context.Buf; + Buf.newParcel(REQUEST_ENTER_SIM_PUK2, options); + Buf.writeInt32(3); + Buf.writeString(options.password); + Buf.writeString(options.newPin); + Buf.writeString(options.aid || this.aid); + Buf.sendParcel(); + }, /** * Helper function for changing ICC locks. @@ -635,13 +616,11 @@ RilObject.prototype = { queryICCFacilityLock: function(options) { let Buf = this.context.Buf; Buf.newParcel(REQUEST_QUERY_FACILITY_LOCK, options); - Buf.writeInt32(this.v5Legacy ? 3 : 4); + Buf.writeInt32(4); Buf.writeString(options.facility); Buf.writeString(options.password); Buf.writeString(options.serviceClass.toString()); - if (!this.v5Legacy) { - Buf.writeString(options.aid || this.aid); - } + Buf.writeString(options.aid || this.aid); Buf.sendParcel(); }, @@ -662,14 +641,12 @@ RilObject.prototype = { setICCFacilityLock: function(options) { let Buf = this.context.Buf; Buf.newParcel(REQUEST_SET_FACILITY_LOCK, options); - Buf.writeInt32(this.v5Legacy ? 4 : 5); + Buf.writeInt32(5); Buf.writeString(options.facility); Buf.writeString(options.enabled ? "1" : "0"); Buf.writeString(options.password); Buf.writeString(options.serviceClass.toString()); - if (!this.v5Legacy) { - Buf.writeString(options.aid || this.aid); - } + Buf.writeString(options.aid || this.aid); Buf.sendParcel(); }, @@ -721,9 +698,7 @@ RilObject.prototype = { Buf.writeString(null); } - if (!this.v5Legacy) { - Buf.writeString(options.aid || this.aid); - } + Buf.writeString(options.aid || this.aid); Buf.sendParcel(); }, @@ -735,10 +710,6 @@ RilObject.prototype = { */ getIMSI: function(aid) { let Buf = this.context.Buf; - if (this.v5Legacy) { - Buf.simpleRequest(REQUEST_GET_IMSI); - return; - } Buf.newParcel(REQUEST_GET_IMSI); Buf.writeInt32(1); Buf.writeString(aid || this.aid); @@ -1848,13 +1819,7 @@ RilObject.prototype = { // Otherwise, it must be + 2 // // See also bug 901232 and 867873 - let radioTech; - if (this.v5Legacy) { - radioTech = this._isCdma ? DATACALL_RADIOTECHNOLOGY_CDMA - : DATACALL_RADIOTECHNOLOGY_GSM; - } else { - radioTech = options.radioTech + 2; - } + let radioTech = options.radioTech + 2; let Buf = this.context.Buf; let token = Buf.newParcel(REQUEST_SETUP_DATA_CALL, options); Buf.writeInt32(7); @@ -4479,9 +4444,7 @@ RilObject.prototype[REQUEST_GET_SIM_STATUS] = function REQUEST_GET_SIM_STATUS(le iccStatus.universalPINState = Buf.readInt32(); // CARD_PINSTATE_* iccStatus.gsmUmtsSubscriptionAppIndex = Buf.readInt32(); iccStatus.cdmaSubscriptionAppIndex = Buf.readInt32(); - if (!this.v5Legacy) { - iccStatus.imsSubscriptionAppIndex = Buf.readInt32(); - } + iccStatus.imsSubscriptionAppIndex = Buf.readInt32(); let apps_length = Buf.readInt32(); if (apps_length > CARD_MAX_APPS) { @@ -4677,13 +4640,11 @@ RilObject.prototype[REQUEST_SIGNAL_STRENGTH] = function REQUEST_SIGNAL_STRENGTH( signal.evdoECIO = Buf.readInt32(); signal.evdoSNR = Buf.readInt32(); - if (!this.v5Legacy) { - signal.lteSignalStrength = Buf.readInt32(); - signal.lteRSRP = Buf.readInt32(); - signal.lteRSRQ = Buf.readInt32(); - signal.lteRSSNR = Buf.readInt32(); - signal.lteCQI = Buf.readInt32(); - } + signal.lteSignalStrength = Buf.readInt32(); + signal.lteRSRP = Buf.readInt32(); + signal.lteRSRQ = Buf.readInt32(); + signal.lteRSSNR = Buf.readInt32(); + signal.lteCQI = Buf.readInt32(); if (DEBUG) this.context.debug("signal strength: " + JSON.stringify(signal)); @@ -4731,38 +4692,12 @@ RilObject.prototype[REQUEST_SEND_SMS] = function REQUEST_SEND_SMS(length, option }; RilObject.prototype[REQUEST_SEND_SMS_EXPECT_MORE] = null; -RilObject.prototype.readSetupDataCall_v5 = function readSetupDataCall_v5(options) { - if (!options) { - options = {}; - } - let [cid, ifname, addresses, dnses, gateways] = this.context.Buf.readStringList(); - options.cid = cid; - options.ifname = ifname; - options.addresses = addresses ? [addresses] : []; - options.dnses = dnses ? [dnses] : []; - options.gateways = gateways ? [gateways] : []; - options.active = DATACALL_ACTIVE_UNKNOWN; - options.state = GECKO_NETWORK_STATE_CONNECTING; - return options; -}; - RilObject.prototype[REQUEST_SETUP_DATA_CALL] = function REQUEST_SETUP_DATA_CALL(length, options) { if (options.errorMsg) { this.sendChromeMessage(options); return; } - if (this.v5Legacy) { - // Populate the `options` object with the data call information. That way - // we retain the APN and other info about how the data call was set up. - this.readSetupDataCall_v5(options); - this.sendChromeMessage(options); - // Let's get the list of data calls to ensure we know whether it's active - // or not. - this.getDataCallList(); - return; - } - let Buf = this.context.Buf; // Skip version of data call. Buf.readInt32(); @@ -5217,37 +5152,12 @@ RilObject.prototype[REQUEST_QUERY_CLIP] = function REQUEST_QUERY_CLIP(length, op RilObject.prototype[REQUEST_LAST_DATA_CALL_FAIL_CAUSE] = null; /** - * V3: - * # address - A space-delimited list of addresses. - * - * V4: - * # address - An address. - * - * V5: - * # addresses - A space-delimited list of addresses. - * # dnses - A space-delimited list of DNS server addresses. - * * V6: * # addresses - A space-delimited list of addresses with optional "/" prefix * length. * # dnses - A space-delimited list of DNS server addresses. * # gateways - A space-delimited list of default gateway addresses. */ -RilObject.prototype.readDataCall_v5 = function(options) { - if (!options) { - options = {}; - } - let Buf = this.context.Buf; - options.cid = Buf.readInt32().toString(); - options.active = Buf.readInt32(); // DATACALL_ACTIVE_* - options.type = Buf.readString(); - options.apn = Buf.readString(); - options.addresses = Buf.readString(); - options.dnses = Buf.readString(); - options.gateways = []; - - return options; -}; RilObject.prototype.readDataCall_v6 = function(options) { if (!options) { @@ -5287,19 +5197,12 @@ RilObject.prototype[REQUEST_DATA_CALL_LIST] = function REQUEST_DATA_CALL_LIST(le } let Buf = this.context.Buf; - let version = 0; - if (!this.v5Legacy) { - version = Buf.readInt32(); - } + let version = Buf.readInt32(); let num = Buf.readInt32(); let datacalls = []; for (let i = 0; i < num; i++) { let datacall; - if (version < 6) { - datacall = this.readDataCall_v5(); - } else { - datacall = this.readDataCall_v6(); - } + datacall = this.readDataCall_v6(); datacalls.push(datacall); } @@ -5716,28 +5619,12 @@ RilObject.prototype[UNSOLICITED_RESPONSE_RADIO_STATE_CHANGED] = function UNSOLIC return; } - switch (radioState) { - case RADIO_STATE_SIM_READY: - case RADIO_STATE_SIM_NOT_READY: - case RADIO_STATE_SIM_LOCKED_OR_ABSENT: - this._isCdma = false; - this._waitingRadioTech = false; - break; - case RADIO_STATE_RUIM_READY: - case RADIO_STATE_RUIM_NOT_READY: - case RADIO_STATE_RUIM_LOCKED_OR_ABSENT: - case RADIO_STATE_NV_READY: - case RADIO_STATE_NV_NOT_READY: - this._isCdma = true; - this._waitingRadioTech = false; - break; - case RADIO_STATE_ON: // RIL v7 - // This value is defined in RIL v7, we will retrieve radio tech by another - // request. We leave _isCdma untouched, and it will be set once we get the - // radio technology. - this._waitingRadioTech = true; - this.getVoiceRadioTechnology(); - break; + if (radioState == RADIO_STATE_ON) { + // This value is defined in RIL v7, we will retrieve radio tech by another + // request. We leave _isCdma untouched, and it will be set once we get the + // radio technology. + this._waitingRadioTech = true; + this.getVoiceRadioTechnology(); } if ((this.radioState == GECKO_RADIOSTATE_UNKNOWN || @@ -5889,10 +5776,6 @@ RilObject.prototype[UNSOLICITED_SIGNAL_STRENGTH] = function UNSOLICITED_SIGNAL_S this[REQUEST_SIGNAL_STRENGTH](length, {}); }; RilObject.prototype[UNSOLICITED_DATA_CALL_LIST_CHANGED] = function UNSOLICITED_DATA_CALL_LIST_CHANGED(length) { - if (this.v5Legacy) { - this.getDataCallList(); - return; - } this[REQUEST_DATA_CALL_LIST](length, {}); }; RilObject.prototype[UNSOLICITED_SUPP_SVC_NOTIFICATION] = function UNSOLICITED_SUPP_SVC_NOTIFICATION(length) { @@ -6034,10 +5917,8 @@ RilObject.prototype[UNSOLICITED_RIL_CONNECTED] = function UNSOLICITED_RIL_CONNEC } this.version = this.context.Buf.readInt32List()[0]; - this.v5Legacy = (this.version < 5); if (DEBUG) { this.context.debug("Detected RIL version " + this.version); - this.context.debug("this.v5Legacy is " + this.v5Legacy); } this.initRILState(); @@ -15542,7 +15423,6 @@ let ContextPool = { let quirks = aOptions.quirks; RILQUIRKS_CALLSTATE_EXTRA_UINT32 = quirks.callstateExtraUint32; - RILQUIRKS_V5_LEGACY = quirks.v5Legacy; RILQUIRKS_REQUEST_USE_DIAL_EMERGENCY_CALL = quirks.requestUseDialEmergencyCall; RILQUIRKS_SIM_APP_STATE_EXTRA_FIELDS = quirks.simAppStateExtraFields; RILQUIRKS_EXTRA_UINT32_2ND_CALL = quirks.extraUint2ndCall; From 77b3aa9556ce55f1878ccae4b21d108136854bc0 Mon Sep 17 00:00:00 2001 From: brian37ful Date: Wed, 10 Jun 2015 03:04:00 +0200 Subject: [PATCH 015/297] Bug 999300 - Part 2: Update the related testcases. r=edgar --- .../tests/test_ril_worker_icc_CardLock.js | 34 ++++++------------- .../test_ril_worker_icc_ICCRecordHelper.js | 24 +++++-------- .../test_ril_worker_icc_SimRecordHelper.js | 6 ++-- 3 files changed, 20 insertions(+), 44 deletions(-) diff --git a/dom/system/gonk/tests/test_ril_worker_icc_CardLock.js b/dom/system/gonk/tests/test_ril_worker_icc_CardLock.js index c0eb0d919bf..dc7eb93b9dc 100644 --- a/dom/system/gonk/tests/test_ril_worker_icc_CardLock.js +++ b/dom/system/gonk/tests/test_ril_worker_icc_CardLock.js @@ -16,7 +16,6 @@ add_test(function test_icc_get_card_lock_enabled() { let buf = context.Buf; let ril = context.RIL; ril.aid = "123456789"; - ril.v5Legacy = false; function do_test(aLock) { const serviceClass = ICC_SERVICE_CLASS_VOICE | @@ -32,13 +31,11 @@ add_test(function test_icc_get_card_lock_enabled() { // Data let parcel = this.readStringList(); - equal(parcel.length, ril.v5Legacy ? 3 : 4); + equal(parcel.length, 4); equal(parcel[0], GECKO_CARDLOCK_TO_FACILITY[aLock]); equal(parcel[1], ""); equal(parcel[2], serviceClass.toString()); - if (!ril.v5Legacy) { - equal(parcel[3], ril.aid); - } + equal(parcel[3], ril.aid); }; ril.iccGetCardLockEnabled({lockType: aLock}); @@ -87,7 +84,6 @@ add_test(function test_icc_set_card_lock_enabled() { let buf = context.Buf; let ril = context.RIL; ril.aid = "123456789"; - ril.v5Legacy = false; function do_test(aLock, aPassword, aEnabled) { const serviceClass = ICC_SERVICE_CLASS_VOICE | @@ -103,14 +99,12 @@ add_test(function test_icc_set_card_lock_enabled() { // Data let parcel = this.readStringList(); - equal(parcel.length, ril.v5Legacy ? 4 : 5); + equal(parcel.length, 5); equal(parcel[0], GECKO_CARDLOCK_TO_FACILITY[aLock]); equal(parcel[1], aEnabled ? "1" : "0"); equal(parcel[2], aPassword); equal(parcel[3], serviceClass.toString()); - if (!ril.v5Legacy) { - equal(parcel[4], ril.aid); - } + equal(parcel[4], ril.aid); }; ril.iccSetCardLockEnabled({ @@ -151,12 +145,10 @@ add_test(function test_icc_change_card_lock_password() { // Data let parcel = this.readStringList(); - equal(parcel.length, ril.v5Legacy ? 2 : 3); + equal(parcel.length, 3); equal(parcel[0], aPassword); equal(parcel[1], aNewPassword); - if (!ril.v5Legacy) { - equal(parcel[2], ril.aid); - } + equal(parcel[2], ril.aid); }; ril.iccChangeCardLockPassword({ @@ -180,7 +172,6 @@ add_test(function test_icc_unlock_card_lock_pin() { let ril = context.RIL; let buf = context.Buf; ril.aid = "123456789"; - ril.v5Legacy = false; function do_test(aLock, aPassword) { let GECKO_CARDLOCK_TO_REQUEST = {}; @@ -196,11 +187,9 @@ add_test(function test_icc_unlock_card_lock_pin() { // Data let parcel = this.readStringList(); - equal(parcel.length, ril.v5Legacy ? 1 : 2); + equal(parcel.length, 2); equal(parcel[0], aPassword); - if (!ril.v5Legacy) { - equal(parcel[1], ril.aid); - } + equal(parcel[1], ril.aid); }; ril.iccUnlockCardLock({ @@ -224,7 +213,6 @@ add_test(function test_icc_unlock_card_lock_puk() { let ril = context.RIL; let buf = context.Buf; ril.aid = "123456789"; - ril.v5Legacy = false; function do_test(aLock, aPassword, aNewPin) { let GECKO_CARDLOCK_TO_REQUEST = {}; @@ -240,12 +228,10 @@ add_test(function test_icc_unlock_card_lock_puk() { // Data let parcel = this.readStringList(); - equal(parcel.length, ril.v5Legacy ? 2 : 3); + equal(parcel.length, 3); equal(parcel[0], aPassword); equal(parcel[1], aNewPin); - if (!ril.v5Legacy) { - equal(parcel[2], ril.aid); - } + equal(parcel[2], ril.aid); }; ril.iccUnlockCardLock({ diff --git a/dom/system/gonk/tests/test_ril_worker_icc_ICCRecordHelper.js b/dom/system/gonk/tests/test_ril_worker_icc_ICCRecordHelper.js index 9f90d9201d2..d9d2bc17b73 100644 --- a/dom/system/gonk/tests/test_ril_worker_icc_ICCRecordHelper.js +++ b/dom/system/gonk/tests/test_ril_worker_icc_ICCRecordHelper.js @@ -204,10 +204,8 @@ add_test(function test_update_email() { // pin2. equal(this.readString(), null); - if (!ril.v5Legacy) { - // AID. Ignore because it's from modem. - this.readInt32(); - } + // AID. Ignore because it's from modem. + this.readInt32(); if (count == NUM_TESTS) { run_next_test(); @@ -350,10 +348,8 @@ add_test(function test_update_anr() { // pin2. equal(this.readString(), null); - if (!ril.v5Legacy) { - // AID. Ignore because it's from modem. - this.readInt32(); - } + // AID. Ignore because it's from modem. + this.readInt32(); if (count == NUM_TESTS) { run_next_test(); @@ -487,10 +483,8 @@ add_test(function test_update_iap() { // pin2. equal(this.readString(), null); - if (!ril.v5Legacy) { - // AID. Ignore because it's from modem. - this.readInt32(); - } + // AID. Ignore because it's from modem. + this.readInt32(); run_next_test(); }; @@ -563,10 +557,8 @@ add_test(function test_update_adn_like() { equal(this.readString(), "1111"); } - if (!ril.v5Legacy) { - // AID. Ignore because it's from modem. - this.readInt32(); - } + // AID. Ignore because it's from modem. + this.readInt32(); if (fileId == ICC_EF_FDN) { run_next_test(); diff --git a/dom/system/gonk/tests/test_ril_worker_icc_SimRecordHelper.js b/dom/system/gonk/tests/test_ril_worker_icc_SimRecordHelper.js index adb6eb7eefb..cd6e88f94ee 100644 --- a/dom/system/gonk/tests/test_ril_worker_icc_SimRecordHelper.js +++ b/dom/system/gonk/tests/test_ril_worker_icc_SimRecordHelper.js @@ -355,10 +355,8 @@ add_test(function test_update_mwis() { // pin2. equal(this.readString(), null); - if (!ril.v5Legacy) { - // AID. Ignore because it's from modem. - this.readInt32(); - } + // AID. Ignore because it's from modem. + this.readInt32(); }; ok(!isUpdated); From 0d59a32f87537fdfb9aa674cc622dcc17d1ab00f Mon Sep 17 00:00:00 2001 From: Henry Chang Date: Wed, 27 May 2015 16:20:23 +0800 Subject: [PATCH 016/297] Bug 1166660 - Use custom hostapd for testing and restart the hostapd after re-enabling wifi. r=vchang. There are a couple of reasons which make this test case failed on KK emulator. The first one is the stock hostapd is no longer available for unknown reason and the second one is that the the scan behavior is weird after re-enabling wifi. There is no perfect solution for these two issue. For testing purpose, we can use the custom hostapd instead of stock hostapd and restart the hostapd after re-enabling wifi. The test coverage remains the same after applying these changes. --- .../test/marionette/test_wifi_auto_connect.js | 30 +++++++++++++++++-- 1 file changed, 28 insertions(+), 2 deletions(-) diff --git a/dom/wifi/test/marionette/test_wifi_auto_connect.js b/dom/wifi/test/marionette/test_wifi_auto_connect.js index fef0289037b..7add9f03dce 100644 --- a/dom/wifi/test/marionette/test_wifi_auto_connect.js +++ b/dom/wifi/test/marionette/test_wifi_auto_connect.js @@ -4,15 +4,41 @@ MARIONETTE_TIMEOUT = 60000; MARIONETTE_HEAD_JS = 'head.js'; -gTestSuite.doTest(function() { +const TESTING_HOSTAPD = [{ ssid: 'ap0' }]; + +gTestSuite.doTestWithoutStockAp(function() { let firstNetwork; return gTestSuite.ensureWifiEnabled(true) + // Start custom hostapd for testing. + .then(() => gTestSuite.startHostapds(TESTING_HOSTAPD)) + .then(() => gTestSuite.verifyNumOfProcesses('hostapd', TESTING_HOSTAPD.length)) + + // Request the first scan. .then(gTestSuite.requestWifiScan) .then(function(networks) { firstNetwork = networks[0]; return gTestSuite.testAssociate(firstNetwork); }) + + // Note that due to Bug 1168285, we need to re-start testing hostapd + // after wifi has been re-enabled. + + // Disable wifi and kill running hostapd. .then(() => gTestSuite.requestWifiEnabled(false)) + .then(gTestSuite.killAllHostapd) + .then(() => gTestSuite.verifyNumOfProcesses('hostapd', 0)) + + // Re-enable wifi. .then(() => gTestSuite.requestWifiEnabled(true)) - .then(() => gTestSuite.waitForConnected(firstNetwork)); + + // Restart hostapd. + .then(() => gTestSuite.startHostapds(TESTING_HOSTAPD)) + .then(() => gTestSuite.verifyNumOfProcesses('hostapd', TESTING_HOSTAPD.length)) + + // Wait for connection automatically. + .then(() => gTestSuite.waitForConnected(firstNetwork)) + + // Kill running hostapd. + .then(gTestSuite.killAllHostapd) + .then(() => gTestSuite.verifyNumOfProcesses('hostapd', 0)) }); From ec7834c7a825b38ea1634a2d2754a6c5292c6776 Mon Sep 17 00:00:00 2001 From: hchang Date: Tue, 26 May 2015 03:09:00 +0200 Subject: [PATCH 017/297] Bug 1167099 - Fix wifi tethering test case on KK emulator. r=vchang. --- dom/wifi/test/marionette/head.js | 18 +++++++++++++++- .../test_wifi_tethering_wifi_active.js | 21 ++++++++++++++++--- 2 files changed, 35 insertions(+), 4 deletions(-) diff --git a/dom/wifi/test/marionette/head.js b/dom/wifi/test/marionette/head.js index 7983c48a9c2..2006e65c5c4 100644 --- a/dom/wifi/test/marionette/head.js +++ b/dom/wifi/test/marionette/head.js @@ -50,6 +50,7 @@ let gTestSuite = (function() { let wifiManager; let wifiOrigEnabled; let pendingEmulatorShellCount = 0; + let sdkVersion; /** * A wrapper function of "is". @@ -1179,7 +1180,13 @@ let gTestSuite = (function() { // when tethering is enabled. 'MASQUERADE' shouldn't be found when tethering // is disabled. function verifyIptables() { - return runEmulatorShellSafe(['iptables', '-t', 'nat', '-L', 'POSTROUTING']) + let MASQUERADE_checkSection = 'POSTROUTING'; + if (sdkVersion > 15) { + // Check 'natctrl_nat_POSTROUTING' section after ICS. + MASQUERADE_checkSection = 'natctrl_nat_POSTROUTING'; + } + + return runEmulatorShellSafe(['iptables', '-t', 'nat', '-L', MASQUERADE_checkSection]) .then(function(aLines) { // $ iptables -t nat -L POSTROUTING // @@ -1273,6 +1280,10 @@ let gTestSuite = (function() { throw 'window.navigator.mozWifiManager is NULL'; } wifiOrigEnabled = wifiManager.enabled; + }) + .then(() => runEmulatorShellSafe(['getprop', 'ro.build.version.sdk'])) + .then(aLines => { + sdkVersion = parseInt(aLines[0]); }); } @@ -1397,7 +1408,12 @@ let gTestSuite = (function() { return suite.doTest(function() { return verifyInitialState() .then(initTetheringTestEnvironment) + // Since stock hostapd is not reliable after ICS, we just + // turn off potential stock hostapd during testing to avoid + // interference. + .then(stopStockHostapd) .then(aTestCaseChain) + .then(startStockHostapd) .then(restoreToInitialState, function onreject(aReason) { return restoreToInitialState() .then(() => { throw aReason; }); // Re-throw the orignal reject reason. diff --git a/dom/wifi/test/marionette/test_wifi_tethering_wifi_active.js b/dom/wifi/test/marionette/test_wifi_tethering_wifi_active.js index 0630c3bcb7a..af0df01a094 100644 --- a/dom/wifi/test/marionette/test_wifi_tethering_wifi_active.js +++ b/dom/wifi/test/marionette/test_wifi_tethering_wifi_active.js @@ -4,6 +4,8 @@ MARIONETTE_TIMEOUT = 60000; MARIONETTE_HEAD_JS = 'head.js'; +const TESTING_HOSTAPD = [{ ssid: 'ap0' }]; + function connectToFirstNetwork() { let firstNetwork; return gTestSuite.requestWifiScan() @@ -18,6 +20,11 @@ gTestSuite.doTestTethering(function() { let firstNetwork; return gTestSuite.ensureWifiEnabled(true) + // Start custom hostapd for testing. + .then(() => gTestSuite.startHostapds(TESTING_HOSTAPD)) + .then(() => gTestSuite.verifyNumOfProcesses('hostapd', TESTING_HOSTAPD.length)) + + // Connect to the testing AP and wait for data becoming disconnected. .then(function () { return Promise.all([ // 1) Set up the event listener first: @@ -46,8 +53,12 @@ gTestSuite.doTestTethering(function() { // Wifi should be enabled, RIL data should become disconnected and // we should connect to an wifi AP. gTestSuite.waitForWifiManagerEventOnce('enabled'), - gTestSuite.waitForRilDataConnected(false), - gTestSuite.waitForConnected(firstNetwork), + + // Due to Bug 1168285, after re-enablin wifi, the remembered network + // will not be connected automatically. Leave "auto connect test" + // covered by test_wifi_auto_connect.js. + //gTestSuite.waitForRilDataConnected(false), + //gTestSuite.waitForConnected(firstNetwork), // 2) Stop wifi tethering. gTestSuite.requestTetheringEnabled(false) @@ -55,5 +66,9 @@ gTestSuite.doTestTethering(function() { }) // Remove wlan0 from default route by disabling wifi. Otherwise, // it will cause the subsequent test cases loading page error. - .then(() => gTestSuite.requestWifiEnabled(false)); + .then(() => gTestSuite.requestWifiEnabled(false)) + + // Kill running hostapd. + .then(gTestSuite.killAllHostapd) + .then(() => gTestSuite.verifyNumOfProcesses('hostapd', 0)); }); \ No newline at end of file From a4286b5da324f1a0c8adf48f2e90a5cc6dcc97c5 Mon Sep 17 00:00:00 2001 From: hchang Date: Mon, 8 Jun 2015 23:42:00 +0200 Subject: [PATCH 018/297] Bug 1167466 - Prevent from previous failed DHCP callback interferring ongoing DHCP request. r=vchang. --- dom/wifi/WifiNetUtil.jsm | 6 ++++-- dom/wifi/WifiWorker.js | 9 ++++++++- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/dom/wifi/WifiNetUtil.jsm b/dom/wifi/WifiNetUtil.jsm index cef206822b4..2a18665150b 100644 --- a/dom/wifi/WifiNetUtil.jsm +++ b/dom/wifi/WifiNetUtil.jsm @@ -30,10 +30,12 @@ this.WifiNetUtil = function(controlMessage) { var util = {}; - util.runDhcp = function (ifname, callback) { + util.runDhcp = function (ifname, gen, callback) { util.stopDhcp(ifname, function() { gNetworkService.dhcpRequest(ifname, function(success, dhcpInfo) { - util.runIpConfig(ifname, dhcpInfo, callback); + util.runIpConfig(ifname, dhcpInfo, function(data) { + callback(data, gen); + }); }); }); }; diff --git a/dom/wifi/WifiWorker.js b/dom/wifi/WifiWorker.js index 22b989cbf8c..dd1d1dc691f 100644 --- a/dom/wifi/WifiWorker.js +++ b/dom/wifi/WifiWorker.js @@ -637,6 +637,8 @@ var WifiManager = (function() { wifiCommand.connectToSupplicant(connectCallback); } + let dhcpRequestGen = 0; + function onconnected() { // For now we do our own DHCP. In the future, this should be handed // off to the Network Manager. @@ -652,9 +654,14 @@ var WifiManager = (function() { runStaticIp(manager.ifname, key); return; } - netUtil.runDhcp(manager.ifname, function(data) { + netUtil.runDhcp(manager.ifname, dhcpRequestGen++, function(data, gen) { dhcpInfo = data.info; + debug('dhcpRequestGen: ' + dhcpRequestGen + ', gen: ' + gen); if (!dhcpInfo) { + if (gen + 1 < dhcpRequestGen) { + debug('Do not bother younger DHCP request.'); + return; + } if (++manager.dhcpFailuresCount >= MAX_RETRIES_ON_DHCP_FAILURE) { manager.dhcpFailuresCount = 0; notify("disconnected", {connectionInfo: manager.connectionInfo}); From efa6ebbf99018b15c6f8577cce0afc0cd480a2c0 Mon Sep 17 00:00:00 2001 From: Bruce Sun Date: Thu, 11 Jun 2015 18:01:00 +0800 Subject: [PATCH 019/297] Bug 1171866 - Remove ReversedUuidToString; f=tzimmermann, r=jocelyn --- dom/bluetooth/BluetoothUtils.cpp | 13 +-- dom/bluetooth/BluetoothUtils.h | 13 --- .../BluetoothDaemonGattInterface.cpp | 4 +- .../bluedroid/BluetoothDaemonHelpers.cpp | 4 +- .../bluedroid/BluetoothDaemonHelpers.h | 104 ++++++++++++++++++ .../bluedroid/BluetoothHALHelpers.cpp | 24 +++- 6 files changed, 132 insertions(+), 30 deletions(-) diff --git a/dom/bluetooth/BluetoothUtils.cpp b/dom/bluetooth/BluetoothUtils.cpp index a3f1a834e23..cd7fb631fc4 100644 --- a/dom/bluetooth/BluetoothUtils.cpp +++ b/dom/bluetooth/BluetoothUtils.cpp @@ -42,17 +42,6 @@ UuidToString(const BluetoothUuid& aUuid, nsAString& aString) aString.AssignLiteral(uuidStr); } -void -ReversedUuidToString(const BluetoothUuid& aUuid, nsAString& aString) -{ - BluetoothUuid uuid; - for (uint8_t i = 0; i < 16; i++) { - uuid.mUuid[i] = aUuid.mUuid[15 - i]; - } - - UuidToString(uuid, aString); -} - void StringToUuid(const char* aString, BluetoothUuid& aUuid) { @@ -103,7 +92,7 @@ GeneratePathFromGattId(const BluetoothGattId& aId, nsAString& aPath, nsAString& aUuidStr) { - ReversedUuidToString(aId.mUuid, aUuidStr); + UuidToString(aId.mUuid, aUuidStr); aPath.Assign(aUuidStr); aPath.AppendLiteral("_"); diff --git a/dom/bluetooth/BluetoothUtils.h b/dom/bluetooth/BluetoothUtils.h index 666a94094c3..02f00a64e98 100644 --- a/dom/bluetooth/BluetoothUtils.h +++ b/dom/bluetooth/BluetoothUtils.h @@ -29,19 +29,6 @@ class BluetoothValue; void UuidToString(const BluetoothUuid& aUuid, nsAString& aString); -/** - * Convert BluetoothUuid object in a reversed byte order to - * xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx uuid string. - * Bluedroid stack reports the BluetoothUuid in a reversed byte order for - * GATT service, characteristic, descriptor uuids. - * - * Note: This utility function is used by gecko internal only to convert - * BluetoothUuid in a reversed byte order created by bluetooth stack to uuid - * string representation. - */ -void -ReversedUuidToString(const BluetoothUuid& aUuid, nsAString& aString); - /** * Convert xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxx uuid string to BluetoothUuid object. * diff --git a/dom/bluetooth/bluedroid/BluetoothDaemonGattInterface.cpp b/dom/bluetooth/bluedroid/BluetoothDaemonGattInterface.cpp index 905247071b5..5c0e5f83062 100644 --- a/dom/bluetooth/bluedroid/BluetoothDaemonGattInterface.cpp +++ b/dom/bluetooth/bluedroid/BluetoothDaemonGattInterface.cpp @@ -259,7 +259,9 @@ BluetoothDaemonGattModule::ClientSearchServiceCmd( 16)); // UUID nsresult rv = PackPDU(PackConversion(aConnId), - PackConversion(aFiltered), aUuid, *pdu); + PackConversion(aFiltered), + PackReversed(aUuid), + *pdu); if (NS_FAILED(rv)) { return rv; } diff --git a/dom/bluetooth/bluedroid/BluetoothDaemonHelpers.cpp b/dom/bluetooth/bluedroid/BluetoothDaemonHelpers.cpp index b9da3f38b2f..5d2b17ed346 100644 --- a/dom/bluetooth/bluedroid/BluetoothDaemonHelpers.cpp +++ b/dom/bluetooth/bluedroid/BluetoothDaemonHelpers.cpp @@ -1409,7 +1409,7 @@ PackPDU(const BluetoothUuid& aIn, BluetoothDaemonPDU& aPDU) nsresult PackPDU(const BluetoothGattId& aIn, BluetoothDaemonPDU& aPDU) { - nsresult rv = PackPDU(aIn.mUuid, aPDU); + nsresult rv = PackPDU(PackReversed(aIn.mUuid), aPDU); if (NS_FAILED(rv)) { return rv; } @@ -1734,7 +1734,7 @@ nsresult UnpackPDU(BluetoothDaemonPDU& aPDU, BluetoothGattId& aOut) { /* unpack UUID */ - nsresult rv = UnpackPDU(aPDU, aOut.mUuid); + nsresult rv = UnpackPDU(aPDU, UnpackReversed(aOut.mUuid)); if (NS_FAILED(rv)) { return rv; } diff --git a/dom/bluetooth/bluedroid/BluetoothDaemonHelpers.h b/dom/bluetooth/bluedroid/BluetoothDaemonHelpers.h index 05e04ab24e2..6d16109ef06 100644 --- a/dom/bluetooth/bluedroid/BluetoothDaemonHelpers.h +++ b/dom/bluetooth/bluedroid/BluetoothDaemonHelpers.h @@ -579,6 +579,57 @@ PackPDU(const PackCString0& aIn, BluetoothDaemonPDU& aPDU) aIn.mString.Length() + 1), aPDU); } +/* |PackReversed| is a helper for packing data in reversed order. Pass an + * instance of this structure as the first argument to |PackPDU| to pack data + * in reversed order. + */ +template +struct PackReversed +{ + PackReversed(const T& aValue) + : mValue(aValue) + { } + + const T& mValue; +}; + +/* No general rules to pack data in reversed order. Signal a link error if the + * type |T| of |PackReversed| is not defined explicitly. + */ +template +nsresult +PackPDU(const PackReversed& aIn, BluetoothDaemonPDU& aPDU); + +/* This implementation of |PackPDU| packs elements in |PackArray| in reversed + * order. (ex. reversed GATT UUID, see bug 1171866) + */ +template +inline nsresult +PackPDU(const PackReversed>& aIn, BluetoothDaemonPDU& aPDU) +{ + for (size_t i = 0; i < aIn.mValue.mLength; ++i) { + nsresult rv = PackPDU(aIn.mValue.mData[aIn.mValue.mLength - i - 1], aPDU); + if (NS_FAILED(rv)) { + return rv; + } + } + return NS_OK; +} + +/* This implementation of |PackPDU| packs |BluetoothUuid| in reversed order. + * (ex. reversed GATT UUID, see bug 1171866) + */ +template <> +inline nsresult +PackPDU(const PackReversed& aIn, + BluetoothDaemonPDU& aPDU) +{ + return PackPDU( + PackReversed>( + PackArray(aIn.mValue.mUuid, sizeof(aIn.mValue.mUuid))), + aPDU); +} + template inline nsresult PackPDU(const T1& aIn1, const T2& aIn2, BluetoothDaemonPDU& aPDU) @@ -1099,6 +1150,59 @@ struct UnpackString0 nsresult UnpackPDU(BluetoothDaemonPDU& aPDU, const UnpackString0& aOut); +/* |UnpackReversed| is a helper for unpacking data in reversed order. Pass an + * instance of this structure as the second argument to |UnpackPDU| to unpack + * data in reversed order. + */ +template +struct UnpackReversed +{ + UnpackReversed(T& aValue) + : mValue(&aValue) + { } + + UnpackReversed(T&& aValue) + : mValue(&aValue) + { } + + T* mValue; +}; + +/* No general rules to unpack data in reversed order. Signal a link error if + * the type |T| of |UnpackReversed| is not defined explicitly. + */ +template +nsresult +UnpackPDU(BluetoothDaemonPDU& aPDU, const UnpackReversed& aOut); + +template +inline nsresult +UnpackPDU(BluetoothDaemonPDU& aPDU, const UnpackReversed>& aOut) +{ + for (size_t i = 0; i < aOut.mValue->mLength; ++i) { + nsresult rv = UnpackPDU(aPDU, + aOut.mValue->mData[aOut.mValue->mLength - i - 1]); + if (NS_FAILED(rv)) { + return rv; + } + } + return NS_OK; +} + +/* This implementation of |UnpackPDU| unpacks |BluetoothUuid| in reversed + * order. (ex. reversed GATT UUID, see bug 1171866) + */ +template<> +inline nsresult +UnpackPDU(BluetoothDaemonPDU& aPDU, + const UnpackReversed& aOut) +{ + return UnpackPDU( + aPDU, + UnpackReversed>( + UnpackArray(aOut.mValue->mUuid, sizeof(aOut.mValue->mUuid)))); +} + // // Init operators // diff --git a/dom/bluetooth/bluedroid/BluetoothHALHelpers.cpp b/dom/bluetooth/bluedroid/BluetoothHALHelpers.cpp index 89715c77da8..cf8083d795a 100644 --- a/dom/bluetooth/bluedroid/BluetoothHALHelpers.cpp +++ b/dom/bluetooth/bluedroid/BluetoothHALHelpers.cpp @@ -234,15 +234,35 @@ Convert(const btrc_player_settings_t& aIn, BluetoothAvrcpPlayerSettings& aOut) nsresult Convert(const BluetoothGattId& aIn, btgatt_gatt_id_t& aOut) { + nsresult rv = Convert(aIn.mUuid, aOut.uuid); + if (NS_FAILED(rv)) { + return rv; + } + // HAL uses reversed UUID for GATT + for (uint8_t i = 0; i < sizeof(aOut.uuid.uu) / 2; i++) { + auto temp = aOut.uuid.uu[i]; + aOut.uuid.uu[i] = aOut.uuid.uu[sizeof(aOut.uuid.uu) - i - 1]; + aOut.uuid.uu[sizeof(aOut.uuid.uu) - i - 1] = temp; + } aOut.inst_id = aIn.mInstanceId; - return Convert(aIn.mUuid, aOut.uuid); + return NS_OK; } nsresult Convert(const btgatt_gatt_id_t& aIn, BluetoothGattId& aOut) { + nsresult rv = Convert(aIn.uuid, aOut.mUuid); + if (NS_FAILED(rv)) { + return rv; + } + // HAL uses reversed UUID for GATT + for (uint8_t i = 0; i < sizeof(aOut.mUuid.mUuid) / 2; i++) { + auto temp = aOut.mUuid.mUuid[i]; + aOut.mUuid.mUuid[i] = aOut.mUuid.mUuid[sizeof(aOut.mUuid.mUuid) - i - 1]; + aOut.mUuid.mUuid[sizeof(aOut.mUuid.mUuid) - i - 1] = temp; + } aOut.mInstanceId = aIn.inst_id; - return Convert(aIn.uuid, aOut.mUuid); + return NS_OK; } nsresult From 39bbe8ff1da9f84a5afaf9f1e6c7ac9ba5ad721e Mon Sep 17 00:00:00 2001 From: Bruce Sun Date: Thu, 11 Jun 2015 18:06:43 +0800 Subject: [PATCH 020/297] Bug 1171868 - Remove GeneratePathFromGattId(aId, aPath, aUuidStr); r=jocelyn --- dom/bluetooth/BluetoothUtils.cpp | 18 +++++------------- dom/bluetooth/BluetoothUtils.h | 12 ------------ .../bluetooth2/BluetoothGattCharacteristic.cpp | 7 ++++--- .../bluetooth2/BluetoothGattDescriptor.cpp | 7 ++++--- .../bluetooth2/BluetoothGattService.cpp | 7 ++++--- 5 files changed, 17 insertions(+), 34 deletions(-) diff --git a/dom/bluetooth/BluetoothUtils.cpp b/dom/bluetooth/BluetoothUtils.cpp index cd7fb631fc4..4bad56936c0 100644 --- a/dom/bluetooth/BluetoothUtils.cpp +++ b/dom/bluetooth/BluetoothUtils.cpp @@ -87,24 +87,16 @@ GenerateUuid(nsAString &aUuidString) aUuidString.Assign(Substring(uuidString, 1, NSID_LENGTH - 3)); } -void -GeneratePathFromGattId(const BluetoothGattId& aId, - nsAString& aPath, - nsAString& aUuidStr) -{ - UuidToString(aId.mUuid, aUuidStr); - - aPath.Assign(aUuidStr); - aPath.AppendLiteral("_"); - aPath.AppendInt(aId.mInstanceId); -} - void GeneratePathFromGattId(const BluetoothGattId& aId, nsAString& aPath) { nsString uuidStr; - GeneratePathFromGattId(aId, aPath, uuidStr); + UuidToString(aId.mUuid, uuidStr); + + aPath.Assign(uuidStr); + aPath.AppendLiteral("_"); + aPath.AppendInt(aId.mInstanceId); } void diff --git a/dom/bluetooth/BluetoothUtils.h b/dom/bluetooth/BluetoothUtils.h index 02f00a64e98..a8a05ea1046 100644 --- a/dom/bluetooth/BluetoothUtils.h +++ b/dom/bluetooth/BluetoothUtils.h @@ -50,18 +50,6 @@ GenerateUuid(nsAString &aUuidString); // Generate bluetooth signal path from GattId // -/** - * Generate bluetooth signal path and UUID string from a GattId. - * - * @param aId [in] GattId value to convert. - * @param aPath [out] Bluetooth signal path generated from aId. - * @param aUuidStr [out] UUID string generated from aId. - */ -void -GeneratePathFromGattId(const BluetoothGattId& aId, - nsAString& aPath, - nsAString& aUuidStr); - /** * Generate bluetooth signal path from a GattId. * diff --git a/dom/bluetooth/bluetooth2/BluetoothGattCharacteristic.cpp b/dom/bluetooth/bluetooth2/BluetoothGattCharacteristic.cpp index f6dfe825ba7..6ffde7262f2 100644 --- a/dom/bluetooth/bluetooth2/BluetoothGattCharacteristic.cpp +++ b/dom/bluetooth/bluetooth2/BluetoothGattCharacteristic.cpp @@ -68,10 +68,11 @@ BluetoothGattCharacteristic::BluetoothGattCharacteristic( MOZ_ASSERT(aOwner); MOZ_ASSERT(mService); - // Generate bluetooth signal path and a string representation to provide uuid - // of this characteristic to applications + UuidToString(mCharId.mUuid, mUuidStr); + + // Generate bluetooth signal path of this characteristic to applications nsString path; - GeneratePathFromGattId(mCharId, path, mUuidStr); + GeneratePathFromGattId(mCharId, path); RegisterBluetoothSignalHandler(path, this); } diff --git a/dom/bluetooth/bluetooth2/BluetoothGattDescriptor.cpp b/dom/bluetooth/bluetooth2/BluetoothGattDescriptor.cpp index 1340b31dcce..95c3b26a533 100644 --- a/dom/bluetooth/bluetooth2/BluetoothGattDescriptor.cpp +++ b/dom/bluetooth/bluetooth2/BluetoothGattDescriptor.cpp @@ -63,10 +63,11 @@ BluetoothGattDescriptor::BluetoothGattDescriptor( MOZ_ASSERT(aOwner); MOZ_ASSERT(aCharacteristic); - // Generate bluetooth signal path and a string representation to provide uuid - // of this descriptor to applications + UuidToString(mDescriptorId.mUuid, mUuidStr); + + // Generate bluetooth signal path of this descriptor to applications nsString path; - GeneratePathFromGattId(mDescriptorId, path, mUuidStr); + GeneratePathFromGattId(mDescriptorId, path); RegisterBluetoothSignalHandler(path, this); } diff --git a/dom/bluetooth/bluetooth2/BluetoothGattService.cpp b/dom/bluetooth/bluetooth2/BluetoothGattService.cpp index 8a5a945f383..50e05a6c8ea 100644 --- a/dom/bluetooth/bluetooth2/BluetoothGattService.cpp +++ b/dom/bluetooth/bluetooth2/BluetoothGattService.cpp @@ -62,10 +62,11 @@ BluetoothGattService::BluetoothGattService( MOZ_ASSERT(aOwner); MOZ_ASSERT(!mAppUuid.IsEmpty()); - // Generate bluetooth signal path and a string representation to provide - // uuid of this service to applications + UuidToString(mServiceId.mId.mUuid, mUuidStr); + + // Generate bluetooth signal path of this service to applications nsString path; - GeneratePathFromGattId(mServiceId.mId, path, mUuidStr); + GeneratePathFromGattId(mServiceId.mId, path); RegisterBluetoothSignalHandler(path, this); } From 1d560e66e3c8c15b1bacb18d68a9ea37c49fbdce Mon Sep 17 00:00:00 2001 From: B2G Bumper Bot Date: Thu, 11 Jun 2015 05:25:20 -0700 Subject: [PATCH 021/297] Bumping gaia.json for 1 gaia revision(s) a=gaia-bump ======== https://hg.mozilla.org/integration/gaia-central/rev/87e2309cb060 Author: Julien Wajsberg Desc: Revert "Merge pull request #30495 from cctuan/979827" This reverts commit 328f2705b790a0cc967eb71a4604c896a6be011a, reversing changes made to 68269e7b6510930eb2f644f69d27d456c1bdec75. --- b2g/config/gaia.json | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/b2g/config/gaia.json b/b2g/config/gaia.json index 6c0f0286b5b..84a6c47698e 100644 --- a/b2g/config/gaia.json +++ b/b2g/config/gaia.json @@ -1,9 +1,9 @@ { "git": { - "git_revision": "bdfc09c6a26eba3f036b085fed1adfc28379b495", + "git_revision": "0d25492801f93fb78bc65d06176c79de5fd86ee5", "remote": "https://git.mozilla.org/releases/gaia.git", "branch": "" }, - "revision": "936c694e939d3b270b7cadfe9c0e2bd47aacc63c", + "revision": "87e2309cb0603efd8246fcf5f4e0c70973950f93", "repo_path": "integration/gaia-central" } From c35f4c28d0d9ccddca3121e980dd87fa9ca48c00 Mon Sep 17 00:00:00 2001 From: B2G Bumper Bot Date: Thu, 11 Jun 2015 05:27:16 -0700 Subject: [PATCH 022/297] Bumping manifests a=b2g-bump --- b2g/config/aries/sources.xml | 2 +- b2g/config/dolphin/sources.xml | 2 +- b2g/config/emulator-ics/sources.xml | 2 +- b2g/config/emulator-jb/sources.xml | 2 +- b2g/config/emulator-kk/sources.xml | 2 +- b2g/config/emulator-l/sources.xml | 2 +- b2g/config/emulator/sources.xml | 2 +- b2g/config/flame-kk/sources.xml | 2 +- b2g/config/nexus-4/sources.xml | 2 +- b2g/config/nexus-5-l/sources.xml | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/b2g/config/aries/sources.xml b/b2g/config/aries/sources.xml index 890a22a297a..c578fda69d2 100644 --- a/b2g/config/aries/sources.xml +++ b/b2g/config/aries/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/dolphin/sources.xml b/b2g/config/dolphin/sources.xml index 8c76f0c48e8..74db2cbdc52 100644 --- a/b2g/config/dolphin/sources.xml +++ b/b2g/config/dolphin/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/emulator-ics/sources.xml b/b2g/config/emulator-ics/sources.xml index 6320b75dd05..f107fbaeec9 100644 --- a/b2g/config/emulator-ics/sources.xml +++ b/b2g/config/emulator-ics/sources.xml @@ -19,7 +19,7 @@ - + diff --git a/b2g/config/emulator-jb/sources.xml b/b2g/config/emulator-jb/sources.xml index d0c019592e0..2c2343bfddb 100644 --- a/b2g/config/emulator-jb/sources.xml +++ b/b2g/config/emulator-jb/sources.xml @@ -17,7 +17,7 @@ - + diff --git a/b2g/config/emulator-kk/sources.xml b/b2g/config/emulator-kk/sources.xml index 32529988d52..88a2890b998 100644 --- a/b2g/config/emulator-kk/sources.xml +++ b/b2g/config/emulator-kk/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/emulator-l/sources.xml b/b2g/config/emulator-l/sources.xml index c69b47df302..fb69cce5328 100644 --- a/b2g/config/emulator-l/sources.xml +++ b/b2g/config/emulator-l/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/emulator/sources.xml b/b2g/config/emulator/sources.xml index 6320b75dd05..f107fbaeec9 100644 --- a/b2g/config/emulator/sources.xml +++ b/b2g/config/emulator/sources.xml @@ -19,7 +19,7 @@ - + diff --git a/b2g/config/flame-kk/sources.xml b/b2g/config/flame-kk/sources.xml index 3a9155ddd54..ae001c09e81 100644 --- a/b2g/config/flame-kk/sources.xml +++ b/b2g/config/flame-kk/sources.xml @@ -15,7 +15,7 @@ - + diff --git a/b2g/config/nexus-4/sources.xml b/b2g/config/nexus-4/sources.xml index 717f6fafc44..bfb95782cd6 100644 --- a/b2g/config/nexus-4/sources.xml +++ b/b2g/config/nexus-4/sources.xml @@ -17,7 +17,7 @@ - + diff --git a/b2g/config/nexus-5-l/sources.xml b/b2g/config/nexus-5-l/sources.xml index ccf58e33c4e..d379a868e83 100644 --- a/b2g/config/nexus-5-l/sources.xml +++ b/b2g/config/nexus-5-l/sources.xml @@ -15,7 +15,7 @@ - + From e7ef5e91a5d0075a225d093143007265f49a5ca7 Mon Sep 17 00:00:00 2001 From: "Carsten \"Tomcat\" Book" Date: Thu, 11 Jun 2015 15:05:24 +0200 Subject: [PATCH 023/297] Backed out changeset 55698478f5ba (bug 1168300) for mochitest-1 testfailures in test_bug_795164.html --- dom/apps/Webapps.jsm | 17 --- dom/apps/tests/mochitest.ini | 1 - dom/apps/tests/test_bug_1168300.html | 115 ------------------ .../mozIApplicationClearPrivateDataParams.idl | 1 - 4 files changed, 134 deletions(-) delete mode 100644 dom/apps/tests/test_bug_1168300.html diff --git a/dom/apps/Webapps.jsm b/dom/apps/Webapps.jsm index 31e5c8a206f..1c537d2e979 100644 --- a/dom/apps/Webapps.jsm +++ b/dom/apps/Webapps.jsm @@ -4861,24 +4861,7 @@ this.DOMApplicationRegistry = { browserOnly: browserOnly, QueryInterface: XPCOMUtils.generateQI([Ci.mozIApplicationClearPrivateDataParams]) }; - this._clearCookieJarData(appId, browserOnly); this._notifyCategoryAndObservers(subject, "webapps-clear-data", null, msg); - }, - - _clearCookieJarData: function(appId, browserOnly) { - let browserCookieJar = - ChromeUtils.originAttributesToCookieJar({appId: appId, - inBrowser: true}); - this._notifyCategoryAndObservers(null, "clear-cookiejar-data", - browserCookieJar); - - if (!browserOnly) { - let appCookieJar = - ChromeUtils.originAttributesToCookieJar({appId: appId, - inBrowser: false}); - this._notifyCategoryAndObservers(null, "clear-cookiejar-data", - appCookieJar); - } } }; diff --git a/dom/apps/tests/mochitest.ini b/dom/apps/tests/mochitest.ini index 8f4e4fcd1e2..4530a72d77a 100644 --- a/dom/apps/tests/mochitest.ini +++ b/dom/apps/tests/mochitest.ini @@ -41,7 +41,6 @@ skip-if = os == "android" || toolkit == "gonk" # embed-apps doesn't work in moch [test_app_update.html] skip-if = os == "android" || toolkit == "gonk" # embed-apps doesn't work in mochitest app [test_bug_795164.html] -[test_bug_1168300.html] [test_import_export.html] [test_install_dev_mode.html] [test_install_multiple_apps_origin.html] diff --git a/dom/apps/tests/test_bug_1168300.html b/dom/apps/tests/test_bug_1168300.html deleted file mode 100644 index 884e7a2e0c1..00000000000 --- a/dom/apps/tests/test_bug_1168300.html +++ /dev/null @@ -1,115 +0,0 @@ - - - - - - Test for Bug 1168300 - - - - - -Mozilla Bug 1168300 -

- -
-
- - diff --git a/dom/interfaces/apps/mozIApplicationClearPrivateDataParams.idl b/dom/interfaces/apps/mozIApplicationClearPrivateDataParams.idl index 10b7efdd46c..b468c9c371d 100644 --- a/dom/interfaces/apps/mozIApplicationClearPrivateDataParams.idl +++ b/dom/interfaces/apps/mozIApplicationClearPrivateDataParams.idl @@ -16,5 +16,4 @@ interface mozIApplicationClearPrivateDataParams : nsISupports %{C++ #define TOPIC_WEB_APP_CLEAR_DATA "webapps-clear-data" -#define TOPIC_CLEAR_COOKIEJAR_DATA "clear-cookiejar-data" %} From 75ca4c62f8ff4aa889ae578a783cba6832ec4c2c Mon Sep 17 00:00:00 2001 From: Edgar Chen Date: Thu, 28 May 2015 19:18:22 +0800 Subject: [PATCH 024/297] Bug 1169225 - [MobileConnectionService] Support setting/getting call waiting on all serviceClass. r=aknow --- dom/mobileconnection/MobileConnection.cpp | 4 ++- .../MobileConnectionCallback.cpp | 8 +++++ .../gonk/MobileConnectionService.js | 12 ++++--- .../interfaces/nsIMobileConnectionService.idl | 17 +++++++--- .../ipc/MobileConnectionChild.cpp | 11 ++++++- .../ipc/MobileConnectionChild.h | 3 ++ .../ipc/MobileConnectionParent.cpp | 10 +++++- .../ipc/PMobileConnection.ipdl | 1 + .../ipc/PMobileConnectionRequest.ipdl | 6 ++++ dom/mobileconnection/tests/marionette/head.js | 31 +++++++++++++++++++ .../tests/marionette/manifest.ini | 1 + .../tests/marionette/test_call_waiting.js | 29 +++++++++++++++++ dom/system/gonk/ril_worker.js | 15 ++++----- dom/system/gonk/tests/test_ril_worker_cw.js | 10 +++--- dom/system/gonk/tests/test_ril_worker_mmi.js | 3 +- 15 files changed, 135 insertions(+), 26 deletions(-) create mode 100644 dom/mobileconnection/tests/marionette/test_call_waiting.js diff --git a/dom/mobileconnection/MobileConnection.cpp b/dom/mobileconnection/MobileConnection.cpp index a88d1e05699..96a85dda555 100644 --- a/dom/mobileconnection/MobileConnection.cpp +++ b/dom/mobileconnection/MobileConnection.cpp @@ -876,7 +876,9 @@ MobileConnection::SetCallWaitingOption(bool aEnabled, ErrorResult& aRv) nsRefPtr requestCallback = new MobileConnectionCallback(GetOwner(), request); - nsresult rv = mMobileConnection->SetCallWaiting(aEnabled, requestCallback); + nsresult rv = mMobileConnection->SetCallWaiting(aEnabled, + nsIMobileConnection::ICC_SERVICE_CLASS_VOICE, + requestCallback); if (NS_FAILED(rv)) { aRv.Throw(rv); return nullptr; diff --git a/dom/mobileconnection/MobileConnectionCallback.cpp b/dom/mobileconnection/MobileConnectionCallback.cpp index a5d34d66c35..26ebb6ee4a1 100644 --- a/dom/mobileconnection/MobileConnectionCallback.cpp +++ b/dom/mobileconnection/MobileConnectionCallback.cpp @@ -191,6 +191,14 @@ MobileConnectionCallback::NotifyGetCallBarringSuccess(uint16_t aProgram, return NotifySuccess(jsResult); } +NS_IMETHODIMP +MobileConnectionCallback::NotifyGetCallWaitingSuccess(uint16_t aServiceClass) +{ + return (aServiceClass & nsIMobileConnection::ICC_SERVICE_CLASS_VOICE) + ? NotifySuccess(JS::TrueHandleValue) + : NotifySuccess(JS::FalseHandleValue); +} + NS_IMETHODIMP MobileConnectionCallback::NotifyGetClirStatusSuccess(uint16_t aN, uint16_t aM) { diff --git a/dom/mobileconnection/gonk/MobileConnectionService.js b/dom/mobileconnection/gonk/MobileConnectionService.js index c35768ee338..900c99652be 100644 --- a/dom/mobileconnection/gonk/MobileConnectionService.js +++ b/dom/mobileconnection/gonk/MobileConnectionService.js @@ -1118,9 +1118,13 @@ MobileConnectionProvider.prototype = { }).bind(this)); }, - setCallWaiting: function(aEnabled, aCallback) { - this._radioInterface.sendWorkerMessage("setCallWaiting", - {enabled: aEnabled}, + setCallWaiting: function(aEnabled, aServiceClass, aCallback) { + let options = { + enabled: aEnabled, + serviceClass: aServiceClass + }; + + this._radioInterface.sendWorkerMessage("setCallWaiting", options, (function(aResponse) { if (aResponse.errorMsg) { aCallback.notifyError(aResponse.errorMsg); @@ -1140,7 +1144,7 @@ MobileConnectionProvider.prototype = { return false; } - aCallback.notifySuccessWithBoolean(aResponse.enabled); + aCallback.notifyGetCallWaitingSuccess(aResponse.serviceClass); return false; }).bind(this)); }, diff --git a/dom/mobileconnection/interfaces/nsIMobileConnectionService.idl b/dom/mobileconnection/interfaces/nsIMobileConnectionService.idl index da8647d7597..6fa518e5d18 100644 --- a/dom/mobileconnection/interfaces/nsIMobileConnectionService.idl +++ b/dom/mobileconnection/interfaces/nsIMobileConnectionService.idl @@ -108,7 +108,7 @@ interface nsIMobileConnectionListener : nsISupports #define NO_ADDITIONAL_INFORMATION 0 %} -[scriptable, uuid(14d66926-8434-11e4-8c3f-f724194bb5f1)] +[scriptable, uuid(ef5e02a6-adff-4425-8634-ec49ced1f14f)] interface nsIMobileConnectionCallback : nsISupports { /** @@ -128,6 +128,8 @@ interface nsIMobileConnectionCallback : nsISupports in boolean enabled, in unsigned short serviceClass); + void notifyGetCallWaitingSuccess(in unsigned short serviceClass); + void notifyGetClirStatusSuccess(in unsigned short n, in unsigned short m); void notifyGetPreferredNetworkTypeSuccess(in long type); @@ -163,7 +165,7 @@ already_AddRefed NS_CreateMobileConnectionService(); %} -[scriptable, uuid(59a6d450-144b-47f9-8f4a-2132331e9e05)] +[scriptable, uuid(d7173ff3-a8da-41c1-a976-440e5402b856)] interface nsIMobileConnection : nsISupports { /* @@ -601,6 +603,8 @@ interface nsIMobileConnection : nsISupports * * @param enabled * Boolean indicates the desired call waiting status. + * @param serviceClass + * One of the nsIMobileConnection.ICC_SERVICE_CLASS_* values. * @param requestCallback * Called when request is finished. * @@ -611,6 +615,7 @@ interface nsIMobileConnection : nsISupports * 'GenericFailure'. */ void setCallWaiting(in bool enabled, + in unsigned short serviceClass, in nsIMobileConnectionCallback requestCallback); /** @@ -619,8 +624,12 @@ interface nsIMobileConnection : nsISupports * @param requestCallback * Called when request is finished. * - * If successful, the notifySuccessWithBoolean() will be called. And the result - * will be a boolean indicating the call waiting status. + * If successful, the notifyGetCallWaitingSuccess() will be called. And the + * result will be a service class bit vector of services for which call + * waiting is enabled. e.g. 3 means call waiting is enabled for data + * and voice and disabled for everything else. 0 means call waiting is + * disabled for all service. + * @see nsIMobileConnection.ICC_SERVICE_CLASS_*. * * Otherwise, the notifyError() will be called, and the error will be either * 'RadioNotAvailable', 'RequestNotSupported', 'IllegalSIMorME', or diff --git a/dom/mobileconnection/ipc/MobileConnectionChild.cpp b/dom/mobileconnection/ipc/MobileConnectionChild.cpp index d4558235fc4..0e27e89875f 100644 --- a/dom/mobileconnection/ipc/MobileConnectionChild.cpp +++ b/dom/mobileconnection/ipc/MobileConnectionChild.cpp @@ -276,9 +276,10 @@ MobileConnectionChild::ChangeCallBarringPassword(const nsAString& aPin, NS_IMETHODIMP MobileConnectionChild::SetCallWaiting(bool aEnabled, + uint16_t aServiceClass, nsIMobileConnectionCallback* aCallback) { - return SendRequest(SetCallWaitingRequest(aEnabled), aCallback) + return SendRequest(SetCallWaitingRequest(aEnabled, aServiceClass), aCallback) ? NS_OK : NS_ERROR_FAILURE; } @@ -550,6 +551,12 @@ MobileConnectionRequestChild::DoReply(const MobileConnectionReplySuccessCallBarr aReply.serviceClass())); } +bool +MobileConnectionRequestChild::DoReply(const MobileConnectionReplySuccessCallWaiting& aReply) +{ + return NS_SUCCEEDED(mRequestCallback->NotifyGetCallWaitingSuccess(aReply.serviceClass())); +} + bool MobileConnectionRequestChild::DoReply(const MobileConnectionReplySuccessClirStatus& aReply) { @@ -591,6 +598,8 @@ MobileConnectionRequestChild::Recv__delete__(const MobileConnectionReply& aReply return DoReply(aReply.get_MobileConnectionReplySuccessCallForwarding()); case MobileConnectionReply::TMobileConnectionReplySuccessCallBarring: return DoReply(aReply.get_MobileConnectionReplySuccessCallBarring()); + case MobileConnectionReply::TMobileConnectionReplySuccessCallWaiting: + return DoReply(aReply.get_MobileConnectionReplySuccessCallWaiting()); case MobileConnectionReply::TMobileConnectionReplySuccessClirStatus: return DoReply(aReply.get_MobileConnectionReplySuccessClirStatus()); case MobileConnectionReply::TMobileConnectionReplySuccessPreferredNetworkType: diff --git a/dom/mobileconnection/ipc/MobileConnectionChild.h b/dom/mobileconnection/ipc/MobileConnectionChild.h index 24ba62205a1..65ccc560469 100644 --- a/dom/mobileconnection/ipc/MobileConnectionChild.h +++ b/dom/mobileconnection/ipc/MobileConnectionChild.h @@ -148,6 +148,9 @@ public: bool DoReply(const MobileConnectionReplySuccessCallBarring& aReply); + bool + DoReply(const MobileConnectionReplySuccessCallWaiting& aReply); + bool DoReply(const MobileConnectionReplySuccessClirStatus& aReply); diff --git a/dom/mobileconnection/ipc/MobileConnectionParent.cpp b/dom/mobileconnection/ipc/MobileConnectionParent.cpp index b31a9f24625..cc227e654f1 100644 --- a/dom/mobileconnection/ipc/MobileConnectionParent.cpp +++ b/dom/mobileconnection/ipc/MobileConnectionParent.cpp @@ -434,7 +434,9 @@ MobileConnectionRequestParent::DoRequest(const SetCallWaitingRequest& aRequest) { NS_ENSURE_TRUE(mMobileConnection, false); - return NS_SUCCEEDED(mMobileConnection->SetCallWaiting(aRequest.enabled(), this)); + return NS_SUCCEEDED(mMobileConnection->SetCallWaiting(aRequest.enabled(), + aRequest.serviceClass(), + this)); } bool @@ -536,6 +538,12 @@ MobileConnectionRequestParent::NotifyGetCallBarringSuccess(uint16_t aProgram, aServiceClass)); } +NS_IMETHODIMP +MobileConnectionRequestParent::NotifyGetCallWaitingSuccess(uint16_t aServiceClass) +{ + return SendReply(MobileConnectionReplySuccessCallWaiting(aServiceClass)); +} + NS_IMETHODIMP MobileConnectionRequestParent::NotifyGetClirStatusSuccess(uint16_t aN, uint16_t aM) diff --git a/dom/mobileconnection/ipc/PMobileConnection.ipdl b/dom/mobileconnection/ipc/PMobileConnection.ipdl index 81dcdf42963..ceaa9ad371c 100644 --- a/dom/mobileconnection/ipc/PMobileConnection.ipdl +++ b/dom/mobileconnection/ipc/PMobileConnection.ipdl @@ -133,6 +133,7 @@ struct ChangeCallBarringPasswordRequest struct SetCallWaitingRequest { bool enabled; + uint16_t serviceClass; }; struct GetCallWaitingRequest diff --git a/dom/mobileconnection/ipc/PMobileConnectionRequest.ipdl b/dom/mobileconnection/ipc/PMobileConnectionRequest.ipdl index ce7ed401bf7..73c0be9c997 100644 --- a/dom/mobileconnection/ipc/PMobileConnectionRequest.ipdl +++ b/dom/mobileconnection/ipc/PMobileConnectionRequest.ipdl @@ -52,6 +52,11 @@ struct MobileConnectionReplySuccessCallBarring uint16_t serviceClass; }; +struct MobileConnectionReplySuccessCallWaiting +{ + uint16_t serviceClass; +}; + struct MobileConnectionReplySuccessClirStatus { uint16_t n; @@ -82,6 +87,7 @@ union MobileConnectionReply MobileConnectionReplySuccessNetworks; MobileConnectionReplySuccessCallForwarding; MobileConnectionReplySuccessCallBarring; + MobileConnectionReplySuccessCallWaiting; MobileConnectionReplySuccessClirStatus; MobileConnectionReplySuccessPreferredNetworkType; MobileConnectionReplySuccessRoamingPreference; diff --git a/dom/mobileconnection/tests/marionette/head.js b/dom/mobileconnection/tests/marionette/head.js index 1952b8ed1f3..afc92bae1b1 100644 --- a/dom/mobileconnection/tests/marionette/head.js +++ b/dom/mobileconnection/tests/marionette/head.js @@ -640,6 +640,37 @@ function selectNetworkAutomaticallyAndWait() { return request.then(null, () => { throw request.error }); } +/** + * Configures call waiting options. + * + * Fulfill params: (none) + * Reject params: + * 'RadioNotAvailable', 'RequestNotSupported', 'InvalidParameter' or + * 'GenericFailure'. + * + * @return A deferred promise. + */ + function setCallWaitingOption(aEnabled) { + let request = mobileConnection.setCallWaitingOption(aEnabled); + return request.then(null, () => { throw request.error }); +} + +/** + * Queries current call waiting status. + * + * Fulfill params: + * A boolean indicating the call waiting status. + * Reject params: + * 'RadioNotAvailable', 'RequestNotSupported', 'InvalidParameter' or + * 'GenericFailure'. + * + * @return A deferred promise. + */ + function getCallWaitingOption() { + let request = mobileConnection.getCallWaitingOption(); + return request.then(() => request.result, () => { throw request.error }); +} + /** * Set data connection enabling state and wait for "datachange" event. * diff --git a/dom/mobileconnection/tests/marionette/manifest.ini b/dom/mobileconnection/tests/marionette/manifest.ini index 0b54151df21..d2aaf5725c2 100644 --- a/dom/mobileconnection/tests/marionette/manifest.ini +++ b/dom/mobileconnection/tests/marionette/manifest.ini @@ -19,6 +19,7 @@ qemu = true [test_call_barring_get_error.js] [test_call_barring_set_error.js] [test_call_barring_change_password.js] +[test_call_waiting.js] [test_mobile_set_radio.js] [test_mobile_last_known_network.js] [test_mobile_icc_change.js] diff --git a/dom/mobileconnection/tests/marionette/test_call_waiting.js b/dom/mobileconnection/tests/marionette/test_call_waiting.js new file mode 100644 index 00000000000..062fe189b61 --- /dev/null +++ b/dom/mobileconnection/tests/marionette/test_call_waiting.js @@ -0,0 +1,29 @@ +/* Any copyright is dedicated to the Public Domain. + * http://creativecommons.org/publicdomain/zero/1.0/ */ + +MARIONETTE_TIMEOUT = 60000; +MARIONETTE_HEAD_JS = "head.js"; + +// Start tests +startTestCommon(function() { + return Promise.resolve() + // TODO: Bug 1090811 - [B2G] support SET_CALL_WAITING and QUERY_CALL_WAITING + // Currently emulator doesn't support RIL_REQUEST_QUERY_CALL_WAITING and + // RIL_REQUEST_SET_CALL_WAITING, so we expect to get a 'RequestNotSupported' + // error here. + .then(() => setCallWaitingOption(true)) + .then(() => { + ok(false, "setCallWaitingOption should not success"); + }, aError => { + is(aError.name, "RequestNotSupported", + "failed to setCallWaitingOption"); + }) + + .then(() => getCallWaitingOption()) + .then(() => { + ok(false, "getCallWaitingOption should not success"); + }, aError => { + is(aError.name, "RequestNotSupported", + "failed to getCallWaitingOption"); + }); +}); diff --git a/dom/system/gonk/ril_worker.js b/dom/system/gonk/ril_worker.js index c87e8cb2f37..a3dfa8279e8 100644 --- a/dom/system/gonk/ril_worker.js +++ b/dom/system/gonk/ril_worker.js @@ -933,7 +933,7 @@ RilObject.prototype = { Buf.newParcel(REQUEST_QUERY_CALL_WAITING, options); Buf.writeInt32(1); // As per 3GPP TS 24.083, section 1.6 UE doesn't need to send service - // class parameter in call waiting interrogation to network + // class parameter in call waiting interrogation to network. Buf.writeInt32(ICC_SERVICE_CLASS_NONE); Buf.sendParcel(); }, @@ -941,16 +941,17 @@ RilObject.prototype = { /** * Set call waiting status. * - * @param on + * @param enabled * Boolean indicating the desired waiting status. + * @param serviceClass + * One of ICC_SERVICE_CLASS_* constants. */ setCallWaiting: function(options) { let Buf = this.context.Buf; Buf.newParcel(REQUEST_SET_CALL_WAITING, options); Buf.writeInt32(2); Buf.writeInt32(options.enabled ? 1 : 0); - Buf.writeInt32(options.serviceClass !== undefined ? - options.serviceClass : ICC_SERVICE_CLASS_VOICE); + Buf.writeInt32(options.serviceClass); Buf.sendParcel(); }, @@ -4937,9 +4938,9 @@ RilObject.prototype[REQUEST_QUERY_CALL_WAITING] = } let Buf = this.context.Buf; - options.length = Buf.readInt32(); - options.enabled = ((Buf.readInt32() == 1) && - ((Buf.readInt32() & ICC_SERVICE_CLASS_VOICE) == 0x01)); + let results = Buf.readInt32List(); + let enabled = (results[0] === 1); + options.serviceClass = enabled ? results[1] : ICC_SERVICE_CLASS_NONE; this.sendChromeMessage(options); }; diff --git a/dom/system/gonk/tests/test_ril_worker_cw.js b/dom/system/gonk/tests/test_ril_worker_cw.js index 1eaebf2efa9..efa8b5c21dc 100644 --- a/dom/system/gonk/tests/test_ril_worker_cw.js +++ b/dom/system/gonk/tests/test_ril_worker_cw.js @@ -62,7 +62,7 @@ add_test(function test_queryCallWaiting_success_enabled_true() { context.Buf.int32Array = [ 1, // serviceClass 1, // enabled - 1 // length + 2 // length ]; context.RIL[REQUEST_QUERY_CALL_WAITING](1, {}); }; @@ -72,8 +72,7 @@ add_test(function test_queryCallWaiting_success_enabled_true() { let postedMessage = workerHelper.postedMessage; equal(postedMessage.errorMsg, undefined); - equal(postedMessage.length, 1); - ok(postedMessage.enabled); + equal(postedMessage.serviceClass, 1); run_next_test(); }); @@ -90,7 +89,7 @@ add_test(function test_queryCallWaiting_success_enabled_false() { context.Buf.int32Array = [ 1, // serviceClass 0, // enabled - 1 // length + 2 // length ]; context.RIL[REQUEST_QUERY_CALL_WAITING](1, {}); }; @@ -100,7 +99,6 @@ add_test(function test_queryCallWaiting_success_enabled_false() { let postedMessage = workerHelper.postedMessage; equal(postedMessage.errorMsg, undefined); - equal(postedMessage.length, 1); - ok(!postedMessage.enabled); + equal(postedMessage.serviceClass, ICC_SERVICE_CLASS_NONE); run_next_test(); }); diff --git a/dom/system/gonk/tests/test_ril_worker_mmi.js b/dom/system/gonk/tests/test_ril_worker_mmi.js index d768b296f8f..80ecf228aeb 100644 --- a/dom/system/gonk/tests/test_ril_worker_mmi.js +++ b/dom/system/gonk/tests/test_ril_worker_mmi.js @@ -508,7 +508,6 @@ add_test(function test_sendMMI_call_waiting_interrogation() { let postedMessage = workerhelper.postedMessage; equal(postedMessage.errorMsg, undefined); - equal(postedMessage.length, 2); - ok(postedMessage.enabled); + equal(postedMessage.serviceClass, 7); run_next_test(); }); From fd7d72c0e4ce81cebd121b5b0bac4dc48cae84ad Mon Sep 17 00:00:00 2001 From: Edgar Chen Date: Tue, 7 Apr 2015 14:49:48 +0800 Subject: [PATCH 025/297] Bug 1151726 - Disable failure tests, test_wifi_associate_WPA_EAP_{PEAP|TTLS|TLS}.js. r=henry --- dom/wifi/test/marionette/manifest.ini | 3 +++ 1 file changed, 3 insertions(+) diff --git a/dom/wifi/test/marionette/manifest.ini b/dom/wifi/test/marionette/manifest.ini index cbfc25e476f..3326a7be1b8 100644 --- a/dom/wifi/test/marionette/manifest.ini +++ b/dom/wifi/test/marionette/manifest.ini @@ -16,6 +16,9 @@ qemu = true [test_wifi_manage_user_certificate.js] [test_wifi_manage_pkcs12_certificate.js] [test_wifi_associate_WPA_EAP_PEAP.js] +disabled = Bug 1173697 [test_wifi_associate_WPA_EAP_TTLS.js] +disabled = Bug 1173697 [test_wifi_associate_WPA_EAP_TLS.js] +disabled = Bug 1173697 [test_wifi_enable_api.js] From 4ce55e3a975ebb9b40872fad2bdf2189dd062400 Mon Sep 17 00:00:00 2001 From: Nicholas Nethercote Date: Wed, 10 Jun 2015 12:47:18 -0700 Subject: [PATCH 026/297] Bug 1173212 (part 1) - Remove some can't-fail tests in PLDHashTable. r=froydnj. --- xpcom/glue/pldhash.cpp | 8 -------- 1 file changed, 8 deletions(-) diff --git a/xpcom/glue/pldhash.cpp b/xpcom/glue/pldhash.cpp index c3c30745eca..373f5f1c3d6 100644 --- a/xpcom/glue/pldhash.cpp +++ b/xpcom/glue/pldhash.cpp @@ -768,9 +768,6 @@ PLDHashTable::Enumerate(PLDHashEnumerator aEtor, void* aArg) // even more chaotic to iterate in fully random order, but that's a lot // more work. entryAddr += ChaosMode::randomUint32LessThan(capacity) * mEntrySize; - if (entryAddr >= entryLimit) { - entryAddr -= tableSize; - } } for (uint32_t e = 0; e < capacity; ++e) { @@ -912,17 +909,12 @@ PLDHashTable::Iterator::Iterator(const PLDHashTable* aTable) // vary over the course of the for loop) are converted into mEntryOffset and // mEntryAddr, respectively. uint32_t capacity = mTable->Capacity(); - uint32_t tableSize = capacity * mTable->EntrySize(); - char* entryLimit = mEntryAddr + tableSize; if (ChaosMode::isActive(ChaosMode::HashTableIteration)) { // Start iterating at a random point in the hashtable. It would be // even more chaotic to iterate in fully random order, but that's a lot // more work. mEntryAddr += ChaosMode::randomUint32LessThan(capacity) * mTable->mEntrySize; - if (mEntryAddr >= entryLimit) { - mEntryAddr -= tableSize; - } } } From b4f22b01236ed6ffd98ff28d144ae00fc47baa46 Mon Sep 17 00:00:00 2001 From: Nicholas Nethercote Date: Wed, 10 Jun 2015 12:47:18 -0700 Subject: [PATCH 027/297] Bug 1173212 (part 2) - Make PLDHashTable::Iterator work in chaos mode. r=froydnj. Iterator::NextEntry() miscomputes |entryLimit|. This doesn't matter in non-chaos mode because we'll always find a live entry before hitting that limit. But it does matter in chaos mode because it means we don't wrap around when we should. It's clear how this mistake was made -- the code from Enumerate() was copied. In Enumerate() |mEntryStore| and |entryAddr| are the same when |entryLimit| is computed, so you can use them interchangeably. But in NextEntry() |mEntryAddr| will have moved past |mEntryStore|, so you have to use |mEntryStore|. I changed both functions in the same way to keep the correspondence between them obvious. --- xpcom/glue/pldhash.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/xpcom/glue/pldhash.cpp b/xpcom/glue/pldhash.cpp index 373f5f1c3d6..ac3f080d79f 100644 --- a/xpcom/glue/pldhash.cpp +++ b/xpcom/glue/pldhash.cpp @@ -759,7 +759,7 @@ PLDHashTable::Enumerate(PLDHashEnumerator aEtor, void* aArg) char* entryAddr = mEntryStore; uint32_t capacity = Capacity(); uint32_t tableSize = capacity * mEntrySize; - char* entryLimit = entryAddr + tableSize; + char* entryLimit = mEntryStore + tableSize; uint32_t i = 0; bool didRemove = false; @@ -954,7 +954,7 @@ PLDHashTable::Iterator::NextEntry() // mEntryAddr, respectively. uint32_t capacity = mTable->Capacity(); uint32_t tableSize = capacity * mTable->mEntrySize; - char* entryLimit = mEntryAddr + tableSize; + char* entryLimit = mTable->mEntryStore + tableSize; // Strictly speaking, we don't need to iterate over the full capacity each // time. However, it is simpler to do so rather than unnecessarily track the From 34202f3c372ef8d288dcd5ec059a759897a84c3c Mon Sep 17 00:00:00 2001 From: James Graham Date: Mon, 8 Jun 2015 21:49:30 +0100 Subject: [PATCH 028/297] Bug 1066621 - Set the dom.forms.inputmode pref for test touching HTMLInputElement.inputMode, r=Ms2ger --- testing/web-platform/meta/html/dom/reflection-forms.html.ini | 1 + 1 file changed, 1 insertion(+) diff --git a/testing/web-platform/meta/html/dom/reflection-forms.html.ini b/testing/web-platform/meta/html/dom/reflection-forms.html.ini index 69c83cd68fc..8c2bccfe231 100644 --- a/testing/web-platform/meta/html/dom/reflection-forms.html.ini +++ b/testing/web-platform/meta/html/dom/reflection-forms.html.ini @@ -1,5 +1,6 @@ [reflection-forms.html] type: testharness + prefs: [dom.forms.inputmode:true] [form.tabIndex: setAttribute() to -2147483648 followed by IDL get] expected: FAIL From a1e04cfc6f67c1bceb66d322844fd61d3dc1a156 Mon Sep 17 00:00:00 2001 From: James Graham Date: Tue, 9 Jun 2015 10:47:48 +0100 Subject: [PATCH 029/297] Bug 1162483 - Enable dom animations pref when running animations test, r=Ms2ger --- testing/web-platform/meta/web-animations/__dir__.ini | 1 + 1 file changed, 1 insertion(+) create mode 100644 testing/web-platform/meta/web-animations/__dir__.ini diff --git a/testing/web-platform/meta/web-animations/__dir__.ini b/testing/web-platform/meta/web-animations/__dir__.ini new file mode 100644 index 00000000000..d8cab869f8b --- /dev/null +++ b/testing/web-platform/meta/web-animations/__dir__.ini @@ -0,0 +1 @@ +prefs: [dom.animations-api.core.enabled:true] \ No newline at end of file From eb8458f023c6f602d0b917a75d77dca2b36f86c9 Mon Sep 17 00:00:00 2001 From: James Graham Date: Tue, 9 Jun 2015 14:51:11 +0100 Subject: [PATCH 030/297] Bug 1173306 - Remove expensive regexp for handling multiline comments when reading pref files in mozprofile, r=ahal --- testing/mozbase/mozprofile/mozprofile/prefs.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/testing/mozbase/mozprofile/mozprofile/prefs.py b/testing/mozbase/mozprofile/mozprofile/prefs.py index 3497cda0d0b..efce9f66652 100644 --- a/testing/mozbase/mozprofile/mozprofile/prefs.py +++ b/testing/mozbase/mozprofile/mozprofile/prefs.py @@ -164,8 +164,6 @@ class Preferences(object): to str.format to interpolate preference values. """ - comment = re.compile('/\*([^*]|[\r\n]|(\*+([^*/]|[\r\n])))*\*+/', re.MULTILINE) - marker = '##//' # magical marker lines = [i.strip() for i in mozfile.load(path).readlines() if i.strip()] _lines = [] @@ -176,7 +174,6 @@ class Preferences(object): line = line.replace('//', marker) _lines.append(line) string = '\n'.join(_lines) - string = re.sub(comment, '', string) # skip trailing comments processed_tokens = [] From 75821a1f80cbf2792c7974f81fb7bf85860d5024 Mon Sep 17 00:00:00 2001 From: Steven Michaud Date: Wed, 10 Jun 2015 15:30:25 -0500 Subject: [PATCH 031/297] Bug 1153145 - Ensure trusted focus events from web content focus plugins. r=smaug --- dom/html/HTMLObjectElement.cpp | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/dom/html/HTMLObjectElement.cpp b/dom/html/HTMLObjectElement.cpp index 3150ba26be0..3714c2839fe 100644 --- a/dom/html/HTMLObjectElement.cpp +++ b/dom/html/HTMLObjectElement.cpp @@ -161,7 +161,12 @@ HTMLObjectElement::OnFocusBlurPlugin(Element* aElement, bool aFocus) nsCOMPtr olc = do_QueryInterface(aElement); bool hasRunningPlugin = false; if (olc) { - olc->GetHasRunningPlugin(&hasRunningPlugin); + // nsIObjectLoadingContent::GetHasRunningPlugin() fails when + // nsContentUtils::IsCallerChrome() returns false (which it can do even + // when we're processing a trusted focus event). We work around this by + // calling nsObjectLoadingContent::HasRunningPlugin() directly. + hasRunningPlugin = + static_cast(olc.get())->HasRunningPlugin(); } if (!hasRunningPlugin) { aFocus = false; From e2fcb87cfbb17d0a87fb693e9742c6d5a8f2affe Mon Sep 17 00:00:00 2001 From: Morgan Phillips Date: Wed, 10 Jun 2015 22:35:46 +0200 Subject: [PATCH 032/297] Bug 1172107 - Add the ability to upload dist files after a successful build; r=ahal This option is configurable to account for the fact that this image supports multiple builds. There is an option for moving files by name in a simple mv $name $name fashion, and for moving files so that any long prefix (containing version/platform information for instance) will be stubbed out: replaced with the word "target." --- testing/docker/desktop-build/bin/build.sh | 28 +++++++++++++++++------ 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/testing/docker/desktop-build/bin/build.sh b/testing/docker/desktop-build/bin/build.sh index 4daab6674bb..f5ffd8403d9 100644 --- a/testing/docker/desktop-build/bin/build.sh +++ b/testing/docker/desktop-build/bin/build.sh @@ -47,6 +47,12 @@ set -x -e : WORKSPACE ${WORKSPACE:=/home/worker/workspace} +# files to be "uploaded" (moved to ~/artifacts) from obj-firefox/dist +: DIST_UPLOADS ${DIST_UPLOADS:=""} +# files which will be be prefixed with target before being sent to artifacts +# e.g. DIST_TARGET_UPLOADS="a.zip" runs mv v2.0.a.zip mv artifacts/target.a.zip +: DIST_TARGET_UPLOADS ${DIST_TARGET_UPLOADS:=""} + set -v # Don't run the upload step; this is passed through mozharness to mach. Once @@ -87,13 +93,6 @@ fi # and check out mozilla-central where mozharness will use it as a cache (/builds/hg-shared) tc-vcs checkout $WORKSPACE/build/src $GECKO_BASE_REPOSITORY $GECKO_HEAD_REPOSITORY $GECKO_HEAD_REV $GECKO_HEAD_REF -# the TC docker worker looks for artifacts to upload in $HOME/artifacts, but -# mach wants to put them in $WORKSPACE/build/upload; symlinking lets everyone -# win! -rm -rf $WORKSPACE/build/upload -mkdir -p $HOME/artifacts -ln -s $HOME/artifacts $WORKSPACE/build/upload - # run mozharness in XVfb, if necessary; this is an array to maintain the quoting in the -s argument if $NEED_XVFB; then # Some mozharness scripts set DISPLAY=:2 @@ -172,3 +171,18 @@ done --no-action=generate-build-stats \ --branch=${MH_BRANCH} \ --build-pool=${MH_BUILD_POOL} + +# upload auxiliary files +cd $WORKSPACE/build/src/obj-firefox/dist + +for file in $DIST_UPLOADS +do + mv $file $HOME/artifacts/$file +done + +# Discard version numbers from packaged files, they just make it hard to write +# the right filename in the task payload where artifacts are declared +for file in $DIST_TARGET_UPLOADS +do + mv *.$file $HOME/artifacts/target.$file +done From 397babceac724ad4d1eb4902bba6b2ce2ce12ef4 Mon Sep 17 00:00:00 2001 From: Nick Fitzgerald Date: Wed, 10 Jun 2015 13:37:11 -0700 Subject: [PATCH 033/297] Bug 1147679 - Use PR_GetFileInfo64 when deserializing heap snapshots; r=jimb --- toolkit/devtools/server/ChromeUtils.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/toolkit/devtools/server/ChromeUtils.cpp b/toolkit/devtools/server/ChromeUtils.cpp index 4e596835642..e3093df4f25 100644 --- a/toolkit/devtools/server/ChromeUtils.cpp +++ b/toolkit/devtools/server/ChromeUtils.cpp @@ -395,13 +395,13 @@ ChromeUtils::ReadHeapSnapshot(GlobalObject& global, return nullptr; } - PRFileInfo fileInfo; - if (PR_GetFileInfo(path.get(), &fileInfo) != PR_SUCCESS) { + PRFileInfo64 fileInfo; + if (PR_GetFileInfo64(path.get(), &fileInfo) != PR_SUCCESS) { rv.Throw(NS_ERROR_FILE_NOT_FOUND); return nullptr; } - uint32_t size = fileInfo.size; + uint64_t size = fileInfo.size; ScopedFreePtr buffer(static_cast(malloc(size))); if (!buffer) { rv.Throw(NS_ERROR_OUT_OF_MEMORY); From 4b9240224457d283394eeba7b2950960fe51b7f0 Mon Sep 17 00:00:00 2001 From: Nick Fitzgerald Date: Wed, 10 Jun 2015 13:37:11 -0700 Subject: [PATCH 034/297] Bug 1147680 - Use PR_MemMap when deserializing heap snapshots; r=jimb --- toolkit/devtools/server/AutoMemMap.cpp | 62 ++++++++++++++++++++++ toolkit/devtools/server/AutoMemMap.h | 70 +++++++++++++++++++++++++ toolkit/devtools/server/ChromeUtils.cpp | 36 +++---------- toolkit/devtools/server/moz.build | 2 + 4 files changed, 141 insertions(+), 29 deletions(-) create mode 100644 toolkit/devtools/server/AutoMemMap.cpp create mode 100644 toolkit/devtools/server/AutoMemMap.h diff --git a/toolkit/devtools/server/AutoMemMap.cpp b/toolkit/devtools/server/AutoMemMap.cpp new file mode 100644 index 00000000000..162ee5d5ede --- /dev/null +++ b/toolkit/devtools/server/AutoMemMap.cpp @@ -0,0 +1,62 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "mozilla/devtools/AutoMemMap.h" +#include "nsDebug.h" + +namespace mozilla { +namespace devtools { + +AutoMemMap::~AutoMemMap() +{ + if (addr) { + NS_WARN_IF(PR_MemUnmap(addr, size()) != PR_SUCCESS); + addr = nullptr; + } + + if (fileMap) { + NS_WARN_IF(PR_CloseFileMap(fileMap) != PR_SUCCESS); + fileMap = nullptr; + } + + if (fd) { + NS_WARN_IF(PR_Close(fd) != PR_SUCCESS); + fd = nullptr; + } +} + +nsresult +AutoMemMap::init(const char* filePath, PRIntn flags, PRIntn mode, PRFileMapProtect prot) +{ + MOZ_ASSERT(!fd); + MOZ_ASSERT(!fileMap); + MOZ_ASSERT(!addr); + + if (PR_GetFileInfo64(filePath, &fileInfo) != PR_SUCCESS) + return NS_ERROR_FILE_NOT_FOUND; + + // Check if the file is too big to memmap. + if (fileInfo.size > int64_t(UINT32_MAX)) + return NS_ERROR_INVALID_ARG; + auto length = uint32_t(fileInfo.size); + + fd = PR_Open(filePath, flags, flags); + if (!fd) + return NS_ERROR_UNEXPECTED; + + fileMap = PR_CreateFileMap(fd, fileInfo.size, prot); + if (!fileMap) + return NS_ERROR_UNEXPECTED; + + addr = PR_MemMap(fileMap, 0, length); + if (!addr) + return NS_ERROR_UNEXPECTED; + + return NS_OK; +} + +} // namespace devtools +} // namespace mozilla diff --git a/toolkit/devtools/server/AutoMemMap.h b/toolkit/devtools/server/AutoMemMap.h new file mode 100644 index 00000000000..e6943a41224 --- /dev/null +++ b/toolkit/devtools/server/AutoMemMap.h @@ -0,0 +1,70 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include +#include "mozilla/GuardObjects.h" + +namespace mozilla { +namespace devtools { + +// # AutoMemMap +// +// AutoMemMap is an RAII class to manage mapping a file to memory. It is a +// wrapper aorund managing opening and closing a file and calling PR_MemMap and +// PR_MemUnmap. +// +// Example usage: +// +// { +// AutoMemMap mm; +// if (NS_FAILED(mm.init("/path/to/desired/file"))) { +// // Handle the error however you see fit. +// return false; +// } +// +// doStuffWithMappedMemory(mm.address()); +// } +// // The memory is automatically unmapped when the AutoMemMap leaves scope. +class MOZ_STACK_CLASS AutoMemMap +{ + MOZ_DECL_USE_GUARD_OBJECT_NOTIFIER; + + PRFileInfo64 fileInfo; + PRFileDesc* fd; + PRFileMap* fileMap; + void* addr; + + AutoMemMap(const AutoMemMap& aOther) = delete; + void operator=(const AutoMemMap& aOther) = delete; + +public: + explicit AutoMemMap(MOZ_GUARD_OBJECT_NOTIFIER_ONLY_PARAM) + : fd(nullptr) + , fileMap(nullptr) + , addr(nullptr) + { + MOZ_GUARD_OBJECT_NOTIFIER_INIT; + }; + ~AutoMemMap(); + + // Initialize this AutoMemMap. + nsresult init(const char* filePath, PRIntn flags = PR_RDONLY, PRIntn mode = 0, + PRFileMapProtect prot = PR_PROT_READONLY); + + // Get the size of the memory mapped file. + uint32_t size() const { + MOZ_ASSERT(fileInfo.size <= UINT32_MAX, + "Should only call size() if init() succeeded."); + return uint32_t(fileInfo.size); + } + + // Get the mapped memory. + void* address() { MOZ_ASSERT(addr); return addr; } + const void* address() const { MOZ_ASSERT(addr); return addr; } +}; + +} // namespace devtools +} // namespace mozilla diff --git a/toolkit/devtools/server/ChromeUtils.cpp b/toolkit/devtools/server/ChromeUtils.cpp index e3093df4f25..658c07db394 100644 --- a/toolkit/devtools/server/ChromeUtils.cpp +++ b/toolkit/devtools/server/ChromeUtils.cpp @@ -8,6 +8,7 @@ #include #include +#include "mozilla/devtools/AutoMemMap.h" #include "mozilla/devtools/HeapSnapshot.h" #include "mozilla/devtools/ZeroCopyNSIOutputStream.h" #include "mozilla/Attributes.h" @@ -395,37 +396,14 @@ ChromeUtils::ReadHeapSnapshot(GlobalObject& global, return nullptr; } - PRFileInfo64 fileInfo; - if (PR_GetFileInfo64(path.get(), &fileInfo) != PR_SUCCESS) { - rv.Throw(NS_ERROR_FILE_NOT_FOUND); + AutoMemMap mm; + rv = mm.init(path.get()); + if (rv.Failed()) return nullptr; - } - uint64_t size = fileInfo.size; - ScopedFreePtr buffer(static_cast(malloc(size))); - if (!buffer) { - rv.Throw(NS_ERROR_OUT_OF_MEMORY); - return nullptr; - } - - PRFileDesc* fd = PR_Open(path.get(), PR_RDONLY, 0); - if (!fd) { - rv.Throw(NS_ERROR_UNEXPECTED); - return nullptr; - } - - uint32_t bytesRead = 0; - while (bytesRead < size) { - uint32_t bytesLeft = size - bytesRead; - int32_t bytesReadThisTime = PR_Read(fd, buffer.get() + bytesRead, bytesLeft); - if (bytesReadThisTime < 1) { - rv.Throw(NS_ERROR_UNEXPECTED); - return nullptr; - } - bytesRead += bytesReadThisTime; - } - - return HeapSnapshot::Create(cx, global, buffer.get(), size, rv); + return HeapSnapshot::Create(cx, global, + reinterpret_cast(mm.address()), + mm.size(), rv); } } // namespace devtools diff --git a/toolkit/devtools/server/moz.build b/toolkit/devtools/server/moz.build index be7bb2f520e..a4740d12e48 100644 --- a/toolkit/devtools/server/moz.build +++ b/toolkit/devtools/server/moz.build @@ -18,6 +18,7 @@ XPIDL_SOURCES += [ XPIDL_MODULE = 'jsinspector' EXPORTS.mozilla.devtools += [ + 'AutoMemMap.h', 'ChromeUtils.h', 'CoreDump.pb.h', 'DeserializedNode.h', @@ -26,6 +27,7 @@ EXPORTS.mozilla.devtools += [ ] SOURCES += [ + 'AutoMemMap.cpp', 'ChromeUtils.cpp', 'CoreDump.pb.cc', 'DeserializedNode.cpp', From ffcaa80a355466f88e1ac6f4282ed5690caf8cc9 Mon Sep 17 00:00:00 2001 From: Nick Fitzgerald Date: Wed, 10 Jun 2015 13:37:11 -0700 Subject: [PATCH 035/297] Bug 1171226 - Fix mozilla::devtools::UniqueStringHashPolicy::match for strings with the same prefix; r=jimb --- toolkit/devtools/server/HeapSnapshot.h | 4 ++- .../tests/gtest/UniqueStringHashPolicy.cpp | 25 +++++++++++++++++++ toolkit/devtools/server/tests/gtest/moz.build | 1 + 3 files changed, 29 insertions(+), 1 deletion(-) create mode 100644 toolkit/devtools/server/tests/gtest/UniqueStringHashPolicy.cpp diff --git a/toolkit/devtools/server/HeapSnapshot.h b/toolkit/devtools/server/HeapSnapshot.h index ead729a9e5b..3425dfc44fb 100644 --- a/toolkit/devtools/server/HeapSnapshot.h +++ b/toolkit/devtools/server/HeapSnapshot.h @@ -52,7 +52,9 @@ struct UniqueStringHashPolicy { static bool match(const UniqueString& existing, const Lookup& lookup) { MOZ_ASSERT(lookup.str); - return NS_strncmp(existing.get(), lookup.str, lookup.length) == 0; + if (NS_strlen(existing.get()) != lookup.length) + return false; + return memcmp(existing.get(), lookup.str, lookup.length * sizeof(char16_t)) == 0; } }; diff --git a/toolkit/devtools/server/tests/gtest/UniqueStringHashPolicy.cpp b/toolkit/devtools/server/tests/gtest/UniqueStringHashPolicy.cpp new file mode 100644 index 00000000000..3c210d5e82f --- /dev/null +++ b/toolkit/devtools/server/tests/gtest/UniqueStringHashPolicy.cpp @@ -0,0 +1,25 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2; -*- */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// Bug 1171226 - Test UniqueStringHashPolicy::match + +#include "DevTools.h" +#include "mozilla/devtools/HeapSnapshot.h" + +using mozilla::devtools::UniqueString; +using mozilla::devtools::UniqueStringHashPolicy; + +DEF_TEST(UniqueStringHashPolicy_match, { + // 1 + // 01234567890123456 + UniqueString str1(NS_strdup(MOZ_UTF16("some long string and a tail"))); + ASSERT_TRUE(!!str1); + + UniqueStringHashPolicy::Lookup lookup(MOZ_UTF16("some long string with same prefix"), 16); + + // str1 is longer than Lookup.length, so they shouldn't match, even though + // the first 16 chars are equal! + ASSERT_FALSE(UniqueStringHashPolicy::match(str1, lookup)); + }); diff --git a/toolkit/devtools/server/tests/gtest/moz.build b/toolkit/devtools/server/tests/gtest/moz.build index eb78b6ff7ed..9c601aded38 100644 --- a/toolkit/devtools/server/tests/gtest/moz.build +++ b/toolkit/devtools/server/tests/gtest/moz.build @@ -17,6 +17,7 @@ UNIFIED_SOURCES = [ 'SerializesEdgeNames.cpp', 'SerializesEverythingInHeapGraphOnce.cpp', 'SerializesTypeNames.cpp', + 'UniqueStringHashPolicy.cpp', ] FINAL_LIBRARY = 'xul-gtest' From 79b5b4070a081e8fbf1a2e200fc0f7c937252107 Mon Sep 17 00:00:00 2001 From: Nick Fitzgerald Date: Wed, 10 Jun 2015 13:37:12 -0700 Subject: [PATCH 036/297] Bug 1147684 - HeapSnapshot::NodeMap store DeserializedNodes directly, rather than UniquePtrs; r=jimb --- toolkit/devtools/server/DeserializedNode.cpp | 84 ++++++++++++-------- toolkit/devtools/server/DeserializedNode.h | 36 ++++++--- toolkit/devtools/server/HeapSnapshot.cpp | 6 +- toolkit/devtools/server/HeapSnapshot.h | 2 +- 4 files changed, 76 insertions(+), 52 deletions(-) diff --git a/toolkit/devtools/server/DeserializedNode.cpp b/toolkit/devtools/server/DeserializedNode.cpp index 9600be76a3e..420f4e9792c 100644 --- a/toolkit/devtools/server/DeserializedNode.cpp +++ b/toolkit/devtools/server/DeserializedNode.cpp @@ -49,56 +49,71 @@ DeserializedEdge::init(const protobuf::Edge& edge, HeapSnapshot& owner) return true; } -/* static */ UniquePtr -DeserializedNode::Create(const protobuf::Node& node, HeapSnapshot& owner) +DeserializedNode::DeserializedNode(DeserializedNode&& rhs) { + rhs.assertInitialized(); + + id = rhs.id; + rhs.id = 0; + + typeName = rhs.typeName; + rhs.typeName = nullptr; + + size = rhs.size; + rhs.size = 0; + + edges = Move(rhs.edges); + + owner = rhs.owner; + rhs.owner = nullptr; +} + +DeserializedNode& DeserializedNode::operator=(DeserializedNode&& rhs) +{ + MOZ_ASSERT(&rhs != this); + this->~DeserializedNode(); + new(this) DeserializedNode(Move(rhs)); + return *this; +} + +bool +DeserializedNode::init(const protobuf::Node& node, HeapSnapshot& owner) +{ + MOZ_ASSERT(this->owner == nullptr); + MOZ_ASSERT(typeName == nullptr); + + this->owner = &owner; + if (!node.has_id()) - return nullptr; - NodeId id = node.id(); + return false; + id = node.id(); if (!node.has_typename_()) - return nullptr; + return false; const char16_t* duplicatedTypeName = reinterpret_cast(node.typename_().c_str()); - const char16_t* uniqueTypeName = owner.borrowUniqueString(duplicatedTypeName, - node.typename_().length() / sizeof(char16_t)); - if (!uniqueTypeName) - return nullptr; + typeName = owner.borrowUniqueString(duplicatedTypeName, + node.typename_().length() / sizeof(char16_t)); + if (!typeName) + return false; + + if (!node.has_size()) + return false; + size = node.size(); auto edgesLength = node.edges_size(); - EdgeVector edges; if (!edges.reserve(edgesLength)) - return nullptr; + return false; for (decltype(edgesLength) i = 0; i < edgesLength; i++) { DeserializedEdge edge; if (!edge.init(node.edges(i), owner)) - return nullptr; + return false; edges.infallibleAppend(Move(edge)); } - if (!node.has_size()) - return nullptr; - uint64_t size = node.size(); - - return MakeUnique(id, - uniqueTypeName, - size, - Move(edges), - owner); + return true; } -DeserializedNode::DeserializedNode(NodeId id, - const char16_t* typeName, - uint64_t size, - EdgeVector&& edges, - HeapSnapshot& owner) - : id(id) - , typeName(typeName) - , size(size) - , edges(Move(edges)) - , owner(&owner) -{ } - DeserializedNode::DeserializedNode(NodeId id, const char16_t* typeName, uint64_t size) : id(id) , typeName(typeName) @@ -110,9 +125,10 @@ DeserializedNode::DeserializedNode(NodeId id, const char16_t* typeName, uint64_t DeserializedNode& DeserializedNode::getEdgeReferent(const DeserializedEdge& edge) { + assertInitialized(); auto ptr = owner->nodes.lookup(edge.referent); MOZ_ASSERT(ptr); - return *ptr->value(); + return ptr->value(); } } // namespace devtools diff --git a/toolkit/devtools/server/DeserializedNode.h b/toolkit/devtools/server/DeserializedNode.h index 876dec906d2..095b96806c6 100644 --- a/toolkit/devtools/server/DeserializedNode.h +++ b/toolkit/devtools/server/DeserializedNode.h @@ -57,26 +57,31 @@ struct DeserializedNode { using EdgeVector = Vector; using UniqueStringPtr = UniquePtr; - NodeId id; + NodeId id; // A borrowed reference to a string owned by this node's owning HeapSnapshot. const char16_t* typeName; - uint64_t size; - EdgeVector edges; + uint64_t size; + EdgeVector edges; // A weak pointer to this node's owning `HeapSnapshot`. Safe without // AddRef'ing because this node's lifetime is equal to that of its owner. - HeapSnapshot* owner; + HeapSnapshot* owner; - // Create a new `DeserializedNode` from the given `protobuf::Node` message. - static UniquePtr Create(const protobuf::Node& node, - HeapSnapshot& owner); - - DeserializedNode(NodeId id, - const char16_t* typeName, - uint64_t size, - EdgeVector&& edges, - HeapSnapshot& owner); + explicit DeserializedNode() + : id(0) + , typeName(nullptr) + , size(0) + , edges() + , owner(nullptr) + { } virtual ~DeserializedNode() { } + DeserializedNode(DeserializedNode&& rhs); + DeserializedNode& operator=(DeserializedNode&& rhs); + + // Initialize a new `DeserializedNode` from the given `protobuf::Node` + // message. + bool init(const protobuf::Node& node, HeapSnapshot& owner); + // Get a borrowed reference to the given edge's referent. This method is // virtual to provide a hook for gmock and gtest. virtual DeserializedNode& getEdgeReferent(const DeserializedEdge& edge); @@ -86,6 +91,11 @@ protected: DeserializedNode(NodeId id, const char16_t* typeName, uint64_t size); private: + void assertInitialized() const { + MOZ_ASSERT(owner); + MOZ_ASSERT(typeName); + } + DeserializedNode(const DeserializedNode&) = delete; DeserializedNode& operator=(const DeserializedNode&) = delete; }; diff --git a/toolkit/devtools/server/HeapSnapshot.cpp b/toolkit/devtools/server/HeapSnapshot.cpp index b4decbd036f..f23198045e9 100644 --- a/toolkit/devtools/server/HeapSnapshot.cpp +++ b/toolkit/devtools/server/HeapSnapshot.cpp @@ -98,10 +98,8 @@ parseMessage(ZeroCopyInputStream& stream, MessageType& message) bool HeapSnapshot::saveNode(const protobuf::Node& node) { - UniquePtr dn(DeserializedNode::Create(node, *this)); - if (!dn) - return false; - return nodes.put(dn->id, Move(dn)); + DeserializedNode dn; + return dn.init(node, *this) && nodes.put(dn.id, Move(dn)); } static inline bool diff --git a/toolkit/devtools/server/HeapSnapshot.h b/toolkit/devtools/server/HeapSnapshot.h index 3425dfc44fb..5f393ac7814 100644 --- a/toolkit/devtools/server/HeapSnapshot.h +++ b/toolkit/devtools/server/HeapSnapshot.h @@ -89,7 +89,7 @@ class HeapSnapshot final : public nsISupports NodeId rootId; // The set of nodes in this deserialized heap graph, keyed by id. - using NodeMap = js::HashMap>; + using NodeMap = js::HashMap; NodeMap nodes; // Core dump files have many duplicate strings: type names are repeated for From 2afc68e7ab8a4d67ca9bca70de3e0d6ad207b689 Mon Sep 17 00:00:00 2001 From: Nick Fitzgerald Date: Wed, 10 Jun 2015 13:37:12 -0700 Subject: [PATCH 037/297] Bug 1148642 - Save some memory in HeapSnapshot instances by using a HashSet with a NodeId lookup, instead of a HashMap; r=jimb --- toolkit/devtools/server/DeserializedNode.cpp | 15 ++++++++---- toolkit/devtools/server/DeserializedNode.h | 23 ++++++++++++++++++- toolkit/devtools/server/HeapSnapshot.cpp | 2 +- toolkit/devtools/server/HeapSnapshot.h | 4 ++-- .../tests/gtest/DeserializedNodeUbiNodes.cpp | 8 +++---- 5 files changed, 40 insertions(+), 12 deletions(-) diff --git a/toolkit/devtools/server/DeserializedNode.cpp b/toolkit/devtools/server/DeserializedNode.cpp index 420f4e9792c..6f3c3e7b6ca 100644 --- a/toolkit/devtools/server/DeserializedNode.cpp +++ b/toolkit/devtools/server/DeserializedNode.cpp @@ -122,13 +122,20 @@ DeserializedNode::DeserializedNode(NodeId id, const char16_t* typeName, uint64_t , owner(nullptr) { } -DeserializedNode& +JS::ubi::Node DeserializedNode::getEdgeReferent(const DeserializedEdge& edge) { assertInitialized(); auto ptr = owner->nodes.lookup(edge.referent); MOZ_ASSERT(ptr); - return ptr->value(); + + // `HashSets` only provide const access to their values, because mutating a + // value might change its hash, rendering it unfindable in the set. + // Unfortunately, the `ubi::Node` constructor requires a non-const pointer to + // its referent. However, the only aspect of a `DeserializedNode` we hash on + // is its id, which can't be changed via `ubi::Node`, so this cast can't cause + // the trouble `HashSet` is concerned a non-const reference would cause. + return JS::ubi::Node(const_cast(&*ptr)); } } // namespace devtools @@ -187,8 +194,8 @@ public: return false; } - DeserializedNode& referent = node.getEdgeReferent(*edgep); - edges.infallibleAppend(mozilla::Move(SimpleEdge(name, Node(&referent)))); + auto referent = node.getEdgeReferent(*edgep); + edges.infallibleAppend(mozilla::Move(SimpleEdge(name, referent))); } settle(); diff --git a/toolkit/devtools/server/DeserializedNode.h b/toolkit/devtools/server/DeserializedNode.h index 095b96806c6..1ebf5891a80 100644 --- a/toolkit/devtools/server/DeserializedNode.h +++ b/toolkit/devtools/server/DeserializedNode.h @@ -84,7 +84,9 @@ struct DeserializedNode { // Get a borrowed reference to the given edge's referent. This method is // virtual to provide a hook for gmock and gtest. - virtual DeserializedNode& getEdgeReferent(const DeserializedEdge& edge); + virtual JS::ubi::Node getEdgeReferent(const DeserializedEdge& edge); + + struct HashPolicy; protected: // This is only for use with `MockDeserializedNode` in testing. @@ -100,6 +102,25 @@ private: DeserializedNode& operator=(const DeserializedNode&) = delete; }; +struct DeserializedNode::HashPolicy +{ + using Lookup = NodeId; + + static js::HashNumber hash(const Lookup& lookup) { + // NodeIds are always 64 bits, but they are derived from the original + // referents' addresses, which could have been either 32 or 64 bits long. + // As such, a NodeId has little entropy in its bottom three bits, and may or + // may not have entropy in its upper 32 bits. This hash should manage both + // cases well. + uint64_t id = lookup >> 3; + return js::HashNumber((id >> 32) ^ id); + } + + static bool match(const DeserializedNode& existing, const Lookup& lookup) { + return existing.id == lookup; + } +}; + } // namespace devtools } // namespace mozilla diff --git a/toolkit/devtools/server/HeapSnapshot.cpp b/toolkit/devtools/server/HeapSnapshot.cpp index f23198045e9..6b4d4d2d0bd 100644 --- a/toolkit/devtools/server/HeapSnapshot.cpp +++ b/toolkit/devtools/server/HeapSnapshot.cpp @@ -99,7 +99,7 @@ bool HeapSnapshot::saveNode(const protobuf::Node& node) { DeserializedNode dn; - return dn.init(node, *this) && nodes.put(dn.id, Move(dn)); + return dn.init(node, *this) && nodes.putNew(dn.id, Move(dn)); } static inline bool diff --git a/toolkit/devtools/server/HeapSnapshot.h b/toolkit/devtools/server/HeapSnapshot.h index 5f393ac7814..406c73e89bc 100644 --- a/toolkit/devtools/server/HeapSnapshot.h +++ b/toolkit/devtools/server/HeapSnapshot.h @@ -89,8 +89,8 @@ class HeapSnapshot final : public nsISupports NodeId rootId; // The set of nodes in this deserialized heap graph, keyed by id. - using NodeMap = js::HashMap; - NodeMap nodes; + using NodeSet = js::HashSet; + NodeSet nodes; // Core dump files have many duplicate strings: type names are repeated for // each node, and although in theory edge names are highly customizable for diff --git a/toolkit/devtools/server/tests/gtest/DeserializedNodeUbiNodes.cpp b/toolkit/devtools/server/tests/gtest/DeserializedNodeUbiNodes.cpp index 76d7845ee7f..743c90caa2c 100644 --- a/toolkit/devtools/server/tests/gtest/DeserializedNodeUbiNodes.cpp +++ b/toolkit/devtools/server/tests/gtest/DeserializedNodeUbiNodes.cpp @@ -26,7 +26,7 @@ struct MockDeserializedNode : public DeserializedNode return edges.append(Move(edge)); } - MOCK_METHOD1(getEdgeReferent, DeserializedNode&(const DeserializedEdge&)); + MOCK_METHOD1(getEdgeReferent, JS::ubi::Node(const DeserializedEdge&)); }; size_t fakeMallocSizeOf(const void*) { @@ -65,7 +65,7 @@ DEF_TEST(DeserializedNodeUbiNodes, { getEdgeReferent(Field(&DeserializedEdge::referent, referent1->id))) .Times(1) - .WillOnce(ReturnRef(*referent1.get())); + .WillOnce(Return(JS::ubi::Node(referent1.get()))); UniquePtr referent2(new MockDeserializedNode(2, nullptr, @@ -77,7 +77,7 @@ DEF_TEST(DeserializedNodeUbiNodes, { getEdgeReferent(Field(&DeserializedEdge::referent, referent2->id))) .Times(1) - .WillOnce(ReturnRef(*referent2.get())); + .WillOnce(Return(JS::ubi::Node(referent2.get()))); UniquePtr referent3(new MockDeserializedNode(3, nullptr, @@ -89,7 +89,7 @@ DEF_TEST(DeserializedNodeUbiNodes, { getEdgeReferent(Field(&DeserializedEdge::referent, referent3->id))) .Times(1) - .WillOnce(ReturnRef(*referent3.get())); + .WillOnce(Return(JS::ubi::Node(referent3.get()))); ubi.edges(cx); }); From fc5cd65bea4e3e2f19a18c9d81e2387b6fa5ce73 Mon Sep 17 00:00:00 2001 From: Nick Fitzgerald Date: Wed, 10 Jun 2015 13:37:12 -0700 Subject: [PATCH 038/297] Bug 1147684 - Part 2: Make the DeserializedNode cosntructor infallible; r=jimb --- toolkit/devtools/server/DeserializedNode.cpp | 41 -------------------- toolkit/devtools/server/DeserializedNode.h | 25 +++++------- toolkit/devtools/server/HeapSnapshot.cpp | 34 +++++++++++++++- 3 files changed, 42 insertions(+), 58 deletions(-) diff --git a/toolkit/devtools/server/DeserializedNode.cpp b/toolkit/devtools/server/DeserializedNode.cpp index 6f3c3e7b6ca..ac617821e9f 100644 --- a/toolkit/devtools/server/DeserializedNode.cpp +++ b/toolkit/devtools/server/DeserializedNode.cpp @@ -51,8 +51,6 @@ DeserializedEdge::init(const protobuf::Edge& edge, HeapSnapshot& owner) DeserializedNode::DeserializedNode(DeserializedNode&& rhs) { - rhs.assertInitialized(); - id = rhs.id; rhs.id = 0; @@ -76,44 +74,6 @@ DeserializedNode& DeserializedNode::operator=(DeserializedNode&& rhs) return *this; } -bool -DeserializedNode::init(const protobuf::Node& node, HeapSnapshot& owner) -{ - MOZ_ASSERT(this->owner == nullptr); - MOZ_ASSERT(typeName == nullptr); - - this->owner = &owner; - - if (!node.has_id()) - return false; - id = node.id(); - - if (!node.has_typename_()) - return false; - - const char16_t* duplicatedTypeName = reinterpret_cast(node.typename_().c_str()); - typeName = owner.borrowUniqueString(duplicatedTypeName, - node.typename_().length() / sizeof(char16_t)); - if (!typeName) - return false; - - if (!node.has_size()) - return false; - size = node.size(); - - auto edgesLength = node.edges_size(); - if (!edges.reserve(edgesLength)) - return false; - for (decltype(edgesLength) i = 0; i < edgesLength; i++) { - DeserializedEdge edge; - if (!edge.init(node.edges(i), owner)) - return false; - edges.infallibleAppend(Move(edge)); - } - - return true; -} - DeserializedNode::DeserializedNode(NodeId id, const char16_t* typeName, uint64_t size) : id(id) , typeName(typeName) @@ -125,7 +85,6 @@ DeserializedNode::DeserializedNode(NodeId id, const char16_t* typeName, uint64_t JS::ubi::Node DeserializedNode::getEdgeReferent(const DeserializedEdge& edge) { - assertInitialized(); auto ptr = owner->nodes.lookup(edge.referent); MOZ_ASSERT(ptr); diff --git a/toolkit/devtools/server/DeserializedNode.h b/toolkit/devtools/server/DeserializedNode.h index 1ebf5891a80..9efedcce15a 100644 --- a/toolkit/devtools/server/DeserializedNode.h +++ b/toolkit/devtools/server/DeserializedNode.h @@ -66,22 +66,22 @@ struct DeserializedNode { // AddRef'ing because this node's lifetime is equal to that of its owner. HeapSnapshot* owner; - explicit DeserializedNode() - : id(0) - , typeName(nullptr) - , size(0) - , edges() - , owner(nullptr) + DeserializedNode(NodeId id, + const char16_t* typeName, + uint64_t size, + EdgeVector&& edges, + HeapSnapshot& owner) + : id(id) + , typeName(typeName) + , size(size) + , edges(Move(edges)) + , owner(&owner) { } virtual ~DeserializedNode() { } DeserializedNode(DeserializedNode&& rhs); DeserializedNode& operator=(DeserializedNode&& rhs); - // Initialize a new `DeserializedNode` from the given `protobuf::Node` - // message. - bool init(const protobuf::Node& node, HeapSnapshot& owner); - // Get a borrowed reference to the given edge's referent. This method is // virtual to provide a hook for gmock and gtest. virtual JS::ubi::Node getEdgeReferent(const DeserializedEdge& edge); @@ -93,11 +93,6 @@ protected: DeserializedNode(NodeId id, const char16_t* typeName, uint64_t size); private: - void assertInitialized() const { - MOZ_ASSERT(owner); - MOZ_ASSERT(typeName); - } - DeserializedNode(const DeserializedNode&) = delete; DeserializedNode& operator=(const DeserializedNode&) = delete; }; diff --git a/toolkit/devtools/server/HeapSnapshot.cpp b/toolkit/devtools/server/HeapSnapshot.cpp index 6b4d4d2d0bd..f9dd6fd1cf3 100644 --- a/toolkit/devtools/server/HeapSnapshot.cpp +++ b/toolkit/devtools/server/HeapSnapshot.cpp @@ -98,8 +98,38 @@ parseMessage(ZeroCopyInputStream& stream, MessageType& message) bool HeapSnapshot::saveNode(const protobuf::Node& node) { - DeserializedNode dn; - return dn.init(node, *this) && nodes.putNew(dn.id, Move(dn)); + if (!node.has_id()) + return false; + NodeId id = node.id(); + + if (!node.has_typename_()) + return false; + + const auto* duplicatedTypeName = reinterpret_cast( + node.typename_().c_str()); + const char16_t* typeName = borrowUniqueString( + duplicatedTypeName, + node.typename_().length() / sizeof(char16_t)); + if (!typeName) + return false; + + if (!node.has_size()) + return false; + uint64_t size = node.size(); + + auto edgesLength = node.edges_size(); + DeserializedNode::EdgeVector edges; + if (!edges.reserve(edgesLength)) + return false; + for (decltype(edgesLength) i = 0; i < edgesLength; i++) { + DeserializedEdge edge; + if (!edge.init(node.edges(i), *this)) + return false; + edges.infallibleAppend(Move(edge)); + } + + DeserializedNode dn(id, typeName, size, Move(edges), *this); + return nodes.putNew(id, Move(dn)); } static inline bool From dccd0184ddd0bb5afc1b47d1075c8f9bea2ffec9 Mon Sep 17 00:00:00 2001 From: Ben Kelly Date: Wed, 10 Jun 2015 13:39:42 -0700 Subject: [PATCH 039/297] Bug 1173361 Make ServiceWorkerRegisterJob::Start() call Done() async. r=nsm --- dom/workers/ServiceWorkerManager.cpp | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/dom/workers/ServiceWorkerManager.cpp b/dom/workers/ServiceWorkerManager.cpp index 3092eb144ee..4346c6d0f8d 100644 --- a/dom/workers/ServiceWorkerManager.cpp +++ b/dom/workers/ServiceWorkerManager.cpp @@ -874,7 +874,15 @@ public: mRegistration->mPendingUninstall = false; swm->StoreRegistration(mPrincipal, mRegistration); Succeed(); - Done(NS_OK); + + // Done() must always be called async from Start() + nsCOMPtr runnable = + NS_NewRunnableMethodWithArg( + this, + &ServiceWorkerRegisterJob::Done, + NS_OK); + MOZ_ALWAYS_TRUE(NS_SUCCEEDED(NS_DispatchToCurrentThread(runnable))); + return; } } else { From e9f7834cd40895b693102030d73f8aba93c2f839 Mon Sep 17 00:00:00 2001 From: Jan Varga Date: Wed, 10 Jun 2015 22:48:06 +0200 Subject: [PATCH 040/297] Bug 1170746 - Getting mutable files over a cursor crashes the browser; r=bent --- dom/indexedDB/ActorsChild.cpp | 2 + dom/indexedDB/test/mochitest.ini | 2 + .../test/test_filehandle_iteration.html | 77 +++++++++++++++++++ 3 files changed, 81 insertions(+) create mode 100644 dom/indexedDB/test/test_filehandle_iteration.html diff --git a/dom/indexedDB/ActorsChild.cpp b/dom/indexedDB/ActorsChild.cpp index 008ed9e8e8a..1212f1914e7 100644 --- a/dom/indexedDB/ActorsChild.cpp +++ b/dom/indexedDB/ActorsChild.cpp @@ -2518,6 +2518,7 @@ BackgroundCursorChild::HandleResponse( auto& response = const_cast(aResponse); StructuredCloneReadInfo cloneReadInfo(Move(response.cloneInfo())); + cloneReadInfo.mDatabase = mTransaction->Database(); ConvertActorsToBlobs(mTransaction->Database(), response.cloneInfo(), @@ -2579,6 +2580,7 @@ BackgroundCursorChild::HandleResponse(const IndexCursorResponse& aResponse) auto& response = const_cast(aResponse); StructuredCloneReadInfo cloneReadInfo(Move(response.cloneInfo())); + cloneReadInfo.mDatabase = mTransaction->Database(); ConvertActorsToBlobs(mTransaction->Database(), aResponse.cloneInfo(), diff --git a/dom/indexedDB/test/mochitest.ini b/dom/indexedDB/test/mochitest.ini index 0e2444dc614..5bcd57f5513 100644 --- a/dom/indexedDB/test/mochitest.ini +++ b/dom/indexedDB/test/mochitest.ini @@ -195,6 +195,8 @@ skip-if = buildapp == 'b2g' || buildapp == 'mulet' || e10s skip-if = buildapp == 'b2g' || buildapp == 'mulet' || e10s [test_filehandle_getFile.html] # FileHandle is not supported in child processes. +[test_filehandle_iteration.html] +# FileHandle is not supported in child processes. skip-if = buildapp == 'b2g' || buildapp == 'mulet' || e10s [test_filehandle_lifetimes.html] # FileHandle is not supported in child processes. diff --git a/dom/indexedDB/test/test_filehandle_iteration.html b/dom/indexedDB/test/test_filehandle_iteration.html new file mode 100644 index 00000000000..ebbc8b8beff --- /dev/null +++ b/dom/indexedDB/test/test_filehandle_iteration.html @@ -0,0 +1,77 @@ + + + + Indexed Database Property Test + + + + + + + + + + + + From 90f8eca050ebc6c6bb4f3746531073630302a795 Mon Sep 17 00:00:00 2001 From: Nicholas Nethercote Date: Wed, 10 Jun 2015 13:07:40 -0700 Subject: [PATCH 041/297] Bug 1171830 - Remove PL_DHashTableEnumerator use from nsDocLoader. r=smaug. --- uriloader/base/nsDocLoader.cpp | 40 +++++++++------------------------- uriloader/base/nsDocLoader.h | 3 --- 2 files changed, 10 insertions(+), 33 deletions(-) diff --git a/uriloader/base/nsDocLoader.cpp b/uriloader/base/nsDocLoader.cpp index 240c817570a..cd85b439635 100644 --- a/uriloader/base/nsDocLoader.cpp +++ b/uriloader/base/nsDocLoader.cpp @@ -1343,43 +1343,23 @@ nsDocLoader::nsRequestInfo* nsDocLoader::GetRequestInfo(nsIRequest* aRequest) (PL_DHashTableSearch(&mRequestInfoHash, aRequest)); } -// PLDHashTable enumeration callback that just removes every entry -// from the hash. -static PLDHashOperator -RemoveInfoCallback(PLDHashTable *table, PLDHashEntryHdr *hdr, uint32_t number, - void *arg) -{ - return PL_DHASH_REMOVE; -} - void nsDocLoader::ClearRequestInfoHash(void) { - PL_DHashTableEnumerate(&mRequestInfoHash, RemoveInfoCallback, nullptr); -} - -// PLDHashTable enumeration callback that calculates the max progress. -PLDHashOperator -nsDocLoader::CalcMaxProgressCallback(PLDHashTable* table, PLDHashEntryHdr* hdr, - uint32_t number, void* arg) -{ - const nsRequestInfo* info = static_cast(hdr); - int64_t* max = static_cast(arg); - - if (info->mMaxProgress < info->mCurrentProgress) { - *max = int64_t(-1); - - return PL_DHASH_STOP; - } - - *max += info->mMaxProgress; - - return PL_DHASH_NEXT; + mRequestInfoHash.Clear(); } int64_t nsDocLoader::CalculateMaxProgress() { int64_t max = mCompletedTotalProgress; - PL_DHashTableEnumerate(&mRequestInfoHash, CalcMaxProgressCallback, &max); + PLDHashTable::Iterator iter(&mRequestInfoHash); + while (iter.HasMoreEntries()) { + auto info = static_cast(iter.NextEntry()); + + if (info->mMaxProgress < info->mCurrentProgress) { + return int64_t(-1); + } + max += info->mMaxProgress; + } return max; } diff --git a/uriloader/base/nsDocLoader.h b/uriloader/base/nsDocLoader.h index 087d57641df..49521c6edbe 100644 --- a/uriloader/base/nsDocLoader.h +++ b/uriloader/base/nsDocLoader.h @@ -324,9 +324,6 @@ private: nsRequestInfo *GetRequestInfo(nsIRequest* aRequest); void ClearRequestInfoHash(); int64_t CalculateMaxProgress(); - static PLDHashOperator CalcMaxProgressCallback(PLDHashTable* table, - PLDHashEntryHdr* hdr, - uint32_t number, void* arg); /// void DumpChannelInfo(void); // used to clear our internal progress state between loads... From f87ccde2a207d948e80dc3d12c88ec3b6d79fc9b Mon Sep 17 00:00:00 2001 From: Nicholas Nethercote Date: Mon, 8 Jun 2015 16:07:46 -0700 Subject: [PATCH 042/297] Bug 1171832 - Remove PL_DHashTableEnumerator use from nsDocument. r=smaug. --- dom/base/nsDocument.cpp | 130 ++++++++++++++-------------------------- 1 file changed, 44 insertions(+), 86 deletions(-) diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp index 0a03224f166..7d27db58795 100644 --- a/dom/base/nsDocument.cpp +++ b/dom/base/nsDocument.cpp @@ -711,17 +711,6 @@ public: nsIDocument *mSubDocument; }; -struct FindContentData -{ - explicit FindContentData(nsIDocument* aSubDoc) - : mSubDocument(aSubDoc), mResult(nullptr) - { - } - - nsISupports *mSubDocument; - Element *mResult; -}; - /** * A struct that holds all the information about a radio group. @@ -1858,22 +1847,6 @@ NS_IMPL_CYCLE_COLLECTION_CAN_SKIP_THIS_BEGIN(nsDocument) return Element::CanSkipThis(tmp); NS_IMPL_CYCLE_COLLECTION_CAN_SKIP_THIS_END -static PLDHashOperator -SubDocTraverser(PLDHashTable *table, PLDHashEntryHdr *hdr, uint32_t number, - void *arg) -{ - SubDocMapEntry *entry = static_cast(hdr); - nsCycleCollectionTraversalCallback *cb = - static_cast(arg); - - NS_CYCLE_COLLECTION_NOTE_EDGE_NAME(*cb, "mSubDocuments entry->mKey"); - cb->NoteXPCOMChild(entry->mKey); - NS_CYCLE_COLLECTION_NOTE_EDGE_NAME(*cb, "mSubDocuments entry->mSubDocument"); - cb->NoteXPCOMChild(entry->mSubDocument); - - return PL_DHASH_NEXT; -} - static PLDHashOperator RadioGroupsTraverser(const nsAString& aKey, nsRadioGroupStruct* aData, void* aClosure) @@ -2033,7 +2006,17 @@ NS_IMPL_CYCLE_COLLECTION_TRAVERSE_BEGIN_INTERNAL(nsDocument) } if (tmp->mSubDocuments) { - PL_DHashTableEnumerate(tmp->mSubDocuments, SubDocTraverser, &cb); + PLDHashTable::Iterator iter(tmp->mSubDocuments); + while (iter.HasMoreEntries()) { + auto entry = static_cast(iter.NextEntry()); + + NS_CYCLE_COLLECTION_NOTE_EDGE_NAME(cb, + "mSubDocuments entry->mKey"); + cb.NoteXPCOMChild(entry->mKey); + NS_CYCLE_COLLECTION_NOTE_EDGE_NAME(cb, + "mSubDocuments entry->mSubDocument"); + cb.NoteXPCOMChild(entry->mSubDocument); + } } NS_IMPL_CYCLE_COLLECTION_TRAVERSE(mCSSLoader) @@ -4031,22 +4014,6 @@ nsDocument::GetSubDocumentFor(nsIContent *aContent) const return nullptr; } -static PLDHashOperator -FindContentEnumerator(PLDHashTable *table, PLDHashEntryHdr *hdr, - uint32_t number, void *arg) -{ - SubDocMapEntry *entry = static_cast(hdr); - FindContentData *data = static_cast(arg); - - if (entry->mSubDocument == data->mSubDocument) { - data->mResult = entry->mKey; - - return PL_DHASH_STOP; - } - - return PL_DHASH_NEXT; -} - Element* nsDocument::FindContentForSubDocument(nsIDocument *aDocument) const { @@ -4056,10 +4023,14 @@ nsDocument::FindContentForSubDocument(nsIDocument *aDocument) const return nullptr; } - FindContentData data(aDocument); - PL_DHashTableEnumerate(mSubDocuments, FindContentEnumerator, &data); - - return data.mResult; + PLDHashTable::Iterator iter(mSubDocuments); + while (iter.HasMoreEntries()) { + auto entry = static_cast(iter.NextEntry()); + if (entry->mSubDocument == aDocument) { + return entry->mKey; + } + } + return nullptr; } bool @@ -8739,45 +8710,22 @@ struct SubDocEnumArgs void *data; }; -static PLDHashOperator -SubDocHashEnum(PLDHashTable *table, PLDHashEntryHdr *hdr, - uint32_t number, void *arg) -{ - SubDocMapEntry *entry = static_cast(hdr); - SubDocEnumArgs *args = static_cast(arg); - - nsIDocument *subdoc = entry->mSubDocument; - bool next = subdoc ? args->callback(subdoc, args->data) : true; - - return next ? PL_DHASH_NEXT : PL_DHASH_STOP; -} - void nsDocument::EnumerateSubDocuments(nsSubDocEnumFunc aCallback, void *aData) { - if (mSubDocuments) { - SubDocEnumArgs args = { aCallback, aData }; - PL_DHashTableEnumerate(mSubDocuments, SubDocHashEnum, &args); - } -} - -static PLDHashOperator -CanCacheSubDocument(PLDHashTable *table, PLDHashEntryHdr *hdr, - uint32_t number, void *arg) -{ - SubDocMapEntry *entry = static_cast(hdr); - bool *canCacheArg = static_cast(arg); - - nsIDocument *subdoc = entry->mSubDocument; - - // The aIgnoreRequest we were passed is only for us, so don't pass it on. - bool canCache = subdoc ? subdoc->CanSavePresentation(nullptr) : false; - if (!canCache) { - *canCacheArg = false; - return PL_DHASH_STOP; + if (!mSubDocuments) { + return; } - return PL_DHASH_NEXT; + PLDHashTable::Iterator iter(mSubDocuments); + while (iter.HasMoreEntries()) { + auto entry = static_cast(iter.NextEntry()); + nsIDocument* subdoc = entry->mSubDocument; + bool next = subdoc ? aCallback(subdoc, aData) : true; + if (!next) { + break; + } + } } #ifdef DEBUG_bryner @@ -8878,11 +8826,21 @@ nsDocument::CanSavePresentation(nsIRequest *aNewRequest) return false; } - bool canCache = true; - if (mSubDocuments) - PL_DHashTableEnumerate(mSubDocuments, CanCacheSubDocument, &canCache); + if (mSubDocuments) { + PLDHashTable::Iterator iter(mSubDocuments); + while (iter.HasMoreEntries()) { + auto entry = static_cast(iter.NextEntry()); + nsIDocument* subdoc = entry->mSubDocument; - return canCache; + // The aIgnoreRequest we were passed is only for us, so don't pass it on. + bool canCache = subdoc ? subdoc->CanSavePresentation(nullptr) : false; + if (!canCache) { + return false; + } + } + } + + return true; } void From 015cb7815dbdbb93a2011250b32deb6bcd74e044 Mon Sep 17 00:00:00 2001 From: Nicholas Nethercote Date: Mon, 8 Jun 2015 16:01:23 -0700 Subject: [PATCH 043/297] Bug 1171833 - Remove PL_DHashTableEnumerator use from nsPropertyTable. r=smaug. --- dom/base/nsPropertyTable.cpp | 50 ++++++++++-------------------------- 1 file changed, 14 insertions(+), 36 deletions(-) diff --git a/dom/base/nsPropertyTable.cpp b/dom/base/nsPropertyTable.cpp index 0b34167d9af..a0524d191eb 100644 --- a/dom/base/nsPropertyTable.cpp +++ b/dom/base/nsPropertyTable.cpp @@ -133,30 +133,16 @@ nsPropertyTable::Enumerate(nsPropertyOwner aObject, } } -struct PropertyEnumeratorData -{ - nsIAtom* mName; - NSPropertyFunc mCallBack; - void* mData; -}; - -static PLDHashOperator -PropertyEnumerator(PLDHashTable* aTable, PLDHashEntryHdr* aHdr, - uint32_t aNumber, void* aArg) -{ - PropertyListMapEntry* entry = static_cast(aHdr); - PropertyEnumeratorData* data = static_cast(aArg); - data->mCallBack(const_cast(entry->key), data->mName, entry->value, - data->mData); - return PL_DHASH_NEXT; -} - void nsPropertyTable::EnumerateAll(NSPropertyFunc aCallBack, void* aData) { for (PropertyList* prop = mPropertyList; prop; prop = prop->mNext) { - PropertyEnumeratorData data = { prop->mName, aCallBack, aData }; - PL_DHashTableEnumerate(&prop->mObjectValueMap, PropertyEnumerator, &data); + PLDHashTable::Iterator iter(&prop->mObjectValueMap); + while (iter.HasMoreEntries()) { + auto entry = static_cast(iter.NextEntry()); + aCallBack(const_cast(entry->key), prop->mName, entry->value, + aData); + } } } @@ -294,25 +280,17 @@ nsPropertyTable::PropertyList::~PropertyList() { } -static PLDHashOperator -DestroyPropertyEnumerator(PLDHashTable *table, PLDHashEntryHdr *hdr, - uint32_t number, void *arg) -{ - nsPropertyTable::PropertyList *propList = - static_cast(arg); - PropertyListMapEntry* entry = static_cast(hdr); - - propList->mDtorFunc(const_cast(entry->key), propList->mName, - entry->value, propList->mDtorData); - return PL_DHASH_NEXT; -} - void nsPropertyTable::PropertyList::Destroy() { - // Enumerate any remaining object/value pairs and destroy the value object - if (mDtorFunc) - PL_DHashTableEnumerate(&mObjectValueMap, DestroyPropertyEnumerator, this); + // Enumerate any remaining object/value pairs and destroy the value object. + if (mDtorFunc) { + PLDHashTable::Iterator iter(&mObjectValueMap); + while (iter.HasMoreEntries()) { + auto entry = static_cast(iter.NextEntry()); + mDtorFunc(const_cast(entry->key), mName, entry->value, mDtorData); + } + } } bool From eb9562d3edfffad39f4cbda6f70e5a17b3f41d8c Mon Sep 17 00:00:00 2001 From: Nathan Froyd Date: Fri, 5 Jun 2015 11:05:34 -0400 Subject: [PATCH 044/297] Bug 1158871 - use new-style __atomic_* primitives in cairo; r=jrmuizel,ted.mielczarek This patch is derived from upstream commit 5d150ee111c222f09e78f4f88540964476327844, without the build/ parts, which we don't use. In lieu of the build/ parts in the original patch, we set the appropriate configuration bit manually in moz.build. --- gfx/cairo/README | 2 + gfx/cairo/cairo/src/cairo-atomic-private.h | 90 +++++++++++++ gfx/cairo/cairo/src/moz.build | 2 +- .../support-new-style-atomic-primitives.patch | 121 ++++++++++++++++++ 4 files changed, 214 insertions(+), 1 deletion(-) create mode 100644 gfx/cairo/support-new-style-atomic-primitives.patch diff --git a/gfx/cairo/README b/gfx/cairo/README index c2022d0c63a..154e2672710 100644 --- a/gfx/cairo/README +++ b/gfx/cairo/README @@ -242,6 +242,8 @@ win32-d3dsurface9.patch: Create a win32 d3d9 surface to support LockRect win32-avoid-extend-pad-fallback: Avoid falling back to pixman when using EXTEND_PAD +support-new-style-atomic-primitives.patch: Support the __atomic_* primitives for atomic operations + ==== disable printing patch ==== disable-printing.patch: allows us to use NS_PRINTING to disable printing. diff --git a/gfx/cairo/cairo/src/cairo-atomic-private.h b/gfx/cairo/cairo/src/cairo-atomic-private.h index 8d02ec948cb..dd42a8ad135 100644 --- a/gfx/cairo/cairo/src/cairo-atomic-private.h +++ b/gfx/cairo/cairo/src/cairo-atomic-private.h @@ -53,6 +53,96 @@ CAIRO_BEGIN_DECLS +/* C++11 atomic primitives were designed to be more flexible than the + * __sync_* family of primitives. Despite the name, they are available + * in C as well as C++. The motivating reason for using them is that + * for _cairo_atomic_{int,ptr}_get, the compiler is able to see that + * the load is intended to be atomic, as opposed to the __sync_* + * version, below, where the load looks like a plain load. Having + * the load appear atomic to the compiler is particular important for + * tools like ThreadSanitizer so they don't report false positives on + * memory operations that we intend to be atomic. + */ +#if HAVE_CXX11_ATOMIC_PRIMITIVES + +#define HAS_ATOMIC_OPS 1 + +typedef int cairo_atomic_int_t; + +static cairo_always_inline cairo_atomic_int_t +_cairo_atomic_int_get (cairo_atomic_int_t *x) +{ + return __atomic_load_n(x, __ATOMIC_SEQ_CST); +} + +static cairo_always_inline void * +_cairo_atomic_ptr_get (void **x) +{ + return __atomic_load_n(x, __ATOMIC_SEQ_CST); +} + +# define _cairo_atomic_int_inc(x) ((void) __atomic_fetch_add(x, 1, __ATOMIC_SEQ_CST)) +# define _cairo_atomic_int_dec(x) ((void) __atomic_fetch_sub(x, 1, __ATOMIC_SEQ_CST)) +# define _cairo_atomic_int_dec_and_test(x) (__atomic_fetch_sub(x, 1, __ATOMIC_SEQ_CST) == 1) + +#if SIZEOF_VOID_P==SIZEOF_INT +typedef int cairo_atomic_intptr_t; +#elif SIZEOF_VOID_P==SIZEOF_LONG +typedef long cairo_atomic_intptr_t; +#elif SIZEOF_VOID_P==SIZEOF_LONG_LONG +typedef long long cairo_atomic_intptr_t; +#else +#error No matching integer pointer type +#endif + +static cairo_always_inline cairo_bool_t +_cairo_atomic_int_cmpxchg_impl(cairo_atomic_int_t *x, + cairo_atomic_int_t oldv, + cairo_atomic_int_t newv) +{ + cairo_atomic_int_t expected = oldv; + return __atomic_compare_exchange_n(x, &expected, newv, 0, __ATOMIC_SEQ_CST, __ATOMIC_SEQ_CST); +} + +#define _cairo_atomic_int_cmpxchg(x, oldv, newv) \ + _cairo_atomic_int_cmpxchg_impl(x, oldv, newv) + +static cairo_always_inline cairo_atomic_int_t +_cairo_atomic_int_cmpxchg_return_old_impl(cairo_atomic_int_t *x, + cairo_atomic_int_t oldv, + cairo_atomic_int_t newv) +{ + cairo_atomic_int_t expected = oldv; + (void) __atomic_compare_exchange_n(x, &expected, newv, 0, __ATOMIC_SEQ_CST, __ATOMIC_SEQ_CST); + return expected; +} + +#define _cairo_atomic_int_cmpxchg_return_old(x, oldv, newv) \ + _cairo_atomic_int_cmpxchg_return_old_impl(x, oldv, newv) + +static cairo_always_inline cairo_bool_t +_cairo_atomic_ptr_cmpxchg_impl(void **x, void *oldv, void *newv) +{ + void *expected = oldv; + return __atomic_compare_exchange_n(x, &expected, newv, 0, __ATOMIC_SEQ_CST, __ATOMIC_SEQ_CST); +} + +#define _cairo_atomic_ptr_cmpxchg(x, oldv, newv) \ + _cairo_atomic_ptr_cmpxchg_impl(x, oldv, newv) + +static cairo_always_inline void * +_cairo_atomic_ptr_cmpxchg_return_old_impl(void **x, void *oldv, void *newv) +{ + void *expected = oldv; + (void) __atomic_compare_exchange_n(x, &expected, newv, 0, __ATOMIC_SEQ_CST, __ATOMIC_SEQ_CST); + return expected; +} + +#define _cairo_atomic_ptr_cmpxchg_return_old(x, oldv, newv) \ + _cairo_atomic_ptr_cmpxchg_return_old_impl(x, oldv, newv) + +#endif + #if HAVE_INTEL_ATOMIC_PRIMITIVES #define HAS_ATOMIC_OPS 1 diff --git a/gfx/cairo/cairo/src/moz.build b/gfx/cairo/cairo/src/moz.build index 3fd0129f6b9..9e5ec88713b 100644 --- a/gfx/cairo/cairo/src/moz.build +++ b/gfx/cairo/cairo/src/moz.build @@ -198,7 +198,7 @@ for var in ('MOZ_TREE_CAIRO', 'MOZ_TREE_PIXMAN'): DEFINES[var] = True if CONFIG['GNU_CC']: - DEFINES['HAVE_INTEL_ATOMIC_PRIMITIVES'] = True + DEFINES['HAVE_CXX11_ATOMIC_PRIMITIVES'] = True # We would normally use autoconf to set these up, using AC_CHECK_SIZEOF. # But AC_CHECK_SIZEOF requires running programs to determine the sizes, # and that doesn't work so well with cross-compiling. So instead we diff --git a/gfx/cairo/support-new-style-atomic-primitives.patch b/gfx/cairo/support-new-style-atomic-primitives.patch new file mode 100644 index 00000000000..1830a4691f0 --- /dev/null +++ b/gfx/cairo/support-new-style-atomic-primitives.patch @@ -0,0 +1,121 @@ +From 5d150ee111c222f09e78f4f88540964476327844 Mon Sep 17 00:00:00 2001 +From: Nathan Froyd +Date: Mon, 4 May 2015 13:38:41 -0400 +Subject: Support new-style __atomic_* primitives + +Recent versions of GCC/clang feature a new set of compiler intrinsics +for performing atomic operations, motivated by the operations needed to +support the C++11 memory model. These intrinsics are more flexible than +the old __sync_* intrinstics and offer efficient support for atomic load +and store operations. + +Having the load appear atomic to the compiler is particular important +for tools like ThreadSanitizer so they don't report false positives on +memory operations that we intend to be atomic. + +Patch from Nathan Froyd + +diff --git a/src/cairo-atomic-private.h b/src/cairo-atomic-private.h +index 327fed1..11b2887 100644 +--- a/src/cairo-atomic-private.h ++++ b/src/cairo-atomic-private.h +@@ -53,6 +53,96 @@ + + CAIRO_BEGIN_DECLS + ++/* C++11 atomic primitives were designed to be more flexible than the ++ * __sync_* family of primitives. Despite the name, they are available ++ * in C as well as C++. The motivating reason for using them is that ++ * for _cairo_atomic_{int,ptr}_get, the compiler is able to see that ++ * the load is intended to be atomic, as opposed to the __sync_* ++ * version, below, where the load looks like a plain load. Having ++ * the load appear atomic to the compiler is particular important for ++ * tools like ThreadSanitizer so they don't report false positives on ++ * memory operations that we intend to be atomic. ++ */ ++#if HAVE_CXX11_ATOMIC_PRIMITIVES ++ ++#define HAS_ATOMIC_OPS 1 ++ ++typedef int cairo_atomic_int_t; ++ ++static cairo_always_inline cairo_atomic_int_t ++_cairo_atomic_int_get (cairo_atomic_int_t *x) ++{ ++ return __atomic_load_n(x, __ATOMIC_SEQ_CST); ++} ++ ++static cairo_always_inline void * ++_cairo_atomic_ptr_get (void **x) ++{ ++ return __atomic_load_n(x, __ATOMIC_SEQ_CST); ++} ++ ++# define _cairo_atomic_int_inc(x) ((void) __atomic_fetch_add(x, 1, __ATOMIC_SEQ_CST)) ++# define _cairo_atomic_int_dec(x) ((void) __atomic_fetch_sub(x, 1, __ATOMIC_SEQ_CST)) ++# define _cairo_atomic_int_dec_and_test(x) (__atomic_fetch_sub(x, 1, __ATOMIC_SEQ_CST) == 1) ++ ++#if SIZEOF_VOID_P==SIZEOF_INT ++typedef int cairo_atomic_intptr_t; ++#elif SIZEOF_VOID_P==SIZEOF_LONG ++typedef long cairo_atomic_intptr_t; ++#elif SIZEOF_VOID_P==SIZEOF_LONG_LONG ++typedef long long cairo_atomic_intptr_t; ++#else ++#error No matching integer pointer type ++#endif ++ ++static cairo_always_inline cairo_bool_t ++_cairo_atomic_int_cmpxchg_impl(cairo_atomic_int_t *x, ++ cairo_atomic_int_t oldv, ++ cairo_atomic_int_t newv) ++{ ++ cairo_atomic_int_t expected = oldv; ++ return __atomic_compare_exchange_n(x, &expected, newv, 0, __ATOMIC_SEQ_CST, __ATOMIC_SEQ_CST); ++} ++ ++#define _cairo_atomic_int_cmpxchg(x, oldv, newv) \ ++ _cairo_atomic_int_cmpxchg_impl(x, oldv, newv) ++ ++static cairo_always_inline cairo_atomic_int_t ++_cairo_atomic_int_cmpxchg_return_old_impl(cairo_atomic_int_t *x, ++ cairo_atomic_int_t oldv, ++ cairo_atomic_int_t newv) ++{ ++ cairo_atomic_int_t expected = oldv; ++ (void) __atomic_compare_exchange_n(x, &expected, newv, 0, __ATOMIC_SEQ_CST, __ATOMIC_SEQ_CST); ++ return expected; ++} ++ ++#define _cairo_atomic_int_cmpxchg_return_old(x, oldv, newv) \ ++ _cairo_atomic_int_cmpxchg_return_old_impl(x, oldv, newv) ++ ++static cairo_always_inline cairo_bool_t ++_cairo_atomic_ptr_cmpxchg_impl(void **x, void *oldv, void *newv) ++{ ++ void *expected = oldv; ++ return __atomic_compare_exchange_n(x, &expected, newv, 0, __ATOMIC_SEQ_CST, __ATOMIC_SEQ_CST); ++} ++ ++#define _cairo_atomic_ptr_cmpxchg(x, oldv, newv) \ ++ _cairo_atomic_ptr_cmpxchg_impl(x, oldv, newv) ++ ++static cairo_always_inline void * ++_cairo_atomic_ptr_cmpxchg_return_old_impl(void **x, void *oldv, void *newv) ++{ ++ void *expected = oldv; ++ (void) __atomic_compare_exchange_n(x, &expected, newv, 0, __ATOMIC_SEQ_CST, __ATOMIC_SEQ_CST); ++ return expected; ++} ++ ++#define _cairo_atomic_ptr_cmpxchg_return_old(x, oldv, newv) \ ++ _cairo_atomic_ptr_cmpxchg_return_old_impl(x, oldv, newv) ++ ++#endif ++ + #if HAVE_INTEL_ATOMIC_PRIMITIVES + + #define HAS_ATOMIC_OPS 1 +-- +cgit v0.10.2 + From 89fef421fd4d7dea65525ab62fb6f9c53503dbdc Mon Sep 17 00:00:00 2001 From: Nick Fitzgerald Date: Wed, 10 Jun 2015 14:05:52 -0700 Subject: [PATCH 045/297] Bug 1141614 - Part 1: Maintain a list of docshells whose timeline markers are being observed; r=smaug --- docshell/base/nsDocShell.cpp | 19 +++++++++++------ docshell/base/nsDocShell.h | 41 +++++++++++++++++++++++++++++++++--- 2 files changed, 51 insertions(+), 9 deletions(-) diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp index 2a839b0b906..f5bcd8cdd69 100644 --- a/docshell/base/nsDocShell.cpp +++ b/docshell/base/nsDocShell.cpp @@ -944,7 +944,7 @@ nsDocShell::nsDocShell() nsDocShell::~nsDocShell() { - MOZ_ASSERT(!mProfileTimelineRecording); + MOZ_ASSERT(!IsObserved()); Destroy(); @@ -2927,6 +2927,8 @@ nsDocShell::HistoryTransactionRemoved(int32_t aIndex) unsigned long nsDocShell::gProfileTimelineRecordingsCount = 0; +mozilla::LinkedList* nsDocShell::gObservedDocShells = nullptr; + NS_IMETHODIMP nsDocShell::SetRecordProfileTimelineMarkers(bool aValue) { @@ -2935,11 +2937,16 @@ nsDocShell::SetRecordProfileTimelineMarkers(bool aValue) if (aValue) { ++gProfileTimelineRecordingsCount; UseEntryScriptProfiling(); - mProfileTimelineRecording = true; + + MOZ_ASSERT(!mObserved); + mObserved.reset(new ObservedDocShell(this)); + GetOrCreateObservedDocShells().insertFront(mObserved.get()); } else { --gProfileTimelineRecordingsCount; UnuseEntryScriptProfiling(); - mProfileTimelineRecording = false; + + mObserved.reset(nullptr); + ClearProfileTimelineMarkers(); } } @@ -2950,7 +2957,7 @@ nsDocShell::SetRecordProfileTimelineMarkers(bool aValue) NS_IMETHODIMP nsDocShell::GetRecordProfileTimelineMarkers(bool* aValue) { - *aValue = mProfileTimelineRecording; + *aValue = IsObserved(); return NS_OK; } @@ -3090,7 +3097,7 @@ void nsDocShell::AddProfileTimelineMarker(const char* aName, TracingMetadata aMetaData) { - if (mProfileTimelineRecording) { + if (IsObserved()) { TimelineMarker* marker = new TimelineMarker(this, aName, aMetaData); mProfileTimelineMarkers.AppendElement(marker); } @@ -3099,7 +3106,7 @@ nsDocShell::AddProfileTimelineMarker(const char* aName, void nsDocShell::AddProfileTimelineMarker(UniquePtr&& aMarker) { - if (mProfileTimelineRecording) { + if (IsObserved()) { mProfileTimelineMarkers.AppendElement(Move(aMarker)); } } diff --git a/docshell/base/nsDocShell.h b/docshell/base/nsDocShell.h index 7c6d1cad70b..3f376c39905 100644 --- a/docshell/base/nsDocShell.h +++ b/docshell/base/nsDocShell.h @@ -23,6 +23,7 @@ #include "mozilla/TimeStamp.h" #include "GeckoProfiler.h" #include "mozilla/dom/ProfileTimelineMarkerBinding.h" +#include "mozilla/LinkedList.h" #include "jsapi.h" // Helper Classes @@ -266,6 +267,43 @@ public: // timeline markers static unsigned long gProfileTimelineRecordingsCount; + class ObservedDocShell : public mozilla::LinkedListElement + { + public: + explicit ObservedDocShell(nsDocShell* aDocShell) + : mDocShell(aDocShell) + { } + + nsDocShell* operator*() const { return mDocShell.get(); } + + private: + nsRefPtr mDocShell; + }; + +private: + static mozilla::LinkedList* gObservedDocShells; + + static mozilla::LinkedList& GetOrCreateObservedDocShells() + { + if (!gObservedDocShells) { + gObservedDocShells = new mozilla::LinkedList(); + } + return *gObservedDocShells; + } + + // Never null if timeline markers are being observed. + mozilla::UniquePtr mObserved; + + // Return true if timeline markers are being observed for this docshell. False + // otherwise. + bool IsObserved() const { return !!mObserved; } + +public: + static const mozilla::LinkedList& GetObservedDocShells() + { + return GetOrCreateObservedDocShells(); + } + // Tell the favicon service that aNewURI has the same favicon as aOldURI. static void CopyFavicon(nsIURI* aOldURI, nsIURI* aNewURI, @@ -973,9 +1011,6 @@ private: // has been called without a matching NotifyRunToCompletionStop. uint32_t mJSRunToCompletionDepth; - // True if recording profiles. - bool mProfileTimelineRecording; - nsTArray> mProfileTimelineMarkers; // Get rid of all the timeline markers accumulated so far From 629eb420acfd9181b08f1d5e0563e0e68fc4ab12 Mon Sep 17 00:00:00 2001 From: Nick Fitzgerald Date: Wed, 10 Jun 2015 14:05:53 -0700 Subject: [PATCH 046/297] Bug 1141614 - Part 2: Add mozilla::AutoGlobalTimelineMarker; r=smaug --- docshell/base/AutoTimelineMarker.cpp | 105 +++++++++++++++++++++++++++ docshell/base/AutoTimelineMarker.h | 79 ++++++++++++-------- docshell/base/moz.build | 1 + 3 files changed, 154 insertions(+), 31 deletions(-) create mode 100644 docshell/base/AutoTimelineMarker.cpp diff --git a/docshell/base/AutoTimelineMarker.cpp b/docshell/base/AutoTimelineMarker.cpp new file mode 100644 index 00000000000..5a2027d9741 --- /dev/null +++ b/docshell/base/AutoTimelineMarker.cpp @@ -0,0 +1,105 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "mozilla/AutoTimelineMarker.h" + +#include "MainThreadUtils.h" +#include "nsDocShell.h" +#include "mozilla/Move.h" + +namespace mozilla { + +bool +AutoTimelineMarker::DocShellIsRecording(nsDocShell& aDocShell) +{ + bool isRecording = false; + if (nsDocShell::gProfileTimelineRecordingsCount > 0) { + aDocShell.GetRecordProfileTimelineMarkers(&isRecording); + } + return isRecording; +} + +AutoTimelineMarker::AutoTimelineMarker(nsIDocShell* aDocShell, const char* aName + MOZ_GUARD_OBJECT_NOTIFIER_PARAM_IN_IMPL) + : mDocShell(nullptr) + , mName(aName) +{ + MOZ_GUARD_OBJECT_NOTIFIER_INIT; + MOZ_ASSERT(NS_IsMainThread()); + + nsDocShell* docShell = static_cast(aDocShell); + if (docShell && DocShellIsRecording(*docShell)) { + mDocShell = docShell; + mDocShell->AddProfileTimelineMarker(mName, TRACING_INTERVAL_START); + } +} + +AutoTimelineMarker::~AutoTimelineMarker() +{ + if (mDocShell) { + mDocShell->AddProfileTimelineMarker(mName, TRACING_INTERVAL_END); + } +} + +void +AutoGlobalTimelineMarker::PopulateDocShells() +{ + const LinkedList& docShells = + nsDocShell::GetObservedDocShells(); + MOZ_ASSERT(!docShells.isEmpty()); + + for (const nsDocShell::ObservedDocShell* ds = docShells.getFirst(); + ds; + ds = ds->getNext()) { + mOk = mDocShells.append(**ds); + if (!mOk) { + return; + } + } +} + +AutoGlobalTimelineMarker::AutoGlobalTimelineMarker(const char* aName + MOZ_GUARD_OBJECT_NOTIFIER_PARAM_IN_IMPL) + : mOk(true) + , mDocShells() + , mName(aName) +{ + MOZ_GUARD_OBJECT_NOTIFIER_INIT; + MOZ_ASSERT(NS_IsMainThread()); + + if (nsDocShell::gProfileTimelineRecordingsCount == 0) { + return; + } + + PopulateDocShells(); + if (!mOk) { + // If we don't successfully populate our vector with *all* docshells being + // observed, don't add markers to *any* of them. + return; + } + + for (Vector>::Range range = mDocShells.all(); + !range.empty(); + range.popFront()) { + range.front()->AddProfileTimelineMarker(mName, TRACING_INTERVAL_START); + } +} + +AutoGlobalTimelineMarker::~AutoGlobalTimelineMarker() +{ + if (!mOk) { + return; + } + + for (Vector>::Range range = mDocShells.all(); + !range.empty(); + range.popFront()) { + range.front()->AddProfileTimelineMarker(mName, TRACING_INTERVAL_END); + } +} + + +} // namespace mozilla diff --git a/docshell/base/AutoTimelineMarker.h b/docshell/base/AutoTimelineMarker.h index c0c4da18369..2f9db74158a 100644 --- a/docshell/base/AutoTimelineMarker.h +++ b/docshell/base/AutoTimelineMarker.h @@ -8,10 +8,13 @@ #define AutoTimelineMarker_h__ #include "mozilla/GuardObjects.h" -#include "mozilla/Move.h" -#include "nsDocShell.h" +#include "mozilla/Vector.h" + #include "nsRefPtr.h" +class nsIDocShell; +class nsDocShell; + namespace mozilla { // # AutoTimelineMarker @@ -27,7 +30,6 @@ namespace mozilla { // nsresult rv = ParseTheCSSFile(mFile); // ... // } - class MOZ_STACK_CLASS AutoTimelineMarker { MOZ_DECL_USE_GUARD_OBJECT_NOTIFIER; @@ -35,42 +37,57 @@ class MOZ_STACK_CLASS AutoTimelineMarker nsRefPtr mDocShell; const char* mName; - bool - DocShellIsRecording(nsDocShell& aDocShell) - { - bool isRecording = false; - if (nsDocShell::gProfileTimelineRecordingsCount > 0) { - aDocShell.GetRecordProfileTimelineMarkers(&isRecording); - } - return isRecording; - } + bool DocShellIsRecording(nsDocShell& aDocShell); public: explicit AutoTimelineMarker(nsIDocShell* aDocShell, const char* aName - MOZ_GUARD_OBJECT_NOTIFIER_PARAM) - : mDocShell(nullptr) - , mName(aName) - { - MOZ_GUARD_OBJECT_NOTIFIER_INIT; - - nsDocShell* docShell = static_cast(aDocShell); - if (docShell && DocShellIsRecording(*docShell)) { - mDocShell = docShell; - mDocShell->AddProfileTimelineMarker(mName, TRACING_INTERVAL_START); - } - } - - ~AutoTimelineMarker() - { - if (mDocShell) { - mDocShell->AddProfileTimelineMarker(mName, TRACING_INTERVAL_END); - } - } + MOZ_GUARD_OBJECT_NOTIFIER_PARAM); + ~AutoTimelineMarker(); AutoTimelineMarker(const AutoTimelineMarker& aOther) = delete; void operator=(const AutoTimelineMarker& aOther) = delete; }; +// # AutoGlobalTimelineMarker +// +// Similar to `AutoTimelineMarker`, but adds its traced marker to all docshells, +// not a single particular one. This is useful for operations that aren't +// associated with any one particular doc shell, or when it isn't clear which +// doc shell triggered the operation. +// +// Example usage: +// +// { +// AutoGlobalTimelineMarker marker("Cycle Collection"); +// nsCycleCollector* cc = GetCycleCollector(); +// cc->Collect(); +// ... +// } +class MOZ_STACK_CLASS AutoGlobalTimelineMarker +{ + MOZ_DECL_USE_GUARD_OBJECT_NOTIFIER; + + // True as long as no operation has failed, eg due to OOM. + bool mOk; + + // The set of docshells that are being observed and will get markers. + mozilla::Vector> mDocShells; + + // The name of the marker we are adding. + const char* mName; + + void PopulateDocShells(); + +public: + explicit AutoGlobalTimelineMarker(const char* aName + MOZ_GUARD_OBJECT_NOTIFIER_PARAM); + + ~AutoGlobalTimelineMarker(); + + AutoGlobalTimelineMarker(const AutoGlobalTimelineMarker& aOther) = delete; + void operator=(const AutoGlobalTimelineMarker& aOther) = delete; +}; + } // namespace mozilla #endif /* AutoTimelineMarker_h__ */ diff --git a/docshell/base/moz.build b/docshell/base/moz.build index 12b9b0e786f..602089b8e6d 100644 --- a/docshell/base/moz.build +++ b/docshell/base/moz.build @@ -48,6 +48,7 @@ EXPORTS.mozilla += [ ] UNIFIED_SOURCES += [ + 'AutoTimelineMarker.cpp', 'LoadContext.cpp', 'nsAboutRedirector.cpp', 'nsDefaultURIFixup.cpp', From d34051271f7c88e9e4a3715eda27e86384e1ddcd Mon Sep 17 00:00:00 2001 From: Nick Fitzgerald Date: Wed, 10 Jun 2015 14:05:53 -0700 Subject: [PATCH 047/297] Bug 1141614 - Part 3: Trace cycle collection with AutoGlobalTimelineMarker; r=smaug --- xpcom/base/nsCycleCollector.cpp | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/xpcom/base/nsCycleCollector.cpp b/xpcom/base/nsCycleCollector.cpp index a50ed8be468..1919f0aaf76 100644 --- a/xpcom/base/nsCycleCollector.cpp +++ b/xpcom/base/nsCycleCollector.cpp @@ -182,6 +182,7 @@ #include #include +#include "mozilla/AutoTimelineMarker.h" #include "mozilla/Likely.h" #include "mozilla/PoisonIOInterposer.h" #include "mozilla/Telemetry.h" @@ -2812,6 +2813,11 @@ nsCycleCollector::ForgetSkippable(bool aRemoveChildlessNodes, { CheckThreadSafety(); + mozilla::Maybe marker; + if (NS_IsMainThread()) { + marker.emplace("nsCycleCollector::ForgetSkippable"); + } + // If we remove things from the purple buffer during graph building, we may // lose track of an object that was mutated during graph building. MOZ_ASSERT(mIncrementalPhase == IdlePhase); @@ -3572,6 +3578,11 @@ nsCycleCollector::Collect(ccType aCCType, MOZ_ASSERT(!IsIncrementalGCInProgress()); + mozilla::Maybe marker; + if (NS_IsMainThread()) { + marker.emplace("nsCycleCollector::Collect"); + } + bool startedIdle = (mIncrementalPhase == IdlePhase); bool collectedAny = false; From d51874dbf01620d3f6a95345c4cd1309347b1ea7 Mon Sep 17 00:00:00 2001 From: Nick Fitzgerald Date: Wed, 10 Jun 2015 14:05:53 -0700 Subject: [PATCH 048/297] Bug 1141614 - Part 4: Expose cycle collection markers in the devtools frontend; r=jsantell --- browser/devtools/performance/docs/markers.md | 14 +++++++++++++- .../performance/modules/logic/marker-utils.js | 7 +++++++ browser/devtools/performance/modules/markers.js | 14 ++++++++++++++ 3 files changed, 34 insertions(+), 1 deletion(-) diff --git a/browser/devtools/performance/docs/markers.md b/browser/devtools/performance/docs/markers.md index 1f13b4da0e5..c81cb43f3cb 100644 --- a/browser/devtools/performance/docs/markers.md +++ b/browser/devtools/performance/docs/markers.md @@ -107,7 +107,8 @@ a setTimeout. ## GarbageCollection -Emitted after a full GC has occurred (which will emit past incremental events). +Emitted after a full GC cycle has completed (which is after any number of +incremental slices). * DOMString causeName - The reason for a GC event to occur. A full list of GC reasons can be found [on MDN](https://developer.mozilla.org/en-US/docs/Tools/Debugger-API/Debugger.Memory#Debugger.Memory_Handler_Functions). @@ -115,6 +116,17 @@ Emitted after a full GC has occurred (which will emit past incremental events). GC (smaller, quick GC events), and we have to walk the entire heap and GC everything marked, then the reason listed here is why. +## nsCycleCollector::Collect + +An `nsCycleCollector::Collect` marker is emitted for each incremental cycle +collection slice and each non-incremental cycle collection. + +# nsCycleCollector::ForgetSkippable + +`nsCycleCollector::ForgetSkippable` is presented as "Cycle Collection", but in +reality it is preparation/pre-optimization for cycle collection, and not the +actual tracing of edges and collecting of cycles. + ## ConsoleTime A marker generated via `console.time()` and `console.timeEnd()`. diff --git a/browser/devtools/performance/modules/logic/marker-utils.js b/browser/devtools/performance/modules/logic/marker-utils.js index 345359202df..43608eaac9d 100644 --- a/browser/devtools/performance/modules/logic/marker-utils.js +++ b/browser/devtools/performance/modules/logic/marker-utils.js @@ -435,6 +435,13 @@ const Formatters = { return { "Restyle Hint": marker.restyleHint.replace(/eRestyle_/g, "") }; } }, + + CycleCollectionFields: function (marker) { + let Type = PREFS["show-platform-data"] + ? marker.name + : marker.name.replace(/nsCycleCollector::/g, ""); + return { Type }; + }, }; exports.getMarkerLabel = getMarkerLabel; diff --git a/browser/devtools/performance/modules/markers.js b/browser/devtools/performance/modules/markers.js index 6f9a4a33e2b..984eb4aa79b 100644 --- a/browser/devtools/performance/modules/markers.js +++ b/browser/devtools/performance/modules/markers.js @@ -113,6 +113,20 @@ const TIMELINE_BLUEPRINT = { { property: "nonincrementalReason", label: "Non-incremental Reason:" } ], }, + "nsCycleCollector::Collect": { + group: 1, + colorName: "graphs-red", + collapseFunc: either(collapse.parent, collapse.child), + label: "Cycle Collection", + fields: Formatters.CycleCollectionFields, + }, + "nsCycleCollector::ForgetSkippable": { + group: 1, + colorName: "graphs-red", + collapseFunc: either(collapse.parent, collapse.child), + label: "Cycle Collection", + fields: Formatters.CycleCollectionFields, + }, /* Group 2 - User Controlled */ "ConsoleTime": { From 583b493d795e6f0cee0c64be68f75cf520e9d30a Mon Sep 17 00:00:00 2001 From: Nick Fitzgerald Date: Wed, 10 Jun 2015 14:05:53 -0700 Subject: [PATCH 049/297] Bug 1141614 - Part 5: Add a test for cycle collection markers; r=jsantell --- browser/devtools/performance/test/browser.ini | 2 + .../test/browser_markers-cycle-collection.js | 50 +++++++++++++++++++ .../performance/test/doc_force_cc.html | 29 +++++++++++ docshell/test/browser/frame-head.js | 4 ++ 4 files changed, 85 insertions(+) create mode 100644 browser/devtools/performance/test/browser_markers-cycle-collection.js create mode 100644 browser/devtools/performance/test/doc_force_cc.html diff --git a/browser/devtools/performance/test/browser.ini b/browser/devtools/performance/test/browser.ini index 7c21b500542..e5ee8c5dd2e 100644 --- a/browser/devtools/performance/test/browser.ini +++ b/browser/devtools/performance/test/browser.ini @@ -2,6 +2,7 @@ tags = devtools subsuite = devtools support-files = + doc_force_cc.html doc_force_gc.html doc_innerHTML.html doc_markers.html @@ -13,6 +14,7 @@ support-files = [browser_aaa-run-first-leaktest.js] [browser_marker-utils.js] +[browser_markers-cycle-collection.js] [browser_markers-gc.js] [browser_markers-parse-html.js] [browser_markers-styles.js] diff --git a/browser/devtools/performance/test/browser_markers-cycle-collection.js b/browser/devtools/performance/test/browser_markers-cycle-collection.js new file mode 100644 index 00000000000..eb75544f0a2 --- /dev/null +++ b/browser/devtools/performance/test/browser_markers-cycle-collection.js @@ -0,0 +1,50 @@ +/* Any copyright is dedicated to the Public Domain. + http://creativecommons.org/publicdomain/zero/1.0/ */ + +/** + * Test that we get "nsCycleCollector::Collect" and + * "nsCycleCollector::ForgetSkippable" markers when we force cycle collection. + */ + +const TEST_URL = EXAMPLE_URL + "doc_force_cc.html" + +function waitForMarkerType(front, type) { + info("Waiting for marker of type = " + type); + const { promise, resolve } = Promise.defer(); + + const handler = (_, name, markers) => { + if (name !== "markers") { + return; + } + + info("Got markers: " + JSON.stringify(markers, null, 2)); + + if (markers.some(m => m.name === type)) { + ok(true, "Found marker of type = " + type); + front.off("timeline-data", handler); + resolve(); + } + }; + front.on("timeline-data", handler); + + return promise; +} + +function* spawnTest () { + // This test runs very slowly on linux32 debug EC2 instances. + requestLongerTimeout(2); + + let { target, front } = yield initBackend(TEST_URL); + + yield front.startRecording({ withMarkers: true, withTicks: true }); + + yield Promise.all([ + waitForMarkerType(front, "nsCycleCollector::Collect"), + waitForMarkerType(front, "nsCycleCollector::ForgetSkippable") + ]); + ok(true, "Got expected cycle collection events"); + + yield front.stopRecording(); + yield removeTab(target.tab); + finish(); +} diff --git a/browser/devtools/performance/test/doc_force_cc.html b/browser/devtools/performance/test/doc_force_cc.html new file mode 100644 index 00000000000..d5868bd6b7c --- /dev/null +++ b/browser/devtools/performance/test/doc_force_cc.html @@ -0,0 +1,29 @@ + + + + + + + Performance tool + cycle collection test page + + + + + + + diff --git a/docshell/test/browser/frame-head.js b/docshell/test/browser/frame-head.js index bf65351b87c..967e1a9fae6 100644 --- a/docshell/test/browser/frame-head.js +++ b/docshell/test/browser/frame-head.js @@ -71,6 +71,10 @@ this.timelineContentTest = function(tests) { info("Waiting for new markers on the docShell"); let markers = yield onMarkers; + // Cycle collection markers are non-deterministic, and none of these tests + // expect them to show up. + markers = markers.filter(m => m.name.indexOf("nsCycleCollector") === -1); + info("Running the test check function"); check(markers); } From 3d0d731ba0ad6bf9f76438592d649da02ff5ec8b Mon Sep 17 00:00:00 2001 From: Ben Turner Date: Wed, 10 Jun 2015 14:12:55 -0700 Subject: [PATCH 050/297] Bug 1173139 - Reorder global creation on workers, r=khuey. --- dom/workers/ScriptLoader.cpp | 33 +++++++++++++++------------------ dom/workers/WorkerPrivate.cpp | 35 +++++++++++++++++------------------ dom/workers/WorkerScope.cpp | 14 ++++++++++++++ 3 files changed, 46 insertions(+), 36 deletions(-) diff --git a/dom/workers/ScriptLoader.cpp b/dom/workers/ScriptLoader.cpp index 6eda7de113a..aaefcba69a0 100644 --- a/dom/workers/ScriptLoader.cpp +++ b/dom/workers/ScriptLoader.cpp @@ -1585,27 +1585,24 @@ ScriptExecutorRunnable::WorkerRun(JSContext* aCx, WorkerPrivate* aWorkerPrivate) } } - JS::Rooted global(aCx, JS::CurrentGlobalOrNull(aCx)); - NS_ASSERTION(global, "Must have a global by now!"); + JS::Rooted global(aCx); - // Determine whether we want to be discarding source on this global to save - // memory. It would make more sense to do this when we create the global, but - // the information behind UsesSystemPrincipal() et al isn't finalized until - // the call to SetPrincipal during the first script load. After that, however, - // it never changes. So we can just idempotently set the bits here. - // - // Note that we read a pref that is cached on the main thread. This is benignly - // racey. - if (xpc::ShouldDiscardSystemSource()) { - bool discard = aWorkerPrivate->UsesSystemPrincipal() || - aWorkerPrivate->IsInPrivilegedApp(); - JS::CompartmentOptionsRef(global).setDiscardSource(discard); + if (mIsWorkerScript) { + WorkerGlobalScope* globalScope = + aWorkerPrivate->GetOrCreateGlobalScope(aCx); + if (NS_WARN_IF(!globalScope)) { + NS_WARNING("Failed to make global!"); + return false; + } + + global.set(globalScope->GetWrapper()); + } else { + global.set(JS::CurrentGlobalOrNull(aCx)); } - // Similar to the above. - if (xpc::ExtraWarningsForSystemJS() && aWorkerPrivate->UsesSystemPrincipal()) { - JS::CompartmentOptionsRef(global).extraWarningsOverride().set(true); - } + MOZ_ASSERT(global); + + JSAutoCompartment ac(aCx, global); for (uint32_t index = mFirstIndex; index <= mLastIndex; index++) { ScriptLoadInfo& loadInfo = loadInfos.ElementAt(index); diff --git a/dom/workers/WorkerPrivate.cpp b/dom/workers/WorkerPrivate.cpp index 8d05961eac3..ac29fc04989 100644 --- a/dom/workers/WorkerPrivate.cpp +++ b/dom/workers/WorkerPrivate.cpp @@ -1044,21 +1044,12 @@ private: virtual bool WorkerRun(JSContext* aCx, WorkerPrivate* aWorkerPrivate) override { - WorkerGlobalScope* globalScope = - aWorkerPrivate->GetOrCreateGlobalScope(aCx); - if (!globalScope) { - NS_WARNING("Failed to make global!"); + if (!scriptloader::LoadMainScript(aCx, mScriptURL, WorkerScript)) { return false; } - JS::Rooted global(aCx, globalScope->GetWrapper()); - - JSAutoCompartment ac(aCx, global); - bool result = scriptloader::LoadMainScript(aCx, mScriptURL, WorkerScript); - if (result) { - aWorkerPrivate->SetWorkerScriptExecutedSuccessfully(); - } - return result; + aWorkerPrivate->SetWorkerScriptExecutedSuccessfully(); + return true; } }; @@ -6043,7 +6034,9 @@ WorkerPrivate::RunCurrentSyncLoop() MOZ_ALWAYS_TRUE(NS_ProcessNextEvent(mThread, false)); // Now *might* be a good time to GC. Let the JS engine make the decision. - JS_MaybeGC(cx); + if (JS::CurrentGlobalOrNull(cx)) { + JS_MaybeGC(cx); + } } } @@ -6280,7 +6273,9 @@ WorkerPrivate::EnterDebuggerEventLoop() runnable->Release(); // Now *might* be a good time to GC. Let the JS engine make the decision. - JS_MaybeGC(cx); + if (JS::CurrentGlobalOrNull(cx)) { + JS_MaybeGC(cx); + } } } } @@ -6525,7 +6520,8 @@ WorkerPrivate::ReportError(JSContext* aCx, const char* aMessage, // if there was an error in the close handler or if we ran out of memory. bool fireAtScope = mErrorHandlerRecursionCount == 1 && !mCloseHandlerStarted && - errorNumber != JSMSG_OUT_OF_MEMORY; + errorNumber != JSMSG_OUT_OF_MEMORY && + JS::CurrentGlobalOrNull(aCx); if (!ReportErrorRunnable::ReportError(aCx, this, fireAtScope, nullptr, message, filename, line, lineNumber, @@ -6918,7 +6914,7 @@ WorkerPrivate::GarbageCollectInternal(JSContext* aCx, bool aShrinking, { AssertIsOnWorkerThread(); - if (!JS::CurrentGlobalOrNull(aCx)) { + if (!GlobalScope()) { // We haven't compiled anything yet. Just bail out. return; } @@ -7167,13 +7163,16 @@ WorkerPrivate::GetOrCreateGlobalScope(JSContext* aCx) JSAutoCompartment ac(aCx, global); + // RegisterBindings() can spin a nested event loop so we have to set mScope + // before calling it, and we have to make sure to unset mScope if it fails. + mScope = Move(globalScope); + if (!RegisterBindings(aCx, global)) { + mScope = nullptr; return nullptr; } JS_FireOnNewGlobalObject(aCx, global); - - mScope = globalScope.forget(); } return mScope; diff --git a/dom/workers/WorkerScope.cpp b/dom/workers/WorkerScope.cpp index 347dd8d72b4..f5c8f772c6b 100644 --- a/dom/workers/WorkerScope.cpp +++ b/dom/workers/WorkerScope.cpp @@ -395,6 +395,20 @@ DedicatedWorkerGlobalScope::WrapGlobalObject(JSContext* aCx, JS::CompartmentOptions options; mWorkerPrivate->CopyJSCompartmentOptions(options); + const bool usesSystemPrincipal = mWorkerPrivate->UsesSystemPrincipal(); + + // Note that xpc::ShouldDiscardSystemSource() and + // xpc::ExtraWarningsForSystemJS() read prefs that are cached on the main + // thread. This is benignly racey. + const bool discardSource = (usesSystemPrincipal || + mWorkerPrivate->IsInPrivilegedApp()) && + xpc::ShouldDiscardSystemSource(); + const bool extraWarnings = usesSystemPrincipal && + xpc::ExtraWarningsForSystemJS(); + + options.setDiscardSource(discardSource) + .extraWarningsOverride().set(extraWarnings); + return DedicatedWorkerGlobalScopeBinding_workers::Wrap(aCx, this, this, options, GetWorkerPrincipal(), From 487810d0fcff6e888ab8550d5dccd681d4c9b840 Mon Sep 17 00:00:00 2001 From: Bobby Holley Date: Tue, 9 Jun 2015 16:04:19 -0700 Subject: [PATCH 051/297] Bug 1173001 - Explicitly instantiate WebReader in MediaSourceReader. r=jww This will allow us to pass the borrowed task queue. It's also more explicit about the fact that we only support mp4 and (sort of) webm. --- dom/media/DecoderTraits.cpp | 8 ++++---- dom/media/DecoderTraits.h | 2 ++ dom/media/mediasource/MediaSourceReader.cpp | 13 ++++++++++++- 3 files changed, 18 insertions(+), 5 deletions(-) diff --git a/dom/media/DecoderTraits.cpp b/dom/media/DecoderTraits.cpp index 6af5e345ed0..a815be42eeb 100644 --- a/dom/media/DecoderTraits.cpp +++ b/dom/media/DecoderTraits.cpp @@ -191,8 +191,8 @@ static char const *const gWebMCodecs[7] = { nullptr }; -static bool -IsWebMType(const nsACString& aType) +/* static */ bool +DecoderTraits::IsWebMType(const nsACString& aType) { if (!MediaDecoder::IsWebMEnabled()) { return false; @@ -210,7 +210,7 @@ IsGStreamerSupportedType(const nsACString& aMimeType) return false; #ifdef MOZ_WEBM - if (IsWebMType(aMimeType) && !Preferences::GetBool("media.prefer-gstreamer", false)) + if (DecoderTraits::IsWebMType(aMimeType) && !Preferences::GetBool("media.prefer-gstreamer", false)) return false; #endif if (IsOggType(aMimeType) && !Preferences::GetBool("media.prefer-gstreamer", false)) @@ -624,7 +624,7 @@ InstantiateDecoder(const nsACString& aType, MediaDecoderOwner* aOwner) } #endif #ifdef MOZ_WEBM - if (IsWebMType(aType)) { + if (DecoderTraits::IsWebMType(aType)) { decoder = new WebMDecoder(); return decoder.forget(); } diff --git a/dom/media/DecoderTraits.h b/dom/media/DecoderTraits.h index 0f8eb5a310e..a85b141ca34 100644 --- a/dom/media/DecoderTraits.h +++ b/dom/media/DecoderTraits.h @@ -61,6 +61,8 @@ public: // Returns true if we should not start decoder until we receive // OnConnected signal. (currently RTSP only) static bool DecoderWaitsForOnConnected(const nsACString& aType); + + static bool IsWebMType(const nsACString& aType); }; } diff --git a/dom/media/mediasource/MediaSourceReader.cpp b/dom/media/mediasource/MediaSourceReader.cpp index 1d2d6bd8c3a..fd653f8042f 100644 --- a/dom/media/mediasource/MediaSourceReader.cpp +++ b/dom/media/mediasource/MediaSourceReader.cpp @@ -23,6 +23,10 @@ #include "MP4Reader.h" #endif +#ifdef MOZ_WEBM +#include "WebMReader.h" +#endif + extern PRLogModuleInfo* GetMediaSourceLog(); #define MSE_DEBUG(arg, ...) MOZ_LOG(GetMediaSourceLog(), mozilla::LogLevel::Debug, ("MediaSourceReader(%p)::%s: " arg, this, __func__, ##__VA_ARGS__)) @@ -692,7 +696,14 @@ CreateReaderForType(const nsACString& aType, AbstractMediaDecoder* aDecoder) return reader; } #endif - return DecoderTraits::CreateReader(aType, aDecoder); + +#ifdef MOZ_WEBM + if (DecoderTraits::IsWebMType(aType)) { + return new WebMReader(aDecoder); + } +#endif + + return nullptr; } already_AddRefed From 00f60b175b874c5f28f59292b00016f509f91092 Mon Sep 17 00:00:00 2001 From: Bobby Holley Date: Mon, 8 Jun 2015 17:16:42 -0700 Subject: [PATCH 052/297] Bug 1173001 - Initialize reader task queue in the constructor. r=jww This is a necessary step towards having mirrored/canonical values, since those need to know the task queue in their constructor. --- dom/media/MediaDecoderReader.cpp | 19 +++----------- dom/media/MediaDecoderReader.h | 17 ++++-------- dom/media/MediaDecoderStateMachine.cpp | 4 --- dom/media/MediaFormatReader.cpp | 5 ++-- dom/media/MediaFormatReader.h | 3 ++- dom/media/fmp4/MP4Reader.cpp | 4 +-- dom/media/fmp4/MP4Reader.h | 2 +- dom/media/gtest/TestMP4Reader.cpp | 1 - dom/media/mediasource/MediaSourceReader.cpp | 29 ++++++++++----------- dom/media/webaudio/MediaBufferDecoder.cpp | 4 --- dom/media/webm/WebMReader.cpp | 4 +-- dom/media/webm/WebMReader.h | 2 +- 12 files changed, 34 insertions(+), 60 deletions(-) diff --git a/dom/media/MediaDecoderReader.cpp b/dom/media/MediaDecoderReader.cpp index d644e391d98..96454afc9a2 100644 --- a/dom/media/MediaDecoderReader.cpp +++ b/dom/media/MediaDecoderReader.cpp @@ -60,14 +60,16 @@ public: size_t mSize; }; -MediaDecoderReader::MediaDecoderReader(AbstractMediaDecoder* aDecoder) +MediaDecoderReader::MediaDecoderReader(AbstractMediaDecoder* aDecoder, + MediaTaskQueue* aBorrowedTaskQueue) : mAudioCompactor(mAudioQueue) , mDecoder(aDecoder) + , mTaskQueue(aBorrowedTaskQueue ? aBorrowedTaskQueue : new MediaTaskQueue(GetMediaThreadPool(MediaThreadType::PLAYBACK))) , mIgnoreAudioOutputFormat(false) , mStartTime(-1) , mHitAudioDecodeError(false) , mShutdown(false) - , mTaskQueueIsBorrowed(false) + , mTaskQueueIsBorrowed(!!aBorrowedTaskQueue) , mAudioDiscontinuity(false) , mVideoDiscontinuity(false) { @@ -331,19 +333,6 @@ MediaDecoderReader::RequestAudioData() return p; } -MediaTaskQueue* -MediaDecoderReader::EnsureTaskQueue() -{ - if (!mTaskQueue) { - MOZ_ASSERT(!mTaskQueueIsBorrowed); - RefPtr pool(GetMediaThreadPool(MediaThreadType::PLAYBACK)); - MOZ_DIAGNOSTIC_ASSERT(pool); - mTaskQueue = new MediaTaskQueue(pool.forget()); - } - - return mTaskQueue; -} - void MediaDecoderReader::BreakCycles() { diff --git a/dom/media/MediaDecoderReader.h b/dom/media/MediaDecoderReader.h index 6af63626512..d6f1c74c251 100644 --- a/dom/media/MediaDecoderReader.h +++ b/dom/media/MediaDecoderReader.h @@ -79,7 +79,7 @@ public: // The caller must ensure that Shutdown() is called before aDecoder is // destroyed. - explicit MediaDecoderReader(AbstractMediaDecoder* aDecoder); + explicit MediaDecoderReader(AbstractMediaDecoder* aDecoder, MediaTaskQueue* aBorrowedTaskQueue = nullptr); // Initializes the reader, returns NS_OK on success, or NS_ERROR_FAILURE // on failure. @@ -107,18 +107,9 @@ public: // thread. virtual nsRefPtr Shutdown(); - MediaTaskQueue* EnsureTaskQueue(); - virtual bool OnTaskQueue() { - return !GetTaskQueue() || GetTaskQueue()->IsCurrentThreadIn(); - } - - void SetBorrowedTaskQueue(MediaTaskQueue* aTaskQueue) - { - MOZ_ASSERT(!mTaskQueue && aTaskQueue); - mTaskQueue = aTaskQueue; - mTaskQueueIsBorrowed = true; + return GetTaskQueue()->IsCurrentThreadIn(); } // Resets all state related to decoding, emptying all buffers etc. @@ -320,6 +311,9 @@ protected: // Reference to the owning decoder object. AbstractMediaDecoder* mDecoder; + // Decode task queue. + nsRefPtr mTaskQueue; + // Stores presentation info required for playback. MediaInfo mInfo; @@ -347,7 +341,6 @@ private: MediaPromiseHolder mBaseAudioPromise; MediaPromiseHolder mBaseVideoPromise; - nsRefPtr mTaskQueue; bool mTaskQueueIsBorrowed; // Flags whether a the next audio/video sample comes after a "gap" or diff --git a/dom/media/MediaDecoderStateMachine.cpp b/dom/media/MediaDecoderStateMachine.cpp index de3fee733c3..39dc46c2c2d 100644 --- a/dom/media/MediaDecoderStateMachine.cpp +++ b/dom/media/MediaDecoderStateMachine.cpp @@ -1258,10 +1258,6 @@ nsresult MediaDecoderStateMachine::Init(MediaDecoderStateMachine* aCloneDonor) { MOZ_ASSERT(NS_IsMainThread()); - if (NS_WARN_IF(!mReader->EnsureTaskQueue())) { - return NS_ERROR_FAILURE; - } - MediaDecoderReader* cloneReader = nullptr; if (aCloneDonor) { cloneReader = aCloneDonor->mReader; diff --git a/dom/media/MediaFormatReader.cpp b/dom/media/MediaFormatReader.cpp index ae60fe94166..3ed1c2df34f 100644 --- a/dom/media/MediaFormatReader.cpp +++ b/dom/media/MediaFormatReader.cpp @@ -61,8 +61,9 @@ TrackTypeToStr(TrackInfo::TrackType aTrack) } MediaFormatReader::MediaFormatReader(AbstractMediaDecoder* aDecoder, - MediaDataDemuxer* aDemuxer) - : MediaDecoderReader(aDecoder) + MediaDataDemuxer* aDemuxer, + MediaTaskQueue* aBorrowedTaskQueue) + : MediaDecoderReader(aDecoder, aBorrowedTaskQueue) , mDemuxer(aDemuxer) , mAudio(this, MediaData::AUDIO_DATA, Preferences::GetUint("media.audio-decode-ahead", 2)) , mVideo(this, MediaData::VIDEO_DATA, Preferences::GetUint("media.video-decode-ahead", 2)) diff --git a/dom/media/MediaFormatReader.h b/dom/media/MediaFormatReader.h index 2bfdf4a5ca5..410697a2010 100644 --- a/dom/media/MediaFormatReader.h +++ b/dom/media/MediaFormatReader.h @@ -30,7 +30,8 @@ class MediaFormatReader final : public MediaDecoderReader public: explicit MediaFormatReader(AbstractMediaDecoder* aDecoder, - MediaDataDemuxer* aDemuxer); + MediaDataDemuxer* aDemuxer, + MediaTaskQueue* aBorrowedTaskQueue = nullptr); virtual ~MediaFormatReader(); diff --git a/dom/media/fmp4/MP4Reader.cpp b/dom/media/fmp4/MP4Reader.cpp index 0ae9d15f6f0..9769f37ab84 100644 --- a/dom/media/fmp4/MP4Reader.cpp +++ b/dom/media/fmp4/MP4Reader.cpp @@ -144,8 +144,8 @@ InvokeAndRetry(ThisType* aThisVal, ReturnType(ThisType::*aMethod)(), MP4Stream* } } -MP4Reader::MP4Reader(AbstractMediaDecoder* aDecoder) - : MediaDecoderReader(aDecoder) +MP4Reader::MP4Reader(AbstractMediaDecoder* aDecoder, MediaTaskQueue* aBorrowedTaskQueue) + : MediaDecoderReader(aDecoder, aBorrowedTaskQueue) , mAudio(MediaData::AUDIO_DATA, Preferences::GetUint("media.mp4-audio-decode-ahead", 2)) , mVideo(MediaData::VIDEO_DATA, Preferences::GetUint("media.mp4-video-decode-ahead", 2)) , mLastReportedNumDecodedFrames(0) diff --git a/dom/media/fmp4/MP4Reader.h b/dom/media/fmp4/MP4Reader.h index db07526e027..005fba92784 100644 --- a/dom/media/fmp4/MP4Reader.h +++ b/dom/media/fmp4/MP4Reader.h @@ -34,7 +34,7 @@ class MP4Reader final : public MediaDecoderReader typedef TrackInfo::TrackType TrackType; public: - explicit MP4Reader(AbstractMediaDecoder* aDecoder); + explicit MP4Reader(AbstractMediaDecoder* aDecoder, MediaTaskQueue* aBorrowedTaskQueue = nullptr); virtual ~MP4Reader(); diff --git a/dom/media/gtest/TestMP4Reader.cpp b/dom/media/gtest/TestMP4Reader.cpp index 2a1bd8471ad..870ef08df65 100644 --- a/dom/media/gtest/TestMP4Reader.cpp +++ b/dom/media/gtest/TestMP4Reader.cpp @@ -36,7 +36,6 @@ public: decoder->SetResource(resource); reader->Init(nullptr); - reader->EnsureTaskQueue(); { // This needs to be done before invoking GetBuffered. This is normally // done by MediaDecoderStateMachine. diff --git a/dom/media/mediasource/MediaSourceReader.cpp b/dom/media/mediasource/MediaSourceReader.cpp index fd653f8042f..02c09b7162f 100644 --- a/dom/media/mediasource/MediaSourceReader.cpp +++ b/dom/media/mediasource/MediaSourceReader.cpp @@ -678,7 +678,8 @@ MediaSourceReader::ReleaseMediaResources() } MediaDecoderReader* -CreateReaderForType(const nsACString& aType, AbstractMediaDecoder* aDecoder) +CreateReaderForType(const nsACString& aType, AbstractMediaDecoder* aDecoder, + MediaTaskQueue* aBorrowedTaskQueue) { #ifdef MOZ_FMP4 // The MP4Reader that supports fragmented MP4 and uses @@ -691,15 +692,15 @@ CreateReaderForType(const nsACString& aType, AbstractMediaDecoder* aDecoder) bool useFormatDecoder = Preferences::GetBool("media.mediasource.format-reader.mp4", true); MediaDecoderReader* reader = useFormatDecoder ? - static_cast(new MediaFormatReader(aDecoder, new MP4Demuxer(aDecoder->GetResource()))) : - static_cast(new MP4Reader(aDecoder)); + static_cast(new MediaFormatReader(aDecoder, new MP4Demuxer(aDecoder->GetResource()), aBorrowedTaskQueue)) : + static_cast(new MP4Reader(aDecoder, aBorrowedTaskQueue)); return reader; } #endif #ifdef MOZ_WEBM if (DecoderTraits::IsWebMType(aType)) { - return new WebMReader(aDecoder); + return new WebMReader(aDecoder, aBorrowedTaskQueue); } #endif @@ -712,10 +713,17 @@ MediaSourceReader::CreateSubDecoder(const nsACString& aType, int64_t aTimestampO if (IsShutdown()) { return nullptr; } - MOZ_ASSERT(GetTaskQueue()); + + // The task queue borrowing is icky. It would be nicer to just give each subreader + // its own task queue. Unfortunately though, Request{Audio,Video}Data implementations + // currently assert that they're on "the decode thread", and so having + // separate task queues makes MediaSource stuff unnecessarily cumbersome. We + // should remove the need for these assertions (which probably involves making + // all Request*Data implementations fully async), and then get rid of the + // borrowing. nsRefPtr decoder = new SourceBufferDecoder(new SourceBufferResource(aType), mDecoder, aTimestampOffset); - nsRefPtr reader(CreateReaderForType(aType, decoder)); + nsRefPtr reader(CreateReaderForType(aType, decoder, GetTaskQueue())); if (!reader) { return nullptr; } @@ -728,15 +736,6 @@ MediaSourceReader::CreateSubDecoder(const nsACString& aType, int64_t aTimestampO reader->SetStartTime(0); } - // This part is icky. It would be nicer to just give each subreader its own - // task queue. Unfortunately though, Request{Audio,Video}Data implementations - // currently assert that they're on "the decode thread", and so having - // separate task queues makes MediaSource stuff unnecessarily cumbersome. We - // should remove the need for these assertions (which probably involves making - // all Request*Data implementations fully async), and then get rid of the - // borrowing. - reader->SetBorrowedTaskQueue(GetTaskQueue()); - #ifdef MOZ_FMP4 reader->SetSharedDecoderManager(mSharedDecoderManager); #endif diff --git a/dom/media/webaudio/MediaBufferDecoder.cpp b/dom/media/webaudio/MediaBufferDecoder.cpp index fac61f727d9..9272fba25d8 100644 --- a/dom/media/webaudio/MediaBufferDecoder.cpp +++ b/dom/media/webaudio/MediaBufferDecoder.cpp @@ -211,10 +211,6 @@ MediaDecodeTask::CreateReader() return false; } - if (!mDecoderReader->EnsureTaskQueue()) { - return false; - } - return true; } diff --git a/dom/media/webm/WebMReader.cpp b/dom/media/webm/WebMReader.cpp index 1a3b05123ba..1ed5c8ac356 100644 --- a/dom/media/webm/WebMReader.cpp +++ b/dom/media/webm/WebMReader.cpp @@ -161,8 +161,8 @@ ogg_packet InitOggPacket(const unsigned char* aData, size_t aLength, static bool sIsIntelDecoderEnabled = false; #endif -WebMReader::WebMReader(AbstractMediaDecoder* aDecoder) - : MediaDecoderReader(aDecoder) +WebMReader::WebMReader(AbstractMediaDecoder* aDecoder, MediaTaskQueue* aBorrowedTaskQueue) + : MediaDecoderReader(aDecoder, aBorrowedTaskQueue) , mContext(nullptr) , mPacketCount(0) , mOpusDecoder(nullptr) diff --git a/dom/media/webm/WebMReader.h b/dom/media/webm/WebMReader.h index 4bcfb42b8fc..27da0842cfe 100644 --- a/dom/media/webm/WebMReader.h +++ b/dom/media/webm/WebMReader.h @@ -141,7 +141,7 @@ public: class WebMReader : public MediaDecoderReader { public: - explicit WebMReader(AbstractMediaDecoder* aDecoder); + explicit WebMReader(AbstractMediaDecoder* aDecoder, MediaTaskQueue* aBorrowedTaskQueue = nullptr); protected: ~WebMReader(); From 4df236fa6e45d05da218b9ec6cbc69ae95710e7c Mon Sep 17 00:00:00 2001 From: Bobby Holley Date: Mon, 8 Jun 2015 17:26:42 -0700 Subject: [PATCH 053/297] Bug 1173001 - Fix up some task queue naming to make MediaDecoderReader consistent with MDSM. r=jww --- dom/media/MediaDecoderReader.cpp | 6 ++--- dom/media/MediaDecoderReader.h | 4 ++-- dom/media/MediaDecoderStateMachine.h | 2 +- dom/media/MediaFormatReader.cpp | 26 ++++++++++----------- dom/media/fmp4/MP4Reader.cpp | 18 +++++++------- dom/media/gtest/TestMP4Reader.cpp | 2 +- dom/media/mediasource/MediaSourceReader.cpp | 26 ++++++++++----------- dom/media/mediasource/TrackBuffer.cpp | 20 ++++++++-------- dom/media/omx/MediaCodecReader.cpp | 6 ++--- dom/media/omx/MediaOmxReader.cpp | 2 +- dom/media/webaudio/MediaBufferDecoder.cpp | 10 ++++---- 11 files changed, 61 insertions(+), 61 deletions(-) diff --git a/dom/media/MediaDecoderReader.cpp b/dom/media/MediaDecoderReader.cpp index 96454afc9a2..7f54ba4fe49 100644 --- a/dom/media/MediaDecoderReader.cpp +++ b/dom/media/MediaDecoderReader.cpp @@ -221,7 +221,7 @@ public: NS_METHOD Run() { - MOZ_ASSERT(mReader->GetTaskQueue()->IsCurrentThreadIn()); + MOZ_ASSERT(mReader->OnTaskQueue()); // Make sure ResetDecode hasn't been called in the mean time. if (!mReader->mBaseVideoPromise.IsEmpty()) { @@ -246,7 +246,7 @@ public: NS_METHOD Run() { - MOZ_ASSERT(mReader->GetTaskQueue()->IsCurrentThreadIn()); + MOZ_ASSERT(mReader->OnTaskQueue()); // Make sure ResetDecode hasn't been called in the mean time. if (!mReader->mBaseAudioPromise.IsEmpty()) { @@ -353,7 +353,7 @@ MediaDecoderReader::Shutdown() // Spin down the task queue if necessary. We wait until BreakCycles to null // out mTaskQueue, since otherwise any remaining tasks could crash when they - // invoke GetTaskQueue()->IsCurrentThreadIn(). + // invoke OnTaskQueue(). if (mTaskQueue && !mTaskQueueIsBorrowed) { // If we own our task queue, shutdown ends when the task queue is done. p = mTaskQueue->BeginShutdown(); diff --git a/dom/media/MediaDecoderReader.h b/dom/media/MediaDecoderReader.h index d6f1c74c251..bc5e689dafb 100644 --- a/dom/media/MediaDecoderReader.h +++ b/dom/media/MediaDecoderReader.h @@ -109,7 +109,7 @@ public: virtual bool OnTaskQueue() { - return GetTaskQueue()->IsCurrentThreadIn(); + return TaskQueue()->IsCurrentThreadIn(); } // Resets all state related to decoding, emptying all buffers etc. @@ -257,7 +257,7 @@ public: virtual bool IsMediaSeekable() = 0; void SetStartTime(int64_t aStartTime); - MediaTaskQueue* GetTaskQueue() { + MediaTaskQueue* TaskQueue() { return mTaskQueue; } diff --git a/dom/media/MediaDecoderStateMachine.h b/dom/media/MediaDecoderStateMachine.h index b2a0f505094..f9f4ac6ffb7 100644 --- a/dom/media/MediaDecoderStateMachine.h +++ b/dom/media/MediaDecoderStateMachine.h @@ -846,7 +846,7 @@ public: // The task queue in which we run decode tasks. This is referred to as // the "decode thread", though in practise tasks can run on a different // thread every time they're called. - MediaTaskQueue* DecodeTaskQueue() const { return mReader->GetTaskQueue(); } + MediaTaskQueue* DecodeTaskQueue() const { return mReader->TaskQueue(); } // The time that playback started from the system clock. This is used for // timing the presentation of video frames when there's no audio. diff --git a/dom/media/MediaFormatReader.cpp b/dom/media/MediaFormatReader.cpp index 3ed1c2df34f..5321faccc95 100644 --- a/dom/media/MediaFormatReader.cpp +++ b/dom/media/MediaFormatReader.cpp @@ -281,7 +281,7 @@ MediaFormatReader::AsyncReadMetadata() nsRefPtr p = mMetadataPromise.Ensure(__func__); mDemuxerInitRequest.Begin(mDemuxer->Init() - ->Then(GetTaskQueue(), __func__, this, + ->Then(TaskQueue(), __func__, this, &MediaFormatReader::OnDemuxerInitDone, &MediaFormatReader::OnDemuxerInitFailed)); return p; @@ -588,7 +588,7 @@ MediaFormatReader::DoDemuxVideo() { // TODO Use DecodeAhead value rather than 1. mVideo.mDemuxRequest.Begin(mVideo.mTrackDemuxer->GetSamples(1) - ->Then(GetTaskQueue(), __func__, this, + ->Then(TaskQueue(), __func__, this, &MediaFormatReader::OnVideoDemuxCompleted, &MediaFormatReader::OnVideoDemuxFailed)); } @@ -643,7 +643,7 @@ MediaFormatReader::DoDemuxAudio() { // TODO Use DecodeAhead value rather than 1. mAudio.mDemuxRequest.Begin(mAudio.mTrackDemuxer->GetSamples(1) - ->Then(GetTaskQueue(), __func__, this, + ->Then(TaskQueue(), __func__, this, &MediaFormatReader::OnAudioDemuxCompleted, &MediaFormatReader::OnAudioDemuxFailed)); } @@ -748,7 +748,7 @@ MediaFormatReader::ScheduleUpdate(TrackType aTrack) decoder.mUpdateScheduled = true; RefPtr task( NS_NewRunnableMethodWithArg(this, &MediaFormatReader::Update, aTrack)); - GetTaskQueue()->Dispatch(task.forget()); + TaskQueue()->Dispatch(task.forget()); } bool @@ -1043,7 +1043,7 @@ MediaFormatReader::Output(TrackType aTrack, MediaData* aSample) RefPtr task = NS_NewRunnableMethodWithArgs( this, &MediaFormatReader::NotifyNewOutput, aTrack, aSample); - GetTaskQueue()->Dispatch(task.forget()); + TaskQueue()->Dispatch(task.forget()); } void @@ -1052,7 +1052,7 @@ MediaFormatReader::DrainComplete(TrackType aTrack) RefPtr task = NS_NewRunnableMethodWithArg( this, &MediaFormatReader::NotifyDrainComplete, aTrack); - GetTaskQueue()->Dispatch(task.forget()); + TaskQueue()->Dispatch(task.forget()); } void @@ -1061,7 +1061,7 @@ MediaFormatReader::InputExhausted(TrackType aTrack) RefPtr task = NS_NewRunnableMethodWithArg( this, &MediaFormatReader::NotifyInputExhausted, aTrack); - GetTaskQueue()->Dispatch(task.forget()); + TaskQueue()->Dispatch(task.forget()); } void @@ -1070,7 +1070,7 @@ MediaFormatReader::Error(TrackType aTrack) RefPtr task = NS_NewRunnableMethodWithArg( this, &MediaFormatReader::NotifyError, aTrack); - GetTaskQueue()->Dispatch(task.forget()); + TaskQueue()->Dispatch(task.forget()); } void @@ -1110,7 +1110,7 @@ MediaFormatReader::SkipVideoDemuxToNextKeyFrame(media::TimeUnit aTimeThreshold) } mSkipRequest.Begin(mVideo.mTrackDemuxer->SkipToNextRandomAccessPoint(aTimeThreshold) - ->Then(GetTaskQueue(), __func__, this, + ->Then(TaskQueue(), __func__, this, &MediaFormatReader::OnVideoSkipCompleted, &MediaFormatReader::OnVideoSkipFailed)); return; @@ -1213,7 +1213,7 @@ MediaFormatReader::DoVideoSeek() LOGV("Seeking video to %lld", mPendingSeekTime.ref().ToMicroseconds()); media::TimeUnit seekTime = mPendingSeekTime.ref(); mVideoSeekRequest.Begin(mVideo.mTrackDemuxer->Seek(seekTime) - ->Then(GetTaskQueue(), __func__, this, + ->Then(TaskQueue(), __func__, this, &MediaFormatReader::OnVideoSeekCompleted, &MediaFormatReader::OnVideoSeekFailed)); } @@ -1242,7 +1242,7 @@ MediaFormatReader::DoAudioSeek() LOGV("Seeking audio to %lld", mPendingSeekTime.ref().ToMicroseconds()); media::TimeUnit seekTime = mPendingSeekTime.ref(); mAudioSeekRequest.Begin(mAudio.mTrackDemuxer->Seek(seekTime) - ->Then(GetTaskQueue(), __func__, this, + ->Then(TaskQueue(), __func__, this, &MediaFormatReader::OnAudioSeekCompleted, &MediaFormatReader::OnAudioSeekFailed)); } @@ -1434,7 +1434,7 @@ MediaFormatReader::NotifyDataArrived(const char* aBuffer, uint32_t aLength, int6 NS_NewRunnableMethodWithArgs( this, &MediaFormatReader::NotifyDemuxer, aLength, aOffset); - GetTaskQueue()->Dispatch(task.forget()); + TaskQueue()->Dispatch(task.forget()); } void @@ -1457,7 +1457,7 @@ MediaFormatReader::NotifyDataRemoved() NS_NewRunnableMethodWithArgs( this, &MediaFormatReader::NotifyDemuxer, 0, 0); - GetTaskQueue()->Dispatch(task.forget()); + TaskQueue()->Dispatch(task.forget()); } } // namespace mozilla diff --git a/dom/media/fmp4/MP4Reader.cpp b/dom/media/fmp4/MP4Reader.cpp index 9769f37ab84..6fad89c4770 100644 --- a/dom/media/fmp4/MP4Reader.cpp +++ b/dom/media/fmp4/MP4Reader.cpp @@ -172,7 +172,7 @@ MP4Reader::~MP4Reader() nsRefPtr MP4Reader::Shutdown() { - MOZ_ASSERT(GetTaskQueue()->IsCurrentThreadIn()); + MOZ_ASSERT(OnTaskQueue()); if (mAudio.mDecoder) { Flush(TrackInfo::kAudioTrack); @@ -611,7 +611,7 @@ nsRefPtr MP4Reader::RequestVideoData(bool aSkipToNextKeyframe, int64_t aTimeThreshold) { - MOZ_ASSERT(GetTaskQueue()->IsCurrentThreadIn()); + MOZ_ASSERT(OnTaskQueue()); VLOG("skip=%d time=%lld", aSkipToNextKeyframe, aTimeThreshold); if (!EnsureDecodersSetup()) { @@ -652,7 +652,7 @@ MP4Reader::RequestVideoData(bool aSkipToNextKeyframe, nsRefPtr MP4Reader::RequestAudioData() { - MOZ_ASSERT(GetTaskQueue()->IsCurrentThreadIn()); + MOZ_ASSERT(OnTaskQueue()); VLOG(""); if (!EnsureDecodersSetup()) { @@ -683,7 +683,7 @@ MP4Reader::ScheduleUpdate(TrackType aTrack) decoder.mUpdateScheduled = true; RefPtr task( NS_NewRunnableMethodWithArg(this, &MP4Reader::Update, aTrack)); - GetTaskQueue()->Dispatch(task.forget()); + TaskQueue()->Dispatch(task.forget()); } bool @@ -707,7 +707,7 @@ MP4Reader::NeedInput(DecoderData& aDecoder) void MP4Reader::Update(TrackType aTrack) { - MOZ_ASSERT(GetTaskQueue()->IsCurrentThreadIn()); + MOZ_ASSERT(OnTaskQueue()); if (mShutdown) { return; @@ -873,7 +873,7 @@ MP4Reader::SizeOfQueue(TrackType aTrack) nsresult MP4Reader::ResetDecode() { - MOZ_ASSERT(GetTaskQueue()->IsCurrentThreadIn()); + MOZ_ASSERT(OnTaskQueue()); Flush(TrackInfo::kVideoTrack); { MonitorAutoLock mon(mDemuxerMonitor); @@ -955,7 +955,7 @@ MP4Reader::Error(TrackType aTrack) void MP4Reader::Flush(TrackType aTrack) { - MOZ_ASSERT(GetTaskQueue()->IsCurrentThreadIn()); + MOZ_ASSERT(OnTaskQueue()); VLOG("Flush(%s) BEGIN", TrackTypeToStr(aTrack)); DecoderData& data = GetDecoderData(aTrack); if (!data.mDecoder) { @@ -993,7 +993,7 @@ MP4Reader::Flush(TrackType aTrack) bool MP4Reader::SkipVideoDemuxToNextKeyFrame(int64_t aTimeThreshold, uint32_t& parsed) { - MOZ_ASSERT(GetTaskQueue()->IsCurrentThreadIn()); + MOZ_ASSERT(OnTaskQueue()); MOZ_ASSERT(mVideo.mDecoder); @@ -1024,7 +1024,7 @@ nsRefPtr MP4Reader::Seek(int64_t aTime, int64_t aEndTime) { LOG("aTime=(%lld)", aTime); - MOZ_ASSERT(GetTaskQueue()->IsCurrentThreadIn()); + MOZ_ASSERT(OnTaskQueue()); MonitorAutoLock mon(mDemuxerMonitor); if (!mDemuxer->CanSeek()) { VLOG("Seek() END (Unseekable)"); diff --git a/dom/media/gtest/TestMP4Reader.cpp b/dom/media/gtest/TestMP4Reader.cpp index 870ef08df65..fa5bd1dffe8 100644 --- a/dom/media/gtest/TestMP4Reader.cpp +++ b/dom/media/gtest/TestMP4Reader.cpp @@ -56,7 +56,7 @@ private: virtual ~TestBinding() { { - nsRefPtr queue = reader->GetTaskQueue(); + nsRefPtr queue = reader->TaskQueue(); nsCOMPtr task = NS_NewRunnableMethod(reader, &MP4Reader::Shutdown); // Hackily bypass the tail dispatcher so that we can AwaitShutdownAndIdle. // In production code we'd use BeginShutdown + promises. diff --git a/dom/media/mediasource/MediaSourceReader.cpp b/dom/media/mediasource/MediaSourceReader.cpp index 02c09b7162f..495ada196bc 100644 --- a/dom/media/mediasource/MediaSourceReader.cpp +++ b/dom/media/mediasource/MediaSourceReader.cpp @@ -161,7 +161,7 @@ MediaSourceReader::RequestAudioData() case SOURCE_NEW: GetAudioReader()->ResetDecode(); mAudioSeekRequest.Begin(GetAudioReader()->Seek(GetReaderAudioTime(mLastAudioTime), 0) - ->Then(GetTaskQueue(), __func__, this, + ->Then(TaskQueue(), __func__, this, &MediaSourceReader::CompleteAudioSeekAndDoRequest, &MediaSourceReader::CompleteAudioSeekAndRejectPromise)); break; @@ -186,7 +186,7 @@ MediaSourceReader::RequestAudioData() void MediaSourceReader::DoAudioRequest() { mAudioRequest.Begin(GetAudioReader()->RequestAudioData() - ->Then(GetTaskQueue(), __func__, this, + ->Then(TaskQueue(), __func__, this, &MediaSourceReader::OnAudioDecoded, &MediaSourceReader::OnAudioNotDecoded)); } @@ -209,7 +209,7 @@ MediaSourceReader::OnAudioDecoded(AudioData* aSample) MSE_DEBUG("mTime=%lld < mTimeThreshold=%lld", ourTime, mTimeThreshold); mAudioRequest.Begin(GetAudioReader()->RequestAudioData() - ->Then(GetTaskQueue(), __func__, this, + ->Then(TaskQueue(), __func__, this, &MediaSourceReader::OnAudioDecoded, &MediaSourceReader::OnAudioNotDecoded)); return; @@ -279,7 +279,7 @@ MediaSourceReader::OnAudioNotDecoded(NotDecodedReason aReason) if (result == SOURCE_NEW) { GetAudioReader()->ResetDecode(); mAudioSeekRequest.Begin(GetAudioReader()->Seek(GetReaderAudioTime(mLastAudioTime), 0) - ->Then(GetTaskQueue(), __func__, this, + ->Then(TaskQueue(), __func__, this, &MediaSourceReader::CompleteAudioSeekAndDoRequest, &MediaSourceReader::CompleteAudioSeekAndRejectPromise)); return; @@ -334,7 +334,7 @@ MediaSourceReader::RequestVideoData(bool aSkipToNextKeyframe, int64_t aTimeThres case SOURCE_NEW: GetVideoReader()->ResetDecode(); mVideoSeekRequest.Begin(GetVideoReader()->Seek(GetReaderVideoTime(mLastVideoTime), 0) - ->Then(GetTaskQueue(), __func__, this, + ->Then(TaskQueue(), __func__, this, &MediaSourceReader::CompleteVideoSeekAndDoRequest, &MediaSourceReader::CompleteVideoSeekAndRejectPromise)); break; @@ -361,7 +361,7 @@ void MediaSourceReader::DoVideoRequest() { mVideoRequest.Begin(GetVideoReader()->RequestVideoData(mDropVideoBeforeThreshold, GetReaderVideoTime(mTimeThreshold)) - ->Then(GetTaskQueue(), __func__, this, + ->Then(TaskQueue(), __func__, this, &MediaSourceReader::OnVideoDecoded, &MediaSourceReader::OnVideoNotDecoded)); } @@ -431,7 +431,7 @@ MediaSourceReader::OnVideoNotDecoded(NotDecodedReason aReason) if (result == SOURCE_NEW) { GetVideoReader()->ResetDecode(); mVideoSeekRequest.Begin(GetVideoReader()->Seek(GetReaderVideoTime(mLastVideoTime), 0) - ->Then(GetTaskQueue(), __func__, this, + ->Then(TaskQueue(), __func__, this, &MediaSourceReader::CompleteVideoSeekAndDoRequest, &MediaSourceReader::CompleteVideoSeekAndRejectPromise)); return; @@ -502,7 +502,7 @@ MediaSourceReader::ContinueShutdown() { ReentrantMonitorAutoEnter mon(mDecoder->GetReentrantMonitor()); if (mTrackBuffers.Length()) { - mTrackBuffers[0]->Shutdown()->Then(GetTaskQueue(), __func__, this, + mTrackBuffers[0]->Shutdown()->Then(TaskQueue(), __func__, this, &MediaSourceReader::ContinueShutdown, &MediaSourceReader::ContinueShutdown); mShutdownTrackBuffers.AppendElement(mTrackBuffers[0]); @@ -723,7 +723,7 @@ MediaSourceReader::CreateSubDecoder(const nsACString& aType, int64_t aTimestampO // borrowing. nsRefPtr decoder = new SourceBufferDecoder(new SourceBufferResource(aType), mDecoder, aTimestampOffset); - nsRefPtr reader(CreateReaderForType(aType, decoder, GetTaskQueue())); + nsRefPtr reader(CreateReaderForType(aType, decoder, TaskQueue())); if (!reader) { return nullptr; } @@ -813,7 +813,7 @@ MediaSourceReader::NotifyTimeRangesChanged() //post a task to the decode queue to try to complete the pending seek. RefPtr task(NS_NewRunnableMethod( this, &MediaSourceReader::AttemptSeek)); - GetTaskQueue()->Dispatch(task.forget()); + TaskQueue()->Dispatch(task.forget()); } else { MaybeNotifyHaveData(); } @@ -929,7 +929,7 @@ MediaSourceReader::DoAudioSeek() } GetAudioReader()->ResetDecode(); mAudioSeekRequest.Begin(GetAudioReader()->Seek(GetReaderAudioTime(seekTime), 0) - ->Then(GetTaskQueue(), __func__, this, + ->Then(TaskQueue(), __func__, this, &MediaSourceReader::OnAudioSeekCompleted, &MediaSourceReader::OnAudioSeekFailed)); MSE_DEBUG("reader=%p", GetAudioReader()); @@ -1001,7 +1001,7 @@ MediaSourceReader::DoVideoSeek() } GetVideoReader()->ResetDecode(); mVideoSeekRequest.Begin(GetVideoReader()->Seek(GetReaderVideoTime(seekTime), 0) - ->Then(GetTaskQueue(), __func__, this, + ->Then(TaskQueue(), __func__, this, &MediaSourceReader::OnVideoSeekCompleted, &MediaSourceReader::OnVideoSeekFailed)); MSE_DEBUG("reader=%p", GetVideoReader()); @@ -1202,7 +1202,7 @@ MediaSourceReader::Ended(bool aEnded) // seek or wait RefPtr task(NS_NewRunnableMethod( this, &MediaSourceReader::NotifyTimeRangesChanged)); - GetTaskQueue()->Dispatch(task.forget()); + TaskQueue()->Dispatch(task.forget()); } } diff --git a/dom/media/mediasource/TrackBuffer.cpp b/dom/media/mediasource/TrackBuffer.cpp index ed5d3f9b8c0..55c729dfb99 100644 --- a/dom/media/mediasource/TrackBuffer.cpp +++ b/dom/media/mediasource/TrackBuffer.cpp @@ -112,7 +112,7 @@ TrackBuffer::Shutdown() RefPtr queue = mTaskQueue; mTaskQueue = nullptr; queue->BeginShutdown() - ->Then(mParentDecoder->GetReader()->GetTaskQueue(), __func__, this, + ->Then(mParentDecoder->GetReader()->TaskQueue(), __func__, this, &TrackBuffer::ContinueShutdown, &TrackBuffer::ContinueShutdown); return p; @@ -124,7 +124,7 @@ TrackBuffer::ContinueShutdown() ReentrantMonitorAutoEnter mon(mParentDecoder->GetReentrantMonitor()); if (mDecoders.Length()) { mDecoders[0]->GetReader()->Shutdown() - ->Then(mParentDecoder->GetReader()->GetTaskQueue(), __func__, this, + ->Then(mParentDecoder->GetReader()->TaskQueue(), __func__, this, &TrackBuffer::ContinueShutdown, &TrackBuffer::ContinueShutdown); mShutdownDecoders.AppendElement(mDecoders[0]); mDecoders.RemoveElementAt(0); @@ -274,7 +274,7 @@ TrackBuffer::NotifyTimeRangesChanged() RefPtr task = NS_NewRunnableMethod(mParentDecoder->GetReader(), &MediaSourceReader::NotifyTimeRangesChanged); - mParentDecoder->GetReader()->GetTaskQueue()->Dispatch(task.forget()); + mParentDecoder->GetReader()->TaskQueue()->Dispatch(task.forget()); } class DecoderSorter @@ -566,7 +566,7 @@ TrackBuffer::NewDecoder(TimeUnit aTimestampOffset) mLastEndTimestamp.reset(); mLastTimestampOffset = aTimestampOffset; - decoder->SetTaskQueue(decoder->GetReader()->GetTaskQueue()); + decoder->SetTaskQueue(decoder->GetReader()->TaskQueue()); return decoder.forget(); } @@ -582,7 +582,7 @@ TrackBuffer::QueueInitializeDecoder(SourceBufferDecoder* aDecoder) &TrackBuffer::InitializeDecoder, aDecoder); // We need to initialize the reader on its own task queue - aDecoder->GetReader()->GetTaskQueue()->Dispatch(task.forget()); + aDecoder->GetReader()->TaskQueue()->Dispatch(task.forget()); return true; } @@ -646,7 +646,7 @@ TrackBuffer::InitializeDecoder(SourceBufferDecoder* aDecoder) return; } - MOZ_ASSERT(aDecoder->GetReader()->GetTaskQueue()->IsCurrentThreadIn()); + MOZ_ASSERT(aDecoder->GetReader()->OnTaskQueue()); MediaDecoderReader* reader = aDecoder->GetReader(); @@ -681,7 +681,7 @@ TrackBuffer::InitializeDecoder(SourceBufferDecoder* aDecoder) return; } - mMetadataRequest.Begin(promise->Then(reader->GetTaskQueue(), __func__, + mMetadataRequest.Begin(promise->Then(reader->TaskQueue(), __func__, recipient.get(), &MetadataRecipient::OnMetadataRead, &MetadataRecipient::OnMetadataNotRead)); @@ -692,7 +692,7 @@ TrackBuffer::OnMetadataRead(MetadataHolder* aMetadata, SourceBufferDecoder* aDecoder, bool aWasEnded) { - MOZ_ASSERT(aDecoder->GetReader()->GetTaskQueue()->IsCurrentThreadIn()); + MOZ_ASSERT(aDecoder->GetReader()->OnTaskQueue()); mParentDecoder->GetReentrantMonitor().AssertNotCurrentThreadIn(); ReentrantMonitorAutoEnter mon(mParentDecoder->GetReentrantMonitor()); @@ -752,7 +752,7 @@ void TrackBuffer::OnMetadataNotRead(ReadMetadataFailureReason aReason, SourceBufferDecoder* aDecoder) { - MOZ_ASSERT(aDecoder->GetReader()->GetTaskQueue()->IsCurrentThreadIn()); + MOZ_ASSERT(aDecoder->GetReader()->TaskQueue()->IsCurrentThreadIn()); mParentDecoder->GetReentrantMonitor().AssertNotCurrentThreadIn(); ReentrantMonitorAutoEnter mon(mParentDecoder->GetReentrantMonitor()); @@ -1073,7 +1073,7 @@ TrackBuffer::RemoveDecoder(SourceBufferDecoder* aDecoder) mInitializedDecoders.RemoveElement(aDecoder); mDecoders.RemoveElement(aDecoder); } - aDecoder->GetReader()->GetTaskQueue()->Dispatch(task.forget()); + aDecoder->GetReader()->TaskQueue()->Dispatch(task.forget()); } bool diff --git a/dom/media/omx/MediaCodecReader.cpp b/dom/media/omx/MediaCodecReader.cpp index 3cb4034a5af..8a71d6f25e2 100644 --- a/dom/media/omx/MediaCodecReader.cpp +++ b/dom/media/omx/MediaCodecReader.cpp @@ -340,7 +340,7 @@ MediaCodecReader::DispatchVideoTask(int64_t aTimeThreshold) nsRefPtr MediaCodecReader::RequestAudioData() { - MOZ_ASSERT(GetTaskQueue()->IsCurrentThreadIn()); + MOZ_ASSERT(OnTaskQueue()); MOZ_ASSERT(HasAudio()); MonitorAutoLock al(mAudioTrack.mTrackMonitor); @@ -355,7 +355,7 @@ nsRefPtr MediaCodecReader::RequestVideoData(bool aSkipToNextKeyframe, int64_t aTimeThreshold) { - MOZ_ASSERT(GetTaskQueue()->IsCurrentThreadIn()); + MOZ_ASSERT(OnTaskQueue()); MOZ_ASSERT(HasVideo()); int64_t threshold = sInvalidTimestampUs; @@ -659,7 +659,7 @@ MediaCodecReader::AsyncReadMetadata() nsRefPtr self = this; mMediaResourceRequest.Begin(CreateMediaCodecs() - ->Then(GetTaskQueue(), __func__, + ->Then(TaskQueue(), __func__, [self] (bool) -> void { self->mMediaResourceRequest.Complete(); self->HandleResourceAllocated(); diff --git a/dom/media/omx/MediaOmxReader.cpp b/dom/media/omx/MediaOmxReader.cpp index c7a55baab76..480f89e2ebd 100644 --- a/dom/media/omx/MediaOmxReader.cpp +++ b/dom/media/omx/MediaOmxReader.cpp @@ -252,7 +252,7 @@ MediaOmxReader::AsyncReadMetadata() nsRefPtr self = this; mMediaResourceRequest.Begin(mOmxDecoder->AllocateMediaResources() - ->Then(GetTaskQueue(), __func__, + ->Then(TaskQueue(), __func__, [self] (bool) -> void { self->mMediaResourceRequest.Complete(); self->HandleResourceAllocated(); diff --git a/dom/media/webaudio/MediaBufferDecoder.cpp b/dom/media/webaudio/MediaBufferDecoder.cpp index 9272fba25d8..918b20cb271 100644 --- a/dom/media/webaudio/MediaBufferDecoder.cpp +++ b/dom/media/webaudio/MediaBufferDecoder.cpp @@ -245,14 +245,14 @@ MediaDecodeTask::Decode() { MOZ_ASSERT(!NS_IsMainThread()); - mBufferDecoder->BeginDecoding(mDecoderReader->GetTaskQueue()); + mBufferDecoder->BeginDecoding(mDecoderReader->TaskQueue()); // Tell the decoder reader that we are not going to play the data directly, // and that we should not reject files with more channels than the audio // backend support. mDecoderReader->SetIgnoreAudioOutputFormat(); - mDecoderReader->AsyncReadMetadata()->Then(mDecoderReader->GetTaskQueue(), __func__, this, + mDecoderReader->AsyncReadMetadata()->Then(mDecoderReader->TaskQueue(), __func__, this, &MediaDecodeTask::OnMetadataRead, &MediaDecodeTask::OnMetadataNotRead); } @@ -281,7 +281,7 @@ MediaDecodeTask::OnMetadataNotRead(ReadMetadataFailureReason aReason) void MediaDecodeTask::RequestSample() { - mDecoderReader->RequestAudioData()->Then(mDecoderReader->GetTaskQueue(), __func__, this, + mDecoderReader->RequestAudioData()->Then(mDecoderReader->TaskQueue(), __func__, this, &MediaDecodeTask::SampleDecoded, &MediaDecodeTask::SampleNotDecoded); } @@ -504,10 +504,10 @@ AsyncDecodeWebAudio(const char* aContentType, uint8_t* aBuffer, NS_DispatchToMainThread(event); } else { // If we did this without a temporary: - // task->Reader()->GetTaskQueue()->Dispatch(task.forget()) + // task->Reader()->TaskQueue()->Dispatch(task.forget()) // we might evaluate the task.forget() before calling Reader(). Enforce // a non-crashy order-of-operations. - MediaTaskQueue* taskQueue = task->Reader()->GetTaskQueue(); + MediaTaskQueue* taskQueue = task->Reader()->TaskQueue(); taskQueue->Dispatch(task.forget()); } } From 135bbbec54206c8eac2140d03543763957e374d6 Mon Sep 17 00:00:00 2001 From: Bobby Holley Date: Tue, 9 Jun 2015 15:43:48 -0700 Subject: [PATCH 054/297] Bug 1173001 - Enable tail dispatch for the decode task queue. r=jww --- dom/media/MediaDecoderReader.cpp | 4 +++- dom/media/MediaDecoderStateMachine.cpp | 2 +- dom/media/MediaTaskQueue.h | 2 +- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/dom/media/MediaDecoderReader.cpp b/dom/media/MediaDecoderReader.cpp index 7f54ba4fe49..16b954e7db7 100644 --- a/dom/media/MediaDecoderReader.cpp +++ b/dom/media/MediaDecoderReader.cpp @@ -64,7 +64,9 @@ MediaDecoderReader::MediaDecoderReader(AbstractMediaDecoder* aDecoder, MediaTaskQueue* aBorrowedTaskQueue) : mAudioCompactor(mAudioQueue) , mDecoder(aDecoder) - , mTaskQueue(aBorrowedTaskQueue ? aBorrowedTaskQueue : new MediaTaskQueue(GetMediaThreadPool(MediaThreadType::PLAYBACK))) + , mTaskQueue(aBorrowedTaskQueue ? aBorrowedTaskQueue + : new MediaTaskQueue(GetMediaThreadPool(MediaThreadType::PLAYBACK), + /* aSupportsTailDispatch = */ true)) , mIgnoreAudioOutputFormat(false) , mStartTime(-1) , mHitAudioDecodeError(false) diff --git a/dom/media/MediaDecoderStateMachine.cpp b/dom/media/MediaDecoderStateMachine.cpp index 39dc46c2c2d..2411c3cb5fa 100644 --- a/dom/media/MediaDecoderStateMachine.cpp +++ b/dom/media/MediaDecoderStateMachine.cpp @@ -182,7 +182,7 @@ MediaDecoderStateMachine::MediaDecoderStateMachine(MediaDecoder* aDecoder, bool aRealTime) : mDecoder(aDecoder), mTaskQueue(new MediaTaskQueue(GetMediaThreadPool(MediaThreadType::PLAYBACK), - /* aAssertTailDispatch = */ true)), + /* aSupportsTailDispatch = */ true)), mWatchManager(this, mTaskQueue), mRealTime(aRealTime), mDispatchedStateMachine(false), diff --git a/dom/media/MediaTaskQueue.h b/dom/media/MediaTaskQueue.h index cf90e5b88e9..20e110d29b9 100644 --- a/dom/media/MediaTaskQueue.h +++ b/dom/media/MediaTaskQueue.h @@ -31,7 +31,7 @@ typedef MediaPromise ShutdownPromise; // to make this threadsafe for objects that aren't already threadsafe. class MediaTaskQueue : public AbstractThread { public: - explicit MediaTaskQueue(TemporaryRef aPool, bool aRequireTailDispatch = false); + explicit MediaTaskQueue(TemporaryRef aPool, bool aSupportsTailDispatch = false); void Dispatch(TemporaryRef aRunnable, DispatchFailureHandling aFailureHandling = AssertDispatchSuccess) From af455f5718c1f313d804a0b543d348259bcfb59d Mon Sep 17 00:00:00 2001 From: Birunthan Mohanathas Date: Mon, 8 Jun 2015 10:52:14 -0700 Subject: [PATCH 055/297] Bug 1172584 - Avoid coping FallibleTArray in SendRequestRunnable constructor. r=dragana --- netwerk/base/nsUDPSocket.cpp | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/netwerk/base/nsUDPSocket.cpp b/netwerk/base/nsUDPSocket.cpp index 7cea95aa75c..44d4ed51650 100644 --- a/netwerk/base/nsUDPSocket.cpp +++ b/netwerk/base/nsUDPSocket.cpp @@ -1255,10 +1255,10 @@ class SendRequestRunnable: public nsRunnable { public: SendRequestRunnable(nsUDPSocket *aSocket, const NetAddr &aAddr, - FallibleTArray &aData) + FallibleTArray&& aData) : mSocket(aSocket) , mAddr(aAddr) - , mData(aData) + , mData(Move(aData)) { } NS_DECL_NSIRUNNABLE @@ -1373,8 +1373,9 @@ nsUDPSocket::SendWithAddress(const NetAddr *aAddr, const uint8_t *aData, return NS_ERROR_OUT_OF_MEMORY; } - nsresult rv = mSts->Dispatch(new SendRequestRunnable(this, *aAddr, fallibleArray), - NS_DISPATCH_NORMAL); + nsresult rv = mSts->Dispatch( + new SendRequestRunnable(this, *aAddr, Move(fallibleArray)), + NS_DISPATCH_NORMAL); NS_ENSURE_SUCCESS(rv, rv); *_retval = aDataLength; } From e2687b41c2e1d8ae102aeb43d336c5e1385c3b18 Mon Sep 17 00:00:00 2001 From: Birunthan Mohanathas Date: Wed, 10 Jun 2015 14:30:41 -0700 Subject: [PATCH 056/297] Bug 1172610 - Remove now unnecessary safebrowsing::ReadTArray overload for FallibleTArray. r=gcp --- toolkit/components/url-classifier/Entries.h | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/toolkit/components/url-classifier/Entries.h b/toolkit/components/url-classifier/Entries.h index 5e9bbdeee0e..098c0e559f1 100644 --- a/toolkit/components/url-classifier/Entries.h +++ b/toolkit/components/url-classifier/Entries.h @@ -275,19 +275,6 @@ EntrySort(nsTArray_Impl& aArray) template nsresult ReadTArray(nsIInputStream* aStream, nsTArray_Impl* aArray, uint32_t aNumElements) -{ - aArray->SetLength(aNumElements); - - void *buffer = aArray->Elements(); - nsresult rv = NS_ReadInputStreamToBuffer(aStream, &buffer, - (aNumElements * sizeof(T))); - NS_ENSURE_SUCCESS(rv, rv); - return NS_OK; -} - -template -nsresult -ReadTArray(nsIInputStream* aStream, FallibleTArray* aArray, uint32_t aNumElements) { if (!aArray->SetLength(aNumElements, fallible)) return NS_ERROR_OUT_OF_MEMORY; From 6d5d42e7dc99f6fdf70c35af0c7765258481d19c Mon Sep 17 00:00:00 2001 From: Birunthan Mohanathas Date: Wed, 10 Jun 2015 14:30:41 -0700 Subject: [PATCH 057/297] Bug 968520 - Add mozilla::fallible to more FallibleTArray calls. r=froydnj This calls were already fallible due to their type (FallibleTArray). This commit merely makes that fact visible at the call site. --- dom/nfc/gonk/NfcService.cpp | 11 +++++++---- gfx/layers/composite/FrameUniformityData.cpp | 3 ++- gfx/thebes/gfxDWriteFontList.cpp | 14 +++++++------- gfx/thebes/gfxFT2FontList.cpp | 2 +- gfx/thebes/gfxFcPlatformFontList.cpp | 2 +- gfx/thebes/gfxFontconfigFonts.cpp | 14 +++++++++----- gfx/thebes/gfxGDIFontList.cpp | 6 +++--- media/libstagefright/binding/Index.cpp | 5 +++-- media/libstagefright/binding/MP4Metadata.cpp | 5 +++-- media/libstagefright/binding/MoofParser.cpp | 5 +++-- 10 files changed, 39 insertions(+), 28 deletions(-) diff --git a/dom/nfc/gonk/NfcService.cpp b/dom/nfc/gonk/NfcService.cpp index 706594c1c57..68c69508b7d 100644 --- a/dom/nfc/gonk/NfcService.cpp +++ b/dom/nfc/gonk/NfcService.cpp @@ -161,14 +161,15 @@ public: int length = mEvent.mTechList.Length(); event.mTechList.Construct(); - if (!event.mTechList.Value().SetCapacity(length)) { + if (!event.mTechList.Value().SetCapacity(length, fallible)) { return NS_ERROR_FAILURE; } for (int i = 0; i < length; i++) { NFCTechType tech = static_cast(mEvent.mTechList[i]); MOZ_ASSERT(tech < NFCTechType::EndGuard_); - *event.mTechList.Value().AppendElement() = tech; + // FIXME: Make this infallible after bug 968520 is done. + *event.mTechList.Value().AppendElement(fallible) = tech; } } @@ -180,13 +181,15 @@ public: if (mEvent.mRecords.Length() > 0) { int length = mEvent.mRecords.Length(); event.mRecords.Construct(); - if (!event.mRecords.Value().SetCapacity(length)) { + if (!event.mRecords.Value().SetCapacity(length, fallible)) { return NS_ERROR_FAILURE; } for (int i = 0; i < length; i++) { NDEFRecordStruct& recordStruct = mEvent.mRecords[i]; - MozNDEFRecordOptions& record = *event.mRecords.Value().AppendElement(); + // FIXME: Make this infallible after bug 968520 is done. + MozNDEFRecordOptions& record = + *event.mRecords.Value().AppendElement(fallible); record.mTnf = recordStruct.mTnf; MOZ_ASSERT(record.mTnf < TNF::EndGuard_); diff --git a/gfx/layers/composite/FrameUniformityData.cpp b/gfx/layers/composite/FrameUniformityData.cpp index eb2c3db7892..6027a14706f 100644 --- a/gfx/layers/composite/FrameUniformityData.cpp +++ b/gfx/layers/composite/FrameUniformityData.cpp @@ -137,7 +137,8 @@ FrameUniformityData::ToJS(JS::MutableHandleValue aOutValue, JSContext* aContext) uintptr_t layerAddr = iter->first; float uniformity = iter->second; - layers.AppendElement(); + // FIXME: Make this infallible after bug 968520 is done. + MOZ_ALWAYS_TRUE(layers.AppendElement(fallible)); dom::FrameUniformity& entry = layers.LastElement(); entry.mLayerAddress.Construct() = layerAddr; diff --git a/gfx/thebes/gfxDWriteFontList.cpp b/gfx/thebes/gfxDWriteFontList.cpp index 17bd3af2f10..66e7f0c93d9 100644 --- a/gfx/thebes/gfxDWriteFontList.cpp +++ b/gfx/thebes/gfxDWriteFontList.cpp @@ -311,7 +311,7 @@ gfxDWriteFontFamily::LocalizedName(nsAString &aLocalizedName) return; } - if (!famName.SetLength(length + 1)) { + if (!famName.SetLength(length + 1, fallible)) { // Eeep - running out of memory. Unlikely to end well. return; } @@ -403,7 +403,7 @@ gfxDWriteFontEntry::CopyFontTable(uint32_t aTableTag, NativeEndian::swapToBigEndian(aTableTag), 0, nullptr, 0); if (tableSize != GDI_ERROR) { - if (aBuffer.SetLength(tableSize)) { + if (aBuffer.SetLength(tableSize, fallible)) { ::GetFontData(dc.GetDC(), NativeEndian::swapToBigEndian(aTableTag), 0, aBuffer.Elements(), aBuffer.Length()); @@ -433,7 +433,7 @@ gfxDWriteFontEntry::CopyFontTable(uint32_t aTableTag, return NS_ERROR_FAILURE; } - if (aBuffer.SetLength(len)) { + if (aBuffer.SetLength(len, fallible)) { memcpy(aBuffer.Elements(), tableData, len); rv = NS_OK; } else { @@ -1122,7 +1122,7 @@ gfxDWriteFontList::GetFontsFromCollection(IDWriteFontCollection* aCollection) continue; } - if (!enName.SetLength(length + 1)) { + if (!enName.SetLength(length + 1, fallible)) { // Eeep - running out of memory. Unlikely to end well. continue; } @@ -1171,7 +1171,7 @@ gfxDWriteFontList::GetFontsFromCollection(IDWriteFontCollection* aCollection) continue; } - if (!localizedName.SetLength(nameLen + 1)) { + if (!localizedName.SetLength(nameLen + 1, fallible)) { continue; } @@ -1406,7 +1406,7 @@ static HRESULT GetFamilyName(IDWriteFont *aFont, nsString& aFamilyName) return hr; } - if (!name.SetLength(length + 1)) { + if (!name.SetLength(length + 1, fallible)) { return E_FAIL; } hr = familyNames->GetString(index, name.Elements(), length + 1); @@ -1587,7 +1587,7 @@ DirectWriteFontInfo::LoadFontFamilyData(const nsAString& aFamilyName) nsAutoTArray famName; uint32_t len = aFamilyName.Length(); - famName.SetLength(len + 1); + famName.SetLength(len + 1, fallible); memcpy(famName.Elements(), aFamilyName.BeginReading(), len * sizeof(char16_t)); famName[len] = 0; diff --git a/gfx/thebes/gfxFT2FontList.cpp b/gfx/thebes/gfxFT2FontList.cpp index a8b9bae4562..e246c478d99 100644 --- a/gfx/thebes/gfxFT2FontList.cpp +++ b/gfx/thebes/gfxFT2FontList.cpp @@ -532,7 +532,7 @@ FT2FontEntry::CopyFontTable(uint32_t aTableTag, return NS_ERROR_FAILURE; } - if (!aBuffer.SetLength(len)) { + if (!aBuffer.SetLength(len, fallible)) { return NS_ERROR_OUT_OF_MEMORY; } uint8_t *buf = aBuffer.Elements(); diff --git a/gfx/thebes/gfxFcPlatformFontList.cpp b/gfx/thebes/gfxFcPlatformFontList.cpp index 7d8af32614d..4ede0e87a15 100644 --- a/gfx/thebes/gfxFcPlatformFontList.cpp +++ b/gfx/thebes/gfxFcPlatformFontList.cpp @@ -805,7 +805,7 @@ gfxFontconfigFontEntry::CopyFontTable(uint32_t aTableTag, if (FT_Load_Sfnt_Table(mFTFace, aTableTag, 0, nullptr, &length) != 0) { return NS_ERROR_NOT_AVAILABLE; } - if (!aBuffer.SetLength(length)) { + if (!aBuffer.SetLength(length, fallible)) { return NS_ERROR_OUT_OF_MEMORY; } if (FT_Load_Sfnt_Table(mFTFace, aTableTag, 0, aBuffer.Elements(), &length) != 0) { diff --git a/gfx/thebes/gfxFontconfigFonts.cpp b/gfx/thebes/gfxFontconfigFonts.cpp index 069d3a1cfb9..3a577021e2a 100644 --- a/gfx/thebes/gfxFontconfigFonts.cpp +++ b/gfx/thebes/gfxFontconfigFonts.cpp @@ -184,9 +184,11 @@ public: { cairo_font_face_reference(mFontFace); cairo_font_face_set_user_data(mFontFace, &sFontEntryKey, this, nullptr); - mPatterns.AppendElement(); + // mPatterns is an nsAutoTArray with 1 space always available, so the // AppendElement always succeeds. + // FIXME: Make this infallible after bug 968520 is done. + MOZ_ALWAYS_TRUE(mPatterns.AppendElement(fallible)); mPatterns[0] = aFontPattern; FcChar8 *name; @@ -248,7 +250,7 @@ gfxSystemFcFontEntry::CopyFontTable(uint32_t aTableTag, if (FT_Load_Sfnt_Table(mFTFace, aTableTag, 0, nullptr, &length) != 0) { return NS_ERROR_NOT_AVAILABLE; } - if (!aBuffer.SetLength(length)) { + if (!aBuffer.SetLength(length, fallible)) { return NS_ERROR_OUT_OF_MEMORY; } if (FT_Load_Sfnt_Table(mFTFace, aTableTag, 0, aBuffer.Elements(), &length) != 0) { @@ -419,7 +421,7 @@ public: const nsTArray< nsCountedRef >& aPatterns) : gfxUserFcFontEntry(aFontName, aWeight, aStretch, aItalic) { - if (!mPatterns.SetCapacity(aPatterns.Length())) + if (!mPatterns.SetCapacity(aPatterns.Length(), fallible)) return; // OOM for (uint32_t i = 0; i < aPatterns.Length(); ++i) { @@ -429,7 +431,8 @@ public: AdjustPatternToCSS(pattern); - mPatterns.AppendElement(); + // FIXME: Make this infallible after bug 968520 is done. + MOZ_ALWAYS_TRUE(mPatterns.AppendElement(fallible)); mPatterns[i].own(pattern); } mIsLocalUserFont = true; @@ -617,7 +620,8 @@ gfxDownloadedFcFontEntry::InitPattern() AddDownloadedFontEntry(pattern, this); // There is never more than one pattern - mPatterns.AppendElement(); + // FIXME: Make this infallible after bug 968520 is done. + MOZ_ALWAYS_TRUE(mPatterns.AppendElement(fallible)); mPatterns[0].own(pattern); } diff --git a/gfx/thebes/gfxGDIFontList.cpp b/gfx/thebes/gfxGDIFontList.cpp index 7a20e2b0eab..ac2dc854373 100644 --- a/gfx/thebes/gfxGDIFontList.cpp +++ b/gfx/thebes/gfxGDIFontList.cpp @@ -245,7 +245,7 @@ GDIFontEntry::CopyFontTable(uint32_t aTableTag, NativeEndian::swapToBigEndian(aTableTag), 0, nullptr, 0); if (tableSize != GDI_ERROR) { - if (aBuffer.SetLength(tableSize)) { + if (aBuffer.SetLength(tableSize, fallible)) { ::GetFontData(dc.GetDC(), NativeEndian::swapToBigEndian(aTableTag), 0, aBuffer.Elements(), tableSize); @@ -976,7 +976,7 @@ int CALLBACK GDIFontInfo::EnumerateFontsForFamily( nameSize = ::GetFontData(hdc, kNAME, 0, nullptr, 0); if (nameSize != GDI_ERROR && nameSize > 0 && - nameData.SetLength(nameSize)) { + nameData.SetLength(nameSize, fallible)) { ::GetFontData(hdc, kNAME, 0, nameData.Elements(), nameSize); // face names @@ -1019,7 +1019,7 @@ int CALLBACK GDIFontInfo::EnumerateFontsForFamily( cmapSize = ::GetFontData(hdc, kCMAP, 0, nullptr, 0); if (cmapSize != GDI_ERROR && cmapSize > 0 && - cmapData.SetLength(cmapSize)) { + cmapData.SetLength(cmapSize, fallible)) { ::GetFontData(hdc, kCMAP, 0, cmapData.Elements(), cmapSize); bool cmapLoaded = false; bool unicodeFont = false, symbolFont = false; diff --git a/media/libstagefright/binding/Index.cpp b/media/libstagefright/binding/Index.cpp index e111dc287ea..4a20c85ba57 100644 --- a/media/libstagefright/binding/Index.cpp +++ b/media/libstagefright/binding/Index.cpp @@ -244,7 +244,7 @@ Index::Index(const nsTArray& aIndex, if (aIndex.IsEmpty()) { mMoofParser = new MoofParser(aSource, aTrackId, aIsAudio, aMonitor); } else { - if (!mIndex.SetCapacity(aIndex.Length())) { + if (!mIndex.SetCapacity(aIndex.Length(), fallible)) { // OOM. return; } @@ -256,7 +256,8 @@ Index::Index(const nsTArray& aIndex, sample.mCompositionRange = Interval(indice.start_composition, indice.end_composition); sample.mSync = indice.sync; - MOZ_ALWAYS_TRUE(mIndex.AppendElement(sample)); + // FIXME: Make this infallible after bug 968520 is done. + MOZ_ALWAYS_TRUE(mIndex.AppendElement(sample, fallible)); } } } diff --git a/media/libstagefright/binding/MP4Metadata.cpp b/media/libstagefright/binding/MP4Metadata.cpp index db5167cb5a3..22836191bd6 100644 --- a/media/libstagefright/binding/MP4Metadata.cpp +++ b/media/libstagefright/binding/MP4Metadata.cpp @@ -71,7 +71,7 @@ ConvertIndex(FallibleTArray& aDest, const stagefright::Vector& aIndex, int64_t aMediaTime) { - if (!aDest.SetCapacity(aIndex.size())) { + if (!aDest.SetCapacity(aIndex.size(), mozilla::fallible)) { return false; } for (size_t i = 0; i < aIndex.size(); i++) { @@ -82,7 +82,8 @@ ConvertIndex(FallibleTArray& aDest, indice.start_composition = s_indice.start_composition - aMediaTime; indice.end_composition = s_indice.end_composition - aMediaTime; indice.sync = s_indice.sync; - MOZ_ALWAYS_TRUE(aDest.AppendElement(indice)); + // FIXME: Make this infallible after bug 968520 is done. + MOZ_ALWAYS_TRUE(aDest.AppendElement(indice, mozilla::fallible)); } return true; } diff --git a/media/libstagefright/binding/MoofParser.cpp b/media/libstagefright/binding/MoofParser.cpp index b290ae9a146..3a7c445a35e 100644 --- a/media/libstagefright/binding/MoofParser.cpp +++ b/media/libstagefright/binding/MoofParser.cpp @@ -463,7 +463,7 @@ Moof::ParseTrun(Box& aBox, Tfhd& aTfhd, Mvhd& aMvhd, Mdhd& aMdhd, Edts& aEdts, u uint64_t decodeTime = *aDecodeTime; nsTArray> timeRanges; - if (!mIndex.SetCapacity(sampleCount)) { + if (!mIndex.SetCapacity(sampleCount, fallible)) { LOG(Moof, "Out of Memory"); return false; } @@ -497,7 +497,8 @@ Moof::ParseTrun(Box& aBox, Tfhd& aTfhd, Mvhd& aMvhd, Mdhd& aMdhd, Edts& aEdts, u // because every audio sample is a keyframe. sample.mSync = !(sampleFlags & 0x1010000) || aIsAudio; - MOZ_ALWAYS_TRUE(mIndex.AppendElement(sample)); + // FIXME: Make this infallible after bug 968520 is done. + MOZ_ALWAYS_TRUE(mIndex.AppendElement(sample, fallible)); mMdatRange = mMdatRange.Extents(sample.mByteRange); } From 979decd0bd64dee1ca6a34e2e61e78602f02a967 Mon Sep 17 00:00:00 2001 From: Birunthan Mohanathas Date: Wed, 10 Jun 2015 14:30:41 -0700 Subject: [PATCH 058/297] Bug 968520 - Always require fallible argument with FallibleTArray calls. r=froydnj --- xpcom/glue/nsTArray.h | 50 ++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 49 insertions(+), 1 deletion(-) diff --git a/xpcom/glue/nsTArray.h b/xpcom/glue/nsTArray.h index e45bd41ed57..1e9d0e0e5eb 100644 --- a/xpcom/glue/nsTArray.h +++ b/xpcom/glue/nsTArray.h @@ -1222,6 +1222,7 @@ public: // @param aArrayLen The number of values to copy into this array. // @return A pointer to the new elements in the array, or null if // the operation failed due to insufficient memory. +protected: template elem_type* ReplaceElementsAt(index_type aStart, size_type aCount, const Item* aArray, size_type aArrayLen) @@ -1238,7 +1239,7 @@ public: AssignRange(aStart, aArrayLen, aArray); return Elements() + aStart; } - +public: template /* MOZ_WARN_UNUSED_RESULT */ @@ -1251,6 +1252,7 @@ public: } // A variation on the ReplaceElementsAt method defined above. +protected: template elem_type* ReplaceElementsAt(index_type aStart, size_type aCount, const nsTArray& aArray) @@ -1258,6 +1260,7 @@ public: return ReplaceElementsAt( aStart, aCount, aArray.Elements(), aArray.Length()); } +public: template /* MOZ_WARN_UNUSED_RESULT */ @@ -1269,12 +1272,14 @@ public: } // A variation on the ReplaceElementsAt method defined above. +protected: template elem_type* ReplaceElementsAt(index_type aStart, size_type aCount, const Item& aItem) { return ReplaceElementsAt(aStart, aCount, &aItem, 1); } +public: template /* MOZ_WARN_UNUSED_RESULT */ @@ -1292,12 +1297,14 @@ public: } // A variation on the ReplaceElementsAt method defined above. +protected: template elem_type* InsertElementsAt(index_type aIndex, const Item* aArray, size_type aArrayLen) { return ReplaceElementsAt(aIndex, 0, aArray, aArrayLen); } +public: template /* MOZ_WARN_UNUSED_RESULT */ @@ -1308,6 +1315,7 @@ public: } // A variation on the ReplaceElementsAt method defined above. +protected: template elem_type* InsertElementsAt(index_type aIndex, const nsTArray_Impl& aArray) @@ -1315,6 +1323,7 @@ public: return ReplaceElementsAt( aIndex, 0, aArray.Elements(), aArray.Length()); } +public: template /* MOZ_WARN_UNUSED_RESULT */ @@ -1328,6 +1337,7 @@ public: // Insert a new element without copy-constructing. This is useful to avoid // temporaries. // @return A pointer to the newly inserted element, or null on OOM. +protected: template elem_type* InsertElementAt(index_type aIndex) { @@ -1341,6 +1351,7 @@ public: elem_traits::Construct(elem); return elem; } +public: /* MOZ_WARN_UNUSED_RESULT */ elem_type* InsertElementAt(index_type aIndex, const mozilla::fallible_t&) @@ -1349,6 +1360,7 @@ public: } // Insert a new element, move constructing if possible. +protected: template elem_type* InsertElementAt(index_type aIndex, Item&& aItem) { @@ -1362,6 +1374,7 @@ public: elem_traits::Construct(elem, mozilla::Forward(aItem)); return elem; } +public: template /* MOZ_WARN_UNUSED_RESULT */ @@ -1410,6 +1423,7 @@ public: // Inserts |aItem| at such an index to guarantee that if the array // was previously sorted, it will remain sorted after this // insertion. +protected: template elem_type* InsertElementSorted(Item&& aItem, const Comparator& aComp) { @@ -1417,6 +1431,7 @@ public: return InsertElementAt( index, mozilla::Forward(aItem)); } +public: template /* MOZ_WARN_UNUSED_RESULT */ @@ -1428,6 +1443,7 @@ public: } // A variation on the InsertElementSorted method defined above. +protected: template elem_type* InsertElementSorted(Item&& aItem) { @@ -1435,6 +1451,7 @@ public: return InsertElementSorted( mozilla::Forward(aItem), comp); } +public: template /* MOZ_WARN_UNUSED_RESULT */ @@ -1449,6 +1466,7 @@ public: // @param aArrayLen The number of elements to append to this array. // @return A pointer to the new elements in the array, or null if // the operation failed due to insufficient memory. +protected: template elem_type* AppendElements(const Item* aArray, size_type aArrayLen) { @@ -1461,6 +1479,7 @@ public: this->IncrementLength(aArrayLen); return Elements() + len; } +public: template /* MOZ_WARN_UNUSED_RESULT */ @@ -1471,11 +1490,13 @@ public: } // A variation on the AppendElements method defined above. +protected: template elem_type* AppendElements(const nsTArray_Impl& aArray) { return AppendElements(aArray.Elements(), aArray.Length()); } +public: template /* MOZ_WARN_UNUSED_RESULT */ @@ -1486,6 +1507,7 @@ public: } // Append a new element, move constructing if possible. +protected: template elem_type* AppendElement(Item&& aItem) { @@ -1498,6 +1520,7 @@ public: this->IncrementLength(1); return elem; } +public: template /* MOZ_WARN_UNUSED_RESULT */ @@ -1510,6 +1533,7 @@ public: // Append new elements without copy-constructing. This is useful to avoid // temporaries. // @return A pointer to the newly appended elements, or null on OOM. +protected: template elem_type* AppendElements(size_type aCount) { if (!ActualAlloc::Successful(this->template EnsureCapacity( @@ -1524,6 +1548,7 @@ public: this->IncrementLength(aCount); return elems; } +public: /* MOZ_WARN_UNUSED_RESULT */ elem_type* AppendElements(size_type aCount, @@ -1535,11 +1560,13 @@ public: // Append a new element without copy-constructing. This is useful to avoid // temporaries. // @return A pointer to the newly appended element, or null on OOM. +protected: template elem_type* AppendElement() { return AppendElements(1); } +public: /* MOZ_WARN_UNUSED_RESULT */ elem_type* AppendElement(const mozilla::fallible_t&) @@ -1661,12 +1688,14 @@ public: // will not reduce the number of elements in this array. // @param aCapacity The desired capacity of this array. // @return True if the operation succeeded; false if we ran out of memory +protected: template typename ActualAlloc::ResultType SetCapacity(size_type aCapacity) { return ActualAlloc::Result(this->template EnsureCapacity( aCapacity, sizeof(elem_type))); } +public: /* MOZ_WARN_UNUSED_RESULT */ bool SetCapacity(size_type aCapacity, const mozilla::fallible_t&) @@ -1682,6 +1711,7 @@ public: // @return True if the operation succeeded; false otherwise. // See also TruncateLength if the new length is guaranteed to be smaller than // the old. +protected: template typename ActualAlloc::ResultType SetLength(size_type aNewLen) { @@ -1694,6 +1724,7 @@ public: TruncateLength(aNewLen); return ActualAlloc::ConvertBoolToResultType(true); } +public: /* MOZ_WARN_UNUSED_RESULT */ bool SetLength(size_type aNewLen, const mozilla::fallible_t&) @@ -1721,6 +1752,7 @@ public: // constructor. // @param aMinLen The desired minimum length of this array. // @return True if the operation succeeded; false otherwise. +protected: template typename ActualAlloc::ResultType EnsureLengthAtLeast(size_type aMinLen) { @@ -1731,6 +1763,7 @@ public: } return ActualAlloc::ConvertBoolToResultType(true); } +public: /* MOZ_WARN_UNUSED_RESULT */ bool EnsureLengthAtLeast(size_type aMinLen, const mozilla::fallible_t&) @@ -1743,6 +1776,7 @@ public: // @param aIndex the place to insert the new elements. This must be no // greater than the current length of the array. // @param aCount the number of elements to insert +protected: template elem_type* InsertElementsAt(index_type aIndex, size_type aCount) { @@ -1761,6 +1795,7 @@ public: return Elements() + aIndex; } +public: /* MOZ_WARN_UNUSED_RESULT */ elem_type* InsertElementsAt(index_type aIndex, size_type aCount, @@ -1776,6 +1811,7 @@ public: // greater than the current length of the array. // @param aCount the number of elements to insert. // @param aItem the value to use when constructing the new elements. +protected: template elem_type* InsertElementsAt(index_type aIndex, size_type aCount, const Item& aItem) @@ -1795,6 +1831,7 @@ public: return Elements() + aIndex; } +public: template /* MOZ_WARN_UNUSED_RESULT */ @@ -2049,6 +2086,17 @@ public: base_type::operator=(mozilla::Move(aOther)); return *this; } + + using base_type::AppendElement; + using base_type::AppendElements; + using base_type::EnsureLengthAtLeast; + using base_type::InsertElementAt; + using base_type::InsertElementsAt; + using base_type::InsertElementSorted; + using base_type::MoveElementsFrom; + using base_type::ReplaceElementsAt; + using base_type::SetCapacity; + using base_type::SetLength; }; // From a9eebdfee6685873a5028d9dd327c0919ade0036 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Julien=20Pag=C3=A8s?= Date: Wed, 10 Jun 2015 23:35:33 +0200 Subject: [PATCH 059/297] Bug 1164443 - Mozinstall should only install in an empty dir; r=ahal --- .../mozinstall/mozinstall/mozinstall.py | 33 ++++++++++--------- 1 file changed, 17 insertions(+), 16 deletions(-) diff --git a/testing/mozbase/mozinstall/mozinstall/mozinstall.py b/testing/mozbase/mozinstall/mozinstall/mozinstall.py index 2360660fe47..27df58ef606 100755 --- a/testing/mozbase/mozinstall/mozinstall/mozinstall.py +++ b/testing/mozbase/mozinstall/mozinstall/mozinstall.py @@ -10,6 +10,7 @@ import sys import tarfile import time import zipfile +import tempfile import mozfile import mozinfo @@ -93,8 +94,7 @@ def install(src, dest): the installation folder. :param src: Path to the install file - :param dest: Path to install to (to ensure we do not overwrite any existent - files the folder should not exist yet) + :param dest: Path to install to """ src = os.path.realpath(src) dest = os.path.realpath(dest) @@ -102,14 +102,15 @@ def install(src, dest): if not is_installer(src): raise InvalidSource(src + ' is not valid installer file.') - did_we_create = False if not os.path.exists(dest): - did_we_create = True os.makedirs(dest) + else: + # create a subfolder to prevent data loss + dest = tempfile.mkdtemp(prefix="mozinstall", dir=dest) trbk = None + install_dir = None try: - install_dir = None if zipfile.is_zipfile(src) or tarfile.is_tarfile(src): install_dir = mozfile.extract(src, dest)[0] elif src.lower().endswith('.dmg'): @@ -121,17 +122,17 @@ def install(src, dest): except: cls, exc, trbk = sys.exc_info() - if did_we_create: - try: - # try to uninstall this properly - uninstall(dest) - except: - # uninstall may fail, let's just try to clean the folder - # in this case - try: - mozfile.remove(dest) - except: - pass + # try to uninstall this properly + try: + if install_dir: + uninstall(install_dir) + except: + pass + # remove the dest folder anyway + try: + mozfile.remove(dest) + except: + pass if issubclass(cls, Exception): error = InstallError('Failed to install "%s (%s)"' % (src, str(exc))) raise InstallError, error, trbk From 22023945483dae2782b0bd953ff7c90b8529796b Mon Sep 17 00:00:00 2001 From: Xidorn Quan Date: Thu, 11 Jun 2015 09:45:06 +1200 Subject: [PATCH 060/297] Bug 1168028 - Revert DOM fullscreen state after window finish resizing if we need to. r=smaug,dao --- browser/base/content/browser-fullScreen.js | 11 ++---- browser/base/content/tab-content.js | 8 ++--- dom/base/nsDocument.cpp | 35 +++++++++++++------ .../BrowserElementChildPreload.js | 10 +++--- dom/browser-element/BrowserElementParent.js | 4 +-- 5 files changed, 38 insertions(+), 30 deletions(-) diff --git a/browser/base/content/browser-fullScreen.js b/browser/base/content/browser-fullScreen.js index 1dce6cba7bf..52134455a5c 100644 --- a/browser/base/content/browser-fullScreen.js +++ b/browser/base/content/browser-fullScreen.js @@ -9,7 +9,7 @@ var FullScreen = { _MESSAGES: [ "DOMFullscreen:Request", "DOMFullscreen:NewOrigin", - "DOMFullscreen:Exited", + "DOMFullscreen:Exit", ], init: function() { @@ -157,13 +157,8 @@ var FullScreen = { this.showWarning(aMessage.data.originNoSuffix); break; } - case "DOMFullscreen:Exited": { - // Like entering DOM fullscreen, we also need to exit fullscreen - // at the operating system level in the parent process here. - if (this._isRemoteBrowser(browser)) { - this._windowUtils.remoteFrameFullscreenReverted(); - } - this.cleanupDomFullscreen(); + case "DOMFullscreen:Exit": { + this._windowUtils.remoteFrameFullscreenReverted(); break; } } diff --git a/browser/base/content/tab-content.js b/browser/base/content/tab-content.js index 9a55d76c95e..e67ce7a05cc 100644 --- a/browser/base/content/tab-content.js +++ b/browser/base/content/tab-content.js @@ -594,7 +594,7 @@ let DOMFullscreenHandler = { addMessageListener("DOMFullscreen:CleanUp", this); addEventListener("MozDOMFullscreen:Request", this); addEventListener("MozDOMFullscreen:NewOrigin", this); - addEventListener("MozDOMFullscreen:Exited", this); + addEventListener("MozDOMFullscreen:Exit", this); }, get _windowUtils() { @@ -610,7 +610,7 @@ let DOMFullscreenHandler = { // If we don't actually have any pending fullscreen request // to handle, neither we have been in fullscreen, tell the // parent to just exit. - sendAsyncMessage("DOMFullscreen:Exited"); + sendAsyncMessage("DOMFullscreen:Exit"); } break; } @@ -643,8 +643,8 @@ let DOMFullscreenHandler = { }); break; } - case "MozDOMFullscreen:Exited": { - sendAsyncMessage("DOMFullscreen:Exited"); + case "MozDOMFullscreen:Exit": { + sendAsyncMessage("DOMFullscreen:Exit"); break; } } diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp index 7d27db58795..20b8df1276f 100644 --- a/dom/base/nsDocument.cpp +++ b/dom/base/nsDocument.cpp @@ -11209,6 +11209,27 @@ nsDocument::RestorePreviousFullScreenState() return; } + // Check whether we are restoring to non-fullscreen state. + bool exitingFullscreen = true; + for (nsIDocument* doc = this; doc; doc = doc->GetParentDocument()) { + if (static_cast(doc)->mFullScreenStack.Length() > 1) { + exitingFullscreen = false; + break; + } + } + if (exitingFullscreen) { + // If we are fully exiting fullscreen, don't touch anything here, + // just wait for the window to get out from fullscreen first. + if (XRE_GetProcessType() == GeckoProcessType_Content) { + (new AsyncEventDispatcher( + this, NS_LITERAL_STRING("MozDOMFullscreen:Exit"), + /* Bubbles */ true, /* ChromeOnly */ true))->PostDOMEvent(); + } else { + SetWindowFullScreen(this, false); + } + return; + } + // If fullscreen mode is updated the pointer should be unlocked UnlockPointer(); @@ -11256,17 +11277,9 @@ nsDocument::RestorePreviousFullScreenState() } } - if (doc == nullptr) { - // We moved all documents in this doctree out of fullscreen mode, - // move the top-level window out of fullscreen mode. - NS_ASSERTION(!nsContentUtils::GetRootDocument(this)->IsFullScreenDoc(), - "Should have cleared all docs' stacks"); - nsRefPtr asyncDispatcher = new AsyncEventDispatcher( - this, NS_LITERAL_STRING("MozDOMFullscreen:Exited"), true, true); - asyncDispatcher->PostDOMEvent(); - FullscreenRoots::Remove(this); - SetWindowFullScreen(this, false); - } + MOZ_ASSERT(doc, "If we were going to exit from fullscreen on all documents " + "in this doctree, we should've asked the window to exit first " + "instead of reaching here."); } bool diff --git a/dom/browser-element/BrowserElementChildPreload.js b/dom/browser-element/BrowserElementChildPreload.js index 1b25df49b12..a52b1b3216d 100644 --- a/dom/browser-element/BrowserElementChildPreload.js +++ b/dom/browser-element/BrowserElementChildPreload.js @@ -154,8 +154,8 @@ BrowserElementChild.prototype = { /* useCapture = */ true, /* wantsUntrusted = */ false); - addEventListener("MozDOMFullscreen:Exited", - this._mozExitedDomFullscreen.bind(this), + addEventListener("MozDOMFullscreen:Exit", + this._mozExitDomFullscreen.bind(this), /* useCapture = */ true, /* wantsUntrusted = */ false); @@ -447,7 +447,7 @@ BrowserElementChild.prototype = { // If we don't actually have any pending fullscreen request // to handle, neither we have been in fullscreen, tell the // parent to just exit. - sendAsyncMsg("exited-dom-fullscreen"); + sendAsyncMsg("exit-dom-fullscreen"); } }, @@ -994,8 +994,8 @@ BrowserElementChild.prototype = { }); }, - _mozExitedDomFullscreen: function(e) { - sendAsyncMsg("exited-dom-fullscreen"); + _mozExitDomFullscreen: function(e) { + sendAsyncMsg("exit-dom-fullscreen"); }, _getContentDimensions: function() { diff --git a/dom/browser-element/BrowserElementParent.js b/dom/browser-element/BrowserElementParent.js index 9e80ad887a4..bcb0dd73c0c 100644 --- a/dom/browser-element/BrowserElementParent.js +++ b/dom/browser-element/BrowserElementParent.js @@ -199,7 +199,7 @@ BrowserElementParent.prototype = { "got-can-go-forward": this._gotDOMRequestResult, "requested-dom-fullscreen": this._requestedDOMFullscreen, "fullscreen-origin-change": this._fullscreenOriginChange, - "exited-dom-fullscreen": this._exitedDomFullscreen, + "exit-dom-fullscreen": this._exitDomFullscreen, "got-visible": this._gotDOMRequestResult, "visibilitychange": this._childVisibilityChange, "got-set-input-method-active": this._gotDOMRequestResult, @@ -981,7 +981,7 @@ BrowserElementParent.prototype = { this._frameElement, "fullscreen-origin-change", data.json.originNoSuffix); }, - _exitedDomFullscreen: function(data) { + _exitDomFullscreen: function(data) { this._windowUtils.remoteFrameFullscreenReverted(); }, From bd598df317ba84d0a6a3b77c3a6a687f4f6cd70e Mon Sep 17 00:00:00 2001 From: Terrence Cole Date: Thu, 4 Jun 2015 09:30:44 -0700 Subject: [PATCH 061/297] Bug 1164982 - Record telemetry for GC max pause during animations; r=sfink --- js/public/SliceBudget.h | 6 +++--- js/src/gc/GCRuntime.h | 18 ++++++++++-------- js/src/gc/Statistics.cpp | 10 +++++++++- js/src/jsfriendapi.h | 2 ++ js/src/jsgc.cpp | 2 +- js/xpconnect/src/XPCJSRuntime.cpp | 6 ++++++ toolkit/components/telemetry/Histograms.json | 16 ++++++++++++++++ 7 files changed, 47 insertions(+), 13 deletions(-) diff --git a/js/public/SliceBudget.h b/js/public/SliceBudget.h index 316bf9e62c4..8ac0def7ac8 100644 --- a/js/public/SliceBudget.h +++ b/js/public/SliceBudget.h @@ -70,9 +70,9 @@ struct JS_PUBLIC_API(SliceBudget) return checkOverBudget(); } - bool isUnlimited() const { - return deadline == unlimitedDeadline; - } + bool isWorkBudget() const { return deadline == 0; } + bool isTimeBudget() const { return deadline > 0 && !isUnlimited(); } + bool isUnlimited() const { return deadline == unlimitedDeadline; } int describe(char* buffer, size_t maxlen) const; diff --git a/js/src/gc/GCRuntime.h b/js/src/gc/GCRuntime.h index 01d3cc0b0e6..51013b99e5c 100644 --- a/js/src/gc/GCRuntime.h +++ b/js/src/gc/GCRuntime.h @@ -771,28 +771,30 @@ class GCRuntime JS::Zone* getCurrentZoneGroup() { return currentZoneGroup; } void setFoundBlackGrayEdges() { foundBlackGrayEdges = true; } - uint64_t gcNumber() { return number; } + uint64_t gcNumber() const { return number; } void incGcNumber() { ++number; } - uint64_t minorGCCount() { return minorGCNumber; } + uint64_t minorGCCount() const { return minorGCNumber; } void incMinorGcNumber() { ++minorGCNumber; } - uint64_t majorGCCount() { return majorGCNumber; } + uint64_t majorGCCount() const { return majorGCNumber; } void incMajorGcNumber() { ++majorGCNumber; } - bool isIncrementalGc() { return isIncremental; } - bool isFullGc() { return isFull; } + int64_t defaultSliceBudget() const { return sliceBudget; } + + bool isIncrementalGc() const { return isIncremental; } + bool isFullGc() const { return isFull; } bool shouldCleanUpEverything() { return cleanUpEverything; } - bool areGrayBitsValid() { return grayBitsValid; } + bool areGrayBitsValid() const { return grayBitsValid; } void setGrayBitsInvalid() { grayBitsValid = false; } bool minorGCRequested() const { return minorGCTriggerReason != JS::gcreason::NO_REASON; } bool majorGCRequested() const { return majorGCTriggerReason != JS::gcreason::NO_REASON; } bool isGcNeeded() { return minorGCRequested() || majorGCRequested(); } - bool fullGCForAtomsRequested() { return fullGCForAtomsRequested_; } + bool fullGCForAtomsRequested() const { return fullGCForAtomsRequested_; } double computeHeapGrowthFactor(size_t lastBytes); size_t computeTriggerBytes(double growthFactor, size_t lastBytes); @@ -1161,7 +1163,7 @@ class GCRuntime */ bool interFrameGC; - /* Default budget for incremental GC slice. See SliceBudget in jsgc.h. */ + /* Default budget for incremental GC slice. See js/SliceBudget.h. */ int64_t sliceBudget; /* diff --git a/js/src/gc/Statistics.cpp b/js/src/gc/Statistics.cpp index 7e7acdd183a..d0a0b918560 100644 --- a/js/src/gc/Statistics.cpp +++ b/js/src/gc/Statistics.cpp @@ -954,8 +954,16 @@ Statistics::endSlice() slices.back().end = PRMJ_Now(); slices.back().endFaults = GetPageFaultCount(); - runtime->addTelemetry(JS_TELEMETRY_GC_SLICE_MS, t(slices.back().end - slices.back().start)); + int64_t sliceTime = slices.back().end - slices.back().start; + runtime->addTelemetry(JS_TELEMETRY_GC_SLICE_MS, t(sliceTime)); runtime->addTelemetry(JS_TELEMETRY_GC_RESET, !!slices.back().resetReason); + + if (slices.back().budget.isTimeBudget()) { + int64_t budget = slices.back().budget.timeBudget.budget; + runtime->addTelemetry(JS_TELEMETRY_GC_BUDGET_MS, t(budget)); + if (budget == runtime->gc.defaultSliceBudget()) + runtime->addTelemetry(JS_TELEMETRY_GC_ANIMATION_MS, t(sliceTime)); + } } bool last = !runtime->gc.isIncrementalGCInProgress(); diff --git a/js/src/jsfriendapi.h b/js/src/jsfriendapi.h index 99843edb5b4..193dd0c0761 100644 --- a/js/src/jsfriendapi.h +++ b/js/src/jsfriendapi.h @@ -104,6 +104,8 @@ enum { JS_TELEMETRY_GC_REASON, JS_TELEMETRY_GC_IS_COMPARTMENTAL, JS_TELEMETRY_GC_MS, + JS_TELEMETRY_GC_BUDGET_MS, + JS_TELEMETRY_GC_ANIMATION_MS, JS_TELEMETRY_GC_MAX_PAUSE_MS, JS_TELEMETRY_GC_MARK_MS, JS_TELEMETRY_GC_SWEEP_MS, diff --git a/js/src/jsgc.cpp b/js/src/jsgc.cpp index 57c2e356b2e..eafd362940f 100644 --- a/js/src/jsgc.cpp +++ b/js/src/jsgc.cpp @@ -3004,7 +3004,7 @@ SliceBudget::describe(char* buffer, size_t maxlen) const { if (isUnlimited()) return JS_snprintf(buffer, maxlen, "unlimited"); - else if (deadline == 0) + else if (isWorkBudget()) return JS_snprintf(buffer, maxlen, "work(%lld)", workBudget.budget); else return JS_snprintf(buffer, maxlen, "%lldms", timeBudget.budget); diff --git a/js/xpconnect/src/XPCJSRuntime.cpp b/js/xpconnect/src/XPCJSRuntime.cpp index 0bb73af1ad4..23e915152ad 100644 --- a/js/xpconnect/src/XPCJSRuntime.cpp +++ b/js/xpconnect/src/XPCJSRuntime.cpp @@ -3107,6 +3107,12 @@ AccumulateTelemetryCallback(int id, uint32_t sample, const char* key) case JS_TELEMETRY_GC_MS: Telemetry::Accumulate(Telemetry::GC_MS, sample); break; + case JS_TELEMETRY_GC_BUDGET_MS: + Telemetry::Accumulate(Telemetry::GC_BUDGET_MS, sample); + break; + case JS_TELEMETRY_GC_ANIMATION_MS: + Telemetry::Accumulate(Telemetry::GC_ANIMATION_MS, sample); + break; case JS_TELEMETRY_GC_MAX_PAUSE_MS: Telemetry::Accumulate(Telemetry::GC_MAX_PAUSE_MS, sample); break; diff --git a/toolkit/components/telemetry/Histograms.json b/toolkit/components/telemetry/Histograms.json index 43fe6e9edaf..004c01cefd6 100644 --- a/toolkit/components/telemetry/Histograms.json +++ b/toolkit/components/telemetry/Histograms.json @@ -275,6 +275,22 @@ "n_buckets": 50, "description": "Time spent running JS GC (ms)" }, + "GC_BUDGET_MS": { + "alert_emails": ["dev-telemetry-gc-alerts@mozilla.org"], + "expires_in_version": "never", + "kind": "linear", + "high": "100", + "n_buckets": 10, + "description": "Requested GC slice budget (ms)" + }, + "GC_ANIMATION_MS": { + "alert_emails": ["dev-telemetry-gc-alerts@mozilla.org"], + "expires_in_version": "never", + "kind": "exponential", + "high": "10000", + "n_buckets": 50, + "description": "Time spent running JS GC when animating (ms)" + }, "GC_MAX_PAUSE_MS": { "alert_emails": ["dev-telemetry-gc-alerts@mozilla.org"], "expires_in_version": "never", From 76a6e7144fff1dcaf6fc22ce893efcc8e60a547b Mon Sep 17 00:00:00 2001 From: Terrence Cole Date: Thu, 4 Jun 2015 11:49:31 -0700 Subject: [PATCH 062/297] Bug 1171612 - Use C++11 features to make Statistics module nicer; r=sfink --- js/src/gc/Statistics.cpp | 24 +++++++++++++----------- js/src/gc/Statistics.h | 24 +++++++++++++----------- 2 files changed, 26 insertions(+), 22 deletions(-) diff --git a/js/src/gc/Statistics.cpp b/js/src/gc/Statistics.cpp index d0a0b918560..741e171d018 100644 --- a/js/src/gc/Statistics.cpp +++ b/js/src/gc/Statistics.cpp @@ -7,6 +7,7 @@ #include "gc/Statistics.h" #include "mozilla/ArrayUtils.h" +#include "mozilla/IntegerRange.h" #include "mozilla/PodOperations.h" #include "mozilla/UniquePtr.h" @@ -27,6 +28,7 @@ using namespace js; using namespace js::gc; using namespace js::gcstats; +using mozilla::MakeRange; using mozilla::PodArrayZero; using mozilla::PodZero; @@ -185,7 +187,7 @@ static ExtraPhaseInfo phaseExtra[PHASE_LIMIT] = { { 0, 0 } }; // Mapping from all nodes with a multi-parented child to a Vector of all // multi-parented children and their descendants. (Single-parented children will // not show up in this list.) -static mozilla::Vector dagDescendants[Statistics::MAX_MULTIPARENT_PHASES + 1]; +static mozilla::Vector dagDescendants[Statistics::NumTimingArrays]; struct AllPhaseIterator { int current; @@ -193,7 +195,7 @@ struct AllPhaseIterator { size_t activeSlot; mozilla::Vector::Range descendants; - explicit AllPhaseIterator(Statistics::PhaseTimeTable table) + explicit AllPhaseIterator(const Statistics::PhaseTimeTable table) : current(0) , baseLevel(0) , activeSlot(PHASE_DAG_NONE) @@ -293,7 +295,7 @@ Join(const FragmentVector& fragments, const char* separator = "") { } static int64_t -SumChildTimes(size_t phaseSlot, Phase phase, Statistics::PhaseTimeTable phaseTimes) +SumChildTimes(size_t phaseSlot, Phase phase, const Statistics::PhaseTimeTable phaseTimes) { // Sum the contributions from single-parented children. int64_t total = 0; @@ -398,7 +400,7 @@ Statistics::formatCompactSummaryMessage() const } UniqueChars -Statistics::formatCompactSlicePhaseTimes(PhaseTimeTable phaseTimes) const +Statistics::formatCompactSlicePhaseTimes(const PhaseTimeTable phaseTimes) const { static const int64_t MaxUnaccountedTimeUS = 100; @@ -524,7 +526,7 @@ Statistics::formatDetailedSliceDescription(unsigned i, const SliceData& slice) } UniqueChars -Statistics::formatDetailedPhaseTimes(PhaseTimeTable phaseTimes) +Statistics::formatDetailedPhaseTimes(const PhaseTimeTable phaseTimes) { static const char* LevelToIndent[] = { "", " ", " ", " " }; static const int64_t MaxUnaccountedChildTimeUS = 50; @@ -711,7 +713,7 @@ FilterJsonKey(const char*const buffer) } UniqueChars -Statistics::formatJsonPhaseTimes(PhaseTimeTable phaseTimes) +Statistics::formatJsonPhaseTimes(const PhaseTimeTable phaseTimes) { FragmentVector fragments; char buffer[128]; @@ -749,7 +751,7 @@ Statistics::Statistics(JSRuntime* rt) PodArrayZero(phaseTotals); PodArrayZero(counts); PodArrayZero(phaseStartTimes); - for (size_t d = 0; d < MAX_MULTIPARENT_PHASES + 1; d++) + for (auto d : MakeRange(NumTimingArrays)) PodArrayZero(phaseTimes[d]); static bool initialized = false; @@ -778,7 +780,7 @@ Statistics::Statistics(JSRuntime* rt) j++; } while (j != PHASE_LIMIT && phases[j].parent != PHASE_MULTI_PARENTS); } - MOZ_ASSERT(dagSlot <= MAX_MULTIPARENT_PHASES); + MOZ_ASSERT(dagSlot <= MaxMultiparentPhases - 1); // Fill in the depth of each node in the tree. Multi-parented nodes // have depth 0. @@ -846,7 +848,7 @@ static int64_t SumPhase(Phase phase, Statistics::PhaseTimeTable times) { int64_t sum = 0; - for (size_t i = 0; i < Statistics::MAX_MULTIPARENT_PHASES + 1; i++) + for (auto i : MakeRange(Statistics::NumTimingArrays)) sum += times[i][phase]; return sum; } @@ -878,7 +880,7 @@ Statistics::beginGC(JSGCInvocationKind kind) void Statistics::endGC() { - for (size_t j = 0; j < MAX_MULTIPARENT_PHASES + 1; j++) + for (auto j : MakeRange(NumTimingArrays)) for (int i = 0; i < PHASE_LIMIT; i++) phaseTotals[j][i] += phaseTimes[j][i]; @@ -913,7 +915,7 @@ Statistics::endGC() // Clear the timers at the end of a GC because we accumulate time in // between GCs for some (which come before PHASE_GC_BEGIN in the list.) PodZero(&phaseStartTimes[PHASE_GC_BEGIN], PHASE_LIMIT - PHASE_GC_BEGIN); - for (size_t d = PHASE_DAG_NONE; d < MAX_MULTIPARENT_PHASES + 1; d++) + for (size_t d = PHASE_DAG_NONE; d < NumTimingArrays; d++) PodZero(&phaseTimes[d][PHASE_GC_BEGIN], PHASE_LIMIT - PHASE_GC_BEGIN); aborted = false; diff --git a/js/src/gc/Statistics.h b/js/src/gc/Statistics.h index c97d3bf6455..ceb7219af32 100644 --- a/js/src/gc/Statistics.h +++ b/js/src/gc/Statistics.h @@ -8,6 +8,7 @@ #define gc_Statistics_h #include "mozilla/DebugOnly.h" +#include "mozilla/IntegerRange.h" #include "mozilla/PodOperations.h" #include "mozilla/UniquePtr.h" @@ -151,7 +152,11 @@ struct Statistics * the few hundred bytes of savings. If we want to extend things to full * DAGs, this decision should be reconsidered. */ - static const size_t MAX_MULTIPARENT_PHASES = 6; + static const size_t MaxMultiparentPhases = 6; + static const size_t NumTimingArrays = MaxMultiparentPhases + 1; + + /* Create a convenient type for referring to tables of phase times. */ + using PhaseTimeTable = int64_t[NumTimingArrays][PHASE_LIMIT]; explicit Statistics(JSRuntime* rt); ~Statistics(); @@ -211,7 +216,7 @@ struct Statistics resetReason(nullptr), start(start), startFaults(startFaults) { - for (size_t i = 0; i < MAX_MULTIPARENT_PHASES + 1; i++) + for (auto i : mozilla::MakeRange(NumTimingArrays)) mozilla::PodArrayZero(phaseTimes[i]); } @@ -220,7 +225,7 @@ struct Statistics const char* resetReason; int64_t start, end; size_t startFaults, endFaults; - int64_t phaseTimes[MAX_MULTIPARENT_PHASES + 1][PHASE_LIMIT]; + PhaseTimeTable phaseTimes; int64_t duration() const { return end - start; } }; @@ -231,9 +236,6 @@ struct Statistics SliceRange sliceRange() const { return slices.all(); } size_t slicesLength() const { return slices.length(); } - /* Create a convenient typedef for referring tables of phase times. */ - typedef int64_t const (*PhaseTimeTable)[PHASE_LIMIT]; - private: JSRuntime* runtime; @@ -264,10 +266,10 @@ struct Statistics int64_t timedGCTime; /* Total time in a given phase for this GC. */ - int64_t phaseTimes[MAX_MULTIPARENT_PHASES + 1][PHASE_LIMIT]; + PhaseTimeTable phaseTimes; /* Total time in a given phase over all GCs. */ - int64_t phaseTotals[MAX_MULTIPARENT_PHASES + 1][PHASE_LIMIT]; + PhaseTimeTable phaseTotals; /* Number of events of this type for this GC. */ unsigned int counts[STAT_LIMIT]; @@ -312,16 +314,16 @@ struct Statistics void sccDurations(int64_t* total, int64_t* maxPause); void printStats(); - UniqueChars formatCompactSlicePhaseTimes(PhaseTimeTable phaseTimes) const; + UniqueChars formatCompactSlicePhaseTimes(const PhaseTimeTable phaseTimes) const; UniqueChars formatDetailedDescription(); UniqueChars formatDetailedSliceDescription(unsigned i, const SliceData& slice); - UniqueChars formatDetailedPhaseTimes(PhaseTimeTable phaseTimes); + UniqueChars formatDetailedPhaseTimes(const PhaseTimeTable phaseTimes); UniqueChars formatDetailedTotals(); UniqueChars formatJsonDescription(uint64_t timestamp); UniqueChars formatJsonSliceDescription(unsigned i, const SliceData& slice); - UniqueChars formatJsonPhaseTimes(PhaseTimeTable phaseTimes); + UniqueChars formatJsonPhaseTimes(const PhaseTimeTable phaseTimes); double computeMMU(int64_t resolution) const; }; From d885e8bca83ad080cfcab755b1b55e6da48049b6 Mon Sep 17 00:00:00 2001 From: Terrence Cole Date: Wed, 10 Jun 2015 14:50:55 -0700 Subject: [PATCH 063/297] No Bug - Remove an unneeded annotation DONTBUILD; r=sfink --- js/src/devtools/rootAnalysis/annotations.js | 4 ---- 1 file changed, 4 deletions(-) diff --git a/js/src/devtools/rootAnalysis/annotations.js b/js/src/devtools/rootAnalysis/annotations.js index 4b82505db76..e71ed3486ee 100644 --- a/js/src/devtools/rootAnalysis/annotations.js +++ b/js/src/devtools/rootAnalysis/annotations.js @@ -330,10 +330,6 @@ function isOverridableField(initialCSU, csu, field) if (field == 'GetWindowProxy' || field == 'GetWindowProxyPreserveColor') return false; } - if (initialCSU == 'nsICycleCollectorListener' && field == 'NoteWeakMapEntry') - return false; - if (initialCSU == 'nsICycleCollectorListener' && field == 'NoteEdge') - return false; return true; } From 560c01080f37f6069f08c48be9ebf5c2fa977f68 Mon Sep 17 00:00:00 2001 From: Wes Kocher Date: Wed, 10 Jun 2015 15:08:41 -0700 Subject: [PATCH 064/297] Backed out changeset c4db01ea9e6c (bug 1170746) for test_filehandle_getFile.html orange --- dom/indexedDB/ActorsChild.cpp | 2 - dom/indexedDB/test/mochitest.ini | 2 - .../test/test_filehandle_iteration.html | 77 ------------------- 3 files changed, 81 deletions(-) delete mode 100644 dom/indexedDB/test/test_filehandle_iteration.html diff --git a/dom/indexedDB/ActorsChild.cpp b/dom/indexedDB/ActorsChild.cpp index 1212f1914e7..008ed9e8e8a 100644 --- a/dom/indexedDB/ActorsChild.cpp +++ b/dom/indexedDB/ActorsChild.cpp @@ -2518,7 +2518,6 @@ BackgroundCursorChild::HandleResponse( auto& response = const_cast(aResponse); StructuredCloneReadInfo cloneReadInfo(Move(response.cloneInfo())); - cloneReadInfo.mDatabase = mTransaction->Database(); ConvertActorsToBlobs(mTransaction->Database(), response.cloneInfo(), @@ -2580,7 +2579,6 @@ BackgroundCursorChild::HandleResponse(const IndexCursorResponse& aResponse) auto& response = const_cast(aResponse); StructuredCloneReadInfo cloneReadInfo(Move(response.cloneInfo())); - cloneReadInfo.mDatabase = mTransaction->Database(); ConvertActorsToBlobs(mTransaction->Database(), aResponse.cloneInfo(), diff --git a/dom/indexedDB/test/mochitest.ini b/dom/indexedDB/test/mochitest.ini index 5bcd57f5513..0e2444dc614 100644 --- a/dom/indexedDB/test/mochitest.ini +++ b/dom/indexedDB/test/mochitest.ini @@ -195,8 +195,6 @@ skip-if = buildapp == 'b2g' || buildapp == 'mulet' || e10s skip-if = buildapp == 'b2g' || buildapp == 'mulet' || e10s [test_filehandle_getFile.html] # FileHandle is not supported in child processes. -[test_filehandle_iteration.html] -# FileHandle is not supported in child processes. skip-if = buildapp == 'b2g' || buildapp == 'mulet' || e10s [test_filehandle_lifetimes.html] # FileHandle is not supported in child processes. diff --git a/dom/indexedDB/test/test_filehandle_iteration.html b/dom/indexedDB/test/test_filehandle_iteration.html deleted file mode 100644 index ebbc8b8beff..00000000000 --- a/dom/indexedDB/test/test_filehandle_iteration.html +++ /dev/null @@ -1,77 +0,0 @@ - - - - Indexed Database Property Test - - - - - - - - - - - - From 300ee510c9aa486d7f6bdb46f21e0fe2f1beebd4 Mon Sep 17 00:00:00 2001 From: Eric Rahm Date: Wed, 10 Jun 2015 15:12:33 -0700 Subject: [PATCH 065/297] Bug 1146580 - Make FinalizationWitnessService listen for xpcom shutdown. r=bholley --- .../components/build/nsToolkitCompsModule.cpp | 2 +- .../FinalizationWitnessService.cpp | 34 +++++++++++++++++-- .../FinalizationWitnessService.h | 7 +++- 3 files changed, 38 insertions(+), 5 deletions(-) diff --git a/toolkit/components/build/nsToolkitCompsModule.cpp b/toolkit/components/build/nsToolkitCompsModule.cpp index b6792d3ae96..9c021e70b59 100644 --- a/toolkit/components/build/nsToolkitCompsModule.cpp +++ b/toolkit/components/build/nsToolkitCompsModule.cpp @@ -120,7 +120,7 @@ NS_GENERIC_FACTORY_CONSTRUCTOR(nsBrowserStatusFilter) #if defined(MOZ_UPDATER) && !defined(MOZ_WIDGET_ANDROID) NS_GENERIC_FACTORY_CONSTRUCTOR(nsUpdateProcessor) #endif -NS_GENERIC_FACTORY_CONSTRUCTOR(FinalizationWitnessService) +NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(FinalizationWitnessService, Init) NS_GENERIC_FACTORY_CONSTRUCTOR(NativeOSFileInternalsService) NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(NativeFileWatcherService, Init) diff --git a/toolkit/components/finalizationwitness/FinalizationWitnessService.cpp b/toolkit/components/finalizationwitness/FinalizationWitnessService.cpp index 0678ceddd2f..57010972fe1 100644 --- a/toolkit/components/finalizationwitness/FinalizationWitnessService.cpp +++ b/toolkit/components/finalizationwitness/FinalizationWitnessService.cpp @@ -18,6 +18,8 @@ // Implementation of nsIFinalizationWitnessService +static bool gShuttingDown = false; + namespace mozilla { namespace { @@ -99,8 +101,8 @@ ExtractFinalizationEvent(JSObject *objSelf) void Finalize(JSFreeOp *fop, JSObject *objSelf) { nsRefPtr event = ExtractFinalizationEvent(objSelf); - if (event == nullptr) { - // Forget() has been called + if (event == nullptr || gShuttingDown) { + // NB: event will be null if Forget() has been called return; } @@ -171,7 +173,7 @@ static const JSFunctionSpec sWitnessClassFunctions[] = { } -NS_IMPL_ISUPPORTS(FinalizationWitnessService, nsIFinalizationWitnessService) +NS_IMPL_ISUPPORTS(FinalizationWitnessService, nsIFinalizationWitnessService, nsIObserver) /** * Create a new Finalization Witness. @@ -209,4 +211,30 @@ FinalizationWitnessService::Make(const char* aTopic, return NS_OK; } +NS_IMETHODIMP +FinalizationWitnessService::Observe(nsISupports* aSubject, + const char* aTopic, + const char16_t* aValue) +{ + MOZ_ASSERT(strcmp(aTopic, NS_XPCOM_SHUTDOWN_OBSERVER_ID) == 0); + gShuttingDown = true; + nsCOMPtr obs = mozilla::services::GetObserverService(); + if (obs) { + obs->RemoveObserver(this, NS_XPCOM_SHUTDOWN_OBSERVER_ID); + } + + return NS_OK; +} + +nsresult +FinalizationWitnessService::Init() +{ + nsCOMPtr obs = mozilla::services::GetObserverService(); + if (!obs) { + return NS_ERROR_FAILURE; + } + + return obs->AddObserver(this, NS_XPCOM_SHUTDOWN_OBSERVER_ID, false); +} + } // namespace mozilla diff --git a/toolkit/components/finalizationwitness/FinalizationWitnessService.h b/toolkit/components/finalizationwitness/FinalizationWitnessService.h index 4c521397fa4..087cff2398d 100644 --- a/toolkit/components/finalizationwitness/FinalizationWitnessService.h +++ b/toolkit/components/finalizationwitness/FinalizationWitnessService.h @@ -6,17 +6,22 @@ #define mozilla_finalizationwitnessservice_h__ #include "nsIFinalizationWitnessService.h" +#include "nsIObserver.h" namespace mozilla { /** * XPConnect initializer, for use in the main thread. */ -class FinalizationWitnessService final : public nsIFinalizationWitnessService +class FinalizationWitnessService final : public nsIFinalizationWitnessService, + public nsIObserver { public: NS_DECL_ISUPPORTS NS_DECL_NSIFINALIZATIONWITNESSSERVICE + NS_DECL_NSIOBSERVER + + nsresult Init(); private: ~FinalizationWitnessService() {} void operator=(const FinalizationWitnessService* other) = delete; From 1be3e555d015492ac3ee9020025b738b67ff9b8b Mon Sep 17 00:00:00 2001 From: Eric Rahm Date: Wed, 10 Jun 2015 15:14:54 -0700 Subject: [PATCH 066/297] Bug 1171528 - Remove overflowed nscoord_MAX warnings from nsRect. r=dholbert --- gfx/src/nsRect.h | 3 --- 1 file changed, 3 deletions(-) diff --git a/gfx/src/nsRect.h b/gfx/src/nsRect.h index 8d402c749ce..5bcb7cfc720 100644 --- a/gfx/src/nsRect.h +++ b/gfx/src/nsRect.h @@ -10,7 +10,6 @@ #include // for FILE #include // for int32_t, int64_t #include // for min/max -#include "nsDebug.h" // for NS_WARNING #include "gfxCore.h" // for NS_GFX #include "mozilla/Likely.h" // for MOZ_UNLIKELY #include "mozilla/gfx/Rect.h" @@ -80,7 +79,6 @@ struct NS_GFX nsRect : result.x = std::min(aRect.x, x); int64_t w = std::max(int64_t(aRect.x) + aRect.width, int64_t(x) + width) - result.x; if (MOZ_UNLIKELY(w > nscoord_MAX)) { - NS_WARNING("Overflowed nscoord_MAX in conversion to nscoord width"); // Clamp huge negative x to nscoord_MIN / 2 and try again. result.x = std::max(result.x, nscoord_MIN / 2); w = std::max(int64_t(aRect.x) + aRect.width, int64_t(x) + width) - result.x; @@ -93,7 +91,6 @@ struct NS_GFX nsRect : result.y = std::min(aRect.y, y); int64_t h = std::max(int64_t(aRect.y) + aRect.height, int64_t(y) + height) - result.y; if (MOZ_UNLIKELY(h > nscoord_MAX)) { - NS_WARNING("Overflowed nscoord_MAX in conversion to nscoord height"); // Clamp huge negative y to nscoord_MIN / 2 and try again. result.y = std::max(result.y, nscoord_MIN / 2); h = std::max(int64_t(aRect.y) + aRect.height, int64_t(y) + height) - result.y; From 9a6edd77f4385c88e974c98fe90bca63bdcc725c Mon Sep 17 00:00:00 2001 From: Sean Stangl Date: Wed, 10 Jun 2015 15:08:35 -0700 Subject: [PATCH 067/297] Bug 1166037 - Import ARM64 Baseline changes. r=djvj --- js/src/jit/BaselineBailouts.cpp | 11 +- js/src/jit/BaselineCompiler.cpp | 30 +- js/src/jit/BaselineCompiler.h | 2 + js/src/jit/SharedICHelpers.h | 2 + js/src/jit/SharedICRegisters.h | 2 + js/src/jit/arm64/BaselineCompiler-arm64.h | 28 ++ js/src/jit/arm64/BaselineIC-arm64.cpp | 269 ++++++++++++++++++ js/src/jit/arm64/SharedICHelpers-arm64.h | 309 +++++++++++++++++++++ js/src/jit/arm64/SharedICRegisters-arm64.h | 60 ++++ 9 files changed, 694 insertions(+), 19 deletions(-) create mode 100644 js/src/jit/arm64/BaselineCompiler-arm64.h create mode 100644 js/src/jit/arm64/BaselineIC-arm64.cpp create mode 100644 js/src/jit/arm64/SharedICHelpers-arm64.h create mode 100644 js/src/jit/arm64/SharedICRegisters-arm64.h diff --git a/js/src/jit/BaselineBailouts.cpp b/js/src/jit/BaselineBailouts.cpp index de1e86e9da9..e0ae8c37c46 100644 --- a/js/src/jit/BaselineBailouts.cpp +++ b/js/src/jit/BaselineBailouts.cpp @@ -372,8 +372,9 @@ struct BaselineStackBuilder MOZ_ASSERT(BaselineFrameReg == FramePointer); priorOffset -= sizeof(void*); return virtualPointerAtStackOffset(priorOffset); -#elif defined(JS_CODEGEN_X64) || defined(JS_CODEGEN_ARM) || defined(JS_CODEGEN_MIPS) - // On X64, ARM and MIPS, the frame pointer save location depends on +#elif defined(JS_CODEGEN_ARM) || defined(JS_CODEGEN_ARM64) || \ + defined(JS_CODEGEN_X64) || defined(JS_CODEGEN_MIPS) + // On X64, ARM, ARM64, and MIPS, the frame pointer save location depends on // the caller of the rectifier frame. BufferPointer priorFrame = pointerAtStackOffset(priorOffset); @@ -1569,10 +1570,10 @@ jit::BailoutIonToBaseline(JSContext* cx, JitActivation* activation, JitFrameIter // Do stack check. bool overRecursed = false; - BaselineBailoutInfo* info = builder.info(); + BaselineBailoutInfo *info = builder.info(); uint8_t* newsp = info->incomingStack - (info->copyStackTop - info->copyStackBottom); -#if defined(JS_ARM_SIMULATOR) || defined(JS_MIPS_SIMULATOR) - if (Simulator::Current()->overRecursed(uintptr_t(newsp))) +#if defined(JS_ARM_SIMULATOR) || defined(JS_ARM64_SIMULATOR) || defined(JS_MIPS_SIMULATOR) + if (SimulatorType::Current()->overRecursed(uintptr_t(newsp))) overRecursed = true; #else JS_CHECK_RECURSION_WITH_SP_DONT_REPORT(cx, newsp, overRecursed = true); diff --git a/js/src/jit/BaselineCompiler.cpp b/js/src/jit/BaselineCompiler.cpp index 14a812acd6f..c7383d82f63 100644 --- a/js/src/jit/BaselineCompiler.cpp +++ b/js/src/jit/BaselineCompiler.cpp @@ -345,13 +345,11 @@ BaselineCompiler::emitPrologue() emitProfilerEnterFrame(); masm.push(BaselineFrameReg); - masm.mov(BaselineStackReg, BaselineFrameReg); - - masm.subPtr(Imm32(BaselineFrame::Size()), BaselineStackReg); + masm.moveStackPtrTo(BaselineFrameReg); + masm.subFromStackPtr(Imm32(BaselineFrame::Size())); // Initialize BaselineFrame. For eval scripts, the scope chain - // is passed in R1, so we have to be careful not to clobber - // it. + // is passed in R1, so we have to be careful not to clobber it. // Initialize BaselineFrame::flags. uint32_t flags = 0; @@ -453,7 +451,7 @@ BaselineCompiler::emitEpilogue() return false; #endif - masm.mov(BaselineFrameReg, BaselineStackReg); + masm.moveToStackPtr(BaselineFrameReg); masm.pop(BaselineFrameReg); emitProfilerExitFrame(); @@ -479,7 +477,7 @@ BaselineCompiler::emitOutOfLinePostBarrierSlot() regs.take(objReg); regs.take(BaselineFrameReg); Register scratch = regs.takeAny(); -#if defined(JS_CODEGEN_ARM) +#if defined(JS_CODEGEN_ARM) || defined(JS_CODEGEN_ARM64) // On ARM, save the link register before calling. It contains the return // address. The |masm.ret()| later will pop this into |pc| to return. masm.push(lr); @@ -527,7 +525,7 @@ BaselineCompiler::emitStackCheck(bool earlyCheck) uint32_t slotsSize = script->nslots() * sizeof(Value); uint32_t tolerance = earlyCheck ? slotsSize : 0; - masm.movePtr(BaselineStackReg, R1.scratchReg()); + masm.moveStackPtrTo(R1.scratchReg()); // If this is the early stack check, locals haven't been pushed yet. Adjust the // stack pointer to account for the locals that would be pushed before performing @@ -3710,7 +3708,7 @@ BaselineCompiler::emit_JSOP_RESUME() // Update BaselineFrame frameSize field and create the frame descriptor. masm.computeEffectiveAddress(Address(BaselineFrameReg, BaselineFrame::FramePointerOffset), scratch2); - masm.subPtr(BaselineStackReg, scratch2); + masm.subStackPtrFrom(scratch2); masm.store32(scratch2, Address(BaselineFrameReg, BaselineFrame::reverseOffsetOfFrameSize())); masm.makeFrameDescriptor(scratch2, JitFrame_BaselineJS); @@ -3755,8 +3753,8 @@ BaselineCompiler::emit_JSOP_RESUME() // Construct BaselineFrame. masm.push(BaselineFrameReg); - masm.mov(BaselineStackReg, BaselineFrameReg); - masm.subPtr(Imm32(BaselineFrame::Size()), BaselineStackReg); + masm.moveStackPtrTo(BaselineFrameReg); + masm.subFromStackPtr(Imm32(BaselineFrame::Size())); masm.checkStackAlignment(); // Store flags and scope chain. @@ -3823,7 +3821,7 @@ BaselineCompiler::emit_JSOP_RESUME() masm.computeEffectiveAddress(Address(BaselineFrameReg, BaselineFrame::FramePointerOffset), scratch2); masm.movePtr(scratch2, scratch1); - masm.subPtr(BaselineStackReg, scratch2); + masm.subStackPtrFrom(scratch2); masm.store32(scratch2, Address(BaselineFrameReg, BaselineFrame::reverseOffsetOfFrameSize())); masm.loadBaselineFramePtr(BaselineFrameReg, scratch2); @@ -3838,14 +3836,18 @@ BaselineCompiler::emit_JSOP_RESUME() return false; // Create the frame descriptor. - masm.subPtr(BaselineStackReg, scratch1); + masm.subStackPtrFrom(scratch1); masm.makeFrameDescriptor(scratch1, JitFrame_BaselineJS); // Push the frame descriptor and a dummy return address (it doesn't // matter what we push here, frame iterators will use the frame pc // set in jit::GeneratorThrowOrClose). masm.push(scratch1); + + // On ARM64, the callee will push the return address. +#ifndef JS_CODEGEN_ARM64 masm.push(ImmWord(0)); +#endif masm.jump(code); } @@ -3872,7 +3874,7 @@ BaselineCompiler::emit_JSOP_RESUME() // After the generator returns, we restore the stack pointer, push the // return value and we're done. masm.bind(&returnTarget); - masm.computeEffectiveAddress(frame.addressOfStackValue(frame.peek(-1)), BaselineStackReg); + masm.computeEffectiveAddress(frame.addressOfStackValue(frame.peek(-1)), masm.getStackPointer()); frame.popn(2); frame.push(R0); return true; diff --git a/js/src/jit/BaselineCompiler.h b/js/src/jit/BaselineCompiler.h index 492f469602d..b13a74e4ce5 100644 --- a/js/src/jit/BaselineCompiler.h +++ b/js/src/jit/BaselineCompiler.h @@ -14,6 +14,8 @@ # include "jit/x64/BaselineCompiler-x64.h" #elif defined(JS_CODEGEN_ARM) # include "jit/arm/BaselineCompiler-arm.h" +#elif defined(JS_CODEGEN_ARM64) +# include "jit/arm64/BaselineCompiler-arm64.h" #elif defined(JS_CODEGEN_MIPS) # include "jit/mips/BaselineCompiler-mips.h" #elif defined(JS_CODEGEN_NONE) diff --git a/js/src/jit/SharedICHelpers.h b/js/src/jit/SharedICHelpers.h index df81577dc6d..beaad3c0747 100644 --- a/js/src/jit/SharedICHelpers.h +++ b/js/src/jit/SharedICHelpers.h @@ -13,6 +13,8 @@ # include "jit/x64/SharedICHelpers-x64.h" #elif defined(JS_CODEGEN_ARM) # include "jit/arm/SharedICHelpers-arm.h" +#elif defined(JS_CODEGEN_ARM64) +# include "jit/arm64/SharedICHelpers-arm64.h" #elif defined(JS_CODEGEN_MIPS) # include "jit/mips/SharedICHelpers-mips.h" #elif defined(JS_CODEGEN_NONE) diff --git a/js/src/jit/SharedICRegisters.h b/js/src/jit/SharedICRegisters.h index df52efddaea..efa2029e2b3 100644 --- a/js/src/jit/SharedICRegisters.h +++ b/js/src/jit/SharedICRegisters.h @@ -13,6 +13,8 @@ # include "jit/x64/SharedICRegisters-x64.h" #elif defined(JS_CODEGEN_ARM) # include "jit/arm/SharedICRegisters-arm.h" +#elif defined(JS_CODEGEN_ARM64) +# include "jit/arm64/SharedICRegisters-arm64.h" #elif defined(JS_CODEGEN_MIPS) # include "jit/mips/SharedICRegisters-mips.h" #elif defined(JS_CODEGEN_NONE) diff --git a/js/src/jit/arm64/BaselineCompiler-arm64.h b/js/src/jit/arm64/BaselineCompiler-arm64.h new file mode 100644 index 00000000000..946099ff15c --- /dev/null +++ b/js/src/jit/arm64/BaselineCompiler-arm64.h @@ -0,0 +1,28 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- + * vim: set ts=8 sts=4 et sw=4 tw=99: + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef jit_arm64_BaselineCompiler_arm64_h +#define jit_arm64_BaselineCompiler_arm64_h + +#include "jit/shared/BaselineCompiler-shared.h" + +namespace js { +namespace jit { + +class BaselineCompilerARM64 : public BaselineCompilerShared +{ + protected: + BaselineCompilerARM64(JSContext* cx, TempAllocator& alloc, JSScript* script) + : BaselineCompilerShared(cx, alloc, script) + { } +}; + +typedef BaselineCompilerARM64 BaselineCompilerSpecific; + +} // namespace jit +} // namespace js + +#endif /* jit_arm64_BaselineCompiler_arm64_h */ diff --git a/js/src/jit/arm64/BaselineIC-arm64.cpp b/js/src/jit/arm64/BaselineIC-arm64.cpp new file mode 100644 index 00000000000..c7de4762f0b --- /dev/null +++ b/js/src/jit/arm64/BaselineIC-arm64.cpp @@ -0,0 +1,269 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- + * vim: set ts=8 sts=4 et sw=4 tw=99: + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "jit/SharedIC.h" +#include "jit/SharedICHelpers.h" + +#ifdef JS_ARM64_SIMULATOR +// TODO #include "jit/arm64/Assembler-arm64.h" +#include "jit/arm64/BaselineCompiler-arm64.h" +#include "jit/arm64/vixl/Debugger-vixl.h" +#endif + + +using namespace js; +using namespace js::jit; + +namespace js { +namespace jit { + +// ICCompare_Int32 + +bool +ICCompare_Int32::Compiler::generateStubCode(MacroAssembler& masm) +{ + // Guard that R0 is an integer and R1 is an integer. + Label failure; + masm.branchTestInt32(Assembler::NotEqual, R0, &failure); + masm.branchTestInt32(Assembler::NotEqual, R1, &failure); + + // Compare payload regs of R0 and R1. + Assembler::Condition cond = JSOpToCondition(op, /* signed = */true); + masm.cmp32(R0.valueReg(), R1.valueReg()); + masm.Cset(ARMRegister(R0.valueReg(), 32), cond); + + // Result is implicitly boxed already. + masm.tagValue(JSVAL_TYPE_BOOLEAN, R0.valueReg(), R0); + EmitReturnFromIC(masm); + + // Failure case - jump to next stub. + masm.bind(&failure); + EmitStubGuardFailure(masm); + + return true; +} + +bool +ICCompare_Double::Compiler::generateStubCode(MacroAssembler& masm) +{ + Label failure, isNaN; + masm.ensureDouble(R0, FloatReg0, &failure); + masm.ensureDouble(R1, FloatReg1, &failure); + + Register dest = R0.valueReg(); + + Assembler::DoubleCondition doubleCond = JSOpToDoubleCondition(op); + Assembler::Condition cond = Assembler::ConditionFromDoubleCondition(doubleCond); + + masm.compareDouble(doubleCond, FloatReg0, FloatReg1); + masm.Cset(ARMRegister(dest, 32), cond); + + masm.tagValue(JSVAL_TYPE_BOOLEAN, dest, R0); + EmitReturnFromIC(masm); + + // Failure case - jump to next stub. + masm.bind(&failure); + EmitStubGuardFailure(masm); + return true; +} + +// ICBinaryArith_Int32 + +bool +ICBinaryArith_Int32::Compiler::generateStubCode(MacroAssembler& masm) +{ + // Guard that R0 is an integer and R1 is an integer. + Label failure; + masm.branchTestInt32(Assembler::NotEqual, R0, &failure); + masm.branchTestInt32(Assembler::NotEqual, R1, &failure); + + // Add R0 and R1. Don't need to explicitly unbox, just use R2. + Register Rscratch = R2_; + ARMRegister Wscratch = ARMRegister(Rscratch, 32); +#ifdef MERGE + // DIV and MOD need an extra non-volatile ValueOperand to hold R0. + AllocatableGeneralRegisterSet savedRegs(availableGeneralRegs(2)); + savedRegs.set() = GeneralRegisterSet::Intersect(GeneralRegisterSet::NonVolatile(), savedRegs); +#endif + // get some more ARM-y names for the registers + ARMRegister W0(R0_, 32); + ARMRegister X0(R0_, 64); + ARMRegister W1(R1_, 32); + ARMRegister X1(R1_, 64); + ARMRegister WTemp(ExtractTemp0, 32); + ARMRegister XTemp(ExtractTemp0, 64); + Label maybeNegZero, revertRegister; + switch(op_) { + case JSOP_ADD: + masm.Adds(WTemp, W0, Operand(W1)); + + // Just jump to failure on overflow. R0 and R1 are preserved, so we can + // just jump to the next stub. + masm.j(Assembler::Overflow, &failure); + + // Box the result and return. We know R0 already contains the + // integer tag, so we just need to move the payload into place. + masm.movePayload(ExtractTemp0, R0_); + break; + + case JSOP_SUB: + masm.Subs(WTemp, W0, Operand(W1)); + masm.j(Assembler::Overflow, &failure); + masm.movePayload(ExtractTemp0, R0_); + break; + + case JSOP_MUL: + masm.mul32(R0.valueReg(), R1.valueReg(), Rscratch, &failure, &maybeNegZero); + masm.movePayload(Rscratch, R0_); + break; + + case JSOP_DIV: + case JSOP_MOD: { + + // Check for INT_MIN / -1, it results in a double. + Label check2; + masm.Cmp(W0, Operand(INT_MIN)); + masm.B(&check2, Assembler::NotEqual); + masm.Cmp(W1, Operand(-1)); + masm.j(Assembler::Equal, &failure); + masm.bind(&check2); + Label no_fail; + // Check for both division by zero and 0 / X with X < 0 (results in -0). + masm.Cmp(W1, Operand(0)); + // If x > 0, then it can't be bad. + masm.B(&no_fail, Assembler::GreaterThan); + // if x == 0, then ignore any comparison, and force + // it to fail, if x < 0 (the only other case) + // then do the comparison, and fail if y == 0 + masm.Ccmp(W0, Operand(0), vixl::ZFlag, Assembler::NotEqual); + masm.B(&failure, Assembler::Equal); + masm.bind(&no_fail); + masm.Sdiv(Wscratch, W0, W1); + // Start calculating the remainder, x - (x / y) * y. + masm.mul(WTemp, W1, Wscratch); + if (op_ == JSOP_DIV) { + // Result is a double if the remainder != 0, which happens + // when (x/y)*y != x. + masm.branch32(Assembler::NotEqual, R0.valueReg(), ExtractTemp0, &revertRegister); + masm.movePayload(Rscratch, R0_); + } else { + // Calculate the actual mod. Set the condition code, so we can see if it is non-zero. + masm.Subs(WTemp, W0, WTemp); + + // If X % Y == 0 and X < 0, the result is -0. + masm.Ccmp(W0, Operand(0), vixl::NoFlag, Assembler::Equal); + masm.branch(Assembler::LessThan, &revertRegister); + masm.movePayload(ExtractTemp0, R0_); + } + break; + } + // ORR, EOR, AND can trivially be coerced int + // working without affecting the tag of the dest.. + case JSOP_BITOR: + masm.Orr(X0, X0, Operand(X1)); + break; + case JSOP_BITXOR: + masm.Eor(X0, X0, Operand(W1, vixl::UXTW)); + break; + case JSOP_BITAND: + masm.And(X0, X0, Operand(X1)); + break; + // LSH, RSH and URSH can not. + case JSOP_LSH: + // ARM will happily try to shift by more than 0x1f. + masm.Lsl(Wscratch, W0, W1); + masm.movePayload(Rscratch, R0.valueReg()); + break; + case JSOP_RSH: + masm.Asr(Wscratch, W0, W1); + masm.movePayload(Rscratch, R0.valueReg()); + break; + case JSOP_URSH: + masm.Lsr(Wscratch, W0, W1); + if (allowDouble_) { + Label toUint; + // Testing for negative is equivalent to testing bit 31 + masm.Tbnz(Wscratch, 31, &toUint); + // Move result and box for return. + masm.movePayload(Rscratch, R0_); + EmitReturnFromIC(masm); + + masm.bind(&toUint); + masm.convertUInt32ToDouble(Rscratch, ScratchDoubleReg); + masm.boxDouble(ScratchDoubleReg, R0); + } else { + // Testing for negative is equivalent to testing bit 31 + masm.Tbnz(Wscratch, 31, &failure); + // Move result for return. + masm.movePayload(Rscratch, R0_); + } + break; + default: + MOZ_CRASH("Unhandled op for BinaryArith_Int32."); + } + + EmitReturnFromIC(masm); + + switch (op_) { + case JSOP_MUL: + masm.bind(&maybeNegZero); + + // Result is -0 if exactly one of lhs or rhs is negative. + masm.Cmn(W0, W1); + masm.j(Assembler::Signed, &failure); + + // Result is +0, so use the zero register. + masm.movePayload(rzr, R0_); + EmitReturnFromIC(masm); + break; + case JSOP_DIV: + case JSOP_MOD: + masm.bind(&revertRegister); + break; + default: + break; + } + + // Failure case - jump to next stub. + masm.bind(&failure); + EmitStubGuardFailure(masm); + + return true; +} + +bool +ICUnaryArith_Int32::Compiler::generateStubCode(MacroAssembler& masm) +{ + Label failure; + masm.branchTestInt32(Assembler::NotEqual, R0, &failure); + + switch (op) { + case JSOP_BITNOT: + masm.Mvn(ARMRegister(R1.valueReg(), 32), ARMRegister(R0.valueReg(), 32)); + masm.movePayload(R1.valueReg(), R0.valueReg()); + break; + case JSOP_NEG: + // Guard against 0 and MIN_INT, both result in a double. + masm.branchTest32(Assembler::Zero, R0.valueReg(), Imm32(0x7fffffff), &failure); + + // Compile -x as 0 - x. + masm.Sub(ARMRegister(R1.valueReg(), 32), wzr, ARMRegister(R0.valueReg(), 32)); + masm.movePayload(R1.valueReg(), R0.valueReg()); + break; + default: + MOZ_CRASH("Unexpected op"); + } + + EmitReturnFromIC(masm); + + masm.bind(&failure); + EmitStubGuardFailure(masm); + return true; + +} + +} // namespace jit +} // namespace js diff --git a/js/src/jit/arm64/SharedICHelpers-arm64.h b/js/src/jit/arm64/SharedICHelpers-arm64.h new file mode 100644 index 00000000000..092885a6b35 --- /dev/null +++ b/js/src/jit/arm64/SharedICHelpers-arm64.h @@ -0,0 +1,309 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- + * vim: set ts=8 sts=4 et sw=4 tw=99: + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef jit_arm64_SharedICHelpers_arm64_h +#define jit_arm64_SharedICHelpers_arm64_h + +#include "jit/BaselineFrame.h" +#include "jit/BaselineIC.h" +#include "jit/MacroAssembler.h" +#include "jit/SharedICRegisters.h" + +namespace js { +namespace jit { + +// Distance from sp to the top Value inside an IC stub (no return address on the stack on ARM). +static const size_t ICStackValueOffset = 0; + +inline void +EmitRestoreTailCallReg(MacroAssembler& masm) +{ + // No-op on ARM because link register is always holding the return address. +} + +inline void +EmitRepushTailCallReg(MacroAssembler& masm) +{ + // No-op on ARM because link register is always holding the return address. +} + +inline void +EmitCallIC(CodeOffsetLabel* patchOffset, MacroAssembler& masm) +{ + // Move ICEntry offset into ICStubReg + CodeOffsetLabel offset = masm.movWithPatch(ImmWord(-1), ICStubReg); + *patchOffset = offset; + + // Load stub pointer into ICStubReg + masm.loadPtr(Address(ICStubReg, ICEntry::offsetOfFirstStub()), ICStubReg); + + // Load stubcode pointer from BaselineStubEntry. + // R2 won't be active when we call ICs, so we can use r0. + MOZ_ASSERT(R2 == ValueOperand(r0)); + masm.loadPtr(Address(ICStubReg, ICStub::offsetOfStubCode()), r0); + + // Call the stubcode via a direct branch-and-link. + masm.Blr(x0); +} + +inline void +EmitEnterTypeMonitorIC(MacroAssembler& masm, + size_t monitorStubOffset = ICMonitoredStub::offsetOfFirstMonitorStub()) +{ + // This is expected to be called from within an IC, when ICStubReg is + // properly initialized to point to the stub. + masm.loadPtr(Address(ICStubReg, (uint32_t) monitorStubOffset), ICStubReg); + + // Load stubcode pointer from BaselineStubEntry. + // R2 won't be active when we call ICs, so we can use r0. + MOZ_ASSERT(R2 == ValueOperand(r0)); + masm.loadPtr(Address(ICStubReg, ICStub::offsetOfStubCode()), r0); + + // Jump to the stubcode. + masm.Br(x0); +} + +inline void +EmitReturnFromIC(MacroAssembler& masm) +{ + masm.abiret(); // Defaults to lr. +} + +inline void +EmitChangeICReturnAddress(MacroAssembler& masm, Register reg) +{ + masm.movePtr(reg, lr); +} + +inline void +EmitTailCallVM(JitCode* target, MacroAssembler& masm, uint32_t argSize) +{ + // We assume that R0 has been pushed, and R2 is unused. + MOZ_ASSERT(R2 == ValueOperand(r0)); + + // Compute frame size into w0. Used below in makeFrameDescriptor(). + masm.Sub(x0, BaselineFrameReg64, masm.GetStackPointer64()); + masm.Add(w0, w0, Operand(BaselineFrame::FramePointerOffset)); + + // Store frame size without VMFunction arguments for GC marking. + { + vixl::UseScratchRegisterScope temps(&masm.asVIXL()); + const ARMRegister scratch32 = temps.AcquireW(); + + masm.Sub(scratch32, w0, Operand(argSize)); + masm.store32(scratch32.asUnsized(), + Address(BaselineFrameReg, BaselineFrame::reverseOffsetOfFrameSize())); + } + + // Push frame descriptor (minus the return address) and perform the tail call. + MOZ_ASSERT(ICTailCallReg == lr); + masm.makeFrameDescriptor(r0, JitFrame_BaselineJS); + masm.push(r0); + + // The return address will be pushed by the VM wrapper, for compatibility + // with direct calls. Refer to the top of generateVMWrapper(). + // ICTailCallReg (lr) already contains the return address (as we keep + // it there through the stub calls). + + masm.branch(target); +} + +inline void +EmitCreateStubFrameDescriptor(MacroAssembler& masm, Register reg) +{ + ARMRegister reg64(reg, 64); + + // Compute stub frame size. + masm.Sub(reg64, masm.GetStackPointer64(), Operand(sizeof(void*) * 2)); + masm.Sub(reg64, BaselineFrameReg64, reg64); + + masm.makeFrameDescriptor(reg, JitFrame_BaselineStub); +} + +inline void +EmitCallVM(JitCode* target, MacroAssembler& masm) +{ + EmitCreateStubFrameDescriptor(masm, r0); + masm.push(r0); + masm.call(target); +} + +// Size of values pushed by EmitEnterStubFrame. +static const uint32_t STUB_FRAME_SIZE = 4 * sizeof(void*); +static const uint32_t STUB_FRAME_SAVED_STUB_OFFSET = sizeof(void*); + +inline void +EmitEnterStubFrame(MacroAssembler& masm, Register scratch) +{ + MOZ_ASSERT(scratch != ICTailCallReg); + + // Compute frame size. + masm.Add(ARMRegister(scratch, 64), BaselineFrameReg64, Operand(BaselineFrame::FramePointerOffset)); + masm.Sub(ARMRegister(scratch, 64), ARMRegister(scratch, 64), masm.GetStackPointer64()); + + masm.store32(scratch, Address(BaselineFrameReg, BaselineFrame::reverseOffsetOfFrameSize())); + + // Note: when making changes here, don't forget to update STUB_FRAME_SIZE. + + // Push frame descriptor and return address. + // Save old frame pointer, stack pointer, and stub reg. + masm.makeFrameDescriptor(scratch, JitFrame_BaselineJS); + masm.push(scratch, ICTailCallReg, ICStubReg, BaselineFrameReg); + + // Update the frame register. + masm.Mov(BaselineFrameReg64, masm.GetStackPointer64()); + + // Stack should remain 16-byte aligned. + masm.checkStackAlignment(); +} + +inline void +EmitLeaveStubFrame(MacroAssembler& masm, bool calledIntoIon = false) +{ + vixl::UseScratchRegisterScope temps(&masm.asVIXL()); + const ARMRegister scratch64 = temps.AcquireX(); + + // Ion frames do not save and restore the frame pointer. If we called + // into Ion, we have to restore the stack pointer from the frame descriptor. + // If we performed a VM call, the descriptor has been popped already so + // in that case we use the frame pointer. + if (calledIntoIon) { + masm.pop(scratch64.asUnsized()); + masm.Lsr(scratch64, scratch64, FRAMESIZE_SHIFT); + masm.Add(masm.GetStackPointer64(), masm.GetStackPointer64(), scratch64); + } else { + masm.Mov(masm.GetStackPointer64(), BaselineFrameReg64); + } + + // Pop values, discarding the frame descriptor. + masm.pop(BaselineFrameReg, ICStubReg, ICTailCallReg, scratch64.asUnsized()); + + // Stack should remain 16-byte aligned. + masm.checkStackAlignment(); +} + +inline void +EmitStowICValues(MacroAssembler& masm, int values) +{ + switch (values) { + case 1: + // Stow R0. + masm.pushValue(R0); + break; + case 2: + // Stow R0 and R1. + masm.push(R0.valueReg(), R1.valueReg()); + break; + default: + MOZ_MAKE_COMPILER_ASSUME_IS_UNREACHABLE("Expected 1 or 2 values"); + } +} + +inline void +EmitUnstowICValues(MacroAssembler& masm, int values, bool discard = false) +{ + MOZ_ASSERT(values >= 0 && values <= 2); + switch (values) { + case 1: + // Unstow R0. + if (discard) + masm.Drop(Operand(sizeof(Value))); + else + masm.popValue(R0); + break; + case 2: + // Unstow R0 and R1. + if (discard) + masm.Drop(Operand(sizeof(Value) * 2)); + else + masm.pop(R1.valueReg(), R0.valueReg()); + break; + default: + MOZ_MAKE_COMPILER_ASSUME_IS_UNREACHABLE("Expected 1 or 2 values"); + } +} + +inline void +EmitCallTypeUpdateIC(MacroAssembler& masm, JitCode* code, uint32_t objectOffset) +{ + // R0 contains the value that needs to be typechecked. + // The object we're updating is a boxed Value on the stack, at offset + // objectOffset from stack top, excluding the return address. + MOZ_ASSERT(R2 == ValueOperand(r0)); + + // Save the current ICStubReg to stack, as well as the TailCallReg, + // since on AArch64, the LR is live. + masm.push(ICStubReg, ICTailCallReg); + + // This is expected to be called from within an IC, when ICStubReg + // is properly initialized to point to the stub. + masm.loadPtr(Address(ICStubReg, (int32_t)ICUpdatedStub::offsetOfFirstUpdateStub()), + ICStubReg); + + // Load stubcode pointer from ICStubReg into ICTailCallReg. + masm.loadPtr(Address(ICStubReg, ICStub::offsetOfStubCode()), ICTailCallReg); + + // Call the stubcode. + masm.Blr(ARMRegister(ICTailCallReg, 64)); + + // Restore the old stub reg and tailcall reg. + masm.pop(ICTailCallReg, ICStubReg); + + // The update IC will store 0 or 1 in R1.scratchReg() reflecting if the + // value in R0 type-checked properly or not. + Label success; + masm.cmp32(R1.scratchReg(), Imm32(1)); + masm.j(Assembler::Equal, &success); + + // If the IC failed, then call the update fallback function. + EmitEnterStubFrame(masm, R1.scratchReg()); + + masm.loadValue(Address(masm.getStackPointer(), STUB_FRAME_SIZE + objectOffset), R1); + masm.push(R0.valueReg(), R1.valueReg(), ICStubReg); + + // Load previous frame pointer, push BaselineFrame*. + masm.loadPtr(Address(BaselineFrameReg, 0), R0.scratchReg()); + masm.pushBaselineFramePtr(R0.scratchReg(), R0.scratchReg()); + + EmitCallVM(code, masm); + EmitLeaveStubFrame(masm); + + // Success at end. + masm.bind(&success); +} + +template +inline void +EmitPreBarrier(MacroAssembler& masm, const AddrType& addr, MIRType type) +{ + // On AArch64, lr is clobbered by patchableCallPreBarrier. Save it first. + masm.push(lr); + masm.patchableCallPreBarrier(addr, type); + masm.pop(lr); +} + +inline void +EmitStubGuardFailure(MacroAssembler& masm) +{ + // NOTE: This routine assumes that the stub guard code left the stack in the + // same state it was in when it was entered. + + // BaselineStubEntry points to the current stub. + + // Load next stub into ICStubReg. + masm.loadPtr(Address(ICStubReg, ICStub::offsetOfNext()), ICStubReg); + + // Load stubcode pointer from BaselineStubEntry into scratch register. + masm.loadPtr(Address(ICStubReg, ICStub::offsetOfStubCode()), r0); + + // Return address is already loaded, just jump to the next stubcode. + masm.Br(x0); +} + +} // namespace jit +} // namespace js + +#endif // jit_arm64_SharedICHelpers_arm64_h diff --git a/js/src/jit/arm64/SharedICRegisters-arm64.h b/js/src/jit/arm64/SharedICRegisters-arm64.h new file mode 100644 index 00000000000..932a16ddd91 --- /dev/null +++ b/js/src/jit/arm64/SharedICRegisters-arm64.h @@ -0,0 +1,60 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- + * vim: set ts=8 sts=4 et sw=4 tw=99: + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef jit_arm64_SharedICRegisters_arm64_h +#define jit_arm64_SharedICRegisters_arm64_h + +#include "jit/MacroAssembler.h" + +namespace js { +namespace jit { + +// Must be a callee-saved register for preservation around generateEnterJIT(). +static constexpr Register BaselineFrameReg = r23; +static constexpr ARMRegister BaselineFrameReg64 = { BaselineFrameReg, 64 }; + +// The BaselineStackReg cannot be sp, because that register is treated +// as xzr/wzr during load/store operations. +static constexpr Register BaselineStackReg = PseudoStackPointer; + +// ValueOperands R0, R1, and R2. +// R0 == JSReturnReg, and R2 uses registers not preserved across calls. +// R1 value should be preserved across calls. +static constexpr Register R0_ = r2; +static constexpr Register R1_ = r19; +static constexpr Register R2_ = r0; + +static constexpr ValueOperand R0(R0_); +static constexpr ValueOperand R1(R1_); +static constexpr ValueOperand R2(R2_); + +// ICTailCallReg and ICStubReg use registers that are not preserved across calls. +static constexpr Register ICTailCallReg = r30; +static constexpr Register ICStubReg = r9; + +// ExtractTemps must be callee-save registers: +// ICSetProp_Native::Compiler::generateStubCode() stores the object +// in ExtractTemp0, but then calls callTypeUpdateIC(), which clobbers +// caller-save registers. +// They should also not be the scratch registers ip0 or ip1, +// since those get clobbered all the time. +static constexpr Register ExtractTemp0 = r24; +static constexpr Register ExtractTemp1 = r25; + +// R7 - R9 are generally available for use within stubcode. + +// Note that BaselineTailCallReg is actually just the link +// register. In ARM code emission, we do not clobber BaselineTailCallReg +// since we keep the return address for calls there. + +// FloatReg0 must be equal to ReturnFloatReg. +static constexpr FloatRegister FloatReg0 = { FloatRegisters::v0 }; +static constexpr FloatRegister FloatReg1 = { FloatRegisters::v1 }; + +} // namespace jit +} // namespace js + +#endif // jit_arm64_SharedICRegisters_arm64_h From d2449fe44b8887bdd865b6de71dd2a31074a0e09 Mon Sep 17 00:00:00 2001 From: Sean Stangl Date: Wed, 10 Jun 2015 15:33:21 -0700 Subject: [PATCH 068/297] Bug 1166037 - Follow-up - Revert SimulatorType to Simulator. no_r=me --- js/src/jit/BaselineBailouts.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/js/src/jit/BaselineBailouts.cpp b/js/src/jit/BaselineBailouts.cpp index e0ae8c37c46..7815a0cd3f1 100644 --- a/js/src/jit/BaselineBailouts.cpp +++ b/js/src/jit/BaselineBailouts.cpp @@ -1573,7 +1573,7 @@ jit::BailoutIonToBaseline(JSContext* cx, JitActivation* activation, JitFrameIter BaselineBailoutInfo *info = builder.info(); uint8_t* newsp = info->incomingStack - (info->copyStackTop - info->copyStackBottom); #if defined(JS_ARM_SIMULATOR) || defined(JS_ARM64_SIMULATOR) || defined(JS_MIPS_SIMULATOR) - if (SimulatorType::Current()->overRecursed(uintptr_t(newsp))) + if (Simulator::Current()->overRecursed(uintptr_t(newsp))) overRecursed = true; #else JS_CHECK_RECURSION_WITH_SP_DONT_REPORT(cx, newsp, overRecursed = true); From d5e1a6085361b6b5693a521886b661fdf36aef3e Mon Sep 17 00:00:00 2001 From: "Byron Campen [:bwc]" Date: Wed, 10 Jun 2015 15:27:12 -0700 Subject: [PATCH 069/297] Bug 1035468: A NAT simulator based on NrSocket, and integrate into ice_unittest. r=ekr --- media/mtransport/common.build | 1 + media/mtransport/nr_socket_prsock.cpp | 6 +- media/mtransport/nr_socket_prsock.h | 5 +- media/mtransport/test/ice_unittest.cpp | 239 +++++- media/mtransport/test/moz.build | 13 + media/mtransport/test/stunserver.cpp | 2 +- .../test/test_nr_socket_unittest.cpp | 660 +++++++++++++++ media/mtransport/test/turn_unittest.cpp | 2 +- media/mtransport/test_nr_socket.cpp | 763 ++++++++++++++++++ media/mtransport/test_nr_socket.h | 283 +++++++ .../third_party/nICEr/src/ice/ice_component.c | 4 +- .../third_party/nICEr/src/ice/ice_ctx.c | 19 + .../third_party/nICEr/src/ice/ice_ctx.h | 2 + .../third_party/nICEr/src/net/nr_socket.c | 40 + .../third_party/nICEr/src/net/nr_socket.h | 13 + .../nICEr/src/net/nr_socket_local.h | 2 +- testing/cppunittest.ini | 1 + 17 files changed, 2042 insertions(+), 13 deletions(-) create mode 100644 media/mtransport/test/test_nr_socket_unittest.cpp create mode 100644 media/mtransport/test_nr_socket.cpp create mode 100644 media/mtransport/test_nr_socket.h diff --git a/media/mtransport/common.build b/media/mtransport/common.build index 01b0e9682ea..0d441f79c88 100644 --- a/media/mtransport/common.build +++ b/media/mtransport/common.build @@ -16,6 +16,7 @@ mtransport_lcppsrcs = [ 'rlogringbuffer.cpp', 'simpletokenbucket.cpp', 'stun_udp_socket_filter.cpp', + 'test_nr_socket.cpp', 'transportflow.cpp', 'transportlayer.cpp', 'transportlayerdtls.cpp', diff --git a/media/mtransport/nr_socket_prsock.cpp b/media/mtransport/nr_socket_prsock.cpp index 93be754baef..998d2d7dbc0 100644 --- a/media/mtransport/nr_socket_prsock.cpp +++ b/media/mtransport/nr_socket_prsock.cpp @@ -653,7 +653,7 @@ int NrSocket::sendto(const void *msg, size_t len, if (PR_GetError() == PR_WOULD_BLOCK_ERROR) ABORT(R_WOULDBLOCK); - r_log(LOG_GENERIC, LOG_INFO, "Error in sendto %s", to->as_string); + r_log(LOG_GENERIC, LOG_INFO, "Error in sendto: %s", to->as_string); ABORT(R_IO_ERROR); } @@ -674,7 +674,7 @@ int NrSocket::recvfrom(void * buf, size_t maxlen, if (status <= 0) { if (PR_GetError() == PR_WOULD_BLOCK_ERROR) ABORT(R_WOULDBLOCK); - r_log(LOG_GENERIC, LOG_INFO, "Error in recvfrom"); + r_log(LOG_GENERIC, LOG_INFO, "Error in recvfrom: %d", (int)PR_GetError()); ABORT(R_IO_ERROR); } *len=status; @@ -1309,7 +1309,7 @@ static nr_socket_vtbl nr_socket_local_vtbl={ nr_socket_local_close }; -int nr_socket_local_create(nr_transport_addr *addr, nr_socket **sockp) { +int nr_socket_local_create(void *obj, nr_transport_addr *addr, nr_socket **sockp) { RefPtr sock; // create IPC bridge for content process diff --git a/media/mtransport/nr_socket_prsock.h b/media/mtransport/nr_socket_prsock.h index d892cd5ad7d..1c2623ee621 100644 --- a/media/mtransport/nr_socket_prsock.h +++ b/media/mtransport/nr_socket_prsock.h @@ -116,6 +116,9 @@ public: static TimeStamp short_term_violation_time(); static TimeStamp long_term_violation_time(); + const nr_transport_addr& my_addr() const { + return my_addr_; + } protected: void fire_callback(int how); @@ -163,7 +166,7 @@ public: virtual int write(const void *msg, size_t len, size_t *written) override; virtual int read(void* buf, size_t maxlen, size_t *len) override; -private: +protected: virtual ~NrSocket() { if (fd_) PR_Close(fd_); diff --git a/media/mtransport/test/ice_unittest.cpp b/media/mtransport/test/ice_unittest.cpp index c7124229186..54602be1bc1 100644 --- a/media/mtransport/test/ice_unittest.cpp +++ b/media/mtransport/test/ice_unittest.cpp @@ -35,6 +35,9 @@ #include "rlogringbuffer.h" #include "runnable_utils.h" #include "stunserver.h" +#include "nr_socket_prsock.h" +#include "test_nr_socket.h" +#include "ice_ctx.h" // TODO(bcampen@mozilla.com): Big fat hack since the build system doesn't give // us a clean way to add object files to a single executable. #include "stunserver.cpp" @@ -250,13 +253,21 @@ class IceTestPeer : public sigslot::has_slots<> { expected_remote_type_(NrIceCandidate::ICE_HOST), trickle_mode_(TRICKLE_NONE), trickled_(0), - simulate_ice_lite_(false) { + simulate_ice_lite_(false), + nat_(new TestNat) { ice_ctx_->SignalGatheringStateChange.connect( this, &IceTestPeer::GatheringStateChange); ice_ctx_->SignalConnectionStateChange.connect( this, &IceTestPeer::ConnectionStateChange); + + nr_socket_factory *fac; + int r = nat_->create_socket_factory(&fac); + MOZ_ASSERT(!r); + if (!r) { + nr_ice_ctx_set_socket_factory(ice_ctx_->ctx(), fac); + } } ~IceTestPeer() { @@ -317,6 +328,11 @@ class IceTestPeer : public sigslot::has_slots<> { ASSERT_TRUE(NS_SUCCEEDED(ice_ctx_->SetStunServers(stun_servers))); } + void UseTestStunServer() { + SetStunServer(TestStunServer::GetInstance()->addr(), + TestStunServer::GetInstance()->port()); + } + void SetTurnServer(const std::string addr, uint16_t port, const std::string username, const std::string password, @@ -371,6 +387,25 @@ class IceTestPeer : public sigslot::has_slots<> { ASSERT_TRUE(NS_SUCCEEDED(res)); } + void UseNat() { + nat_->enabled_ = true; + } + + void SetFilteringType(TestNat::NatBehavior type) { + MOZ_ASSERT(!nat_->has_port_mappings()); + nat_->filtering_type_ = type; + } + + void SetMappingType(TestNat::NatBehavior type) { + MOZ_ASSERT(!nat_->has_port_mappings()); + nat_->mapping_type_ = type; + } + + void SetBlockUdp(bool block) { + MOZ_ASSERT(!nat_->has_port_mappings()); + nat_->block_udp_ = block; + } + // Get various pieces of state std::vector GetGlobalAttributes() { std::vector attrs(ice_ctx_->GetGlobalAttributes()); @@ -1008,6 +1043,7 @@ class IceTestPeer : public sigslot::has_slots<> { TrickleMode trickle_mode_; int trickled_; bool simulate_ice_lite_; + nsRefPtr nat_; }; void SchedulableTrickleCandidate::Trickle() { @@ -1065,6 +1101,12 @@ class IceGatherTest : public ::testing::Test { TestStunServer::GetInstance()->port()); } + void UseTestStunServer() { + TestStunServer::GetInstance()->Reset(); + peer_->SetStunServer(TestStunServer::GetInstance()->addr(), + TestStunServer::GetInstance()->port()); + } + // NB: Only does substring matching, watch out for stuff like "1.2.3.4" // matching "21.2.3.47". " 1.2.3.4 " should not have false positives. bool StreamHasMatchingCandidate(unsigned int stream, @@ -1084,7 +1126,12 @@ class IceGatherTest : public ::testing::Test { class IceConnectTest : public ::testing::Test { public: - IceConnectTest() : initted_(false) {} + IceConnectTest() : + initted_(false), + use_nat_(false), + filtering_type_(TestNat::ENDPOINT_INDEPENDENT), + mapping_type_(TestNat::ENDPOINT_INDEPENDENT), + block_udp_(false) {} void SetUp() { nsresult rv; @@ -1126,8 +1173,25 @@ class IceConnectTest : public ::testing::Test { bool Gather(unsigned int waitTime = kDefaultTimeout) { Init(false, false); - p1_->SetStunServer(g_stun_server_address, kDefaultStunServerPort); - p2_->SetStunServer(g_stun_server_address, kDefaultStunServerPort); + if (use_nat_) { + // If we enable nat simulation, but still use a real STUN server somewhere + // on the internet, we will see failures if there is a real NAT in + // addition to our simulated one, particularly if it disallows + // hairpinning. + UseTestStunServer(); + p1_->UseNat(); + p2_->UseNat(); + p1_->SetFilteringType(filtering_type_); + p2_->SetFilteringType(filtering_type_); + p1_->SetMappingType(mapping_type_); + p2_->SetMappingType(mapping_type_); + p1_->SetBlockUdp(block_udp_); + p2_->SetBlockUdp(block_udp_); + } else { + p1_->SetStunServer(g_stun_server_address, kDefaultStunServerPort); + p2_->SetStunServer(g_stun_server_address, kDefaultStunServerPort); + } + p1_->Gather(); p2_->Gather(); @@ -1142,6 +1206,28 @@ class IceConnectTest : public ::testing::Test { return true; } + void UseNat() { + use_nat_ = true; + } + + void SetFilteringType(TestNat::NatBehavior type) { + filtering_type_ = type; + } + + void SetMappingType(TestNat::NatBehavior type) { + mapping_type_ = type; + } + + void BlockUdp() { + block_udp_ = true; + } + + void UseTestStunServer() { + TestStunServer::GetInstance()->Reset(); + p1_->UseTestStunServer(); + p2_->UseTestStunServer(); + } + void SetTurnServer(const std::string addr, uint16_t port, const std::string username, const std::string password, @@ -1277,6 +1363,10 @@ class IceConnectTest : public ::testing::Test { nsCOMPtr target_; mozilla::ScopedDeletePtr p1_; mozilla::ScopedDeletePtr p2_; + bool use_nat_; + TestNat::NatBehavior filtering_type_; + TestNat::NatBehavior mapping_type_; + bool block_udp_; }; class PrioritizerTest : public ::testing::Test { @@ -1643,6 +1733,147 @@ TEST_F(IceConnectTest, TestTrickleIceLiteOfferer) { AssertCheckingReached(); } +TEST_F(IceConnectTest, TestGatherFullCone) { + AddStream("first", 1); + UseNat(); + SetFilteringType(TestNat::ENDPOINT_INDEPENDENT); + SetMappingType(TestNat::ENDPOINT_INDEPENDENT); + ASSERT_TRUE(Gather()); +} + +TEST_F(IceConnectTest, TestGatherFullConeAutoPrioritize) { + Init(false, true); + AddStream("first", 1); + UseNat(); + SetFilteringType(TestNat::ENDPOINT_INDEPENDENT); + SetMappingType(TestNat::ENDPOINT_INDEPENDENT); + ASSERT_TRUE(Gather()); +} + + +TEST_F(IceConnectTest, TestConnectFullCone) { + AddStream("first", 1); + UseNat(); + SetFilteringType(TestNat::ENDPOINT_INDEPENDENT); + SetMappingType(TestNat::ENDPOINT_INDEPENDENT); + SetExpectedTypes(NrIceCandidate::Type::ICE_SERVER_REFLEXIVE, + NrIceCandidate::Type::ICE_SERVER_REFLEXIVE); + ASSERT_TRUE(Gather()); + Connect(); +} + +TEST_F(IceConnectTest, TestGatherAddressRestrictedCone) { + AddStream("first", 1); + UseNat(); + SetFilteringType(TestNat::ADDRESS_DEPENDENT); + SetMappingType(TestNat::ENDPOINT_INDEPENDENT); + ASSERT_TRUE(Gather()); +} + +TEST_F(IceConnectTest, TestConnectAddressRestrictedCone) { + AddStream("first", 1); + UseNat(); + SetFilteringType(TestNat::ADDRESS_DEPENDENT); + SetMappingType(TestNat::ENDPOINT_INDEPENDENT); + SetExpectedTypes(NrIceCandidate::Type::ICE_SERVER_REFLEXIVE, + NrIceCandidate::Type::ICE_SERVER_REFLEXIVE); + ASSERT_TRUE(Gather()); + Connect(); +} + +TEST_F(IceConnectTest, TestGatherPortRestrictedCone) { + AddStream("first", 1); + UseNat(); + SetFilteringType(TestNat::PORT_DEPENDENT); + SetMappingType(TestNat::ENDPOINT_INDEPENDENT); + ASSERT_TRUE(Gather()); +} + +TEST_F(IceConnectTest, TestConnectPortRestrictedCone) { + AddStream("first", 1); + UseNat(); + SetFilteringType(TestNat::PORT_DEPENDENT); + SetMappingType(TestNat::ENDPOINT_INDEPENDENT); + SetExpectedTypes(NrIceCandidate::Type::ICE_SERVER_REFLEXIVE, + NrIceCandidate::Type::ICE_SERVER_REFLEXIVE); + ASSERT_TRUE(Gather()); + Connect(); +} + +TEST_F(IceConnectTest, TestGatherSymmetricNat) { + AddStream("first", 1); + UseNat(); + SetFilteringType(TestNat::PORT_DEPENDENT); + SetMappingType(TestNat::PORT_DEPENDENT); + ASSERT_TRUE(Gather()); +} + +TEST_F(IceConnectTest, TestConnectSymmetricNat) { + if (g_turn_server.empty()) + return; + + AddStream("first", 1); + UseNat(); + SetFilteringType(TestNat::PORT_DEPENDENT); + SetMappingType(TestNat::PORT_DEPENDENT); + p1_->SetExpectedTypes(NrIceCandidate::Type::ICE_RELAYED, + NrIceCandidate::Type::ICE_RELAYED); + p2_->SetExpectedTypes(NrIceCandidate::Type::ICE_RELAYED, + NrIceCandidate::Type::ICE_RELAYED); + SetTurnServer(g_turn_server, kDefaultStunServerPort, + g_turn_user, g_turn_password); + ASSERT_TRUE(Gather()); + Connect(); +} + +TEST_F(IceConnectTest, TestGatherNatBlocksUDP) { + if (g_turn_server.empty()) + return; + + AddStream("first", 1); + UseNat(); + BlockUdp(); + std::vector turn_servers; + std::vector password_vec(g_turn_password.begin(), + g_turn_password.end()); + turn_servers.push_back( + *NrIceTurnServer::Create(g_turn_server, kDefaultStunServerPort, + g_turn_user, password_vec, kNrIceTransportTcp)); + turn_servers.push_back( + *NrIceTurnServer::Create(g_turn_server, kDefaultStunServerPort, + g_turn_user, password_vec, kNrIceTransportUdp)); + SetTurnServers(turn_servers); + // We have to wait for the UDP-based stuff to time out. + ASSERT_TRUE(Gather(kDefaultTimeout * 3)); +} + +TEST_F(IceConnectTest, TestConnectNatBlocksUDP) { + if (g_turn_server.empty()) + return; + + AddStream("first", 1); + UseNat(); + BlockUdp(); + std::vector turn_servers; + std::vector password_vec(g_turn_password.begin(), + g_turn_password.end()); + turn_servers.push_back( + *NrIceTurnServer::Create(g_turn_server, kDefaultStunServerPort, + g_turn_user, password_vec, kNrIceTransportTcp)); + turn_servers.push_back( + *NrIceTurnServer::Create(g_turn_server, kDefaultStunServerPort, + g_turn_user, password_vec, kNrIceTransportUdp)); + SetTurnServers(turn_servers); + p1_->SetExpectedTypes(NrIceCandidate::Type::ICE_RELAYED, + NrIceCandidate::Type::ICE_RELAYED, + kNrIceTransportTcp); + p2_->SetExpectedTypes(NrIceCandidate::Type::ICE_RELAYED, + NrIceCandidate::Type::ICE_RELAYED, + kNrIceTransportTcp); + ASSERT_TRUE(Gather(kDefaultTimeout * 3)); + Connect(); +} + TEST_F(IceConnectTest, TestConnectTwoComponents) { AddStream("first", 2); ASSERT_TRUE(Gather()); diff --git a/media/mtransport/test/moz.build b/media/mtransport/test/moz.build index 3f74840ac1f..71f8abf68aa 100644 --- a/media/mtransport/test/moz.build +++ b/media/mtransport/test/moz.build @@ -14,6 +14,7 @@ if CONFIG['OS_TARGET'] != 'WINNT' and CONFIG['MOZ_WIDGET_TOOLKIT'] != 'gonk': 'runnable_utils_unittest', 'simpletokenbucket_unittest', 'sockettransportservice_unittest', + 'test_nr_socket_unittest', 'TestSyncRunnable', 'transport_unittests', 'turn_unittest', @@ -30,6 +31,8 @@ for var in ('MOZILLA_INTERNAL_API', 'MOZILLA_XPCOMRT_API', 'MOZILLA_EXTERNAL_LIN DEFINES[var] = True if CONFIG['OS_TARGET'] == 'Android': + DEFINES['LINUX'] = True + DEFINES['ANDROID'] = True LOCAL_INCLUDES += [ '/media/mtransport/third_party/nrappkit/src/port/android/include', ] @@ -37,6 +40,8 @@ else: DEFINES['INET6'] = True if CONFIG['OS_TARGET'] == 'Linux': + DEFINES['LINUX'] = True + DEFINES['USE_INTERFACE_PRIORITIZER'] = True LOCAL_INCLUDES += [ '/media/mtransport/third_party/nrappkit/src/port/linux/include', ] @@ -53,12 +58,20 @@ if CONFIG['OS_TARGET'] == 'Darwin': ] if CONFIG['OS_TARGET'] in ('DragonFly', 'FreeBSD', 'NetBSD', 'OpenBSD'): + if CONFIG['OS_TARGET'] == 'Darwin': + DEFINES['DARWIN'] = True + else: + DEFINES['BSD'] = True LOCAL_INCLUDES += [ '/media/mtransport/third_party/nrappkit/src/port/darwin/include', ] # SCTP DEFINES if CONFIG['OS_TARGET'] == 'WINNT': + DEFINES['WIN'] = True + # for stun.h + DEFINES['WIN32'] = True + DEFINES['NOMINMAX'] = True DEFINES['__Userspace_os_Windows'] = 1 else: # Works for Darwin, Linux, Android. Probably doesn't work for others. diff --git a/media/mtransport/test/stunserver.cpp b/media/mtransport/test/stunserver.cpp index 9f71f646a31..f0a4bb51cb6 100644 --- a/media/mtransport/test/stunserver.cpp +++ b/media/mtransport/test/stunserver.cpp @@ -221,7 +221,7 @@ int TestStunServer::TryOpenListenSocket(nr_local_addr* addr, uint16_t port) { return R_INTERNAL; } - if (nr_socket_local_create(&addr->addr, &listen_sock_)) { + if (nr_socket_local_create(nullptr, &addr->addr, &listen_sock_)) { MOZ_MTLOG(ML_ERROR, "Couldn't create listen socket"); return R_ALREADY; } diff --git a/media/mtransport/test/test_nr_socket_unittest.cpp b/media/mtransport/test/test_nr_socket_unittest.cpp new file mode 100644 index 00000000000..bbe6ff54b2a --- /dev/null +++ b/media/mtransport/test/test_nr_socket_unittest.cpp @@ -0,0 +1,660 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +// Original author: bcampen@mozilla.com + +extern "C" { +#include "stun_msg.h" // for NR_STUN_MAX_MESSAGE_SIZE +#include "stun_util.h" +#include "nr_api.h" +#include "async_wait.h" +#include "nr_socket.h" +#include "nr_socket_local.h" +#include "stun_hint.h" +#include "local_addr.h" +#include "registry.h" +} + +#include "test_nr_socket.h" + +#include "nsCOMPtr.h" +#include "nsNetCID.h" +#include "nsServiceManagerUtils.h" +#include "nsAutoPtr.h" +#include "runnable_utils.h" +#include "mtransport_test_utils.h" + +#include + +#define GTEST_HAS_RTTI 0 +#include "gtest/gtest.h" +#include "gtest_utils.h" + +namespace mozilla { + +class TestNrSocketTest : public ::testing::Test { + public: + TestNrSocketTest() : + wait_done_for_main_(false), + sts_(), + public_addrs_(), + private_addrs_(), + nats_() { + // Get the transport service as a dispatch target + nsresult rv; + sts_ = do_GetService(NS_SOCKETTRANSPORTSERVICE_CONTRACTID, &rv); + EXPECT_TRUE(NS_SUCCEEDED(rv)) << "Failed to get STS: " << (int)rv; + } + + ~TestNrSocketTest() { + sts_->Dispatch(WrapRunnable(this, &TestNrSocketTest::TearDown_s), + NS_DISPATCH_SYNC); + } + + void TearDown_s() { + public_addrs_.clear(); + private_addrs_.clear(); + nats_.clear(); + sts_ = nullptr; + } + + nsRefPtr CreateTestNrSocket_s(const char *ip_str, + TestNat *nat) { + // If no nat is supplied, we create a default NAT which is disabled. This + // is how we simulate a non-natted socket. + nsRefPtr sock(new TestNrSocket(nat ? nat : new TestNat)); + nr_transport_addr address; + nr_ip4_str_port_to_transport_addr(ip_str, 0, IPPROTO_UDP, &address); + int r = sock->create(&address); + if (r) { + return nullptr; + } + return sock; + } + + void CreatePublicAddrs(size_t count, const char *ip_str = "127.0.0.1") { + sts_->Dispatch( + WrapRunnable(this, + &TestNrSocketTest::CreatePublicAddrs_s, + count, + ip_str), + NS_DISPATCH_SYNC); + } + + void CreatePublicAddrs_s(size_t count, const char* ip_str) { + while (count--) { + auto sock = CreateTestNrSocket_s(ip_str, nullptr); + ASSERT_TRUE(sock) << "Failed to create socket"; + public_addrs_.push_back(sock); + } + } + + nsRefPtr CreatePrivateAddrs(size_t size, + const char* ip_str = "127.0.0.1") { + nsRefPtr result; + sts_->Dispatch( + WrapRunnableRet(this, + &TestNrSocketTest::CreatePrivateAddrs_s, + size, + ip_str, + &result), + NS_DISPATCH_SYNC); + return result; + } + + nsRefPtr CreatePrivateAddrs_s(size_t count, const char* ip_str) { + nsRefPtr nat(new TestNat); + while (count--) { + auto sock = CreateTestNrSocket_s(ip_str, nat); + if (!sock) { + EXPECT_TRUE(false) << "Failed to create socket"; + break; + } + private_addrs_.push_back(sock); + } + nat->enabled_ = true; + nats_.push_back(nat); + return nat; + } + + bool CheckConnectivityVia( + TestNrSocket *from, + TestNrSocket *to, + const nr_transport_addr &via, + nr_transport_addr *sender_external_address = nullptr) { + MOZ_ASSERT(from); + + if (!WaitForWriteable(from)) { + return false; + } + + int result = 0; + sts_->Dispatch(WrapRunnableRet(this, + &TestNrSocketTest::SendData_s, + from, + via, + &result), + NS_DISPATCH_SYNC); + if (result) { + return false; + } + + if (!WaitForReadable(to)) { + return false; + } + + nr_transport_addr dummy_outparam; + if (!sender_external_address) { + sender_external_address = &dummy_outparam; + } + + MOZ_ASSERT(to); + sts_->Dispatch(WrapRunnableRet(this, + &TestNrSocketTest::RecvData_s, + to, + sender_external_address, + &result), + NS_DISPATCH_SYNC); + + return !result; + } + + bool CheckConnectivity( + TestNrSocket *from, + TestNrSocket *to, + nr_transport_addr *sender_external_address = nullptr) { + nr_transport_addr destination_address; + int r = GetAddress(to, &destination_address); + if (r) { + return false; + } + + return CheckConnectivityVia(from, + to, + destination_address, + sender_external_address); + } + + int GetAddress(TestNrSocket *sock, nr_transport_addr_ *address) { + MOZ_ASSERT(sock); + MOZ_ASSERT(address); + int r; + sts_->Dispatch(WrapRunnableRet(this, + &TestNrSocketTest::GetAddress_s, + sock, + address, + &r), + NS_DISPATCH_SYNC); + return r; + } + + int GetAddress_s(TestNrSocket *sock, nr_transport_addr *address) { + return sock->getaddr(address); + } + + int SendData_s(TestNrSocket *from, const nr_transport_addr &to) { + // It is up to caller to ensure that |from| is writeable. + const char buf[] = "foobajooba"; + return from->sendto(buf, sizeof(buf), 0, + // TODO(bug 1170299): Remove const_cast when no longer necessary + const_cast(&to)); + } + + int RecvData_s(TestNrSocket *to, nr_transport_addr *from) { + // It is up to caller to ensure that |to| is readable + const size_t bufSize = 1024; + char buf[bufSize]; + size_t len; + // Maybe check that data matches? + int r = to->recvfrom(buf, sizeof(buf), &len, 0, from); + if (!r && (len == 0)) { + r = R_INTERNAL; + } + return r; + } + + bool WaitForSocketState(TestNrSocket *sock, int state) { + MOZ_ASSERT(sock); + sts_->Dispatch(WrapRunnable(this, + &TestNrSocketTest::WaitForSocketState_s, + sock, + state), + NS_DISPATCH_SYNC); + + bool res; + WAIT_(wait_done_for_main_, 100, res); + wait_done_for_main_ = false; + + if (!res) { + sts_->Dispatch(WrapRunnable(this, + &TestNrSocketTest::CancelWait_s, + sock, + state), + NS_DISPATCH_SYNC); + } + + return res; + } + + void WaitForSocketState_s(TestNrSocket *sock, int state) { + NR_ASYNC_WAIT(sock, state, &WaitDone, this); + } + + void CancelWait_s(TestNrSocket *sock, int state) { + sock->cancel(state); + } + + bool WaitForReadable(TestNrSocket *sock) { + return WaitForSocketState(sock, NR_ASYNC_WAIT_READ); + } + + bool WaitForWriteable(TestNrSocket *sock) { + return WaitForSocketState(sock, NR_ASYNC_WAIT_WRITE); + } + + static void WaitDone(void *sock, int how, void *test_fixture) { + TestNrSocketTest *test = static_cast(test_fixture); + test->wait_done_for_main_ = true; + } + + // Simple busywait boolean for the test cases to spin on. + Atomic wait_done_for_main_; + + nsCOMPtr sts_; + std::vector> public_addrs_; + std::vector> private_addrs_; + std::vector> nats_; +}; + +} // namespace mozilla + +using mozilla::TestNrSocketTest; +using mozilla::TestNat; + +TEST_F(TestNrSocketTest, PublicConnectivity) { + CreatePublicAddrs(2); + + ASSERT_TRUE(CheckConnectivity(public_addrs_[0], public_addrs_[1])); + ASSERT_TRUE(CheckConnectivity(public_addrs_[1], public_addrs_[0])); + ASSERT_TRUE(CheckConnectivity(public_addrs_[0], public_addrs_[0])); + ASSERT_TRUE(CheckConnectivity(public_addrs_[1], public_addrs_[1])); +} + +TEST_F(TestNrSocketTest, PrivateConnectivity) { + nsRefPtr nat(CreatePrivateAddrs(2)); + nat->filtering_type_ = TestNat::ENDPOINT_INDEPENDENT; + nat->mapping_type_ = TestNat::ENDPOINT_INDEPENDENT; + + ASSERT_TRUE(CheckConnectivity(private_addrs_[0], private_addrs_[1])); + ASSERT_TRUE(CheckConnectivity(private_addrs_[1], private_addrs_[0])); + ASSERT_TRUE(CheckConnectivity(private_addrs_[0], private_addrs_[0])); + ASSERT_TRUE(CheckConnectivity(private_addrs_[1], private_addrs_[1])); +} + +TEST_F(TestNrSocketTest, NoConnectivityWithoutPinhole) { + nsRefPtr nat(CreatePrivateAddrs(1)); + nat->filtering_type_ = TestNat::ENDPOINT_INDEPENDENT; + nat->mapping_type_ = TestNat::ENDPOINT_INDEPENDENT; + CreatePublicAddrs(1); + + ASSERT_FALSE(CheckConnectivity(public_addrs_[0], private_addrs_[0])); +} + +TEST_F(TestNrSocketTest, NoConnectivityBetweenSubnets) { + nsRefPtr nat1(CreatePrivateAddrs(1)); + nat1->filtering_type_ = TestNat::ENDPOINT_INDEPENDENT; + nat1->mapping_type_ = TestNat::ENDPOINT_INDEPENDENT; + nsRefPtr nat2(CreatePrivateAddrs(1)); + nat2->filtering_type_ = TestNat::ENDPOINT_INDEPENDENT; + nat2->mapping_type_ = TestNat::ENDPOINT_INDEPENDENT; + + ASSERT_FALSE(CheckConnectivity(private_addrs_[0], private_addrs_[1])); + ASSERT_FALSE(CheckConnectivity(private_addrs_[1], private_addrs_[0])); + ASSERT_TRUE(CheckConnectivity(private_addrs_[0], private_addrs_[0])); + ASSERT_TRUE(CheckConnectivity(private_addrs_[1], private_addrs_[1])); +} + +TEST_F(TestNrSocketTest, FullConeAcceptIngress) { + nsRefPtr nat(CreatePrivateAddrs(1)); + nat->filtering_type_ = TestNat::ENDPOINT_INDEPENDENT; + nat->mapping_type_ = TestNat::ENDPOINT_INDEPENDENT; + CreatePublicAddrs(2); + + nr_transport_addr sender_external_address; + // Open pinhole to public IP 0 + ASSERT_TRUE(CheckConnectivity(private_addrs_[0], + public_addrs_[0], + &sender_external_address)); + + // Verify that return traffic works + ASSERT_TRUE(CheckConnectivityVia(public_addrs_[0], + private_addrs_[0], + sender_external_address)); + + // Verify that other public IP can use the pinhole + ASSERT_TRUE(CheckConnectivityVia(public_addrs_[1], + private_addrs_[0], + sender_external_address)); +} + +TEST_F(TestNrSocketTest, FullConeOnePinhole) { + nsRefPtr nat(CreatePrivateAddrs(1)); + nat->filtering_type_ = TestNat::ENDPOINT_INDEPENDENT; + nat->mapping_type_ = TestNat::ENDPOINT_INDEPENDENT; + CreatePublicAddrs(2); + + nr_transport_addr sender_external_address; + // Open pinhole to public IP 0 + ASSERT_TRUE(CheckConnectivity(private_addrs_[0], + public_addrs_[0], + &sender_external_address)); + + // Verify that return traffic works + ASSERT_TRUE(CheckConnectivityVia(public_addrs_[0], + private_addrs_[0], + sender_external_address)); + + // Send traffic to other public IP, verify that it uses the same pinhole + nr_transport_addr sender_external_address2; + ASSERT_TRUE(CheckConnectivity(private_addrs_[0], + public_addrs_[1], + &sender_external_address2)); + ASSERT_FALSE(nr_transport_addr_cmp(&sender_external_address, + &sender_external_address2, + NR_TRANSPORT_ADDR_CMP_MODE_ALL)) + << "addr1: " << sender_external_address.as_string << " addr2: " + << sender_external_address2.as_string; +} + +// OS 10.6 doesn't seem to allow us to open ports on 127.0.0.2, and while linux +// does allow this, it has other behavior (see below) that prevents this test +// from working. +TEST_F(TestNrSocketTest, DISABLED_AddressRestrictedCone) { + nsRefPtr nat(CreatePrivateAddrs(1)); + nat->filtering_type_ = TestNat::ADDRESS_DEPENDENT; + nat->mapping_type_ = TestNat::ENDPOINT_INDEPENDENT; + CreatePublicAddrs(2, "127.0.0.1"); + CreatePublicAddrs(1, "127.0.0.2"); + + nr_transport_addr sender_external_address; + // Open pinhole to public IP 0 + ASSERT_TRUE(CheckConnectivity(private_addrs_[0], + public_addrs_[0], + &sender_external_address)); + + // Verify that return traffic works + ASSERT_TRUE(CheckConnectivityVia(public_addrs_[0], + private_addrs_[0], + sender_external_address)); + + // Verify that another address on the same host can use the pinhole + ASSERT_TRUE(CheckConnectivityVia(public_addrs_[1], + private_addrs_[0], + sender_external_address)); + + // Linux has a tendency to monkey around with source addresses, doing + // stuff like substituting 127.0.0.1 for packets sent by 127.0.0.2, and even + // going as far as substituting localhost for a packet sent from a real IP + // address when the destination is localhost. The only way to make this test + // work on linux is to have two real IP addresses. +#ifndef __linux__ + // Verify that an address on a different host can't use the pinhole + ASSERT_FALSE(CheckConnectivityVia(public_addrs_[2], + private_addrs_[0], + sender_external_address)); +#endif + + // Send traffic to other public IP, verify that it uses the same pinhole + nr_transport_addr sender_external_address2; + ASSERT_TRUE(CheckConnectivity(private_addrs_[0], + public_addrs_[1], + &sender_external_address2)); + ASSERT_FALSE(nr_transport_addr_cmp(&sender_external_address, + &sender_external_address2, + NR_TRANSPORT_ADDR_CMP_MODE_ALL)) + << "addr1: " << sender_external_address.as_string << " addr2: " + << sender_external_address2.as_string; + + // Verify that the other public IP can now use the pinhole + ASSERT_TRUE(CheckConnectivityVia(public_addrs_[1], + private_addrs_[0], + sender_external_address2)); + + // Send traffic to other public IP, verify that it uses the same pinhole + nr_transport_addr sender_external_address3; + ASSERT_TRUE(CheckConnectivity(private_addrs_[0], + public_addrs_[2], + &sender_external_address3)); + ASSERT_FALSE(nr_transport_addr_cmp(&sender_external_address, + &sender_external_address3, + NR_TRANSPORT_ADDR_CMP_MODE_ALL)) + << "addr1: " << sender_external_address.as_string << " addr2: " + << sender_external_address3.as_string; + + // Verify that the other public IP can now use the pinhole + ASSERT_TRUE(CheckConnectivityVia(public_addrs_[2], + private_addrs_[0], + sender_external_address3)); +} + +TEST_F(TestNrSocketTest, RestrictedCone) { + nsRefPtr nat(CreatePrivateAddrs(1)); + nat->filtering_type_ = TestNat::PORT_DEPENDENT; + nat->mapping_type_ = TestNat::ENDPOINT_INDEPENDENT; + CreatePublicAddrs(2); + + nr_transport_addr sender_external_address; + // Open pinhole to public IP 0 + ASSERT_TRUE(CheckConnectivity(private_addrs_[0], + public_addrs_[0], + &sender_external_address)); + + // Verify that return traffic works + ASSERT_TRUE(CheckConnectivityVia(public_addrs_[0], + private_addrs_[0], + sender_external_address)); + + // Verify that other public IP cannot use the pinhole + ASSERT_FALSE(CheckConnectivityVia(public_addrs_[1], + private_addrs_[0], + sender_external_address)); + + // Send traffic to other public IP, verify that it uses the same pinhole + nr_transport_addr sender_external_address2; + ASSERT_TRUE(CheckConnectivity(private_addrs_[0], + public_addrs_[1], + &sender_external_address2)); + ASSERT_FALSE(nr_transport_addr_cmp(&sender_external_address, + &sender_external_address2, + NR_TRANSPORT_ADDR_CMP_MODE_ALL)) + << "addr1: " << sender_external_address.as_string << " addr2: " + << sender_external_address2.as_string; + + // Verify that the other public IP can now use the pinhole + ASSERT_TRUE(CheckConnectivityVia(public_addrs_[1], + private_addrs_[0], + sender_external_address2)); +} + +TEST_F(TestNrSocketTest, PortDependentMappingFullCone) { + nsRefPtr nat(CreatePrivateAddrs(1)); + nat->filtering_type_ = TestNat::ENDPOINT_INDEPENDENT; + nat->mapping_type_ = TestNat::PORT_DEPENDENT; + CreatePublicAddrs(2); + + nr_transport_addr sender_external_address0; + // Open pinhole to public IP 0 + ASSERT_TRUE(CheckConnectivity(private_addrs_[0], + public_addrs_[0], + &sender_external_address0)); + + // Verify that return traffic works + ASSERT_TRUE(CheckConnectivityVia(public_addrs_[0], + private_addrs_[0], + sender_external_address0)); + + // Verify that other public IP can use the pinhole + ASSERT_TRUE(CheckConnectivityVia(public_addrs_[1], + private_addrs_[0], + sender_external_address0)); + + // Send traffic to other public IP, verify that it uses a different pinhole + nr_transport_addr sender_external_address1; + ASSERT_TRUE(CheckConnectivity(private_addrs_[0], + public_addrs_[1], + &sender_external_address1)); + ASSERT_TRUE(nr_transport_addr_cmp(&sender_external_address0, + &sender_external_address1, + NR_TRANSPORT_ADDR_CMP_MODE_ALL)) + << "addr1: " << sender_external_address0.as_string << " addr2: " + << sender_external_address1.as_string; + + // Verify that return traffic works + ASSERT_TRUE(CheckConnectivityVia(public_addrs_[1], + private_addrs_[0], + sender_external_address1)); + + // Verify that other public IP can use the original pinhole + ASSERT_TRUE(CheckConnectivityVia(public_addrs_[0], + private_addrs_[0], + sender_external_address1)); +} + +TEST_F(TestNrSocketTest, Symmetric) { + nsRefPtr nat(CreatePrivateAddrs(1)); + nat->filtering_type_ = TestNat::PORT_DEPENDENT; + nat->mapping_type_ = TestNat::PORT_DEPENDENT; + CreatePublicAddrs(2); + + nr_transport_addr sender_external_address; + // Open pinhole to public IP 0 + ASSERT_TRUE(CheckConnectivity(private_addrs_[0], + public_addrs_[0], + &sender_external_address)); + + // Verify that return traffic works + ASSERT_TRUE(CheckConnectivityVia(public_addrs_[0], + private_addrs_[0], + sender_external_address)); + + // Verify that other public IP cannot use the pinhole + ASSERT_FALSE(CheckConnectivityVia(public_addrs_[1], + private_addrs_[0], + sender_external_address)); + + // Send traffic to other public IP, verify that it uses a new pinhole + nr_transport_addr sender_external_address2; + ASSERT_TRUE(CheckConnectivity(private_addrs_[0], + public_addrs_[1], + &sender_external_address2)); + ASSERT_TRUE(nr_transport_addr_cmp(&sender_external_address, + &sender_external_address2, + NR_TRANSPORT_ADDR_CMP_MODE_ALL)); + + // Verify that the other public IP can use the new pinhole + ASSERT_TRUE(CheckConnectivityVia(public_addrs_[1], + private_addrs_[0], + sender_external_address2)); +} + +TEST_F(TestNrSocketTest, BlockUdp) { + nsRefPtr nat(CreatePrivateAddrs(2)); + nat->block_udp_ = true; + CreatePublicAddrs(1); + + nr_transport_addr sender_external_address; + ASSERT_FALSE(CheckConnectivity(private_addrs_[0], + public_addrs_[0], + &sender_external_address)); + + // Make sure UDP behind the NAT still works + ASSERT_TRUE(CheckConnectivity(private_addrs_[0], + private_addrs_[1])); + ASSERT_TRUE(CheckConnectivity(private_addrs_[1], + private_addrs_[0])); +} + +TEST_F(TestNrSocketTest, DenyHairpinning) { + nsRefPtr nat(CreatePrivateAddrs(2)); + nat->filtering_type_ = TestNat::ENDPOINT_INDEPENDENT; + nat->mapping_type_ = TestNat::ENDPOINT_INDEPENDENT; + CreatePublicAddrs(1); + + nr_transport_addr sender_external_address; + // Open pinhole to public IP 0 + ASSERT_TRUE(CheckConnectivity(private_addrs_[0], + public_addrs_[0], + &sender_external_address)); + + // Verify that hairpinning is disallowed + ASSERT_FALSE(CheckConnectivityVia(private_addrs_[1], + private_addrs_[0], + sender_external_address)); +} + +TEST_F(TestNrSocketTest, AllowHairpinning) { + nsRefPtr nat(CreatePrivateAddrs(2)); + nat->filtering_type_ = TestNat::ENDPOINT_INDEPENDENT; + nat->mapping_type_ = TestNat::ENDPOINT_INDEPENDENT; + nat->mapping_timeout_ = 30000; + nat->allow_hairpinning_ = true; + CreatePublicAddrs(1); + + nr_transport_addr sender_external_address; + // Open pinhole to public IP 0, obtain external address + ASSERT_TRUE(CheckConnectivity(private_addrs_[0], + public_addrs_[0], + &sender_external_address)); + + // Verify that hairpinning is allowed + ASSERT_TRUE(CheckConnectivityVia(private_addrs_[1], + private_addrs_[0], + sender_external_address)); +} + +TEST_F(TestNrSocketTest, FullConeTimeout) { + nsRefPtr nat(CreatePrivateAddrs(1)); + nat->filtering_type_ = TestNat::ENDPOINT_INDEPENDENT; + nat->mapping_type_ = TestNat::ENDPOINT_INDEPENDENT; + nat->mapping_timeout_ = 200; + CreatePublicAddrs(2); + + nr_transport_addr sender_external_address; + // Open pinhole to public IP 0 + ASSERT_TRUE(CheckConnectivity(private_addrs_[0], + public_addrs_[0], + &sender_external_address)); + + // Verify that return traffic works + ASSERT_TRUE(CheckConnectivityVia(public_addrs_[0], + private_addrs_[0], + sender_external_address)); + + PR_Sleep(201); + + // Verify that return traffic does not work + ASSERT_FALSE(CheckConnectivityVia(public_addrs_[0], + private_addrs_[0], + sender_external_address)); +} + +// TODO(): We need TCP tests, but first we will need ICE TCP to land (this +// adds listen/accept support to NrSocket) + +int main(int argc, char **argv) +{ + // Inits STS and some other stuff. + MtransportTestUtils test_utils; + + NR_reg_init(NR_REG_MODE_LOCAL); + + // Start the tests + ::testing::InitGoogleTest(&argc, argv); + + int rv = RUN_ALL_TESTS(); + + return rv; +} diff --git a/media/mtransport/test/turn_unittest.cpp b/media/mtransport/test/turn_unittest.cpp index 898d0439d54..b1e53c7a17d 100644 --- a/media/mtransport/test/turn_unittest.cpp +++ b/media/mtransport/test/turn_unittest.cpp @@ -119,7 +119,7 @@ class TurnClient : public ::testing::Test { r = nr_ip4_port_to_transport_addr(0, 0, protocol_, &addr); ASSERT_EQ(0, r); - r = nr_socket_local_create(&addr, &real_socket_); + r = nr_socket_local_create(nullptr, &addr, &real_socket_); ASSERT_EQ(0, r); if (protocol_ == IPPROTO_TCP) { diff --git a/media/mtransport/test_nr_socket.cpp b/media/mtransport/test_nr_socket.cpp new file mode 100644 index 00000000000..1d6c8ca195d --- /dev/null +++ b/media/mtransport/test_nr_socket.cpp @@ -0,0 +1,763 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* +*/ + +/* +Based partially on original code from nICEr and nrappkit. + +nICEr copyright: + +Copyright (c) 2007, Adobe Systems, Incorporated +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + +* Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + +* Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +* Neither the name of Adobe Systems, Network Resonance nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +nrappkit copyright: + + Copyright (C) 2001-2003, Network Resonance, Inc. + Copyright (C) 2006, Network Resonance, Inc. + All Rights Reserved + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. Neither the name of Network Resonance, Inc. nor the name of any + contributors to this software may be used to endorse or promote + products derived from this software without specific prior written + permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE + LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + + + ekr@rtfm.com Thu Dec 20 20:14:49 2001 +*/ + +// Original author: bcampen@mozilla.com [:bwc] + +extern "C" { +#include "stun_msg.h" // for NR_STUN_MAX_MESSAGE_SIZE +#include "nr_api.h" +#include "async_wait.h" +#include "nr_socket.h" +#include "nr_socket_local.h" +#include "stun_hint.h" +#include "transport_addr.h" +} + +#include "mozilla/RefPtr.h" +#include "test_nr_socket.h" +#include "runnable_utils.h" + +namespace mozilla { + +static int test_nat_socket_create(void *obj, + nr_transport_addr *addr, + nr_socket **sockp) { + RefPtr sock = new TestNrSocket(static_cast(obj)); + + int r, _status; + + r = sock->create(addr); + if (r) + ABORT(r); + + r = nr_socket_create_int(static_cast(sock), + sock->vtbl(), sockp); + if (r) + ABORT(r); + + _status = 0; + + { + // We will release this reference in destroy(), not exactly the normal + // ownership model, but it is what it is. + NrSocketBase *dummy = sock.forget().take(); + (void)dummy; + } + +abort: + return _status; +} + +static int test_nat_socket_factory_destroy(void **obj) { + TestNat *nat = static_cast(*obj); + *obj = nullptr; + nat->Release(); + return 0; +} + +static nr_socket_factory_vtbl test_nat_socket_factory_vtbl = { + test_nat_socket_create, + test_nat_socket_factory_destroy +}; + +bool TestNat::has_port_mappings() const { + for (TestNrSocket *sock : sockets_) { + if (sock->has_port_mappings()) { + return true; + } + } + return false; +} + +bool TestNat::is_my_external_tuple(const nr_transport_addr &addr) const { + for (TestNrSocket *sock : sockets_) { + if (sock->is_my_external_tuple(addr)) { + return true; + } + } + + return false; +} + +bool TestNat::is_an_internal_tuple(const nr_transport_addr &addr) const { + for (TestNrSocket *sock : sockets_) { + nr_transport_addr addr_behind_nat; + if (sock->getaddr(&addr_behind_nat)) { + MOZ_CRASH("TestNrSocket::getaddr failed!"); + } + + // TODO(bug 1170299): Remove const_cast when no longer necessary + if (!nr_transport_addr_cmp(const_cast(&addr), + &addr_behind_nat, + NR_TRANSPORT_ADDR_CMP_MODE_ALL)) { + return true; + } + } + return false; +} + +int TestNat::create_socket_factory(nr_socket_factory **factorypp) { + int r = nr_socket_factory_create_int(this, + &test_nat_socket_factory_vtbl, + factorypp); + if (!r) { + AddRef(); + } + return r; +} + +TestNrSocket::TestNrSocket(TestNat *nat) + : nat_(nat) { + nat_->insert_socket(this); +} + +TestNrSocket::~TestNrSocket() { + nat_->erase_socket(this); +} + +nsRefPtr TestNrSocket::create_external_socket( + const nr_transport_addr &dest_addr) const { + MOZ_ASSERT(nat_->enabled_); + MOZ_ASSERT(!nat_->is_an_internal_tuple(dest_addr)); + + int r; + nr_transport_addr nat_external_addr; + + // Open the socket on an arbitrary port, on the same address. + // TODO(bug 1170299): Remove const_cast when no longer necessary + if ((r = nr_transport_addr_copy(&nat_external_addr, + const_cast(&my_addr_)))) { + r_log(LOG_GENERIC,LOG_CRIT, "%s: Failure in nr_transport_addr_copy: %d", + __FUNCTION__, r); + return nullptr; + } + + if ((r = nr_transport_addr_set_port(&nat_external_addr, 0))) { + r_log(LOG_GENERIC,LOG_CRIT, "%s: Failure in nr_transport_addr_set_port: %d", + __FUNCTION__, r); + return nullptr; + } + + nsRefPtr external_socket = new NrSocket; + + if ((r = external_socket->create(&nat_external_addr))) { + r_log(LOG_GENERIC,LOG_CRIT, "%s: Failure in NrSocket::create: %d", + __FUNCTION__, r); + return nullptr; + } + + return external_socket; +} + +int TestNrSocket::sendto(const void *msg, size_t len, + int flags, nr_transport_addr *to) { + MOZ_ASSERT(my_addr_.protocol != IPPROTO_TCP); + ASSERT_ON_THREAD(ststhread_); + + if (!nat_->enabled_ || nat_->is_an_internal_tuple(*to)) { + return NrSocket::sendto(msg, len, flags, to); + } + + destroy_stale_port_mappings(); + + if (to->protocol == IPPROTO_UDP && nat_->block_udp_) { + // Silently eat the packet + return 0; + } + + // Choose our port mapping based on our most selective criteria + PortMapping *port_mapping = get_port_mapping(*to, + std::max(nat_->filtering_type_, + nat_->mapping_type_)); + + if (!port_mapping) { + // See if we have already made the external socket we need to use. + PortMapping *similar_port_mapping = + get_port_mapping(*to, nat_->mapping_type_); + nsRefPtr external_socket; + + if (similar_port_mapping) { + external_socket = similar_port_mapping->external_socket_; + } else { + external_socket = create_external_socket(*to); + if (!external_socket) { + MOZ_ASSERT(false); + return R_INTERNAL; + } + } + + port_mapping = create_port_mapping(*to, external_socket); + port_mappings_.push_back(port_mapping); + + if (poll_flags() & PR_POLL_READ) { + // Make sure the new port mapping is ready to receive traffic if the + // TestNrSocket is already waiting. + port_mapping->async_wait(NR_ASYNC_WAIT_READ, + port_mapping_readable_callback, + this, + (char*)__FUNCTION__, + __LINE__); + } + } + + // We probably don't want to propagate the flags, since this is a simulated + // external IP address. + return port_mapping->sendto(msg, len, *to); +} + +int TestNrSocket::recvfrom(void *buf, size_t maxlen, + size_t *len, int flags, + nr_transport_addr *from) { + MOZ_ASSERT(my_addr_.protocol != IPPROTO_TCP); + ASSERT_ON_THREAD(ststhread_); + + int r; + bool ingress_allowed = false; + + if (readable_socket_) { + // If any of the external sockets got data, see if it will be passed through + r = readable_socket_->recvfrom(buf, maxlen, len, 0, from); + readable_socket_ = nullptr; + if (!r) { + PortMapping *port_mapping_used; + ingress_allowed = allow_ingress(*from, &port_mapping_used); + if (ingress_allowed && nat_->refresh_on_ingress_ && port_mapping_used) { + port_mapping_used->last_used_ = PR_IntervalNow(); + } + } + } else { + // If no external socket has data, see if there's any data that was sent + // directly to the TestNrSocket, and eat it if it isn't supposed to get + // through. + r = NrSocket::recvfrom(buf, maxlen, len, flags, from); + if (!r) { + // We do not use allow_ingress() here because that only handles traffic + // landing on an external port. + ingress_allowed = (!nat_->enabled_ || + nat_->is_an_internal_tuple(*from)); + if (!ingress_allowed) { + r_log(LOG_GENERIC, LOG_INFO, "TestNrSocket %s denying ingress from %s: " + "Not behind the same NAT", + my_addr_.as_string, + from->as_string); + } + } + } + + // Kinda lame that we are forced to give the app a readable callback and then + // say "Oh, never mind...", but the alternative is to totally decouple the + // callbacks from STS and the callbacks the app sets. On the bright side, this + // speeds up unit tests where we are verifying that ingress is forbidden, + // since they'll get a readable callback and then an error, instead of having + // to wait for a timeout. + if (!ingress_allowed) { + *len = 0; + r = R_WOULDBLOCK; + } + + return r; +} + +bool TestNrSocket::allow_ingress(const nr_transport_addr &from, + PortMapping **port_mapping_used) const { + *port_mapping_used = nullptr; + if (!nat_->enabled_) + return true; + + if (nat_->is_an_internal_tuple(from)) + return true; + + *port_mapping_used = get_port_mapping(from, nat_->filtering_type_); + if (!(*port_mapping_used)) { + r_log(LOG_GENERIC, LOG_INFO, "TestNrSocket %s denying ingress from %s: " + "Filtered", + my_addr_.as_string, + from.as_string); + return false; + } + + if (is_port_mapping_stale(**port_mapping_used)) { + r_log(LOG_GENERIC, LOG_INFO, "TestNrSocket %s denying ingress from %s: " + "Stale port mapping", + my_addr_.as_string, + from.as_string); + return false; + } + + if (!nat_->allow_hairpinning_ && nat_->is_my_external_tuple(from)) { + r_log(LOG_GENERIC, LOG_INFO, "TestNrSocket %s denying ingress from %s: " + "Hairpinning disallowed", + my_addr_.as_string, + from.as_string); + return false; + } + + return true; +} + +int TestNrSocket::connect(nr_transport_addr *addr) { + ASSERT_ON_THREAD(ststhread_); + + if (connect_invoked_ || !port_mappings_.empty()) { + MOZ_CRASH("TestNrSocket::connect() called more than once!"); + return R_INTERNAL; + } + + if (!nat_->enabled_ || nat_->is_an_internal_tuple(*addr)) { + // This will set connect_invoked_ + return NrSocket::connect(addr); + } + + nsRefPtr external_socket(create_external_socket(*addr)); + if (!external_socket) { + return R_INTERNAL; + } + + PortMapping *port_mapping = create_port_mapping(*addr, external_socket); + port_mappings_.push_back(port_mapping); + port_mapping->external_socket_->connect(addr); + port_mapping->last_used_ = PR_IntervalNow(); + + if (poll_flags() & PR_POLL_READ) { + port_mapping->async_wait(NR_ASYNC_WAIT_READ, + port_mapping_tcp_passthrough_callback, + this, + (char*)__FUNCTION__, + __LINE__); + } + + return 0; +} + +int TestNrSocket::write(const void *msg, size_t len, size_t *written) { + ASSERT_ON_THREAD(ststhread_); + + if (port_mappings_.empty()) { + // The no-nat case, just pass call through. + r_log(LOG_GENERIC, LOG_INFO, "TestNrSocket %s writing", + my_addr().as_string); + + return NrSocket::write(msg, len, written); + } else { + // This is TCP only + MOZ_ASSERT(port_mappings_.size() == 1); + r_log(LOG_GENERIC, LOG_INFO, + "PortMapping %s -> %s writing", + port_mappings_.front()->external_socket_->my_addr().as_string, + port_mappings_.front()->remote_address_.as_string); + + return port_mappings_.front()->external_socket_->write(msg, len, written); + } +} + +int TestNrSocket::read(void *buf, size_t maxlen, size_t *len) { + ASSERT_ON_THREAD(ststhread_); + + if (port_mappings_.empty()) { + return NrSocket::read(buf, maxlen, len); + } else { + MOZ_ASSERT(port_mappings_.size() == 1); + return port_mappings_.front()->external_socket_->read(buf, maxlen, len); + } +} + +int TestNrSocket::async_wait(int how, NR_async_cb cb, void *cb_arg, + char *function, int line) { + ASSERT_ON_THREAD(ststhread_); + + // Make sure we're waiting on the socket for the internal address + int r = NrSocket::async_wait(how, cb, cb_arg, function, line); + + if (r) { + return r; + } + + r_log(LOG_GENERIC, LOG_DEBUG, "TestNrSocket %s waiting for %s", + my_addr_.as_string, + how == NR_ASYNC_WAIT_READ ? "read" : "write"); + + if (is_tcp_connection_behind_nat()) { + // Bypass all port-mapping related logic + return 0; + } + + if (my_addr_.protocol == IPPROTO_TCP) { + // For a TCP connection through a simulated NAT, these signals are + // just passed through. + MOZ_ASSERT(port_mappings_.size() == 1); + + return port_mappings_.front()->async_wait( + how, + port_mapping_tcp_passthrough_callback, + this, + function, + line); + } else if (how == NR_ASYNC_WAIT_READ) { + // For UDP port mappings, we decouple the writeable callbacks + for (PortMapping *port_mapping : port_mappings_) { + // Be ready to receive traffic on our port mappings + r = port_mapping->async_wait(how, + port_mapping_readable_callback, + this, + function, + line); + if (r) { + return r; + } + } + } + + return 0; +} + +void TestNrSocket::cancel_port_mapping_async_wait(int how) { + for (PortMapping *port_mapping : port_mappings_) { + port_mapping->cancel(how); + } +} + +int TestNrSocket::cancel(int how) { + ASSERT_ON_THREAD(ststhread_); + + r_log(LOG_GENERIC, LOG_DEBUG, "TestNrSocket %s stop waiting for %s", + my_addr_.as_string, + how == NR_ASYNC_WAIT_READ ? "read" : "write"); + + // Writable callbacks are decoupled except for the TCP case + if (how == NR_ASYNC_WAIT_READ || my_addr_.protocol == IPPROTO_TCP) { + cancel_port_mapping_async_wait(how); + } + + return NrSocket::cancel(how); +} + +bool TestNrSocket::has_port_mappings() const { + return !port_mappings_.empty(); +} + +bool TestNrSocket::is_my_external_tuple(const nr_transport_addr &addr) const { + for (PortMapping *port_mapping : port_mappings_) { + nr_transport_addr port_mapping_addr; + if (port_mapping->external_socket_->getaddr(&port_mapping_addr)) { + MOZ_CRASH("NrSocket::getaddr failed!"); + } + + // TODO(bug 1170299): Remove const_cast when no longer necessary + if (!nr_transport_addr_cmp(const_cast(&addr), + &port_mapping_addr, + NR_TRANSPORT_ADDR_CMP_MODE_ALL)) { + return true; + } + } + return false; +} + +bool TestNrSocket::is_port_mapping_stale( + const PortMapping &port_mapping) const { + PRIntervalTime now = PR_IntervalNow(); + PRIntervalTime elapsed_ticks = now - port_mapping.last_used_; + uint32_t idle_duration = PR_IntervalToMilliseconds(elapsed_ticks); + return idle_duration > nat_->mapping_timeout_; +} + +void TestNrSocket::destroy_stale_port_mappings() { + for (auto i = port_mappings_.begin(); i != port_mappings_.end();) { + auto temp = i; + ++i; + if (is_port_mapping_stale(**temp)) { + r_log(LOG_GENERIC, LOG_INFO, + "TestNrSocket %s destroying port mapping %s -> %s", + my_addr_.as_string, + (*temp)->external_socket_->my_addr().as_string, + (*temp)->remote_address_.as_string); + + port_mappings_.erase(temp); + } + } +} + +void TestNrSocket::port_mapping_readable_callback(void *ext_sock_v, + int how, + void *test_sock_v) { + TestNrSocket *test_socket = static_cast(test_sock_v); + NrSocket *external_socket = static_cast(ext_sock_v); + + test_socket->on_port_mapping_readable(external_socket); +} + +void TestNrSocket::on_port_mapping_readable(NrSocket *external_socket) { + if (!readable_socket_) { + readable_socket_ = external_socket; + } + + // None of our port mappings should be waiting for readable callbacks + // if nobody is waiting for readable callbacks from us. + MOZ_ASSERT(poll_flags() & PR_POLL_READ); + + fire_readable_callback(); +} + +void TestNrSocket::fire_readable_callback() { + MOZ_ASSERT(poll_flags() & PR_POLL_READ); + // Stop listening on all mapped sockets; we will start listening again + // if the app starts listening to us again. + cancel_port_mapping_async_wait(NR_ASYNC_WAIT_READ); + r_log(LOG_GENERIC, LOG_DEBUG, "TestNrSocket %s ready for read", + my_addr_.as_string); + fire_callback(NR_ASYNC_WAIT_READ); +} + +void TestNrSocket::port_mapping_writeable_callback(void *ext_sock_v, + int how, + void *test_sock_v) { + TestNrSocket *test_socket = static_cast(test_sock_v); + NrSocket *external_socket = static_cast(ext_sock_v); + + test_socket->write_to_port_mapping(external_socket); +} + +void TestNrSocket::write_to_port_mapping(NrSocket *external_socket) { + MOZ_ASSERT(my_addr_.protocol != IPPROTO_TCP); + + int r = 0; + for (PortMapping *port_mapping : port_mappings_) { + if (port_mapping->external_socket_ == external_socket) { + // If the send succeeds, or if there was nothing to send, we keep going + r = port_mapping->send_from_queue(); + if (r) { + break; + } + } + } + + if (r == R_WOULDBLOCK) { + // Re-register for writeable callbacks, since we still have stuff to send + NR_ASYNC_WAIT(external_socket, + NR_ASYNC_WAIT_WRITE, + &TestNrSocket::port_mapping_writeable_callback, + this); + } +} + +void TestNrSocket::port_mapping_tcp_passthrough_callback(void *ext_sock_v, + int how, + void *test_sock_v) { + TestNrSocket *test_socket = static_cast(test_sock_v); + r_log(LOG_GENERIC, LOG_INFO, + "TestNrSocket %s firing %s callback", + test_socket->my_addr().as_string, + how == NR_ASYNC_WAIT_READ ? "readable" : "writeable"); + + + test_socket->fire_callback(how); +} + +bool TestNrSocket::is_tcp_connection_behind_nat() const { + return my_addr_.protocol == IPPROTO_TCP && port_mappings_.empty(); +} + +TestNrSocket::PortMapping* TestNrSocket::get_port_mapping( + const nr_transport_addr &remote_address, + TestNat::NatBehavior filter) const { + int compare_flags; + switch (filter) { + case TestNat::ENDPOINT_INDEPENDENT: + compare_flags = NR_TRANSPORT_ADDR_CMP_MODE_PROTOCOL; + break; + case TestNat::ADDRESS_DEPENDENT: + compare_flags = NR_TRANSPORT_ADDR_CMP_MODE_ADDR; + break; + case TestNat::PORT_DEPENDENT: + compare_flags = NR_TRANSPORT_ADDR_CMP_MODE_ALL; + break; + } + + for (PortMapping *port_mapping : port_mappings_) { + // TODO(bug 1170299): Remove const_cast when no longer necessary + if (!nr_transport_addr_cmp(const_cast(&remote_address), + &port_mapping->remote_address_, + compare_flags)) + return port_mapping; + } + return nullptr; +} + +TestNrSocket::PortMapping* TestNrSocket::create_port_mapping( + const nr_transport_addr &remote_address, + const nsRefPtr &external_socket) const { + r_log(LOG_GENERIC, LOG_INFO, "TestNrSocket %s creating port mapping %s -> %s", + my_addr_.as_string, + external_socket->my_addr().as_string, + remote_address.as_string); + + return new PortMapping(remote_address, external_socket); +} + +TestNrSocket::PortMapping::PortMapping( + const nr_transport_addr &remote_address, + const nsRefPtr &external_socket) : + external_socket_(external_socket) { + // TODO(bug 1170299): Remove const_cast when no longer necessary + nr_transport_addr_copy(&remote_address_, + const_cast(&remote_address)); +} + +int TestNrSocket::PortMapping::send_from_queue() { + MOZ_ASSERT(remote_address_.protocol != IPPROTO_TCP); + int r = 0; + + while (!send_queue_.empty()) { + UdpPacket &packet = *send_queue_.front(); + r_log(LOG_GENERIC, LOG_INFO, + "PortMapping %s -> %s sending from queue to %s", + external_socket_->my_addr().as_string, + remote_address_.as_string, + packet.remote_address_.as_string); + + r = external_socket_->sendto(packet.buffer_->data(), + packet.buffer_->len(), + 0, + &packet.remote_address_); + + if (r) { + if (r != R_WOULDBLOCK) { + r_log(LOG_GENERIC, LOG_ERR, "%s: Fatal error %d, stop trying", + __FUNCTION__, r); + send_queue_.clear(); + } else { + r_log(LOG_GENERIC, LOG_INFO, "Would block, will retry later"); + } + break; + } + + send_queue_.pop_front(); + } + + return r; +} + +int TestNrSocket::PortMapping::sendto(const void *msg, + size_t len, + const nr_transport_addr &to) { + MOZ_ASSERT(remote_address_.protocol != IPPROTO_TCP); + r_log(LOG_GENERIC, LOG_INFO, + "PortMapping %s -> %s sending to %s", + external_socket_->my_addr().as_string, + remote_address_.as_string, + to.as_string); + + last_used_ = PR_IntervalNow(); + int r = external_socket_->sendto(msg, len, 0, + // TODO(bug 1170299): Remove const_cast when no longer necessary + const_cast(&to)); + + if (r == R_WOULDBLOCK) { + r_log(LOG_GENERIC, LOG_INFO, "Enqueueing UDP packet to %s", to.as_string); + send_queue_.push_back(nsRefPtr(new UdpPacket(msg, len, to))); + return 0; + } else if (r) { + r_log(LOG_GENERIC,LOG_ERR, "Error: %d", r); + } + + return r; +} + +int TestNrSocket::PortMapping::async_wait(int how, NR_async_cb cb, void *cb_arg, + char *function, int line) { + r_log(LOG_GENERIC, LOG_DEBUG, + "PortMapping %s -> %s waiting for %s", + external_socket_->my_addr().as_string, + remote_address_.as_string, + how == NR_ASYNC_WAIT_READ ? "read" : "write"); + + return external_socket_->async_wait(how, cb, cb_arg, function, line); +} + +int TestNrSocket::PortMapping::cancel(int how) { + r_log(LOG_GENERIC, LOG_DEBUG, + "PortMapping %s -> %s stop waiting for %s", + external_socket_->my_addr().as_string, + remote_address_.as_string, + how == NR_ASYNC_WAIT_READ ? "read" : "write"); + + return external_socket_->cancel(how); +} +} // namespace mozilla + diff --git a/media/mtransport/test_nr_socket.h b/media/mtransport/test_nr_socket.h new file mode 100644 index 00000000000..8fd2f148aa0 --- /dev/null +++ b/media/mtransport/test_nr_socket.h @@ -0,0 +1,283 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ +/* +*/ + +/* +Based partially on original code from nICEr and nrappkit. + +nICEr copyright: + +Copyright (c) 2007, Adobe Systems, Incorporated +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + +* Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + +* Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + +* Neither the name of Adobe Systems, Network Resonance nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +nrappkit copyright: + + Copyright (C) 2001-2003, Network Resonance, Inc. + Copyright (C) 2006, Network Resonance, Inc. + All Rights Reserved + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions + are met: + + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + 3. Neither the name of Network Resonance, Inc. nor the name of any + contributors to this software may be used to endorse or promote + products derived from this software without specific prior written + permission. + + THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS ``AS IS'' + AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE + LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. + + + ekr@rtfm.com Thu Dec 20 20:14:49 2001 +*/ + +// Original author: bcampen@mozilla.com [:bwc] + +#ifndef test_nr_socket__ +#define test_nr_socket__ + +#include "nr_socket_prsock.h" + +extern "C" { +#include "nr_socket.h" +} + +#include +#include +#include +#include + +#include "mozilla/UniquePtr.h" +#include "prinrval.h" + +namespace mozilla { + +class TestNrSocket; + +/** + * A group of TestNrSockets that behave as if they were behind the same NAT. + * @note We deliberately avoid addref/release of TestNrSocket here to avoid + * masking lifetime errors elsewhere. +*/ +class TestNat { + public: + typedef enum { + /** For mapping, one port is used for all destinations. + * For filtering, allow any external address/port. */ + ENDPOINT_INDEPENDENT, + + /** For mapping, one port for each destination address (for any port). + * For filtering, allow incoming traffic from addresses that outgoing + * traffic has been sent to. */ + ADDRESS_DEPENDENT, + + /** For mapping, one port for each destination address/port. + * For filtering, allow incoming traffic only from addresses/ports that + * outgoing traffic has been sent to. */ + PORT_DEPENDENT, + } NatBehavior; + + TestNat() : + enabled_(false), + filtering_type_(ENDPOINT_INDEPENDENT), + mapping_type_(ENDPOINT_INDEPENDENT), + mapping_timeout_(30000), + allow_hairpinning_(false), + refresh_on_ingress_(false), + block_udp_(false), + sockets_() {} + + bool has_port_mappings() const; + + // Helps determine whether we're hairpinning + bool is_my_external_tuple(const nr_transport_addr &addr) const; + bool is_an_internal_tuple(const nr_transport_addr &addr) const; + + int create_socket_factory(nr_socket_factory **factorypp); + + void insert_socket(TestNrSocket *socket) { + sockets_.insert(socket); + } + + void erase_socket(TestNrSocket *socket) { + sockets_.erase(socket); + } + + NS_INLINE_DECL_THREADSAFE_REFCOUNTING(TestNat); + + bool enabled_; + TestNat::NatBehavior filtering_type_; + TestNat::NatBehavior mapping_type_; + uint32_t mapping_timeout_; + bool allow_hairpinning_; + bool refresh_on_ingress_; + bool block_udp_; + + private: + std::set sockets_; + + ~TestNat(){} +}; + +/** + * Subclass of NrSocket that can simulate things like being behind a NAT, packet + * loss, latency, packet rewriting, etc. Also exposes some stuff that assists in + * diagnostics. + */ +class TestNrSocket : public NrSocket { + public: + explicit TestNrSocket(TestNat *nat); + + virtual ~TestNrSocket(); + + bool has_port_mappings() const; + bool is_my_external_tuple(const nr_transport_addr &addr) const; + + // Overrides of NrSocket + int sendto(const void *msg, size_t len, + int flags, nr_transport_addr *to) override; + int recvfrom(void * buf, size_t maxlen, + size_t *len, int flags, + nr_transport_addr *from) override; + int connect(nr_transport_addr *addr) override; + int write(const void *msg, size_t len, size_t *written) override; + int read(void *buf, size_t maxlen, size_t *len) override; + + int async_wait(int how, NR_async_cb cb, void *cb_arg, + char *function, int line) override; + int cancel(int how) override; + + private: + class UdpPacket { + public: + UdpPacket(const void *msg, size_t len, const nr_transport_addr &addr) : + buffer_(new DataBuffer(static_cast(msg), len)) { + // TODO(bug 1170299): Remove const_cast when no longer necessary + nr_transport_addr_copy(&remote_address_, + const_cast(&addr)); + } + + nr_transport_addr remote_address_; + UniquePtr buffer_; + + NS_INLINE_DECL_THREADSAFE_REFCOUNTING(UdpPacket); + private: + ~UdpPacket(){} + }; + + class PortMapping { + public: + PortMapping(const nr_transport_addr &remote_address, + const nsRefPtr &external_socket); + + int sendto(const void *msg, size_t len, const nr_transport_addr &to); + int async_wait(int how, NR_async_cb cb, void *cb_arg, + char *function, int line); + int cancel(int how); + int send_from_queue(); + NS_INLINE_DECL_THREADSAFE_REFCOUNTING(PortMapping); + + PRIntervalTime last_used_; + nsRefPtr external_socket_; + // For non-symmetric, most of the data here doesn't matter + nr_transport_addr remote_address_; + + private: + ~PortMapping(){} + + // If external_socket_ returns E_WOULDBLOCK, we don't want to propagate + // that to the code using the TestNrSocket. We can also perhaps use this + // to help simulate things like latency. + std::list> send_queue_; + }; + + bool is_port_mapping_stale(const PortMapping &port_mapping) const; + bool allow_ingress(const nr_transport_addr &from, + PortMapping **port_mapping_used) const; + void destroy_stale_port_mappings(); + + static void port_mapping_readable_callback(void *ext_sock_v, + int how, + void *test_sock_v); + void on_port_mapping_readable(NrSocket *external_socket); + void fire_readable_callback(); + + static void port_mapping_tcp_passthrough_callback(void *ext_sock_v, + int how, + void *test_sock_v); + void cancel_port_mapping_async_wait(int how); + + static void port_mapping_writeable_callback(void *ext_sock_v, + int how, + void *test_sock_v); + void write_to_port_mapping(NrSocket *external_socket); + bool is_tcp_connection_behind_nat() const; + + PortMapping* get_port_mapping(const nr_transport_addr &remote_addr, + TestNat::NatBehavior filter) const; + PortMapping* create_port_mapping( + const nr_transport_addr &remote_addr, + const nsRefPtr &external_socket) const; + nsRefPtr create_external_socket( + const nr_transport_addr &remote_addr) const; + + nsRefPtr readable_socket_; + nsRefPtr nat_; + // Since our comparison logic is different depending on what kind of NAT + // we simulate, and the STL does not make it very easy to switch out the + // comparison function at runtime, and these lists are going to be very + // small anyway, we just brute-force it. + std::list> port_mappings_; +}; + +} // namespace mozilla + +#endif // test_nr_socket__ + diff --git a/media/mtransport/third_party/nICEr/src/ice/ice_component.c b/media/mtransport/third_party/nICEr/src/ice/ice_component.c index e144793f443..62a6ab33cc0 100644 --- a/media/mtransport/third_party/nICEr/src/ice/ice_component.c +++ b/media/mtransport/third_party/nICEr/src/ice/ice_component.c @@ -196,7 +196,7 @@ static int nr_ice_component_initialize_udp(struct nr_ice_ctx_ *ctx,nr_ice_compon continue; } r_log(LOG_ICE,LOG_DEBUG,"ICE(%s): host address %s",ctx->label,addrs[i].addr.as_string); - if(r=nr_socket_local_create(&addrs[i].addr,&sock)){ + if((r=nr_socket_factory_create_socket(ctx->socket_factory,&addrs[i].addr,&sock))){ r_log(LOG_ICE,LOG_WARNING,"ICE(%s): couldn't create socket for address %s",ctx->label,addrs[i].addr.as_string); continue; } @@ -323,7 +323,7 @@ static int nr_ice_component_initialize_tcp(struct nr_ice_ctx_ *ctx,nr_ice_compon addr.protocol = IPPROTO_TCP; if ((r=nr_transport_addr_fmt_addr_string(&addr))) ABORT(r); - if((r=nr_socket_local_create(&addr, &sock))){ + if((r=nr_socket_factory_create_socket(ctx->socket_factory,&addr,&sock))){ r_log(LOG_ICE,LOG_DEBUG,"ICE(%s): couldn't create socket for address %s",ctx->label,addr.as_string); continue; } diff --git a/media/mtransport/third_party/nICEr/src/ice/ice_ctx.c b/media/mtransport/third_party/nICEr/src/ice/ice_ctx.c index 8eb7da6f814..d866fb1231f 100644 --- a/media/mtransport/third_party/nICEr/src/ice/ice_ctx.c +++ b/media/mtransport/third_party/nICEr/src/ice/ice_ctx.c @@ -54,6 +54,7 @@ static char *RCSSTRING __UNUSED__="$Id: ice_ctx.c,v 1.2 2008/04/28 17:59:01 ekr #include "nr_crypto.h" #include "async_timer.h" #include "util.h" +#include "nr_socket_local.h" int LOG_ICE = 0; @@ -65,6 +66,14 @@ static int nr_ice_fetch_turn_servers(int ct, nr_ice_turn_server **out); #endif /* USE_TURN */ static void nr_ice_ctx_destroy_cb(NR_SOCKET s, int how, void *cb_arg); static int nr_ice_ctx_pair_new_trickle_candidates(nr_ice_ctx *ctx, nr_ice_candidate *cand); +static int no_op(void **obj) { + return 0; +} + +static nr_socket_factory_vtbl default_socket_factory_vtbl = { + nr_socket_local_create, + no_op +}; int nr_ice_fetch_stun_servers(int ct, nr_ice_stun_server **out) { @@ -229,6 +238,12 @@ int nr_ice_ctx_set_turn_tcp_socket_wrapper(nr_ice_ctx *ctx, nr_socket_wrapper_fa return(_status); } +void nr_ice_ctx_set_socket_factory(nr_ice_ctx *ctx, nr_socket_factory *factory) + { + nr_socket_factory_destroy(&ctx->socket_factory); + ctx->socket_factory = factory; + } + #ifdef USE_TURN int nr_ice_fetch_turn_servers(int ct, nr_ice_turn_server **out) { @@ -381,6 +396,9 @@ int nr_ice_ctx_create(char *label, UINT4 flags, nr_ice_ctx **ctxp) ctx->Ta = 20; + if (r=nr_socket_factory_create_int(NULL, &default_socket_factory_vtbl, &ctx->socket_factory)) + ABORT(r); + STAILQ_INIT(&ctx->streams); STAILQ_INIT(&ctx->sockets); STAILQ_INIT(&ctx->foundations); @@ -439,6 +457,7 @@ static void nr_ice_ctx_destroy_cb(NR_SOCKET s, int how, void *cb_arg) nr_resolver_destroy(&ctx->resolver); nr_interface_prioritizer_destroy(&ctx->interface_prioritizer); nr_socket_wrapper_factory_destroy(&ctx->turn_tcp_socket_wrapper); + nr_socket_factory_destroy(&ctx->socket_factory); RFREE(ctx); } diff --git a/media/mtransport/third_party/nICEr/src/ice/ice_ctx.h b/media/mtransport/third_party/nICEr/src/ice/ice_ctx.h index d5cbf262370..2ef2d653f06 100644 --- a/media/mtransport/third_party/nICEr/src/ice/ice_ctx.h +++ b/media/mtransport/third_party/nICEr/src/ice/ice_ctx.h @@ -130,6 +130,7 @@ struct nr_ice_ctx_ { nr_resolver *resolver; /* The resolver to use */ nr_interface_prioritizer *interface_prioritizer; /* Priority decision logic */ nr_socket_wrapper_factory *turn_tcp_socket_wrapper; /* The TURN TCP socket wrapper to use */ + nr_socket_factory *socket_factory; nr_ice_foundation_head foundations; @@ -173,6 +174,7 @@ int nr_ice_ctx_set_turn_servers(nr_ice_ctx *ctx,nr_ice_turn_server *servers, int int nr_ice_ctx_set_resolver(nr_ice_ctx *ctx, nr_resolver *resolver); int nr_ice_ctx_set_interface_prioritizer(nr_ice_ctx *ctx, nr_interface_prioritizer *prioritizer); int nr_ice_ctx_set_turn_tcp_socket_wrapper(nr_ice_ctx *ctx, nr_socket_wrapper_factory *wrapper); +void nr_ice_ctx_set_socket_factory(nr_ice_ctx *ctx, nr_socket_factory *factory); int nr_ice_ctx_set_trickle_cb(nr_ice_ctx *ctx, nr_ice_trickle_candidate_cb cb, void *cb_arg); #define NR_ICE_MAX_ATTRIBUTE_SIZE 256 diff --git a/media/mtransport/third_party/nICEr/src/net/nr_socket.c b/media/mtransport/third_party/nICEr/src/net/nr_socket.c index 9c91a4df190..e158e46e794 100644 --- a/media/mtransport/third_party/nICEr/src/net/nr_socket.c +++ b/media/mtransport/third_party/nICEr/src/net/nr_socket.c @@ -135,3 +135,43 @@ int nr_socket_read(nr_socket *sock,void * restrict buf, size_t maxlen, CHECK_DEFINED(sread); return sock->vtbl->sread(sock->obj, buf, maxlen, len); } + + +int nr_socket_factory_create_int(void *obj, + nr_socket_factory_vtbl *vtbl, nr_socket_factory **factorypp) + { + int _status; + nr_socket_factory *factoryp=0; + + if(!(factoryp=RCALLOC(sizeof(nr_socket_factory)))) + ABORT(R_NO_MEMORY); + + factoryp->obj = obj; + factoryp->vtbl = vtbl; + + *factorypp = factoryp; + + _status=0; + abort: + return(_status); + } + +int nr_socket_factory_destroy(nr_socket_factory **factorypp) + { + nr_socket_factory *factoryp; + + if (!factorypp || !*factorypp) + return (0); + + factoryp = *factorypp; + *factorypp = NULL; + factoryp->vtbl->destroy(&factoryp->obj); + RFREE(factoryp); + return (0); + } + +int nr_socket_factory_create_socket(nr_socket_factory *factory, nr_transport_addr *addr, nr_socket **sockp) + { + return factory->vtbl->create_socket(factory->obj, addr, sockp); + } + diff --git a/media/mtransport/third_party/nICEr/src/net/nr_socket.h b/media/mtransport/third_party/nICEr/src/net/nr_socket.h index ee87f60599d..71c6c418795 100644 --- a/media/mtransport/third_party/nICEr/src/net/nr_socket.h +++ b/media/mtransport/third_party/nICEr/src/net/nr_socket.h @@ -72,6 +72,15 @@ typedef struct nr_socket_ { nr_socket_vtbl *vtbl; } nr_socket; +typedef struct nr_socket_factory_vtbl_ { + int (*create_socket)(void *obj, nr_transport_addr *addr, nr_socket **sockp); + int (*destroy)(void **obj); +} nr_socket_factory_vtbl; + +typedef struct nr_socket_factory_ { + void *obj; + nr_socket_factory_vtbl *vtbl; +} nr_socket_factory; /* To be called by constructors */ int nr_socket_create_int(void *obj, nr_socket_vtbl *vtbl, nr_socket **sockp); @@ -87,5 +96,9 @@ int nr_socket_connect(nr_socket *sock, nr_transport_addr *addr); int nr_socket_write(nr_socket *sock,const void *msg, size_t len, size_t *written, int flags); int nr_socket_read(nr_socket *sock, void * restrict buf, size_t maxlen, size_t *len, int flags); +int nr_socket_factory_create_int(void *obj, nr_socket_factory_vtbl *vtbl, nr_socket_factory **factorypp); +int nr_socket_factory_destroy(nr_socket_factory **factoryp); +int nr_socket_factory_create_socket(nr_socket_factory *factory, nr_transport_addr *addr, nr_socket **sockp); + #endif diff --git a/media/mtransport/third_party/nICEr/src/net/nr_socket_local.h b/media/mtransport/third_party/nICEr/src/net/nr_socket_local.h index b5995307679..a2f813ff668 100644 --- a/media/mtransport/third_party/nICEr/src/net/nr_socket_local.h +++ b/media/mtransport/third_party/nICEr/src/net/nr_socket_local.h @@ -35,7 +35,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #ifndef _nr_socket_local_h #define _nr_socket_local_h -int nr_socket_local_create(nr_transport_addr *addr, nr_socket **sockp); +int nr_socket_local_create(void *obj, nr_transport_addr *addr, nr_socket **sockp); #endif diff --git a/testing/cppunittest.ini b/testing/cppunittest.ini index ab885dc9be0..e4aaa998724 100644 --- a/testing/cppunittest.ini +++ b/testing/cppunittest.ini @@ -87,6 +87,7 @@ skip-if = os == 'b2g' #Bug 919595 [TestWebGLElementArrayCache] [buffered_stun_socket_unittest] [ice_unittest] +[test_nr_socket_unittest] [jsapi-tests] skip-if = os == 'b2g' #Bug 1068946 [mediaconduit_unittests] From bcafda313d41579852a952dadb43ef66889d7697 Mon Sep 17 00:00:00 2001 From: Wes Kocher Date: Wed, 10 Jun 2015 16:03:44 -0700 Subject: [PATCH 070/297] Backed out changeset d73a15153b3b (bug 1168028) for browser_domFullscreen_fullscreenMode.js failures CLOSED TREE --- browser/base/content/browser-fullScreen.js | 11 ++++-- browser/base/content/tab-content.js | 8 ++--- dom/base/nsDocument.cpp | 35 ++++++------------- .../BrowserElementChildPreload.js | 10 +++--- dom/browser-element/BrowserElementParent.js | 4 +-- 5 files changed, 30 insertions(+), 38 deletions(-) diff --git a/browser/base/content/browser-fullScreen.js b/browser/base/content/browser-fullScreen.js index 52134455a5c..1dce6cba7bf 100644 --- a/browser/base/content/browser-fullScreen.js +++ b/browser/base/content/browser-fullScreen.js @@ -9,7 +9,7 @@ var FullScreen = { _MESSAGES: [ "DOMFullscreen:Request", "DOMFullscreen:NewOrigin", - "DOMFullscreen:Exit", + "DOMFullscreen:Exited", ], init: function() { @@ -157,8 +157,13 @@ var FullScreen = { this.showWarning(aMessage.data.originNoSuffix); break; } - case "DOMFullscreen:Exit": { - this._windowUtils.remoteFrameFullscreenReverted(); + case "DOMFullscreen:Exited": { + // Like entering DOM fullscreen, we also need to exit fullscreen + // at the operating system level in the parent process here. + if (this._isRemoteBrowser(browser)) { + this._windowUtils.remoteFrameFullscreenReverted(); + } + this.cleanupDomFullscreen(); break; } } diff --git a/browser/base/content/tab-content.js b/browser/base/content/tab-content.js index e67ce7a05cc..9a55d76c95e 100644 --- a/browser/base/content/tab-content.js +++ b/browser/base/content/tab-content.js @@ -594,7 +594,7 @@ let DOMFullscreenHandler = { addMessageListener("DOMFullscreen:CleanUp", this); addEventListener("MozDOMFullscreen:Request", this); addEventListener("MozDOMFullscreen:NewOrigin", this); - addEventListener("MozDOMFullscreen:Exit", this); + addEventListener("MozDOMFullscreen:Exited", this); }, get _windowUtils() { @@ -610,7 +610,7 @@ let DOMFullscreenHandler = { // If we don't actually have any pending fullscreen request // to handle, neither we have been in fullscreen, tell the // parent to just exit. - sendAsyncMessage("DOMFullscreen:Exit"); + sendAsyncMessage("DOMFullscreen:Exited"); } break; } @@ -643,8 +643,8 @@ let DOMFullscreenHandler = { }); break; } - case "MozDOMFullscreen:Exit": { - sendAsyncMessage("DOMFullscreen:Exit"); + case "MozDOMFullscreen:Exited": { + sendAsyncMessage("DOMFullscreen:Exited"); break; } } diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp index 20b8df1276f..7d27db58795 100644 --- a/dom/base/nsDocument.cpp +++ b/dom/base/nsDocument.cpp @@ -11209,27 +11209,6 @@ nsDocument::RestorePreviousFullScreenState() return; } - // Check whether we are restoring to non-fullscreen state. - bool exitingFullscreen = true; - for (nsIDocument* doc = this; doc; doc = doc->GetParentDocument()) { - if (static_cast(doc)->mFullScreenStack.Length() > 1) { - exitingFullscreen = false; - break; - } - } - if (exitingFullscreen) { - // If we are fully exiting fullscreen, don't touch anything here, - // just wait for the window to get out from fullscreen first. - if (XRE_GetProcessType() == GeckoProcessType_Content) { - (new AsyncEventDispatcher( - this, NS_LITERAL_STRING("MozDOMFullscreen:Exit"), - /* Bubbles */ true, /* ChromeOnly */ true))->PostDOMEvent(); - } else { - SetWindowFullScreen(this, false); - } - return; - } - // If fullscreen mode is updated the pointer should be unlocked UnlockPointer(); @@ -11277,9 +11256,17 @@ nsDocument::RestorePreviousFullScreenState() } } - MOZ_ASSERT(doc, "If we were going to exit from fullscreen on all documents " - "in this doctree, we should've asked the window to exit first " - "instead of reaching here."); + if (doc == nullptr) { + // We moved all documents in this doctree out of fullscreen mode, + // move the top-level window out of fullscreen mode. + NS_ASSERTION(!nsContentUtils::GetRootDocument(this)->IsFullScreenDoc(), + "Should have cleared all docs' stacks"); + nsRefPtr asyncDispatcher = new AsyncEventDispatcher( + this, NS_LITERAL_STRING("MozDOMFullscreen:Exited"), true, true); + asyncDispatcher->PostDOMEvent(); + FullscreenRoots::Remove(this); + SetWindowFullScreen(this, false); + } } bool diff --git a/dom/browser-element/BrowserElementChildPreload.js b/dom/browser-element/BrowserElementChildPreload.js index a52b1b3216d..1b25df49b12 100644 --- a/dom/browser-element/BrowserElementChildPreload.js +++ b/dom/browser-element/BrowserElementChildPreload.js @@ -154,8 +154,8 @@ BrowserElementChild.prototype = { /* useCapture = */ true, /* wantsUntrusted = */ false); - addEventListener("MozDOMFullscreen:Exit", - this._mozExitDomFullscreen.bind(this), + addEventListener("MozDOMFullscreen:Exited", + this._mozExitedDomFullscreen.bind(this), /* useCapture = */ true, /* wantsUntrusted = */ false); @@ -447,7 +447,7 @@ BrowserElementChild.prototype = { // If we don't actually have any pending fullscreen request // to handle, neither we have been in fullscreen, tell the // parent to just exit. - sendAsyncMsg("exit-dom-fullscreen"); + sendAsyncMsg("exited-dom-fullscreen"); } }, @@ -994,8 +994,8 @@ BrowserElementChild.prototype = { }); }, - _mozExitDomFullscreen: function(e) { - sendAsyncMsg("exit-dom-fullscreen"); + _mozExitedDomFullscreen: function(e) { + sendAsyncMsg("exited-dom-fullscreen"); }, _getContentDimensions: function() { diff --git a/dom/browser-element/BrowserElementParent.js b/dom/browser-element/BrowserElementParent.js index bcb0dd73c0c..9e80ad887a4 100644 --- a/dom/browser-element/BrowserElementParent.js +++ b/dom/browser-element/BrowserElementParent.js @@ -199,7 +199,7 @@ BrowserElementParent.prototype = { "got-can-go-forward": this._gotDOMRequestResult, "requested-dom-fullscreen": this._requestedDOMFullscreen, "fullscreen-origin-change": this._fullscreenOriginChange, - "exit-dom-fullscreen": this._exitDomFullscreen, + "exited-dom-fullscreen": this._exitedDomFullscreen, "got-visible": this._gotDOMRequestResult, "visibilitychange": this._childVisibilityChange, "got-set-input-method-active": this._gotDOMRequestResult, @@ -981,7 +981,7 @@ BrowserElementParent.prototype = { this._frameElement, "fullscreen-origin-change", data.json.originNoSuffix); }, - _exitDomFullscreen: function(data) { + _exitedDomFullscreen: function(data) { this._windowUtils.remoteFrameFullscreenReverted(); }, From 29591b5e90374dce14c6066a35ffbcc448dbb5bf Mon Sep 17 00:00:00 2001 From: Wes Kocher Date: Wed, 10 Jun 2015 18:01:02 -0700 Subject: [PATCH 071/297] Backed out changeset 7c72328e341b (bug 1164443) for being the likely cause of test_non-scaling-stroke.html and test_focusedChild.html permafails due to a Windows firewall prompt appearing on the screen CLOSED TREE --- .../mozinstall/mozinstall/mozinstall.py | 33 +++++++++---------- 1 file changed, 16 insertions(+), 17 deletions(-) diff --git a/testing/mozbase/mozinstall/mozinstall/mozinstall.py b/testing/mozbase/mozinstall/mozinstall/mozinstall.py index 27df58ef606..2360660fe47 100755 --- a/testing/mozbase/mozinstall/mozinstall/mozinstall.py +++ b/testing/mozbase/mozinstall/mozinstall/mozinstall.py @@ -10,7 +10,6 @@ import sys import tarfile import time import zipfile -import tempfile import mozfile import mozinfo @@ -94,7 +93,8 @@ def install(src, dest): the installation folder. :param src: Path to the install file - :param dest: Path to install to + :param dest: Path to install to (to ensure we do not overwrite any existent + files the folder should not exist yet) """ src = os.path.realpath(src) dest = os.path.realpath(dest) @@ -102,15 +102,14 @@ def install(src, dest): if not is_installer(src): raise InvalidSource(src + ' is not valid installer file.') + did_we_create = False if not os.path.exists(dest): + did_we_create = True os.makedirs(dest) - else: - # create a subfolder to prevent data loss - dest = tempfile.mkdtemp(prefix="mozinstall", dir=dest) trbk = None - install_dir = None try: + install_dir = None if zipfile.is_zipfile(src) or tarfile.is_tarfile(src): install_dir = mozfile.extract(src, dest)[0] elif src.lower().endswith('.dmg'): @@ -122,17 +121,17 @@ def install(src, dest): except: cls, exc, trbk = sys.exc_info() - # try to uninstall this properly - try: - if install_dir: - uninstall(install_dir) - except: - pass - # remove the dest folder anyway - try: - mozfile.remove(dest) - except: - pass + if did_we_create: + try: + # try to uninstall this properly + uninstall(dest) + except: + # uninstall may fail, let's just try to clean the folder + # in this case + try: + mozfile.remove(dest) + except: + pass if issubclass(cls, Exception): error = InstallError('Failed to install "%s (%s)"' % (src, str(exc))) raise InstallError, error, trbk From b29218f4dd1e1118e4b16a64c0f4e741fcb557c2 Mon Sep 17 00:00:00 2001 From: Ryan VanderMeulen Date: Wed, 10 Jun 2015 22:06:26 -0400 Subject: [PATCH 072/297] Bug 1169243 - Re-enable the tests disabled while investigating these failures now that the underlying machine configuration issue is resolved. --- layout/xul/test/chrome.ini | 2 +- toolkit/components/passwordmgr/test/chrome.ini | 3 +-- toolkit/content/tests/chrome/chrome.ini | 2 -- 3 files changed, 2 insertions(+), 5 deletions(-) diff --git a/layout/xul/test/chrome.ini b/layout/xul/test/chrome.ini index 04a8b2dd336..0dfa1da3190 100644 --- a/layout/xul/test/chrome.ini +++ b/layout/xul/test/chrome.ini @@ -16,7 +16,7 @@ skip-if = buildapp == 'mulet' [test_bug703150.xul] skip-if = buildapp == 'mulet' [test_bug987230.xul] -skip-if = os == 'linux' || (os == 'win' && (os_version == '6.2' || os_version == '6.3')) # No native mousedown event on Linux, bug 1135545 for win8 intermittent failures +skip-if = os == 'linux' # No native mousedown event on Linux [test_popupReflowPos.xul] [test_popupSizeTo.xul] [test_popupZoom.xul] diff --git a/toolkit/components/passwordmgr/test/chrome.ini b/toolkit/components/passwordmgr/test/chrome.ini index a40ec1a8db6..31754515dab 100644 --- a/toolkit/components/passwordmgr/test/chrome.ini +++ b/toolkit/components/passwordmgr/test/chrome.ini @@ -7,5 +7,4 @@ support-files = [test_formless_submit.html] [test_privbrowsing_perwindowpb.html] -# Too many intermittent failures (bug 919016) -skip-if = true +skip-if = true # Bug 1173337 diff --git a/toolkit/content/tests/chrome/chrome.ini b/toolkit/content/tests/chrome/chrome.ini index 2a9625e4e9a..364ddea965c 100644 --- a/toolkit/content/tests/chrome/chrome.ini +++ b/toolkit/content/tests/chrome/chrome.ini @@ -68,7 +68,6 @@ skip-if = buildapp == 'mulet' [test_bug331215.xul] [test_bug360220.xul] [test_bug360437.xul] -skip-if = os == "win" # Intermittent failures, bug 919016 [test_bug365773.xul] [test_bug366992.xul] [test_bug382990.xul] @@ -161,7 +160,6 @@ skip-if = buildapp == 'mulet' [test_scrollbar.xul] skip-if = buildapp == 'mulet' [test_showcaret.xul] -skip-if = os == "win" # Bug 952350 [test_sorttemplate.xul] [test_statusbar.xul] [test_subframe_origin.xul] From aecc0e010b94e4a8aeef2c02daab8486348fbde9 Mon Sep 17 00:00:00 2001 From: Ryan VanderMeulen Date: Wed, 10 Jun 2015 22:06:26 -0400 Subject: [PATCH 073/297] Bug 986458 - Re-enable browser_whitelist7.js on all platforms since the leaks appear to have gone away. --- toolkit/mozapps/extensions/test/xpinstall/browser.ini | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/toolkit/mozapps/extensions/test/xpinstall/browser.ini b/toolkit/mozapps/extensions/test/xpinstall/browser.ini index 9ec3d1d4f5e..13d6c36647e 100644 --- a/toolkit/mozapps/extensions/test/xpinstall/browser.ini +++ b/toolkit/mozapps/extensions/test/xpinstall/browser.ini @@ -41,10 +41,10 @@ support-files = [browser_bug540558.js] [browser_bug611242.js] [browser_bug638292.js] -skip-if = e10s # Bug 1083269 +skip-if = e10s # Bug 1173330 [browser_bug645699.js] -# [browser_bug672485.js] -# disabled due to a leak. See bug 682410. +[browser_bug672485.js] +skip-if = true # disabled due to a leak. See bug 682410. [browser_cancel.js] [browser_concurrent_installs.js] [browser_cookies.js] @@ -94,4 +94,3 @@ skip-if = buildapp == "mulet" [browser_whitelist5.js] [browser_whitelist6.js] [browser_whitelist7.js] -skip-if = (os == 'win' || os == 'mac') && debug # bug 986458 - leaked 1 docshell until shutdown on chunked debug bc From 50830169928e732d9dee02dc7ec2754422456029 Mon Sep 17 00:00:00 2001 From: Sean Stangl Date: Wed, 10 Jun 2015 19:06:12 -0700 Subject: [PATCH 074/297] Bug 1166527 - Import ARM64 Architecture and Assembler. r=nbp --- js/src/jit/arm64/Architecture-arm64.cpp | 75 + js/src/jit/arm64/Architecture-arm64.h | 462 +++ js/src/jit/arm64/Assembler-arm64.cpp | 626 ++++ js/src/jit/arm64/Assembler-arm64.h | 587 ++++ js/src/jit/arm64/AtomicOperations-arm64.h | 104 + js/src/jit/arm64/BaselineIC-arm64.cpp | 2 +- js/src/jit/arm64/MacroAssembler-arm64.cpp | 688 ++++ js/src/jit/arm64/MacroAssembler-arm64.h | 3317 +++++++++++++++++++ js/src/jit/arm64/vixl/MacroAssembler-vixl.h | 3 +- 9 files changed, 5861 insertions(+), 3 deletions(-) create mode 100644 js/src/jit/arm64/Architecture-arm64.cpp create mode 100644 js/src/jit/arm64/Architecture-arm64.h create mode 100644 js/src/jit/arm64/Assembler-arm64.cpp create mode 100644 js/src/jit/arm64/Assembler-arm64.h create mode 100644 js/src/jit/arm64/AtomicOperations-arm64.h create mode 100644 js/src/jit/arm64/MacroAssembler-arm64.cpp create mode 100644 js/src/jit/arm64/MacroAssembler-arm64.h diff --git a/js/src/jit/arm64/Architecture-arm64.cpp b/js/src/jit/arm64/Architecture-arm64.cpp new file mode 100644 index 00000000000..a5e62fb61c8 --- /dev/null +++ b/js/src/jit/arm64/Architecture-arm64.cpp @@ -0,0 +1,75 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- + * vim: set ts=8 sts=4 et sw=4 tw=99: + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "jit/arm64/Architecture-arm64.h" + +#include + +#include "jit/RegisterSets.h" + +namespace js { +namespace jit { + +Registers::Code +Registers::FromName(const char* name) +{ + // Check for some register aliases first. + if (strcmp(name, "ip0") == 0) + return ip0; + if (strcmp(name, "ip1") == 0) + return ip1; + if (strcmp(name, "fp") == 0) + return fp; + + for (uint32_t i = 0; i < Total; i++) { + if (strcmp(GetName(Code(i)), name) == 0) + return Code(i); + } + + return invalid_reg; +} + +FloatRegisters::Code +FloatRegisters::FromName(const char* name) +{ + for (size_t i = 0; i < Total; i++) { + if (strcmp(GetName(Code(i)), name) == 0) + return Code(i); + } + + return invalid_fpreg; +} + +FloatRegisterSet +FloatRegister::ReduceSetForPush(const FloatRegisterSet& s) +{ + LiveFloatRegisterSet ret; + for (FloatRegisterIterator iter(s); iter.more(); ++iter) + ret.addUnchecked(FromCode((*iter).encoding())); + return ret.set(); +} + +uint32_t +FloatRegister::GetSizeInBytes(const FloatRegisterSet& s) +{ + return s.size() * sizeof(double); +} + +uint32_t +FloatRegister::GetPushSizeInBytes(const FloatRegisterSet& s) +{ + return s.size() * sizeof(double); +} + +uint32_t +FloatRegister::getRegisterDumpOffsetInBytes() +{ + // Although registers are 128-bits wide, only the first 64 need saving per ABI. + return encoding() * sizeof(double); +} + +} // namespace jit +} // namespace js diff --git a/js/src/jit/arm64/Architecture-arm64.h b/js/src/jit/arm64/Architecture-arm64.h new file mode 100644 index 00000000000..d46da4c02f3 --- /dev/null +++ b/js/src/jit/arm64/Architecture-arm64.h @@ -0,0 +1,462 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- + * vim: set ts=8 sts=4 et sw=4 tw=99: + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef jit_arm64_Architecture_arm64_h +#define jit_arm64_Architecture_arm64_h + +#include "mozilla/Assertions.h" +#include "mozilla/MathAlgorithms.h" + +#include "js/Utility.h" + +namespace js { +namespace jit { + +// AArch64 has 32 64-bit integer registers, x0 though x31. +// x31 is special and functions as both the stack pointer and a zero register. +// The bottom 32 bits of each of the X registers is accessible as w0 through w31. +// The program counter is no longer accessible as a register. +// SIMD and scalar floating-point registers share a register bank. +// 32 bit float registers are s0 through s31. +// 64 bit double registers are d0 through d31. +// 128 bit SIMD registers are v0 through v31. +// e.g., s0 is the bottom 32 bits of d0, which is the bottom 64 bits of v0. + +// AArch64 Calling Convention: +// x0 - x7: arguments and return value +// x8: indirect result (struct) location +// x9 - x15: temporary registers +// x16 - x17: intra-call-use registers (PLT, linker) +// x18: platform specific use (TLS) +// x19 - x28: callee-saved registers +// x29: frame pointer +// x30: link register + +// AArch64 Calling Convention for Floats: +// d0 - d7: arguments and return value +// d8 - d15: callee-saved registers +// Bits 64:128 are not saved for v8-v15. +// d16 - d31: temporary registers + +// AArch64 does not have soft float. + +class Registers { + public: + enum RegisterID { + w0 = 0, x0 = 0, + w1 = 1, x1 = 1, + w2 = 2, x2 = 2, + w3 = 3, x3 = 3, + w4 = 4, x4 = 4, + w5 = 5, x5 = 5, + w6 = 6, x6 = 6, + w7 = 7, x7 = 7, + w8 = 8, x8 = 8, + w9 = 9, x9 = 9, + w10 = 10, x10 = 10, + w11 = 11, x11 = 11, + w12 = 12, x12 = 12, + w13 = 13, x13 = 13, + w14 = 14, x14 = 14, + w15 = 15, x15 = 15, + w16 = 16, x16 = 16, ip0 = 16, // MacroAssembler scratch register 1. + w17 = 17, x17 = 17, ip1 = 17, // MacroAssembler scratch register 2. + w18 = 18, x18 = 18, tls = 18, // Platform-specific use (TLS). + w19 = 19, x19 = 19, + w20 = 20, x20 = 20, + w21 = 21, x21 = 21, + w22 = 22, x22 = 22, + w23 = 23, x23 = 23, + w24 = 24, x24 = 24, + w25 = 25, x25 = 25, + w26 = 26, x26 = 26, + w27 = 27, x27 = 27, + w28 = 28, x28 = 28, + w29 = 29, x29 = 29, fp = 29, + w30 = 30, x30 = 30, lr = 30, + w31 = 31, x31 = 31, wzr = 31, xzr = 31, sp = 31, // Special: both stack pointer and a zero register. + invalid_reg + }; + typedef uint8_t Code; + typedef uint32_t Encoding; + typedef uint32_t SetType; + + union RegisterContent { + uintptr_t r; + }; + + static uint32_t SetSize(SetType x) { + static_assert(sizeof(SetType) == 4, "SetType must be 32 bits"); + return mozilla::CountPopulation32(x); + } + static uint32_t FirstBit(SetType x) { + return mozilla::CountTrailingZeroes32(x); + } + static uint32_t LastBit(SetType x) { + return 31 - mozilla::CountLeadingZeroes32(x); + } + + static const char* GetName(Code code) { + static const char* const Names[] = + { "x0", "x1", "x2", "x3", "x4", "x5", "x6", "x7", "x8", "x9", + "x10", "x11", "x12", "x13", "x14", "x15", "x16", "x17", "x18", "x19", + "x20", "x21", "x22", "x23", "x24", "x25", "x26", "x27", "x28", "x29", + "lr", "sp", "invalid" }; + return Names[code]; + } + static const char* GetName(uint32_t i) { + MOZ_ASSERT(i < Total); + return GetName(Code(i)); + } + + static Code FromName(const char* name); + + // If SP is used as the base register for a memory load or store, then the value + // of the stack pointer prior to adding any offset must be quadword (16 byte) aligned, + // or else a stack aligment exception will be generated. + static const Code StackPointer = sp; + + static const Code Invalid = invalid_reg; + + static const uint32_t Total = 32; + static const uint32_t TotalPhys = 32; + static const uint32_t Allocatable = 27; // No named special-function registers. + + static const SetType AllMask = 0xFFFFFFFF; + + static const SetType ArgRegMask = + (1 << Registers::x0) | (1 << Registers::x1) | + (1 << Registers::x2) | (1 << Registers::x3) | + (1 << Registers::x4) | (1 << Registers::x5) | + (1 << Registers::x6) | (1 << Registers::x7) | + (1 << Registers::x8); + + static const SetType VolatileMask = + (1 << Registers::x0) | (1 << Registers::x1) | + (1 << Registers::x2) | (1 << Registers::x3) | + (1 << Registers::x4) | (1 << Registers::x5) | + (1 << Registers::x6) | (1 << Registers::x7) | + (1 << Registers::x8) | (1 << Registers::x9) | + (1 << Registers::x10) | (1 << Registers::x11) | + (1 << Registers::x11) | (1 << Registers::x12) | + (1 << Registers::x13) | (1 << Registers::x14) | + (1 << Registers::x14) | (1 << Registers::x15) | + (1 << Registers::x16) | (1 << Registers::x17) | + (1 << Registers::x18); + + static const SetType NonVolatileMask = + (1 << Registers::x19) | (1 << Registers::x20) | + (1 << Registers::x21) | (1 << Registers::x22) | + (1 << Registers::x23) | (1 << Registers::x24) | + (1 << Registers::x25) | (1 << Registers::x26) | + (1 << Registers::x27) | (1 << Registers::x28) | + (1 << Registers::x29) | (1 << Registers::x30); + + static const SetType SingleByteRegs = VolatileMask | NonVolatileMask; + + static const SetType NonAllocatableMask = + (1 << Registers::x28) | // PseudoStackPointer. + (1 << Registers::ip0) | // First scratch register. + (1 << Registers::ip1) | // Second scratch register. + (1 << Registers::tls) | + (1 << Registers::lr) | + (1 << Registers::sp); + + // Registers that can be allocated without being saved, generally. + static const SetType TempMask = VolatileMask & ~NonAllocatableMask; + + static const SetType WrapperMask = VolatileMask; + + // Registers returned from a JS -> JS call. + static const SetType JSCallMask = (1 << Registers::x2); + + // Registers returned from a JS -> C call. + static const SetType CallMask = (1 << Registers::x0); + + static const SetType AllocatableMask = AllMask & ~NonAllocatableMask; +}; + +// Smallest integer type that can hold a register bitmask. +typedef uint32_t PackedRegisterMask; + +template +class TypedRegisterSet; + +class FloatRegisters +{ + public: + enum FPRegisterID { + s0 = 0, d0 = 0, v0 = 0, + s1 = 1, d1 = 1, v1 = 1, + s2 = 2, d2 = 2, v2 = 2, + s3 = 3, d3 = 3, v3 = 3, + s4 = 4, d4 = 4, v4 = 4, + s5 = 5, d5 = 5, v5 = 5, + s6 = 6, d6 = 6, v6 = 6, + s7 = 7, d7 = 7, v7 = 7, + s8 = 8, d8 = 8, v8 = 8, + s9 = 9, d9 = 9, v9 = 9, + s10 = 10, d10 = 10, v10 = 10, + s11 = 11, d11 = 11, v11 = 11, + s12 = 12, d12 = 12, v12 = 12, + s13 = 13, d13 = 13, v13 = 13, + s14 = 14, d14 = 14, v14 = 14, + s15 = 15, d15 = 15, v15 = 15, + s16 = 16, d16 = 16, v16 = 16, + s17 = 17, d17 = 17, v17 = 17, + s18 = 18, d18 = 18, v18 = 18, + s19 = 19, d19 = 19, v19 = 19, + s20 = 20, d20 = 20, v20 = 20, + s21 = 21, d21 = 21, v21 = 21, + s22 = 22, d22 = 22, v22 = 22, + s23 = 23, d23 = 23, v23 = 23, + s24 = 24, d24 = 24, v24 = 24, + s25 = 25, d25 = 25, v25 = 25, + s26 = 26, d26 = 26, v26 = 26, + s27 = 27, d27 = 27, v27 = 27, + s28 = 28, d28 = 28, v28 = 28, + s29 = 29, d29 = 29, v29 = 29, + s30 = 30, d30 = 30, v30 = 30, + s31 = 31, d31 = 31, v31 = 31, // Scratch register. + invalid_fpreg + }; + typedef uint8_t Code; + typedef FPRegisterID Encoding; + typedef uint64_t SetType; + + static const char* GetName(Code code) { + static const char* const Names[] = + { "d0", "d1", "d2", "d3", "d4", "d5", "d6", "d7", "d8", "d9", + "d10", "d11", "d12", "d13", "d14", "d15", "d16", "d17", "d18", "d19", + "d20", "d21", "d22", "d23", "d24", "d25", "d26", "d27", "d28", "d29", + "d30", "d31", "invalid" }; + return Names[code]; + } + + static const char* GetName(uint32_t i) { + MOZ_ASSERT(i < TotalPhys); + return GetName(Code(i)); + } + + static Code FromName(const char* name); + + static const Code Invalid = invalid_fpreg; + + static const uint32_t Total = 64; + static const uint32_t TotalPhys = 32; + static const SetType AllMask = 0xFFFFFFFFFFFFFFFFULL; + static const SetType AllPhysMask = 0xFFFFFFFFULL; + static const SetType SpreadCoefficient = 0x100000001ULL; + + static const uint32_t Allocatable = 31; // Without d31, the scratch register. + + // d31 is the ScratchFloatReg. + static const SetType NonVolatileMask = + SetType((1 << FloatRegisters::d8) | (1 << FloatRegisters::d9) | + (1 << FloatRegisters::d10) | (1 << FloatRegisters::d11) | + (1 << FloatRegisters::d12) | (1 << FloatRegisters::d13) | + (1 << FloatRegisters::d14) | (1 << FloatRegisters::d15) | + (1 << FloatRegisters::d16) | (1 << FloatRegisters::d17) | + (1 << FloatRegisters::d18) | (1 << FloatRegisters::d19) | + (1 << FloatRegisters::d20) | (1 << FloatRegisters::d21) | + (1 << FloatRegisters::d22) | (1 << FloatRegisters::d23) | + (1 << FloatRegisters::d24) | (1 << FloatRegisters::d25) | + (1 << FloatRegisters::d26) | (1 << FloatRegisters::d27) | + (1 << FloatRegisters::d28) | (1 << FloatRegisters::d29) | + (1 << FloatRegisters::d30)) * SpreadCoefficient; + + static const SetType VolatileMask = AllMask & ~NonVolatileMask; + static const SetType AllDoubleMask = AllMask; + + static const SetType WrapperMask = VolatileMask; + + // d31 is the ScratchFloatReg. + static const SetType NonAllocatableMask = (SetType(1) << FloatRegisters::d31) * SpreadCoefficient; + + // Registers that can be allocated without being saved, generally. + static const SetType TempMask = VolatileMask & ~NonAllocatableMask; + + static const SetType AllocatableMask = AllMask & ~NonAllocatableMask; + union RegisterContent { + float s; + double d; + }; + enum Kind { + Double, + Single + }; +}; + +// In bytes: slots needed for potential memory->memory move spills. +// +8 for cycles +// +8 for gpr spills +// +8 for double spills +static const uint32_t ION_FRAME_SLACK_SIZE = 24; + +static const uint32_t ShadowStackSpace = 0; + +static const uint32_t ABIStackAlignment = 16; +static const uint32_t CodeAlignment = 16; +static const bool StackKeptAligned = false; + +// Although sp is only usable if 16-byte alignment is kept, +// the Pseudo-StackPointer enables use of 8-byte alignment. +static const uint32_t StackAlignment = 8; +static const uint32_t NativeFrameSize = 8; + +struct FloatRegister +{ + typedef FloatRegisters Codes; + typedef Codes::Code Code; + typedef Codes::Encoding Encoding; + typedef Codes::SetType SetType; + + union RegisterContent { + float s; + double d; + }; + + constexpr FloatRegister(uint32_t code, FloatRegisters::Kind k) + : code_(FloatRegisters::Code(code & 31)), + k_(k) + { } + + constexpr FloatRegister(uint32_t code) + : code_(FloatRegisters::Code(code & 31)), + k_(FloatRegisters::Kind(code >> 5)) + { } + + constexpr FloatRegister() + : code_(FloatRegisters::Code(-1)), + k_(FloatRegisters::Double) + { } + + static uint32_t SetSize(SetType x) { + static_assert(sizeof(SetType) == 8, "SetType must be 64 bits"); + x |= x >> FloatRegisters::TotalPhys; + x &= FloatRegisters::AllPhysMask; + return mozilla::CountPopulation32(x); + } + + static FloatRegister FromCode(uint32_t i) { + MOZ_ASSERT(i < FloatRegisters::Total); + FloatRegister r(i); + return r; + } + Code code() const { + MOZ_ASSERT((uint32_t)code_ < FloatRegisters::Total); + return Code(code_ | (k_ << 5)); + } + Encoding encoding() const { + return Encoding(code_); + } + + const char* name() const { + return FloatRegisters::GetName(code()); + } + bool volatile_() const { + return !!((SetType(1) << code()) & FloatRegisters::VolatileMask); + } + bool operator!=(FloatRegister other) const { + return other.code_ != code_ || other.k_ != k_; + } + bool operator==(FloatRegister other) const { + return other.code_ == code_ && other.k_ == k_; + } + bool aliases(FloatRegister other) const { + return other.code_ == code_; + } + uint32_t numAliased() const { + return 2; + } + static FloatRegisters::Kind otherkind(FloatRegisters::Kind k) { + if (k == FloatRegisters::Double) + return FloatRegisters::Single; + return FloatRegisters::Double; + } + void aliased(uint32_t aliasIdx, FloatRegister* ret) { + if (aliasIdx == 0) + *ret = *this; + else + *ret = FloatRegister(code_, otherkind(k_)); + } + // This function mostly exists for the ARM backend. It is to ensure that two + // floating point registers' types are equivalent. e.g. S0 is not equivalent + // to D16, since S0 holds a float32, and D16 holds a Double. + // Since all floating point registers on x86 and x64 are equivalent, it is + // reasonable for this function to do the same. + bool equiv(FloatRegister other) const { + return k_ == other.k_; + } + MOZ_CONSTEXPR uint32_t size() const { + return k_ == FloatRegisters::Double ? sizeof(double) : sizeof(float); + } + uint32_t numAlignedAliased() { + return numAliased(); + } + void alignedAliased(uint32_t aliasIdx, FloatRegister* ret) { + MOZ_ASSERT(aliasIdx == 0); + aliased(aliasIdx, ret); + } + SetType alignedOrDominatedAliasedSet() const { + return Codes::SpreadCoefficient << code_; + } + + bool isSingle() const { + return k_ == FloatRegisters::Single; + } + bool isDouble() const { + return k_ == FloatRegisters::Double; + } + bool isInt32x4() const { + return false; + } + bool isFloat32x4() const { + return false; + } + + static uint32_t FirstBit(SetType x) { + JS_STATIC_ASSERT(sizeof(SetType) == 8); + return mozilla::CountTrailingZeroes64(x); + } + static uint32_t LastBit(SetType x) { + JS_STATIC_ASSERT(sizeof(SetType) == 8); + return 63 - mozilla::CountLeadingZeroes64(x); + } + + static TypedRegisterSet ReduceSetForPush(const TypedRegisterSet& s); + static uint32_t GetSizeInBytes(const TypedRegisterSet& s); + static uint32_t GetPushSizeInBytes(const TypedRegisterSet& s); + uint32_t getRegisterDumpOffsetInBytes(); + + public: + Code code_ : 8; + FloatRegisters::Kind k_ : 1; +}; + +// ARM/D32 has double registers that cannot be treated as float32. +// Luckily, ARMv8 doesn't have the same misfortune. +inline bool +hasUnaliasedDouble() +{ + return false; +} + +// ARM prior to ARMv8 also has doubles that alias multiple floats. +// Again, ARMv8 is in the clear. +inline bool +hasMultiAlias() +{ + return false; +} + +static const size_t AsmJSCheckedImmediateRange = 0; +static const size_t AsmJSImmediateRange = 0; + +} // namespace jit +} // namespace js + +#endif // jit_arm64_Architecture_arm64_h diff --git a/js/src/jit/arm64/Assembler-arm64.cpp b/js/src/jit/arm64/Assembler-arm64.cpp new file mode 100644 index 00000000000..e0c7a9b8082 --- /dev/null +++ b/js/src/jit/arm64/Assembler-arm64.cpp @@ -0,0 +1,626 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- + * vim: set ts=8 sts=4 et sw=4 tw=99: + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "jit/arm64/Assembler-arm64.h" + +#include "mozilla/DebugOnly.h" +#include "mozilla/MathAlgorithms.h" + +#include "jscompartment.h" +#include "jsutil.h" + +#include "gc/Marking.h" + +#include "jit/arm64/MacroAssembler-arm64.h" +#include "jit/ExecutableAllocator.h" +#include "jit/JitCompartment.h" + +using namespace js; +using namespace js::jit; + +using mozilla::CountLeadingZeroes32; +using mozilla::DebugOnly; + +// Note this is used for inter-AsmJS calls and may pass arguments and results +// in floating point registers even if the system ABI does not. + +ABIArg +ABIArgGenerator::next(MIRType type) +{ + switch (type) { + case MIRType_Int32: + case MIRType_Pointer: + if (intRegIndex_ == NumIntArgRegs) { + current_ = ABIArg(stackOffset_); + stackOffset_ += sizeof(uintptr_t); + break; + } + current_ = ABIArg(Register::FromCode(intRegIndex_)); + intRegIndex_++; + break; + + case MIRType_Float32: + case MIRType_Double: + if (floatRegIndex_ == NumFloatArgRegs) { + current_ = ABIArg(stackOffset_); + stackOffset_ += sizeof(double); + break; + } + current_ = ABIArg(FloatRegister(floatRegIndex_, + type == MIRType_Double ? FloatRegisters::Double + : FloatRegisters::Single)); + floatRegIndex_++; + break; + + default: + MOZ_CRASH("Unexpected argument type"); + } + return current_; +} + +const Register ABIArgGenerator::NonArgReturnReg0 = r8; +const Register ABIArgGenerator::NonArgReturnReg1 = r9; +const Register ABIArgGenerator::NonVolatileReg = r1; +const Register ABIArgGenerator::NonArg_VolatileReg = r13; +const Register ABIArgGenerator::NonReturn_VolatileReg0 = r2; +const Register ABIArgGenerator::NonReturn_VolatileReg1 = r3; + +namespace js { +namespace jit { + +void +Assembler::finish() +{ + armbuffer_.flushPool(); + + // The extended jump table is part of the code buffer. + ExtendedJumpTable_ = emitExtendedJumpTable(); + Assembler::FinalizeCode(); + + // The jump relocation table starts with a fixed-width integer pointing + // to the start of the extended jump table. + if (tmpJumpRelocations_.length()) + jumpRelocations_.writeFixedUint32_t(toFinalOffset(ExtendedJumpTable_)); + + for (unsigned int i = 0; i < tmpJumpRelocations_.length(); i++) { + JumpRelocation& reloc = tmpJumpRelocations_[i]; + + // Each entry in the relocations table is an (offset, extendedTableIndex) pair. + jumpRelocations_.writeUnsigned(toFinalOffset(reloc.jump)); + jumpRelocations_.writeUnsigned(reloc.extendedTableIndex); + } + + for (unsigned int i = 0; i < tmpDataRelocations_.length(); i++) + dataRelocations_.writeUnsigned(toFinalOffset(tmpDataRelocations_[i])); + + for (unsigned int i = 0; i < tmpPreBarriers_.length(); i++) + preBarriers_.writeUnsigned(toFinalOffset(tmpPreBarriers_[i])); +} + +BufferOffset +Assembler::emitExtendedJumpTable() +{ + if (!pendingJumps_.length() || oom()) + return BufferOffset(); + + armbuffer_.flushPool(); + armbuffer_.align(SizeOfJumpTableEntry); + + BufferOffset tableOffset = armbuffer_.nextOffset(); + + for (size_t i = 0; i < pendingJumps_.length(); i++) { + // Each JumpTableEntry is of the form: + // LDR ip0 [PC, 8] + // BR ip0 + // [Patchable 8-byte constant low bits] + // [Patchable 8-byte constant high bits] + DebugOnly preOffset = size_t(armbuffer_.nextOffset().getOffset()); + + ldr(vixl::ip0, ptrdiff_t(8 / vixl::kInstructionSize)); + br(vixl::ip0); + + DebugOnly prePointer = size_t(armbuffer_.nextOffset().getOffset()); + MOZ_ASSERT(prePointer - preOffset == OffsetOfJumpTableEntryPointer); + + brk(0x0); + brk(0x0); + + DebugOnly postOffset = size_t(armbuffer_.nextOffset().getOffset()); + + MOZ_ASSERT(postOffset - preOffset == SizeOfJumpTableEntry); + } + + return tableOffset; +} + +void +Assembler::executableCopy(uint8_t* buffer) +{ + // Copy the code and all constant pools into the output buffer. + armbuffer_.executableCopy(buffer); + + // Patch any relative jumps that target code outside the buffer. + // The extended jump table may be used for distant jumps. + for (size_t i = 0; i < pendingJumps_.length(); i++) { + RelativePatch& rp = pendingJumps_[i]; + + if (!rp.target) { + // The patch target is nullptr for jumps that have been linked to + // a label within the same code block, but may be repatched later + // to jump to a different code block. + continue; + } + + Instruction* target = (Instruction*)rp.target; + Instruction* branch = (Instruction*)(buffer + toFinalOffset(rp.offset)); + JumpTableEntry* extendedJumpTable = + reinterpret_cast(buffer + toFinalOffset(ExtendedJumpTable_)); + if (branch->BranchType() != vixl::UnknownBranchType) { + if (branch->IsTargetReachable(target)) { + branch->SetImmPCOffsetTarget(target); + } else { + JumpTableEntry* entry = &extendedJumpTable[i]; + branch->SetImmPCOffsetTarget(entry->getLdr()); + entry->data = target; + } + } else { + // Currently a two-instruction call, it should be possible to optimize this + // into a single instruction call + nop in some instances, but this will work. + } + } +} + +BufferOffset +Assembler::immPool(ARMRegister dest, uint8_t* value, vixl::LoadLiteralOp op, ARMBuffer::PoolEntry* pe) +{ + uint32_t inst = op | Rt(dest); + const size_t numInst = 1; + const unsigned sizeOfPoolEntryInBytes = 4; + const unsigned numPoolEntries = sizeof(value) / sizeOfPoolEntryInBytes; + return armbuffer_.allocEntry(numInst, numPoolEntries, (uint8_t*)&inst, value, pe); +} + +BufferOffset +Assembler::immPool64(ARMRegister dest, uint64_t value, ARMBuffer::PoolEntry* pe) +{ + return immPool(dest, (uint8_t*)&value, vixl::LDR_x_lit, pe); +} + +BufferOffset +Assembler::immPool64Branch(RepatchLabel* label, ARMBuffer::PoolEntry* pe, Condition c) +{ + MOZ_CRASH("immPool64Branch"); +} + +BufferOffset +Assembler::fImmPool(ARMFPRegister dest, uint8_t* value, vixl::LoadLiteralOp op) +{ + uint32_t inst = op | Rt(dest); + const size_t numInst = 1; + const unsigned sizeOfPoolEntryInBits = 32; + const unsigned numPoolEntries = dest.size() / sizeOfPoolEntryInBits; + return armbuffer_.allocEntry(numInst, numPoolEntries, (uint8_t*)&inst, value); +} + +BufferOffset +Assembler::fImmPool64(ARMFPRegister dest, double value) +{ + return fImmPool(dest, (uint8_t*)&value, vixl::LDR_d_lit); +} +BufferOffset +Assembler::fImmPool32(ARMFPRegister dest, float value) +{ + return fImmPool(dest, (uint8_t*)&value, vixl::LDR_s_lit); +} + +void +Assembler::bind(Label* label, BufferOffset targetOffset) +{ + // Nothing has seen the label yet: just mark the location. + if (!label->used()) { + label->bind(targetOffset.getOffset()); + return; + } + + // Get the most recent instruction that used the label, as stored in the label. + // This instruction is the head of an implicit linked list of label uses. + uint32_t branchOffset = label->offset(); + + while ((int32_t)branchOffset != LabelBase::INVALID_OFFSET) { + Instruction* link = getInstructionAt(BufferOffset(branchOffset)); + + // Before overwriting the offset in this instruction, get the offset of + // the next link in the implicit branch list. + uint32_t nextLinkOffset = uint32_t(link->ImmPCRawOffset()); + if (nextLinkOffset != uint32_t(LabelBase::INVALID_OFFSET)) + nextLinkOffset += branchOffset; + // Linking against the actual (Instruction*) would be invalid, + // since that Instruction could be anywhere in memory. + // Instead, just link against the correct relative offset, assuming + // no constant pools, which will be taken into consideration + // during finalization. + ptrdiff_t relativeByteOffset = targetOffset.getOffset() - branchOffset; + Instruction* target = (Instruction*)(((uint8_t*)link) + relativeByteOffset); + + // Write a new relative offset into the instruction. + link->SetImmPCOffsetTarget(target); + branchOffset = nextLinkOffset; + } + + // Bind the label, so that future uses may encode the offset immediately. + label->bind(targetOffset.getOffset()); +} + +void +Assembler::bind(RepatchLabel* label) +{ + // Nothing has seen the label yet: just mark the location. + if (!label->used()) { + label->bind(nextOffset().getOffset()); + return; + } + int branchOffset = label->offset(); + Instruction* inst = getInstructionAt(BufferOffset(branchOffset)); + inst->SetImmPCOffsetTarget(inst + nextOffset().getOffset() - branchOffset); +} + +void +Assembler::trace(JSTracer* trc) +{ + for (size_t i = 0; i < pendingJumps_.length(); i++) { + RelativePatch& rp = pendingJumps_[i]; + if (rp.kind == Relocation::JITCODE) { + JitCode* code = JitCode::FromExecutable((uint8_t*)rp.target); + TraceManuallyBarrieredEdge(trc, &code, "masmrel32"); + MOZ_ASSERT(code == JitCode::FromExecutable((uint8_t*)rp.target)); + } + } + + // TODO: Trace. +#if 0 + if (tmpDataRelocations_.length()) + ::TraceDataRelocations(trc, &armbuffer_, &tmpDataRelocations_); +#endif +} + +void +Assembler::addJumpRelocation(BufferOffset src, Relocation::Kind reloc) +{ + // Only JITCODE relocations are patchable at runtime. + MOZ_ASSERT(reloc == Relocation::JITCODE); + + // Each relocation requires an entry in the extended jump table. + tmpJumpRelocations_.append(JumpRelocation(src, pendingJumps_.length())); +} + +void +Assembler::addPendingJump(BufferOffset src, ImmPtr target, Relocation::Kind reloc) +{ + MOZ_ASSERT(target.value != nullptr); + + if (reloc == Relocation::JITCODE) + addJumpRelocation(src, reloc); + + // This jump is not patchable at runtime. Extended jump table entry requirements + // cannot be known until finalization, so to be safe, give each jump and entry. + // This also causes GC tracing of the target. + enoughMemory_ &= pendingJumps_.append(RelativePatch(src, target.value, reloc)); +} + +size_t +Assembler::addPatchableJump(BufferOffset src, Relocation::Kind reloc) +{ + MOZ_CRASH("TODO: This is currently unused (and untested)"); + if (reloc == Relocation::JITCODE) + addJumpRelocation(src, reloc); + + size_t extendedTableIndex = pendingJumps_.length(); + enoughMemory_ &= pendingJumps_.append(RelativePatch(src, nullptr, reloc)); + return extendedTableIndex; +} + +void +PatchJump(CodeLocationJump& jump_, CodeLocationLabel label) +{ + MOZ_CRASH("PatchJump"); +} + +void +Assembler::PatchDataWithValueCheck(CodeLocationLabel label, PatchedImmPtr newValue, + PatchedImmPtr expected) +{ + Instruction* i = (Instruction*)label.raw(); + void** pValue = i->LiteralAddress(); + MOZ_ASSERT(*pValue == expected.value); + *pValue = newValue.value; +} + +void +Assembler::PatchDataWithValueCheck(CodeLocationLabel label, ImmPtr newValue, ImmPtr expected) +{ + PatchDataWithValueCheck(label, PatchedImmPtr(newValue.value), PatchedImmPtr(expected.value)); +} + +void +Assembler::ToggleToJmp(CodeLocationLabel inst_) +{ + Instruction* i = (Instruction*)inst_.raw(); + MOZ_ASSERT(i->IsAddSubImmediate()); + + // Refer to instruction layout in ToggleToCmp(). + int imm19 = (int)i->Bits(23, 5); + MOZ_ASSERT(vixl::is_int19(imm19)); + + b(i, imm19, Always); +} + +void +Assembler::ToggleToCmp(CodeLocationLabel inst_) +{ + Instruction* i = (Instruction*)inst_.raw(); + MOZ_ASSERT(i->IsCondB()); + + int imm19 = i->ImmCondBranch(); + // bit 23 is reserved, and the simulator throws an assertion when this happens + // It'll be messy to decode, but we can steal bit 30 or bit 31. + MOZ_ASSERT(vixl::is_int18(imm19)); + + // 31 - 64-bit if set, 32-bit if unset. (OK!) + // 30 - sub if set, add if unset. (OK!) + // 29 - SetFlagsBit. Must be set. + // 22:23 - ShiftAddSub. (OK!) + // 10:21 - ImmAddSub. (OK!) + // 5:9 - First source register (Rn). (OK!) + // 0:4 - Destination Register. Must be xzr. + + // From the above, there is a safe 19-bit contiguous region from 5:23. + Emit(i, vixl::ThirtyTwoBits | vixl::AddSubImmediateFixed | vixl::SUB | Flags(vixl::SetFlags) | + Rd(vixl::xzr) | (imm19 << vixl::Rn_offset)); +} + +void +Assembler::ToggleCall(CodeLocationLabel inst_, bool enabled) +{ + Instruction* first = (Instruction*)inst_.raw(); + Instruction* load; + Instruction* call; + + if (first->InstructionBits() == 0x9100039f) { + load = (Instruction*)NextInstruction(first); + call = NextInstruction(load); + } else { + load = first; + call = NextInstruction(first); + } + + if (call->IsBLR() == enabled) + return; + + if (call->IsBLR()) { + // if the second instruction is blr(), then wehave: + // ldr x17, [pc, offset] + // blr x17 + // we want to transform this to: + // adr xzr, [pc, offset] + // nop + int32_t offset = load->ImmLLiteral(); + adr(load, xzr, int32_t(offset)); + nop(call); + } else { + // we have adr xzr, [pc, offset] + // nop + // transform this to + // ldr x17, [pc, offset] + // blr x17 + + int32_t offset = (int)load->ImmPCRawOffset(); + MOZ_ASSERT(vixl::is_int19(offset)); + ldr(load, ScratchReg2_64, int32_t(offset)); + blr(call, ScratchReg2_64); + } +} + +class RelocationIterator +{ + CompactBufferReader reader_; + uint32_t tableStart_; + uint32_t offset_; + uint32_t extOffset_; + + public: + explicit RelocationIterator(CompactBufferReader& reader) + : reader_(reader) + { + // The first uint32_t stores the extended table offset. + tableStart_ = reader_.readFixedUint32_t(); + } + + bool read() { + if (!reader_.more()) + return false; + offset_ = reader_.readUnsigned(); + extOffset_ = reader_.readUnsigned(); + return true; + } + + uint32_t offset() const { + return offset_; + } + uint32_t extendedOffset() const { + return extOffset_; + } +}; + +static JitCode* +CodeFromJump(JitCode* code, uint8_t* jump) +{ + Instruction* branch = (Instruction*)jump; + uint8_t* target; + // If this is a toggled branch, and is currently off, then we have some 'splainin + if (branch->BranchType() == vixl::UnknownBranchType) + target = (uint8_t*)branch->Literal64(); + else + target = (uint8_t*)branch->ImmPCOffsetTarget(); + + // If the jump is within the code buffer, it uses the extended jump table. + if (target >= code->raw() && target < code->raw() + code->instructionsSize()) { + MOZ_ASSERT(target + Assembler::SizeOfJumpTableEntry <= code->raw() + code->instructionsSize()); + + uint8_t** patchablePtr = (uint8_t**)(target + Assembler::OffsetOfJumpTableEntryPointer); + target = *patchablePtr; + } + + return JitCode::FromExecutable(target); +} + +void +Assembler::TraceJumpRelocations(JSTracer* trc, JitCode* code, CompactBufferReader& reader) +{ + RelocationIterator iter(reader); + while (iter.read()) { + JitCode* child = CodeFromJump(code, code->raw() + iter.offset()); + TraceManuallyBarrieredEdge(trc, &child, "rel32"); + MOZ_ASSERT(child == CodeFromJump(code, code->raw() + iter.offset())); + } +} + +static void +TraceDataRelocations(JSTracer* trc, uint8_t* buffer, CompactBufferReader& reader) +{ + while (reader.more()) { + size_t offset = reader.readUnsigned(); + Instruction* load = (Instruction*)&buffer[offset]; + + // The only valid traceable operation is a 64-bit load to an ARMRegister. + // Refer to movePatchablePtr() for generation. + MOZ_ASSERT(load->Mask(vixl::LoadLiteralMask) == vixl::LDR_x_lit); + + uintptr_t* literalAddr = load->LiteralAddress(); + uintptr_t literal = *literalAddr; + + // All pointers on AArch64 will have the top bits cleared. + // If those bits are not cleared, this must be a Value. + if (literal >> JSVAL_TAG_SHIFT) { + jsval_layout layout; + layout.asBits = literal; + Value v = IMPL_TO_JSVAL(layout); + TraceManuallyBarrieredEdge(trc, &v, "ion-masm-value"); + *literalAddr = JSVAL_TO_IMPL(v).asBits; + + // TODO: When we can, flush caches here if a pointer was moved. + continue; + } + + // No barriers needed since the pointers are constants. + TraceManuallyBarrieredGenericPointerEdge(trc, reinterpret_cast(literalAddr), + "ion-masm-ptr"); + + // TODO: Flush caches at end? + } +} + +void +Assembler::TraceDataRelocations(JSTracer* trc, JitCode* code, CompactBufferReader& reader) +{ + ::TraceDataRelocations(trc, code->raw(), reader); +} + +void +Assembler::FixupNurseryObjects(JSContext* cx, JitCode* code, CompactBufferReader& reader, + const ObjectVector& nurseryObjects) +{ + + MOZ_ASSERT(!nurseryObjects.empty()); + + uint8_t* buffer = code->raw(); + bool hasNurseryPointers = false; + + while (reader.more()) { + size_t offset = reader.readUnsigned(); + Instruction* ins = (Instruction*)&buffer[offset]; + + uintptr_t* literalAddr = ins->LiteralAddress(); + uintptr_t literal = *literalAddr; + + if (literal >> JSVAL_TAG_SHIFT) + continue; // This is a Value. + + if (!(literal & 0x1)) + continue; + + uint32_t index = literal >> 1; + JSObject* obj = nurseryObjects[index]; + *literalAddr = uintptr_t(obj); + + // Either all objects are still in the nursery, or all objects are tenured. + MOZ_ASSERT_IF(hasNurseryPointers, IsInsideNursery(obj)); + + if (!hasNurseryPointers && IsInsideNursery(obj)) + hasNurseryPointers = true; + } + + if (hasNurseryPointers) + cx->runtime()->gc.storeBuffer.putWholeCellFromMainThread(code); +} + +int32_t +Assembler::ExtractCodeLabelOffset(uint8_t* code) +{ + return *(int32_t*)code; +} + +void +Assembler::PatchInstructionImmediate(uint8_t* code, PatchedImmPtr imm) +{ + MOZ_CRASH("PatchInstructionImmediate()"); +} + +void +Assembler::UpdateBoundsCheck(uint32_t heapSize, Instruction* inst) +{ + int32_t mask = ~(heapSize - 1); + unsigned n, imm_s, imm_r; + if (!IsImmLogical(mask, 32, &n, &imm_s, &imm_r)) + MOZ_CRASH("Could not encode immediate!?"); + + inst->SetImmR(imm_r); + inst->SetImmS(imm_s); + inst->SetBitN(n); +} + +void +Assembler::retarget(Label* label, Label* target) +{ + if (label->used()) { + if (target->bound()) { + bind(label, BufferOffset(target)); + } else if (target->used()) { + // The target is not bound but used. Prepend label's branch list + // onto target's. + BufferOffset labelBranchOffset(label); + BufferOffset next; + + // Find the head of the use chain for label. + while (nextLink(labelBranchOffset, &next)) + labelBranchOffset = next; + + // Then patch the head of label's use chain to the tail of target's + // use chain, prepending the entire use chain of target. + Instruction* branch = getInstructionAt(labelBranchOffset); + target->use(label->offset()); + branch->SetImmPCOffsetTarget(branch - labelBranchOffset.getOffset()); + } else { + // The target is unbound and unused. We can just take the head of + // the list hanging off of label, and dump that into target. + DebugOnly prev = target->use(label->offset()); + MOZ_ASSERT((int32_t)prev == Label::INVALID_OFFSET); + } + } + label->reset(); +} + +} // namespace jit +} // namespace js diff --git a/js/src/jit/arm64/Assembler-arm64.h b/js/src/jit/arm64/Assembler-arm64.h new file mode 100644 index 00000000000..62d16639778 --- /dev/null +++ b/js/src/jit/arm64/Assembler-arm64.h @@ -0,0 +1,587 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- + * vim: set ts=8 sts=4 et sw=4 tw=99: + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef A64_ASSEMBLER_A64_H_ +#define A64_ASSEMBLER_A64_H_ + +#include "jit/arm64/vixl/Assembler-vixl.h" + +#include "jit/JitCompartment.h" + +namespace js { +namespace jit { + +// VIXL imports. +typedef vixl::Register ARMRegister; +typedef vixl::FPRegister ARMFPRegister; +using vixl::ARMBuffer; +using vixl::Instruction; + +static const uint32_t AlignmentAtPrologue = 0; +static const uint32_t AlignmentMidPrologue = 8; +static const Scale ScalePointer = TimesEight; +static const uint32_t AlignmentAtAsmJSPrologue = sizeof(void*); + +// The MacroAssembler uses scratch registers extensively and unexpectedly. +// For safety, scratch registers should always be acquired using +// vixl::UseScratchRegisterScope. +static constexpr Register ScratchReg = { Registers::ip0 }; +static constexpr ARMRegister ScratchReg64 = { ScratchReg, 64 }; + +static constexpr Register ScratchReg2 = { Registers::ip1 }; +static constexpr ARMRegister ScratchReg2_64 = { ScratchReg2, 64 }; + +static constexpr FloatRegister ScratchDoubleReg = { FloatRegisters::d31 }; +static constexpr FloatRegister ReturnDoubleReg = { FloatRegisters::d0 }; + +static constexpr FloatRegister ReturnFloat32Reg = { FloatRegisters::s0 , FloatRegisters::Single }; +static constexpr FloatRegister ScratchFloat32Reg = { FloatRegisters::s31 , FloatRegisters::Single }; + +static constexpr Register InvalidReg = { Registers::invalid_reg }; +static constexpr FloatRegister InvalidFloatReg = { FloatRegisters::invalid_fpreg }; + +static constexpr FloatRegister ReturnInt32x4Reg = InvalidFloatReg; +static constexpr FloatRegister ReturnFloat32x4Reg = InvalidFloatReg; + +static constexpr Register OsrFrameReg = { Registers::x3 }; +static constexpr Register ArgumentsRectifierReg = { Registers::x8 }; +static constexpr Register CallTempReg0 = { Registers::x9 }; +static constexpr Register CallTempReg1 = { Registers::x10 }; +static constexpr Register CallTempReg2 = { Registers::x11 }; +static constexpr Register CallTempReg3 = { Registers::x12 }; +static constexpr Register CallTempReg4 = { Registers::x13 }; +static constexpr Register CallTempReg5 = { Registers::x14 }; + +static constexpr Register PreBarrierReg = { Registers::x1 }; + +static constexpr Register ReturnReg = { Registers::x0 }; +static constexpr Register JSReturnReg = { Registers::x2 }; +static constexpr Register FramePointer = { Registers::fp }; +static constexpr Register ZeroRegister = { Registers::sp }; +static constexpr ARMRegister ZeroRegister64 = { Registers::sp, 64 }; +static constexpr ARMRegister ZeroRegister32 = { Registers::sp, 32 }; + +static constexpr FloatRegister ReturnFloatReg = { FloatRegisters::d0 }; +static constexpr FloatRegister ScratchFloatReg = { FloatRegisters::d31 }; + +static constexpr FloatRegister ReturnSimdReg = InvalidFloatReg; +static constexpr FloatRegister ScratchSimdReg = InvalidFloatReg; + +// StackPointer is intentionally undefined on ARM64 to prevent misuse: +// using sp as a base register is only valid if sp % 16 == 0. +static constexpr Register RealStackPointer = { Registers::sp }; +// TODO: We're not quite there yet. +static constexpr Register StackPointer = { Registers::sp }; + +static constexpr Register PseudoStackPointer = { Registers::x28 }; +static constexpr ARMRegister PseudoStackPointer64 = { Registers::x28, 64 }; +static constexpr ARMRegister PseudoStackPointer32 = { Registers::x28, 32 }; + +// StackPointer for use by irregexp. +static constexpr Register RegExpStackPointer = PseudoStackPointer; + +static constexpr Register IntArgReg0 = { Registers::x0 }; +static constexpr Register IntArgReg1 = { Registers::x1 }; +static constexpr Register IntArgReg2 = { Registers::x2 }; +static constexpr Register IntArgReg3 = { Registers::x3 }; +static constexpr Register IntArgReg4 = { Registers::x4 }; +static constexpr Register IntArgReg5 = { Registers::x5 }; +static constexpr Register IntArgReg6 = { Registers::x6 }; +static constexpr Register IntArgReg7 = { Registers::x7 }; +static constexpr Register GlobalReg = { Registers::x20 }; +static constexpr Register HeapReg = { Registers::x21 }; +static constexpr Register HeapLenReg = { Registers::x22 }; + +// Define unsized Registers. +#define DEFINE_UNSIZED_REGISTERS(N) \ +static constexpr Register r##N = { Registers::x##N }; +REGISTER_CODE_LIST(DEFINE_UNSIZED_REGISTERS) +#undef DEFINE_UNSIZED_REGISTERS +static constexpr Register ip0 = { Registers::x16 }; +static constexpr Register ip1 = { Registers::x16 }; +static constexpr Register fp = { Registers::x30 }; +static constexpr Register lr = { Registers::x30 }; +static constexpr Register rzr = { Registers::xzr }; + +// Import VIXL registers into the js::jit namespace. +#define IMPORT_VIXL_REGISTERS(N) \ +static constexpr ARMRegister w##N = vixl::w##N; \ +static constexpr ARMRegister x##N = vixl::x##N; +REGISTER_CODE_LIST(IMPORT_VIXL_REGISTERS) +#undef IMPORT_VIXL_REGISTERS +static constexpr ARMRegister wzr = vixl::wzr; +static constexpr ARMRegister xzr = vixl::xzr; +static constexpr ARMRegister wsp = vixl::wsp; +static constexpr ARMRegister sp = vixl::sp; + +// Import VIXL VRegisters into the js::jit namespace. +#define IMPORT_VIXL_VREGISTERS(N) \ +static constexpr ARMFPRegister s##N = vixl::s##N; \ +static constexpr ARMFPRegister d##N = vixl::d##N; +REGISTER_CODE_LIST(IMPORT_VIXL_VREGISTERS) +#undef IMPORT_VIXL_VREGISTERS + +static constexpr ValueOperand JSReturnOperand = ValueOperand(JSReturnReg); + +// Registers used in the GenerateFFIIonExit Enable Activation block. +static constexpr Register AsmJSIonExitRegCallee = r8; +static constexpr Register AsmJSIonExitRegE0 = r0; +static constexpr Register AsmJSIonExitRegE1 = r1; +static constexpr Register AsmJSIonExitRegE2 = r2; +static constexpr Register AsmJSIonExitRegE3 = r3; + +// Registers used in the GenerateFFIIonExit Disable Activation block. +// None of these may be the second scratch register. +static constexpr Register AsmJSIonExitRegReturnData = r2; +static constexpr Register AsmJSIonExitRegReturnType = r3; +static constexpr Register AsmJSIonExitRegD0 = r0; +static constexpr Register AsmJSIonExitRegD1 = r1; +static constexpr Register AsmJSIonExitRegD2 = r4; + +static constexpr Register JSReturnReg_Type = r3; +static constexpr Register JSReturnReg_Data = r2; + +static constexpr FloatRegister NANReg = { FloatRegisters::d14 }; +// N.B. r8 isn't listed as an aapcs temp register, but we can use it as such because we never +// use return-structs. +static constexpr Register CallTempNonArgRegs[] = { r8, r9, r10, r11, r12, r13, r14, r15 }; +static const uint32_t NumCallTempNonArgRegs = + mozilla::ArrayLength(CallTempNonArgRegs); + +static constexpr uint32_t JitStackAlignment = 16; + +static constexpr uint32_t JitStackValueAlignment = JitStackAlignment / sizeof(Value); +static_assert(JitStackAlignment % sizeof(Value) == 0 && JitStackValueAlignment >= 1, + "Stack alignment should be a non-zero multiple of sizeof(Value)"); + +// This boolean indicates whether we support SIMD instructions flavoured for +// this architecture or not. Rather than a method in the LIRGenerator, it is +// here such that it is accessible from the entire codebase. Once full support +// for SIMD is reached on all tier-1 platforms, this constant can be deleted. +static constexpr bool SupportsSimd = false; +static constexpr uint32_t SimdMemoryAlignment = 16; + +static_assert(CodeAlignment % SimdMemoryAlignment == 0, + "Code alignment should be larger than any of the alignments which are used for " + "the constant sections of the code buffer. Thus it should be larger than the " + "alignment for SIMD constants."); + +static const uint32_t AsmJSStackAlignment = SimdMemoryAlignment; +static const int32_t AsmJSGlobalRegBias = 1024; + +class Assembler : public vixl::Assembler +{ + public: + Assembler() + : vixl::Assembler() + { } + + typedef vixl::Condition Condition; + + void finish(); + void trace(JSTracer* trc); + + // Emit the jump table, returning the BufferOffset to the first entry in the table. + BufferOffset emitExtendedJumpTable(); + BufferOffset ExtendedJumpTable_; + void executableCopy(uint8_t* buffer); + + BufferOffset immPool(ARMRegister dest, uint8_t* value, vixl::LoadLiteralOp op, + ARMBuffer::PoolEntry* pe = nullptr); + BufferOffset immPool64(ARMRegister dest, uint64_t value, ARMBuffer::PoolEntry* pe = nullptr); + BufferOffset immPool64Branch(RepatchLabel* label, ARMBuffer::PoolEntry* pe, vixl::Condition c); + BufferOffset fImmPool(ARMFPRegister dest, uint8_t* value, vixl::LoadLiteralOp op); + BufferOffset fImmPool64(ARMFPRegister dest, double value); + BufferOffset fImmPool32(ARMFPRegister dest, float value); + + void bind(Label* label) { bind(label, nextOffset()); } + void bind(Label* label, BufferOffset boff); + void bind(RepatchLabel* label); + + bool oom() const { + return AssemblerShared::oom() || + armbuffer_.oom() || + jumpRelocations_.oom() || + dataRelocations_.oom() || + preBarriers_.oom(); + } + + void copyJumpRelocationTable(uint8_t* dest) const { + if (jumpRelocations_.length()) + memcpy(dest, jumpRelocations_.buffer(), jumpRelocations_.length()); + } + void copyDataRelocationTable(uint8_t* dest) const { + if (dataRelocations_.length()) + memcpy(dest, dataRelocations_.buffer(), dataRelocations_.length()); + } + void copyPreBarrierTable(uint8_t* dest) const { + if (preBarriers_.length()) + memcpy(dest, preBarriers_.buffer(), preBarriers_.length()); + } + + size_t jumpRelocationTableBytes() const { + return jumpRelocations_.length(); + } + size_t dataRelocationTableBytes() const { + return dataRelocations_.length(); + } + size_t preBarrierTableBytes() const { + return preBarriers_.length(); + } + size_t bytesNeeded() const { + return SizeOfCodeGenerated() + + jumpRelocationTableBytes() + + dataRelocationTableBytes() + + preBarrierTableBytes(); + } + + BufferOffset nextOffset() const { + return armbuffer_.nextOffset(); + } + + void addCodeLabel(CodeLabel label) { + propagateOOM(codeLabels_.append(label)); + } + size_t numCodeLabels() const { + return codeLabels_.length(); + } + CodeLabel codeLabel(size_t i) { + return codeLabels_[i]; + } + void processCodeLabels(uint8_t* rawCode) { + for (size_t i = 0; i < codeLabels_.length(); i++) { + CodeLabel label = codeLabels_[i]; + Bind(rawCode, label.dest(), rawCode + actualOffset(label.src()->offset())); + } + } + + void Bind(uint8_t* rawCode, AbsoluteLabel* label, const void* address) { + uint32_t off = actualOffset(label->offset()); + *reinterpret_cast(rawCode + off) = address; + } + bool nextLink(BufferOffset cur, BufferOffset* next) { + Instruction* link = getInstructionAt(cur); + uint32_t nextLinkOffset = uint32_t(link->ImmPCRawOffset()); + if (nextLinkOffset == uint32_t(LabelBase::INVALID_OFFSET)) + return false; + *next = BufferOffset(nextLinkOffset + cur.getOffset()); + return true; + } + void retarget(Label* cur, Label* next); + + // The buffer is about to be linked. Ensure any constant pools or + // excess bookkeeping has been flushed to the instruction stream. + void flush() { + armbuffer_.flushPool(); + } + + int actualOffset(int curOffset) { + return curOffset + armbuffer_.poolSizeBefore(curOffset); + } + int actualIndex(int curOffset) { + ARMBuffer::PoolEntry pe(curOffset); + return armbuffer_.poolEntryOffset(pe); + } + int labelOffsetToPatchOffset(int labelOff) { + return actualOffset(labelOff); + } + static uint8_t* PatchableJumpAddress(JitCode* code, uint32_t index) { + return code->raw() + index; + } + void setPrinter(Sprinter* sp) { + } + + static bool SupportsFloatingPoint() { return true; } + static bool SupportsSimd() { return js::jit::SupportsSimd; } + + // Tracks a jump that is patchable after finalization. + void addJumpRelocation(BufferOffset src, Relocation::Kind reloc); + + protected: + // Add a jump whose target is unknown until finalization. + // The jump may not be patched at runtime. + void addPendingJump(BufferOffset src, ImmPtr target, Relocation::Kind kind); + + // Add a jump whose target is unknown until finalization, and may change + // thereafter. The jump is patchable at runtime. + size_t addPatchableJump(BufferOffset src, Relocation::Kind kind); + + public: + static uint32_t PatchWrite_NearCallSize() { + return 4; + } + + static uint32_t NopSize() { + return 4; + } + + static void PatchWrite_NearCall(CodeLocationLabel start, CodeLocationLabel toCall) { + Instruction* dest = (Instruction*)start.raw(); + //printf("patching %p with call to %p\n", start.raw(), toCall.raw()); + bl(dest, ((Instruction*)toCall.raw() - dest)>>2); + + } + static void PatchDataWithValueCheck(CodeLocationLabel label, + PatchedImmPtr newValue, + PatchedImmPtr expected); + + static void PatchDataWithValueCheck(CodeLocationLabel label, + ImmPtr newValue, + ImmPtr expected); + + static void PatchWrite_Imm32(CodeLocationLabel label, Imm32 imm) { + // Raw is going to be the return address. + uint32_t* raw = (uint32_t*)label.raw(); + // Overwrite the 4 bytes before the return address, which will end up being + // the call instruction. + *(raw - 1) = imm.value; + } + static uint32_t AlignDoubleArg(uint32_t offset) { + MOZ_CRASH("AlignDoubleArg()"); + } + static Instruction* NextInstruction(Instruction* instruction, uint32_t* count = nullptr) { + if (count != nullptr) + *count += 4; + Instruction* cur = instruction; + Instruction* next = cur + 4; + // Artificial pool guards can only be B (rather than BR) + if (next->IsUncondB()) { + uint32_t* snd = (uint32_t*)(instruction + 8); + // test both the upper 16 bits, but also bit 15, which should be unset + // for an artificial branch guard. + if ((*snd & 0xffff8000) == 0xffff0000) { + // that was a guard before a pool, step over the pool. + int poolSize = (*snd & 0x7fff); + return (Instruction*)(snd + poolSize); + } + } else if (cur->IsBR() || cur->IsUncondB()) { + // natural pool guards can be anything + // but they need to have bit 15 set. + if ((next->InstructionBits() & 0xffff0000) == 0xffff0000) { + int poolSize = (next->InstructionBits() & 0x7fff); + Instruction* ret = (next + (poolSize << 2)); + return ret; + } + } + return (instruction + 4); + + } + static uint8_t* NextInstruction(uint8_t* instruction, uint32_t* count = nullptr) { + return (uint8_t*)NextInstruction((Instruction*)instruction, count); + } + static uintptr_t GetPointer(uint8_t* ptr) { + Instruction* i = reinterpret_cast(ptr); + uint64_t ret = i->Literal64(); + return ret; + } + + // Toggle a jmp or cmp emitted by toggledJump(). + static void ToggleToJmp(CodeLocationLabel inst_); + static void ToggleToCmp(CodeLocationLabel inst_); + static void ToggleCall(CodeLocationLabel inst_, bool enabled); + + static void TraceJumpRelocations(JSTracer* trc, JitCode* code, CompactBufferReader& reader); + static void TraceDataRelocations(JSTracer* trc, JitCode* code, CompactBufferReader& reader); + + static int32_t ExtractCodeLabelOffset(uint8_t* code); + static void PatchInstructionImmediate(uint8_t* code, PatchedImmPtr imm); + + static void FixupNurseryObjects(JSContext* cx, JitCode* code, CompactBufferReader& reader, + const ObjectVector& nurseryObjects); + + // Convert a BufferOffset to a final byte offset from the start of the code buffer. + size_t toFinalOffset(BufferOffset offset) { + return size_t(offset.getOffset() + armbuffer_.poolSizeBefore(offset.getOffset())); + } + + public: + // A Jump table entry is 2 instructions, with 8 bytes of raw data + static const size_t SizeOfJumpTableEntry = 16; + + struct JumpTableEntry + { + uint32_t ldr; + uint32_t br; + void* data; + + Instruction* getLdr() { + return reinterpret_cast(&ldr); + } + }; + + // Offset of the patchable target for the given entry. + static const size_t OffsetOfJumpTableEntryPointer = 8; + + public: + static void UpdateBoundsCheck(uint32_t logHeapSize, Instruction* inst); + + void writeCodePointer(AbsoluteLabel* absoluteLabel) { + MOZ_ASSERT(!absoluteLabel->bound()); + uintptr_t x = LabelBase::INVALID_OFFSET; + BufferOffset off = EmitData(&x, sizeof(uintptr_t)); + + // The x86/x64 makes general use of AbsoluteLabel and weaves a linked list + // of uses of an AbsoluteLabel through the assembly. ARM only uses labels + // for the case statements of switch jump tables. Thus, for simplicity, we + // simply treat the AbsoluteLabel as a label and bind it to the offset of + // the jump table entry that needs to be patched. + LabelBase* label = absoluteLabel; + label->bind(off.getOffset()); + } + + void verifyHeapAccessDisassembly(uint32_t begin, uint32_t end, + const Disassembler::HeapAccess& heapAccess) + { + MOZ_CRASH("verifyHeapAccessDisassembly"); + } + + protected: + // Because jumps may be relocated to a target inaccessible by a short jump, + // each relocatable jump must have a unique entry in the extended jump table. + // Valid relocatable targets are of type Relocation::JITCODE. + struct JumpRelocation + { + BufferOffset jump; // Offset to the short jump, from the start of the code buffer. + uint32_t extendedTableIndex; // Unique index within the extended jump table. + + JumpRelocation(BufferOffset jump, uint32_t extendedTableIndex) + : jump(jump), extendedTableIndex(extendedTableIndex) + { } + }; + + // Because ARM and A64 use a code buffer that allows for constant pool insertion, + // the actual offset of each jump cannot be known until finalization. + // These vectors store the WIP offsets. + js::Vector tmpDataRelocations_; + js::Vector tmpPreBarriers_; + js::Vector tmpJumpRelocations_; + + // Structure for fixing up pc-relative loads/jumps when the machine + // code gets moved (executable copy, gc, etc.). + struct RelativePatch + { + BufferOffset offset; + void* target; + Relocation::Kind kind; + + RelativePatch(BufferOffset offset, void* target, Relocation::Kind kind) + : offset(offset), target(target), kind(kind) + { } + }; + + js::Vector codeLabels_; + + // List of jumps for which the target is either unknown until finalization, + // or cannot be known due to GC. Each entry here requires a unique entry + // in the extended jump table, and is patched at finalization. + js::Vector pendingJumps_; + + // Final output formatters. + CompactBufferWriter jumpRelocations_; + CompactBufferWriter dataRelocations_; + CompactBufferWriter preBarriers_; +}; + +static const uint32_t NumIntArgRegs = 8; +static const uint32_t NumFloatArgRegs = 8; + +class ABIArgGenerator +{ + public: + ABIArgGenerator() + : intRegIndex_(0), + floatRegIndex_(0), + stackOffset_(0), + current_() + { } + + ABIArg next(MIRType argType); + ABIArg& current() { return current_; } + uint32_t stackBytesConsumedSoFar() const { return stackOffset_; } + + public: + static const Register NonArgReturnReg0; + static const Register NonArgReturnReg1; + static const Register NonVolatileReg; + static const Register NonArg_VolatileReg; + static const Register NonReturn_VolatileReg0; + static const Register NonReturn_VolatileReg1; + + protected: + unsigned intRegIndex_; + unsigned floatRegIndex_; + uint32_t stackOffset_; + ABIArg current_; +}; + +static inline bool +GetIntArgReg(uint32_t usedIntArgs, uint32_t usedFloatArgs, Register* out) +{ + if (usedIntArgs >= NumIntArgRegs) + return false; + *out = Register::FromCode(usedIntArgs); + return true; +} + +static inline bool +GetFloatArgReg(uint32_t usedIntArgs, uint32_t usedFloatArgs, FloatRegister* out) +{ + if (usedFloatArgs >= NumFloatArgRegs) + return false; + *out = FloatRegister::FromCode(usedFloatArgs); + return true; +} + +// Get a register in which we plan to put a quantity that will be used as an +// integer argument. This differs from GetIntArgReg in that if we have no more +// actual argument registers to use we will fall back on using whatever +// CallTempReg* don't overlap the argument registers, and only fail once those +// run out too. +static inline bool +GetTempRegForIntArg(uint32_t usedIntArgs, uint32_t usedFloatArgs, Register* out) +{ + if (GetIntArgReg(usedIntArgs, usedFloatArgs, out)) + return true; + // Unfortunately, we have to assume things about the point at which + // GetIntArgReg returns false, because we need to know how many registers it + // can allocate. + usedIntArgs -= NumIntArgRegs; + if (usedIntArgs >= NumCallTempNonArgRegs) + return false; + *out = CallTempNonArgRegs[usedIntArgs]; + return true; + +} + +void PatchJump(CodeLocationJump& jump_, CodeLocationLabel label); + +static inline void +PatchBackedge(CodeLocationJump& jump_, CodeLocationLabel label, JitRuntime::BackedgeTarget target) +{ + PatchJump(jump_, label); +} + +// Forbids pool generation during a specified interval. Not nestable. +class AutoForbidPools +{ + Assembler* asm_; + + public: + AutoForbidPools(Assembler* asm_, size_t maxInst) + : asm_(asm_) + { + asm_->enterNoPool(maxInst); + } + + ~AutoForbidPools() { + asm_->leaveNoPool(); + } +}; + +} // namespace jit +} // namespace js + +#endif // A64_ASSEMBLER_A64_H_ diff --git a/js/src/jit/arm64/AtomicOperations-arm64.h b/js/src/jit/arm64/AtomicOperations-arm64.h new file mode 100644 index 00000000000..3742674fd64 --- /dev/null +++ b/js/src/jit/arm64/AtomicOperations-arm64.h @@ -0,0 +1,104 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- + * vim: set ts=8 sts=4 et sw=4 tw=99: + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +/* For documentation, see jit/AtomicOperations.h */ + +#ifndef jit_arm64_AtomicOperations_arm64_h +#define jit_arm64_AtomicOperations_arm64_h + +#include "jit/arm64/Architecture-arm64.h" +#include "jit/AtomicOperations.h" + +inline bool +js::jit::AtomicOperations::isLockfree8() +{ + MOZ_CRASH("isLockfree8()"); +} + +inline void +js::jit::AtomicOperations::fenceSeqCst() +{ + MOZ_CRASH("fenceSeqCst()"); +} + +template +inline T +js::jit::AtomicOperations::loadSeqCst(T* addr) +{ + MOZ_CRASH("loadSeqCst()"); +} + +template +inline void +js::jit::AtomicOperations::storeSeqCst(T* addr, T val) +{ + MOZ_CRASH("storeSeqCst()"); +} + +template +inline T +js::jit::AtomicOperations::exchangeSeqCst(T* addr, T val) +{ + MOZ_CRASH("exchangeSeqCst()"); +} + +template +inline T +js::jit::AtomicOperations::compareExchangeSeqCst(T* addr, T oldval, T newval) +{ + MOZ_CRASH("compareExchangeSeqCst()"); +} + +template +inline T +js::jit::AtomicOperations::fetchAddSeqCst(T* addr, T val) +{ + MOZ_CRASH("fetchAddSeqCst()"); +} + +template +inline T +js::jit::AtomicOperations::fetchSubSeqCst(T* addr, T val) +{ + MOZ_CRASH("fetchSubSeqCst()"); +} + +template +inline T +js::jit::AtomicOperations::fetchAndSeqCst(T* addr, T val) +{ + MOZ_CRASH("fetchAndSeqCst()"); +} + +template +inline T +js::jit::AtomicOperations::fetchOrSeqCst(T* addr, T val) +{ + MOZ_CRASH("fetchOrSeqCst()"); +} + +template +inline T +js::jit::AtomicOperations::fetchXorSeqCst(T* addr, T val) +{ + MOZ_CRASH("fetchXorSeqCst()"); +} + +template +inline void +js::jit::RegionLock::acquire(void* addr) +{ + MOZ_CRASH("acquire()"); +} + +template +inline void +js::jit::RegionLock::release(void* addr) +{ + MOZ_CRASH("release()"); +} + +#endif // jit_arm64_AtomicOperations_arm64_h diff --git a/js/src/jit/arm64/BaselineIC-arm64.cpp b/js/src/jit/arm64/BaselineIC-arm64.cpp index c7de4762f0b..16893696454 100644 --- a/js/src/jit/arm64/BaselineIC-arm64.cpp +++ b/js/src/jit/arm64/BaselineIC-arm64.cpp @@ -8,7 +8,7 @@ #include "jit/SharedICHelpers.h" #ifdef JS_ARM64_SIMULATOR -// TODO #include "jit/arm64/Assembler-arm64.h" +#include "jit/arm64/Assembler-arm64.h" #include "jit/arm64/BaselineCompiler-arm64.h" #include "jit/arm64/vixl/Debugger-vixl.h" #endif diff --git a/js/src/jit/arm64/MacroAssembler-arm64.cpp b/js/src/jit/arm64/MacroAssembler-arm64.cpp new file mode 100644 index 00000000000..7b1d7b494e7 --- /dev/null +++ b/js/src/jit/arm64/MacroAssembler-arm64.cpp @@ -0,0 +1,688 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- + * vim: set ts=8 sts=4 et sw=4 tw=99: + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "jit/arm64/MacroAssembler-arm64.h" + +// TODO #include "jit/arm64/MoveEmitter-arm64.h" +#include "jit/arm64/SharedICRegisters-arm64.h" +#include "jit/Bailouts.h" +#include "jit/BaselineFrame.h" +#include "jit/MacroAssembler.h" + +namespace js { +namespace jit { + +void +MacroAssembler::clampDoubleToUint8(FloatRegister input, Register output) +{ + ARMRegister dest(output, 32); + Fcvtns(dest, ARMFPRegister(input, 64)); + + { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch32 = temps.AcquireW(); + + Mov(scratch32, Operand(0xff)); + Cmp(dest, scratch32); + Csel(dest, dest, scratch32, LessThan); + } + + Cmp(dest, Operand(0)); + Csel(dest, wzr, dest, LessThan); +} + +void +MacroAssemblerCompat::buildFakeExitFrame(Register scratch, uint32_t* offset) +{ + mozilla::DebugOnly initialDepth = framePushed(); + uint32_t descriptor = MakeFrameDescriptor(framePushed(), JitFrame_IonJS); + + asMasm().Push(Imm32(descriptor)); // descriptor_ + + enterNoPool(3); + Label fakeCallsite; + Adr(ARMRegister(scratch, 64), &fakeCallsite); + asMasm().Push(scratch); + bind(&fakeCallsite); + uint32_t pseudoReturnOffset = currentOffset(); + leaveNoPool(); + + MOZ_ASSERT(framePushed() == initialDepth + ExitFrameLayout::Size()); + + *offset = pseudoReturnOffset; +} + +void +MacroAssemblerCompat::callWithExitFrame(JitCode* target) +{ + uint32_t descriptor = MakeFrameDescriptor(framePushed(), JitFrame_IonJS); + asMasm().Push(Imm32(descriptor)); + call(target); +} + +void +MacroAssembler::alignFrameForICArguments(MacroAssembler::AfterICSaveLive& aic) +{ + // Exists for MIPS compatibility. +} + +void +MacroAssembler::restoreFrameAlignmentForICArguments(MacroAssembler::AfterICSaveLive& aic) +{ + // Exists for MIPS compatibility. +} + +js::jit::MacroAssembler& +MacroAssemblerCompat::asMasm() +{ + return *static_cast(this); +} + +const js::jit::MacroAssembler& +MacroAssemblerCompat::asMasm() const +{ + return *static_cast(this); +} + +vixl::MacroAssembler& +MacroAssemblerCompat::asVIXL() +{ + return *static_cast(this); +} + +const vixl::MacroAssembler& +MacroAssemblerCompat::asVIXL() const +{ + return *static_cast(this); +} + +BufferOffset +MacroAssemblerCompat::movePatchablePtr(ImmPtr ptr, Register dest) +{ + const size_t numInst = 1; // Inserting one load instruction. + const unsigned numPoolEntries = 2; // Every pool entry is 4 bytes. + uint8_t* literalAddr = (uint8_t*)(&ptr.value); // TODO: Should be const. + + // Scratch space for generating the load instruction. + // + // allocEntry() will use InsertIndexIntoTag() to store a temporary + // index to the corresponding PoolEntry in the instruction itself. + // + // That index will be fixed up later when finishPool() + // walks over all marked loads and calls PatchConstantPoolLoad(). + uint32_t instructionScratch = 0; + + // Emit the instruction mask in the scratch space. + // The offset doesn't matter: it will be fixed up later. + vixl::Assembler::ldr((Instruction*)&instructionScratch, ARMRegister(dest, 64), 0); + + // Add the entry to the pool, fix up the LDR imm19 offset, + // and add the completed instruction to the buffer. + return armbuffer_.allocEntry(numInst, numPoolEntries, + (uint8_t*)&instructionScratch, literalAddr); +} + +BufferOffset +MacroAssemblerCompat::movePatchablePtr(ImmWord ptr, Register dest) +{ + const size_t numInst = 1; // Inserting one load instruction. + const unsigned numPoolEntries = 2; // Every pool entry is 4 bytes. + uint8_t* literalAddr = (uint8_t*)(&ptr.value); + + // Scratch space for generating the load instruction. + // + // allocEntry() will use InsertIndexIntoTag() to store a temporary + // index to the corresponding PoolEntry in the instruction itself. + // + // That index will be fixed up later when finishPool() + // walks over all marked loads and calls PatchConstantPoolLoad(). + uint32_t instructionScratch = 0; + + // Emit the instruction mask in the scratch space. + // The offset doesn't matter: it will be fixed up later. + vixl::Assembler::ldr((Instruction*)&instructionScratch, ARMRegister(dest, 64), 0); + + // Add the entry to the pool, fix up the LDR imm19 offset, + // and add the completed instruction to the buffer. + return armbuffer_.allocEntry(numInst, numPoolEntries, + (uint8_t*)&instructionScratch, literalAddr); +} + +void +MacroAssemblerCompat::handleFailureWithHandlerTail(void* handler) +{ + // Reserve space for exception information. + int64_t size = (sizeof(ResumeFromException) + 7) & ~7; + Sub(GetStackPointer64(), GetStackPointer64(), Operand(size)); + if (!GetStackPointer64().Is(sp)) + Mov(sp, GetStackPointer64()); + + Mov(x0, GetStackPointer64()); + + // Call the handler. + setupUnalignedABICall(1, r1); + passABIArg(r0); + callWithABI(handler); + + Label entryFrame; + Label catch_; + Label finally; + Label return_; + Label bailout; + + MOZ_ASSERT(GetStackPointer64().Is(x28)); // Lets the code below be a little cleaner. + + loadPtr(Address(r28, offsetof(ResumeFromException, kind)), r0); + branch32(Assembler::Equal, r0, Imm32(ResumeFromException::RESUME_ENTRY_FRAME), &entryFrame); + branch32(Assembler::Equal, r0, Imm32(ResumeFromException::RESUME_CATCH), &catch_); + branch32(Assembler::Equal, r0, Imm32(ResumeFromException::RESUME_FINALLY), &finally); + branch32(Assembler::Equal, r0, Imm32(ResumeFromException::RESUME_FORCED_RETURN), &return_); + branch32(Assembler::Equal, r0, Imm32(ResumeFromException::RESUME_BAILOUT), &bailout); + + breakpoint(); // Invalid kind. + + // No exception handler. Load the error value, load the new stack pointer, + // and return from the entry frame. + bind(&entryFrame); + moveValue(MagicValue(JS_ION_ERROR), JSReturnOperand); + loadPtr(Address(r28, offsetof(ResumeFromException, stackPointer)), r28); + retn(Imm32(1 * sizeof(void*))); // Pop from stack and return. + + // If we found a catch handler, this must be a baseline frame. Restore state + // and jump to the catch block. + bind(&catch_); + loadPtr(Address(r28, offsetof(ResumeFromException, target)), r0); + loadPtr(Address(r28, offsetof(ResumeFromException, framePointer)), BaselineFrameReg); + loadPtr(Address(r28, offsetof(ResumeFromException, stackPointer)), r28); + syncStackPtr(); + Br(x0); + + // If we found a finally block, this must be a baseline frame. + // Push two values expected by JSOP_RETSUB: BooleanValue(true) + // and the exception. + bind(&finally); + ARMRegister exception = x1; + Ldr(exception, MemOperand(GetStackPointer64(), offsetof(ResumeFromException, exception))); + Ldr(x0, MemOperand(GetStackPointer64(), offsetof(ResumeFromException, target))); + Ldr(ARMRegister(BaselineFrameReg, 64), + MemOperand(GetStackPointer64(), offsetof(ResumeFromException, framePointer))); + Ldr(GetStackPointer64(), MemOperand(GetStackPointer64(), offsetof(ResumeFromException, stackPointer))); + syncStackPtr(); + pushValue(BooleanValue(true)); + push(exception); + Br(x0); + + // Only used in debug mode. Return BaselineFrame->returnValue() to the caller. + bind(&return_); + loadPtr(Address(r28, offsetof(ResumeFromException, framePointer)), BaselineFrameReg); + loadPtr(Address(r28, offsetof(ResumeFromException, stackPointer)), r28); + loadValue(Address(BaselineFrameReg, BaselineFrame::reverseOffsetOfReturnValue()), + JSReturnOperand); + movePtr(BaselineFrameReg, r28); + vixl::MacroAssembler::Pop(ARMRegister(BaselineFrameReg, 64), vixl::lr); + syncStackPtr(); + vixl::MacroAssembler::Ret(vixl::lr); + + // If we are bailing out to baseline to handle an exception, + // jump to the bailout tail stub. + bind(&bailout); + Ldr(x2, MemOperand(GetStackPointer64(), offsetof(ResumeFromException, bailoutInfo))); + Ldr(x1, MemOperand(GetStackPointer64(), offsetof(ResumeFromException, target))); + Mov(x0, BAILOUT_RETURN_OK); + Br(x1); +} + +void +MacroAssemblerCompat::setupABICall(uint32_t args) +{ + MOZ_ASSERT(!inCall_); + inCall_ = true; + + args_ = args; + usedOutParam_ = false; + passedIntArgs_ = 0; + passedFloatArgs_ = 0; + passedArgTypes_ = 0; + stackForCall_ = ShadowStackSpace; +} + +void +MacroAssemblerCompat::setupUnalignedABICall(uint32_t args, Register scratch) +{ + setupABICall(args); + dynamicAlignment_ = true; + + int64_t alignment = ~(int64_t(ABIStackAlignment) - 1); + ARMRegister scratch64(scratch, 64); + + // Always save LR -- Baseline ICs assume that LR isn't modified. + push(lr); + + // Unhandled for sp -- needs slightly different logic. + MOZ_ASSERT(!GetStackPointer64().Is(sp)); + + // Remember the stack address on entry. + Mov(scratch64, GetStackPointer64()); + + // Make alignment, including the effective push of the previous sp. + Sub(GetStackPointer64(), GetStackPointer64(), Operand(8)); + And(GetStackPointer64(), GetStackPointer64(), Operand(alignment)); + + // If the PseudoStackPointer is used, sp must be <= psp before a write is valid. + syncStackPtr(); + + // Store previous sp to the top of the stack, aligned. + Str(scratch64, MemOperand(GetStackPointer64(), 0)); +} + +void +MacroAssemblerCompat::passABIArg(const MoveOperand& from, MoveOp::Type type) +{ + if (!enoughMemory_) + return; + + Register activeSP = Register::FromCode(GetStackPointer64().code()); + if (type == MoveOp::GENERAL) { + Register dest; + passedArgTypes_ = (passedArgTypes_ << ArgType_Shift) | ArgType_General; + if (GetIntArgReg(passedIntArgs_++, passedFloatArgs_, &dest)) { + if (!from.isGeneralReg() || from.reg() != dest) + enoughMemory_ = moveResolver_.addMove(from, MoveOperand(dest), type); + return; + } + + enoughMemory_ = moveResolver_.addMove(from, MoveOperand(activeSP, stackForCall_), type); + stackForCall_ += sizeof(int64_t); + return; + } + + MOZ_ASSERT(type == MoveOp::FLOAT32 || type == MoveOp::DOUBLE); + if (type == MoveOp::FLOAT32) + passedArgTypes_ = (passedArgTypes_ << ArgType_Shift) | ArgType_Float32; + else + passedArgTypes_ = (passedArgTypes_ << ArgType_Shift) | ArgType_Double; + + FloatRegister fdest; + if (GetFloatArgReg(passedIntArgs_, passedFloatArgs_++, &fdest)) { + if (!from.isFloatReg() || from.floatReg() != fdest) + enoughMemory_ = moveResolver_.addMove(from, MoveOperand(fdest), type); + return; + } + + enoughMemory_ = moveResolver_.addMove(from, MoveOperand(activeSP, stackForCall_), type); + switch (type) { + case MoveOp::FLOAT32: stackForCall_ += sizeof(float); break; + case MoveOp::DOUBLE: stackForCall_ += sizeof(double); break; + default: MOZ_CRASH("Unexpected float register class argument type"); + } +} + +void +MacroAssemblerCompat::passABIArg(Register reg) +{ + passABIArg(MoveOperand(reg), MoveOp::GENERAL); +} + +void +MacroAssemblerCompat::passABIArg(FloatRegister reg, MoveOp::Type type) +{ + passABIArg(MoveOperand(reg), type); +} +void +MacroAssemblerCompat::passABIOutParam(Register reg) +{ + if (!enoughMemory_) + return; + MOZ_ASSERT(!usedOutParam_); + usedOutParam_ = true; + if (reg == r8) + return; + enoughMemory_ = moveResolver_.addMove(MoveOperand(reg), MoveOperand(r8), MoveOp::GENERAL); + +} + +void +MacroAssemblerCompat::callWithABIPre(uint32_t* stackAdjust) +{ + *stackAdjust = stackForCall_; + // ARM64 /really/ wants the stack to always be aligned. Since we're already tracking it + // getting it aligned for an abi call is pretty easy. + *stackAdjust += ComputeByteAlignment(*stackAdjust, StackAlignment); + asMasm().reserveStack(*stackAdjust); + { + moveResolver_.resolve(); + MoveEmitter emitter(asMasm()); + emitter.emit(moveResolver_); + emitter.finish(); + } + + // Call boundaries communicate stack via sp. + syncStackPtr(); +} + +void +MacroAssemblerCompat::callWithABIPost(uint32_t stackAdjust, MoveOp::Type result) +{ + // Call boundaries communicate stack via sp. + if (!GetStackPointer64().Is(sp)) + Mov(GetStackPointer64(), sp); + + inCall_ = false; + asMasm().freeStack(stackAdjust); + + // Restore the stack pointer from entry. + if (dynamicAlignment_) + Ldr(GetStackPointer64(), MemOperand(GetStackPointer64(), 0)); + + // Restore LR. + pop(lr); + + // TODO: This one shouldn't be necessary -- check that callers + // aren't enforcing the ABI themselves! + syncStackPtr(); + + // If the ABI's return regs are where ION is expecting them, then + // no other work needs to be done. +} + +#if defined(DEBUG) && defined(JS_ARM64_SIMULATOR) +static void +AssertValidABIFunctionType(uint32_t passedArgTypes) +{ + switch (passedArgTypes) { + case Args_General0: + case Args_General1: + case Args_General2: + case Args_General3: + case Args_General4: + case Args_General5: + case Args_General6: + case Args_General7: + case Args_General8: + case Args_Double_None: + case Args_Int_Double: + case Args_Float32_Float32: + case Args_Double_Double: + case Args_Double_Int: + case Args_Double_DoubleInt: + case Args_Double_DoubleDouble: + case Args_Double_DoubleDoubleDouble: + case Args_Double_DoubleDoubleDoubleDouble: + case Args_Double_IntDouble: + case Args_Int_IntDouble: + break; + default: + MOZ_CRASH("Unexpected type"); + } +} +#endif // DEBUG && JS_ARM64_SIMULATOR + +void +MacroAssemblerCompat::callWithABI(void* fun, MoveOp::Type result) +{ +#ifdef JS_ARM64_SIMULATOR + MOZ_ASSERT(passedIntArgs_ + passedFloatArgs_ <= 15); + passedArgTypes_ <<= ArgType_Shift; + switch (result) { + case MoveOp::GENERAL: passedArgTypes_ |= ArgType_General; break; + case MoveOp::DOUBLE: passedArgTypes_ |= ArgType_Double; break; + case MoveOp::FLOAT32: passedArgTypes_ |= ArgType_Float32; break; + default: MOZ_CRASH("Invalid return type"); + } +# ifdef DEBUG + AssertValidABIFunctionType(passedArgTypes_); +# endif + ABIFunctionType type = ABIFunctionType(passedArgTypes_); + fun = vixl::Simulator::RedirectNativeFunction(fun, type); +#endif // JS_ARM64_SIMULATOR + + uint32_t stackAdjust; + callWithABIPre(&stackAdjust); + call(ImmPtr(fun)); + callWithABIPost(stackAdjust, result); +} + +void +MacroAssemblerCompat::callWithABI(Register fun, MoveOp::Type result) +{ + movePtr(fun, ip0); + + uint32_t stackAdjust; + callWithABIPre(&stackAdjust); + call(ip0); + callWithABIPost(stackAdjust, result); +} + +void +MacroAssemblerCompat::callWithABI(AsmJSImmPtr imm, MoveOp::Type result) +{ + uint32_t stackAdjust; + callWithABIPre(&stackAdjust); + call(imm); + callWithABIPost(stackAdjust, result); +} + +void +MacroAssemblerCompat::callWithABI(Address fun, MoveOp::Type result) +{ + loadPtr(fun, ip0); + + uint32_t stackAdjust; + callWithABIPre(&stackAdjust); + call(ip0); + callWithABIPost(stackAdjust, result); +} + +void +MacroAssemblerCompat::branchPtrInNurseryRange(Condition cond, Register ptr, Register temp, + Label* label) +{ + MOZ_ASSERT(cond == Assembler::Equal || cond == Assembler::NotEqual); + MOZ_ASSERT(ptr != temp); + MOZ_ASSERT(ptr != ScratchReg && ptr != ScratchReg2); // Both may be used internally. + MOZ_ASSERT(temp != ScratchReg && temp != ScratchReg2); + + const Nursery& nursery = GetJitContext()->runtime->gcNursery(); + movePtr(ImmWord(-ptrdiff_t(nursery.start())), temp); + addPtr(ptr, temp); + branchPtr(cond == Assembler::Equal ? Assembler::Below : Assembler::AboveOrEqual, + temp, ImmWord(nursery.nurserySize()), label); +} + +void +MacroAssemblerCompat::branchValueIsNurseryObject(Condition cond, ValueOperand value, Register temp, + Label* label) +{ + MOZ_ASSERT(cond == Assembler::Equal || cond == Assembler::NotEqual); + MOZ_ASSERT(temp != ScratchReg && temp != ScratchReg2); // Both may be used internally. + + // 'Value' representing the start of the nursery tagged as a JSObject + const Nursery& nursery = GetJitContext()->runtime->gcNursery(); + Value start = ObjectValue(*reinterpret_cast(nursery.start())); + + movePtr(ImmWord(-ptrdiff_t(start.asRawBits())), temp); + addPtr(value.valueReg(), temp); + branchPtr(cond == Assembler::Equal ? Assembler::Below : Assembler::AboveOrEqual, + temp, ImmWord(nursery.nurserySize()), label); +} + +void +MacroAssemblerCompat::callAndPushReturnAddress(Label* label) +{ + // FIXME: Jandem said he would refactor the code to avoid making + // this instruction required, but probably forgot about it. + // Instead of implementing this function, we should make it unnecessary. + Label ret; + { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + + Adr(scratch64, &ret); + asMasm().Push(scratch64.asUnsized()); + } + + Bl(label); + bind(&ret); +} + +void +MacroAssemblerCompat::breakpoint() +{ + static int code = 0xA77; + Brk((code++) & 0xffff); +} + +// =============================================================== +// Stack manipulation functions. + +void +MacroAssembler::reserveStack(uint32_t amount) +{ + // TODO: This bumps |sp| every time we reserve using a second register. + // It would save some instructions if we had a fixed frame size. + vixl::MacroAssembler::Claim(Operand(amount)); + adjustFrame(amount); +} + +void +MacroAssembler::PushRegsInMask(LiveRegisterSet set) +{ + for (GeneralRegisterBackwardIterator iter(set.gprs()); iter.more(); ) { + vixl::CPURegister src[4] = { vixl::NoCPUReg, vixl::NoCPUReg, vixl::NoCPUReg, vixl::NoCPUReg }; + + for (size_t i = 0; i < 4 && iter.more(); i++) { + src[i] = ARMRegister(*iter, 64); + ++iter; + adjustFrame(8); + } + vixl::MacroAssembler::Push(src[0], src[1], src[2], src[3]); + } + + for (FloatRegisterBackwardIterator iter(set.fpus().reduceSetForPush()); iter.more(); ) { + vixl::CPURegister src[4] = { vixl::NoCPUReg, vixl::NoCPUReg, vixl::NoCPUReg, vixl::NoCPUReg }; + + for (size_t i = 0; i < 4 && iter.more(); i++) { + src[i] = ARMFPRegister(*iter, 64); + ++iter; + adjustFrame(8); + } + vixl::MacroAssembler::Push(src[0], src[1], src[2], src[3]); + } +} + +void +MacroAssembler::PopRegsInMaskIgnore(LiveRegisterSet set, LiveRegisterSet ignore) +{ + // The offset of the data from the stack pointer. + uint32_t offset = 0; + + for (FloatRegisterIterator iter(set.fpus().reduceSetForPush()); iter.more(); ) { + vixl::CPURegister dest[2] = { vixl::NoCPUReg, vixl::NoCPUReg }; + uint32_t nextOffset = offset; + + for (size_t i = 0; i < 2 && iter.more(); i++) { + if (!ignore.has(*iter)) + dest[i] = ARMFPRegister(*iter, 64); + ++iter; + nextOffset += sizeof(double); + } + + if (!dest[0].IsNone() && !dest[1].IsNone()) + Ldp(dest[0], dest[1], MemOperand(GetStackPointer64(), offset)); + else if (!dest[0].IsNone()) + Ldr(dest[0], MemOperand(GetStackPointer64(), offset)); + else if (!dest[1].IsNone()) + Ldr(dest[1], MemOperand(GetStackPointer64(), offset + sizeof(double))); + + offset = nextOffset; + } + + MOZ_ASSERT(offset == set.fpus().getPushSizeInBytes()); + + for (GeneralRegisterIterator iter(set.gprs()); iter.more(); ) { + vixl::CPURegister dest[2] = { vixl::NoCPUReg, vixl::NoCPUReg }; + uint32_t nextOffset = offset; + + for (size_t i = 0; i < 2 && iter.more(); i++) { + if (!ignore.has(*iter)) + dest[i] = ARMRegister(*iter, 64); + ++iter; + nextOffset += sizeof(uint64_t); + } + + if (!dest[0].IsNone() && !dest[1].IsNone()) + Ldp(dest[0], dest[1], MemOperand(GetStackPointer64(), offset)); + else if (!dest[0].IsNone()) + Ldr(dest[0], MemOperand(GetStackPointer64(), offset)); + else if (!dest[1].IsNone()) + Ldr(dest[1], MemOperand(GetStackPointer64(), offset + sizeof(uint64_t))); + + offset = nextOffset; + } + + size_t bytesPushed = set.gprs().size() * sizeof(uint64_t) + set.fpus().getPushSizeInBytes(); + MOZ_ASSERT(offset == bytesPushed); + freeStack(bytesPushed); +} + +void +MacroAssembler::Push(Register reg) +{ + push(reg); + adjustFrame(sizeof(intptr_t)); +} + +void +MacroAssembler::Push(const Imm32 imm) +{ + push(imm); + adjustFrame(sizeof(intptr_t)); +} + +void +MacroAssembler::Push(const ImmWord imm) +{ + push(imm); + adjustFrame(sizeof(intptr_t)); +} + +void +MacroAssembler::Push(const ImmPtr imm) +{ + push(imm); + adjustFrame(sizeof(intptr_t)); +} + +void +MacroAssembler::Push(const ImmGCPtr ptr) +{ + push(ptr); + adjustFrame(sizeof(intptr_t)); +} + +void +MacroAssembler::Push(FloatRegister f) +{ + push(f); + adjustFrame(sizeof(double)); +} + +void +MacroAssembler::Pop(const Register reg) +{ + pop(reg); + adjustFrame(-1 * int64_t(sizeof(int64_t))); +} + +void +MacroAssembler::Pop(const ValueOperand& val) +{ + pop(val); + adjustFrame(-1 * int64_t(sizeof(int64_t))); +} + +} // namespace jit +} // namespace js diff --git a/js/src/jit/arm64/MacroAssembler-arm64.h b/js/src/jit/arm64/MacroAssembler-arm64.h new file mode 100644 index 00000000000..b7f1c2301cc --- /dev/null +++ b/js/src/jit/arm64/MacroAssembler-arm64.h @@ -0,0 +1,3317 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- + * vim: set ts=8 sts=4 et sw=4 tw=99: + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef jit_arm64_MacroAssembler_arm64_h +#define jit_arm64_MacroAssembler_arm64_h + +#include "jit/arm64/Assembler-arm64.h" +#include "jit/arm64/vixl/Debugger-vixl.h" +#include "jit/arm64/vixl/MacroAssembler-vixl.h" + +#include "jit/AtomicOp.h" +#include "jit/JitFrames.h" +#include "jit/MoveResolver.h" + +namespace js { +namespace jit { + +// Import VIXL operands directly into the jit namespace for shared code. +using vixl::Operand; +using vixl::MemOperand; + +struct ImmShiftedTag : public ImmWord +{ + ImmShiftedTag(JSValueShiftedTag shtag) + : ImmWord((uintptr_t)shtag) + { } + + ImmShiftedTag(JSValueType type) + : ImmWord(uintptr_t(JSValueShiftedTag(JSVAL_TYPE_TO_SHIFTED_TAG(type)))) + { } +}; + +struct ImmTag : public Imm32 +{ + ImmTag(JSValueTag tag) + : Imm32(tag) + { } +}; + +class MacroAssemblerCompat : public vixl::MacroAssembler +{ + public: + typedef vixl::Condition Condition; + + private: + // Perform a downcast. Should be removed by Bug 996602. + js::jit::MacroAssembler& asMasm(); + const js::jit::MacroAssembler& asMasm() const; + + public: + // Restrict to only VIXL-internal functions. + vixl::MacroAssembler& asVIXL(); + const MacroAssembler& asVIXL() const; + + protected: + bool enoughMemory_; + uint32_t framePushed_; + + // TODO: Can this be moved out of the MacroAssembler and into some shared code? + // TODO: All the code seems to be arch-independent, and it's weird to have this here. + bool inCall_; + bool usedOutParam_; + uint32_t args_; + uint32_t passedIntArgs_; + uint32_t passedFloatArgs_; + uint32_t passedArgTypes_; + uint32_t stackForCall_; + bool dynamicAlignment_; + + MacroAssemblerCompat() + : vixl::MacroAssembler(), + enoughMemory_(true), + framePushed_(0), + inCall_(false), + usedOutParam_(false), + args_(0), + passedIntArgs_(0), + passedFloatArgs_(0), + passedArgTypes_(0), + stackForCall_(0), + dynamicAlignment_(false) + { } + + protected: + MoveResolver moveResolver_; + + public: + bool oom() const { + return Assembler::oom() || !enoughMemory_; + } + static MemOperand toMemOperand(Address& a) { + return MemOperand(ARMRegister(a.base, 64), a.offset); + } + void doBaseIndex(const vixl::CPURegister& rt, const BaseIndex& addr, vixl::LoadStoreOp op) { + const ARMRegister base = ARMRegister(addr.base, 64); + const ARMRegister index = ARMRegister(addr.index, 64); + const unsigned scale = addr.scale; + + if (!addr.offset && (!scale || scale == static_cast(CalcLSDataSize(op)))) { + LoadStoreMacro(rt, MemOperand(base, index, vixl::LSL, scale), op); + return; + } + + vixl::UseScratchRegisterScope temps(this); + ARMRegister scratch64 = temps.AcquireX(); + MOZ_ASSERT(!scratch64.Is(rt)); + MOZ_ASSERT(!scratch64.Is(base)); + MOZ_ASSERT(!scratch64.Is(index)); + + Add(scratch64, base, Operand(index, vixl::LSL, scale)); + LoadStoreMacro(rt, MemOperand(scratch64, addr.offset), op); + } + void Push(ARMRegister reg) { + push(reg); + adjustFrame(reg.size() / 8); + } + void Push(Register reg) { + vixl::MacroAssembler::Push(ARMRegister(reg, 64)); + adjustFrame(8); + } + void Push(Imm32 imm) { + push(imm); + adjustFrame(8); + } + void Push(FloatRegister f) { + push(ARMFPRegister(f, 64)); + adjustFrame(8); + } + void Push(ImmPtr imm) { + push(imm); + adjustFrame(sizeof(void*)); + } + void push(FloatRegister f) { + vixl::MacroAssembler::Push(ARMFPRegister(f, 64)); + } + void push(ARMFPRegister f) { + vixl::MacroAssembler::Push(f); + } + void push(Imm32 imm) { + if (imm.value == 0) { + vixl::MacroAssembler::Push(vixl::xzr); + } else { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + move32(imm, scratch64.asUnsized()); + vixl::MacroAssembler::Push(scratch64); + } + } + void push(ImmWord imm) { + if (imm.value == 0) { + vixl::MacroAssembler::Push(vixl::xzr); + } else { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + Mov(scratch64, imm.value); + vixl::MacroAssembler::Push(scratch64); + } + } + void push(ImmPtr imm) { + if (imm.value == nullptr) { + vixl::MacroAssembler::Push(vixl::xzr); + } else { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + movePtr(imm, scratch64.asUnsized()); + vixl::MacroAssembler::Push(scratch64); + } + } + void push(ImmGCPtr imm) { + if (imm.value == nullptr) { + vixl::MacroAssembler::Push(vixl::xzr); + } else { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + movePtr(imm, scratch64.asUnsized()); + vixl::MacroAssembler::Push(scratch64); + } + } + void push(ImmMaybeNurseryPtr imm) { + push(noteMaybeNurseryPtr(imm)); + } + void push(ARMRegister reg) { + vixl::MacroAssembler::Push(reg); + } + void push(Address a) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + MOZ_ASSERT(a.base != scratch64.asUnsized()); + loadPtr(a, scratch64.asUnsized()); + vixl::MacroAssembler::Push(scratch64); + } + + // Push registers. + void push(Register reg) { + vixl::MacroAssembler::Push(ARMRegister(reg, 64)); + } + void push(Register r0, Register r1) { + vixl::MacroAssembler::Push(ARMRegister(r0, 64), ARMRegister(r1, 64)); + } + void push(Register r0, Register r1, Register r2) { + vixl::MacroAssembler::Push(ARMRegister(r0, 64), ARMRegister(r1, 64), ARMRegister(r2, 64)); + } + void push(Register r0, Register r1, Register r2, Register r3) { + vixl::MacroAssembler::Push(ARMRegister(r0, 64), ARMRegister(r1, 64), + ARMRegister(r2, 64), ARMRegister(r3, 64)); + } + void push(ARMFPRegister r0, ARMFPRegister r1, ARMFPRegister r2, ARMFPRegister r3) { + vixl::MacroAssembler::Push(r0, r1, r2, r3); + } + + // Pop registers. + void pop(Register reg) { + vixl::MacroAssembler::Pop(ARMRegister(reg, 64)); + } + void pop(Register r0, Register r1) { + vixl::MacroAssembler::Pop(ARMRegister(r0, 64), ARMRegister(r1, 64)); + } + void pop(Register r0, Register r1, Register r2) { + vixl::MacroAssembler::Pop(ARMRegister(r0, 64), ARMRegister(r1, 64), ARMRegister(r2, 64)); + } + void pop(Register r0, Register r1, Register r2, Register r3) { + vixl::MacroAssembler::Pop(ARMRegister(r0, 64), ARMRegister(r1, 64), + ARMRegister(r2, 64), ARMRegister(r3, 64)); + } + void pop(ARMFPRegister r0, ARMFPRegister r1, ARMFPRegister r2, ARMFPRegister r3) { + vixl::MacroAssembler::Pop(r0, r1, r2, r3); + } + + void pushReturnAddress() { + push(lr); + } + void pop(const ValueOperand& v) { + pop(v.valueReg()); + } + void pop(const FloatRegister& f) { + vixl::MacroAssembler::Pop(ARMRegister(f.code(), 64)); + } + + void implicitPop(uint32_t args) { + MOZ_ASSERT(args % sizeof(intptr_t) == 0); + adjustFrame(-args); + } + void Pop(ARMRegister r) { + vixl::MacroAssembler::Pop(r); + adjustFrame(- r.size() / 8); + } + // FIXME: This is the same on every arch. + // FIXME: If we can share framePushed_, we can share this. + // FIXME: Or just make it at the highest level. + CodeOffsetLabel PushWithPatch(ImmWord word) { + framePushed_ += sizeof(word.value); + return pushWithPatch(word); + } + CodeOffsetLabel PushWithPatch(ImmPtr ptr) { + return PushWithPatch(ImmWord(uintptr_t(ptr.value))); + } + + uint32_t framePushed() const { + return framePushed_; + } + void adjustFrame(int32_t diff) { + setFramePushed(framePushed_ + diff); + } + + void setFramePushed(uint32_t framePushed) { + framePushed_ = framePushed; + } + + void freeStack(Register amount) { + vixl::MacroAssembler::Drop(Operand(ARMRegister(amount, 64))); + } + + // Update sp with the value of the current active stack pointer, if necessary. + void syncStackPtr() { + if (!GetStackPointer64().Is(vixl::sp)) + Mov(vixl::sp, GetStackPointer64()); + } + void initStackPtr() { + if (!GetStackPointer64().Is(vixl::sp)) + Mov(GetStackPointer64(), vixl::sp); + } + void storeValue(ValueOperand val, const Address& dest) { + storePtr(val.valueReg(), dest); + } + + template + void storeValue(JSValueType type, Register reg, const T& dest) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != reg); + tagValue(type, reg, ValueOperand(scratch)); + storeValue(ValueOperand(scratch), dest); + } + template + void storeValue(const Value& val, const T& dest) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + moveValue(val, ValueOperand(scratch)); + storeValue(ValueOperand(scratch), dest); + } + void storeValue(ValueOperand val, BaseIndex dest) { + storePtr(val.valueReg(), dest); + } + + template + void storeUnboxedValue(ConstantOrRegister value, MIRType valueType, const T& dest, MIRType slotType) { + if (valueType == MIRType_Double) { + storeDouble(value.reg().typedReg().fpu(), dest); + return; + } + + // For known integers and booleans, we can just store the unboxed value if + // the slot has the same type. + if ((valueType == MIRType_Int32 || valueType == MIRType_Boolean) && slotType == valueType) { + if (value.constant()) { + Value val = value.value(); + if (valueType == MIRType_Int32) + store32(Imm32(val.toInt32()), dest); + else + store32(Imm32(val.toBoolean() ? 1 : 0), dest); + } else { + store32(value.reg().typedReg().gpr(), dest); + } + return; + } + + if (value.constant()) + storeValue(value.value(), dest); + else + storeValue(ValueTypeFromMIRType(valueType), value.reg().typedReg().gpr(), dest); + + } + void loadValue(Address src, Register val) { + Ldr(ARMRegister(val, 64), MemOperand(src)); + } + void loadValue(Address src, ValueOperand val) { + Ldr(ARMRegister(val.valueReg(), 64), MemOperand(src)); + } + void loadValue(const BaseIndex& src, ValueOperand val) { + doBaseIndex(ARMRegister(val.valueReg(), 64), src, vixl::LDR_x); + } + void tagValue(JSValueType type, Register payload, ValueOperand dest) { + // This could be cleverer, but the first attempt had bugs. + Orr(ARMRegister(dest.valueReg(), 64), ARMRegister(payload, 64), Operand(ImmShiftedTag(type).value)); + } + void pushValue(ValueOperand val) { + vixl::MacroAssembler::Push(ARMRegister(val.valueReg(), 64)); + } + void popValue(ValueOperand val) { + vixl::MacroAssembler::Pop(ARMRegister(val.valueReg(), 64)); + } + void pushValue(const Value& val) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + jsval_layout jv = JSVAL_TO_IMPL(val); + if (val.isMarkable()) { + BufferOffset load = movePatchablePtr(ImmPtr((void*)jv.asBits), scratch); + writeDataRelocation(val, load); + push(scratch); + } else { + moveValue(val, scratch); + push(scratch); + } + } + void pushValue(JSValueType type, Register reg) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != reg); + tagValue(type, reg, ValueOperand(scratch)); + push(scratch); + } + void pushValue(const Address& addr) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != addr.base); + loadValue(addr, scratch); + push(scratch); + } + template + void storeUnboxedPayload(ValueOperand value, T address, size_t nbytes) { + switch (nbytes) { + case 8: { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + unboxNonDouble(value, scratch); + storePtr(scratch, address); + return; + } + case 4: + storePtr(value.valueReg(), address); + return; + case 1: + store8(value.valueReg(), address); + return; + default: MOZ_CRASH("Bad payload width"); + } + } + void moveValue(const Value& val, Register dest) { + if (val.isMarkable()) { + BufferOffset load = movePatchablePtr(ImmPtr((void*)val.asRawBits()), dest); + writeDataRelocation(val, load); + } else { + movePtr(ImmWord(val.asRawBits()), dest); + } + } + void moveValue(const Value& src, const ValueOperand& dest) { + moveValue(src, dest.valueReg()); + } + void moveValue(const ValueOperand& src, const ValueOperand& dest) { + if (src.valueReg() != dest.valueReg()) + movePtr(src.valueReg(), dest.valueReg()); + } + + CodeOffsetLabel pushWithPatch(ImmWord imm) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + CodeOffsetLabel label = movWithPatch(imm, scratch); + push(scratch); + return label; + } + + CodeOffsetLabel movWithPatch(ImmWord imm, Register dest) { + BufferOffset off = immPool64(ARMRegister(dest, 64), imm.value); + return CodeOffsetLabel(off.getOffset()); + } + CodeOffsetLabel movWithPatch(ImmPtr imm, Register dest) { + BufferOffset off = immPool64(ARMRegister(dest, 64), uint64_t(imm.value)); + return CodeOffsetLabel(off.getOffset()); + } + + void boxValue(JSValueType type, Register src, Register dest) { + Orr(ARMRegister(dest, 64), ARMRegister(src, 64), Operand(ImmShiftedTag(type).value)); + } + void splitTag(Register src, Register dest) { + ubfx(ARMRegister(dest, 64), ARMRegister(src, 64), JSVAL_TAG_SHIFT, (64 - JSVAL_TAG_SHIFT)); + } + Register extractTag(const Address& address, Register scratch) { + loadPtr(address, scratch); + splitTag(scratch, scratch); + return scratch; + } + Register extractTag(const ValueOperand& value, Register scratch) { + splitTag(value.valueReg(), scratch); + return scratch; + } + Register extractObject(const Address& address, Register scratch) { + loadPtr(address, scratch); + unboxObject(scratch, scratch); + return scratch; + } + Register extractObject(const ValueOperand& value, Register scratch) { + unboxObject(value, scratch); + return scratch; + } + Register extractInt32(const ValueOperand& value, Register scratch) { + unboxInt32(value, scratch); + return scratch; + } + Register extractBoolean(const ValueOperand& value, Register scratch) { + unboxBoolean(value, scratch); + return scratch; + } + + // If source is a double, load into dest. + // If source is int32, convert to double and store in dest. + // Else, branch to failure. + void ensureDouble(const ValueOperand& source, FloatRegister dest, Label* failure) { + Label isDouble, done; + + // TODO: splitTagForTest really should not leak a scratch register. + Register tag = splitTagForTest(source); + { + vixl::UseScratchRegisterScope temps(this); + temps.Exclude(ARMRegister(tag, 64)); + + branchTestDouble(Assembler::Equal, tag, &isDouble); + branchTestInt32(Assembler::NotEqual, tag, failure); + } + + convertInt32ToDouble(source.valueReg(), dest); + jump(&done); + + bind(&isDouble); + unboxDouble(source, dest); + + bind(&done); + } + + void emitSet(Condition cond, Register dest) { + Cset(ARMRegister(dest, 64), cond); + } + + template + void cmpPtrSet(Condition cond, T1 lhs, T2 rhs, Register dest) { + cmpPtr(lhs, rhs); + emitSet(cond, dest); + } + + template + void cmp32Set(Condition cond, T1 lhs, T2 rhs, Register dest) { + cmp32(lhs, rhs); + emitSet(cond, dest); + } + + void testNullSet(Condition cond, const ValueOperand& value, Register dest) { + cond = testNull(cond, value); + emitSet(cond, dest); + } + void testObjectSet(Condition cond, const ValueOperand& value, Register dest) { + cond = testObject(cond, value); + emitSet(cond, dest); + } + void testUndefinedSet(Condition cond, const ValueOperand& value, Register dest) { + cond = testUndefined(cond, value); + emitSet(cond, dest); + } + + void convertBoolToInt32(Register source, Register dest) { + Uxtb(ARMRegister(dest, 64), ARMRegister(source, 64)); + } + + void convertInt32ToDouble(Register src, FloatRegister dest) { + Scvtf(ARMFPRegister(dest, 64), ARMRegister(src, 32)); // Uses FPCR rounding mode. + } + void convertInt32ToDouble(const Address& src, FloatRegister dest) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != src.base); + load32(src, scratch); + convertInt32ToDouble(scratch, dest); + } + void convertInt32ToDouble(const BaseIndex& src, FloatRegister dest) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != src.base); + MOZ_ASSERT(scratch != src.index); + load32(src, scratch); + convertInt32ToDouble(scratch, dest); + } + + void convertInt32ToFloat32(Register src, FloatRegister dest) { + Scvtf(ARMFPRegister(dest, 32), ARMRegister(src, 32)); // Uses FPCR rounding mode. + } + void convertInt32ToFloat32(const Address& src, FloatRegister dest) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != src.base); + load32(src, scratch); + convertInt32ToFloat32(scratch, dest); + } + + void convertUInt32ToDouble(Register src, FloatRegister dest) { + Ucvtf(ARMFPRegister(dest, 64), ARMRegister(src, 32)); // Uses FPCR rounding mode. + } + void convertUInt32ToDouble(const Address& src, FloatRegister dest) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != src.base); + load32(src, scratch); + convertUInt32ToDouble(scratch, dest); + } + + void convertUInt32ToFloat32(Register src, FloatRegister dest) { + Ucvtf(ARMFPRegister(dest, 32), ARMRegister(src, 32)); // Uses FPCR rounding mode. + } + void convertUInt32ToFloat32(const Address& src, FloatRegister dest) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != src.base); + load32(src, scratch); + convertUInt32ToFloat32(scratch, dest); + } + + void convertFloat32ToDouble(FloatRegister src, FloatRegister dest) { + Fcvt(ARMFPRegister(dest, 64), ARMFPRegister(src, 32)); + } + void convertDoubleToFloat32(FloatRegister src, FloatRegister dest) { + Fcvt(ARMFPRegister(dest, 32), ARMFPRegister(src, 64)); + } + + void branchTruncateDouble(FloatRegister src, Register dest, Label* fail) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + + // An out of range integer will be saturated to the destination size. + ARMFPRegister src64(src, 64); + ARMRegister dest64(dest, 64); + + MOZ_ASSERT(!scratch64.Is(dest64)); + + //breakpoint(); + Fcvtzs(dest64, src64); + Add(scratch64, dest64, Operand(0x7fffffffffffffff)); + Cmn(scratch64, 3); + B(fail, Assembler::Above); + And(dest64, dest64, Operand(0xffffffff)); + } + void convertDoubleToInt32(FloatRegister src, Register dest, Label* fail, + bool negativeZeroCheck = true) + { + vixl::UseScratchRegisterScope temps(this); + const ARMFPRegister scratch64 = temps.AcquireD(); + + ARMFPRegister fsrc(src, 64); + ARMRegister dest32(dest, 32); + ARMRegister dest64(dest, 64); + + MOZ_ASSERT(!scratch64.Is(fsrc)); + + Fcvtzs(dest32, fsrc); // Convert, rounding toward zero. + Scvtf(scratch64, dest32); // Convert back, using FPCR rounding mode. + Fcmp(scratch64, fsrc); + B(fail, Assembler::NotEqual); + + if (negativeZeroCheck) { + Label nonzero; + Cbnz(dest32, &nonzero); + Fmov(dest64, fsrc); + Cbnz(dest64, fail); + bind(&nonzero); + } + } + void convertFloat32ToInt32(FloatRegister src, Register dest, Label* fail, + bool negativeZeroCheck = true) + { + vixl::UseScratchRegisterScope temps(this); + const ARMFPRegister scratch32 = temps.AcquireS(); + + ARMFPRegister fsrc(src, 32); + ARMRegister dest32(dest, 32); + ARMRegister dest64(dest, 64); + + MOZ_ASSERT(!scratch32.Is(fsrc)); + + Fcvtzs(dest64, fsrc); // Convert, rounding toward zero. + Scvtf(scratch32, dest32); // Convert back, using FPCR rounding mode. + Fcmp(scratch32, fsrc); + B(fail, Assembler::NotEqual); + + if (negativeZeroCheck) { + Label nonzero; + Cbnz(dest32, &nonzero); + Fmov(dest32, fsrc); + Cbnz(dest32, fail); + bind(&nonzero); + } + And(dest64, dest64, Operand(0xffffffff)); + } + + void branchTruncateFloat32(FloatRegister src, Register dest, Label* fail) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + + ARMFPRegister src32(src, 32); + ARMRegister dest64(dest, 64); + + MOZ_ASSERT(!scratch64.Is(dest64)); + + Fcvtzs(dest64, src32); + Add(scratch64, dest64, Operand(0x7fffffffffffffff)); + Cmn(scratch64, 3); + B(fail, Assembler::Above); + And(dest64, dest64, Operand(0xffffffff)); + } + void floor(FloatRegister input, Register output, Label* bail) { + Label handleZero; + //Label handleNeg; + Label fin; + ARMFPRegister iDbl(input, 64); + ARMRegister o64(output, 64); + ARMRegister o32(output, 32); + Fcmp(iDbl, 0.0); + B(Assembler::Equal, &handleZero); + //B(Assembler::Signed, &handleNeg); + // NaN is always a bail condition, just bail directly. + B(Assembler::Overflow, bail); + Fcvtms(o64, iDbl); + Cmp(o64, Operand(o64, vixl::SXTW)); + B(NotEqual, bail); + Mov(o32, o32); + B(&fin); + + bind(&handleZero); + // Move the top word of the double into the output reg, if it is non-zero, + // then the original value was -0.0. + Fmov(o64, iDbl); + Cbnz(o64, bail); + bind(&fin); + } + + void floorf(FloatRegister input, Register output, Label* bail) { + Label handleZero; + //Label handleNeg; + Label fin; + ARMFPRegister iFlt(input, 32); + ARMRegister o64(output, 64); + ARMRegister o32(output, 32); + Fcmp(iFlt, 0.0); + B(Assembler::Equal, &handleZero); + //B(Assembler::Signed, &handleNeg); + // NaN is always a bail condition, just bail directly. + B(Assembler::Overflow, bail); + Fcvtms(o64, iFlt); + Cmp(o64, Operand(o64, vixl::SXTW)); + B(NotEqual, bail); + Mov(o32, o32); + B(&fin); + + bind(&handleZero); + // Move the top word of the double into the output reg, if it is non-zero, + // then the original value was -0.0. + Fmov(o32, iFlt); + Cbnz(o32, bail); + bind(&fin); + } + + void ceil(FloatRegister input, Register output, Label* bail) { + Label handleZero; + Label fin; + ARMFPRegister iDbl(input, 64); + ARMRegister o64(output, 64); + ARMRegister o32(output, 32); + Fcmp(iDbl, 0.0); + B(Assembler::Overflow, bail); + Fcvtps(o64, iDbl); + Cmp(o64, Operand(o64, vixl::SXTW)); + B(NotEqual, bail); + Cbz(o64, &handleZero); + Mov(o32, o32); + B(&fin); + + bind(&handleZero); + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch = temps.AcquireX(); + Fmov(scratch, iDbl); + Cbnz(scratch, bail); + bind(&fin); + } + + void ceilf(FloatRegister input, Register output, Label* bail) { + Label handleZero; + Label fin; + ARMFPRegister iFlt(input, 32); + ARMRegister o64(output, 64); + ARMRegister o32(output, 32); + Fcmp(iFlt, 0.0); + + // NaN is always a bail condition, just bail directly. + B(Assembler::Overflow, bail); + Fcvtps(o64, iFlt); + Cmp(o64, Operand(o64, vixl::SXTW)); + B(NotEqual, bail); + Cbz(o64, &handleZero); + Mov(o32, o32); + B(&fin); + + bind(&handleZero); + // Move the top word of the double into the output reg, if it is non-zero, + // then the original value was -0.0. + Fmov(o32, iFlt); + Cbnz(o32, bail); + bind(&fin); + } + + void jump(Label* label) { + B(label); + } + void jump(JitCode* code) { + branch(code); + } + void jump(RepatchLabel* label) { + MOZ_CRASH("jump (repatchlabel)"); + } + void jump(Register reg) { + Br(ARMRegister(reg, 64)); + } + void jump(const Address& addr) { + loadPtr(addr, ip0); + Br(vixl::ip0); + } + + void align(int alignment) { + armbuffer_.align(alignment); + } + + void haltingAlign(int alignment) { + // TODO: Implement a proper halting align. + // ARM doesn't have one either. + armbuffer_.align(alignment); + } + + void movePtr(Register src, Register dest) { + Mov(ARMRegister(dest, 64), ARMRegister(src, 64)); + } + void movePtr(ImmWord imm, Register dest) { + Mov(ARMRegister(dest, 64), int64_t(imm.value)); + } + void movePtr(ImmPtr imm, Register dest) { + Mov(ARMRegister(dest, 64), int64_t(imm.value)); + } + void movePtr(AsmJSImmPtr imm, Register dest) { + BufferOffset off = movePatchablePtr(ImmWord(0xffffffffffffffffULL), dest); + append(AsmJSAbsoluteLink(CodeOffsetLabel(off.getOffset()), imm.kind())); + } + void movePtr(ImmGCPtr imm, Register dest) { + BufferOffset load = movePatchablePtr(ImmPtr(imm.value), dest); + writeDataRelocation(imm, load); + } + void movePtr(ImmMaybeNurseryPtr imm, Register dest) { + movePtr(noteMaybeNurseryPtr(imm), dest); + } + + void mov(ImmWord imm, Register dest) { + movePtr(imm, dest); + } + + void move32(Imm32 imm, Register dest) { + Mov(ARMRegister(dest, 32), (int64_t)imm.value); + } + void move32(Register src, Register dest) { + Mov(ARMRegister(dest, 32), ARMRegister(src, 32)); + } + + // Move a pointer using a literal pool, so that the pointer + // may be easily patched or traced. + // Returns the BufferOffset of the load instruction emitted. + BufferOffset movePatchablePtr(ImmWord ptr, Register dest); + BufferOffset movePatchablePtr(ImmPtr ptr, Register dest); + + void not32(Register reg) { + Orn(ARMRegister(reg, 32), vixl::wzr, ARMRegister(reg, 32)); + } + void neg32(Register reg) { + Negs(ARMRegister(reg, 32), Operand(ARMRegister(reg, 32))); + } + + void loadPtr(AsmJSAbsoluteAddress address, Register dest) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch = temps.AcquireX(); + movePtr(AsmJSImmPtr(address.kind()), scratch.asUnsized()); + Ldr(ARMRegister(dest, 64), MemOperand(scratch)); + } + void loadPtr(AbsoluteAddress address, Register dest) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch = temps.AcquireX(); + movePtr(ImmWord((uintptr_t)address.addr), scratch.asUnsized()); + Ldr(ARMRegister(dest, 64), MemOperand(scratch)); + } + void loadPtr(const Address& address, Register dest) { + Ldr(ARMRegister(dest, 64), MemOperand(address)); + } + void loadPtr(const BaseIndex& src, Register dest) { + Register base = src.base; + uint32_t scale = Imm32::ShiftOf(src.scale).value; + ARMRegister dest64(dest, 64); + ARMRegister index64(src.index, 64); + + if (src.offset) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch = temps.AcquireX(); + MOZ_ASSERT(!scratch.Is(ARMRegister(base, 64))); + MOZ_ASSERT(!scratch.Is(dest64)); + MOZ_ASSERT(!scratch.Is(index64)); + + Add(scratch, ARMRegister(base, 64), Operand(int64_t(src.offset))); + Ldr(dest64, MemOperand(scratch, index64, vixl::LSL, scale)); + return; + } + + Ldr(dest64, MemOperand(ARMRegister(base, 64), index64, vixl::LSL, scale)); + } + void loadPrivate(const Address& src, Register dest) { + loadPtr(src, dest); + lshiftPtr(Imm32(1), dest); + } + + void store8(Register src, const Address& address) { + Strb(ARMRegister(src, 32), MemOperand(ARMRegister(address.base, 64), address.offset)); + } + void store8(Imm32 imm, const Address& address) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch32 = temps.AcquireW(); + MOZ_ASSERT(scratch32.asUnsized() != address.base); + move32(imm, scratch32.asUnsized()); + Strb(scratch32, MemOperand(ARMRegister(address.base, 64), address.offset)); + } + void store8(Register src, const BaseIndex& address) { + doBaseIndex(ARMRegister(src, 32), address, vixl::STRB_w); + } + void store8(Imm32 imm, const BaseIndex& address) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch32 = temps.AcquireW(); + MOZ_ASSERT(scratch32.asUnsized() != address.base); + MOZ_ASSERT(scratch32.asUnsized() != address.index); + Mov(scratch32, Operand(imm.value)); + doBaseIndex(scratch32, address, vixl::STRB_w); + } + + void store16(Register src, const Address& address) { + Strh(ARMRegister(src, 32), MemOperand(ARMRegister(address.base, 64), address.offset)); + } + void store16(Imm32 imm, const Address& address) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch32 = temps.AcquireW(); + MOZ_ASSERT(scratch32.asUnsized() != address.base); + move32(imm, scratch32.asUnsized()); + Strh(scratch32, MemOperand(ARMRegister(address.base, 64), address.offset)); + } + void store16(Register src, const BaseIndex& address) { + doBaseIndex(ARMRegister(src, 32), address, vixl::STRH_w); + } + void store16(Imm32 imm, const BaseIndex& address) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch32 = temps.AcquireW(); + MOZ_ASSERT(scratch32.asUnsized() != address.base); + MOZ_ASSERT(scratch32.asUnsized() != address.index); + Mov(scratch32, Operand(imm.value)); + doBaseIndex(scratch32, address, vixl::STRH_w); + } + + void storePtr(ImmWord imm, const Address& address) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != address.base); + movePtr(imm, scratch); + storePtr(scratch, address); + } + void storePtr(ImmPtr imm, const Address& address) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + MOZ_ASSERT(scratch64.asUnsized() != address.base); + Mov(scratch64, uint64_t(imm.value)); + Str(scratch64, MemOperand(ARMRegister(address.base, 64), address.offset)); + } + void storePtr(ImmGCPtr imm, const Address& address) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != address.base); + movePtr(imm, scratch); + storePtr(scratch, address); + } + void storePtr(Register src, const Address& address) { + Str(ARMRegister(src, 64), MemOperand(ARMRegister(address.base, 64), address.offset)); + } + + void storePtr(ImmWord imm, const BaseIndex& address) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + MOZ_ASSERT(scratch64.asUnsized() != address.base); + MOZ_ASSERT(scratch64.asUnsized() != address.index); + Mov(scratch64, Operand(imm.value)); + doBaseIndex(scratch64, address, vixl::STR_x); + } + void storePtr(ImmGCPtr imm, const BaseIndex& address) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != address.base); + MOZ_ASSERT(scratch != address.index); + movePtr(imm, scratch); + doBaseIndex(ARMRegister(scratch, 64), address, vixl::STR_x); + } + void storePtr(Register src, const BaseIndex& address) { + doBaseIndex(ARMRegister(src, 64), address, vixl::STR_x); + } + + void storePtr(Register src, AbsoluteAddress address) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + Mov(scratch64, uint64_t(address.addr)); + Str(ARMRegister(src, 64), MemOperand(scratch64)); + } + + void store32(Register src, AbsoluteAddress address) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + Mov(scratch64, uint64_t(address.addr)); + Str(ARMRegister(src, 32), MemOperand(scratch64)); + } + void store32(Imm32 imm, const Address& address) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch32 = temps.AcquireW(); + MOZ_ASSERT(scratch32.asUnsized() != address.base); + Mov(scratch32, uint64_t(imm.value)); + Str(scratch32, MemOperand(ARMRegister(address.base, 64), address.offset)); + } + void store32(Register r, const Address& address) { + Str(ARMRegister(r, 32), MemOperand(ARMRegister(address.base, 64), address.offset)); + } + void store32(Imm32 imm, const BaseIndex& address) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch32 = temps.AcquireW(); + MOZ_ASSERT(scratch32.asUnsized() != address.base); + MOZ_ASSERT(scratch32.asUnsized() != address.index); + Mov(scratch32, imm.value); + doBaseIndex(scratch32, address, vixl::STR_w); + } + void store32(Register r, const BaseIndex& address) { + doBaseIndex(ARMRegister(r, 32), address, vixl::STR_w); + } + + void store32_NoSecondScratch(Imm32 imm, const Address& address) { + vixl::UseScratchRegisterScope temps(this); + temps.Exclude(ARMRegister(ScratchReg2, 32)); // Disallow ScratchReg2. + const ARMRegister scratch32 = temps.AcquireW(); + + MOZ_ASSERT(scratch32.asUnsized() != address.base); + Mov(scratch32, uint64_t(imm.value)); + Str(scratch32, MemOperand(ARMRegister(address.base, 64), address.offset)); + } + + // SIMD. + void loadInt32x1(const Address& addr, FloatRegister dest) { MOZ_CRASH("NYI"); } + void loadInt32x1(const BaseIndex& addr, FloatRegister dest) { MOZ_CRASH("NYI"); } + void loadInt32x2(const Address& addr, FloatRegister dest) { MOZ_CRASH("NYI"); } + void loadInt32x2(const BaseIndex& addr, FloatRegister dest) { MOZ_CRASH("NYI"); } + void loadInt32x3(const Address& src, FloatRegister dest) { MOZ_CRASH("NYI"); } + void loadInt32x3(const BaseIndex& src, FloatRegister dest) { MOZ_CRASH("NYI"); } + void storeInt32x1(FloatRegister src, const Address& dest) { MOZ_CRASH("NYI"); } + void storeInt32x1(FloatRegister src, const BaseIndex& dest) { MOZ_CRASH("NYI"); } + void storeInt32x2(FloatRegister src, const Address& dest) { MOZ_CRASH("NYI"); } + void storeInt32x2(FloatRegister src, const BaseIndex& dest) { MOZ_CRASH("NYI"); } + void storeInt32x3(FloatRegister src, const Address& dest) { MOZ_CRASH("NYI"); } + void storeInt32x3(FloatRegister src, const BaseIndex& dest) { MOZ_CRASH("NYI"); } + void loadAlignedInt32x4(const Address& addr, FloatRegister dest) { MOZ_CRASH("NYI"); } + void loadAlignedInt32x4(const BaseIndex& addr, FloatRegister dest) { MOZ_CRASH("NYI"); } + void storeAlignedInt32x4(FloatRegister src, const Address& addr) { MOZ_CRASH("NYI"); } + void storeAlignedInt32x4(FloatRegister src, const BaseIndex& addr) { MOZ_CRASH("NYI"); } + void loadUnalignedInt32x4(const Address& addr, FloatRegister dest) { MOZ_CRASH("NYI"); } + void loadUnalignedInt32x4(const BaseIndex& addr, FloatRegister dest) { MOZ_CRASH("NYI"); } + void storeUnalignedInt32x4(FloatRegister dest, const Address& addr) { MOZ_CRASH("NYI"); } + void storeUnalignedInt32x4(FloatRegister dest, const BaseIndex& addr) { MOZ_CRASH("NYI"); } + + void loadFloat32x3(const Address& src, FloatRegister dest) { MOZ_CRASH("NYI"); } + void loadFloat32x3(const BaseIndex& src, FloatRegister dest) { MOZ_CRASH("NYI"); } + void storeFloat32x3(FloatRegister src, const Address& dest) { MOZ_CRASH("NYI"); } + void storeFloat32x3(FloatRegister src, const BaseIndex& dest) { MOZ_CRASH("NYI"); } + void loadAlignedFloat32x4(const Address& addr, FloatRegister dest) { MOZ_CRASH("NYI"); } + void loadAlignedFloat32x4(const BaseIndex& addr, FloatRegister dest) { MOZ_CRASH("NYI"); } + void storeAlignedFloat32x4(FloatRegister src, const Address& addr) { MOZ_CRASH("NYI"); } + void storeAlignedFloat32x4(FloatRegister src, const BaseIndex& addr) { MOZ_CRASH("NYI"); } + void loadUnalignedFloat32x4(const Address& addr, FloatRegister dest) { MOZ_CRASH("NYI"); } + void loadUnalignedFloat32x4(const BaseIndex& addr, FloatRegister dest) { MOZ_CRASH("NYI"); } + void storeUnalignedFloat32x4(FloatRegister dest, const Address& addr) { MOZ_CRASH("NYI"); } + void storeUnalignedFloat32x4(FloatRegister dest, const BaseIndex& addr) { MOZ_CRASH("NYI"); } + + // StackPointer manipulation. + template + void addToStackPtr(T t) { addPtr(t, getStackPointer()); } + template + void addStackPtrTo(T t) { addPtr(getStackPointer(), t); } + + template + void subFromStackPtr(T t) { subPtr(t, getStackPointer()); syncStackPtr(); } + template + void subStackPtrFrom(T t) { subPtr(getStackPointer(), t); } + + template + void andToStackPtr(T t) { andPtr(t, getStackPointer()); syncStackPtr(); } + template + void andStackPtrTo(T t) { andPtr(getStackPointer(), t); } + + template + void moveToStackPtr(T t) { movePtr(t, getStackPointer()); syncStackPtr(); } + template + void moveStackPtrTo(T t) { movePtr(getStackPointer(), t); } + + template + void loadStackPtr(T t) { loadPtr(t, getStackPointer()); syncStackPtr(); } + template + void storeStackPtr(T t) { storePtr(getStackPointer(), t); } + + // StackPointer testing functions. + template + void branchTestStackPtr(Condition cond, T t, Label* label) { + branchTestPtr(cond, getStackPointer(), t, label); + } + template + void branchStackPtr(Condition cond, T rhs, Label* label) { + branchPtr(cond, getStackPointer(), rhs, label); + } + template + void branchStackPtrRhs(Condition cond, T lhs, Label* label) { + branchPtr(cond, lhs, getStackPointer(), label); + } + + void rshiftPtr(Imm32 imm, Register dest) { + Lsr(ARMRegister(dest, 64), ARMRegister(dest, 64), imm.value); + } + void rshiftPtr(Imm32 imm, Register src, Register dest) { + Lsr(ARMRegister(dest, 64), ARMRegister(src, 64), imm.value); + } + + void rshiftPtrArithmetic(Imm32 imm, Register dest) { + Asr(ARMRegister(dest, 64), ARMRegister(dest, 64), imm.value); + } + void lshiftPtr(Imm32 imm, Register dest) { + Lsl(ARMRegister(dest, 64), ARMRegister(dest, 64), imm.value); + } + void xorPtr(Imm32 imm, Register dest) { + Eor(ARMRegister(dest, 64), ARMRegister(dest, 64), Operand(imm.value)); + } + void xor32(Imm32 imm, Register dest) { + Eor(ARMRegister(dest, 32), ARMRegister(dest, 32), Operand(imm.value)); + } + + void xorPtr(Register src, Register dest) { + Eor(ARMRegister(dest, 64), ARMRegister(dest, 64), Operand(ARMRegister(src, 64))); + } + void orPtr(ImmWord imm, Register dest) { + Orr(ARMRegister(dest, 64), ARMRegister(dest, 64), Operand(imm.value)); + } + void orPtr(Imm32 imm, Register dest) { + Orr(ARMRegister(dest, 64), ARMRegister(dest, 64), Operand(imm.value)); + } + void orPtr(Register src, Register dest) { + Orr(ARMRegister(dest, 64), ARMRegister(dest, 64), Operand(ARMRegister(src, 64))); + } + void or32(Imm32 imm, Register dest) { + Orr(ARMRegister(dest, 32), ARMRegister(dest, 32), Operand(imm.value)); + } + void or32(Register src, Register dest) { + Orr(ARMRegister(dest, 32), ARMRegister(dest, 32), Operand(ARMRegister(src, 32))); + } + void or32(Imm32 imm, const Address& dest) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch32 = temps.AcquireW(); + MOZ_ASSERT(scratch32.asUnsized() != dest.base); + load32(dest, scratch32.asUnsized()); + Orr(scratch32, scratch32, Operand(imm.value)); + store32(scratch32.asUnsized(), dest); + } + void andPtr(Imm32 imm, Register dest) { + And(ARMRegister(dest, 64), ARMRegister(dest, 64), Operand(imm.value)); + } + void andPtr(Register src, Register dest) { + And(ARMRegister(dest, 64), ARMRegister(dest, 64), Operand(ARMRegister(src, 64))); + } + void and32(Imm32 imm, Register dest) { + And(ARMRegister(dest, 32), ARMRegister(dest, 32), Operand(imm.value)); + } + void and32(Imm32 imm, Register src, Register dest) { + And(ARMRegister(dest, 32), ARMRegister(src, 32), Operand(imm.value)); + } + + void and32(Register src, Register dest) { + And(ARMRegister(dest, 32), ARMRegister(dest, 32), Operand(ARMRegister(src, 32))); + } + void and32(Imm32 mask, Address dest) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch32 = temps.AcquireW(); + MOZ_ASSERT(scratch32.asUnsized() != dest.base); + load32(dest, scratch32.asUnsized()); + And(scratch32, scratch32, Operand(mask.value)); + store32(scratch32.asUnsized(), dest); + } + void and32(Address src, Register dest) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch32 = temps.AcquireW(); + MOZ_ASSERT(scratch32.asUnsized() != src.base); + load32(src, scratch32.asUnsized()); + And(ARMRegister(dest, 32), ARMRegister(dest, 32), Operand(scratch32)); + } + + void testPtr(Register lhs, Register rhs) { + Tst(ARMRegister(lhs, 64), Operand(ARMRegister(rhs, 64))); + } + void test32(Register lhs, Register rhs) { + Tst(ARMRegister(lhs, 32), Operand(ARMRegister(rhs, 32))); + } + void test32(const Address& addr, Imm32 imm) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch32 = temps.AcquireW(); + MOZ_ASSERT(scratch32.asUnsized() != addr.base); + load32(addr, scratch32.asUnsized()); + Tst(scratch32, Operand(imm.value)); + } + void test32(Register lhs, Imm32 rhs) { + Tst(ARMRegister(lhs, 32), Operand(rhs.value)); + } + void cmp32(Register lhs, Imm32 rhs) { + Cmp(ARMRegister(lhs, 32), Operand(rhs.value)); + } + void cmp32(Register a, Register b) { + Cmp(ARMRegister(a, 32), Operand(ARMRegister(b, 32))); + } + void cmp32(const Operand& lhs, Imm32 rhs) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch32 = temps.AcquireW(); + Mov(scratch32, lhs); + Cmp(scratch32, Operand(rhs.value)); + } + void cmp32(const Operand& lhs, Register rhs) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch32 = temps.AcquireW(); + Mov(scratch32, lhs); + Cmp(scratch32, Operand(ARMRegister(rhs, 32))); + } + + void cmpPtr(Register lhs, Imm32 rhs) { + Cmp(ARMRegister(lhs, 64), Operand(rhs.value)); + } + void cmpPtr(Register lhs, ImmWord rhs) { + Cmp(ARMRegister(lhs, 64), Operand(rhs.value)); + } + void cmpPtr(Register lhs, ImmPtr rhs) { + Cmp(ARMRegister(lhs, 64), Operand(uint64_t(rhs.value))); + } + void cmpPtr(Register lhs, Register rhs) { + Cmp(ARMRegister(lhs, 64), ARMRegister(rhs, 64)); + } + void cmpPtr(Register lhs, ImmGCPtr rhs) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != lhs); + movePtr(rhs, scratch); + cmpPtr(lhs, scratch); + } + void cmpPtr(Register lhs, ImmMaybeNurseryPtr rhs) { + cmpPtr(lhs, noteMaybeNurseryPtr(rhs)); + } + + void cmpPtr(const Address& lhs, Register rhs) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + MOZ_ASSERT(scratch64.asUnsized() != lhs.base); + MOZ_ASSERT(scratch64.asUnsized() != rhs); + Ldr(scratch64, MemOperand(ARMRegister(lhs.base, 64), lhs.offset)); + Cmp(scratch64, Operand(ARMRegister(rhs, 64))); + } + void cmpPtr(const Address& lhs, ImmWord rhs) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + MOZ_ASSERT(scratch64.asUnsized() != lhs.base); + Ldr(scratch64, MemOperand(ARMRegister(lhs.base, 64), lhs.offset)); + Cmp(scratch64, Operand(rhs.value)); + } + void cmpPtr(const Address& lhs, ImmPtr rhs) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + MOZ_ASSERT(scratch64.asUnsized() != lhs.base); + Ldr(scratch64, MemOperand(ARMRegister(lhs.base, 64), lhs.offset)); + Cmp(scratch64, Operand(uint64_t(rhs.value))); + } + void cmpPtr(const Address& lhs, ImmGCPtr rhs) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != lhs.base); + loadPtr(lhs, scratch); + cmpPtr(scratch, rhs); + } + + void loadDouble(const Address& src, FloatRegister dest) { + Ldr(ARMFPRegister(dest, 64), MemOperand(ARMRegister(src.base,64), src.offset)); + } + void loadDouble(const BaseIndex& src, FloatRegister dest) { + ARMRegister base(src.base, 64); + ARMRegister index(src.index, 64); + + if (src.offset == 0) { + Ldr(ARMFPRegister(dest, 64), MemOperand(base, index, vixl::LSL, unsigned(src.scale))); + return; + } + + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + MOZ_ASSERT(scratch64.asUnsized() != src.base); + MOZ_ASSERT(scratch64.asUnsized() != src.index); + + Add(scratch64, base, Operand(index, vixl::LSL, unsigned(src.scale))); + Ldr(ARMFPRegister(dest, 64), MemOperand(scratch64, src.offset)); + } + void loadFloatAsDouble(const Address& addr, FloatRegister dest) { + Ldr(ARMFPRegister(dest, 32), MemOperand(ARMRegister(addr.base,64), addr.offset)); + fcvt(ARMFPRegister(dest, 64), ARMFPRegister(dest, 32)); + } + void loadFloatAsDouble(const BaseIndex& src, FloatRegister dest) { + ARMRegister base(src.base, 64); + ARMRegister index(src.index, 64); + if (src.offset == 0) { + Ldr(ARMFPRegister(dest, 32), MemOperand(base, index, vixl::LSL, unsigned(src.scale))); + } else { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + MOZ_ASSERT(scratch64.asUnsized() != src.base); + MOZ_ASSERT(scratch64.asUnsized() != src.index); + + Add(scratch64, base, Operand(index, vixl::LSL, unsigned(src.scale))); + Ldr(ARMFPRegister(dest, 32), MemOperand(scratch64, src.offset)); + } + fcvt(ARMFPRegister(dest, 64), ARMFPRegister(dest, 32)); + } + + void loadFloat32(const Address& addr, FloatRegister dest) { + Ldr(ARMFPRegister(dest, 32), MemOperand(ARMRegister(addr.base,64), addr.offset)); + } + void loadFloat32(const BaseIndex& src, FloatRegister dest) { + ARMRegister base(src.base, 64); + ARMRegister index(src.index, 64); + if (src.offset == 0) { + Ldr(ARMFPRegister(dest, 32), MemOperand(base, index, vixl::LSL, unsigned(src.scale))); + } else { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + MOZ_ASSERT(scratch64.asUnsized() != src.base); + MOZ_ASSERT(scratch64.asUnsized() != src.index); + + Add(scratch64, base, Operand(index, vixl::LSL, unsigned(src.scale))); + Ldr(ARMFPRegister(dest, 32), MemOperand(scratch64, src.offset)); + } + } + + void storeDouble(FloatRegister src, const Address& dest) { + Str(ARMFPRegister(src, 64), MemOperand(ARMRegister(dest.base, 64), dest.offset)); + } + void storeDouble(FloatRegister src, const BaseIndex& dest) { + doBaseIndex(ARMFPRegister(src, 64), dest, vixl::STR_d); + } + + void storeFloat32(FloatRegister src, Address addr) { + Str(ARMFPRegister(src, 32), MemOperand(ARMRegister(addr.base, 64), addr.offset)); + } + void storeFloat32(FloatRegister src, BaseIndex addr) { + doBaseIndex(ARMFPRegister(src, 32), addr, vixl::STR_s); + } + + void moveDouble(FloatRegister src, FloatRegister dest) { + fmov(ARMFPRegister(dest, 64), ARMFPRegister(src, 64)); + } + void zeroDouble(FloatRegister reg) { + fmov(ARMFPRegister(reg, 64), vixl::xzr); + } + void zeroFloat32(FloatRegister reg) { + fmov(ARMFPRegister(reg, 32), vixl::wzr); + } + void negateDouble(FloatRegister reg) { + fneg(ARMFPRegister(reg, 64), ARMFPRegister(reg, 64)); + } + void negateFloat(FloatRegister reg) { + fneg(ARMFPRegister(reg, 32), ARMFPRegister(reg, 32)); + } + void addDouble(FloatRegister src, FloatRegister dest) { + fadd(ARMFPRegister(dest, 64), ARMFPRegister(dest, 64), ARMFPRegister(src, 64)); + } + void subDouble(FloatRegister src, FloatRegister dest) { + fsub(ARMFPRegister(dest, 64), ARMFPRegister(dest, 64), ARMFPRegister(src, 64)); + } + void mulDouble(FloatRegister src, FloatRegister dest) { + fmul(ARMFPRegister(dest, 64), ARMFPRegister(dest, 64), ARMFPRegister(src, 64)); + } + void divDouble(FloatRegister src, FloatRegister dest) { + fdiv(ARMFPRegister(dest, 64), ARMFPRegister(dest, 64), ARMFPRegister(src, 64)); + } + + void moveFloat32(FloatRegister src, FloatRegister dest) { + fmov(ARMFPRegister(dest, 32), ARMFPRegister(src, 32)); + } + void moveFloatAsDouble(Register src, FloatRegister dest) { + MOZ_CRASH("moveFloatAsDouble"); + } + + void splitTag(const ValueOperand& operand, Register dest) { + splitTag(operand.valueReg(), dest); + } + void splitTag(const Address& operand, Register dest) { + loadPtr(operand, dest); + splitTag(dest, dest); + } + void splitTag(const BaseIndex& operand, Register dest) { + loadPtr(operand, dest); + splitTag(dest, dest); + } + + // Extracts the tag of a value and places it in ScratchReg. + Register splitTagForTest(const ValueOperand& value) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + MOZ_ASSERT(scratch64.asUnsized() != value.valueReg()); + Lsr(scratch64, ARMRegister(value.valueReg(), 64), JSVAL_TAG_SHIFT); + return scratch64.asUnsized(); // FIXME: Surely we can make a better interface. + } + void cmpTag(const ValueOperand& operand, ImmTag tag) { + MOZ_CRASH("cmpTag"); + } + + void load32(const Address& address, Register dest) { + Ldr(ARMRegister(dest, 32), MemOperand(ARMRegister(address.base, 64), address.offset)); + } + void load32(const BaseIndex& src, Register dest) { + doBaseIndex(ARMRegister(dest, 32), src, vixl::LDR_w); + } + void load32(AbsoluteAddress address, Register dest) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + movePtr(ImmWord((uintptr_t)address.addr), scratch64.asUnsized()); + ldr(ARMRegister(dest, 32), MemOperand(scratch64)); + } + + void load8SignExtend(const Address& address, Register dest) { + Ldrsb(ARMRegister(dest, 32), MemOperand(ARMRegister(address.base, 64), address.offset)); + } + void load8SignExtend(const BaseIndex& src, Register dest) { + doBaseIndex(ARMRegister(dest, 32), src, vixl::LDRSB_w); + } + + void load8ZeroExtend(const Address& address, Register dest) { + Ldrb(ARMRegister(dest, 32), MemOperand(ARMRegister(address.base, 64), address.offset)); + } + void load8ZeroExtend(const BaseIndex& src, Register dest) { + doBaseIndex(ARMRegister(dest, 32), src, vixl::LDRB_w); + } + + void load16SignExtend(const Address& address, Register dest) { + Ldrsh(ARMRegister(dest, 32), MemOperand(ARMRegister(address.base, 64), address.offset)); + } + void load16SignExtend(const BaseIndex& src, Register dest) { + doBaseIndex(ARMRegister(dest, 32), src, vixl::LDRSH_w); + } + + void load16ZeroExtend(const Address& address, Register dest) { + Ldrh(ARMRegister(dest, 32), MemOperand(ARMRegister(address.base, 64), address.offset)); + } + void load16ZeroExtend(const BaseIndex& src, Register dest) { + doBaseIndex(ARMRegister(dest, 32), src, vixl::LDRH_w); + } + + void add32(Register src, Register dest) { + Add(ARMRegister(dest, 32), ARMRegister(dest, 32), Operand(ARMRegister(src, 32))); + } + void add32(Imm32 imm, Register dest) { + Add(ARMRegister(dest, 32), ARMRegister(dest, 32), Operand(imm.value)); + } + void add32(Imm32 imm, const Address& dest) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch32 = temps.AcquireW(); + MOZ_ASSERT(scratch32.asUnsized() != dest.base); + + Ldr(scratch32, MemOperand(ARMRegister(dest.base, 64), dest.offset)); + Add(scratch32, scratch32, Operand(imm.value)); + Str(scratch32, MemOperand(ARMRegister(dest.base, 64), dest.offset)); + } + + void adds32(Register src, Register dest) { + Adds(ARMRegister(dest, 32), ARMRegister(dest, 32), Operand(ARMRegister(src, 32))); + } + void adds32(Imm32 imm, Register dest) { + Adds(ARMRegister(dest, 32), ARMRegister(dest, 32), Operand(imm.value)); + } + void adds32(Imm32 imm, const Address& dest) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch32 = temps.AcquireW(); + MOZ_ASSERT(scratch32.asUnsized() != dest.base); + + Ldr(scratch32, MemOperand(ARMRegister(dest.base, 64), dest.offset)); + Adds(scratch32, scratch32, Operand(imm.value)); + Str(scratch32, MemOperand(ARMRegister(dest.base, 64), dest.offset)); + } + + void sub32(Imm32 imm, Register dest) { + Sub(ARMRegister(dest, 32), ARMRegister(dest, 32), Operand(imm.value)); + } + void sub32(Register src, Register dest) { + Sub(ARMRegister(dest, 32), ARMRegister(dest, 32), Operand(ARMRegister(src, 32))); + } + + void subs32(Imm32 imm, Register dest) { + Subs(ARMRegister(dest, 32), ARMRegister(dest, 32), Operand(imm.value)); + } + void subs32(Register src, Register dest) { + Subs(ARMRegister(dest, 32), ARMRegister(dest, 32), Operand(ARMRegister(src, 32))); + } + + void addPtr(Register src, Register dest) { + Add(ARMRegister(dest, 64), ARMRegister(dest, 64), Operand(ARMRegister(src, 64))); + } + void addPtr(Register src1, Register src2, Register dest) { + Add(ARMRegister(dest, 64), ARMRegister(src1, 64), Operand(ARMRegister(src2, 64))); + } + + void addPtr(Imm32 imm, Register dest) { + Add(ARMRegister(dest, 64), ARMRegister(dest, 64), Operand(imm.value)); + } + void addPtr(Imm32 imm, Register src, Register dest) { + Add(ARMRegister(dest, 64), ARMRegister(src, 64), Operand(imm.value)); + } + + void addPtr(Imm32 imm, const Address& dest) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + MOZ_ASSERT(scratch64.asUnsized() != dest.base); + + Ldr(scratch64, MemOperand(ARMRegister(dest.base, 64), dest.offset)); + Add(scratch64, scratch64, Operand(imm.value)); + Str(scratch64, MemOperand(ARMRegister(dest.base, 64), dest.offset)); + } + void addPtr(ImmWord imm, Register dest) { + Add(ARMRegister(dest, 64), ARMRegister(dest, 64), Operand(imm.value)); + } + void addPtr(ImmPtr imm, Register dest) { + Add(ARMRegister(dest, 64), ARMRegister(dest, 64), Operand(uint64_t(imm.value))); + } + void addPtr(const Address& src, Register dest) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + MOZ_ASSERT(scratch64.asUnsized() != src.base); + + Ldr(scratch64, MemOperand(ARMRegister(src.base, 64), src.offset)); + Add(ARMRegister(dest, 64), ARMRegister(dest, 64), Operand(scratch64)); + } + void subPtr(Imm32 imm, Register dest) { + Sub(ARMRegister(dest, 64), ARMRegister(dest, 64), Operand(imm.value)); + } + void subPtr(Register src, Register dest) { + Sub(ARMRegister(dest, 64), ARMRegister(dest, 64), Operand(ARMRegister(src, 64))); + } + void subPtr(const Address& addr, Register dest) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + MOZ_ASSERT(scratch64.asUnsized() != addr.base); + + Ldr(scratch64, MemOperand(ARMRegister(addr.base, 64), addr.offset)); + Sub(ARMRegister(dest, 64), ARMRegister(dest, 64), Operand(scratch64)); + } + void subPtr(Register src, const Address& dest) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + MOZ_ASSERT(scratch64.asUnsized() != dest.base); + + Ldr(scratch64, MemOperand(ARMRegister(dest.base, 64), dest.offset)); + Sub(scratch64, scratch64, Operand(ARMRegister(src, 64))); + Str(scratch64, MemOperand(ARMRegister(dest.base, 64), dest.offset)); + } + void mul32(Register src1, Register src2, Register dest, Label* onOver, Label* onZero) { + Smull(ARMRegister(dest, 64), ARMRegister(src1, 32), ARMRegister(src2, 32)); + if (onOver) { + Cmp(ARMRegister(dest, 64), Operand(ARMRegister(dest, 32), vixl::SXTW)); + B(onOver, NotEqual); + } + if (onZero) + Cbz(ARMRegister(dest, 32), onZero); + + // Clear upper 32 bits. + Mov(ARMRegister(dest, 32), ARMRegister(dest, 32)); + } + + void ret() { + pop(lr); + abiret(); + } + + void retn(Imm32 n) { + // ip0 <- [sp]; sp += n; ret ip0 + Ldr(vixl::ip0, MemOperand(GetStackPointer64(), ptrdiff_t(n.value), vixl::PostIndex)); + syncStackPtr(); // SP is always used to transmit the stack between calls. + Ret(vixl::ip0); + } + + void j(Condition code, Label* dest) { + b(dest, code); + } + void j(Label* dest) { + b(dest, Always); + } + + void branch(Condition cond, Label* label) { + b(label, cond); + } + void branch(JitCode* target) { + syncStackPtr(); + addPendingJump(nextOffset(), ImmPtr(target->raw()), Relocation::JITCODE); + b(-1); // The jump target will be patched by executableCopy(). + } + + void branch16(Condition cond, Register lhs, Register rhs, Label* label) { + MOZ_CRASH("branch16"); + } + + void branch32(Condition cond, const Operand& lhs, Register rhs, Label* label) { + // since rhs is an operand, do the compare backwards + Cmp(ARMRegister(rhs, 32), lhs); + b(label, Assembler::InvertCmpCondition(cond)); + } + void branch32(Condition cond, const Operand& lhs, Imm32 rhs, Label* label) { + ARMRegister l = lhs.reg(); + Cmp(l, Operand(rhs.value)); + b(label, cond); + } + void branch32(Condition cond, Register lhs, Register rhs, Label* label) { + cmp32(lhs, rhs); + b(label, cond); + } + void branch32(Condition cond, Register lhs, Imm32 imm, Label* label) { + cmp32(lhs, imm); + b(label, cond); + } + void branch32(Condition cond, const Address& lhs, Register rhs, Label* label) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != lhs.base); + MOZ_ASSERT(scratch != rhs); + load32(lhs, scratch); + branch32(cond, scratch, rhs, label); + } + void branch32(Condition cond, const Address& lhs, Imm32 imm, Label* label) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != lhs.base); + load32(lhs, scratch); + branch32(cond, scratch, imm, label); + } + void branch32(Condition cond, AbsoluteAddress lhs, Register rhs, Label* label) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + movePtr(ImmPtr(lhs.addr), scratch); + branch32(cond, Address(scratch, 0), rhs, label); + } + void branch32(Condition cond, AbsoluteAddress lhs, Imm32 rhs, Label* label) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + movePtr(ImmPtr(lhs.addr), scratch); + branch32(cond, Address(scratch, 0), rhs, label); + } + void branch32(Condition cond, AsmJSAbsoluteAddress lhs, Imm32 rhs, Label* label) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + movePtr(AsmJSImmPtr(lhs.kind()), scratch); + branch32(cond, Address(scratch, 0), rhs, label); + } + void branch32(Condition cond, BaseIndex lhs, Imm32 rhs, Label* label) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch32 = temps.AcquireW(); + MOZ_ASSERT(scratch32.asUnsized() != lhs.base); + MOZ_ASSERT(scratch32.asUnsized() != lhs.index); + doBaseIndex(scratch32, lhs, vixl::LDR_w); + branch32(cond, scratch32.asUnsized(), rhs, label); + } + + void branchSub32(Condition cond, const Address& lhs, Register rhs, Label* label) { + MOZ_CRASH("branchSub32"); + } + void branchSub32(Condition cond, const Address& lhs, Imm32 imm, Label* label) { + MOZ_CRASH("branchSub32"); + } + void branchSub32(Condition cond, Register lhs, Imm32 imm, Label* label) { + MOZ_CRASH("branchSub32"); + } + void branchSub32(Condition cond, Register lhs, Register rhs, Label* label) { + MOZ_CRASH("branchSub32"); + } + void branchSub32(Condition cond, AbsoluteAddress lhs, Imm32 rhs, Label* label) { + MOZ_CRASH("branchSub32"); + } + void branchSub32(Condition cond, AbsoluteAddress lhs, Register rhs, Label* label) { + MOZ_CRASH("branchSub32"); + } + + void branchTest16(Condition cond, Register lhs, Register rhs, Label* label) { + MOZ_CRASH("branchTest16"); + } + void branchTest32(Condition cond, Register lhs, Register rhs, Label* label) { + MOZ_ASSERT(cond == Zero || cond == NonZero || cond == Signed || cond == NotSigned); + // x86 prefers |test foo, foo| to |cmp foo, #0|. + // Convert the former to the latter for ARM. + if (lhs == rhs && (cond == Zero || cond == NonZero)) + cmp32(lhs, Imm32(0)); + else + test32(lhs, rhs); + B(label, cond); + } + void branchTest32(Condition cond, Register lhs, Imm32 imm, Label* label) { + MOZ_ASSERT(cond == Zero || cond == NonZero || cond == Signed || cond == NotSigned); + test32(lhs, imm); + B(label, cond); + } + void branchTest32(Condition cond, const Address& address, Imm32 imm, Label* label) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != address.base); + load32(address, scratch); + branchTest32(cond, scratch, imm, label); + } + void branchTest32(Condition cond, AbsoluteAddress address, Imm32 imm, Label* label) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + loadPtr(address, scratch); + branchTest32(cond, scratch, imm, label); + } + CodeOffsetJump jumpWithPatch(RepatchLabel* label, Condition cond = Always) { + ARMBuffer::PoolEntry pe; + BufferOffset load_bo; + BufferOffset branch_bo; + + // Does not overwrite condition codes from the caller. + { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + load_bo = immPool64(scratch64, (uint64_t)label, &pe); + } + + MOZ_ASSERT(!label->bound()); + if (cond != Always) { + Label notTaken; + b(¬Taken, Assembler::InvertCondition(cond)); + branch_bo = b(-1); + bind(¬Taken); + } else { + nop(); + branch_bo = b(-1); + } + label->use(branch_bo.getOffset()); + return CodeOffsetJump(load_bo.getOffset(), pe.index()); + } + CodeOffsetJump backedgeJump(RepatchLabel* label) { + return jumpWithPatch(label); + } + template + CodeOffsetJump branchPtrWithPatch(Condition cond, Register reg, T ptr, RepatchLabel* label) { + cmpPtr(reg, ptr); + return jumpWithPatch(label, cond); + } + template + CodeOffsetJump branchPtrWithPatch(Condition cond, Address addr, T ptr, RepatchLabel* label) { + // The scratch register is unused after the condition codes are set. + { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != addr.base); + loadPtr(addr, scratch); + cmpPtr(scratch, ptr); + } + return jumpWithPatch(label, cond); + } + + void branchPtr(Condition cond, AsmJSAbsoluteAddress lhs, Register rhs, Label* label) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != rhs); + loadPtr(lhs, scratch); + branchPtr(cond, scratch, rhs, label); + } + void branchPtr(Condition cond, Address lhs, ImmWord ptr, Label* label) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != lhs.base); + loadPtr(lhs, scratch); + branchPtr(cond, scratch, ptr, label); + } + void branchPtr(Condition cond, Address lhs, ImmPtr ptr, Label* label) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != lhs.base); + loadPtr(lhs, scratch); + branchPtr(cond, scratch, ptr, label); + } + void branchPtr(Condition cond, Address lhs, Register ptr, Label* label) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != lhs.base); + MOZ_ASSERT(scratch != ptr); + loadPtr(lhs, scratch); + branchPtr(cond, scratch, ptr, label); + } + void branchPtr(Condition cond, Register lhs, Imm32 imm, Label* label) { + cmpPtr(lhs, imm); + B(label, cond); + } + void branchPtr(Condition cond, Register lhs, ImmWord ptr, Label* label) { + cmpPtr(lhs, ptr); + B(label, cond); + } + void branchPtr(Condition cond, Register lhs, ImmPtr rhs, Label* label) { + cmpPtr(lhs, rhs); + B(label, cond); + } + void branchPtr(Condition cond, Register lhs, ImmGCPtr ptr, Label* label) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != lhs); + movePtr(ptr, scratch); + branchPtr(cond, lhs, scratch, label); + } + void branchPtr(Condition cond, Address lhs, ImmGCPtr ptr, Label* label) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch1_64 = temps.AcquireX(); + const ARMRegister scratch2_64 = temps.AcquireX(); + MOZ_ASSERT(scratch1_64.asUnsized() != lhs.base); + MOZ_ASSERT(scratch2_64.asUnsized() != lhs.base); + + movePtr(ptr, scratch1_64.asUnsized()); + loadPtr(lhs, scratch2_64.asUnsized()); + cmp(scratch2_64, scratch1_64); + B(cond, label); + + } + void branchPtr(Condition cond, Address lhs, ImmMaybeNurseryPtr ptr, Label* label) { + branchPtr(cond, lhs, noteMaybeNurseryPtr(ptr), label); + } + void branchPtr(Condition cond, Register lhs, Register rhs, Label* label) { + Cmp(ARMRegister(lhs, 64), ARMRegister(rhs, 64)); + B(label, cond); + } + void branchPtr(Condition cond, AbsoluteAddress lhs, Register rhs, Label* label) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != rhs); + loadPtr(lhs, scratch); + branchPtr(cond, scratch, rhs, label); + } + void branchPtr(Condition cond, AbsoluteAddress lhs, ImmWord ptr, Label* label) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + loadPtr(lhs, scratch); + branchPtr(cond, scratch, ptr, label); + } + + void branchTestPtr(Condition cond, Register lhs, Register rhs, Label* label) { + Tst(ARMRegister(lhs, 64), Operand(ARMRegister(rhs, 64))); + B(label, cond); + } + void branchTestPtr(Condition cond, Register lhs, Imm32 imm, Label* label) { + Tst(ARMRegister(lhs, 64), Operand(imm.value)); + B(label, cond); + } + void branchTestPtr(Condition cond, const Address& lhs, Imm32 imm, Label* label) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != lhs.base); + loadPtr(lhs, scratch); + branchTestPtr(cond, scratch, imm, label); + } + void branchPrivatePtr(Condition cond, const Address& lhs, ImmPtr ptr, Label* label) { + branchPtr(cond, lhs, ptr, label); + } + + void branchPrivatePtr(Condition cond, const Address& lhs, Register ptr, Label* label) { + branchPtr(cond, lhs, ptr, label); + } + + void branchPrivatePtr(Condition cond, Register lhs, ImmWord ptr, Label* label) { + branchPtr(cond, lhs, ptr, label); + } + + void decBranchPtr(Condition cond, Register lhs, Imm32 imm, Label* label) { + Subs(ARMRegister(lhs, 64), ARMRegister(lhs, 64), Operand(imm.value)); + B(cond, label); + } + + void branchTestUndefined(Condition cond, Register tag, Label* label) { + Condition c = testUndefined(cond, tag); + B(label, c); + } + void branchTestInt32(Condition cond, Register tag, Label* label) { + Condition c = testInt32(cond, tag); + B(label, c); + } + void branchTestDouble(Condition cond, Register tag, Label* label) { + Condition c = testDouble(cond, tag); + B(label, c); + } + void branchTestBoolean(Condition cond, Register tag, Label* label) { + Condition c = testBoolean(cond, tag); + B(label, c); + } + void branchTestNull(Condition cond, Register tag, Label* label) { + Condition c = testNull(cond, tag); + B(label, c); + } + void branchTestString(Condition cond, Register tag, Label* label) { + Condition c = testString(cond, tag); + B(label, c); + } + void branchTestSymbol(Condition cond, Register tag, Label* label) { + Condition c = testSymbol(cond, tag); + B(label, c); + } + void branchTestObject(Condition cond, Register tag, Label* label) { + Condition c = testObject(cond, tag); + B(label, c); + } + void branchTestNumber(Condition cond, Register tag, Label* label) { + Condition c = testNumber(cond, tag); + B(label, c); + } + + void branchTestUndefined(Condition cond, const Address& address, Label* label) { + Condition c = testUndefined(cond, address); + B(label, c); + } + void branchTestInt32(Condition cond, const Address& address, Label* label) { + Condition c = testInt32(cond, address); + B(label, c); + } + void branchTestDouble(Condition cond, const Address& address, Label* label) { + Condition c = testDouble(cond, address); + B(label, c); + } + void branchTestBoolean(Condition cond, const Address& address, Label* label) { + Condition c = testDouble(cond, address); + B(label, c); + } + void branchTestNull(Condition cond, const Address& address, Label* label) { + Condition c = testNull(cond, address); + B(label, c); + } + void branchTestString(Condition cond, const Address& address, Label* label) { + Condition c = testString(cond, address); + B(label, c); + } + void branchTestSymbol(Condition cond, const Address& address, Label* label) { + Condition c = testSymbol(cond, address); + B(label, c); + } + void branchTestObject(Condition cond, const Address& address, Label* label) { + Condition c = testObject(cond, address); + B(label, c); + } + void branchTestNumber(Condition cond, const Address& address, Label* label) { + Condition c = testNumber(cond, address); + B(label, c); + } + + // Perform a type-test on a full Value loaded into a register. + // Clobbers the ScratchReg. + void branchTestUndefined(Condition cond, const ValueOperand& src, Label* label) { + Condition c = testUndefined(cond, src); + B(label, c); + } + void branchTestInt32(Condition cond, const ValueOperand& src, Label* label) { + Condition c = testInt32(cond, src); + B(label, c); + } + void branchTestBoolean(Condition cond, const ValueOperand& src, Label* label) { + Condition c = testBoolean(cond, src); + B(label, c); + } + void branchTestDouble(Condition cond, const ValueOperand& src, Label* label) { + Condition c = testDouble(cond, src); + B(label, c); + } + void branchTestNull(Condition cond, const ValueOperand& src, Label* label) { + Condition c = testNull(cond, src); + B(label, c); + } + void branchTestString(Condition cond, const ValueOperand& src, Label* label) { + Condition c = testString(cond, src); + B(label, c); + } + void branchTestSymbol(Condition cond, const ValueOperand& src, Label* label) { + Condition c = testSymbol(cond, src); + B(label, c); + } + void branchTestObject(Condition cond, const ValueOperand& src, Label* label) { + Condition c = testObject(cond, src); + B(label, c); + } + void branchTestNumber(Condition cond, const ValueOperand& src, Label* label) { + Condition c = testNumber(cond, src); + B(label, c); + } + + // Perform a type-test on a Value addressed by BaseIndex. + // Clobbers the ScratchReg. + void branchTestUndefined(Condition cond, const BaseIndex& address, Label* label) { + Condition c = testUndefined(cond, address); + B(label, c); + } + void branchTestInt32(Condition cond, const BaseIndex& address, Label* label) { + Condition c = testInt32(cond, address); + B(label, c); + } + void branchTestBoolean(Condition cond, const BaseIndex& address, Label* label) { + Condition c = testBoolean(cond, address); + B(label, c); + } + void branchTestDouble(Condition cond, const BaseIndex& address, Label* label) { + Condition c = testDouble(cond, address); + B(label, c); + } + void branchTestNull(Condition cond, const BaseIndex& address, Label* label) { + Condition c = testNull(cond, address); + B(label, c); + } + void branchTestString(Condition cond, const BaseIndex& address, Label* label) { + Condition c = testString(cond, address); + B(label, c); + } + void branchTestSymbol(Condition cond, const BaseIndex& address, Label* label) { + Condition c = testSymbol(cond, address); + B(label, c); + } + void branchTestObject(Condition cond, const BaseIndex& address, Label* label) { + Condition c = testObject(cond, address); + B(label, c); + } + template + void branchTestGCThing(Condition cond, const T& src, Label* label) { + Condition c = testGCThing(cond, src); + B(label, c); + } + template + void branchTestPrimitive(Condition cond, const T& t, Label* label) { + Condition c = testPrimitive(cond, t); + B(label, c); + } + template + void branchTestMagic(Condition cond, const T& t, Label* label) { + Condition c = testMagic(cond, t); + B(label, c); + } + void branchTestMagicValue(Condition cond, const ValueOperand& val, JSWhyMagic why, Label* label) { + MOZ_ASSERT(cond == Equal || cond == NotEqual); + branchTestValue(cond, val, MagicValue(why), label); + } + void branchTestValue(Condition cond, const ValueOperand& value, const Value& v, Label* label) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + MOZ_ASSERT(scratch64.asUnsized() != value.valueReg()); + moveValue(v, ValueOperand(scratch64.asUnsized())); + Cmp(ARMRegister(value.valueReg(), 64), scratch64); + B(label, cond); + } + void branchTestValue(Condition cond, const Address& valaddr, const ValueOperand& value, + Label* label) + { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + MOZ_ASSERT(scratch64.asUnsized() != valaddr.base); + MOZ_ASSERT(scratch64.asUnsized() != value.valueReg()); + loadValue(valaddr, scratch64.asUnsized()); + Cmp(ARMRegister(value.valueReg(), 64), Operand(scratch64)); + B(label, cond); + } + + void compareDouble(DoubleCondition cond, FloatRegister lhs, FloatRegister rhs) { + Fcmp(ARMFPRegister(lhs, 64), ARMFPRegister(rhs, 64)); + } + void branchDouble(DoubleCondition cond, FloatRegister lhs, FloatRegister rhs, Label* label) { + compareDouble(cond, lhs, rhs); + switch (cond) { + case DoubleNotEqual: { + Label unordered; + // not equal *and* ordered + branch(Overflow, &unordered); + branch(NotEqual, label); + bind(&unordered); + break; + } + case DoubleEqualOrUnordered: + branch(Overflow, label); + branch(Equal, label); + break; + default: + branch(Condition(cond), label); + } + } + + void compareFloat(DoubleCondition cond, FloatRegister lhs, FloatRegister rhs) { + Fcmp(ARMFPRegister(lhs, 32), ARMFPRegister(rhs, 32)); + } + void branchFloat(DoubleCondition cond, FloatRegister lhs, FloatRegister rhs, Label* label) { + compareFloat(cond, lhs, rhs); + switch (cond) { + case DoubleNotEqual: { + Label unordered; + // not equal *and* ordered + branch(Overflow, &unordered); + branch(NotEqual, label); + bind(&unordered); + break; + } + case DoubleEqualOrUnordered: + branch(Overflow, label); + branch(Equal, label); + break; + default: + branch(Condition(cond), label); + } + } + + void branchNegativeZero(FloatRegister reg, Register scratch, Label* label) { + MOZ_CRASH("branchNegativeZero"); + } + void branchNegativeZeroFloat32(FloatRegister reg, Register scratch, Label* label) { + MOZ_CRASH("branchNegativeZeroFloat32"); + } + + void boxDouble(FloatRegister src, const ValueOperand& dest) { + Fmov(ARMRegister(dest.valueReg(), 64), ARMFPRegister(src, 64)); + } + void boxNonDouble(JSValueType type, Register src, const ValueOperand& dest) { + boxValue(type, src, dest.valueReg()); + } + + // Note that the |dest| register here may be ScratchReg, so we shouldn't use it. + void unboxInt32(const ValueOperand& src, Register dest) { + move32(src.valueReg(), dest); + } + void unboxInt32(const Address& src, Register dest) { + load32(src, dest); + } + void unboxDouble(const Address& src, FloatRegister dest) { + loadDouble(src, dest); + } + void unboxDouble(const ValueOperand& src, FloatRegister dest) { + Fmov(ARMFPRegister(dest, 64), ARMRegister(src.valueReg(), 64)); + } + + void unboxArgObjMagic(const ValueOperand& src, Register dest) { + MOZ_CRASH("unboxArgObjMagic"); + } + void unboxArgObjMagic(const Address& src, Register dest) { + MOZ_CRASH("unboxArgObjMagic"); + } + + void unboxBoolean(const ValueOperand& src, Register dest) { + move32(src.valueReg(), dest); + } + void unboxBoolean(const Address& src, Register dest) { + load32(src, dest); + } + + void unboxMagic(const ValueOperand& src, Register dest) { + move32(src.valueReg(), dest); + } + // Unbox any non-double value into dest. Prefer unboxInt32 or unboxBoolean + // instead if the source type is known. + void unboxNonDouble(const ValueOperand& src, Register dest) { + unboxNonDouble(src.valueReg(), dest); + } + void unboxNonDouble(Address src, Register dest) { + loadPtr(src, dest); + unboxNonDouble(dest, dest); + } + + void unboxNonDouble(Register src, Register dest) { + And(ARMRegister(dest, 64), ARMRegister(src, 64), Operand((1ULL << JSVAL_TAG_SHIFT) - 1ULL)); + } + + void unboxPrivate(const ValueOperand& src, Register dest) { + ubfx(ARMRegister(dest, 64), ARMRegister(src.valueReg(), 64), 1, JSVAL_TAG_SHIFT - 1); + } + + void notBoolean(const ValueOperand& val) { + ARMRegister r(val.valueReg(), 64); + eor(r, r, Operand(1)); + } + void unboxObject(const ValueOperand& src, Register dest) { + unboxNonDouble(src.valueReg(), dest); + } + void unboxObject(Register src, Register dest) { + unboxNonDouble(src, dest); + } + void unboxObject(const Address& src, Register dest) { + loadPtr(src, dest); + unboxNonDouble(dest, dest); + } + void unboxObject(const BaseIndex& src, Register dest) { + doBaseIndex(ARMRegister(dest, 64), src, vixl::LDR_x); + unboxNonDouble(dest, dest); + } + + void unboxValue(const ValueOperand& src, AnyRegister dest) { + if (dest.isFloat()) { + Label notInt32, end; + branchTestInt32(Assembler::NotEqual, src, ¬Int32); + convertInt32ToDouble(src.valueReg(), dest.fpu()); + jump(&end); + bind(¬Int32); + unboxDouble(src, dest.fpu()); + bind(&end); + } else { + unboxNonDouble(src, dest.gpr()); + } + + } + void unboxString(const ValueOperand& operand, Register dest) { + unboxNonDouble(operand, dest); + } + void unboxString(const Address& src, Register dest) { + unboxNonDouble(src, dest); + } + void unboxSymbol(const ValueOperand& operand, Register dest) { + unboxNonDouble(operand, dest); + } + void unboxSymbol(const Address& src, Register dest) { + unboxNonDouble(src, dest); + } + // These two functions use the low 32-bits of the full value register. + void boolValueToDouble(const ValueOperand& operand, FloatRegister dest) { + convertInt32ToDouble(operand.valueReg(), dest); + } + void int32ValueToDouble(const ValueOperand& operand, FloatRegister dest) { + convertInt32ToDouble(operand.valueReg(), dest); + } + + void boolValueToFloat32(const ValueOperand& operand, FloatRegister dest) { + convertInt32ToFloat32(operand.valueReg(), dest); + } + void int32ValueToFloat32(const ValueOperand& operand, FloatRegister dest) { + convertInt32ToFloat32(operand.valueReg(), dest); + } + + void loadConstantDouble(double d, FloatRegister dest) { + Fmov(ARMFPRegister(dest, 64), d); + } + void loadConstantFloat32(float f, FloatRegister dest) { + Fmov(ARMFPRegister(dest, 32), f); + } + + // Register-based tests. + Condition testUndefined(Condition cond, Register tag) { + MOZ_ASSERT(cond == Equal || cond == NotEqual); + cmp32(tag, ImmTag(JSVAL_TAG_UNDEFINED)); + return cond; + } + Condition testInt32(Condition cond, Register tag) { + MOZ_ASSERT(cond == Equal || cond == NotEqual); + cmp32(tag, ImmTag(JSVAL_TAG_INT32)); + return cond; + } + Condition testBoolean(Condition cond, Register tag) { + MOZ_ASSERT(cond == Equal || cond == NotEqual); + cmp32(tag, ImmTag(JSVAL_TAG_BOOLEAN)); + return cond; + } + Condition testNull(Condition cond, Register tag) { + MOZ_ASSERT(cond == Equal || cond == NotEqual); + cmp32(tag, ImmTag(JSVAL_TAG_NULL)); + return cond; + } + Condition testString(Condition cond, Register tag) { + MOZ_ASSERT(cond == Equal || cond == NotEqual); + cmp32(tag, ImmTag(JSVAL_TAG_STRING)); + return cond; + } + Condition testSymbol(Condition cond, Register tag) { + MOZ_ASSERT(cond == Equal || cond == NotEqual); + cmp32(tag, ImmTag(JSVAL_TAG_SYMBOL)); + return cond; + } + Condition testObject(Condition cond, Register tag) { + MOZ_ASSERT(cond == Equal || cond == NotEqual); + cmp32(tag, ImmTag(JSVAL_TAG_OBJECT)); + return cond; + } + Condition testDouble(Condition cond, Register tag) { + MOZ_ASSERT(cond == Equal || cond == NotEqual); + cmp32(tag, Imm32(JSVAL_TAG_MAX_DOUBLE)); + return (cond == Equal) ? BelowOrEqual : Above; + } + Condition testNumber(Condition cond, Register tag) { + MOZ_ASSERT(cond == Equal || cond == NotEqual); + cmp32(tag, Imm32(JSVAL_UPPER_INCL_TAG_OF_NUMBER_SET)); + return (cond == Equal) ? BelowOrEqual : Above; + } + Condition testGCThing(Condition cond, Register tag) { + MOZ_ASSERT(cond == Equal || cond == NotEqual); + cmp32(tag, Imm32(JSVAL_LOWER_INCL_TAG_OF_GCTHING_SET)); + return (cond == Equal) ? AboveOrEqual : Below; + } + Condition testMagic(Condition cond, Register tag) { + MOZ_ASSERT(cond == Equal || cond == NotEqual); + cmp32(tag, ImmTag(JSVAL_TAG_MAGIC)); + return cond; + } + Condition testPrimitive(Condition cond, Register tag) { + MOZ_ASSERT(cond == Equal || cond == NotEqual); + cmp32(tag, Imm32(JSVAL_UPPER_EXCL_TAG_OF_PRIMITIVE_SET)); + return (cond == Equal) ? Below : AboveOrEqual; + } + Condition testError(Condition cond, Register tag) { + return testMagic(cond, tag); + } + + // ValueOperand-based tests. + Condition testInt32(Condition cond, const ValueOperand& value) { + // The incoming ValueOperand may use scratch registers. + vixl::UseScratchRegisterScope temps(this); + + if (value.valueReg() == ScratchReg2) { + MOZ_ASSERT(temps.IsAvailable(ScratchReg64)); + MOZ_ASSERT(!temps.IsAvailable(ScratchReg2_64)); + temps.Exclude(ScratchReg64); + + if (cond != Equal && cond != NotEqual) + MOZ_CRASH("NYI: non-equality comparisons"); + + // In the event that the tag is not encodable in a single cmp / teq instruction, + // perform the xor that teq would use, this will leave the tag bits being + // zero, or non-zero, which can be tested with either and or shift. + unsigned int n, imm_r, imm_s; + uint64_t immediate = uint64_t(ImmTag(JSVAL_TAG_INT32).value) << JSVAL_TAG_SHIFT; + if (IsImmLogical(immediate, 64, &n, &imm_s, &imm_r)) { + Eor(ScratchReg64, ScratchReg2_64, Operand(immediate)); + } else { + Mov(ScratchReg64, immediate); + Eor(ScratchReg64, ScratchReg2_64, ScratchReg64); + } + Tst(ScratchReg64, Operand(-1ll << JSVAL_TAG_SHIFT)); + return cond; + } + + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != value.valueReg()); + + splitTag(value, scratch); + return testInt32(cond, scratch); + } + Condition testBoolean(Condition cond, const ValueOperand& value) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(value.valueReg() != scratch); + splitTag(value, scratch); + return testBoolean(cond, scratch); + } + Condition testDouble(Condition cond, const ValueOperand& value) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(value.valueReg() != scratch); + splitTag(value, scratch); + return testDouble(cond, scratch); + } + Condition testNull(Condition cond, const ValueOperand& value) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(value.valueReg() != scratch); + splitTag(value, scratch); + return testNull(cond, scratch); + } + Condition testUndefined(Condition cond, const ValueOperand& value) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(value.valueReg() != scratch); + splitTag(value, scratch); + return testUndefined(cond, scratch); + } + Condition testString(Condition cond, const ValueOperand& value) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(value.valueReg() != scratch); + splitTag(value, scratch); + return testString(cond, scratch); + } + Condition testSymbol(Condition cond, const ValueOperand& value) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(value.valueReg() != scratch); + splitTag(value, scratch); + return testSymbol(cond, scratch); + } + Condition testObject(Condition cond, const ValueOperand& value) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(value.valueReg() != scratch); + splitTag(value, scratch); + return testObject(cond, scratch); + } + Condition testNumber(Condition cond, const ValueOperand& value) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(value.valueReg() != scratch); + splitTag(value, scratch); + return testNumber(cond, scratch); + } + Condition testPrimitive(Condition cond, const ValueOperand& value) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(value.valueReg() != scratch); + splitTag(value, scratch); + return testPrimitive(cond, scratch); + } + Condition testMagic(Condition cond, const ValueOperand& value) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(value.valueReg() != scratch); + splitTag(value, scratch); + return testMagic(cond, scratch); + } + Condition testError(Condition cond, const ValueOperand& value) { + return testMagic(cond, value); + } + + // Address-based tests. + Condition testGCThing(Condition cond, const Address& address) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(address.base != scratch); + splitTag(address, scratch); + return testGCThing(cond, scratch); + } + Condition testMagic(Condition cond, const Address& address) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(address.base != scratch); + splitTag(address, scratch); + return testMagic(cond, scratch); + } + Condition testInt32(Condition cond, const Address& address) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(address.base != scratch); + splitTag(address, scratch); + return testInt32(cond, scratch); + } + Condition testDouble(Condition cond, const Address& address) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(address.base != scratch); + splitTag(address, scratch); + return testDouble(cond, scratch); + } + Condition testBoolean(Condition cond, const Address& address) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(address.base != scratch); + splitTag(address, scratch); + return testBoolean(cond, scratch); + } + Condition testNull(Condition cond, const Address& address) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(address.base != scratch); + splitTag(address, scratch); + return testNull(cond, scratch); + } + Condition testUndefined(Condition cond, const Address& address) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(address.base != scratch); + splitTag(address, scratch); + return testUndefined(cond, scratch); + } + Condition testString(Condition cond, const Address& address) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(address.base != scratch); + splitTag(address, scratch); + return testString(cond, scratch); + } + Condition testSymbol(Condition cond, const Address& address) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(address.base != scratch); + splitTag(address, scratch); + return testSymbol(cond, scratch); + } + Condition testObject(Condition cond, const Address& address) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(address.base != scratch); + splitTag(address, scratch); + return testObject(cond, scratch); + } + Condition testNumber(Condition cond, const Address& address) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(address.base != scratch); + splitTag(address, scratch); + return testNumber(cond, scratch); + } + + // BaseIndex-based tests. + Condition testUndefined(Condition cond, const BaseIndex& src) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(src.base != scratch); + MOZ_ASSERT(src.index != scratch); + splitTag(src, scratch); + return testUndefined(cond, scratch); + } + Condition testNull(Condition cond, const BaseIndex& src) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(src.base != scratch); + MOZ_ASSERT(src.index != scratch); + splitTag(src, scratch); + return testNull(cond, scratch); + } + Condition testBoolean(Condition cond, const BaseIndex& src) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(src.base != scratch); + MOZ_ASSERT(src.index != scratch); + splitTag(src, scratch); + return testBoolean(cond, scratch); + } + Condition testString(Condition cond, const BaseIndex& src) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(src.base != scratch); + MOZ_ASSERT(src.index != scratch); + splitTag(src, scratch); + return testString(cond, scratch); + } + Condition testSymbol(Condition cond, const BaseIndex& src) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(src.base != scratch); + MOZ_ASSERT(src.index != scratch); + splitTag(src, scratch); + return testSymbol(cond, scratch); + } + Condition testInt32(Condition cond, const BaseIndex& src) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(src.base != scratch); + MOZ_ASSERT(src.index != scratch); + splitTag(src, scratch); + return testInt32(cond, scratch); + } + Condition testObject(Condition cond, const BaseIndex& src) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(src.base != scratch); + MOZ_ASSERT(src.index != scratch); + splitTag(src, scratch); + return testObject(cond, scratch); + } + Condition testDouble(Condition cond, const BaseIndex& src) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(src.base != scratch); + MOZ_ASSERT(src.index != scratch); + splitTag(src, scratch); + return testDouble(cond, scratch); + } + Condition testMagic(Condition cond, const BaseIndex& src) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(src.base != scratch); + MOZ_ASSERT(src.index != scratch); + splitTag(src, scratch); + return testMagic(cond, scratch); + } + Condition testGCThing(Condition cond, const BaseIndex& src) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(src.base != scratch); + MOZ_ASSERT(src.index != scratch); + splitTag(src, scratch); + return testGCThing(cond, scratch); + } + + Condition testInt32Truthy(bool truthy, const ValueOperand& operand) { + ARMRegister payload32(operand.valueReg(), 32); + Tst(payload32, payload32); + return truthy ? NonZero : Zero; + } + void branchTestInt32Truthy(bool truthy, const ValueOperand& operand, Label* label) { + Condition c = testInt32Truthy(truthy, operand); + B(label, c); + } + + void branchTestDoubleTruthy(bool truthy, FloatRegister reg, Label* label) { + Fcmp(ARMFPRegister(reg, 64), 0.0); + if (!truthy) { + // falsy values are zero, and NaN. + branch(Zero, label); + branch(Overflow, label); + } else { + // truthy values are non-zero and not nan. + // If it is overflow + Label onFalse; + branch(Zero, &onFalse); + branch(Overflow, &onFalse); + b(label); + bind(&onFalse); + } + } + + Condition testBooleanTruthy(bool truthy, const ValueOperand& operand) { + ARMRegister payload32(operand.valueReg(), 32); + Tst(payload32, payload32); + return truthy ? NonZero : Zero; + } + void branchTestBooleanTruthy(bool truthy, const ValueOperand& operand, Label* label) { + Condition c = testBooleanTruthy(truthy, operand); + B(label, c); + } + Condition testStringTruthy(bool truthy, const ValueOperand& value) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + const ARMRegister scratch32(scratch, 32); + const ARMRegister scratch64(scratch, 64); + + MOZ_ASSERT(value.valueReg() != scratch); + + unboxString(value, scratch); + Ldr(scratch32, MemOperand(scratch64, JSString::offsetOfLength())); + Cmp(scratch32, Operand(0)); + return truthy ? Condition::NonZero : Condition::Zero; + } + void branchTestStringTruthy(bool truthy, const ValueOperand& value, Label* label) { + Condition c = testStringTruthy(truthy, value); + B(label, c); + } + void int32OrDouble(Register src, ARMFPRegister dest) { + Label isInt32; + Label join; + testInt32(Equal, ValueOperand(src)); + B(&isInt32, Equal); + // is double, move teh bits as is + Fmov(dest, ARMRegister(src, 64)); + B(&join); + bind(&isInt32); + // is int32, do a conversion while moving + Scvtf(dest, ARMRegister(src, 32)); + bind(&join); + } + void loadUnboxedValue(Address address, MIRType type, AnyRegister dest) { + if (dest.isFloat()) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + MOZ_ASSERT(scratch64.asUnsized() != address.base); + Ldr(scratch64, toMemOperand(address)); + int32OrDouble(scratch64.asUnsized(), ARMFPRegister(dest.fpu(), 64)); + } else if (type == MIRType_Int32 || type == MIRType_Boolean) { + load32(address, dest.gpr()); + } else { + loadPtr(address, dest.gpr()); + unboxNonDouble(dest.gpr(), dest.gpr()); + } + } + + void loadUnboxedValue(BaseIndex address, MIRType type, AnyRegister dest) { + if (dest.isFloat()) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + MOZ_ASSERT(scratch64.asUnsized() != address.base); + MOZ_ASSERT(scratch64.asUnsized() != address.index); + doBaseIndex(scratch64, address, vixl::LDR_x); + int32OrDouble(scratch64.asUnsized(), ARMFPRegister(dest.fpu(), 64)); + } else if (type == MIRType_Int32 || type == MIRType_Boolean) { + load32(address, dest.gpr()); + } else { + loadPtr(address, dest.gpr()); + unboxNonDouble(dest.gpr(), dest.gpr()); + } + } + + void loadInstructionPointerAfterCall(Register dest) { + MOZ_CRASH("loadInstructionPointerAfterCall"); + } + + // Emit a B that can be toggled to a CMP. See ToggleToJmp(), ToggleToCmp(). + CodeOffsetLabel toggledJump(Label* label) { + BufferOffset offset = b(label, Always); + CodeOffsetLabel ret(offset.getOffset()); + return ret; + } + + // load: offset to the load instruction obtained by movePatchablePtr(). + void writeDataRelocation(ImmGCPtr ptr, BufferOffset load) { + if (ptr.value) + tmpDataRelocations_.append(load); + } + void writeDataRelocation(const Value& val, BufferOffset load) { + if (val.isMarkable()) { + gc::Cell* cell = reinterpret_cast(val.toGCThing()); + if (cell && gc::IsInsideNursery(cell)) + embedsNurseryPointers_ = true; + tmpDataRelocations_.append(load); + } + } + + void writePrebarrierOffset(CodeOffsetLabel label) { + tmpPreBarriers_.append(BufferOffset(label.offset())); + } + + void computeEffectiveAddress(const Address& address, Register dest) { + Add(ARMRegister(dest, 64), ARMRegister(address.base, 64), Operand(address.offset)); + } + void computeEffectiveAddress(const BaseIndex& address, Register dest) { + ARMRegister dest64(dest, 64); + ARMRegister base64(address.base, 64); + ARMRegister index64(address.index, 64); + + Add(dest64, base64, Operand(index64, vixl::LSL, address.scale)); + if (address.offset) + Add(dest64, dest64, Operand(address.offset)); + } + + private: + void setupABICall(uint32_t args); + + public: + // Setup a call to C/C++ code, given the number of general arguments it + // takes. Note that this only supports cdecl. + // + // In order for alignment to work correctly, the MacroAssembler must have a + // consistent view of the stack displacement. It is okay to call "push" + // manually, however, if the stack alignment were to change, the macro + // assembler should be notified before starting a call. + void setupAlignedABICall(uint32_t args) { + MOZ_CRASH("setupAlignedABICall"); + } + + // Sets up an ABI call for when the alignment is not known. This may need a + // scratch register. + void setupUnalignedABICall(uint32_t args, Register scratch); + + // Arguments must be assigned to a C/C++ call in order. They are moved + // in parallel immediately before performing the call. This process may + // temporarily use more stack, in which case sp-relative addresses will be + // automatically adjusted. It is extremely important that sp-relative + // addresses are computed *after* setupABICall(). Furthermore, no + // operations should be emitted while setting arguments. + void passABIArg(const MoveOperand& from, MoveOp::Type type); + void passABIArg(Register reg); + void passABIArg(FloatRegister reg, MoveOp::Type type); + void passABIOutParam(Register reg); + + private: + void callWithABIPre(uint32_t* stackAdjust); + void callWithABIPost(uint32_t stackAdjust, MoveOp::Type result); + + public: + // Emits a call to a C/C++ function, resolving all argument moves. + void callWithABI(void* fun, MoveOp::Type result = MoveOp::GENERAL); + void callWithABI(Register fun, MoveOp::Type result = MoveOp::GENERAL); + void callWithABI(AsmJSImmPtr imm, MoveOp::Type result = MoveOp::GENERAL); + void callWithABI(Address fun, MoveOp::Type result = MoveOp::GENERAL); + + CodeOffsetLabel labelForPatch() { + return CodeOffsetLabel(nextOffset().getOffset()); + } + + void handleFailureWithHandlerTail(void* handler); + + // FIXME: This is the same on all platforms. Can be common code? + void makeFrameDescriptor(Register frameSizeReg, FrameType type) { + lshiftPtr(Imm32(FRAMESIZE_SHIFT), frameSizeReg); + orPtr(Imm32(type), frameSizeReg); + } + + void callWithExitFrame(JitCode* target, Register dynStack) { + add32(Imm32(framePushed()), dynStack); + makeFrameDescriptor(dynStack, JitFrame_IonJS); + Push(dynStack); // descriptor + + call(target); + } + + // FIXME: See CodeGeneratorX64 calls to noteAsmJSGlobalAccess. + void patchAsmJSGlobalAccess(CodeOffsetLabel patchAt, uint8_t* code, + uint8_t* globalData, unsigned globalDataOffset) + { + MOZ_CRASH("patchAsmJSGlobalAccess"); + } + + void memIntToValue(const Address& src, const Address& dest) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + MOZ_ASSERT(scratch != src.base); + MOZ_ASSERT(scratch != dest.base); + load32(src, scratch); + storeValue(JSVAL_TYPE_INT32, scratch, dest); + } + + void branchPtrInNurseryRange(Condition cond, Register ptr, Register temp, Label* label); + void branchValueIsNurseryObject(Condition cond, ValueOperand value, Register temp, Label* label); + + // Builds an exit frame on the stack, with a return address to an internal + // non-function. Returns offset to be passed to markSafepointAt(). + void buildFakeExitFrame(Register scratch, uint32_t* offset); + + void callWithExitFrame(Label* target) { + uint32_t descriptor = MakeFrameDescriptor(framePushed(), JitFrame_IonJS); + Push(Imm32(descriptor)); // descriptor + + call(target); + } + + void callWithExitFrame(JitCode* target); + + void callJit(Register callee) { + // AArch64 cannot read from the PC, so pushing must be handled callee-side. + syncStackPtr(); + Blr(ARMRegister(callee, 64)); + } + + void appendCallSite(const CallSiteDesc& desc) { + MOZ_CRASH("appendCallSite"); + } + + void call(const CallSiteDesc& desc, Label* label) { + syncStackPtr(); + call(label); + append(desc, currentOffset(), framePushed_); + } + void call(const CallSiteDesc& desc, Register reg) { + syncStackPtr(); + call(reg); + append(desc, currentOffset(), framePushed_); + } + void call(const CallSiteDesc& desc, AsmJSImmPtr imm) { + syncStackPtr(); + call(imm); + append(desc, currentOffset(), framePushed_); + } + + void call(AsmJSImmPtr imm) { + vixl::UseScratchRegisterScope temps(this); + const Register scratch = temps.AcquireX().asUnsized(); + syncStackPtr(); + movePtr(imm, scratch); + call(scratch); + } + + void call(Register target) { + syncStackPtr(); + Blr(ARMRegister(target, 64)); + } + // Call a target JitCode, which must be traceable, and may be movable. + void call(JitCode* target) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + syncStackPtr(); + BufferOffset off = immPool64(scratch64, uint64_t(target->raw())); + addPendingJump(off, ImmPtr(target->raw()), Relocation::JITCODE); + blr(scratch64); + } + // Call a target native function, which is neither traceable nor movable. + void call(ImmPtr target) { + syncStackPtr(); + movePtr(target, ip0); + Blr(vixl::ip0); + } + void call(Label* target) { + syncStackPtr(); + Bl(target); + } + void callExit(AsmJSImmPtr imm, uint32_t stackArgBytes) { + MOZ_CRASH("callExit"); + } + + void callJitFromAsmJS(Register reg) { + Blr(ARMRegister(reg, 64)); + } + + void callAndPushReturnAddress(Label* label); + + void profilerEnterFrame(Register framePtr, Register scratch) { + AbsoluteAddress activation(GetJitContext()->runtime->addressOfProfilingActivation()); + loadPtr(activation, scratch); + storePtr(framePtr, Address(scratch, JitActivation::offsetOfLastProfilingFrame())); + storePtr(ImmPtr(nullptr), Address(scratch, JitActivation::offsetOfLastProfilingCallSite())); + } + void profilerExitFrame() { + branch(GetJitContext()->runtime->jitRuntime()->getProfilerExitFrameTail()); + } + Address ToPayload(Address value) { + return value; + } + Address ToType(Address value) { + return value; + } + + private: + template + void compareExchange(int nbytes, bool signExtend, const T& address, Register oldval, + Register newval, Register output) + { + MOZ_CRASH("compareExchange"); + } + + template + void atomicFetchOp(int nbytes, bool signExtend, AtomicOp op, const Imm32& value, + const T& address, Register temp, Register output) + { + MOZ_CRASH("atomicFetchOp"); + } + + template + void atomicFetchOp(int nbytes, bool signExtend, AtomicOp op, const Register& value, + const T& address, Register temp, Register output) + { + MOZ_CRASH("atomicFetchOp"); + } + + template + void atomicEffectOp(int nbytes, AtomicOp op, const Register& value, const T& mem) { + MOZ_CRASH("atomicEffectOp"); + } + + template + void atomicEffectOp(int nbytes, AtomicOp op, const Imm32& value, const T& mem) { + MOZ_CRASH("atomicEffectOp"); + } + + public: + // T in {Address,BaseIndex} + // S in {Imm32,Register} + + template + void compareExchange8SignExtend(const T& mem, Register oldval, Register newval, Register output) + { + compareExchange(1, true, mem, oldval, newval, output); + } + template + void compareExchange8ZeroExtend(const T& mem, Register oldval, Register newval, Register output) + { + compareExchange(1, false, mem, oldval, newval, output); + } + template + void compareExchange16SignExtend(const T& mem, Register oldval, Register newval, Register output) + { + compareExchange(2, true, mem, oldval, newval, output); + } + template + void compareExchange16ZeroExtend(const T& mem, Register oldval, Register newval, Register output) + { + compareExchange(2, false, mem, oldval, newval, output); + } + template + void compareExchange32(const T& mem, Register oldval, Register newval, Register output) { + compareExchange(4, false, mem, oldval, newval, output); + } + + template + void atomicFetchAdd8SignExtend(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(1, true, AtomicFetchAddOp, value, mem, temp, output); + } + template + void atomicFetchAdd8ZeroExtend(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(1, false, AtomicFetchAddOp, value, mem, temp, output); + } + template + void atomicFetchAdd16SignExtend(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(2, true, AtomicFetchAddOp, value, mem, temp, output); + } + template + void atomicFetchAdd16ZeroExtend(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(2, false, AtomicFetchAddOp, value, mem, temp, output); + } + template + void atomicFetchAdd32(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(4, false, AtomicFetchAddOp, value, mem, temp, output); + } + + template + void atomicAdd8(const S& value, const T& mem) { + atomicEffectOp(1, AtomicFetchAddOp, value, mem); + } + template + void atomicAdd16(const S& value, const T& mem) { + atomicEffectOp(2, AtomicFetchAddOp, value, mem); + } + template + void atomicAdd32(const S& value, const T& mem) { + atomicEffectOp(4, AtomicFetchAddOp, value, mem); + } + + template + void atomicFetchSub8SignExtend(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(1, true, AtomicFetchSubOp, value, mem, temp, output); + } + template + void atomicFetchSub8ZeroExtend(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(1, false, AtomicFetchSubOp, value, mem, temp, output); + } + template + void atomicFetchSub16SignExtend(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(2, true, AtomicFetchSubOp, value, mem, temp, output); + } + template + void atomicFetchSub16ZeroExtend(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(2, false, AtomicFetchSubOp, value, mem, temp, output); + } + template + void atomicFetchSub32(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(4, false, AtomicFetchSubOp, value, mem, temp, output); + } + + template + void atomicSub8(const S& value, const T& mem) { + atomicEffectOp(1, AtomicFetchSubOp, value, mem); + } + template + void atomicSub16(const S& value, const T& mem) { + atomicEffectOp(2, AtomicFetchSubOp, value, mem); + } + template + void atomicSub32(const S& value, const T& mem) { + atomicEffectOp(4, AtomicFetchSubOp, value, mem); + } + + template + void atomicFetchAnd8SignExtend(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(1, true, AtomicFetchAndOp, value, mem, temp, output); + } + template + void atomicFetchAnd8ZeroExtend(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(1, false, AtomicFetchAndOp, value, mem, temp, output); + } + template + void atomicFetchAnd16SignExtend(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(2, true, AtomicFetchAndOp, value, mem, temp, output); + } + template + void atomicFetchAnd16ZeroExtend(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(2, false, AtomicFetchAndOp, value, mem, temp, output); + } + template + void atomicFetchAnd32(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(4, false, AtomicFetchAndOp, value, mem, temp, output); + } + + template + void atomicAnd8(const S& value, const T& mem) { + atomicEffectOp(1, AtomicFetchAndOp, value, mem); + } + template + void atomicAnd16(const S& value, const T& mem) { + atomicEffectOp(2, AtomicFetchAndOp, value, mem); + } + template + void atomicAnd32(const S& value, const T& mem) { + atomicEffectOp(4, AtomicFetchAndOp, value, mem); + } + + template + void atomicFetchOr8SignExtend(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(1, true, AtomicFetchOrOp, value, mem, temp, output); + } + template + void atomicFetchOr8ZeroExtend(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(1, false, AtomicFetchOrOp, value, mem, temp, output); + } + template + void atomicFetchOr16SignExtend(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(2, true, AtomicFetchOrOp, value, mem, temp, output); + } + template + void atomicFetchOr16ZeroExtend(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(2, false, AtomicFetchOrOp, value, mem, temp, output); + } + template + void atomicFetchOr32(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(4, false, AtomicFetchOrOp, value, mem, temp, output); + } + + template + void atomicOr8(const S& value, const T& mem) { + atomicEffectOp(1, AtomicFetchOrOp, value, mem); + } + template + void atomicOr16(const S& value, const T& mem) { + atomicEffectOp(2, AtomicFetchOrOp, value, mem); + } + template + void atomicOr32(const S& value, const T& mem) { + atomicEffectOp(4, AtomicFetchOrOp, value, mem); + } + + template + void atomicFetchXor8SignExtend(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(1, true, AtomicFetchXorOp, value, mem, temp, output); + } + template + void atomicFetchXor8ZeroExtend(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(1, false, AtomicFetchXorOp, value, mem, temp, output); + } + template + void atomicFetchXor16SignExtend(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(2, true, AtomicFetchXorOp, value, mem, temp, output); + } + template + void atomicFetchXor16ZeroExtend(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(2, false, AtomicFetchXorOp, value, mem, temp, output); + } + template + void atomicFetchXor32(const S& value, const T& mem, Register temp, Register output) { + atomicFetchOp(4, false, AtomicFetchXorOp, value, mem, temp, output); + } + + template + void atomicXor8(const S& value, const T& mem) { + atomicEffectOp(1, AtomicFetchXorOp, value, mem); + } + template + void atomicXor16(const S& value, const T& mem) { + atomicEffectOp(2, AtomicFetchXorOp, value, mem); + } + template + void atomicXor32(const S& value, const T& mem) { + atomicEffectOp(4, AtomicFetchXorOp, value, mem); + } + + // Emit a BLR or NOP instruction. ToggleCall can be used to patch + // this instruction. + CodeOffsetLabel toggledCall(JitCode* target, bool enabled) { + // TODO: Random pool insertion between instructions below is terrible. + // Unfortunately, we can't forbid pool prevention, because we're trying + // to add an entry to a pool. So as a temporary fix, just flush the pool + // now, so that it won't add later. If you're changing this, also + // check ToggleCall(), which will probably break. + armbuffer_.flushPool(); + + syncStackPtr(); + + BufferOffset offset = nextOffset(); + BufferOffset loadOffset; + { + vixl::UseScratchRegisterScope temps(this); + + // The register used for the load is hardcoded, so that ToggleCall + // can patch in the branch instruction easily. This could be changed, + // but then ToggleCall must read the target register from the load. + MOZ_ASSERT(temps.IsAvailable(ScratchReg2_64)); + temps.Exclude(ScratchReg2_64); + + loadOffset = immPool64(ScratchReg2_64, uint64_t(target->raw())); + + if (enabled) + blr(ScratchReg2_64); + else + nop(); + } + + addPendingJump(loadOffset, ImmPtr(target->raw()), Relocation::JITCODE); + CodeOffsetLabel ret(offset.getOffset()); + return ret; + } + + static size_t ToggledCallSize(uint8_t* code) { + static const uint32_t syncStackInstruction = 0x9100039f; // mov sp, r28 + + // start it off as an 8 byte sequence + int ret = 8; + Instruction* cur = (Instruction*)code; + uint32_t* curw = (uint32_t*)code; + + if (*curw == syncStackInstruction) { + ret += 4; + cur += 4; + } + + if (cur->IsUncondB()) + ret += cur->ImmPCRawOffset() << vixl::kInstructionSizeLog2; + + return ret; + } + + void checkARMRegAlignment(const ARMRegister& reg) { +#ifdef DEBUG + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch64 = temps.AcquireX(); + MOZ_ASSERT(scratch64.asUnsized() != reg.asUnsized()); + Label aligned; + Mov(scratch64, reg); + Tst(scratch64, Operand(StackAlignment - 1)); + B(Zero, &aligned); + breakpoint(); + bind(&aligned); + Mov(scratch64, vixl::xzr); // Clear the scratch register for sanity. +#endif + } + + void checkStackAlignment() { +#ifdef DEBUG + checkARMRegAlignment(GetStackPointer64()); + + // If another register is being used to track pushes, check sp explicitly. + if (!GetStackPointer64().Is(vixl::sp)) + checkARMRegAlignment(vixl::sp); +#endif + } + + void abiret() { + syncStackPtr(); // SP is always used to transmit the stack between calls. + vixl::MacroAssembler::Ret(vixl::lr); + } + + void mulBy3(Register src, Register dest) { + ARMRegister xdest(dest, 64); + ARMRegister xsrc(src, 64); + Add(xdest, xsrc, Operand(xsrc, vixl::LSL, 1)); + } + + template + void branchAdd32(Condition cond, T src, Register dest, Label* label) { + adds32(src, dest); + branch(cond, label); + } + + template + void branchSub32(Condition cond, T src, Register dest, Label* label) { + subs32(src, dest); + branch(cond, label); + } + void clampCheck(Register r, Label* handleNotAnInt) { + MOZ_CRASH("clampCheck"); + } + + void memMove32(Address Source, Address Dest) { + MOZ_CRASH("memMove32"); + } + void memMove64(Address Source, Address Dest) { + MOZ_CRASH("memMove64"); + } + + void stackCheck(ImmWord limitAddr, Label* label) { + MOZ_CRASH("stackCheck"); + } + void clampIntToUint8(Register reg) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch32 = temps.AcquireW(); + const ARMRegister reg32(reg, 32); + MOZ_ASSERT(!scratch32.Is(reg32)); + + Cmp(reg32, Operand(reg32, vixl::UXTB)); + Csel(reg32, reg32, vixl::wzr, Assembler::GreaterThanOrEqual); + Mov(scratch32, Operand(0xff)); + Csel(reg32, reg32, scratch32, Assembler::LessThanOrEqual); + } + + void incrementInt32Value(const Address& addr) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratch32 = temps.AcquireW(); + MOZ_ASSERT(scratch32.asUnsized() != addr.base); + + load32(addr, scratch32.asUnsized()); + Add(scratch32, scratch32, Operand(1)); + store32(scratch32.asUnsized(), addr); + } + void inc64(AbsoluteAddress dest) { + vixl::UseScratchRegisterScope temps(this); + const ARMRegister scratchAddr64 = temps.AcquireX(); + const ARMRegister scratch64 = temps.AcquireX(); + + Mov(scratchAddr64, uint64_t(dest.addr)); + Ldr(scratch64, MemOperand(scratchAddr64, 0)); + Add(scratch64, scratch64, Operand(1)); + Str(scratch64, MemOperand(scratchAddr64, 0)); + } + + void BoundsCheck(Register ptrReg, Label* onFail, vixl::CPURegister zeroMe = vixl::NoReg) { + // use tst rather than Tst to *ensure* that a single instrution is generated. + Cmp(ARMRegister(ptrReg, 32), ARMRegister(HeapLenReg, 32)); + if (!zeroMe.IsNone()) { + if (zeroMe.IsRegister()) { + Csel(ARMRegister(zeroMe), + ARMRegister(zeroMe), + Operand(zeroMe.Is32Bits() ? vixl::wzr : vixl::xzr), + Assembler::Below); + } else if (zeroMe.Is32Bits()) { + vixl::UseScratchRegisterScope temps(this); + const ARMFPRegister scratchFloat = temps.AcquireS(); + Fmov(scratchFloat, JS::GenericNaN()); + Fcsel(ARMFPRegister(zeroMe), ARMFPRegister(zeroMe), scratchFloat, Assembler::Below); + } else { + vixl::UseScratchRegisterScope temps(this); + const ARMFPRegister scratchDouble = temps.AcquireD(); + Fmov(scratchDouble, JS::GenericNaN()); + Fcsel(ARMFPRegister(zeroMe), ARMFPRegister(zeroMe), scratchDouble, Assembler::Below); + } + } + B(onFail, Assembler::AboveOrEqual); + } + void breakpoint(); + + // Emits a simulator directive to save the current sp on an internal stack. + void simulatorMarkSP() { +#ifdef JS_ARM64_SIMULATOR + svc(vixl::kMarkStackPointer); +#endif + } + + // Emits a simulator directive to pop from its internal stack + // and assert that the value is equal to the current sp. + void simulatorCheckSP() { +#ifdef JS_ARM64_SIMULATOR + svc(vixl::kCheckStackPointer); +#endif + } + + void loadAsmJSActivation(Register dest) { + loadPtr(Address(GlobalReg, AsmJSActivationGlobalDataOffset - AsmJSGlobalRegBias), dest); + } + void loadAsmJSHeapRegisterFromGlobalData() { + loadPtr(Address(GlobalReg, AsmJSHeapGlobalDataOffset - AsmJSGlobalRegBias), HeapReg); + loadPtr(Address(GlobalReg, AsmJSHeapGlobalDataOffset - AsmJSGlobalRegBias + 8), HeapLenReg); + } + + // Overwrites the payload bits of a dest register containing a Value. + void movePayload(Register src, Register dest) { + // Bfxil cannot be used with the zero register as a source. + if (src == rzr) + And(ARMRegister(dest, 64), ARMRegister(dest, 64), Operand(~int64_t(JSVAL_PAYLOAD_MASK))); + else + Bfxil(ARMRegister(dest, 64), ARMRegister(src, 64), 0, JSVAL_TAG_SHIFT); + } + + // FIXME: Should be in Assembler? + // FIXME: Should be const? + uint32_t currentOffset() const { + return nextOffset().getOffset(); + } + + protected: + bool buildOOLFakeExitFrame(void* fakeReturnAddr) { + uint32_t descriptor = MakeFrameDescriptor(framePushed(), JitFrame_IonJS); + Push(Imm32(descriptor)); + Push(ImmPtr(fakeReturnAddr)); + return true; + } +}; + +typedef MacroAssemblerCompat MacroAssemblerSpecific; + +} // namespace jit +} // namespace js + +#endif // jit_arm64_MacroAssembler_arm64_h diff --git a/js/src/jit/arm64/vixl/MacroAssembler-vixl.h b/js/src/jit/arm64/vixl/MacroAssembler-vixl.h index d1720fa8a46..d1453837955 100644 --- a/js/src/jit/arm64/vixl/MacroAssembler-vixl.h +++ b/js/src/jit/arm64/vixl/MacroAssembler-vixl.h @@ -27,8 +27,7 @@ #ifndef VIXL_A64_MACRO_ASSEMBLER_A64_H_ #define VIXL_A64_MACRO_ASSEMBLER_A64_H_ -// TODO: Re-enable once landed. -// #include "jit/arm64/Assembler-arm64.h" +#include "jit/arm64/Assembler-arm64.h" #include "jit/arm64/vixl/Debugger-vixl.h" #include "jit/arm64/vixl/Globals-vixl.h" From 776a1086e805fa67c1f16b12b6667226ab84de8d Mon Sep 17 00:00:00 2001 From: Sean Stangl Date: Wed, 10 Jun 2015 19:14:27 -0700 Subject: [PATCH 075/297] Bug 1167244 - Handle nullptr return from maybeGetProperty(). r=bhackett --- js/src/vm/UnboxedObject.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/js/src/vm/UnboxedObject.cpp b/js/src/vm/UnboxedObject.cpp index 3e08f3c63c2..2548a6379ec 100644 --- a/js/src/vm/UnboxedObject.cpp +++ b/js/src/vm/UnboxedObject.cpp @@ -522,7 +522,7 @@ UnboxedLayout::makeNativeGroup(JSContext* cx, ObjectGroup* group) return false; HeapTypeSet* nativeProperty = nativeGroup->maybeGetProperty(id); - if (nativeProperty->canSetDefinite(i)) + if (nativeProperty && nativeProperty->canSetDefinite(i)) nativeProperty->setDefinite(i); } } From 9f74606e9e3b1bda90fe3a08125397717a83a57e Mon Sep 17 00:00:00 2001 From: Botond Ballo Date: Mon, 8 Jun 2015 16:01:26 -0400 Subject: [PATCH 076/297] Bug 1158424 - Rename FrameMetrics::mIsRoot to mIsRootContent. r=kats --- dom/ipc/TabChild.cpp | 2 +- gfx/ipc/GfxMessageUtils.h | 4 ++-- gfx/layers/FrameMetrics.h | 16 ++++++++-------- gfx/layers/apz/public/GeckoContentController.h | 2 +- gfx/layers/apz/src/AsyncPanZoomController.cpp | 8 ++++---- gfx/layers/apz/util/ChromeProcessController.h | 2 +- gfx/tests/gtest/TestAsyncPanZoomController.cpp | 4 ++-- layout/base/nsDisplayList.cpp | 4 ++-- layout/base/nsLayoutUtils.cpp | 4 ++-- layout/generic/nsGfxScrollFrame.cpp | 8 ++++---- layout/ipc/RenderFrameParent.cpp | 6 +++--- 11 files changed, 30 insertions(+), 30 deletions(-) diff --git a/dom/ipc/TabChild.cpp b/dom/ipc/TabChild.cpp index b17208f8c15..838ba2fc42e 100644 --- a/dom/ipc/TabChild.cpp +++ b/dom/ipc/TabChild.cpp @@ -545,7 +545,7 @@ TabChildBase::UpdateFrameHandler(const FrameMetrics& aFrameMetrics) { MOZ_ASSERT(aFrameMetrics.GetScrollId() != FrameMetrics::NULL_SCROLL_ID); - if (aFrameMetrics.GetIsRoot()) { + if (aFrameMetrics.IsRootContent()) { if (nsCOMPtr shell = GetPresShell()) { // Guard against stale updates (updates meant for a pres shell which // has since been torn down and destroyed). diff --git a/gfx/ipc/GfxMessageUtils.h b/gfx/ipc/GfxMessageUtils.h index 4704fa2f7c0..d83dac7abda 100644 --- a/gfx/ipc/GfxMessageUtils.h +++ b/gfx/ipc/GfxMessageUtils.h @@ -721,7 +721,7 @@ struct ParamTraits WriteParam(aMsg, aParam.mZoom); WriteParam(aMsg, aParam.mDevPixelsPerCSSPixel); WriteParam(aMsg, aParam.mPresShellId); - WriteParam(aMsg, aParam.mIsRoot); + WriteParam(aMsg, aParam.mIsRootContent); WriteParam(aMsg, aParam.mHasScrollgrab); WriteParam(aMsg, aParam.mUpdateScrollOffset); WriteParam(aMsg, aParam.mScrollGeneration); @@ -766,7 +766,7 @@ struct ParamTraits ReadParam(aMsg, aIter, &aResult->mZoom) && ReadParam(aMsg, aIter, &aResult->mDevPixelsPerCSSPixel) && ReadParam(aMsg, aIter, &aResult->mPresShellId) && - ReadParam(aMsg, aIter, &aResult->mIsRoot) && + ReadParam(aMsg, aIter, &aResult->mIsRootContent) && ReadParam(aMsg, aIter, &aResult->mHasScrollgrab) && ReadParam(aMsg, aIter, &aResult->mUpdateScrollOffset) && ReadParam(aMsg, aIter, &aResult->mScrollGeneration) && diff --git a/gfx/layers/FrameMetrics.h b/gfx/layers/FrameMetrics.h index f31c4adde31..b9dc4d6d832 100644 --- a/gfx/layers/FrameMetrics.h +++ b/gfx/layers/FrameMetrics.h @@ -48,7 +48,7 @@ public: , mScrollableRect(0, 0, 0, 0) , mCumulativeResolution() , mDevPixelsPerCSSPixel(1) - , mIsRoot(false) + , mIsRootContent(false) , mHasScrollgrab(false) , mScrollId(NULL_SCROLL_ID) , mScrollParentId(NULL_SCROLL_ID) @@ -89,7 +89,7 @@ public: mCumulativeResolution == aOther.mCumulativeResolution && mDevPixelsPerCSSPixel == aOther.mDevPixelsPerCSSPixel && mPresShellId == aOther.mPresShellId && - mIsRoot == aOther.mIsRoot && + mIsRootContent == aOther.mIsRootContent && mScrollId == aOther.mScrollId && mScrollParentId == aOther.mScrollParentId && mScrollOffset == aOther.mScrollOffset && @@ -122,7 +122,7 @@ public: bool IsRootScrollable() const { - return mIsRoot; + return mIsRootContent; } bool IsScrollable() const @@ -298,14 +298,14 @@ public: return mDevPixelsPerCSSPixel; } - void SetIsRoot(bool aIsRoot) + void SetIsRootContent(bool aIsRootContent) { - mIsRoot = aIsRoot; + mIsRootContent = aIsRootContent; } - bool GetIsRoot() const + bool IsRootContent() const { - return mIsRoot; + return mIsRootContent; } void SetHasScrollgrab(bool aHasScrollgrab) @@ -626,7 +626,7 @@ private: CSSToLayoutDeviceScale mDevPixelsPerCSSPixel; // Whether or not this is the root scroll frame for the root content document. - bool mIsRoot; + bool mIsRootContent; // Whether or not this frame is for an element marked 'scrollgrab'. bool mHasScrollgrab; diff --git a/gfx/layers/apz/public/GeckoContentController.h b/gfx/layers/apz/public/GeckoContentController.h index 9756f8e9529..79db6c805d1 100644 --- a/gfx/layers/apz/public/GeckoContentController.h +++ b/gfx/layers/apz/public/GeckoContentController.h @@ -79,7 +79,7 @@ public: * |aContentRect| is in CSS pixels, relative to the current cssPage. * |aScrollableSize| is the current content width/height in CSS pixels. */ - virtual void SendAsyncScrollDOMEvent(bool aIsRoot, + virtual void SendAsyncScrollDOMEvent(bool aIsRootContent, const CSSRect &aContentRect, const CSSSize &aScrollableSize) = 0; diff --git a/gfx/layers/apz/src/AsyncPanZoomController.cpp b/gfx/layers/apz/src/AsyncPanZoomController.cpp index b8b3db87744..6ad33be4512 100644 --- a/gfx/layers/apz/src/AsyncPanZoomController.cpp +++ b/gfx/layers/apz/src/AsyncPanZoomController.cpp @@ -1433,7 +1433,7 @@ AsyncPanZoomController::GetScrollWheelDelta(const ScrollWheelInput& aEvent) cons MOZ_ASSERT_UNREACHABLE("unexpected scroll delta type"); } - if (mFrameMetrics.GetIsRoot() && gfxPrefs::MouseWheelHasRootScrollDeltaOverride()) { + if (mFrameMetrics.IsRootContent() && gfxPrefs::MouseWheelHasRootScrollDeltaOverride()) { // Only apply delta multipliers if we're increasing the delta. double hfactor = double(gfxPrefs::MouseWheelRootHScrollDeltaFactor()) / 100; double vfactor = double(gfxPrefs::MouseWheelRootVScrollDeltaFactor()) / 100; @@ -3190,19 +3190,19 @@ void AsyncPanZoomController::SendAsyncScrollEvent() { return; } - bool isRoot; + bool isRootContent; CSSRect contentRect; CSSSize scrollableSize; { ReentrantMonitorAutoEnter lock(mMonitor); - isRoot = mFrameMetrics.GetIsRoot(); + isRootContent = mFrameMetrics.IsRootContent(); scrollableSize = mFrameMetrics.GetScrollableRect().Size(); contentRect = mFrameMetrics.CalculateCompositedRectInCssPixels(); contentRect.MoveTo(mCurrentAsyncScrollOffset); } - controller->SendAsyncScrollDOMEvent(isRoot, contentRect, scrollableSize); + controller->SendAsyncScrollDOMEvent(isRootContent, contentRect, scrollableSize); } bool AsyncPanZoomController::Matches(const ScrollableLayerGuid& aGuid) diff --git a/gfx/layers/apz/util/ChromeProcessController.h b/gfx/layers/apz/util/ChromeProcessController.h index 19e301d1f3e..500162ac698 100644 --- a/gfx/layers/apz/util/ChromeProcessController.h +++ b/gfx/layers/apz/util/ChromeProcessController.h @@ -49,7 +49,7 @@ public: virtual void HandleLongTap(const mozilla::CSSPoint& aPoint, Modifiers aModifiers, const ScrollableLayerGuid& aGuid, uint64_t aInputBlockId) override; - virtual void SendAsyncScrollDOMEvent(bool aIsRoot, const mozilla::CSSRect &aContentRect, + virtual void SendAsyncScrollDOMEvent(bool aIsRootContent, const mozilla::CSSRect &aContentRect, const mozilla::CSSSize &aScrollableSize) override {} virtual void NotifyAPZStateChange(const ScrollableLayerGuid& aGuid, APZStateChange aChange, diff --git a/gfx/tests/gtest/TestAsyncPanZoomController.cpp b/gfx/tests/gtest/TestAsyncPanZoomController.cpp index b8e8aae3f35..8051f4cfe5a 100644 --- a/gfx/tests/gtest/TestAsyncPanZoomController.cpp +++ b/gfx/tests/gtest/TestAsyncPanZoomController.cpp @@ -780,7 +780,7 @@ protected: fm.SetScrollOffset(CSSPoint(300, 300)); fm.SetZoom(CSSToParentLayerScale2D(2.0, 2.0)); // APZC only allows zooming on the root scrollable frame. - fm.SetIsRoot(true); + fm.SetIsRootContent(true); // the visible area of the document in CSS pixels is x=300 y=300 w=50 h=100 return fm; } @@ -921,7 +921,7 @@ TEST_F(APZCBasicTester, Overzoom) { fm.SetScrollableRect(CSSRect(0, 0, 125, 150)); fm.SetScrollOffset(CSSPoint(10, 0)); fm.SetZoom(CSSToParentLayerScale2D(1.0, 1.0)); - fm.SetIsRoot(true); + fm.SetIsRootContent(true); apzc->SetFrameMetrics(fm); MakeApzcZoomable(); diff --git a/layout/base/nsDisplayList.cpp b/layout/base/nsDisplayList.cpp index 4852f5884ba..2e65f85febd 100644 --- a/layout/base/nsDisplayList.cpp +++ b/layout/base/nsDisplayList.cpp @@ -1582,7 +1582,7 @@ already_AddRefed nsDisplayList::PaintRoot(nsDisplayListBuilder* aB } if (addMetrics || ensureMetricsForRootId) { - bool isRoot = presContext->IsRootContentDocument(); + bool isRootContent = presContext->IsRootContentDocument(); nsRect viewport(aBuilder->ToReferenceFrame(frame), frame->GetSize()); @@ -1591,7 +1591,7 @@ already_AddRefed nsDisplayList::PaintRoot(nsDisplayListBuilder* aB rootScrollFrame, content, aBuilder->FindReferenceFrameFor(frame), root, FrameMetrics::NULL_SCROLL_ID, viewport, Nothing(), - isRoot, containerParameters)); + isRootContent, containerParameters)); } else { // Set empty metrics to clear any metrics that might be on a recycled layer. root->SetFrameMetrics(nsTArray()); diff --git a/layout/base/nsLayoutUtils.cpp b/layout/base/nsLayoutUtils.cpp index fc550dc932e..71ab13c3827 100644 --- a/layout/base/nsLayoutUtils.cpp +++ b/layout/base/nsLayoutUtils.cpp @@ -8169,7 +8169,7 @@ nsLayoutUtils::ComputeFrameMetrics(nsIFrame* aForFrame, ViewID aScrollParentId, const nsRect& aViewport, const Maybe& aClipRect, - bool aIsRoot, + bool aIsRootContent, const ContainerLayerParameters& aContainerParameters) { nsPresContext* presContext = aForFrame->PresContext(); @@ -8248,7 +8248,7 @@ nsLayoutUtils::ComputeFrameMetrics(nsIFrame* aForFrame, // overscroll handoff chain. MOZ_ASSERT(aScrollParentId == FrameMetrics::NULL_SCROLL_ID || scrollId != aScrollParentId); metrics.SetScrollId(scrollId); - metrics.SetIsRoot(aIsRoot); + metrics.SetIsRootContent(aIsRootContent); metrics.SetScrollParentId(aScrollParentId); if (scrollId != FrameMetrics::NULL_SCROLL_ID && !presContext->GetParentPresContext()) { diff --git a/layout/generic/nsGfxScrollFrame.cpp b/layout/generic/nsGfxScrollFrame.cpp index 4f1856bd066..04fa0cdbf95 100644 --- a/layout/generic/nsGfxScrollFrame.cpp +++ b/layout/generic/nsGfxScrollFrame.cpp @@ -3066,13 +3066,13 @@ ScrollFrameHelper::ComputeFrameMetrics(Layer* aLayer, } nsPoint toReferenceFrame = mOuter->GetOffsetToCrossDoc(aContainerReferenceFrame); - bool isRoot = mIsRoot && mOuter->PresContext()->IsRootContentDocument(); + bool isRootContent = mIsRoot && mOuter->PresContext()->IsRootContentDocument(); Maybe parentLayerClip; if (needsParentLayerClip) { nsRect clip = nsRect(mScrollPort.TopLeft() + toReferenceFrame, nsLayoutUtils::CalculateCompositionSizeForFrame(mOuter)); - if (isRoot) { + if (isRootContent) { double res = mOuter->PresContext()->PresShell()->GetResolution(); clip.width = NSToCoordRound(clip.width / res); clip.height = NSToCoordRound(clip.height / res); @@ -3089,7 +3089,7 @@ ScrollFrameHelper::ComputeFrameMetrics(Layer* aLayer, #if defined(MOZ_WIDGET_ANDROID) && !defined(MOZ_ANDROID_APZ) // Android without apzc (aka the java pan zoom code) only uses async scrolling // for the root scroll frame of the root content document. - if (!isRoot) { + if (!isRootContent) { thisScrollFrameUsesAsyncScrolling = false; } #endif @@ -3124,7 +3124,7 @@ ScrollFrameHelper::ComputeFrameMetrics(Layer* aLayer, nsLayoutUtils::ComputeFrameMetrics( mScrolledFrame, mOuter, mOuter->GetContent(), aContainerReferenceFrame, aLayer, mScrollParentID, - scrollport, parentLayerClip, isRoot, aParameters); + scrollport, parentLayerClip, isRootContent, aParameters); } bool diff --git a/layout/ipc/RenderFrameParent.cpp b/layout/ipc/RenderFrameParent.cpp index 4e47526d3e4..c15e64e5375 100644 --- a/layout/ipc/RenderFrameParent.cpp +++ b/layout/ipc/RenderFrameParent.cpp @@ -198,7 +198,7 @@ public: void ClearRenderFrame() { mRenderFrame = nullptr; } - virtual void SendAsyncScrollDOMEvent(bool aIsRoot, + virtual void SendAsyncScrollDOMEvent(bool aIsRootContent, const CSSRect& aContentRect, const CSSSize& aContentSize) override { @@ -207,10 +207,10 @@ public: FROM_HERE, NewRunnableMethod(this, &RemoteContentController::SendAsyncScrollDOMEvent, - aIsRoot, aContentRect, aContentSize)); + aIsRootContent, aContentRect, aContentSize)); return; } - if (mRenderFrame && aIsRoot) { + if (mRenderFrame && aIsRootContent) { TabParent* browser = TabParent::GetFrom(mRenderFrame->Manager()); BrowserElementParent::DispatchAsyncScrollEvent(browser, aContentRect, aContentSize); From cdebd3de4b0eeab61a948fed347ed533bbdb6eaf Mon Sep 17 00:00:00 2001 From: Botond Ballo Date: Wed, 27 May 2015 19:40:40 -0400 Subject: [PATCH 077/297] Bug 1158424 - Remove FrameMetrics::IsRootScrollable() (it just duplicated IsRootContent()). r=kats --- gfx/layers/FrameMetrics.h | 5 ----- gfx/layers/apz/src/AsyncPanZoomController.cpp | 4 ++-- gfx/layers/composite/AsyncCompositionManager.cpp | 8 ++++---- 3 files changed, 6 insertions(+), 11 deletions(-) diff --git a/gfx/layers/FrameMetrics.h b/gfx/layers/FrameMetrics.h index b9dc4d6d832..d5cf7af8bbd 100644 --- a/gfx/layers/FrameMetrics.h +++ b/gfx/layers/FrameMetrics.h @@ -120,11 +120,6 @@ public: return (def == *this); } - bool IsRootScrollable() const - { - return mIsRootContent; - } - bool IsScrollable() const { return mScrollId != NULL_SCROLL_ID; diff --git a/gfx/layers/apz/src/AsyncPanZoomController.cpp b/gfx/layers/apz/src/AsyncPanZoomController.cpp index 6ad33be4512..6ac35f99461 100644 --- a/gfx/layers/apz/src/AsyncPanZoomController.cpp +++ b/gfx/layers/apz/src/AsyncPanZoomController.cpp @@ -1287,7 +1287,7 @@ nsEventStatus AsyncPanZoomController::OnScale(const PinchGestureInput& aEvent) { // would have to be adjusted (as e.g. it would no longer be valid to take // the minimum or maximum of the ratios of the widths and heights of the // page rect and the composition bounds). - MOZ_ASSERT(mFrameMetrics.IsRootScrollable()); + MOZ_ASSERT(mFrameMetrics.IsRootContent()); MOZ_ASSERT(mFrameMetrics.GetZoom().AreScalesSame()); float prevSpan = aEvent.mPreviousSpan; @@ -2996,7 +2996,7 @@ void AsyncPanZoomController::ZoomToRect(CSSRect aRect) { // would have to be adjusted (as e.g. it would no longer be valid to take // the minimum or maximum of the ratios of the widths and heights of the // page rect and the composition bounds). - MOZ_ASSERT(mFrameMetrics.IsRootScrollable()); + MOZ_ASSERT(mFrameMetrics.IsRootContent()); MOZ_ASSERT(mFrameMetrics.GetZoom().AreScalesSame()); SetState(ANIMATING_ZOOM); diff --git a/gfx/layers/composite/AsyncCompositionManager.cpp b/gfx/layers/composite/AsyncCompositionManager.cpp index 31786dabccb..76df089fbc2 100644 --- a/gfx/layers/composite/AsyncCompositionManager.cpp +++ b/gfx/layers/composite/AsyncCompositionManager.cpp @@ -813,11 +813,11 @@ ApplyAsyncTransformToScrollbarForContent(Layer* aScrollbar, const ParentLayerCoord thumbOriginDeltaPL = thumbOriginDelta * effectiveZoom; yTranslation -= thumbOriginDeltaPL; - if (metrics.IsRootScrollable()) { + if (metrics.IsRootContent()) { // Scrollbar for the root are painted at the same resolution as the // content. Since the coordinate space we apply this transform in includes // the resolution, we need to adjust for it as well here. Note that in - // another metrics.IsRootScrollable() hunk below we apply a + // another metrics.IsRootContent() hunk below we apply a // resolution-cancelling transform which ensures the scroll thumb isn't // actually rendered at a larger scale. yTranslation *= metrics.GetPresShellResolution(); @@ -846,7 +846,7 @@ ApplyAsyncTransformToScrollbarForContent(Layer* aScrollbar, const ParentLayerCoord thumbOriginDeltaPL = thumbOriginDelta * effectiveZoom; xTranslation -= thumbOriginDeltaPL; - if (metrics.IsRootScrollable()) { + if (metrics.IsRootContent()) { xTranslation *= metrics.GetPresShellResolution(); } @@ -862,7 +862,7 @@ ApplyAsyncTransformToScrollbarForContent(Layer* aScrollbar, // thumb's size to vary with the zoom (other than its length reflecting the // fraction of the scrollable length that's in view, which is taken care of // above), we apply a transform to cancel out this resolution. - if (metrics.IsRootScrollable()) { + if (metrics.IsRootContent()) { compensation = Matrix4x4::Scaling(metrics.GetPresShellResolution(), metrics.GetPresShellResolution(), From 73e93bb848f5b8b7a07b810c284164ed43b2e163 Mon Sep 17 00:00:00 2001 From: Botond Ballo Date: Mon, 1 Jun 2015 18:46:59 -0400 Subject: [PATCH 078/297] Bug 1158424 - Expose IsRootContent() in AsyncPanZoomController. r=kats --- gfx/layers/apz/src/AsyncPanZoomController.h | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/gfx/layers/apz/src/AsyncPanZoomController.h b/gfx/layers/apz/src/AsyncPanZoomController.h index afaf3c22a4a..61fcbbf9d1e 100644 --- a/gfx/layers/apz/src/AsyncPanZoomController.h +++ b/gfx/layers/apz/src/AsyncPanZoomController.h @@ -911,6 +911,11 @@ public: return mFrameMetrics.IsLayersIdRoot(); } + bool IsRootContent() const { + ReentrantMonitorAutoEnter lock(mMonitor); + return mFrameMetrics.IsRootContent(); + } + private: // This is a raw pointer to avoid introducing a reference cycle between // AsyncPanZoomController and APZCTreeManager. Since these objects don't From 974a5505f5c75d0c0e66ad56b467929d3d96b872 Mon Sep 17 00:00:00 2001 From: Botond Ballo Date: Wed, 10 Jun 2015 14:56:26 -0400 Subject: [PATCH 079/297] Bug 1158424 - Clean up uses of HasNoParentWithSameLayersId() related to zoom constraints. r=kats --- gfx/layers/apz/src/APZCTreeManager.cpp | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/gfx/layers/apz/src/APZCTreeManager.cpp b/gfx/layers/apz/src/APZCTreeManager.cpp index ad20adfb6d3..63bcc7f8921 100644 --- a/gfx/layers/apz/src/APZCTreeManager.cpp +++ b/gfx/layers/apz/src/APZCTreeManager.cpp @@ -464,21 +464,22 @@ APZCTreeManager::PrepareNodeForLayer(const LayerMetricsWrapper& aLayer, } if (newApzc) { - if (apzc->HasNoParentWithSameLayersId()) { - // If we just created a new apzc that is the root for its layers ID, then - // we need to update its zoom constraints which might have arrived before this - // was created + if (apzc->IsRootContent()) { + // If we just created a new root-content apzc, then we need to update + // its zoom constraints which might have arrived before it was created. ZoomConstraints constraints; if (state->mController->GetRootZoomConstraints(&constraints)) { apzc->UpdateZoomConstraints(constraints); } - } else { - // For an apzc that is not the root for its layers ID, we give it the - // same zoom constraints as its parent. This ensures that if e.g. - // user-scalable=no was specified, none of the APZCs allow double-tap - // to zoom. + } else if (!apzc->HasNoParentWithSameLayersId()) { + // Otherwise, an APZC that has a parent in the same layer tree gets + // the same zoom constraints as its parent. This ensures that if e.g. + // user-scalable=no was specified on the root, none of the APZCs allow + // double-tap to zoom. apzc->UpdateZoomConstraints(apzc->GetParent()->GetZoomConstraints()); } + // Otherwise, if the APZC has no parent in the same layer tree, leave + // it with the existing zoom constraints. } // Add a guid -> APZC mapping for the newly created APZC. @@ -1033,9 +1034,9 @@ APZCTreeManager::UpdateZoomConstraints(const ScrollableLayerGuid& aGuid, nsRefPtr node = GetTargetNode(aGuid, nullptr); MOZ_ASSERT(!node || node->GetApzc()); // any node returned must have an APZC - // For a given layers id, non-root APZCs inherit the zoom constraints + // For a given layers id, non-{root content} APZCs inherit the zoom constraints // of their root. - if (node && node->GetApzc()->HasNoParentWithSameLayersId()) { + if (node && node->GetApzc()->IsRootContent()) { UpdateZoomConstraintsRecursively(node.get(), aConstraints); } } From eefdcc8bdf817891b3355ca82135526f2dc18e2a Mon Sep 17 00:00:00 2001 From: Botond Ballo Date: Mon, 1 Jun 2015 18:52:32 -0400 Subject: [PATCH 080/297] Bug 1158424 - Clean up uses of HasNoParentWithSameLayersId() in overscroll handoff chain building. r=kats --- gfx/layers/apz/src/APZCTreeManager.cpp | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/gfx/layers/apz/src/APZCTreeManager.cpp b/gfx/layers/apz/src/APZCTreeManager.cpp index 63bcc7f8921..01d65635ddc 100644 --- a/gfx/layers/apz/src/APZCTreeManager.cpp +++ b/gfx/layers/apz/src/APZCTreeManager.cpp @@ -1339,7 +1339,7 @@ APZCTreeManager::BuildOverscrollHandoffChain(const nsRefPtrAdd(apzc); if (apzc->GetScrollHandoffParentId() == FrameMetrics::NULL_SCROLL_ID) { - if (!apzc->HasNoParentWithSameLayersId()) { + if (!apzc->IsRootForLayersId()) { // This probably indicates a bug or missed case in layout code NS_WARNING("Found a non-root APZ with no handoff parent"); } @@ -1352,9 +1352,9 @@ APZCTreeManager::BuildOverscrollHandoffChain(const nsRefPtrGetScrollHandoffParentId() != apzc->GetGuid().mScrollId); // Find the AsyncPanZoomController instance with a matching layersId and - // the scroll id that matches apzc->GetScrollHandoffParentId(). To do this - // search the subtree with the same layersId for the apzc with the specified - // scroll id. + // the scroll id that matches apzc->GetScrollHandoffParentId(). + // As an optimization, we start by walking up the APZC tree from 'apzc' + // until we reach the top of the layer subtree for this layers id. AsyncPanZoomController* scrollParent = nullptr; AsyncPanZoomController* parent = apzc; while (!parent->HasNoParentWithSameLayersId()) { @@ -1367,6 +1367,7 @@ APZCTreeManager::BuildOverscrollHandoffChain(const nsRefPtrGetGuid().mLayersId, 0, apzc->GetScrollHandoffParentId()); nsRefPtr node = GetTargetNode(guid, &GuidComparatorIgnoringPresShell); From 0787b94a073323ec8230bf938bb6d80dc1a07255 Mon Sep 17 00:00:00 2001 From: Botond Ballo Date: Wed, 10 Jun 2015 14:47:52 -0400 Subject: [PATCH 081/297] Bug 1158424 - Extract a BreadthFirstSearch() helper function. r=kats --- gfx/layers/apz/src/APZCTreeManager.cpp | 47 +++++++++++++++++++------- 1 file changed, 35 insertions(+), 12 deletions(-) diff --git a/gfx/layers/apz/src/APZCTreeManager.cpp b/gfx/layers/apz/src/APZCTreeManager.cpp index 01d65635ddc..358d1786774 100644 --- a/gfx/layers/apz/src/APZCTreeManager.cpp +++ b/gfx/layers/apz/src/APZCTreeManager.cpp @@ -1479,26 +1479,30 @@ APZCTreeManager::GetAPZCAtPoint(HitTestingTreeNode* aNode, return nullptr; } -AsyncPanZoomController* -APZCTreeManager::FindRootApzcForLayersId(uint64_t aLayersId) const +/* + * Do a breadth-first search of the tree rooted at |aRoot|, and return the + * first visited node that satisfies |aCondition|, or nullptr if no such node + * was found. + * + * |Node| should have methods GetLastChild() and GetPrevSibling(). + */ +template +static const Node* BreadthFirstSearch(const Node* aRoot, const Condition& aCondition) { - mTreeLock.AssertCurrentThreadOwns(); - - if (!mRootNode) { + if (!aRoot) { return nullptr; } - std::deque queue; - queue.push_back(mRootNode); + std::deque queue; + queue.push_back(aRoot); while (!queue.empty()) { - const HitTestingTreeNode* node = queue.front(); + const Node* node = queue.front(); queue.pop_front(); - AsyncPanZoomController* apzc = node->GetApzc(); - if (apzc && apzc->GetLayersId() == aLayersId && apzc->IsRootForLayersId()) { - return apzc; + if (aCondition(node)) { + return node; } - for (HitTestingTreeNode* child = node->GetLastChild(); + for (const Node* child = node->GetLastChild(); child; child = child->GetPrevSibling()) { queue.push_back(child); @@ -1508,6 +1512,25 @@ APZCTreeManager::FindRootApzcForLayersId(uint64_t aLayersId) const return nullptr; } +AsyncPanZoomController* +APZCTreeManager::FindRootApzcForLayersId(uint64_t aLayersId) const +{ + mTreeLock.AssertCurrentThreadOwns(); + + struct RootForLayersIdMatcher { + uint64_t mLayersId; + bool operator()(const HitTestingTreeNode* aNode) const { + AsyncPanZoomController* apzc = aNode->GetApzc(); + return apzc + && apzc->GetLayersId() == mLayersId + && apzc->IsRootForLayersId(); + } + }; + const HitTestingTreeNode* resultNode = BreadthFirstSearch(mRootNode.get(), + RootForLayersIdMatcher{aLayersId}); + return resultNode ? resultNode->GetApzc() : nullptr; +} + /* The methods GetScreenToApzcTransform() and GetApzcToGeckoTransform() return some useful transformations that input events may need applied. This is best illustrated with an example. Consider a chain of layers, L, M, N, O, P, Q, R. Layer L From ab6a617f3c3318b9ac0d955561a4cfd76b885dff Mon Sep 17 00:00:00 2001 From: Botond Ballo Date: Wed, 10 Jun 2015 14:48:03 -0400 Subject: [PATCH 082/297] Bug 1158424 - Add APZCTreeManager::FindRootContentApzcForLayersId(). r=kats --- gfx/layers/apz/src/APZCTreeManager.cpp | 19 +++++++++++++++++++ gfx/layers/apz/src/APZCTreeManager.h | 1 + 2 files changed, 20 insertions(+) diff --git a/gfx/layers/apz/src/APZCTreeManager.cpp b/gfx/layers/apz/src/APZCTreeManager.cpp index 358d1786774..f10a41c5f4e 100644 --- a/gfx/layers/apz/src/APZCTreeManager.cpp +++ b/gfx/layers/apz/src/APZCTreeManager.cpp @@ -1531,6 +1531,25 @@ APZCTreeManager::FindRootApzcForLayersId(uint64_t aLayersId) const return resultNode ? resultNode->GetApzc() : nullptr; } +AsyncPanZoomController* +APZCTreeManager::FindRootContentApzcForLayersId(uint64_t aLayersId) const +{ + mTreeLock.AssertCurrentThreadOwns(); + + struct RootContentForLayersIdMatcher { + uint64_t mLayersId; + bool operator()(const HitTestingTreeNode* aNode) const { + AsyncPanZoomController* apzc = aNode->GetApzc(); + return apzc + && apzc->GetLayersId() == mLayersId + && apzc->IsRootContent(); + } + }; + const HitTestingTreeNode* resultNode = BreadthFirstSearch(mRootNode.get(), + RootContentForLayersIdMatcher{aLayersId}); + return resultNode ? resultNode->GetApzc() : nullptr; +} + /* The methods GetScreenToApzcTransform() and GetApzcToGeckoTransform() return some useful transformations that input events may need applied. This is best illustrated with an example. Consider a chain of layers, L, M, N, O, P, Q, R. Layer L diff --git a/gfx/layers/apz/src/APZCTreeManager.h b/gfx/layers/apz/src/APZCTreeManager.h index cd4707a23d9..53f1dda23fe 100644 --- a/gfx/layers/apz/src/APZCTreeManager.h +++ b/gfx/layers/apz/src/APZCTreeManager.h @@ -413,6 +413,7 @@ private: const ParentLayerPoint& aHitTestPoint, HitTestResult* aOutHitResult); AsyncPanZoomController* FindRootApzcForLayersId(uint64_t aLayersId) const; + AsyncPanZoomController* FindRootContentApzcForLayersId(uint64_t aLayersId) const; already_AddRefed GetMultitouchTarget(AsyncPanZoomController* aApzc1, AsyncPanZoomController* aApzc2) const; already_AddRefed CommonAncestor(AsyncPanZoomController* aApzc1, AsyncPanZoomController* aApzc2) const; already_AddRefed RootAPZCForLayersId(AsyncPanZoomController* aApzc) const; From 1b0f29a8cbf97fc068886262768cb84f3f39a746 Mon Sep 17 00:00:00 2001 From: Botond Ballo Date: Wed, 10 Jun 2015 14:57:24 -0400 Subject: [PATCH 083/297] Bug 1158424 - Fix APZCTreeManager::GetMultitouchTarget(). r=kats --- gfx/layers/apz/src/APZCTreeManager.cpp | 32 ++++++++++++++------------ gfx/layers/apz/src/APZCTreeManager.h | 1 - 2 files changed, 17 insertions(+), 16 deletions(-) diff --git a/gfx/layers/apz/src/APZCTreeManager.cpp b/gfx/layers/apz/src/APZCTreeManager.cpp index f10a41c5f4e..c847248462c 100644 --- a/gfx/layers/apz/src/APZCTreeManager.cpp +++ b/gfx/layers/apz/src/APZCTreeManager.cpp @@ -1718,10 +1718,23 @@ APZCTreeManager::GetApzcToGeckoTransform(const AsyncPanZoomController *aApzc) co already_AddRefed APZCTreeManager::GetMultitouchTarget(AsyncPanZoomController* aApzc1, AsyncPanZoomController* aApzc2) const { - nsRefPtr apzc = CommonAncestor(aApzc1, aApzc2); - // For now, we only ever want to do pinching on the root APZC for a given layers id. So - // when we find the common ancestor of multiple points, also walk up to the root APZC. - apzc = RootAPZCForLayersId(apzc); + nsRefPtr apzc; + // For now, we only ever want to do pinching on the root-content APZC for + // a given layers id. + if (aApzc1 && aApzc2 && aApzc1->GetLayersId() == aApzc2->GetLayersId()) { + // If the two APZCs have the same layers id, find the root-content APZC + // for that layers id. Don't call CommonAncestor() because there may not + // be a common ancestor for the layers id (e.g. if one APZCs is inside a + // fixed-position element). + apzc = FindRootContentApzcForLayersId(aApzc1->GetLayersId()); + } else { + // Otherwise, find the common ancestor (to reach a common layers id), and + // get the root-content APZC for that layers id. + apzc = CommonAncestor(aApzc1, aApzc2); + if (apzc) { + apzc = FindRootContentApzcForLayersId(apzc->GetLayersId()); + } + } return apzc.forget(); } @@ -1771,16 +1784,5 @@ APZCTreeManager::CommonAncestor(AsyncPanZoomController* aApzc1, AsyncPanZoomCont return ancestor.forget(); } -already_AddRefed -APZCTreeManager::RootAPZCForLayersId(AsyncPanZoomController* aApzc) const -{ - MonitorAutoLock lock(mTreeLock); - nsRefPtr apzc = aApzc; - while (apzc && !apzc->HasNoParentWithSameLayersId()) { - apzc = apzc->GetParent(); - } - return apzc.forget(); -} - } } diff --git a/gfx/layers/apz/src/APZCTreeManager.h b/gfx/layers/apz/src/APZCTreeManager.h index 53f1dda23fe..daa569c9aa2 100644 --- a/gfx/layers/apz/src/APZCTreeManager.h +++ b/gfx/layers/apz/src/APZCTreeManager.h @@ -416,7 +416,6 @@ private: AsyncPanZoomController* FindRootContentApzcForLayersId(uint64_t aLayersId) const; already_AddRefed GetMultitouchTarget(AsyncPanZoomController* aApzc1, AsyncPanZoomController* aApzc2) const; already_AddRefed CommonAncestor(AsyncPanZoomController* aApzc1, AsyncPanZoomController* aApzc2) const; - already_AddRefed RootAPZCForLayersId(AsyncPanZoomController* aApzc) const; already_AddRefed GetTouchInputBlockAPZC(const MultiTouchInput& aEvent, HitTestResult* aOutHitResult); nsEventStatus ProcessTouchInput(MultiTouchInput& aInput, From 360e36be88813abb6ec30a5749fefdb1e432c7bf Mon Sep 17 00:00:00 2001 From: Botond Ballo Date: Mon, 1 Jun 2015 19:15:52 -0400 Subject: [PATCH 084/297] Bug 1158424 - Undeprecate HasNoParentWithSameLayersId(). r=kats --- gfx/layers/apz/src/AsyncPanZoomController.h | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/gfx/layers/apz/src/AsyncPanZoomController.h b/gfx/layers/apz/src/AsyncPanZoomController.h index 61fcbbf9d1e..52ad0f68dbe 100644 --- a/gfx/layers/apz/src/AsyncPanZoomController.h +++ b/gfx/layers/apz/src/AsyncPanZoomController.h @@ -899,8 +899,7 @@ public: } /* Returns true if there is no APZC higher in the tree with the same - * layers id. Deprecated. New code shouldn't use this. Old code should be - * updated to not use this. + * layers id. */ bool HasNoParentWithSameLayersId() const { return !mParent || (mParent->mLayersId != mLayersId); From 1b0eae0975008ae31519e2a0ce9647fc64c3f99b Mon Sep 17 00:00:00 2001 From: Mike Conley Date: Tue, 9 Jun 2015 21:06:48 -0400 Subject: [PATCH 085/297] Bug 1171537 - Allow URIs to be the empty string in TabParent::RecvCreateWindow. r=billm. --- dom/ipc/TabParent.cpp | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/dom/ipc/TabParent.cpp b/dom/ipc/TabParent.cpp index 8482d64d976..aaee230b093 100644 --- a/dom/ipc/TabParent.cpp +++ b/dom/ipc/TabParent.cpp @@ -689,12 +689,13 @@ TabParent::RecvCreateWindow(PBrowserParent* aNewTab, rv = NS_NewURI(getter_AddRefs(baseURI), aBaseURI); NS_ENSURE_SUCCESS(rv, false); - nsCOMPtr finalURI; - rv = NS_NewURI(getter_AddRefs(finalURI), NS_ConvertUTF16toUTF8(aURI).get(), baseURI); - NS_ENSURE_SUCCESS(rv, false); - nsAutoCString finalURIString; - finalURI->GetSpec(finalURIString); + if (!aURI.IsEmpty()) { + nsCOMPtr finalURI; + rv = NS_NewURI(getter_AddRefs(finalURI), NS_ConvertUTF16toUTF8(aURI).get(), baseURI); + NS_ENSURE_SUCCESS(rv, false); + finalURI->GetSpec(finalURIString); + } nsCOMPtr window; From 38316636b18b24214460f8bba6195eb8675be109 Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Fri, 5 Jun 2015 13:26:34 +1000 Subject: [PATCH 086/297] Bug 1170855 - Part 1: Extract WebGL 2 specific pnames. r=jgilbert --- dom/canvas/WebGL2Context.h | 1 + dom/canvas/WebGL2ContextState.cpp | 68 ++++++++++++++++++++++++++++++ dom/canvas/WebGLContext.h | 2 +- dom/canvas/WebGLContextState.cpp | 70 +------------------------------ dom/canvas/WebGLContextUtils.cpp | 12 ++++++ dom/canvas/WebGLContextUtils.h | 3 ++ dom/canvas/WebGLTimerQuery.h | 1 + dom/canvas/moz.build | 1 + 8 files changed, 89 insertions(+), 69 deletions(-) create mode 100644 dom/canvas/WebGL2ContextState.cpp diff --git a/dom/canvas/WebGL2Context.h b/dom/canvas/WebGL2Context.h index c6c00493cb0..6ddad7ec1ed 100644 --- a/dom/canvas/WebGL2Context.h +++ b/dom/canvas/WebGL2Context.h @@ -324,6 +324,7 @@ public: void BindBufferBase(GLenum target, GLuint index, WebGLBuffer* buffer); void BindBufferRange(GLenum target, GLuint index, WebGLBuffer* buffer, GLintptr offset, GLsizeiptr size); */ + virtual JS::Value GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) override; void GetIndexedParameter(GLenum target, GLuint index, dom::Nullable& retval); void GetUniformIndices(WebGLProgram* program, diff --git a/dom/canvas/WebGL2ContextState.cpp b/dom/canvas/WebGL2ContextState.cpp new file mode 100644 index 00000000000..7e8dfd39378 --- /dev/null +++ b/dom/canvas/WebGL2ContextState.cpp @@ -0,0 +1,68 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "WebGL2Context.h" +#include "WebGLContextUtils.h" + +namespace mozilla { + +JS::Value +WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) +{ + if (IsContextLost()) + return JS::NullValue(); + + MakeContextCurrent(); + + switch (pname) { + case LOCAL_GL_MAX_SAMPLES: + case LOCAL_GL_MAX_UNIFORM_BLOCK_SIZE: + case LOCAL_GL_MAX_VERTEX_UNIFORM_COMPONENTS: { + GLint val; + gl->fGetIntegerv(pname, &val); + return JS::NumberValue(uint32_t(val)); + } + + case LOCAL_GL_TEXTURE_BINDING_3D: + return WebGLObjectAsJSValue(cx, mBound3DTextures[mActiveTexture].get(), rv); + + // DRAW_FRAMEBUFFER_BINDING is the same as FRAMEBUFFER_BINDING. + case LOCAL_GL_READ_FRAMEBUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundReadFramebuffer.get(), rv); + + case LOCAL_GL_PIXEL_PACK_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundPixelPackBuffer.get(), rv); + + case LOCAL_GL_PIXEL_UNPACK_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundPixelUnpackBuffer.get(), rv); + + case LOCAL_GL_UNIFORM_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundUniformBuffer.get(), rv); + + case LOCAL_GL_TRANSFORM_FEEDBACK_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundTransformFeedbackBuffer.get(), rv); + + case LOCAL_GL_COPY_READ_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundCopyReadBuffer.get(), rv); + + case LOCAL_GL_COPY_WRITE_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundCopyWriteBuffer.get(), rv); + + case LOCAL_GL_MAX_TRANSFORM_FEEDBACK_SEPARATE_ATTRIBS: + return JS::Int32Value(mGLMaxTransformFeedbackSeparateAttribs); + + case LOCAL_GL_VERSION: + return StringValue(cx, "WebGL 2.0", rv); + + case LOCAL_GL_SHADING_LANGUAGE_VERSION: + return StringValue(cx, "WebGL GLSL ES 3.00", rv); + + default: + return WebGLContext::GetParameter(cx, pname, rv); + } +} + +} // namespace mozilla diff --git a/dom/canvas/WebGLContext.h b/dom/canvas/WebGLContext.h index 55c5d802631..d48fd7c7e2a 100644 --- a/dom/canvas/WebGLContext.h +++ b/dom/canvas/WebGLContext.h @@ -955,7 +955,7 @@ public: void Disable(GLenum cap); void Enable(GLenum cap); bool GetStencilBits(GLint* out_stencilBits); - JS::Value GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv); + virtual JS::Value GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv); void GetParameter(JSContext* cx, GLenum pname, JS::MutableHandle retval, ErrorResult& rv) diff --git a/dom/canvas/WebGLContextState.cpp b/dom/canvas/WebGLContextState.cpp index 0ad586978a0..6d6b99031f2 100644 --- a/dom/canvas/WebGLContextState.cpp +++ b/dom/canvas/WebGLContextState.cpp @@ -58,18 +58,6 @@ WebGLContext::Enable(GLenum cap) gl->fEnable(cap); } -static JS::Value -StringValue(JSContext* cx, const char* chars, ErrorResult& rv) -{ - JSString* str = JS_NewStringCopyZ(cx, chars); - if (!str) { - rv.Throw(NS_ERROR_OUT_OF_MEMORY); - return JS::NullValue(); - } - - return JS::StringValue(str); -} - bool WebGLContext::GetStencilBits(GLint* out_stencilBits) { @@ -192,63 +180,15 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } } - if (IsWebGL2()) { - switch (pname) { - case LOCAL_GL_MAX_SAMPLES: - case LOCAL_GL_MAX_UNIFORM_BLOCK_SIZE: - case LOCAL_GL_MAX_VERTEX_UNIFORM_COMPONENTS: { - GLint val; - gl->fGetIntegerv(pname, &val); - return JS::NumberValue(uint32_t(val)); - } - - case LOCAL_GL_TEXTURE_BINDING_3D: - return WebGLObjectAsJSValue(cx, mBound3DTextures[mActiveTexture].get(), rv); - - // DRAW_FRAMEBUFFER_BINDING is the same as FRAMEBUFFER_BINDING. - case LOCAL_GL_READ_FRAMEBUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundReadFramebuffer.get(), rv); - - case LOCAL_GL_PIXEL_PACK_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundPixelPackBuffer.get(), rv); - - case LOCAL_GL_PIXEL_UNPACK_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundPixelUnpackBuffer.get(), rv); - - case LOCAL_GL_UNIFORM_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundUniformBuffer.get(), rv); - - case LOCAL_GL_TRANSFORM_FEEDBACK_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundTransformFeedbackBuffer.get(), rv); - - case LOCAL_GL_COPY_READ_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundCopyReadBuffer.get(), rv); - - case LOCAL_GL_COPY_WRITE_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundCopyWriteBuffer.get(), rv); - } - } - switch (pname) { // // String params // case LOCAL_GL_VENDOR: - return StringValue(cx, "Mozilla", rv); case LOCAL_GL_RENDERER: return StringValue(cx, "Mozilla", rv); - case LOCAL_GL_VERSION: { - const char* version = 0; - - if (IsWebGL2()) { - version = "WebGL 2.0"; - } else { - version = "WebGL 1.0"; - } - - MOZ_ASSERT(version != 0); - return StringValue(cx, version, rv); - } + case LOCAL_GL_VERSION: + return StringValue(cx, "WebGL 1.0", rv); case LOCAL_GL_SHADING_LANGUAGE_VERSION: return StringValue(cx, "WebGL GLSL ES 1.0", rv); @@ -417,12 +357,6 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } return JS::ObjectOrNullValue(obj); } - case LOCAL_GL_MAX_TRANSFORM_FEEDBACK_SEPARATE_ATTRIBS: { - if (!IsWebGL2()) { - break; - } - return JS::Int32Value(mGLMaxTransformFeedbackSeparateAttribs); - } // unsigned int. here we may have to return very large values like 2^32-1 that can't be represented as // javascript integer values. We just return them as doubles and javascript doesn't care. diff --git a/dom/canvas/WebGLContextUtils.cpp b/dom/canvas/WebGLContextUtils.cpp index 69fda519db9..f84e4276a91 100644 --- a/dom/canvas/WebGLContextUtils.cpp +++ b/dom/canvas/WebGLContextUtils.cpp @@ -75,6 +75,18 @@ TexImageTargetToTexTarget(TexImageTarget texImageTarget) } } +JS::Value +StringValue(JSContext* cx, const char* chars, ErrorResult& rv) +{ + JSString* str = JS_NewStringCopyZ(cx, chars); + if (!str) { + rv.Throw(NS_ERROR_OUT_OF_MEMORY); + return JS::NullValue(); + } + + return JS::StringValue(str); +} + GLComponents::GLComponents(TexInternalFormat internalformat) { TexInternalFormat unsizedformat = UnsizedInternalFormatFromInternalFormat(internalformat); diff --git a/dom/canvas/WebGLContextUtils.h b/dom/canvas/WebGLContextUtils.h index d130153f548..5535ee9fc69 100644 --- a/dom/canvas/WebGLContextUtils.h +++ b/dom/canvas/WebGLContextUtils.h @@ -56,6 +56,9 @@ size_t GetBitsPerTexel(TexInternalFormat effectiveinternalformat); // Returns GL_NONE if passed an invalid texture image target TexTarget TexImageTargetToTexTarget(TexImageTarget texImageTarget); +// Helper function to create a JS::Value from a C string +JS::Value StringValue(JSContext* cx, const char* str, ErrorResult& rv); + struct GLComponents { unsigned char mComponents; diff --git a/dom/canvas/WebGLTimerQuery.h b/dom/canvas/WebGLTimerQuery.h index d1224e93175..9f6205e9e18 100644 --- a/dom/canvas/WebGLTimerQuery.h +++ b/dom/canvas/WebGLTimerQuery.h @@ -7,6 +7,7 @@ #ifndef WEBGL_TIMER_QUERY_H_ #define WEBGL_TIMER_QUERY_H_ +#include "GLConsts.h" #include "nsWrapperCache.h" #include "WebGLObjectModel.h" diff --git a/dom/canvas/moz.build b/dom/canvas/moz.build index e8b1541be24..69367f4cd61 100644 --- a/dom/canvas/moz.build +++ b/dom/canvas/moz.build @@ -61,6 +61,7 @@ UNIFIED_SOURCES += [ 'WebGL2ContextPrograms.cpp', 'WebGL2ContextQueries.cpp', 'WebGL2ContextSamplers.cpp', + 'WebGL2ContextState.cpp', 'WebGL2ContextSync.cpp', 'WebGL2ContextTextures.cpp', 'WebGL2ContextTransformFeedback.cpp', From 19582984b7418838abbea0d90e00ffa4b515760c Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Fri, 5 Jun 2015 15:06:01 +1000 Subject: [PATCH 087/297] Bug 1170855 - Part 2: Be consistent when handling pnames from extensions. r=jgilbert --- dom/canvas/WebGLContextState.cpp | 68 +++++++++++++++----------------- 1 file changed, 32 insertions(+), 36 deletions(-) diff --git a/dom/canvas/WebGLContextState.cpp b/dom/canvas/WebGLContextState.cpp index 6d6b99031f2..1ef0b99f399 100644 --- a/dom/canvas/WebGLContextState.cpp +++ b/dom/canvas/WebGLContextState.cpp @@ -180,6 +180,38 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } } + // Privileged string params exposed by WEBGL_debug_renderer_info: + if (IsExtensionEnabled(WebGLExtensionID::WEBGL_debug_renderer_info)) { + switch (pname) { + case UNMASKED_VENDOR_WEBGL: + case UNMASKED_RENDERER_WEBGL: + GLenum glstringname = LOCAL_GL_NONE; + if (pname == UNMASKED_VENDOR_WEBGL) { + glstringname = LOCAL_GL_VENDOR; + } else if (pname == UNMASKED_RENDERER_WEBGL) { + glstringname = LOCAL_GL_RENDERER; + } + const GLchar* string = (const GLchar*) gl->fGetString(glstringname); + return StringValue(cx, string, rv); + } + } + + if (IsExtensionEnabled(WebGLExtensionID::OES_standard_derivatives)) { + if (pname == LOCAL_GL_FRAGMENT_SHADER_DERIVATIVE_HINT) { + GLint i = 0; + gl->fGetIntegerv(pname, &i); + return JS::Int32Value(i); + } + } + + if (IsExtensionEnabled(WebGLExtensionID::EXT_texture_filter_anisotropic)) { + if (pname == LOCAL_GL_MAX_TEXTURE_MAX_ANISOTROPY_EXT) { + GLfloat f = 0.f; + gl->fGetFloatv(pname, &f); + return JS::NumberValue(f); + } + } + switch (pname) { // // String params @@ -192,24 +224,6 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) case LOCAL_GL_SHADING_LANGUAGE_VERSION: return StringValue(cx, "WebGL GLSL ES 1.0", rv); - // Privileged string params exposed by WEBGL_debug_renderer_info: - case UNMASKED_VENDOR_WEBGL: - case UNMASKED_RENDERER_WEBGL: { - // The privilege check is done in WebGLContext::IsExtensionSupported. - // So here we just have to check that the extension is enabled. - if (!IsExtensionEnabled(WebGLExtensionID::WEBGL_debug_renderer_info)) { - break; - } - GLenum glstringname = LOCAL_GL_NONE; - if (pname == UNMASKED_VENDOR_WEBGL) { - glstringname = LOCAL_GL_VENDOR; - } else if (pname == UNMASKED_RENDERER_WEBGL) { - glstringname = LOCAL_GL_RENDERER; - } - const char* string = reinterpret_cast(gl->fGetString(glstringname)); - return StringValue(cx, string, rv); - } - //////////////////////////////// // Single-value params @@ -320,15 +334,6 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } return JS::Int32Value(i); } - case LOCAL_GL_FRAGMENT_SHADER_DERIVATIVE_HINT: { - if (IsExtensionEnabled(WebGLExtensionID::OES_standard_derivatives)) { - GLint i = 0; - gl->fGetIntegerv(pname, &i); - return JS::Int32Value(i); - } else { - break; - } - } case LOCAL_GL_MAX_TEXTURE_SIZE: return JS::Int32Value(mGLMaxTextureSize); @@ -374,15 +379,6 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } // float - case LOCAL_GL_MAX_TEXTURE_MAX_ANISOTROPY_EXT: { - if (IsExtensionEnabled(WebGLExtensionID::EXT_texture_filter_anisotropic)) { - GLfloat f = 0.f; - gl->fGetFloatv(pname, &f); - return JS::DoubleValue(f); - } else { - break; - } - } case LOCAL_GL_DEPTH_CLEAR_VALUE: case LOCAL_GL_LINE_WIDTH: case LOCAL_GL_POLYGON_OFFSET_FACTOR: From 832a452644da7c7a9e74d3446df611cfc521db84 Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Fri, 5 Jun 2015 15:12:11 +1000 Subject: [PATCH 088/297] Bug 1170855 - Part 3: Cleanup and better comments. r=jgilbert --- dom/canvas/WebGLContextState.cpp | 42 +++++++++++++++----------------- 1 file changed, 19 insertions(+), 23 deletions(-) diff --git a/dom/canvas/WebGLContextState.cpp b/dom/canvas/WebGLContextState.cpp index 1ef0b99f399..b24a3ba82f4 100644 --- a/dom/canvas/WebGLContextState.cpp +++ b/dom/canvas/WebGLContextState.cpp @@ -138,18 +138,15 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } else if (pname >= LOCAL_GL_DRAW_BUFFER0 && pname < GLenum(LOCAL_GL_DRAW_BUFFER0 + mGLMaxDrawBuffers)) { - if (mBoundDrawFramebuffer) { - GLint iv = 0; - gl->fGetIntegerv(pname, &iv); - return JS::Int32Value(iv); - } - GLint iv = 0; gl->fGetIntegerv(pname, &iv); - if (iv == GLint(LOCAL_GL_COLOR_ATTACHMENT0 + pname - LOCAL_GL_DRAW_BUFFER0)) { + if (mBoundDrawFramebuffer) + return JS::Int32Value(iv); + + const GLint index = (pname - LOCAL_GL_DRAW_BUFFER0); + if (iv == LOCAL_GL_COLOR_ATTACHMENT0 + index) return JS::Int32Value(LOCAL_GL_BACK); - } return JS::Int32Value(LOCAL_GL_NONE); } @@ -157,11 +154,9 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) if (IsExtensionEnabled(WebGLExtensionID::OES_vertex_array_object)) { if (pname == LOCAL_GL_VERTEX_ARRAY_BINDING) { - if (mBoundVertexArray == mDefaultVertexArray){ - return WebGLObjectAsJSValue(cx, (WebGLVertexArray *) nullptr, rv); - } - - return WebGLObjectAsJSValue(cx, mBoundVertexArray.get(), rv); + WebGLVertexArray* vao = + (mBoundVertexArray != mDefaultVertexArray) ? mBoundVertexArray.get() : nullptr; + return WebGLObjectAsJSValue(cx, vao, rv); } } @@ -169,10 +164,12 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) if (pname == LOCAL_GL_TIMESTAMP_EXT) { GLuint64 iv = 0; gl->fGetInteger64v(pname, (GLint64*) &iv); - return JS::NumberValue(uint64_t(iv)); + // TODO: JS doesn't support 64-bit integers. Be lossy and + // cast to double (53 bits) + return JS::NumberValue(static_cast(iv)); } else if (pname == LOCAL_GL_GPU_DISJOINT_EXT) { // When disjoint isn't supported, leave as false. - realGLboolean disjoint = 0; + realGLboolean disjoint = LOCAL_GL_FALSE; if (gl->IsExtensionSupported(gl::GLContext::EXT_disjoint_timer_query)) { gl->fGetBooleanv(pname, &disjoint); } @@ -365,18 +362,17 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) // unsigned int. here we may have to return very large values like 2^32-1 that can't be represented as // javascript integer values. We just return them as doubles and javascript doesn't care. - case LOCAL_GL_STENCIL_BACK_VALUE_MASK: { + case LOCAL_GL_STENCIL_BACK_VALUE_MASK: return JS::DoubleValue(mStencilValueMaskBack); // pass as FP value to allow large values such as 2^32-1. - } - case LOCAL_GL_STENCIL_BACK_WRITEMASK: { + + case LOCAL_GL_STENCIL_BACK_WRITEMASK: return JS::DoubleValue(mStencilWriteMaskBack); - } - case LOCAL_GL_STENCIL_VALUE_MASK: { + + case LOCAL_GL_STENCIL_VALUE_MASK: return JS::DoubleValue(mStencilValueMaskFront); - } - case LOCAL_GL_STENCIL_WRITEMASK: { + + case LOCAL_GL_STENCIL_WRITEMASK: return JS::DoubleValue(mStencilWriteMaskFront); - } // float case LOCAL_GL_DEPTH_CLEAR_VALUE: From 12121fb2b840c276e4119d6a2887ffb56481d64b Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Fri, 5 Jun 2015 16:42:49 +1000 Subject: [PATCH 089/297] Bug 1170855 - Part 4: Pour in the WebGL 2 pnames. r=jgilbert --- dom/canvas/WebGL2ContextState.cpp | 127 ++++++++++++++++++++++++------ 1 file changed, 103 insertions(+), 24 deletions(-) diff --git a/dom/canvas/WebGL2ContextState.cpp b/dom/canvas/WebGL2ContextState.cpp index 7e8dfd39378..a9011052ffe 100644 --- a/dom/canvas/WebGL2ContextState.cpp +++ b/dom/canvas/WebGL2ContextState.cpp @@ -12,38 +12,79 @@ namespace mozilla { JS::Value WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) { + // The following cases are handled in WebGLContext::GetParameter(): + // case LOCAL_GL_MAX_COLOR_ATTACHMENTS: + // case LOCAL_GL_MAX_DRAW_BUFFERS: + // case LOCAL_GL_DRAW_BUFFERi: + if (IsContextLost()) return JS::NullValue(); MakeContextCurrent(); switch (pname) { - case LOCAL_GL_MAX_SAMPLES: - case LOCAL_GL_MAX_UNIFORM_BLOCK_SIZE: - case LOCAL_GL_MAX_VERTEX_UNIFORM_COMPONENTS: { - GLint val; - gl->fGetIntegerv(pname, &val); - return JS::NumberValue(uint32_t(val)); + /* GLboolean */ + case LOCAL_GL_RASTERIZER_DISCARD: + case LOCAL_GL_SAMPLE_ALPHA_TO_COVERAGE: + case LOCAL_GL_SAMPLE_COVERAGE: + case LOCAL_GL_TRANSFORM_FEEDBACK_PAUSED: + case LOCAL_GL_TRANSFORM_FEEDBACK_ACTIVE: + case LOCAL_GL_UNPACK_SKIP_IMAGES: + case LOCAL_GL_UNPACK_SKIP_PIXELS: + case LOCAL_GL_UNPACK_SKIP_ROWS: { + realGLboolean b = 0; + gl->fGetBooleanv(pname, &b); + return JS::BooleanValue(bool(b)); } - case LOCAL_GL_TEXTURE_BINDING_3D: - return WebGLObjectAsJSValue(cx, mBound3DTextures[mActiveTexture].get(), rv); + /* GLenum */ + case LOCAL_GL_FRAGMENT_SHADER_DERIVATIVE_HINT: + case LOCAL_GL_READ_BUFFER: + /* fall through */ - // DRAW_FRAMEBUFFER_BINDING is the same as FRAMEBUFFER_BINDING. - case LOCAL_GL_READ_FRAMEBUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundReadFramebuffer.get(), rv); + /* GLint */ + case LOCAL_GL_MAX_3D_TEXTURE_SIZE: + case LOCAL_GL_MAX_ARRAY_TEXTURE_LAYERS: + case LOCAL_GL_MAX_COMBINED_UNIFORM_BLOCKS: + case LOCAL_GL_MAX_ELEMENTS_INDICES: + case LOCAL_GL_MAX_ELEMENTS_VERTICES: + case LOCAL_GL_MAX_FRAGMENT_INPUT_COMPONENTS: + case LOCAL_GL_MAX_FRAGMENT_UNIFORM_BLOCKS: + case LOCAL_GL_MAX_FRAGMENT_UNIFORM_COMPONENTS: + case LOCAL_GL_MAX_PROGRAM_TEXEL_OFFSET: + case LOCAL_GL_MAX_SAMPLES: + case LOCAL_GL_MAX_TEXTURE_LOD_BIAS: + case LOCAL_GL_MAX_TRANSFORM_FEEDBACK_INTERLEAVED_COMPONENTS: + case LOCAL_GL_MAX_TRANSFORM_FEEDBACK_SEPARATE_ATTRIBS: + case LOCAL_GL_MAX_TRANSFORM_FEEDBACK_SEPARATE_COMPONENTS: + case LOCAL_GL_MAX_UNIFORM_BUFFER_BINDINGS: + case LOCAL_GL_MAX_VARYING_COMPONENTS: + case LOCAL_GL_MAX_VERTEX_OUTPUT_COMPONENTS: + case LOCAL_GL_MAX_VERTEX_UNIFORM_BLOCKS: + case LOCAL_GL_MAX_VERTEX_UNIFORM_COMPONENTS: + case LOCAL_GL_MIN_PROGRAM_TEXEL_OFFSET: + case LOCAL_GL_PACK_ROW_LENGTH: + case LOCAL_GL_PACK_SKIP_PIXELS: + case LOCAL_GL_PACK_SKIP_ROWS: + case LOCAL_GL_UNIFORM_BUFFER_OFFSET_ALIGNMENT: + case LOCAL_GL_UNPACK_IMAGE_HEIGHT: + case LOCAL_GL_UNPACK_ROW_LENGTH: { + GLint val; + gl->fGetIntegerv(pname, &val); + return JS::Int32Value(val); + } - case LOCAL_GL_PIXEL_PACK_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundPixelPackBuffer.get(), rv); - - case LOCAL_GL_PIXEL_UNPACK_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundPixelUnpackBuffer.get(), rv); - - case LOCAL_GL_UNIFORM_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundUniformBuffer.get(), rv); - - case LOCAL_GL_TRANSFORM_FEEDBACK_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundTransformFeedbackBuffer.get(), rv); + /* GLint64 */ + //case LOCAL_GL_MAX_CLIENT_WAIT_TIMEOUT_WEBGL: + case LOCAL_GL_MAX_ELEMENT_INDEX: + case LOCAL_GL_MAX_COMBINED_FRAGMENT_UNIFORM_COMPONENTS: + case LOCAL_GL_MAX_COMBINED_VERTEX_UNIFORM_COMPONENTS: + case LOCAL_GL_MAX_SERVER_WAIT_TIMEOUT: + case LOCAL_GL_MAX_UNIFORM_BLOCK_SIZE: { + GLint64 val; + gl->fGetInteger64v(pname, &val); + return JS::DoubleValue(static_cast(val)); + } case LOCAL_GL_COPY_READ_BUFFER_BINDING: return WebGLObjectAsJSValue(cx, mBoundCopyReadBuffer.get(), rv); @@ -51,8 +92,46 @@ WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) case LOCAL_GL_COPY_WRITE_BUFFER_BINDING: return WebGLObjectAsJSValue(cx, mBoundCopyWriteBuffer.get(), rv); - case LOCAL_GL_MAX_TRANSFORM_FEEDBACK_SEPARATE_ATTRIBS: - return JS::Int32Value(mGLMaxTransformFeedbackSeparateAttribs); + case LOCAL_GL_PIXEL_PACK_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundPixelPackBuffer.get(), rv); + + case LOCAL_GL_PIXEL_UNPACK_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundPixelUnpackBuffer.get(), rv); + + case LOCAL_GL_TRANSFORM_FEEDBACK_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundTransformFeedbackBuffer.get(), rv); + + case LOCAL_GL_UNIFORM_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundUniformBuffer.get(), rv); + + // DRAW_FRAMEBUFFER_BINDING is the same as FRAMEBUFFER_BINDING. + case LOCAL_GL_READ_FRAMEBUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundReadFramebuffer.get(), rv); + + case LOCAL_GL_SAMPLER_BINDING: + // TODO: Implement bound sampler tracking + //return WebGLObjectAsJSValue(cx, mBoundSamplers[mActiveTexture].get(), rv); + return JS::NullValue(); + + case LOCAL_GL_TEXTURE_BINDING_2D_ARRAY: + // TODO: Implement gl.TEXTURE_2D_ARRAY + // return WebGLObjectAsJSValue(cx, mBound2DTextureArrays[mActiveTexture].get(), rv); + return JS::NullValue(); + + case LOCAL_GL_TEXTURE_BINDING_3D: + return WebGLObjectAsJSValue(cx, mBound3DTextures[mActiveTexture].get(), rv); + + case LOCAL_GL_TRANSFORM_FEEDBACK_BINDING: { + WebGLTransformFeedback* tf = + (mBoundTransformFeedback != mDefaultTransformFeedback) ? mBoundTransformFeedback.get() : nullptr; + return WebGLObjectAsJSValue(cx, tf, rv); + } + + case LOCAL_GL_VERTEX_ARRAY_BINDING: { + WebGLVertexArray* vao = + (mBoundVertexArray != mDefaultVertexArray) ? mBoundVertexArray.get() : nullptr; + return WebGLObjectAsJSValue(cx, vao, rv); + } case LOCAL_GL_VERSION: return StringValue(cx, "WebGL 2.0", rv); From cd610c142cba010a434613b1deb98b5885456d67 Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Fri, 5 Jun 2015 17:13:41 +1000 Subject: [PATCH 090/297] Bug 1170855 - Part 5: Correctly load glGetInteger64v. r=jgilbert Correctly detect support for ARB_sync via GLFeature. --- gfx/gl/GLContext.cpp | 4 ++-- gfx/gl/GLContext.h | 1 + gfx/gl/GLContextFeatures.cpp | 9 +++++++++ 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/gfx/gl/GLContext.cpp b/gfx/gl/GLContext.cpp index aa78909cc89..1c4fa209a6b 100644 --- a/gfx/gl/GLContext.cpp +++ b/gfx/gl/GLContext.cpp @@ -794,7 +794,7 @@ GLContext::InitWithPrefix(const char *prefix, bool trygl) } } - if (IsExtensionSupported(ARB_sync)) { + if (IsSupported(GLFeature::sync)) { SymLoadStruct syncSymbols[] = { { (PRFuncPtr*) &mSymbols.fFenceSync, { "FenceSync", nullptr } }, { (PRFuncPtr*) &mSymbols.fIsSync, { "IsSync", nullptr } }, @@ -807,7 +807,7 @@ GLContext::InitWithPrefix(const char *prefix, bool trygl) }; if (!LoadSymbols(&syncSymbols[0], trygl, prefix)) { - NS_ERROR("GL supports ARB_sync without supplying its functions."); + NS_ERROR("GL supports sync without supplying its functions."); MarkExtensionUnsupported(ARB_sync); ClearSymbols(syncSymbols); diff --git a/gfx/gl/GLContext.h b/gfx/gl/GLContext.h index ee338234975..83d2fb8ad25 100644 --- a/gfx/gl/GLContext.h +++ b/gfx/gl/GLContext.h @@ -122,6 +122,7 @@ enum class GLFeature { sRGB_texture, sampler_objects, standard_derivatives, + sync, texture_3D, texture_3D_compressed, texture_3D_copy, diff --git a/gfx/gl/GLContextFeatures.cpp b/gfx/gl/GLContextFeatures.cpp index 7506ca84ccf..fefba7e3883 100644 --- a/gfx/gl/GLContextFeatures.cpp +++ b/gfx/gl/GLContextFeatures.cpp @@ -529,6 +529,15 @@ static const FeatureInfo sFeatureInfoArr[] = { GLContext::Extensions_End } }, + { + "sync", + GLVersion::GL3_2, + GLESVersion::ES3, + GLContext::ARB_sync, + { + GLContext::Extensions_End + } + }, { "texture_3D", GLVersion::GL1_2, From f1e0264cffc77ad236e1b3c012b4d90516a7baab Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Tue, 9 Jun 2015 10:18:19 +1000 Subject: [PATCH 091/297] Bug 1170855 - Part 6: Implement Sampler binding tracking. r=jgilbert --- dom/canvas/WebGL2ContextSamplers.cpp | 8 ++++++++ dom/canvas/WebGL2ContextState.cpp | 4 +--- dom/canvas/WebGLContext.cpp | 2 ++ dom/canvas/WebGLContext.h | 1 + dom/canvas/WebGLContextValidate.cpp | 2 ++ 5 files changed, 14 insertions(+), 3 deletions(-) diff --git a/dom/canvas/WebGL2ContextSamplers.cpp b/dom/canvas/WebGL2ContextSamplers.cpp index bad4b50bdb5..3e2b31ebd36 100644 --- a/dom/canvas/WebGL2ContextSamplers.cpp +++ b/dom/canvas/WebGL2ContextSamplers.cpp @@ -36,6 +36,12 @@ WebGL2Context::DeleteSampler(WebGLSampler* sampler) if (!sampler || sampler->IsDeleted()) return; + for (int n = 0; n < mGLMaxTextureUnits; n++) { + if (mBoundSamplers[n] == sampler) { + mBoundSamplers[n] = nullptr; + } + } + sampler->RequestDelete(); } @@ -74,6 +80,8 @@ WebGL2Context::BindSampler(GLuint unit, WebGLSampler* sampler) return ErrorInvalidOperation("bindSampler: binding deleted sampler"); WebGLContextUnchecked::BindSampler(unit, sampler); + + mBoundSamplers[unit] = sampler; } void diff --git a/dom/canvas/WebGL2ContextState.cpp b/dom/canvas/WebGL2ContextState.cpp index a9011052ffe..2d5f8d36632 100644 --- a/dom/canvas/WebGL2ContextState.cpp +++ b/dom/canvas/WebGL2ContextState.cpp @@ -109,9 +109,7 @@ WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) return WebGLObjectAsJSValue(cx, mBoundReadFramebuffer.get(), rv); case LOCAL_GL_SAMPLER_BINDING: - // TODO: Implement bound sampler tracking - //return WebGLObjectAsJSValue(cx, mBoundSamplers[mActiveTexture].get(), rv); - return JS::NullValue(); + return WebGLObjectAsJSValue(cx, mBoundSamplers[mActiveTexture].get(), rv); case LOCAL_GL_TEXTURE_BINDING_2D_ARRAY: // TODO: Implement gl.TEXTURE_2D_ARRAY diff --git a/dom/canvas/WebGLContext.cpp b/dom/canvas/WebGLContext.cpp index 97303063b63..a2ebf9d516e 100644 --- a/dom/canvas/WebGLContext.cpp +++ b/dom/canvas/WebGLContext.cpp @@ -325,6 +325,7 @@ WebGLContext::DestroyResourcesAndContext() mBound2DTextures.Clear(); mBoundCubeMapTextures.Clear(); mBound3DTextures.Clear(); + mBoundSamplers.Clear(); mBoundArrayBuffer = nullptr; mBoundCopyReadBuffer = nullptr; mBoundCopyWriteBuffer = nullptr; @@ -1949,6 +1950,7 @@ NS_IMPL_CYCLE_COLLECTION_WRAPPERCACHE(WebGLContext, mBound2DTextures, mBoundCubeMapTextures, mBound3DTextures, + mBoundSamplers, mBoundArrayBuffer, mBoundCopyReadBuffer, mBoundCopyWriteBuffer, diff --git a/dom/canvas/WebGLContext.h b/dom/canvas/WebGLContext.h index d48fd7c7e2a..9ec26c554ff 100644 --- a/dom/canvas/WebGLContext.h +++ b/dom/canvas/WebGLContext.h @@ -1435,6 +1435,7 @@ protected: nsTArray > mBound2DTextures; nsTArray > mBoundCubeMapTextures; nsTArray > mBound3DTextures; + nsTArray > mBoundSamplers; void ResolveTexturesForDraw() const; diff --git a/dom/canvas/WebGLContextValidate.cpp b/dom/canvas/WebGLContextValidate.cpp index 846401c1cc2..44bdb74a279 100644 --- a/dom/canvas/WebGLContextValidate.cpp +++ b/dom/canvas/WebGLContextValidate.cpp @@ -1755,6 +1755,7 @@ WebGLContext::InitAndValidateGL() mBound2DTextures.Clear(); mBoundCubeMapTextures.Clear(); mBound3DTextures.Clear(); + mBoundSamplers.Clear(); mBoundArrayBuffer = nullptr; mBoundTransformFeedbackBuffer = nullptr; @@ -1798,6 +1799,7 @@ WebGLContext::InitAndValidateGL() mBound2DTextures.SetLength(mGLMaxTextureUnits); mBoundCubeMapTextures.SetLength(mGLMaxTextureUnits); mBound3DTextures.SetLength(mGLMaxTextureUnits); + mBoundSamplers.SetLength(mGLMaxTextureUnits); if (MinCapabilityMode()) { mGLMaxTextureSize = MINVALUE_GL_MAX_TEXTURE_SIZE; From 2f2bac88b8be5217b98da7c232e8860d518472e9 Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Tue, 9 Jun 2015 10:21:29 +1000 Subject: [PATCH 092/297] Bug 1170855 - Part 7: Implement MAX_CLIENT_WAIT_TIMEOUT_WEBGL. r=jgilbert, r=smaug This is a special addition for WebGL 2. I've updated webidl to match the spec. I've set the value to be 0 to match Chrome. If I query the underlying GL, I get -1 back. (On OSX). We can discuss what a better value would be. --- dom/canvas/WebGL2ContextState.cpp | 4 +++- dom/webidl/WebGL2RenderingContext.webidl | 5 ++++- gfx/gl/GLConsts.h | 1 + 3 files changed, 8 insertions(+), 2 deletions(-) diff --git a/dom/canvas/WebGL2ContextState.cpp b/dom/canvas/WebGL2ContextState.cpp index 2d5f8d36632..547fa879df3 100644 --- a/dom/canvas/WebGL2ContextState.cpp +++ b/dom/canvas/WebGL2ContextState.cpp @@ -75,7 +75,9 @@ WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } /* GLint64 */ - //case LOCAL_GL_MAX_CLIENT_WAIT_TIMEOUT_WEBGL: + case LOCAL_GL_MAX_CLIENT_WAIT_TIMEOUT_WEBGL: + return JS::NumberValue(0); // TODO + case LOCAL_GL_MAX_ELEMENT_INDEX: case LOCAL_GL_MAX_COMBINED_FRAGMENT_UNIFORM_COMPONENTS: case LOCAL_GL_MAX_COMBINED_VERTEX_UNIFORM_COMPONENTS: diff --git a/dom/webidl/WebGL2RenderingContext.webidl b/dom/webidl/WebGL2RenderingContext.webidl index b8bba687887..bbeb7d4a846 100644 --- a/dom/webidl/WebGL2RenderingContext.webidl +++ b/dom/webidl/WebGL2RenderingContext.webidl @@ -310,7 +310,10 @@ interface WebGL2RenderingContext : WebGLRenderingContext const GLenum NUM_SAMPLE_COUNTS = 0x9380; const GLenum TEXTURE_IMMUTABLE_LEVELS = 0x82DF; - const GLint64 TIMEOUT_IGNORED = -1; + const GLuint64 TIMEOUT_IGNORED = 0xFFFFFFFFFFFFFFFF; + + /* WebGL-specific enums */ + const GLenum MAX_CLIENT_WAIT_TIMEOUT_WEBGL = 0x9247; /* Buffer objects */ void copyBufferSubData(GLenum readTarget, GLenum writeTarget, GLintptr readOffset, diff --git a/gfx/gl/GLConsts.h b/gfx/gl/GLConsts.h index b21dfe79a1a..5b3bbb419e9 100644 --- a/gfx/gl/GLConsts.h +++ b/gfx/gl/GLConsts.h @@ -2279,6 +2279,7 @@ #define LOCAL_GL_MAX_ATTRIB_STACK_DEPTH 0x0D35 #define LOCAL_GL_MAX_BINDABLE_UNIFORM_SIZE_EXT 0x8DED #define LOCAL_GL_MAX_CLIENT_ATTRIB_STACK_DEPTH 0x0D3B +#define LOCAL_GL_MAX_CLIENT_WAIT_TIMEOUT_WEBGL 0x9247 #define LOCAL_GL_MAX_CLIPMAP_DEPTH_SGIX 0x8177 #define LOCAL_GL_MAX_CLIPMAP_VIRTUAL_DEPTH_SGIX 0x8178 #define LOCAL_GL_MAX_CLIP_DISTANCES 0x0D32 From bb2d57f1e6248807442a0f77ff488689a1def1bf Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Tue, 9 Jun 2015 10:32:22 +1000 Subject: [PATCH 093/297] Bug 1170855 - Part 8: MAX_SERVER_WAIT_TIMEOUT is unsigned. r=jgilbert --- dom/canvas/WebGL2ContextState.cpp | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/dom/canvas/WebGL2ContextState.cpp b/dom/canvas/WebGL2ContextState.cpp index 547fa879df3..4c4ac9c7af6 100644 --- a/dom/canvas/WebGL2ContextState.cpp +++ b/dom/canvas/WebGL2ContextState.cpp @@ -81,13 +81,20 @@ WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) case LOCAL_GL_MAX_ELEMENT_INDEX: case LOCAL_GL_MAX_COMBINED_FRAGMENT_UNIFORM_COMPONENTS: case LOCAL_GL_MAX_COMBINED_VERTEX_UNIFORM_COMPONENTS: - case LOCAL_GL_MAX_SERVER_WAIT_TIMEOUT: case LOCAL_GL_MAX_UNIFORM_BLOCK_SIZE: { GLint64 val; gl->fGetInteger64v(pname, &val); return JS::DoubleValue(static_cast(val)); } + + // GLuint64 + case LOCAL_GL_MAX_SERVER_WAIT_TIMEOUT: { + GLuint64 val; + gl->fGetInteger64v(pname, (GLint64*) &val); + return JS::DoubleValue(static_cast(val)); + } + case LOCAL_GL_COPY_READ_BUFFER_BINDING: return WebGLObjectAsJSValue(cx, mBoundCopyReadBuffer.get(), rv); From 7a0f598c51cdb4461bb7d8331caf81848015d740 Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Tue, 9 Jun 2015 10:35:20 +1000 Subject: [PATCH 094/297] Bug 1170855 - Part 9: MAX_VARYING_COMPONENTS workaround. r=jgilbert Turns of querying MAX_VARYING_COMPONENTS on OS X 10.10 is buggy. Always returns 1. The spec says that the value is 4 times MAX_VARYING_VECTORS so work around using that method. --- dom/canvas/WebGL2ContextState.cpp | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/dom/canvas/WebGL2ContextState.cpp b/dom/canvas/WebGL2ContextState.cpp index 4c4ac9c7af6..db5f61950b3 100644 --- a/dom/canvas/WebGL2ContextState.cpp +++ b/dom/canvas/WebGL2ContextState.cpp @@ -58,7 +58,6 @@ WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) case LOCAL_GL_MAX_TRANSFORM_FEEDBACK_SEPARATE_ATTRIBS: case LOCAL_GL_MAX_TRANSFORM_FEEDBACK_SEPARATE_COMPONENTS: case LOCAL_GL_MAX_UNIFORM_BUFFER_BINDINGS: - case LOCAL_GL_MAX_VARYING_COMPONENTS: case LOCAL_GL_MAX_VERTEX_OUTPUT_COMPONENTS: case LOCAL_GL_MAX_VERTEX_UNIFORM_BLOCKS: case LOCAL_GL_MAX_VERTEX_UNIFORM_COMPONENTS: @@ -74,6 +73,14 @@ WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) return JS::Int32Value(val); } + case LOCAL_GL_MAX_VARYING_COMPONENTS: { + // On OS X Core Profile this is buggy. The spec says that the + // value is 4 * GL_MAX_VARYING_VECTORS + GLint val; + gl->fGetIntegerv(LOCAL_GL_MAX_VARYING_VECTORS, &val); + return JS::Int32Value(4*val); + } + /* GLint64 */ case LOCAL_GL_MAX_CLIENT_WAIT_TIMEOUT_WEBGL: return JS::NumberValue(0); // TODO @@ -88,7 +95,7 @@ WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } - // GLuint64 + /* GLuint64 */ case LOCAL_GL_MAX_SERVER_WAIT_TIMEOUT: { GLuint64 val; gl->fGetInteger64v(pname, (GLint64*) &val); From a469847ff619d9e785c59b0cc69ff09e6f1d506d Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Tue, 9 Jun 2015 10:37:28 +1000 Subject: [PATCH 095/297] Bug 1170855 - Part A: Don't error on MAX_ELEMENT_INDEX. r=jgilbert MAX_ELEMENT_INDEX appears in GL 4.3 or via ES3_compatibility. Work around on OSX 10.10 where max is GL 4.1. --- dom/canvas/WebGL2ContextState.cpp | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/dom/canvas/WebGL2ContextState.cpp b/dom/canvas/WebGL2ContextState.cpp index db5f61950b3..6d7ffb02125 100644 --- a/dom/canvas/WebGL2ContextState.cpp +++ b/dom/canvas/WebGL2ContextState.cpp @@ -86,6 +86,13 @@ WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) return JS::NumberValue(0); // TODO case LOCAL_GL_MAX_ELEMENT_INDEX: + // GL_MAX_ELEMENT_INDEX becomes available in GL 4.3 or via ES3 + // compatibility + if (!gl->IsSupported(gl::GLFeature::ES3_compatibility)) + return JS::NumberValue(0); + + /*** fall through to fGetInteger64v ***/ + case LOCAL_GL_MAX_COMBINED_FRAGMENT_UNIFORM_COMPONENTS: case LOCAL_GL_MAX_COMBINED_VERTEX_UNIFORM_COMPONENTS: case LOCAL_GL_MAX_UNIFORM_BLOCK_SIZE: { From 03a6165d30383a402926ff569dd4114370b2ec6c Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Tue, 9 Jun 2015 10:40:56 +1000 Subject: [PATCH 096/297] Bug 1170855 - Part B: READ_BUFFER requires emulation for default FB. r=jgilbert WebGL internals use framebuffers to implement the default framebuffer. This means that we can't just return the result from glGetIntegerv(GL_READ_BUFFER, ...) --- dom/canvas/WebGL2ContextState.cpp | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/dom/canvas/WebGL2ContextState.cpp b/dom/canvas/WebGL2ContextState.cpp index 6d7ffb02125..09a842730b0 100644 --- a/dom/canvas/WebGL2ContextState.cpp +++ b/dom/canvas/WebGL2ContextState.cpp @@ -38,8 +38,17 @@ WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } /* GLenum */ + case LOCAL_GL_READ_BUFFER: { + if (mBoundReadFramebuffer) { + GLint val = LOCAL_GL_NONE; + gl->fGetIntegerv(pname, &val); + return JS::Int32Value(val); + } + + return JS::Int32Value(LOCAL_GL_BACK); + } + case LOCAL_GL_FRAGMENT_SHADER_DERIVATIVE_HINT: - case LOCAL_GL_READ_BUFFER: /* fall through */ /* GLint */ From 9f7427f7f8eb13e96f9ae1221b8653edba5bac8f Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Wed, 10 Jun 2015 15:13:02 +1000 Subject: [PATCH 097/297] Bug 1170855 - Part C: Move _WEBGL GLenums from GLConsts.h to WebGLContext.h. r=jgilbert --- dom/canvas/WebGLContext.h | 10 ++++++++++ gfx/gl/GLConsts.h | 6 ------ 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/dom/canvas/WebGLContext.h b/dom/canvas/WebGLContext.h index 9ec26c554ff..1354c2eafcd 100644 --- a/dom/canvas/WebGLContext.h +++ b/dom/canvas/WebGLContext.h @@ -65,6 +65,16 @@ class nsIDocShell; #define MINVALUE_GL_MAX_RENDERBUFFER_SIZE 1024 // Different from the spec, which sets it to 1 on page 164 #define MINVALUE_GL_MAX_COMBINED_TEXTURE_IMAGE_UNITS 8 // Page 164 +/* + * WebGL-only GLenums + */ +#define LOCAL_GL_BROWSER_DEFAULT_WEBGL 0x9244 +#define LOCAL_GL_CONTEXT_LOST_WEBGL 0x9242 +#define LOCAL_GL_MAX_CLIENT_WAIT_TIMEOUT_WEBGL 0x9247 +#define LOCAL_GL_UNPACK_COLORSPACE_CONVERSION_WEBGL 0x9243 +#define LOCAL_GL_UNPACK_FLIP_Y_WEBGL 0x9240 +#define LOCAL_GL_UNPACK_PREMULTIPLY_ALPHA_WEBGL 0x9241 + namespace mozilla { class WebGLActiveInfo; diff --git a/gfx/gl/GLConsts.h b/gfx/gl/GLConsts.h index 5b3bbb419e9..0c1e43e8aac 100644 --- a/gfx/gl/GLConsts.h +++ b/gfx/gl/GLConsts.h @@ -283,7 +283,6 @@ #define LOCAL_GL_BOOL_VEC4_ARB 0x8B59 #define LOCAL_GL_BOUNDING_BOX_NV 0x908D #define LOCAL_GL_BOUNDING_BOX_OF_BOUNDING_BOXES_NV 0x909C -#define LOCAL_GL_BROWSER_DEFAULT_WEBGL 0x9244 #define LOCAL_GL_BUFFER 0x82E0 #define LOCAL_GL_BUFFER_ACCESS 0x88BB #define LOCAL_GL_BUFFER_ACCESS_ARB 0x88BB @@ -731,7 +730,6 @@ #define LOCAL_GL_CONTEXT_FLAG_DEBUG_BIT_KHR 0x00000002 #define LOCAL_GL_CONTEXT_FLAG_FORWARD_COMPATIBLE_BIT 0x00000001 #define LOCAL_GL_CONTEXT_FLAG_ROBUST_ACCESS_BIT_ARB 0x00000004 -#define LOCAL_GL_CONTEXT_LOST_WEBGL 0x9242 #define LOCAL_GL_CONTEXT_PROFILE_MASK 0x9126 #define LOCAL_GL_CONTEXT_ROBUST_ACCESS_EXT 0x90F3 #define LOCAL_GL_CONTINUOUS_AMD 0x9007 @@ -2279,7 +2277,6 @@ #define LOCAL_GL_MAX_ATTRIB_STACK_DEPTH 0x0D35 #define LOCAL_GL_MAX_BINDABLE_UNIFORM_SIZE_EXT 0x8DED #define LOCAL_GL_MAX_CLIENT_ATTRIB_STACK_DEPTH 0x0D3B -#define LOCAL_GL_MAX_CLIENT_WAIT_TIMEOUT_WEBGL 0x9247 #define LOCAL_GL_MAX_CLIPMAP_DEPTH_SGIX 0x8177 #define LOCAL_GL_MAX_CLIPMAP_VIRTUAL_DEPTH_SGIX 0x8178 #define LOCAL_GL_MAX_CLIP_DISTANCES 0x0D32 @@ -4681,19 +4678,16 @@ #define LOCAL_GL_UNPACK_ALIGNMENT 0x0CF5 #define LOCAL_GL_UNPACK_CLIENT_STORAGE_APPLE 0x85B2 #define LOCAL_GL_UNPACK_CMYK_HINT_EXT 0x800F -#define LOCAL_GL_UNPACK_COLORSPACE_CONVERSION_WEBGL 0x9243 #define LOCAL_GL_UNPACK_COMPRESSED_BLOCK_DEPTH 0x9129 #define LOCAL_GL_UNPACK_COMPRESSED_BLOCK_HEIGHT 0x9128 #define LOCAL_GL_UNPACK_COMPRESSED_BLOCK_SIZE 0x912A #define LOCAL_GL_UNPACK_COMPRESSED_BLOCK_WIDTH 0x9127 #define LOCAL_GL_UNPACK_COMPRESSED_SIZE_SGIX 0x831A #define LOCAL_GL_UNPACK_CONSTANT_DATA_SUNX 0x81D5 -#define LOCAL_GL_UNPACK_FLIP_Y_WEBGL 0x9240 #define LOCAL_GL_UNPACK_IMAGE_DEPTH_SGIS 0x8133 #define LOCAL_GL_UNPACK_IMAGE_HEIGHT 0x806E #define LOCAL_GL_UNPACK_IMAGE_HEIGHT_EXT 0x806E #define LOCAL_GL_UNPACK_LSB_FIRST 0x0CF1 -#define LOCAL_GL_UNPACK_PREMULTIPLY_ALPHA_WEBGL 0x9241 #define LOCAL_GL_UNPACK_RESAMPLE_OML 0x8985 #define LOCAL_GL_UNPACK_RESAMPLE_SGIX 0x842D #define LOCAL_GL_UNPACK_ROW_BYTES_APPLE 0x8A16 From f346c30e0049fe31c64c011c95b69bd126201857 Mon Sep 17 00:00:00 2001 From: Karl Tomlinson Date: Wed, 10 Jun 2015 09:18:35 +1200 Subject: [PATCH 098/297] bug 1004167 opaque back-button when not -moz-lwtheme to pixel-align clip r=mdeboer Make back-button background match the color of its ancestor toolbar, where possible, so that overdrawing the start of the url bar makes aligning the clip with the arc of the back button border unnecessary. This enables subpixel antialiasing and more efficient drawing in the url bar. back-button border outside is aligned with the visible toolbarbutton-icon to avoid any awkward lines should the color of the toolbar be modified in any way. --- browser/base/content/browser.xul | 7 ++++++- browser/themes/linux/browser.css | 22 +++++++++++++--------- 2 files changed, 19 insertions(+), 10 deletions(-) diff --git a/browser/base/content/browser.xul b/browser/base/content/browser.xul index f30596edd69..a2a8161ff2e 100644 --- a/browser/base/content/browser.xul +++ b/browser/base/content/browser.xul @@ -1235,9 +1235,14 @@ #include tab-shape.inc.svg +#if defined(XP_UNIX) && !defined(XP_MACOSX) + + + +#endif #ifndef XP_MACOSX - + #else #endif diff --git a/browser/themes/linux/browser.css b/browser/themes/linux/browser.css index e0e46bfe602..dffce93d48a 100644 --- a/browser/themes/linux/browser.css +++ b/browser/themes/linux/browser.css @@ -680,17 +680,17 @@ toolbarbutton[constrain-size="true"][cui-areatype="toolbar"] > .toolbarbutton-ba } #back-button { - padding-top: 3px; - padding-bottom: 3px; - -moz-padding-start: 5px; - -moz-padding-end: 0; + margin-top: 3px; + margin-bottom: 3px; + -moz-margin-start: 5px; + padding: 0; position: relative; z-index: 1; - border-radius: 0 10000px 10000px 0; + border-radius: 10000px; } -#back-button:-moz-locale-dir(rtl) { - border-radius: 10000px 0 0 10000px; +#back-button:not(:-moz-lwtheme) { + background-color: -moz-dialog; } #back-button > menupopup { @@ -894,13 +894,17 @@ toolbarbutton[constrain-size="true"][cui-areatype="toolbar"] > .toolbarbutton-ba } @conditionalForwardWithUrlbar@ { - clip-path: url("chrome://browser/content/browser.xul#urlbar-back-button-clip-path"); + clip-path: url("chrome://browser/content/browser.xul#urlbar-clip-path"); -moz-margin-start: -5px; } +@conditionalForwardWithUrlbar@:-moz-lwtheme { + clip-path: url("chrome://browser/content/browser.xul#urlbar-back-button-clip-path"); +} + @conditionalForwardWithUrlbar@:-moz-locale-dir(rtl), @conditionalForwardWithUrlbar@ > #urlbar:-moz-locale-dir(rtl) { - /* let urlbar-back-button-clip-path clip the urlbar's right side for RTL */ + /* Let clip-path clip the urlbar-wrapper's right side for RTL. */ transform: scaleX(-1); } From 7a30fbcc6804a29a859c798107f75da7fe192294 Mon Sep 17 00:00:00 2001 From: Karl Tomlinson Date: Fri, 5 Jun 2015 16:19:37 +1200 Subject: [PATCH 099/297] bug 1171785 create nsContentUtils::RunInStableState helper r=bholley --- dom/base/nsContentUtils.cpp | 19 +++++++++++++++++++ dom/base/nsContentUtils.h | 21 +++++++++++++++++++++ 2 files changed, 40 insertions(+) diff --git a/dom/base/nsContentUtils.cpp b/dom/base/nsContentUtils.cpp index 447f5ec099d..edad528e2df 100644 --- a/dom/base/nsContentUtils.cpp +++ b/dom/base/nsContentUtils.cpp @@ -92,6 +92,7 @@ #include "nsHostObjectProtocolHandler.h" #include "nsHtml5Module.h" #include "nsHtml5StringParser.h" +#include "nsIAppShell.h" #include "nsIAsyncVerifyRedirectCallback.h" #include "nsICategoryManager.h" #include "nsIChannelEventSink.h" @@ -182,6 +183,7 @@ #include "nsUnicodeProperties.h" #include "nsViewManager.h" #include "nsViewportInfo.h" +#include "nsWidgetsCID.h" #include "nsWrapperCacheInlines.h" #include "nsXULPopupManager.h" #include "xpcprivate.h" // nsXPConnect @@ -337,6 +339,7 @@ namespace { static NS_DEFINE_CID(kParserServiceCID, NS_PARSERSERVICE_CID); static NS_DEFINE_CID(kCParserCID, NS_PARSER_CID); +static NS_DEFINE_CID(kAppShellCID, NS_APPSHELL_CID); static PLDHashTable* sEventListenerManagersHash; @@ -5148,6 +5151,22 @@ nsContentUtils::AddScriptRunner(nsIRunnable* aRunnable) return true; } +/* static */ +void +nsContentUtils::RunInStableState(already_AddRefed aRunnable, + DispatchFailureHandling aHandling) +{ + nsCOMPtr runnable = aRunnable; + nsCOMPtr appShell(do_GetService(kAppShellCID)); + if (!appShell) { + MOZ_ASSERT(aHandling == DispatchFailureHandling::IgnoreFailure); + return; + } + DebugOnly rv = appShell->RunInStableState(runnable); + MOZ_ASSERT(NS_SUCCEEDED(rv) || + aHandling == DispatchFailureHandling::IgnoreFailure); +} + void nsContentUtils::EnterMicroTask() { diff --git a/dom/base/nsContentUtils.h b/dom/base/nsContentUtils.h index 8a1e68447f6..3570d030638 100644 --- a/dom/base/nsContentUtils.h +++ b/dom/base/nsContentUtils.h @@ -1576,6 +1576,27 @@ public: */ static void WarnScriptWasIgnored(nsIDocument* aDocument); + /** + * Whether to assert that RunInStableState() succeeds, or ignore failure, + * which may happen late in shutdown. + */ + enum class DispatchFailureHandling { AssertSuccess, IgnoreFailure }; + + /** + * Add a "synchronous section", in the form of an nsIRunnable run once the + * event loop has reached a "stable state". |aRunnable| must not cause any + * queued events to be processed (i.e. must not spin the event loop). + * We've reached a stable state when the currently executing task/event has + * finished, see + * http://www.whatwg.org/specs/web-apps/current-work/multipage/webappapis.html#synchronous-section + * In practice this runs aRunnable once the currently executing event + * finishes. If called multiple times per task/event, all the runnables will + * be executed, in the order in which RunInStableState() was called. + */ + static void RunInStableState(already_AddRefed aRunnable, + DispatchFailureHandling aHandling = + DispatchFailureHandling::AssertSuccess); + /** * Retrieve information about the viewport as a data structure. * This will return information in the viewport META data section From a83878b94f08b0148ef6a03bf30422f727450463 Mon Sep 17 00:00:00 2001 From: Karl Tomlinson Date: Fri, 5 Jun 2015 15:55:08 +1200 Subject: [PATCH 100/297] bug 1116382 auto revoke MediaSource object URLs r=bholley --- dom/base/URL.cpp | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/dom/base/URL.cpp b/dom/base/URL.cpp index 5dc76382c11..8109425d0f9 100644 --- a/dom/base/URL.cpp +++ b/dom/base/URL.cpp @@ -139,9 +139,26 @@ URL::CreateObjectURL(const GlobalObject& aGlobal, MediaSource& aSource, nsAString& aResult, ErrorResult& aError) { - CreateObjectURLInternal(aGlobal, &aSource, - NS_LITERAL_CSTRING(MEDIASOURCEURI_SCHEME), aOptions, - aResult, aError); + nsCOMPtr principal = nsContentUtils::ObjectPrincipal(aGlobal.Get()); + + nsCString url; + nsresult rv = nsHostObjectProtocolHandler:: + AddDataEntry(NS_LITERAL_CSTRING(MEDIASOURCEURI_SCHEME), + &aSource, principal, url); + if (NS_FAILED(rv)) { + aError.Throw(rv); + return; + } + + nsCOMPtr revocation = NS_NewRunnableFunction( + [url] { + nsHostObjectProtocolHandler::RemoveDataEntry(url); + }); + + rv = nsContentUtils::RunInStableState(revocation); + MOZ_ASSERT(NS_SUCCEEDED(rv), "RunInStableState() failure"); + + CopyASCIItoUTF16(url, aResult); } void From 171d831ed9314210e57dd9e3783350351fe9ffbf Mon Sep 17 00:00:00 2001 From: Karl Tomlinson Date: Fri, 29 May 2015 00:01:34 +1200 Subject: [PATCH 101/297] bug 1116382 test auto-revoking behavior with URL.createObjectURL(MediaSource) r=bholley --- dom/base/URL.cpp | 3 +-- .../media-source/URL-createObjectURL-revoke.html | 16 ++++++++++++++++ 2 files changed, 17 insertions(+), 2 deletions(-) diff --git a/dom/base/URL.cpp b/dom/base/URL.cpp index 8109425d0f9..5ab46d5fd99 100644 --- a/dom/base/URL.cpp +++ b/dom/base/URL.cpp @@ -155,8 +155,7 @@ URL::CreateObjectURL(const GlobalObject& aGlobal, MediaSource& aSource, nsHostObjectProtocolHandler::RemoveDataEntry(url); }); - rv = nsContentUtils::RunInStableState(revocation); - MOZ_ASSERT(NS_SUCCEEDED(rv), "RunInStableState() failure"); + nsContentUtils::RunInStableState(revocation.forget()); CopyASCIItoUTF16(url, aResult); } diff --git a/testing/web-platform/tests/media-source/URL-createObjectURL-revoke.html b/testing/web-platform/tests/media-source/URL-createObjectURL-revoke.html index 5355659ec6e..c5e18d4fd58 100644 --- a/testing/web-platform/tests/media-source/URL-createObjectURL-revoke.html +++ b/testing/web-platform/tests/media-source/URL-createObjectURL-revoke.html @@ -38,6 +38,22 @@ async_test(function(t) { video.removeEventListener('error', unexpectedErrorHandler); })); }, "Check referenced MediaSource can open after URL.revokeObjectURL(url)."); +async_test(function(t) { + var mediaSource = new MediaSource(); + var url = window.URL.createObjectURL(mediaSource); + setTimeout(function() { + mediaSource.addEventListener('sourceopen', + t.unreached_func("url should not reference MediaSource.")); + var video = document.createElement('video'); + video.src = url; + video.addEventListener('error', t.step_func_done(function(e) { + assert_equals(e.target.error.code, + MediaError.MEDIA_ERR_SRC_NOT_SUPPORTED, + 'Expected error code'); + assert_equals(mediaSource.readyState, 'closed'); + })); + }, 0); +}, "Check auto-revoking behavior with URL.createObjectURL(MediaSource)."); From dfec6761147fc366b1c8d869fd79c9888b66ea76 Mon Sep 17 00:00:00 2001 From: Karl Tomlinson Date: Thu, 11 Jun 2015 14:36:12 +1200 Subject: [PATCH 102/297] bug 1171785 use nsContentUtils::RunInStableState() r=bholley --- dom/base/nsDOMWindowUtils.cpp | 10 ++++------ dom/html/HTMLImageElement.cpp | 18 +++++------------- dom/html/HTMLMediaElement.cpp | 7 +------ dom/interfaces/base/nsIDOMWindowUtils.idl | 8 +++++--- dom/media/AbstractThread.cpp | 8 ++------ dom/media/CanvasCaptureMediaStream.cpp | 8 ++------ dom/media/MediaStreamGraph.cpp | 11 +---------- dom/media/webaudio/AudioDestinationNode.cpp | 18 ++++++++---------- 8 files changed, 28 insertions(+), 60 deletions(-) diff --git a/dom/base/nsDOMWindowUtils.cpp b/dom/base/nsDOMWindowUtils.cpp index af5df238102..1215ead921e 100644 --- a/dom/base/nsDOMWindowUtils.cpp +++ b/dom/base/nsDOMWindowUtils.cpp @@ -3441,16 +3441,14 @@ nsDOMWindowUtils::DispatchEventToChromeOnly(nsIDOMEventTarget* aTarget, } NS_IMETHODIMP -nsDOMWindowUtils::RunInStableState(nsIRunnable *runnable) +nsDOMWindowUtils::RunInStableState(nsIRunnable *aRunnable) { MOZ_RELEASE_ASSERT(nsContentUtils::IsCallerChrome()); - nsCOMPtr appShell(do_GetService(kAppShellCID)); - if (!appShell) { - return NS_ERROR_NOT_AVAILABLE; - } + nsCOMPtr runnable = aRunnable; + nsContentUtils::RunInStableState(runnable.forget()); - return appShell->RunInStableState(runnable); + return NS_OK; } NS_IMETHODIMP diff --git a/dom/html/HTMLImageElement.cpp b/dom/html/HTMLImageElement.cpp index d7e89f108bf..aac2e44afbc 100644 --- a/dom/html/HTMLImageElement.cpp +++ b/dom/html/HTMLImageElement.cpp @@ -17,8 +17,6 @@ #include "nsIURL.h" #include "nsIIOService.h" #include "nsIServiceManager.h" -#include "nsIAppShell.h" -#include "nsWidgetsCID.h" #include "nsNetUtil.h" #include "nsContentUtils.h" #include "nsContainerFrame.h" @@ -53,8 +51,6 @@ #include "mozilla/Preferences.h" static const char *kPrefSrcsetEnabled = "dom.image.srcset.enabled"; -static NS_DEFINE_CID(kAppShellCID, NS_APPSHELL_CID); - NS_IMPL_NS_NEW_HTML_ELEMENT(Image) #ifdef DEBUG @@ -882,15 +878,11 @@ HTMLImageElement::QueueImageLoadTask() return; } - // The task checks this to determine if it was the last queued event, so this - // implicitly cancels earlier tasks - mPendingImageLoadTask = new ImageLoadTask(this); - nsCOMPtr appShell = do_GetService(kAppShellCID); - if (appShell) { - appShell->RunInStableState(mPendingImageLoadTask); - } else { - MOZ_ASSERT(false, "expect appshell for HTMLImageElement"); - } + nsCOMPtr task = new ImageLoadTask(this); + // The task checks this to determine if it was the last + // queued event, and so earlier tasks are implicitly canceled. + mPendingImageLoadTask = task; + nsContentUtils::RunInStableState(task.forget()); } bool diff --git a/dom/html/HTMLMediaElement.cpp b/dom/html/HTMLMediaElement.cpp index c5c61c26f84..182183fc7e8 100644 --- a/dom/html/HTMLMediaElement.cpp +++ b/dom/html/HTMLMediaElement.cpp @@ -61,8 +61,6 @@ #include "Layers.h" #include #include "nsIAsyncVerifyRedirectCallback.h" -#include "nsIAppShell.h" -#include "nsWidgetsCID.h" #include "nsMediaFragmentURIParser.h" #include "nsURIHashKey.h" #include "nsJSUtils.h" @@ -758,13 +756,10 @@ public: } }; -static NS_DEFINE_CID(kAppShellCID, NS_APPSHELL_CID); - void HTMLMediaElement::RunInStableState(nsIRunnable* aRunnable) { nsCOMPtr event = new nsSyncSection(this, aRunnable); - nsCOMPtr appShell = do_GetService(kAppShellCID); - appShell->RunInStableState(event); + nsContentUtils::RunInStableState(event.forget()); } void HTMLMediaElement::QueueLoadFromSourceTask() diff --git a/dom/interfaces/base/nsIDOMWindowUtils.idl b/dom/interfaces/base/nsIDOMWindowUtils.idl index 51a136dad00..a85ee6042e9 100644 --- a/dom/interfaces/base/nsIDOMWindowUtils.idl +++ b/dom/interfaces/base/nsIDOMWindowUtils.idl @@ -1704,9 +1704,11 @@ interface nsIDOMWindowUtils : nsISupports { attribute boolean paintFlashing; /** - * Allows running of a "synchronous section", in the form of an nsIRunnable - * once the event loop has reached a "stable state". We've reached a stable - * state when the currently executing task/event has finished, see: + * Add a "synchronous section", in the form of an nsIRunnable run once the + * event loop has reached a "stable state". |runnable| must not cause any + * queued events to be processed (i.e. must not spin the event loop). + * We've reached a stable state when the currently executing task/event has + * finished, see: * http://www.whatwg.org/specs/web-apps/current-work/multipage/webappapis.html#synchronous-section * In practice this runs aRunnable once the currently executing event * finishes. If called multiple times per task/event, all the runnables will diff --git a/dom/media/AbstractThread.cpp b/dom/media/AbstractThread.cpp index e01e06c96e5..63244656354 100644 --- a/dom/media/AbstractThread.cpp +++ b/dom/media/AbstractThread.cpp @@ -10,8 +10,7 @@ #include "nsThreadUtils.h" #include "TaskDispatcher.h" -#include "nsIAppShell.h" -#include "nsWidgetsCID.h" +#include "nsContentUtils.h" #include "nsServiceManagerUtils.h" #include "mozilla/ClearOnShutdown.h" @@ -24,8 +23,6 @@ namespace mozilla { StaticRefPtr sMainThread; ThreadLocal AbstractThread::sCurrentThreadTLS; -static NS_DEFINE_CID(kAppShellCID, NS_APPSHELL_CID); - class XPCOMThreadWrapper : public AbstractThread { public: @@ -87,8 +84,7 @@ public: mTailDispatcher.emplace(/* aIsTailDispatcher = */ true); nsCOMPtr event = NS_NewRunnableMethod(this, &XPCOMThreadWrapper::FireTailDispatcher); - nsCOMPtr appShell = do_GetService(kAppShellCID); - appShell->RunInStableState(event); + nsContentUtils::RunInStableState(event.forget()); } return mTailDispatcher.ref(); diff --git a/dom/media/CanvasCaptureMediaStream.cpp b/dom/media/CanvasCaptureMediaStream.cpp index 1d7f2e52cdd..d8f06b790e6 100644 --- a/dom/media/CanvasCaptureMediaStream.cpp +++ b/dom/media/CanvasCaptureMediaStream.cpp @@ -11,10 +11,7 @@ #include "mozilla/Mutex.h" #include "mozilla/dom/CanvasCaptureMediaStreamBinding.h" #include "mozilla/dom/HTMLCanvasElement.h" -#include "nsIAppShell.h" -#include "nsWidgetsCID.h" - -static NS_DEFINE_CID(kAppShellCID, NS_APPSHELL_CID); +#include "nsContentUtils.h" using namespace mozilla::layers; using namespace mozilla::gfx; @@ -113,8 +110,7 @@ OutputStreamDriver::Start() // Run StartInternal() in stable state to allow it to directly capture a frame nsCOMPtr runnable = NS_NewRunnableMethod(this, &OutputStreamDriver::StartInternal); - nsCOMPtr appShell = do_GetService(kAppShellCID); - appShell->RunInStableState(runnable); + nsContentUtils::RunInStableState(runnable.forget()); mStarted = true; return NS_OK; diff --git a/dom/media/MediaStreamGraph.cpp b/dom/media/MediaStreamGraph.cpp index b39f02f999d..8e6cedab4a7 100644 --- a/dom/media/MediaStreamGraph.cpp +++ b/dom/media/MediaStreamGraph.cpp @@ -10,11 +10,9 @@ #include "AudioSegment.h" #include "VideoSegment.h" #include "nsContentUtils.h" -#include "nsIAppShell.h" #include "nsIObserver.h" #include "nsPrintfCString.h" #include "nsServiceManagerUtils.h" -#include "nsWidgetsCID.h" #include "prerror.h" #include "mozilla/Logging.h" #include "mozilla/Attributes.h" @@ -1839,8 +1837,6 @@ MediaStreamGraphImpl::RunInStableState(bool aSourceIsMSG) } -static NS_DEFINE_CID(kAppShellCID, NS_APPSHELL_CID); - void MediaStreamGraphImpl::EnsureRunInStableState() { @@ -1850,12 +1846,7 @@ MediaStreamGraphImpl::EnsureRunInStableState() return; mPostedRunInStableState = true; nsCOMPtr event = new MediaStreamGraphStableStateRunnable(this, false); - nsCOMPtr appShell = do_GetService(kAppShellCID); - if (appShell) { - appShell->RunInStableState(event); - } else { - NS_ERROR("Appshell already destroyed?"); - } + nsContentUtils::RunInStableState(event.forget()); } void diff --git a/dom/media/webaudio/AudioDestinationNode.cpp b/dom/media/webaudio/AudioDestinationNode.cpp index 0200f939093..1f7a7a39536 100644 --- a/dom/media/webaudio/AudioDestinationNode.cpp +++ b/dom/media/webaudio/AudioDestinationNode.cpp @@ -16,13 +16,12 @@ #include "AudioNodeStream.h" #include "MediaStreamGraph.h" #include "OfflineAudioCompletionEvent.h" +#include "nsContentUtils.h" #include "nsIInterfaceRequestorUtils.h" #include "nsIDocShell.h" #include "nsIPermissionManager.h" #include "nsIScriptObjectPrincipal.h" #include "nsServiceManagerUtils.h" -#include "nsIAppShell.h" -#include "nsWidgetsCID.h" #include "mozilla/dom/Promise.h" namespace mozilla { @@ -684,17 +683,16 @@ AudioDestinationNode::NotifyStableState() mExtraCurrentTimeUpdatedSinceLastStableState = false; } -static NS_DEFINE_CID(kAppShellCID, NS_APPSHELL_CID); - void AudioDestinationNode::ScheduleStableStateNotification() { - nsCOMPtr appShell = do_GetService(kAppShellCID); - if (appShell) { - nsCOMPtr event = - NS_NewRunnableMethod(this, &AudioDestinationNode::NotifyStableState); - appShell->RunInStableState(event); - } + nsCOMPtr event = + NS_NewRunnableMethod(this, &AudioDestinationNode::NotifyStableState); + // Dispatch will fail if this is called on AudioNode destruction during + // shutdown, in which case failure can be ignored. + nsContentUtils::RunInStableState(event.forget(), + nsContentUtils:: + DispatchFailureHandling::IgnoreFailure); } double From 9314668ae34a844db544d4d7ad81b66bf685f2a4 Mon Sep 17 00:00:00 2001 From: Karl Tomlinson Date: Mon, 8 Jun 2015 11:06:38 +1200 Subject: [PATCH 103/297] bug 1172377 change RunInStableState API to receive ownership of nsIRunnable r=roc --- dom/base/nsContentUtils.cpp | 4 +--- widget/ScreenProxy.cpp | 6 +++--- widget/nsBaseAppShell.cpp | 13 +++++++------ widget/nsBaseAppShell.h | 4 +++- widget/nsIAppShell.idl | 17 ++++++++++++----- widget/nsScreenManagerProxy.cpp | 6 +++--- 6 files changed, 29 insertions(+), 21 deletions(-) diff --git a/dom/base/nsContentUtils.cpp b/dom/base/nsContentUtils.cpp index edad528e2df..aaf2cb9e166 100644 --- a/dom/base/nsContentUtils.cpp +++ b/dom/base/nsContentUtils.cpp @@ -5162,9 +5162,7 @@ nsContentUtils::RunInStableState(already_AddRefed aRunnable, MOZ_ASSERT(aHandling == DispatchFailureHandling::IgnoreFailure); return; } - DebugOnly rv = appShell->RunInStableState(runnable); - MOZ_ASSERT(NS_SUCCEEDED(rv) || - aHandling == DispatchFailureHandling::IgnoreFailure); + appShell->RunInStableState(runnable.forget()); } void diff --git a/widget/ScreenProxy.cpp b/widget/ScreenProxy.cpp index f1673af736f..936841431f8 100644 --- a/widget/ScreenProxy.cpp +++ b/widget/ScreenProxy.cpp @@ -171,9 +171,9 @@ ScreenProxy::InvalidateCacheOnNextTick() nsCOMPtr appShell = do_GetService(kAppShellCID); if (appShell) { - appShell->RunInStableState( - NS_NewRunnableMethod(this, &ScreenProxy::InvalidateCache) - ); + nsCOMPtr r = + NS_NewRunnableMethod(this, &ScreenProxy::InvalidateCache); + appShell->RunInStableState(r.forget()); } else { // It's pretty bad news if we can't get the appshell. In that case, // let's just invalidate the cache right away. diff --git a/widget/nsBaseAppShell.cpp b/widget/nsBaseAppShell.cpp index be813c6b735..d194abdd517 100644 --- a/widget/nsBaseAppShell.cpp +++ b/widget/nsBaseAppShell.cpp @@ -387,7 +387,8 @@ nsBaseAppShell::RunSyncSectionsInternal(bool aStable, } void -nsBaseAppShell::ScheduleSyncSection(nsIRunnable* aRunnable, bool aStable) +nsBaseAppShell::ScheduleSyncSection(already_AddRefed aRunnable, + bool aStable) { NS_ASSERTION(NS_IsMainThread(), "Should be on main thread."); @@ -444,16 +445,16 @@ nsBaseAppShell::Observe(nsISupports *subject, const char *topic, return NS_OK; } -NS_IMETHODIMP -nsBaseAppShell::RunInStableState(nsIRunnable* aRunnable) +void +nsBaseAppShell::RunInStableState(already_AddRefed aRunnable) { - ScheduleSyncSection(aRunnable, true); - return NS_OK; + ScheduleSyncSection(mozilla::Move(aRunnable), true); } NS_IMETHODIMP nsBaseAppShell::RunBeforeNextEvent(nsIRunnable* aRunnable) { - ScheduleSyncSection(aRunnable, false); + nsCOMPtr runnable = aRunnable; + ScheduleSyncSection(runnable.forget(), false); return NS_OK; } diff --git a/widget/nsBaseAppShell.h b/widget/nsBaseAppShell.h index b528e88e484..09f8e47b71c 100644 --- a/widget/nsBaseAppShell.h +++ b/widget/nsBaseAppShell.h @@ -25,6 +25,8 @@ class nsBaseAppShell : public nsIAppShell, public nsIThreadObserver, public: NS_DECL_THREADSAFE_ISUPPORTS NS_DECL_NSIAPPSHELL + void RunInStableState(already_AddRefed runnable) override; + NS_DECL_NSITHREADOBSERVER NS_DECL_NSIOBSERVER @@ -94,7 +96,7 @@ private: } } - void ScheduleSyncSection(nsIRunnable* runnable, bool stable); + void ScheduleSyncSection(already_AddRefed runnable, bool stable); struct SyncSection { SyncSection() diff --git a/widget/nsIAppShell.idl b/widget/nsIAppShell.idl index 3c0af793c63..bb089d20ae8 100644 --- a/widget/nsIAppShell.idl +++ b/widget/nsIAppShell.idl @@ -7,12 +7,15 @@ #include "nsISupports.idl" interface nsIRunnable; +%{ C++ +template struct already_AddRefed; +%} /** * Interface for the native event system layer. This interface is designed * to be used on the main application thread only. */ -[uuid(2d10ca53-f143-439a-bb2e-c1fbc71f6a05)] +[uuid(3d09973e-3975-4fd4-b103-276300cc8437)] interface nsIAppShell : nsISupports { /** @@ -71,16 +74,20 @@ interface nsIAppShell : nsISupports */ readonly attribute unsigned long eventloopNestingLevel; +%{ C++ /** - * Allows running of a "synchronous section", in the form of an nsIRunnable - * once the event loop has reached a "stable state". We've reached a stable - * state when the currently executing task/event has finished, see: + * Add a "synchronous section", in the form of an nsIRunnable run once the + * event loop has reached a "stable state". |runnable| must not cause any + * queued events to be processed (i.e. must not spin the event loop). We've + * reached a stable state when the currently executing task/event has + * finished, see: * http://www.whatwg.org/specs/web-apps/current-work/multipage/webappapis.html#synchronous-section * In practice this runs aRunnable once the currently executing event * finishes. If called multiple times per task/event, all the runnables will * be executed, in the order in which runInStableState() was called. */ - void runInStableState(in nsIRunnable runnable); + virtual void RunInStableState(already_AddRefed runnable) = 0; +%} /** * Run the given runnable before the next iteration of the event loop (this diff --git a/widget/nsScreenManagerProxy.cpp b/widget/nsScreenManagerProxy.cpp index e014940ade9..b768a53091a 100644 --- a/widget/nsScreenManagerProxy.cpp +++ b/widget/nsScreenManagerProxy.cpp @@ -200,9 +200,9 @@ nsScreenManagerProxy::InvalidateCacheOnNextTick() nsCOMPtr appShell = do_GetService(kAppShellCID); if (appShell) { - appShell->RunInStableState( - NS_NewRunnableMethod(this, &nsScreenManagerProxy::InvalidateCache) - ); + nsCOMPtr r = + NS_NewRunnableMethod(this, &nsScreenManagerProxy::InvalidateCache); + appShell->RunInStableState(r.forget()); } else { // It's pretty bad news if we can't get the appshell. In that case, // let's just invalidate the cache right away. From bb0c06fd914d9b5cf8ca7b329496ffac3f6c39cf Mon Sep 17 00:00:00 2001 From: Nicholas Nethercote Date: Wed, 10 Jun 2015 13:07:40 -0700 Subject: [PATCH 104/297] Bug 1172761 (part 1) - Remove PL_DHashTableEnumerator use from nsAtomTable. r=froydnj. --- xpcom/ds/nsAtomTable.cpp | 31 ++++++++++++------------------- 1 file changed, 12 insertions(+), 19 deletions(-) diff --git a/xpcom/ds/nsAtomTable.cpp b/xpcom/ds/nsAtomTable.cpp index 15262287da0..fee856ad5e8 100644 --- a/xpcom/ds/nsAtomTable.cpp +++ b/xpcom/ds/nsAtomTable.cpp @@ -299,24 +299,6 @@ static const PLDHashTableOps AtomTableOps = { }; -#ifdef DEBUG -static PLDHashOperator -DumpAtomLeaks(PLDHashTable* aTable, PLDHashEntryHdr* aEntryHdr, - uint32_t aIndex, void* aArg) -{ - AtomTableEntry* entry = static_cast(aEntryHdr); - AtomImpl* atom = entry->mAtom; - if (!atom->IsPermanent()) { - ++*static_cast(aArg); - nsAutoCString str; - atom->ToUTF8String(str); - fputs(str.get(), stdout); - fputs("\n", stdout); - } - return PL_DHASH_NEXT; -} -#endif - static inline void PromoteToPermanent(AtomImpl* aAtom) @@ -345,7 +327,18 @@ NS_PurgeAtomTable() uint32_t leaked = 0; printf("*** %d atoms still exist (including permanent):\n", gAtomTable->EntryCount()); - PL_DHashTableEnumerate(gAtomTable, DumpAtomLeaks, &leaked); + PLDHashTable::Iterator iter(gAtomTable); + while (iter.HasMoreEntries()) { + auto entry = static_cast(iter.NextEntry()); + AtomImpl* atom = entry->mAtom; + if (!atom->IsPermanent()) { + leaked++; + nsAutoCString str; + atom->ToUTF8String(str); + fputs(str.get(), stdout); + fputs("\n", stdout); + } + } printf("*** %u non-permanent atoms leaked\n", leaked); } #endif From 06bec04d53c4adbadf074932916227db7197f2e8 Mon Sep 17 00:00:00 2001 From: Nicholas Nethercote Date: Wed, 10 Jun 2015 13:07:40 -0700 Subject: [PATCH 105/297] Bug 1172761 (part 2) - Remove PL_DHashTableEnumerator use from nsPersistentProperties. r=froydnj. The old code attempted to deal with any OOMs during this enumeration -- OOMs are possible because it's growing an nsCOMArray -- but failed to do so correctly. - It didn't check the return value of AppendObject(). - It did check that EntryCount() matched the return value of PL_DHashTableEnumerate(), but that's always (and vacuously) true. The new code just returns NS_ERROR_OUT_OF_MEMORY if AppendObject() fails; this is trivial now that it uses an iterator and doesn't have to call out to another function. --- xpcom/ds/nsPersistentProperties.cpp | 33 ++++++++++------------------- 1 file changed, 11 insertions(+), 22 deletions(-) diff --git a/xpcom/ds/nsPersistentProperties.cpp b/xpcom/ds/nsPersistentProperties.cpp index 145714f6e67..39c4e4656b9 100644 --- a/xpcom/ds/nsPersistentProperties.cpp +++ b/xpcom/ds/nsPersistentProperties.cpp @@ -563,25 +563,6 @@ nsPersistentProperties::GetStringProperty(const nsACString& aKey, return NS_OK; } -static PLDHashOperator -AddElemToArray(PLDHashTable* aTable, PLDHashEntryHdr* aHdr, - uint32_t aIndex, void* aArg) -{ - nsCOMArray* props = - static_cast*>(aArg); - PropertyTableEntry* entry = - static_cast(aHdr); - - nsPropertyElement* element = - new nsPropertyElement(nsDependentCString(entry->mKey), - nsDependentString(entry->mValue)); - - props->AppendObject(element); - - return PL_DHASH_NEXT; -} - - NS_IMETHODIMP nsPersistentProperties::Enumerate(nsISimpleEnumerator** aResult) { @@ -591,9 +572,17 @@ nsPersistentProperties::Enumerate(nsISimpleEnumerator** aResult) props.SetCapacity(mTable.EntryCount()); // Step through hash entries populating a transient array - uint32_t n = PL_DHashTableEnumerate(&mTable, AddElemToArray, (void*)&props); - if (n < mTable.EntryCount()) { - return NS_ERROR_OUT_OF_MEMORY; + PLDHashTable::Iterator iter(&mTable); + while (iter.HasMoreEntries()) { + auto entry = static_cast(iter.NextEntry()); + + nsRefPtr element = + new nsPropertyElement(nsDependentCString(entry->mKey), + nsDependentString(entry->mValue)); + + if (!props.AppendObject(element)) { + return NS_ERROR_OUT_OF_MEMORY; + } } return NS_NewArrayEnumerator(aResult, props); From d11e1b127e64b9785cb0764fc79b3b6f149d9f73 Mon Sep 17 00:00:00 2001 From: Phil Ringnalda Date: Wed, 10 Jun 2015 20:47:07 -0700 Subject: [PATCH 106/297] Backed out 12 changesets (bug 1170855) for Windows build bustage CLOSED TREE Backed out changeset 47070f494c9e (bug 1170855) Backed out changeset 86e3fb3a2295 (bug 1170855) Backed out changeset 49284df5294e (bug 1170855) Backed out changeset ae7c769cb78d (bug 1170855) Backed out changeset 1fbb0ef29363 (bug 1170855) Backed out changeset 1fd9140044be (bug 1170855) Backed out changeset cca48a1bc6ef (bug 1170855) Backed out changeset 835570bc63bf (bug 1170855) Backed out changeset 4ee1883ffc65 (bug 1170855) Backed out changeset c666d71f4899 (bug 1170855) Backed out changeset 046422ea849f (bug 1170855) Backed out changeset d38fb3aea20a (bug 1170855) --- dom/canvas/WebGL2Context.h | 1 - dom/canvas/WebGL2ContextSamplers.cpp | 8 - dom/canvas/WebGL2ContextState.cpp | 177 ----------------------- dom/canvas/WebGLContext.cpp | 2 - dom/canvas/WebGLContext.h | 13 +- dom/canvas/WebGLContextState.cpp | 166 +++++++++++++++------ dom/canvas/WebGLContextUtils.cpp | 12 -- dom/canvas/WebGLContextUtils.h | 3 - dom/canvas/WebGLContextValidate.cpp | 2 - dom/canvas/WebGLTimerQuery.h | 1 - dom/canvas/moz.build | 1 - dom/webidl/WebGL2RenderingContext.webidl | 5 +- gfx/gl/GLConsts.h | 5 + gfx/gl/GLContext.cpp | 4 +- gfx/gl/GLContext.h | 1 - gfx/gl/GLContextFeatures.cpp | 9 -- 16 files changed, 129 insertions(+), 281 deletions(-) delete mode 100644 dom/canvas/WebGL2ContextState.cpp diff --git a/dom/canvas/WebGL2Context.h b/dom/canvas/WebGL2Context.h index 6ddad7ec1ed..c6c00493cb0 100644 --- a/dom/canvas/WebGL2Context.h +++ b/dom/canvas/WebGL2Context.h @@ -324,7 +324,6 @@ public: void BindBufferBase(GLenum target, GLuint index, WebGLBuffer* buffer); void BindBufferRange(GLenum target, GLuint index, WebGLBuffer* buffer, GLintptr offset, GLsizeiptr size); */ - virtual JS::Value GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) override; void GetIndexedParameter(GLenum target, GLuint index, dom::Nullable& retval); void GetUniformIndices(WebGLProgram* program, diff --git a/dom/canvas/WebGL2ContextSamplers.cpp b/dom/canvas/WebGL2ContextSamplers.cpp index 3e2b31ebd36..bad4b50bdb5 100644 --- a/dom/canvas/WebGL2ContextSamplers.cpp +++ b/dom/canvas/WebGL2ContextSamplers.cpp @@ -36,12 +36,6 @@ WebGL2Context::DeleteSampler(WebGLSampler* sampler) if (!sampler || sampler->IsDeleted()) return; - for (int n = 0; n < mGLMaxTextureUnits; n++) { - if (mBoundSamplers[n] == sampler) { - mBoundSamplers[n] = nullptr; - } - } - sampler->RequestDelete(); } @@ -80,8 +74,6 @@ WebGL2Context::BindSampler(GLuint unit, WebGLSampler* sampler) return ErrorInvalidOperation("bindSampler: binding deleted sampler"); WebGLContextUnchecked::BindSampler(unit, sampler); - - mBoundSamplers[unit] = sampler; } void diff --git a/dom/canvas/WebGL2ContextState.cpp b/dom/canvas/WebGL2ContextState.cpp deleted file mode 100644 index 09a842730b0..00000000000 --- a/dom/canvas/WebGL2ContextState.cpp +++ /dev/null @@ -1,177 +0,0 @@ -/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* vim: set ts=8 sts=2 et sw=2 tw=80: */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ - -#include "WebGL2Context.h" -#include "WebGLContextUtils.h" - -namespace mozilla { - -JS::Value -WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) -{ - // The following cases are handled in WebGLContext::GetParameter(): - // case LOCAL_GL_MAX_COLOR_ATTACHMENTS: - // case LOCAL_GL_MAX_DRAW_BUFFERS: - // case LOCAL_GL_DRAW_BUFFERi: - - if (IsContextLost()) - return JS::NullValue(); - - MakeContextCurrent(); - - switch (pname) { - /* GLboolean */ - case LOCAL_GL_RASTERIZER_DISCARD: - case LOCAL_GL_SAMPLE_ALPHA_TO_COVERAGE: - case LOCAL_GL_SAMPLE_COVERAGE: - case LOCAL_GL_TRANSFORM_FEEDBACK_PAUSED: - case LOCAL_GL_TRANSFORM_FEEDBACK_ACTIVE: - case LOCAL_GL_UNPACK_SKIP_IMAGES: - case LOCAL_GL_UNPACK_SKIP_PIXELS: - case LOCAL_GL_UNPACK_SKIP_ROWS: { - realGLboolean b = 0; - gl->fGetBooleanv(pname, &b); - return JS::BooleanValue(bool(b)); - } - - /* GLenum */ - case LOCAL_GL_READ_BUFFER: { - if (mBoundReadFramebuffer) { - GLint val = LOCAL_GL_NONE; - gl->fGetIntegerv(pname, &val); - return JS::Int32Value(val); - } - - return JS::Int32Value(LOCAL_GL_BACK); - } - - case LOCAL_GL_FRAGMENT_SHADER_DERIVATIVE_HINT: - /* fall through */ - - /* GLint */ - case LOCAL_GL_MAX_3D_TEXTURE_SIZE: - case LOCAL_GL_MAX_ARRAY_TEXTURE_LAYERS: - case LOCAL_GL_MAX_COMBINED_UNIFORM_BLOCKS: - case LOCAL_GL_MAX_ELEMENTS_INDICES: - case LOCAL_GL_MAX_ELEMENTS_VERTICES: - case LOCAL_GL_MAX_FRAGMENT_INPUT_COMPONENTS: - case LOCAL_GL_MAX_FRAGMENT_UNIFORM_BLOCKS: - case LOCAL_GL_MAX_FRAGMENT_UNIFORM_COMPONENTS: - case LOCAL_GL_MAX_PROGRAM_TEXEL_OFFSET: - case LOCAL_GL_MAX_SAMPLES: - case LOCAL_GL_MAX_TEXTURE_LOD_BIAS: - case LOCAL_GL_MAX_TRANSFORM_FEEDBACK_INTERLEAVED_COMPONENTS: - case LOCAL_GL_MAX_TRANSFORM_FEEDBACK_SEPARATE_ATTRIBS: - case LOCAL_GL_MAX_TRANSFORM_FEEDBACK_SEPARATE_COMPONENTS: - case LOCAL_GL_MAX_UNIFORM_BUFFER_BINDINGS: - case LOCAL_GL_MAX_VERTEX_OUTPUT_COMPONENTS: - case LOCAL_GL_MAX_VERTEX_UNIFORM_BLOCKS: - case LOCAL_GL_MAX_VERTEX_UNIFORM_COMPONENTS: - case LOCAL_GL_MIN_PROGRAM_TEXEL_OFFSET: - case LOCAL_GL_PACK_ROW_LENGTH: - case LOCAL_GL_PACK_SKIP_PIXELS: - case LOCAL_GL_PACK_SKIP_ROWS: - case LOCAL_GL_UNIFORM_BUFFER_OFFSET_ALIGNMENT: - case LOCAL_GL_UNPACK_IMAGE_HEIGHT: - case LOCAL_GL_UNPACK_ROW_LENGTH: { - GLint val; - gl->fGetIntegerv(pname, &val); - return JS::Int32Value(val); - } - - case LOCAL_GL_MAX_VARYING_COMPONENTS: { - // On OS X Core Profile this is buggy. The spec says that the - // value is 4 * GL_MAX_VARYING_VECTORS - GLint val; - gl->fGetIntegerv(LOCAL_GL_MAX_VARYING_VECTORS, &val); - return JS::Int32Value(4*val); - } - - /* GLint64 */ - case LOCAL_GL_MAX_CLIENT_WAIT_TIMEOUT_WEBGL: - return JS::NumberValue(0); // TODO - - case LOCAL_GL_MAX_ELEMENT_INDEX: - // GL_MAX_ELEMENT_INDEX becomes available in GL 4.3 or via ES3 - // compatibility - if (!gl->IsSupported(gl::GLFeature::ES3_compatibility)) - return JS::NumberValue(0); - - /*** fall through to fGetInteger64v ***/ - - case LOCAL_GL_MAX_COMBINED_FRAGMENT_UNIFORM_COMPONENTS: - case LOCAL_GL_MAX_COMBINED_VERTEX_UNIFORM_COMPONENTS: - case LOCAL_GL_MAX_UNIFORM_BLOCK_SIZE: { - GLint64 val; - gl->fGetInteger64v(pname, &val); - return JS::DoubleValue(static_cast(val)); - } - - - /* GLuint64 */ - case LOCAL_GL_MAX_SERVER_WAIT_TIMEOUT: { - GLuint64 val; - gl->fGetInteger64v(pname, (GLint64*) &val); - return JS::DoubleValue(static_cast(val)); - } - - case LOCAL_GL_COPY_READ_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundCopyReadBuffer.get(), rv); - - case LOCAL_GL_COPY_WRITE_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundCopyWriteBuffer.get(), rv); - - case LOCAL_GL_PIXEL_PACK_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundPixelPackBuffer.get(), rv); - - case LOCAL_GL_PIXEL_UNPACK_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundPixelUnpackBuffer.get(), rv); - - case LOCAL_GL_TRANSFORM_FEEDBACK_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundTransformFeedbackBuffer.get(), rv); - - case LOCAL_GL_UNIFORM_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundUniformBuffer.get(), rv); - - // DRAW_FRAMEBUFFER_BINDING is the same as FRAMEBUFFER_BINDING. - case LOCAL_GL_READ_FRAMEBUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundReadFramebuffer.get(), rv); - - case LOCAL_GL_SAMPLER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundSamplers[mActiveTexture].get(), rv); - - case LOCAL_GL_TEXTURE_BINDING_2D_ARRAY: - // TODO: Implement gl.TEXTURE_2D_ARRAY - // return WebGLObjectAsJSValue(cx, mBound2DTextureArrays[mActiveTexture].get(), rv); - return JS::NullValue(); - - case LOCAL_GL_TEXTURE_BINDING_3D: - return WebGLObjectAsJSValue(cx, mBound3DTextures[mActiveTexture].get(), rv); - - case LOCAL_GL_TRANSFORM_FEEDBACK_BINDING: { - WebGLTransformFeedback* tf = - (mBoundTransformFeedback != mDefaultTransformFeedback) ? mBoundTransformFeedback.get() : nullptr; - return WebGLObjectAsJSValue(cx, tf, rv); - } - - case LOCAL_GL_VERTEX_ARRAY_BINDING: { - WebGLVertexArray* vao = - (mBoundVertexArray != mDefaultVertexArray) ? mBoundVertexArray.get() : nullptr; - return WebGLObjectAsJSValue(cx, vao, rv); - } - - case LOCAL_GL_VERSION: - return StringValue(cx, "WebGL 2.0", rv); - - case LOCAL_GL_SHADING_LANGUAGE_VERSION: - return StringValue(cx, "WebGL GLSL ES 3.00", rv); - - default: - return WebGLContext::GetParameter(cx, pname, rv); - } -} - -} // namespace mozilla diff --git a/dom/canvas/WebGLContext.cpp b/dom/canvas/WebGLContext.cpp index a2ebf9d516e..97303063b63 100644 --- a/dom/canvas/WebGLContext.cpp +++ b/dom/canvas/WebGLContext.cpp @@ -325,7 +325,6 @@ WebGLContext::DestroyResourcesAndContext() mBound2DTextures.Clear(); mBoundCubeMapTextures.Clear(); mBound3DTextures.Clear(); - mBoundSamplers.Clear(); mBoundArrayBuffer = nullptr; mBoundCopyReadBuffer = nullptr; mBoundCopyWriteBuffer = nullptr; @@ -1950,7 +1949,6 @@ NS_IMPL_CYCLE_COLLECTION_WRAPPERCACHE(WebGLContext, mBound2DTextures, mBoundCubeMapTextures, mBound3DTextures, - mBoundSamplers, mBoundArrayBuffer, mBoundCopyReadBuffer, mBoundCopyWriteBuffer, diff --git a/dom/canvas/WebGLContext.h b/dom/canvas/WebGLContext.h index 1354c2eafcd..55c5d802631 100644 --- a/dom/canvas/WebGLContext.h +++ b/dom/canvas/WebGLContext.h @@ -65,16 +65,6 @@ class nsIDocShell; #define MINVALUE_GL_MAX_RENDERBUFFER_SIZE 1024 // Different from the spec, which sets it to 1 on page 164 #define MINVALUE_GL_MAX_COMBINED_TEXTURE_IMAGE_UNITS 8 // Page 164 -/* - * WebGL-only GLenums - */ -#define LOCAL_GL_BROWSER_DEFAULT_WEBGL 0x9244 -#define LOCAL_GL_CONTEXT_LOST_WEBGL 0x9242 -#define LOCAL_GL_MAX_CLIENT_WAIT_TIMEOUT_WEBGL 0x9247 -#define LOCAL_GL_UNPACK_COLORSPACE_CONVERSION_WEBGL 0x9243 -#define LOCAL_GL_UNPACK_FLIP_Y_WEBGL 0x9240 -#define LOCAL_GL_UNPACK_PREMULTIPLY_ALPHA_WEBGL 0x9241 - namespace mozilla { class WebGLActiveInfo; @@ -965,7 +955,7 @@ public: void Disable(GLenum cap); void Enable(GLenum cap); bool GetStencilBits(GLint* out_stencilBits); - virtual JS::Value GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv); + JS::Value GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv); void GetParameter(JSContext* cx, GLenum pname, JS::MutableHandle retval, ErrorResult& rv) @@ -1445,7 +1435,6 @@ protected: nsTArray > mBound2DTextures; nsTArray > mBoundCubeMapTextures; nsTArray > mBound3DTextures; - nsTArray > mBoundSamplers; void ResolveTexturesForDraw() const; diff --git a/dom/canvas/WebGLContextState.cpp b/dom/canvas/WebGLContextState.cpp index b24a3ba82f4..0ad586978a0 100644 --- a/dom/canvas/WebGLContextState.cpp +++ b/dom/canvas/WebGLContextState.cpp @@ -58,6 +58,18 @@ WebGLContext::Enable(GLenum cap) gl->fEnable(cap); } +static JS::Value +StringValue(JSContext* cx, const char* chars, ErrorResult& rv) +{ + JSString* str = JS_NewStringCopyZ(cx, chars); + if (!str) { + rv.Throw(NS_ERROR_OUT_OF_MEMORY); + return JS::NullValue(); + } + + return JS::StringValue(str); +} + bool WebGLContext::GetStencilBits(GLint* out_stencilBits) { @@ -138,15 +150,18 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } else if (pname >= LOCAL_GL_DRAW_BUFFER0 && pname < GLenum(LOCAL_GL_DRAW_BUFFER0 + mGLMaxDrawBuffers)) { + if (mBoundDrawFramebuffer) { + GLint iv = 0; + gl->fGetIntegerv(pname, &iv); + return JS::Int32Value(iv); + } + GLint iv = 0; gl->fGetIntegerv(pname, &iv); - if (mBoundDrawFramebuffer) - return JS::Int32Value(iv); - - const GLint index = (pname - LOCAL_GL_DRAW_BUFFER0); - if (iv == LOCAL_GL_COLOR_ATTACHMENT0 + index) + if (iv == GLint(LOCAL_GL_COLOR_ATTACHMENT0 + pname - LOCAL_GL_DRAW_BUFFER0)) { return JS::Int32Value(LOCAL_GL_BACK); + } return JS::Int32Value(LOCAL_GL_NONE); } @@ -154,9 +169,11 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) if (IsExtensionEnabled(WebGLExtensionID::OES_vertex_array_object)) { if (pname == LOCAL_GL_VERTEX_ARRAY_BINDING) { - WebGLVertexArray* vao = - (mBoundVertexArray != mDefaultVertexArray) ? mBoundVertexArray.get() : nullptr; - return WebGLObjectAsJSValue(cx, vao, rv); + if (mBoundVertexArray == mDefaultVertexArray){ + return WebGLObjectAsJSValue(cx, (WebGLVertexArray *) nullptr, rv); + } + + return WebGLObjectAsJSValue(cx, mBoundVertexArray.get(), rv); } } @@ -164,12 +181,10 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) if (pname == LOCAL_GL_TIMESTAMP_EXT) { GLuint64 iv = 0; gl->fGetInteger64v(pname, (GLint64*) &iv); - // TODO: JS doesn't support 64-bit integers. Be lossy and - // cast to double (53 bits) - return JS::NumberValue(static_cast(iv)); + return JS::NumberValue(uint64_t(iv)); } else if (pname == LOCAL_GL_GPU_DISJOINT_EXT) { // When disjoint isn't supported, leave as false. - realGLboolean disjoint = LOCAL_GL_FALSE; + realGLboolean disjoint = 0; if (gl->IsExtensionSupported(gl::GLContext::EXT_disjoint_timer_query)) { gl->fGetBooleanv(pname, &disjoint); } @@ -177,35 +192,40 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } } - // Privileged string params exposed by WEBGL_debug_renderer_info: - if (IsExtensionEnabled(WebGLExtensionID::WEBGL_debug_renderer_info)) { + if (IsWebGL2()) { switch (pname) { - case UNMASKED_VENDOR_WEBGL: - case UNMASKED_RENDERER_WEBGL: - GLenum glstringname = LOCAL_GL_NONE; - if (pname == UNMASKED_VENDOR_WEBGL) { - glstringname = LOCAL_GL_VENDOR; - } else if (pname == UNMASKED_RENDERER_WEBGL) { - glstringname = LOCAL_GL_RENDERER; - } - const GLchar* string = (const GLchar*) gl->fGetString(glstringname); - return StringValue(cx, string, rv); + case LOCAL_GL_MAX_SAMPLES: + case LOCAL_GL_MAX_UNIFORM_BLOCK_SIZE: + case LOCAL_GL_MAX_VERTEX_UNIFORM_COMPONENTS: { + GLint val; + gl->fGetIntegerv(pname, &val); + return JS::NumberValue(uint32_t(val)); } - } - if (IsExtensionEnabled(WebGLExtensionID::OES_standard_derivatives)) { - if (pname == LOCAL_GL_FRAGMENT_SHADER_DERIVATIVE_HINT) { - GLint i = 0; - gl->fGetIntegerv(pname, &i); - return JS::Int32Value(i); - } - } + case LOCAL_GL_TEXTURE_BINDING_3D: + return WebGLObjectAsJSValue(cx, mBound3DTextures[mActiveTexture].get(), rv); - if (IsExtensionEnabled(WebGLExtensionID::EXT_texture_filter_anisotropic)) { - if (pname == LOCAL_GL_MAX_TEXTURE_MAX_ANISOTROPY_EXT) { - GLfloat f = 0.f; - gl->fGetFloatv(pname, &f); - return JS::NumberValue(f); + // DRAW_FRAMEBUFFER_BINDING is the same as FRAMEBUFFER_BINDING. + case LOCAL_GL_READ_FRAMEBUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundReadFramebuffer.get(), rv); + + case LOCAL_GL_PIXEL_PACK_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundPixelPackBuffer.get(), rv); + + case LOCAL_GL_PIXEL_UNPACK_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundPixelUnpackBuffer.get(), rv); + + case LOCAL_GL_UNIFORM_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundUniformBuffer.get(), rv); + + case LOCAL_GL_TRANSFORM_FEEDBACK_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundTransformFeedbackBuffer.get(), rv); + + case LOCAL_GL_COPY_READ_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundCopyReadBuffer.get(), rv); + + case LOCAL_GL_COPY_WRITE_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundCopyWriteBuffer.get(), rv); } } @@ -214,13 +234,42 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) // String params // case LOCAL_GL_VENDOR: + return StringValue(cx, "Mozilla", rv); case LOCAL_GL_RENDERER: return StringValue(cx, "Mozilla", rv); - case LOCAL_GL_VERSION: - return StringValue(cx, "WebGL 1.0", rv); + case LOCAL_GL_VERSION: { + const char* version = 0; + + if (IsWebGL2()) { + version = "WebGL 2.0"; + } else { + version = "WebGL 1.0"; + } + + MOZ_ASSERT(version != 0); + return StringValue(cx, version, rv); + } case LOCAL_GL_SHADING_LANGUAGE_VERSION: return StringValue(cx, "WebGL GLSL ES 1.0", rv); + // Privileged string params exposed by WEBGL_debug_renderer_info: + case UNMASKED_VENDOR_WEBGL: + case UNMASKED_RENDERER_WEBGL: { + // The privilege check is done in WebGLContext::IsExtensionSupported. + // So here we just have to check that the extension is enabled. + if (!IsExtensionEnabled(WebGLExtensionID::WEBGL_debug_renderer_info)) { + break; + } + GLenum glstringname = LOCAL_GL_NONE; + if (pname == UNMASKED_VENDOR_WEBGL) { + glstringname = LOCAL_GL_VENDOR; + } else if (pname == UNMASKED_RENDERER_WEBGL) { + glstringname = LOCAL_GL_RENDERER; + } + const char* string = reinterpret_cast(gl->fGetString(glstringname)); + return StringValue(cx, string, rv); + } + //////////////////////////////// // Single-value params @@ -331,6 +380,15 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } return JS::Int32Value(i); } + case LOCAL_GL_FRAGMENT_SHADER_DERIVATIVE_HINT: { + if (IsExtensionEnabled(WebGLExtensionID::OES_standard_derivatives)) { + GLint i = 0; + gl->fGetIntegerv(pname, &i); + return JS::Int32Value(i); + } else { + break; + } + } case LOCAL_GL_MAX_TEXTURE_SIZE: return JS::Int32Value(mGLMaxTextureSize); @@ -359,22 +417,38 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } return JS::ObjectOrNullValue(obj); } + case LOCAL_GL_MAX_TRANSFORM_FEEDBACK_SEPARATE_ATTRIBS: { + if (!IsWebGL2()) { + break; + } + return JS::Int32Value(mGLMaxTransformFeedbackSeparateAttribs); + } // unsigned int. here we may have to return very large values like 2^32-1 that can't be represented as // javascript integer values. We just return them as doubles and javascript doesn't care. - case LOCAL_GL_STENCIL_BACK_VALUE_MASK: + case LOCAL_GL_STENCIL_BACK_VALUE_MASK: { return JS::DoubleValue(mStencilValueMaskBack); // pass as FP value to allow large values such as 2^32-1. - - case LOCAL_GL_STENCIL_BACK_WRITEMASK: + } + case LOCAL_GL_STENCIL_BACK_WRITEMASK: { return JS::DoubleValue(mStencilWriteMaskBack); - - case LOCAL_GL_STENCIL_VALUE_MASK: + } + case LOCAL_GL_STENCIL_VALUE_MASK: { return JS::DoubleValue(mStencilValueMaskFront); - - case LOCAL_GL_STENCIL_WRITEMASK: + } + case LOCAL_GL_STENCIL_WRITEMASK: { return JS::DoubleValue(mStencilWriteMaskFront); + } // float + case LOCAL_GL_MAX_TEXTURE_MAX_ANISOTROPY_EXT: { + if (IsExtensionEnabled(WebGLExtensionID::EXT_texture_filter_anisotropic)) { + GLfloat f = 0.f; + gl->fGetFloatv(pname, &f); + return JS::DoubleValue(f); + } else { + break; + } + } case LOCAL_GL_DEPTH_CLEAR_VALUE: case LOCAL_GL_LINE_WIDTH: case LOCAL_GL_POLYGON_OFFSET_FACTOR: diff --git a/dom/canvas/WebGLContextUtils.cpp b/dom/canvas/WebGLContextUtils.cpp index f84e4276a91..69fda519db9 100644 --- a/dom/canvas/WebGLContextUtils.cpp +++ b/dom/canvas/WebGLContextUtils.cpp @@ -75,18 +75,6 @@ TexImageTargetToTexTarget(TexImageTarget texImageTarget) } } -JS::Value -StringValue(JSContext* cx, const char* chars, ErrorResult& rv) -{ - JSString* str = JS_NewStringCopyZ(cx, chars); - if (!str) { - rv.Throw(NS_ERROR_OUT_OF_MEMORY); - return JS::NullValue(); - } - - return JS::StringValue(str); -} - GLComponents::GLComponents(TexInternalFormat internalformat) { TexInternalFormat unsizedformat = UnsizedInternalFormatFromInternalFormat(internalformat); diff --git a/dom/canvas/WebGLContextUtils.h b/dom/canvas/WebGLContextUtils.h index 5535ee9fc69..d130153f548 100644 --- a/dom/canvas/WebGLContextUtils.h +++ b/dom/canvas/WebGLContextUtils.h @@ -56,9 +56,6 @@ size_t GetBitsPerTexel(TexInternalFormat effectiveinternalformat); // Returns GL_NONE if passed an invalid texture image target TexTarget TexImageTargetToTexTarget(TexImageTarget texImageTarget); -// Helper function to create a JS::Value from a C string -JS::Value StringValue(JSContext* cx, const char* str, ErrorResult& rv); - struct GLComponents { unsigned char mComponents; diff --git a/dom/canvas/WebGLContextValidate.cpp b/dom/canvas/WebGLContextValidate.cpp index 44bdb74a279..846401c1cc2 100644 --- a/dom/canvas/WebGLContextValidate.cpp +++ b/dom/canvas/WebGLContextValidate.cpp @@ -1755,7 +1755,6 @@ WebGLContext::InitAndValidateGL() mBound2DTextures.Clear(); mBoundCubeMapTextures.Clear(); mBound3DTextures.Clear(); - mBoundSamplers.Clear(); mBoundArrayBuffer = nullptr; mBoundTransformFeedbackBuffer = nullptr; @@ -1799,7 +1798,6 @@ WebGLContext::InitAndValidateGL() mBound2DTextures.SetLength(mGLMaxTextureUnits); mBoundCubeMapTextures.SetLength(mGLMaxTextureUnits); mBound3DTextures.SetLength(mGLMaxTextureUnits); - mBoundSamplers.SetLength(mGLMaxTextureUnits); if (MinCapabilityMode()) { mGLMaxTextureSize = MINVALUE_GL_MAX_TEXTURE_SIZE; diff --git a/dom/canvas/WebGLTimerQuery.h b/dom/canvas/WebGLTimerQuery.h index 9f6205e9e18..d1224e93175 100644 --- a/dom/canvas/WebGLTimerQuery.h +++ b/dom/canvas/WebGLTimerQuery.h @@ -7,7 +7,6 @@ #ifndef WEBGL_TIMER_QUERY_H_ #define WEBGL_TIMER_QUERY_H_ -#include "GLConsts.h" #include "nsWrapperCache.h" #include "WebGLObjectModel.h" diff --git a/dom/canvas/moz.build b/dom/canvas/moz.build index 69367f4cd61..e8b1541be24 100644 --- a/dom/canvas/moz.build +++ b/dom/canvas/moz.build @@ -61,7 +61,6 @@ UNIFIED_SOURCES += [ 'WebGL2ContextPrograms.cpp', 'WebGL2ContextQueries.cpp', 'WebGL2ContextSamplers.cpp', - 'WebGL2ContextState.cpp', 'WebGL2ContextSync.cpp', 'WebGL2ContextTextures.cpp', 'WebGL2ContextTransformFeedback.cpp', diff --git a/dom/webidl/WebGL2RenderingContext.webidl b/dom/webidl/WebGL2RenderingContext.webidl index bbeb7d4a846..b8bba687887 100644 --- a/dom/webidl/WebGL2RenderingContext.webidl +++ b/dom/webidl/WebGL2RenderingContext.webidl @@ -310,10 +310,7 @@ interface WebGL2RenderingContext : WebGLRenderingContext const GLenum NUM_SAMPLE_COUNTS = 0x9380; const GLenum TEXTURE_IMMUTABLE_LEVELS = 0x82DF; - const GLuint64 TIMEOUT_IGNORED = 0xFFFFFFFFFFFFFFFF; - - /* WebGL-specific enums */ - const GLenum MAX_CLIENT_WAIT_TIMEOUT_WEBGL = 0x9247; + const GLint64 TIMEOUT_IGNORED = -1; /* Buffer objects */ void copyBufferSubData(GLenum readTarget, GLenum writeTarget, GLintptr readOffset, diff --git a/gfx/gl/GLConsts.h b/gfx/gl/GLConsts.h index 0c1e43e8aac..b21dfe79a1a 100644 --- a/gfx/gl/GLConsts.h +++ b/gfx/gl/GLConsts.h @@ -283,6 +283,7 @@ #define LOCAL_GL_BOOL_VEC4_ARB 0x8B59 #define LOCAL_GL_BOUNDING_BOX_NV 0x908D #define LOCAL_GL_BOUNDING_BOX_OF_BOUNDING_BOXES_NV 0x909C +#define LOCAL_GL_BROWSER_DEFAULT_WEBGL 0x9244 #define LOCAL_GL_BUFFER 0x82E0 #define LOCAL_GL_BUFFER_ACCESS 0x88BB #define LOCAL_GL_BUFFER_ACCESS_ARB 0x88BB @@ -730,6 +731,7 @@ #define LOCAL_GL_CONTEXT_FLAG_DEBUG_BIT_KHR 0x00000002 #define LOCAL_GL_CONTEXT_FLAG_FORWARD_COMPATIBLE_BIT 0x00000001 #define LOCAL_GL_CONTEXT_FLAG_ROBUST_ACCESS_BIT_ARB 0x00000004 +#define LOCAL_GL_CONTEXT_LOST_WEBGL 0x9242 #define LOCAL_GL_CONTEXT_PROFILE_MASK 0x9126 #define LOCAL_GL_CONTEXT_ROBUST_ACCESS_EXT 0x90F3 #define LOCAL_GL_CONTINUOUS_AMD 0x9007 @@ -4678,16 +4680,19 @@ #define LOCAL_GL_UNPACK_ALIGNMENT 0x0CF5 #define LOCAL_GL_UNPACK_CLIENT_STORAGE_APPLE 0x85B2 #define LOCAL_GL_UNPACK_CMYK_HINT_EXT 0x800F +#define LOCAL_GL_UNPACK_COLORSPACE_CONVERSION_WEBGL 0x9243 #define LOCAL_GL_UNPACK_COMPRESSED_BLOCK_DEPTH 0x9129 #define LOCAL_GL_UNPACK_COMPRESSED_BLOCK_HEIGHT 0x9128 #define LOCAL_GL_UNPACK_COMPRESSED_BLOCK_SIZE 0x912A #define LOCAL_GL_UNPACK_COMPRESSED_BLOCK_WIDTH 0x9127 #define LOCAL_GL_UNPACK_COMPRESSED_SIZE_SGIX 0x831A #define LOCAL_GL_UNPACK_CONSTANT_DATA_SUNX 0x81D5 +#define LOCAL_GL_UNPACK_FLIP_Y_WEBGL 0x9240 #define LOCAL_GL_UNPACK_IMAGE_DEPTH_SGIS 0x8133 #define LOCAL_GL_UNPACK_IMAGE_HEIGHT 0x806E #define LOCAL_GL_UNPACK_IMAGE_HEIGHT_EXT 0x806E #define LOCAL_GL_UNPACK_LSB_FIRST 0x0CF1 +#define LOCAL_GL_UNPACK_PREMULTIPLY_ALPHA_WEBGL 0x9241 #define LOCAL_GL_UNPACK_RESAMPLE_OML 0x8985 #define LOCAL_GL_UNPACK_RESAMPLE_SGIX 0x842D #define LOCAL_GL_UNPACK_ROW_BYTES_APPLE 0x8A16 diff --git a/gfx/gl/GLContext.cpp b/gfx/gl/GLContext.cpp index 1c4fa209a6b..aa78909cc89 100644 --- a/gfx/gl/GLContext.cpp +++ b/gfx/gl/GLContext.cpp @@ -794,7 +794,7 @@ GLContext::InitWithPrefix(const char *prefix, bool trygl) } } - if (IsSupported(GLFeature::sync)) { + if (IsExtensionSupported(ARB_sync)) { SymLoadStruct syncSymbols[] = { { (PRFuncPtr*) &mSymbols.fFenceSync, { "FenceSync", nullptr } }, { (PRFuncPtr*) &mSymbols.fIsSync, { "IsSync", nullptr } }, @@ -807,7 +807,7 @@ GLContext::InitWithPrefix(const char *prefix, bool trygl) }; if (!LoadSymbols(&syncSymbols[0], trygl, prefix)) { - NS_ERROR("GL supports sync without supplying its functions."); + NS_ERROR("GL supports ARB_sync without supplying its functions."); MarkExtensionUnsupported(ARB_sync); ClearSymbols(syncSymbols); diff --git a/gfx/gl/GLContext.h b/gfx/gl/GLContext.h index 83d2fb8ad25..ee338234975 100644 --- a/gfx/gl/GLContext.h +++ b/gfx/gl/GLContext.h @@ -122,7 +122,6 @@ enum class GLFeature { sRGB_texture, sampler_objects, standard_derivatives, - sync, texture_3D, texture_3D_compressed, texture_3D_copy, diff --git a/gfx/gl/GLContextFeatures.cpp b/gfx/gl/GLContextFeatures.cpp index fefba7e3883..7506ca84ccf 100644 --- a/gfx/gl/GLContextFeatures.cpp +++ b/gfx/gl/GLContextFeatures.cpp @@ -529,15 +529,6 @@ static const FeatureInfo sFeatureInfoArr[] = { GLContext::Extensions_End } }, - { - "sync", - GLVersion::GL3_2, - GLESVersion::ES3, - GLContext::ARB_sync, - { - GLContext::Extensions_End - } - }, { "texture_3D", GLVersion::GL1_2, From 4da3f7c13cea26663e8155ba1070ee09cc6a0a04 Mon Sep 17 00:00:00 2001 From: Masayuki Nakano Date: Thu, 11 Jun 2015 12:53:42 +0900 Subject: [PATCH 107/297] Bug 1119133 Implement TextEventDispatcher::EndInputTransaction() for ensuring TextEventDispatcher forgets the link with TextInputProcessor r=smaug --- dom/base/TextInputProcessor.cpp | 9 ++++++++- widget/TextEventDispatcher.cpp | 20 ++++++++++++++++++++ widget/TextEventDispatcher.h | 8 ++++++++ 3 files changed, 36 insertions(+), 1 deletion(-) diff --git a/dom/base/TextInputProcessor.cpp b/dom/base/TextInputProcessor.cpp index 78bde607c54..1f13e1ba0f9 100644 --- a/dom/base/TextInputProcessor.cpp +++ b/dom/base/TextInputProcessor.cpp @@ -186,7 +186,14 @@ TextInputProcessor::BeginInputTransactionInternal( // This instance has finished preparing to link to the dispatcher. Therefore, // let's forget the old dispatcher and purpose. - UnlinkFromTextEventDispatcher(); + if (mDispatcher) { + mDispatcher->EndInputTransaction(this); + if (NS_WARN_IF(mDispatcher)) { + // Forcibly initialize the members if we failed to end the input + // transaction. + UnlinkFromTextEventDispatcher(); + } + } if (aForTests) { rv = dispatcher->BeginInputTransactionForTests(this); diff --git a/widget/TextEventDispatcher.cpp b/widget/TextEventDispatcher.cpp index 459b40632ec..0b5ab7e3505 100644 --- a/widget/TextEventDispatcher.cpp +++ b/widget/TextEventDispatcher.cpp @@ -83,6 +83,26 @@ TextEventDispatcher::BeginInputTransactionInternal( return NS_OK; } +void +TextEventDispatcher::EndInputTransaction(TextEventDispatcherListener* aListener) +{ + if (NS_WARN_IF(IsComposing()) || NS_WARN_IF(IsDispatchingEvent())) { + return; + } + + nsCOMPtr listener = do_QueryReferent(mListener); + if (NS_WARN_IF(!listener)) { + return; + } + + if (NS_WARN_IF(listener != aListener)) { + return; + } + + mListener = nullptr; + listener->OnRemovedFrom(this); +} + void TextEventDispatcher::OnDestroyWidget() { diff --git a/widget/TextEventDispatcher.h b/widget/TextEventDispatcher.h index f8affde8563..f02bf3ffda0 100644 --- a/widget/TextEventDispatcher.h +++ b/widget/TextEventDispatcher.h @@ -59,6 +59,14 @@ public: nsresult BeginInputTransactionForTests( TextEventDispatcherListener* aListener); + /** + * EndInputTransaction() should be called when the listener stops using + * the TextEventDispatcher. + * + * @param aListener The listener using the TextEventDispatcher instance. + */ + void EndInputTransaction(TextEventDispatcherListener* aListener); + /** * OnDestroyWidget() is called when mWidget is being destroyed. */ From 1b76207e81f364c5326f7b61f6b749945d4b2e9b Mon Sep 17 00:00:00 2001 From: Tooru Fujisawa Date: Thu, 11 Jun 2015 13:14:13 +0900 Subject: [PATCH 108/297] Bug 1170716 - Part 1: Add js shell functions to get last warning. r=jandem --- js/src/shell/js.cpp | 123 ++++++++++++++++++++++++++++++++++ js/src/tests/shell/warning.js | 52 ++++++++++++++ 2 files changed, 175 insertions(+) create mode 100644 js/src/tests/shell/warning.js diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp index 726dbb51a66..1354e898058 100644 --- a/js/src/shell/js.cpp +++ b/js/src/shell/js.cpp @@ -126,6 +126,9 @@ static double gTimeoutInterval = -1.0; static volatile bool gServiceInterrupt = false; static JS::PersistentRootedValue gInterruptFunc; +static bool gLastWarningEnabled = false; +static JS::PersistentRootedValue gLastWarning; + static bool enableDisassemblyDumps = false; static bool offthreadCompilation = false; static bool enableBaseline = false; @@ -3037,6 +3040,63 @@ SetInterruptCallback(JSContext* cx, unsigned argc, Value* vp) return true; } +static bool +EnableLastWarning(JSContext* cx, unsigned argc, Value* vp) +{ + CallArgs args = CallArgsFromVp(argc, vp); + + gLastWarningEnabled = true; + gLastWarning.setNull(); + + args.rval().setUndefined(); + return true; +} + +static bool +DisableLastWarning(JSContext* cx, unsigned argc, Value* vp) +{ + CallArgs args = CallArgsFromVp(argc, vp); + + gLastWarningEnabled = false; + gLastWarning.setNull(); + + args.rval().setUndefined(); + return true; +} + +static bool +GetLastWarning(JSContext* cx, unsigned argc, Value* vp) +{ + CallArgs args = CallArgsFromVp(argc, vp); + + if (!gLastWarningEnabled) { + JS_ReportError(cx, "Call enableLastWarning first."); + return false; + } + + if (!JS_WrapValue(cx, &gLastWarning)) + return false; + + args.rval().set(gLastWarning); + return true; +} + +static bool +ClearLastWarning(JSContext* cx, unsigned argc, Value* vp) +{ + CallArgs args = CallArgsFromVp(argc, vp); + + if (!gLastWarningEnabled) { + JS_ReportError(cx, "Call enableLastWarning first."); + return false; + } + + gLastWarning.setNull(); + + args.rval().setUndefined(); + return true; +} + #ifdef DEBUG static bool StackDump(JSContext* cx, unsigned argc, Value* vp) @@ -4706,6 +4766,22 @@ static const JSFunctionSpecWithHelp shell_functions[] = { " Sets func as the interrupt callback function.\n" " Calling this function will replace any callback set by |timeout|.\n"), + JS_FN_HELP("enableLastWarning", EnableLastWarning, 0, 0, +"enableLastWarning()", +" Enable storing the last warning."), + + JS_FN_HELP("disableLastWarning", DisableLastWarning, 0, 0, +"disableLastWarning()", +" Disable storing the last warning."), + + JS_FN_HELP("getLastWarning", GetLastWarning, 0, 0, +"getLastWarning()", +" Returns an object that represents the last warning."), + + JS_FN_HELP("clearLastWarning", ClearLastWarning, 0, 0, +"clearLastWarning()", +" Clear the last warning."), + JS_FN_HELP("elapsed", Elapsed, 0, 0, "elapsed()", " Execution time elapsed for the current context."), @@ -5026,9 +5102,55 @@ js::shell::my_GetErrorMessage(void* userRef, const unsigned errorNumber) return &jsShell_ErrorFormatString[errorNumber]; } +static bool +CreateLastWarningObject(JSContext* cx, JSErrorReport* report) +{ + RootedObject warningObj(cx, JS_NewObject(cx, nullptr)); + if (!warningObj) + return false; + + RootedString nameStr(cx); + if (report->exnType == JSEXN_NONE) + nameStr = JS_NewStringCopyZ(cx, "None"); + else + nameStr = GetErrorTypeName(cx->runtime(), report->exnType); + if (!nameStr) + return false; + RootedValue nameVal(cx, StringValue(nameStr)); + if (!DefineProperty(cx, warningObj, cx->names().name, nameVal)) + return false; + + RootedString messageStr(cx, JS_NewUCStringCopyZ(cx, report->ucmessage)); + if (!messageStr) + return false; + RootedValue messageVal(cx, StringValue(messageStr)); + if (!DefineProperty(cx, warningObj, cx->names().message, messageVal)) + return false; + + RootedValue linenoVal(cx, Int32Value(report->lineno)); + if (!DefineProperty(cx, warningObj, cx->names().lineNumber, linenoVal)) + return false; + + RootedValue columnVal(cx, Int32Value(report->column)); + if (!DefineProperty(cx, warningObj, cx->names().columnNumber, columnVal)) + return false; + + gLastWarning.setObject(*warningObj); + return true; +} + void js::shell::my_ErrorReporter(JSContext* cx, const char* message, JSErrorReport* report) { + if (report && JSREPORT_IS_WARNING(report->flags) && gLastWarningEnabled) { + JS::AutoSaveExceptionState savedExc(cx); + if (!CreateLastWarningObject(cx, report)) { + fputs("Unhandled error happened while creating last warning object.\n", gOutFile); + fflush(gOutFile); + } + savedExc.restore(); + } + gGotError = PrintError(cx, gErrFile, message, report, reportWarnings); if (report->exnType != JSEXN_NONE && !JSREPORT_IS_WARNING(report->flags)) { if (report->errorNumber == JSMSG_OUT_OF_MEMORY) { @@ -6305,6 +6427,7 @@ main(int argc, char** argv, char** envp) return 1; gInterruptFunc.init(rt, NullValue()); + gLastWarning.init(rt, NullValue()); JS_SetGCParameter(rt, JSGC_MAX_BYTES, 0xffffffff); diff --git a/js/src/tests/shell/warning.js b/js/src/tests/shell/warning.js new file mode 100644 index 00000000000..dfa1d5405fc --- /dev/null +++ b/js/src/tests/shell/warning.js @@ -0,0 +1,52 @@ +// |reftest| skip-if(!xulRuntime.shell) + +var BUGNUMBER = 1170716; +var summary = 'Add js shell functions to get last warning'; + +print(BUGNUMBER + ": " + summary); + +// Warning with JSEXN_NONE. + +enableLastWarning(); + +eval(`({}).__proto__ = {};`); + +var warning = getLastWarning(); +assertEq(warning !== null, true); +assertEq(warning.name, "None"); +assertEq(warning.message.includes("mutating"), true); +assertEq(warning.lineNumber, 1); +assertEq(warning.columnNumber, 1); + +// Clear last warning. + +clearLastWarning(); +warning = getLastWarning(); +assertEq(warning, null); + +// Warning with JSEXN_SYNTAXERR. + +options("strict"); +eval(`var a; if (a=0) {}`); + +warning = getLastWarning(); +assertEq(warning !== null, true); +assertEq(warning.name, "SyntaxError"); +assertEq(warning.message.includes("equality"), true); +assertEq(warning.lineNumber, 1); +assertEq(warning.columnNumber, 14); + +// Disabled. + +disableLastWarning(); + +eval(`var a; if (a=0) {}`); + +enableLastWarning(); +warning = getLastWarning(); +assertEq(warning, null); + +disableLastWarning(); + +if (typeof reportCompare === "function") + reportCompare(true, true); From 9676d2ebdabbe570ba6757fec9ad64f87b992ed4 Mon Sep 17 00:00:00 2001 From: Tooru Fujisawa Date: Thu, 11 Jun 2015 13:14:13 +0900 Subject: [PATCH 109/297] Bug 1170716 - Part 2: Report unreachable code after return statement as JSEXN_NONE. r=jandem --- .../tests/basic/statement-after-return.js | 59 ++++++++----------- js/src/js.msg | 2 +- 2 files changed, 25 insertions(+), 36 deletions(-) diff --git a/js/src/jit-test/tests/basic/statement-after-return.js b/js/src/jit-test/tests/basic/statement-after-return.js index bfb9bed6ec4..7f3906a845a 100644 --- a/js/src/jit-test/tests/basic/statement-after-return.js +++ b/js/src/jit-test/tests/basic/statement-after-return.js @@ -2,47 +2,36 @@ load(libdir + "class.js"); -if (options().indexOf("werror") == -1) - options("werror"); - function testWarn(code, lineNumber, columnNumber) { - var caught = false; - try { - eval(code); - } catch (e) { - caught = true; - assertEq(e.constructor, SyntaxError); - assertEq(e.lineNumber, lineNumber); - assertEq(e.columnNumber, columnNumber); - } - assertEq(caught, true, "warning should be caught for " + code); + enableLastWarning(); + eval(code); + var warning = getLastWarning(); + assertEq(warning !== null, true, "warning should be caught for " + code); + assertEq(warning.name, "None"); + assertEq(warning.lineNumber, lineNumber); + assertEq(warning.columnNumber, columnNumber); - caught = false; - try { - Reflect.parse(code); - } catch (e) { - caught = true; - assertEq(e.constructor, SyntaxError); - } - assertEq(caught, true, "warning should be caught for " + code); + clearLastWarning(); + Reflect.parse(code); + warning = getLastWarning(); + assertEq(warning !== null, true, "warning should be caught for " + code); + assertEq(warning.name, "None"); + // Warning generated by Reflect.parse has line/column number for Reflect.parse + // itself, not parsed code. + disableLastWarning(); } function testPass(code) { - var caught = false; - try { - eval(code); - } catch (e) { - caught = true; - } - assertEq(caught, false, "warning should not be caught for " + code); + enableLastWarning(); + eval(code); + var warning = getLastWarning(); + assertEq(warning, null, "warning should not be caught for " + code); - caught = false; - try { - Reflect.parse(code); - } catch (e) { - caught = true; - } - assertEq(caught, false, "warning should not be caught for " + code); + clearLastWarning(); + Reflect.parse(code); + warning = getLastWarning(); + assertEq(warning, null, "warning should not be caught for " + code); + disableLastWarning(); } testPass(` diff --git a/js/src/js.msg b/js/src/js.msg index d4a6a9acc47..7ae431f1d14 100644 --- a/js/src/js.msg +++ b/js/src/js.msg @@ -311,7 +311,7 @@ MSG_DEF(JSMSG_SEMI_AFTER_FOR_COND, 0, JSEXN_SYNTAXERR, "missing ; after for- MSG_DEF(JSMSG_SEMI_AFTER_FOR_INIT, 0, JSEXN_SYNTAXERR, "missing ; after for-loop initializer") MSG_DEF(JSMSG_SEMI_BEFORE_STMNT, 0, JSEXN_SYNTAXERR, "missing ; before statement") MSG_DEF(JSMSG_SOURCE_TOO_LONG, 0, JSEXN_RANGEERR, "source is too long") -MSG_DEF(JSMSG_STMT_AFTER_RETURN, 0, JSEXN_SYNTAXERR, "unreachable code after return statement") +MSG_DEF(JSMSG_STMT_AFTER_RETURN, 0, JSEXN_NONE, "unreachable code after return statement") MSG_DEF(JSMSG_STRICT_CODE_WITH, 0, JSEXN_SYNTAXERR, "strict mode code may not contain 'with' statements") MSG_DEF(JSMSG_STRICT_FUNCTION_STATEMENT, 0, JSEXN_SYNTAXERR, "in strict mode code, functions may be declared only at top level or immediately within another function") MSG_DEF(JSMSG_TEMPLSTR_UNTERM_EXPR, 0, JSEXN_SYNTAXERR, "missing } in template string") From c6a9a464a1cd7e33ef95f13d6921b777f979a4c5 Mon Sep 17 00:00:00 2001 From: Tooru Fujisawa Date: Thu, 11 Jun 2015 13:14:14 +0900 Subject: [PATCH 110/297] Bug 1170716 - Part 3: Use getLastWarning in test for warning with JSEXN_NONE. r=jandem --- .../tests/collections/Map-constructor-1.js | 3 +-- .../tests/collections/Set-constructor-1.js | 3 +-- .../tests/collections/WeakMap-constructor-1.js | 3 +-- js/src/tests/ecma_6/shell.js | 11 +++++++++++ js/src/tests/js1_5/String/replace-flags.js | 17 +++++++++++++---- 5 files changed, 27 insertions(+), 10 deletions(-) diff --git a/js/src/jit-test/tests/collections/Map-constructor-1.js b/js/src/jit-test/tests/collections/Map-constructor-1.js index 44a6be9ee3f..528f43cc234 100644 --- a/js/src/jit-test/tests/collections/Map-constructor-1.js +++ b/js/src/jit-test/tests/collections/Map-constructor-1.js @@ -10,8 +10,7 @@ m = new Map(null); assertEq(m.size, 0); // FIXME: bug 1083752 -options("werror"); -assertEq(evaluate("Map()", {catchTermination: true}), "terminated"); +assertWarning(() => Map(), "None"); // assertThrowsInstanceOf(() => Map(), TypeError); // assertThrowsInstanceOf(() => Map(undefined), TypeError); // assertThrowsInstanceOf(() => Map(null), TypeError); diff --git a/js/src/jit-test/tests/collections/Set-constructor-1.js b/js/src/jit-test/tests/collections/Set-constructor-1.js index 35a2dedb5e0..47913f86916 100644 --- a/js/src/jit-test/tests/collections/Set-constructor-1.js +++ b/js/src/jit-test/tests/collections/Set-constructor-1.js @@ -10,8 +10,7 @@ s = new Set(null); assertEq(s.size, 0); // FIXME: bug 1083752 -options("werror"); -assertEq(evaluate("Set()", {catchTermination: true}), "terminated"); +assertWarning(() => Set(), "None"); // assertThrowsInstanceOf(() => Set(), TypeError); // assertThrowsInstanceOf(() => Set(undefined), TypeError); // assertThrowsInstanceOf(() => Set(null), TypeError); diff --git a/js/src/jit-test/tests/collections/WeakMap-constructor-1.js b/js/src/jit-test/tests/collections/WeakMap-constructor-1.js index 826aa1d2741..bfeaa2511a3 100644 --- a/js/src/jit-test/tests/collections/WeakMap-constructor-1.js +++ b/js/src/jit-test/tests/collections/WeakMap-constructor-1.js @@ -7,8 +7,7 @@ new WeakMap(undefined); new WeakMap(null); // FIXME: bug 1083752 -options("werror"); -assertEq(evaluate("WeakMap()", {catchTermination: true}), "terminated"); +assertWarning(() => WeakMap(), "None"); // assertThrowsInstanceOf(() => WeakMap(), TypeError); // assertThrowsInstanceOf(() => WeakMap(undefined), TypeError); // assertThrowsInstanceOf(() => WeakMap(null), TypeError); diff --git a/js/src/tests/ecma_6/shell.js b/js/src/tests/ecma_6/shell.js index d9d777fdd47..1d5d3746075 100644 --- a/js/src/tests/ecma_6/shell.js +++ b/js/src/tests/ecma_6/shell.js @@ -204,3 +204,14 @@ if (typeof assertDeepEq === 'undefined') { }; })(); } + +if (typeof assertWarning === 'undefined') { + function assertWarning(func, name) { + enableLastWarning(); + func(); + var warning = getLastWarning(); + assertEq(warning !== null, true); + assertEq(warning.name, name); + disableLastWarning(); + } +} diff --git a/js/src/tests/js1_5/String/replace-flags.js b/js/src/tests/js1_5/String/replace-flags.js index 656d4acfa6f..866aa877ef1 100644 --- a/js/src/tests/js1_5/String/replace-flags.js +++ b/js/src/tests/js1_5/String/replace-flags.js @@ -6,10 +6,19 @@ var summary = 'Add console warnings for non-standard flag argument of String.pro printBugNumber(BUGNUMBER); printStatus (summary); -options("werror"); -assertEq(evaluate("'aaaA'.match('a', 'i')", {catchTermination: true}), "terminated"); -assertEq(evaluate("'aaaA'.search('a', 'i')", {catchTermination: true}), "terminated"); -assertEq(evaluate("'aaaA'.replace('a', 'b', 'g')", {catchTermination: true}), "terminated"); +function assertWarningForComponent(code, name) { + enableLastWarning(); + var g = newGlobal(); + g.eval(code); + var warning = getLastWarning(); + assertEq(warning !== null, true); + assertEq(warning.name, name); + disableLastWarning(); +} + +assertWarningForComponent(`'aaaA'.match('a', 'i');`, "None"); +assertWarningForComponent(`'aaaA'.search('a', 'i');`, "None"); +assertWarningForComponent(`'aaaA'.replace('a', 'b', 'g');`, "None"); if (typeof reportCompare === "function") reportCompare(true, true); From cb30c642a9a65c2a07f63a4f9500b7e233076455 Mon Sep 17 00:00:00 2001 From: Mike Hommey Date: Thu, 11 Jun 2015 13:19:21 +0900 Subject: [PATCH 111/297] Fixup for bug 1129873 for bustage of GTK+3 builds on elm. r=karlt. DONTBUILD. --- widget/gtk/nsApplicationChooser.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/widget/gtk/nsApplicationChooser.h b/widget/gtk/nsApplicationChooser.h index a97d094327f..9ccdafd0b5a 100644 --- a/widget/gtk/nsApplicationChooser.h +++ b/widget/gtk/nsApplicationChooser.h @@ -9,7 +9,7 @@ #include #include "nsIApplicationChooser.h" -class nsApplicationChooser : public nsIApplicationChooser +class nsApplicationChooser final : public nsIApplicationChooser { public: nsApplicationChooser(); From 7467168b94805f249b3ad34069f866366ace8425 Mon Sep 17 00:00:00 2001 From: Eric Rahm Date: Wed, 10 Jun 2015 21:31:31 -0700 Subject: [PATCH 112/297] Bug 1171722 - Part 1: Add gcreason to GCSliceCallback. r=fitzgen --- js/public/GCAPI.h | 5 +++-- js/src/gc/Statistics.cpp | 4 ++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/js/public/GCAPI.h b/js/public/GCAPI.h index 3482048d909..dd5302d3259 100644 --- a/js/public/GCAPI.h +++ b/js/public/GCAPI.h @@ -332,9 +332,10 @@ enum GCProgress { struct JS_PUBLIC_API(GCDescription) { bool isCompartment_; JSGCInvocationKind invocationKind_; + gcreason::Reason reason_; - GCDescription(bool isCompartment, JSGCInvocationKind kind) - : isCompartment_(isCompartment), invocationKind_(kind) {} + GCDescription(bool isCompartment, JSGCInvocationKind kind, gcreason::Reason reason) + : isCompartment_(isCompartment), invocationKind_(kind), reason_(reason) {} char16_t* formatSliceMessage(JSRuntime* rt) const; char16_t* formatSummaryMessage(JSRuntime* rt) const; diff --git a/js/src/gc/Statistics.cpp b/js/src/gc/Statistics.cpp index 741e171d018..314fac5c747 100644 --- a/js/src/gc/Statistics.cpp +++ b/js/src/gc/Statistics.cpp @@ -945,7 +945,7 @@ Statistics::beginSlice(const ZoneGCStats& zoneStats, JSGCInvocationKind gckind, bool wasFullGC = zoneStats.isCollectingAllZones(); if (sliceCallback) (*sliceCallback)(runtime, first ? JS::GC_CYCLE_BEGIN : JS::GC_SLICE_BEGIN, - JS::GCDescription(!wasFullGC, gckind)); + JS::GCDescription(!wasFullGC, gckind, reason)); } } @@ -977,7 +977,7 @@ Statistics::endSlice() bool wasFullGC = zoneStats.isCollectingAllZones(); if (sliceCallback) (*sliceCallback)(runtime, last ? JS::GC_CYCLE_END : JS::GC_SLICE_END, - JS::GCDescription(!wasFullGC, gckind)); + JS::GCDescription(!wasFullGC, gckind, slices.back().reason)); } /* Do this after the slice callback since it uses these values. */ From 189910284633c5bccd01a19078ee4a646d0ada43 Mon Sep 17 00:00:00 2001 From: Eric Rahm Date: Wed, 10 Jun 2015 21:31:32 -0700 Subject: [PATCH 113/297] Bug 1171722 - Part 2: Add gcreason::XPCONNECT_SHUTDOWN. r=terrence --- js/public/GCAPI.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/js/public/GCAPI.h b/js/public/GCAPI.h index dd5302d3259..baa2ec7fcc0 100644 --- a/js/public/GCAPI.h +++ b/js/public/GCAPI.h @@ -108,7 +108,8 @@ using mozilla::UniquePtr; D(FULL_GC_TIMER) \ D(SHUTDOWN_CC) \ D(FINISH_LARGE_EVALUATE) \ - D(USER_INACTIVE) + D(USER_INACTIVE) \ + D(XPCONNECT_SHUTDOWN) namespace gcreason { From 52d84177d026bd021593d81ce2ea9755da495d0c Mon Sep 17 00:00:00 2001 From: Eric Rahm Date: Wed, 10 Jun 2015 21:31:33 -0700 Subject: [PATCH 114/297] Bug 1171722 - Part 3: Specify gcreason::XPCONNECT_SHUTDOWN during xpconnect shutdown. r=mccr8 --- js/xpconnect/src/nsXPConnect.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/js/xpconnect/src/nsXPConnect.cpp b/js/xpconnect/src/nsXPConnect.cpp index 4cdb40fe20d..428c0b187df 100644 --- a/js/xpconnect/src/nsXPConnect.cpp +++ b/js/xpconnect/src/nsXPConnect.cpp @@ -85,7 +85,7 @@ nsXPConnect::~nsXPConnect() // XPConnect, to clean the stuff we forcibly disconnected. The forced // shutdown code defaults to leaking in a number of situations, so we can't // get by with only the second GC. :-( - JS_GC(mRuntime->Runtime()); + mRuntime->GarbageCollect(JS::gcreason::XPCONNECT_SHUTDOWN); mShuttingDown = true; XPCWrappedNativeScope::SystemIsBeingShutDown(); @@ -95,7 +95,7 @@ nsXPConnect::~nsXPConnect() // after which point we need to GC to clean everything up. We need to do // this before deleting the XPCJSRuntime, because doing so destroys the // maps that our finalize callback depends on. - JS_GC(mRuntime->Runtime()); + mRuntime->GarbageCollect(JS::gcreason::XPCONNECT_SHUTDOWN); NS_RELEASE(gSystemPrincipal); gScriptSecurityManager = nullptr; From a4d2212ed7a6a33f4ee334ba85c1f3a382f28779 Mon Sep 17 00:00:00 2001 From: Eric Rahm Date: Wed, 10 Jun 2015 21:31:35 -0700 Subject: [PATCH 115/297] Bug 1171722 - Part 4: Don't warn if DebuggerOnGCRunnable::Enqueue fails during shutdown. r=mccr8 --- xpcom/base/CycleCollectedJSRuntime.cpp | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/xpcom/base/CycleCollectedJSRuntime.cpp b/xpcom/base/CycleCollectedJSRuntime.cpp index 00ac977042f..57aeb51b45f 100644 --- a/xpcom/base/CycleCollectedJSRuntime.cpp +++ b/xpcom/base/CycleCollectedJSRuntime.cpp @@ -740,7 +740,11 @@ CycleCollectedJSRuntime::GCSliceCallback(JSRuntime* aRuntime, MOZ_ASSERT(self->Runtime() == aRuntime); if (aProgress == JS::GC_CYCLE_END) { - NS_WARN_IF(NS_FAILED(DebuggerOnGCRunnable::Enqueue(aRuntime, aDesc))); + JS::gcreason::Reason reason = aDesc.reason_; + NS_WARN_IF(NS_FAILED(DebuggerOnGCRunnable::Enqueue(aRuntime, aDesc)) && + reason != JS::gcreason::SHUTDOWN_CC && + reason != JS::gcreason::DESTROY_RUNTIME && + reason != JS::gcreason::XPCONNECT_SHUTDOWN); } if (self->mPrevGCSliceCallback) { From d4675e62edac7ce762c6346dbae13c2ad5cb53d9 Mon Sep 17 00:00:00 2001 From: Mason Chang Date: Wed, 10 Jun 2015 21:36:42 -0700 Subject: [PATCH 116/297] Bug 1171156. More logging to test vsync timestamps. r=me --- gfx/thebes/gfxPlatformMac.cpp | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/gfx/thebes/gfxPlatformMac.cpp b/gfx/thebes/gfxPlatformMac.cpp index cde0459ef6a..50fe59c3047 100644 --- a/gfx/thebes/gfxPlatformMac.cpp +++ b/gfx/thebes/gfxPlatformMac.cpp @@ -514,6 +514,7 @@ public: } mPreviousTimestamp = TimeStamp::Now(); + mStartingVsync = true; if (CVDisplayLinkStart(mDisplayLink) != kCVReturnSuccess) { NS_WARNING("Could not activate the display link"); CVDisplayLinkRelease(mDisplayLink); @@ -547,6 +548,7 @@ public: // Normalize the timestamps given to the VsyncDispatchers to the vsync // that just occured, not the vsync that is upcoming. TimeStamp mPreviousTimestamp; + bool mStartingVsync; private: // Manages the display link render thread @@ -575,12 +577,16 @@ static CVReturn VsyncCallback(CVDisplayLinkRef aDisplayLink, mozilla::TimeStamp nextVsync = mozilla::TimeStamp::FromSystemTime(nextVsyncTimestamp); mozilla::TimeStamp previousVsync = display->mPreviousTimestamp; + bool firstVsync = display->mStartingVsync; + + display->mStartingVsync = false; display->mPreviousTimestamp = nextVsync; mozilla::TimeStamp now = TimeStamp::Now(); if (nextVsync <= previousVsync) { TimeDuration next = nextVsync - now; TimeDuration prev = now - previousVsync; - printf_stderr("Next from now: %f, prev from now: %f\n", next.ToMilliseconds(), prev.ToMilliseconds()); + printf_stderr("Next from now: %f, prev from now: %f, first vsync %d\n", + next.ToMilliseconds(), prev.ToMilliseconds(), firstVsync); MOZ_ASSERT(false, "Next vsync less than previous vsync\n"); } From a4bdd3f9a10c53442cfc258c5dad17dc7fc38136 Mon Sep 17 00:00:00 2001 From: Nicholas Nethercote Date: Wed, 10 Jun 2015 13:07:40 -0700 Subject: [PATCH 117/297] Bug 1172789 (part 1) - Remove PL_DHashTableEnumerate() uses from nsLoadGroup. r=michal. --- netwerk/base/nsLoadGroup.cpp | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/netwerk/base/nsLoadGroup.cpp b/netwerk/base/nsLoadGroup.cpp index 78da469169f..1cc41c68659 100644 --- a/netwerk/base/nsLoadGroup.cpp +++ b/netwerk/base/nsLoadGroup.cpp @@ -734,24 +734,17 @@ nsLoadGroup::RemoveRequest(nsIRequest *request, nsISupports* ctxt, return rv; } -// PLDHashTable enumeration callback that appends all items in the -// hash to an nsCOMArray -static PLDHashOperator -AppendRequestsToCOMArray(PLDHashTable *table, PLDHashEntryHdr *hdr, - uint32_t number, void *arg) -{ - RequestMapEntry *e = static_cast(hdr); - static_cast*>(arg)->AppendObject(e->mKey); - return PL_DHASH_NEXT; -} - NS_IMETHODIMP nsLoadGroup::GetRequests(nsISimpleEnumerator * *aRequests) { nsCOMArray requests; requests.SetCapacity(mRequests.EntryCount()); - PL_DHashTableEnumerate(&mRequests, AppendRequestsToCOMArray, &requests); + PLDHashTable::Iterator iter(&mRequests); + while (iter.HasMoreEntries()) { + auto e = static_cast(iter.NextEntry()); + requests.AppendObject(e->mKey); + } return NS_NewArrayEnumerator(aRequests, requests); } From a74843307a95c3f35fbc71b7c0c889352266c873 Mon Sep 17 00:00:00 2001 From: Nicholas Nethercote Date: Wed, 10 Jun 2015 13:07:40 -0700 Subject: [PATCH 118/297] Bug 1172789 (part 2) - Remove PL_DHashTableEnumerate() uses from nsLoadGroup. r=michal. --- netwerk/base/nsLoadGroup.cpp | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/netwerk/base/nsLoadGroup.cpp b/netwerk/base/nsLoadGroup.cpp index 1cc41c68659..ca67e8446c8 100644 --- a/netwerk/base/nsLoadGroup.cpp +++ b/netwerk/base/nsLoadGroup.cpp @@ -166,17 +166,6 @@ RescheduleRequest(nsIRequest *aRequest, int32_t delta) p->AdjustPriority(delta); } -static PLDHashOperator -RescheduleRequests(PLDHashTable *table, PLDHashEntryHdr *hdr, - uint32_t number, void *arg) -{ - RequestMapEntry *e = static_cast(hdr); - int32_t *delta = static_cast(arg); - - RescheduleRequest(e->mKey, *delta); - return PL_DHASH_NEXT; -} - nsLoadGroup::nsLoadGroup(nsISupports* outer) : mForegroundCount(0) , mLoadFlags(LOAD_NORMAL) @@ -878,7 +867,11 @@ nsLoadGroup::AdjustPriority(int32_t aDelta) // Update the priority for each request that supports nsISupportsPriority if (aDelta != 0) { mPriority += aDelta; - PL_DHashTableEnumerate(&mRequests, RescheduleRequests, &aDelta); + PLDHashTable::Iterator iter(&mRequests); + while (iter.HasMoreEntries()) { + auto e = static_cast(iter.NextEntry()); + RescheduleRequest(e->mKey, aDelta); + } } return NS_OK; } From ddaf1cfb870f8d8488014df162dc3f2a80f00608 Mon Sep 17 00:00:00 2001 From: Nicholas Nethercote Date: Wed, 10 Jun 2015 13:07:40 -0700 Subject: [PATCH 119/297] Bug 1172789 (part 3) - Remove PL_DHashTableEnumerate() uses from nsLoadGroup. r=michal. This change also factors out some duplicated code. --- netwerk/base/nsLoadGroup.cpp | 63 +++++++++++++----------------------- 1 file changed, 22 insertions(+), 41 deletions(-) diff --git a/netwerk/base/nsLoadGroup.cpp b/netwerk/base/nsLoadGroup.cpp index ca67e8446c8..e474eb7b9a1 100644 --- a/netwerk/base/nsLoadGroup.cpp +++ b/netwerk/base/nsLoadGroup.cpp @@ -246,27 +246,29 @@ nsLoadGroup::GetStatus(nsresult *status) return NS_OK; } -// PLDHashTable enumeration callback that appends strong references to -// all nsIRequest to an nsTArray. -static PLDHashOperator -AppendRequestsToArray(PLDHashTable *table, PLDHashEntryHdr *hdr, - uint32_t number, void *arg) +static bool +AppendRequestsToArray(PLDHashTable* aTable, nsTArray *aArray) { - RequestMapEntry *e = static_cast(hdr); - nsTArray *array = static_cast *>(arg); + PLDHashTable::Iterator iter(aTable); + while (iter.HasMoreEntries()) { + auto e = static_cast(iter.NextEntry()); + nsIRequest *request = e->mKey; + NS_ASSERTION(request, "What? Null key in pldhash entry?"); - nsIRequest *request = e->mKey; - NS_ASSERTION(request, "What? Null key in pldhash entry?"); - - bool ok = array->AppendElement(request) != nullptr; - - if (!ok) { - return PL_DHASH_STOP; + bool ok = !!aArray->AppendElement(request); + if (!ok) { + break; + } + NS_ADDREF(request); } - NS_ADDREF(request); - - return PL_DHASH_NEXT; + if (aArray->Length() != aTable->EntryCount()) { + for (uint32_t i = 0, len = aArray->Length(); i < len; ++i) { + NS_RELEASE((*aArray)[i]); + } + return false; + } + return true; } NS_IMETHODIMP @@ -280,14 +282,7 @@ nsLoadGroup::Cancel(nsresult status) nsAutoTArray requests; - PL_DHashTableEnumerate(&mRequests, AppendRequestsToArray, - static_cast *>(&requests)); - - if (requests.Length() != count) { - for (uint32_t i = 0, len = requests.Length(); i < len; ++i) { - NS_RELEASE(requests[i]); - } - + if (!AppendRequestsToArray(&mRequests, &requests)) { return NS_ERROR_OUT_OF_MEMORY; } @@ -359,14 +354,7 @@ nsLoadGroup::Suspend() nsAutoTArray requests; - PL_DHashTableEnumerate(&mRequests, AppendRequestsToArray, - static_cast *>(&requests)); - - if (requests.Length() != count) { - for (uint32_t i = 0, len = requests.Length(); i < len; ++i) { - NS_RELEASE(requests[i]); - } - + if (!AppendRequestsToArray(&mRequests, &requests)) { return NS_ERROR_OUT_OF_MEMORY; } @@ -411,14 +399,7 @@ nsLoadGroup::Resume() nsAutoTArray requests; - PL_DHashTableEnumerate(&mRequests, AppendRequestsToArray, - static_cast *>(&requests)); - - if (requests.Length() != count) { - for (uint32_t i = 0, len = requests.Length(); i < len; ++i) { - NS_RELEASE(requests[i]); - } - + if (!AppendRequestsToArray(&mRequests, &requests)) { return NS_ERROR_OUT_OF_MEMORY; } From e69b790a90fdc57bbf39c0d6e1fd823b9d1bbd96 Mon Sep 17 00:00:00 2001 From: David Anderson Date: Wed, 10 Jun 2015 21:59:03 -0700 Subject: [PATCH 120/297] Disable layers acceleration on Windows if the last startup crashed during driver initialization. (bug 1168935 part 1, r=mattwoodrow) --- gfx/src/DriverInitCrashDetection.cpp | 208 +++++++++++++++++++++++++++ gfx/src/DriverInitCrashDetection.h | 65 +++++++++ gfx/src/moz.build | 4 + gfx/thebes/gfxPrefs.h | 3 + gfx/thebes/gfxWindowsPlatform.cpp | 9 +- 5 files changed, 288 insertions(+), 1 deletion(-) create mode 100644 gfx/src/DriverInitCrashDetection.cpp create mode 100644 gfx/src/DriverInitCrashDetection.h diff --git a/gfx/src/DriverInitCrashDetection.cpp b/gfx/src/DriverInitCrashDetection.cpp new file mode 100644 index 00000000000..16aa22244fe --- /dev/null +++ b/gfx/src/DriverInitCrashDetection.cpp @@ -0,0 +1,208 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +#include "DriverInitCrashDetection.h" +#include "gfxPrefs.h" +#include "nsAppDirectoryServiceDefs.h" +#include "nsDirectoryServiceUtils.h" +#include "nsServiceManagerUtils.h" +#include "nsString.h" +#include "nsXULAppAPI.h" +#include "mozilla/Preferences.h" +#include "mozilla/gfx/Logging.h" + +namespace mozilla { +namespace gfx { + +bool DriverInitCrashDetection::sDisableAcceleration = false; +bool DriverInitCrashDetection::sEnvironmentHasBeenUpdated = false; + +DriverInitCrashDetection::DriverInitCrashDetection() + : mIsChromeProcess(XRE_GetProcessType() == GeckoProcessType_Default) +{ + // Only use the lockfile in the privileged process, which is responsible for + // the first driver initialization run. Child processes can't access the + // filesystme anyway. + if (mIsChromeProcess && !InitLockFilePath()) { + return; + } + + if (RecoverFromDriverInitCrash()) { + if (!sDisableAcceleration) { + // This is the first time we're checking for a crash recovery, so print + // a message and disable acceleration for anyone who asks for it. + gfxCriticalError(CriticalLog::DefaultOptions(false)) << "Recovered from graphics driver startup crash; acceleration disabled."; + sDisableAcceleration = true; + } + return; + } + + // If we previously disabled acceleration, we should have gone through + // RecoverFromDriverInitCrash(). + MOZ_ASSERT(!sDisableAcceleration); + + if (mIsChromeProcess && + (UpdateEnvironment() || sEnvironmentHasBeenUpdated)) + { + // Something in the environment changed, *or* a previous instance of this + // class already updated the environment. Allow a fresh attempt at driver + // acceleration. This doesn't mean the previous attempt failed, it just + // means we want to detect whether the new environment crashes. + AllowDriverInitAttempt(); + sEnvironmentHasBeenUpdated = true; + return; + } +} + +DriverInitCrashDetection::~DriverInitCrashDetection() +{ + if (mLockFile) { + mLockFile->Remove(false); + } + + if (gfxPrefs::DriverInitStatus() == int32_t(DriverInitStatus::Attempting)) { + // If we attempted to initialize the driver, and got this far without + // crashing, assume everything is okay. + gfxPrefs::SetDriverInitStatus(int32_t(DriverInitStatus::Okay)); + gfxCriticalError(CriticalLog::DefaultOptions(false)) << "Successfully verified new graphics environment."; + } +} + +bool +DriverInitCrashDetection::InitLockFilePath() +{ + NS_GetSpecialDirectory(NS_APP_USER_PROFILE_LOCAL_50_DIR, getter_AddRefs(mLockFile)); + if (!mLockFile) { + return false; + } + if (!NS_SUCCEEDED(mLockFile->AppendNative(NS_LITERAL_CSTRING("gfxinit.lock")))) { + return false; + } + return true; +} + +void +DriverInitCrashDetection::AllowDriverInitAttempt() +{ + // Create a temporary tombstone/lockfile. + FILE* fp; + if (!NS_SUCCEEDED(mLockFile->OpenANSIFileDesc("w", &fp))) { + return; + } + fclose(fp); + + gfxPrefs::SetDriverInitStatus(int32_t(DriverInitStatus::Attempting)); + + // Flush preferences, so if we crash, we don't think the environment has changed again. + FlushPreferences(); +} + +bool +DriverInitCrashDetection::RecoverFromDriverInitCrash() +{ + bool exists; + if (mLockFile && + NS_SUCCEEDED(mLockFile->Exists(&exists)) && + exists) + { + // If we get here, we've just recovered from a crash. Disable acceleration + // until the environment changes. Since we may have crashed before + // preferences we're flushed, we cache the environment again, then flush + // preferences so child processes can start right away. + gfxPrefs::SetDriverInitStatus(int32_t(DriverInitStatus::Recovered)); + UpdateEnvironment(); + FlushPreferences(); + return true; + } + if (gfxPrefs::DriverInitStatus() == int32_t(DriverInitStatus::Recovered)) { + // If we get here, we crashed in the current environment and have already + // disabled acceleration. + return true; + } + return false; +} + +bool +DriverInitCrashDetection::UpdateEnvironment() +{ + mGfxInfo = do_GetService("@mozilla.org/gfx/info;1"); + + bool changed = false; + if (mGfxInfo) { + nsString value; + + // Driver properties. + mGfxInfo->GetAdapterDriverVersion(value); + changed |= CheckAndUpdatePref("gfx.driver-init.driverVersion", value); + mGfxInfo->GetAdapterDeviceID(value); + changed |= CheckAndUpdatePref("gfx.driver-init.deviceID", value); + + // Feature status. +#if defined(XP_WIN) + bool d2dEnabled = gfxPrefs::Direct2DForceEnabled() || + (!gfxPrefs::Direct2DDisabled() && FeatureEnabled(nsIGfxInfo::FEATURE_DIRECT2D)); + changed |= CheckAndUpdateBoolPref("gfx.driver-init.feature-d2d", d2dEnabled); + + bool d3d11Enabled = !gfxPrefs::LayersPreferD3D9(); + if (!FeatureEnabled(nsIGfxInfo::FEATURE_DIRECT3D_11_LAYERS)) { + d3d11Enabled = false; + } + changed |= CheckAndUpdateBoolPref("gfx.driver-init.feature-d3d11", d3d11Enabled); +#endif + } + + // Firefox properties. + changed |= CheckAndUpdatePref("gfx.driver-init.appVersion", NS_LITERAL_STRING(MOZ_APP_VERSION)); + + // Finally, mark as changed if the status has been reset by the user. + changed |= (gfxPrefs::DriverInitStatus() == int32_t(DriverInitStatus::None)); + + mGfxInfo = nullptr; + return changed; +} + +bool +DriverInitCrashDetection::FeatureEnabled(int aFeature) +{ + int32_t status; + if (!NS_SUCCEEDED(mGfxInfo->GetFeatureStatus(aFeature, &status))) { + return false; + } + return status == nsIGfxInfo::FEATURE_STATUS_OK; +} + +bool +DriverInitCrashDetection::CheckAndUpdateBoolPref(const char* aPrefName, bool aCurrentValue) +{ + bool oldValue; + if (NS_SUCCEEDED(Preferences::GetBool(aPrefName, &oldValue)) && + oldValue == aCurrentValue) + { + return false; + } + Preferences::SetBool(aPrefName, aCurrentValue); + return true; +} + +bool +DriverInitCrashDetection::CheckAndUpdatePref(const char* aPrefName, const nsAString& aCurrentValue) +{ + nsAdoptingString oldValue = Preferences::GetString(aPrefName); + if (oldValue == aCurrentValue) { + return false; + } + Preferences::SetString(aPrefName, aCurrentValue); + return true; +} + +void +DriverInitCrashDetection::FlushPreferences() +{ + if (nsIPrefService* prefService = Preferences::GetService()) { + prefService->SavePrefFile(nullptr); + } +} + +} // namespace gfx +} // namespace mozilla diff --git a/gfx/src/DriverInitCrashDetection.h b/gfx/src/DriverInitCrashDetection.h new file mode 100644 index 00000000000..77f7d945f79 --- /dev/null +++ b/gfx/src/DriverInitCrashDetection.h @@ -0,0 +1,65 @@ +/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ +#ifndef gfx_src_DriverInitCrashDetection_h__ +#define gfx_src_DriverInitCrashDetection_h__ + +#include "gfxCore.h" +#include "nsCOMPtr.h" +#include "nsIGfxInfo.h" +#include "nsIFile.h" + +namespace mozilla { +namespace gfx { + +enum class DriverInitStatus +{ + // Drivers have not been initialized yet. + None, + + // We're attempting to initialize drivers. + Attempting, + + // Drivers were successfully initialized last run. + Okay, + + // We crashed during driver initialization, and have restarted. + Recovered +}; + +class DriverInitCrashDetection +{ +public: + DriverInitCrashDetection(); + ~DriverInitCrashDetection(); + + bool DisableAcceleration() const { + return sDisableAcceleration; + } + +private: + bool InitLockFilePath(); + bool UpdateEnvironment(); + bool CheckAndUpdatePref(const char* aPrefName, const nsAString& aCurrentValue); + bool CheckAndUpdateBoolPref(const char* aPrefName, bool aCurrentValue); + bool FeatureEnabled(int aFeature); + void AllowDriverInitAttempt(); + bool RecoverFromDriverInitCrash(); + void FlushPreferences(); + +private: + static bool sDisableAcceleration; + static bool sEnvironmentHasBeenUpdated; + +private: + bool mIsChromeProcess; + nsCOMPtr mGfxInfo; + nsCOMPtr mLockFile; +}; + +} // namespace gfx +} // namespace mozilla + +#endif // gfx_src_DriverInitCrashDetection_h__ + diff --git a/gfx/src/moz.build b/gfx/src/moz.build index 7d38432c293..8f9bff14151 100644 --- a/gfx/src/moz.build +++ b/gfx/src/moz.build @@ -11,7 +11,10 @@ XPIDL_SOURCES += [ XPIDL_MODULE = 'gfx' +DEFINES['MOZ_APP_VERSION'] = '"%s"' % CONFIG['MOZ_APP_VERSION'] + EXPORTS += [ + 'DriverInitCrashDetection.h', 'FilterSupport.h', 'gfxCore.h', 'gfxCrashReporterUtils.h', @@ -50,6 +53,7 @@ if CONFIG['MOZ_X11']: ] UNIFIED_SOURCES += [ + 'DriverInitCrashDetection.cpp', 'FilterSupport.cpp', 'gfxCrashReporterUtils.cpp', 'nsColor.cpp', diff --git a/gfx/thebes/gfxPrefs.h b/gfx/thebes/gfxPrefs.h index 38a95febd67..90df5f942fa 100644 --- a/gfx/thebes/gfxPrefs.h +++ b/gfx/thebes/gfxPrefs.h @@ -226,6 +226,9 @@ private: DECL_GFX_PREF(Once, "gfx.direct2d.force-enabled", Direct2DForceEnabled, bool, false); DECL_GFX_PREF(Live, "gfx.direct2d.use1_1", Direct2DUse1_1, bool, false); DECL_GFX_PREF(Live, "gfx.draw-color-bars", CompositorDrawColorBars, bool, false); + // This should be set to values in the DriverInitStatus enumeration found in + // DriverInitCrashDetection.h. + DECL_GFX_PREF(Live, "gfx.driver-init.status", DriverInitStatus, int32_t, 0); DECL_GFX_PREF(Live, "gfx.gralloc.fence-with-readpixels", GrallocFenceWithReadPixels, bool, false); DECL_GFX_PREF(Live, "gfx.layerscope.enabled", LayerScopeEnabled, bool, false); DECL_GFX_PREF(Live, "gfx.layerscope.port", LayerScopePort, int32_t, 23456); diff --git a/gfx/thebes/gfxWindowsPlatform.cpp b/gfx/thebes/gfxWindowsPlatform.cpp index dea314dea83..1e2e179c5b1 100644 --- a/gfx/thebes/gfxWindowsPlatform.cpp +++ b/gfx/thebes/gfxWindowsPlatform.cpp @@ -78,6 +78,7 @@ #endif #include "VsyncSource.h" +#include "DriverInitCrashDetection.h" using namespace mozilla; using namespace mozilla::gfx; @@ -652,6 +653,11 @@ void gfxWindowsPlatform::VerifyD2DDevice(bool aAttemptForce) { #ifdef CAIRO_HAS_D2D_SURFACE + DriverInitCrashDetection detectCrashes; + if (detectCrashes.DisableAcceleration()) { + return; + } + if (mD2DDevice) { ID3D10Device1 *device = cairo_d2d_device_get_device(mD2DDevice); @@ -1864,7 +1870,8 @@ gfxWindowsPlatform::InitD3D11Devices() MOZ_ASSERT(!mD3D11Device); - if (InSafeMode()) { + DriverInitCrashDetection detectCrashes; + if (InSafeMode() || detectCrashes.DisableAcceleration()) { return; } From 47c272ce2e2ac2e7bc2d94f7b11e058a8fc9c558 Mon Sep 17 00:00:00 2001 From: David Anderson Date: Wed, 10 Jun 2015 21:59:05 -0700 Subject: [PATCH 121/297] Add telemetry for reporting graphics driver startup states. (bug 1168935 part 2, r=vdjeric,mattwoodrow) --- gfx/src/DriverInitCrashDetection.cpp | 44 +++++++++++++++--- gfx/src/DriverInitCrashDetection.h | 49 ++++++++++++++++++++ toolkit/components/telemetry/Histograms.json | 8 ++++ 3 files changed, 95 insertions(+), 6 deletions(-) diff --git a/gfx/src/DriverInitCrashDetection.cpp b/gfx/src/DriverInitCrashDetection.cpp index 16aa22244fe..da6fb998a4a 100644 --- a/gfx/src/DriverInitCrashDetection.cpp +++ b/gfx/src/DriverInitCrashDetection.cpp @@ -10,6 +10,7 @@ #include "nsString.h" #include "nsXULAppAPI.h" #include "mozilla/Preferences.h" +#include "mozilla/Telemetry.h" #include "mozilla/gfx/Logging.h" namespace mozilla { @@ -28,13 +29,16 @@ DriverInitCrashDetection::DriverInitCrashDetection() return; } + if (sDisableAcceleration) { + // We already disabled acceleration earlier. + return; + } + if (RecoverFromDriverInitCrash()) { - if (!sDisableAcceleration) { - // This is the first time we're checking for a crash recovery, so print - // a message and disable acceleration for anyone who asks for it. - gfxCriticalError(CriticalLog::DefaultOptions(false)) << "Recovered from graphics driver startup crash; acceleration disabled."; - sDisableAcceleration = true; - } + // This is the first time we're checking for a crash recovery, so print + // a message and disable acceleration for anyone who asks for it. + gfxCriticalError(CriticalLog::DefaultOptions(false)) << "Recovered from graphics driver startup crash; acceleration disabled."; + sDisableAcceleration = true; return; } @@ -53,6 +57,8 @@ DriverInitCrashDetection::DriverInitCrashDetection() sEnvironmentHasBeenUpdated = true; return; } + + RecordTelemetry(TelemetryState::Okay); } DriverInitCrashDetection::~DriverInitCrashDetection() @@ -96,6 +102,10 @@ DriverInitCrashDetection::AllowDriverInitAttempt() // Flush preferences, so if we crash, we don't think the environment has changed again. FlushPreferences(); + + // If we crash, we'll just lose this. Not a big deal, next startup we'll + // record the failure. + RecordTelemetry(TelemetryState::EnvironmentChanged); } bool @@ -113,11 +123,13 @@ DriverInitCrashDetection::RecoverFromDriverInitCrash() gfxPrefs::SetDriverInitStatus(int32_t(DriverInitStatus::Recovered)); UpdateEnvironment(); FlushPreferences(); + RecordTelemetry(TelemetryState::RecoveredFromCrash); return true; } if (gfxPrefs::DriverInitStatus() == int32_t(DriverInitStatus::Recovered)) { // If we get here, we crashed in the current environment and have already // disabled acceleration. + RecordTelemetry(TelemetryState::DriverUseDisabled); return true; } return false; @@ -204,5 +216,25 @@ DriverInitCrashDetection::FlushPreferences() } } +void +DriverInitCrashDetection::RecordTelemetry(TelemetryState aState) +{ + // Since we run this in each child process, we only want the initial results + // from the chrome process. + if (XRE_GetProcessType() != GeckoProcessType_Default) { + return; + } + + // Since we instantiate this class more than once, make sure we only record + // the first state (since that is really all we care about). + static bool sTelemetryStateRecorded = false; + if (sTelemetryStateRecorded) { + return; + } + + Telemetry::Accumulate(Telemetry::GRAPHICS_DRIVER_STARTUP_TEST, int32_t(aState)); + sTelemetryStateRecorded = true; +} + } // namespace gfx } // namespace mozilla diff --git a/gfx/src/DriverInitCrashDetection.h b/gfx/src/DriverInitCrashDetection.h index 77f7d945f79..3a9a1692a12 100644 --- a/gfx/src/DriverInitCrashDetection.h +++ b/gfx/src/DriverInitCrashDetection.h @@ -38,6 +38,53 @@ public: return sDisableAcceleration; } + // NOTE: These are the values reported to Telemetry (GRAPHICS_DRIVER_STARTUP_TEST). + // Values should not change; add new values to the end. + // + // We report exactly one of these values on every startup. The only exception + // is when we crash during driver initialization; the relevant value will be + // reported on the next startup. The value can change from startup to startup. + // + // The initial value for any profile is "EnvironmentChanged"; this means we + // have not seen the environment before. The environment includes graphics + // driver versions, adpater IDs, the MOZ_APP version, and blacklisting + // information. + // + // If the user crashes, the next startup will have the "RecoveredFromCrash" + // state. Graphics acceleration will be disabled. Subsequent startups will + // have the "DriverUseDisabled" state. + // + // If the user does not crash, subsequent startups will have the "Okay" + // state. + // + // If the environment changes, the state (no matter what it is) will + // transition back to "EnvironmentChanged". + enum class TelemetryState { + // Environment is the same as before, and we detected no crash at that time. + // + // Valid state transitions: Okay -> EnvironmentChanged. + Okay = 0, + + // Environment has changed since the last time we checked drivers. If we + // detected a crash before, we re-enable acceleration to see if it will + // work in the new environment. + // + // Valid state transitions: EnvironmentChanged -> RecoveredFromCrash | Okay + EnvironmentChanged = 1, + + // The last startup crashed trying to enable graphics acceleration, and + // acceleration has just been disabled. + // + // Valid state transitions: RecoveredFromCrash -> DriverUseDisabled | EnvironmentChanged + RecoveredFromCrash = 2, + + // A previous session was in the RecoveredFromCrash state, and now graphics + // acceleration is disabled until the environment changes. + // + // Valid state transitions: DriverUseDisabled -> EnvironmentChanged + DriverUseDisabled = 3 + }; + private: bool InitLockFilePath(); bool UpdateEnvironment(); @@ -48,6 +95,8 @@ private: bool RecoverFromDriverInitCrash(); void FlushPreferences(); + void RecordTelemetry(TelemetryState aState); + private: static bool sDisableAcceleration; static bool sEnvironmentHasBeenUpdated; diff --git a/toolkit/components/telemetry/Histograms.json b/toolkit/components/telemetry/Histograms.json index a217caff848..c9eb9810eb0 100644 --- a/toolkit/components/telemetry/Histograms.json +++ b/toolkit/components/telemetry/Histograms.json @@ -8158,5 +8158,13 @@ "expires_in_version": "45", "kind": "boolean", "description": "Set if media.eme.enabled is false, in a build that supports the Adobe Primetime Content Decryption Module." + }, + "GRAPHICS_DRIVER_STARTUP_TEST": { + "alert_emails": ["danderson@mozilla.com"], + "expires_in_version": "never", + "kind": "enumerated", + "n_values": 20, + "releaseChannelCollection": "opt-out", + "description": "Reports the status of graphics driver initialization. 0=Okay, 1=Driver/GPU/Firefox changed, 2=Drivers crashed during last startup, 3=Drivers crashed in a previous startup. State 0 is normal, 1 indicates a system change, 2 indicates a catastrophic crash, 3 indicates a user that experienced state 2 and is now unaccelerated." } } From c962443f5bc8285cc7130a3ffcd18f32dd62eecf Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Fri, 5 Jun 2015 13:26:34 +1000 Subject: [PATCH 122/297] Bug 1170855 - Part 1: Extract WebGL 2 specific pnames. r=jgilbert --- dom/canvas/WebGL2Context.h | 1 + dom/canvas/WebGL2ContextState.cpp | 68 ++++++++++++++++++++++++++++++ dom/canvas/WebGLContext.h | 2 +- dom/canvas/WebGLContextState.cpp | 70 +------------------------------ dom/canvas/WebGLContextUtils.cpp | 12 ++++++ dom/canvas/WebGLContextUtils.h | 3 ++ dom/canvas/WebGLTimerQuery.h | 1 + dom/canvas/moz.build | 1 + 8 files changed, 89 insertions(+), 69 deletions(-) create mode 100644 dom/canvas/WebGL2ContextState.cpp diff --git a/dom/canvas/WebGL2Context.h b/dom/canvas/WebGL2Context.h index c6c00493cb0..6ddad7ec1ed 100644 --- a/dom/canvas/WebGL2Context.h +++ b/dom/canvas/WebGL2Context.h @@ -324,6 +324,7 @@ public: void BindBufferBase(GLenum target, GLuint index, WebGLBuffer* buffer); void BindBufferRange(GLenum target, GLuint index, WebGLBuffer* buffer, GLintptr offset, GLsizeiptr size); */ + virtual JS::Value GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) override; void GetIndexedParameter(GLenum target, GLuint index, dom::Nullable& retval); void GetUniformIndices(WebGLProgram* program, diff --git a/dom/canvas/WebGL2ContextState.cpp b/dom/canvas/WebGL2ContextState.cpp new file mode 100644 index 00000000000..7e8dfd39378 --- /dev/null +++ b/dom/canvas/WebGL2ContextState.cpp @@ -0,0 +1,68 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "WebGL2Context.h" +#include "WebGLContextUtils.h" + +namespace mozilla { + +JS::Value +WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) +{ + if (IsContextLost()) + return JS::NullValue(); + + MakeContextCurrent(); + + switch (pname) { + case LOCAL_GL_MAX_SAMPLES: + case LOCAL_GL_MAX_UNIFORM_BLOCK_SIZE: + case LOCAL_GL_MAX_VERTEX_UNIFORM_COMPONENTS: { + GLint val; + gl->fGetIntegerv(pname, &val); + return JS::NumberValue(uint32_t(val)); + } + + case LOCAL_GL_TEXTURE_BINDING_3D: + return WebGLObjectAsJSValue(cx, mBound3DTextures[mActiveTexture].get(), rv); + + // DRAW_FRAMEBUFFER_BINDING is the same as FRAMEBUFFER_BINDING. + case LOCAL_GL_READ_FRAMEBUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundReadFramebuffer.get(), rv); + + case LOCAL_GL_PIXEL_PACK_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundPixelPackBuffer.get(), rv); + + case LOCAL_GL_PIXEL_UNPACK_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundPixelUnpackBuffer.get(), rv); + + case LOCAL_GL_UNIFORM_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundUniformBuffer.get(), rv); + + case LOCAL_GL_TRANSFORM_FEEDBACK_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundTransformFeedbackBuffer.get(), rv); + + case LOCAL_GL_COPY_READ_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundCopyReadBuffer.get(), rv); + + case LOCAL_GL_COPY_WRITE_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundCopyWriteBuffer.get(), rv); + + case LOCAL_GL_MAX_TRANSFORM_FEEDBACK_SEPARATE_ATTRIBS: + return JS::Int32Value(mGLMaxTransformFeedbackSeparateAttribs); + + case LOCAL_GL_VERSION: + return StringValue(cx, "WebGL 2.0", rv); + + case LOCAL_GL_SHADING_LANGUAGE_VERSION: + return StringValue(cx, "WebGL GLSL ES 3.00", rv); + + default: + return WebGLContext::GetParameter(cx, pname, rv); + } +} + +} // namespace mozilla diff --git a/dom/canvas/WebGLContext.h b/dom/canvas/WebGLContext.h index 55c5d802631..d48fd7c7e2a 100644 --- a/dom/canvas/WebGLContext.h +++ b/dom/canvas/WebGLContext.h @@ -955,7 +955,7 @@ public: void Disable(GLenum cap); void Enable(GLenum cap); bool GetStencilBits(GLint* out_stencilBits); - JS::Value GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv); + virtual JS::Value GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv); void GetParameter(JSContext* cx, GLenum pname, JS::MutableHandle retval, ErrorResult& rv) diff --git a/dom/canvas/WebGLContextState.cpp b/dom/canvas/WebGLContextState.cpp index 0ad586978a0..6d6b99031f2 100644 --- a/dom/canvas/WebGLContextState.cpp +++ b/dom/canvas/WebGLContextState.cpp @@ -58,18 +58,6 @@ WebGLContext::Enable(GLenum cap) gl->fEnable(cap); } -static JS::Value -StringValue(JSContext* cx, const char* chars, ErrorResult& rv) -{ - JSString* str = JS_NewStringCopyZ(cx, chars); - if (!str) { - rv.Throw(NS_ERROR_OUT_OF_MEMORY); - return JS::NullValue(); - } - - return JS::StringValue(str); -} - bool WebGLContext::GetStencilBits(GLint* out_stencilBits) { @@ -192,63 +180,15 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } } - if (IsWebGL2()) { - switch (pname) { - case LOCAL_GL_MAX_SAMPLES: - case LOCAL_GL_MAX_UNIFORM_BLOCK_SIZE: - case LOCAL_GL_MAX_VERTEX_UNIFORM_COMPONENTS: { - GLint val; - gl->fGetIntegerv(pname, &val); - return JS::NumberValue(uint32_t(val)); - } - - case LOCAL_GL_TEXTURE_BINDING_3D: - return WebGLObjectAsJSValue(cx, mBound3DTextures[mActiveTexture].get(), rv); - - // DRAW_FRAMEBUFFER_BINDING is the same as FRAMEBUFFER_BINDING. - case LOCAL_GL_READ_FRAMEBUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundReadFramebuffer.get(), rv); - - case LOCAL_GL_PIXEL_PACK_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundPixelPackBuffer.get(), rv); - - case LOCAL_GL_PIXEL_UNPACK_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundPixelUnpackBuffer.get(), rv); - - case LOCAL_GL_UNIFORM_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundUniformBuffer.get(), rv); - - case LOCAL_GL_TRANSFORM_FEEDBACK_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundTransformFeedbackBuffer.get(), rv); - - case LOCAL_GL_COPY_READ_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundCopyReadBuffer.get(), rv); - - case LOCAL_GL_COPY_WRITE_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundCopyWriteBuffer.get(), rv); - } - } - switch (pname) { // // String params // case LOCAL_GL_VENDOR: - return StringValue(cx, "Mozilla", rv); case LOCAL_GL_RENDERER: return StringValue(cx, "Mozilla", rv); - case LOCAL_GL_VERSION: { - const char* version = 0; - - if (IsWebGL2()) { - version = "WebGL 2.0"; - } else { - version = "WebGL 1.0"; - } - - MOZ_ASSERT(version != 0); - return StringValue(cx, version, rv); - } + case LOCAL_GL_VERSION: + return StringValue(cx, "WebGL 1.0", rv); case LOCAL_GL_SHADING_LANGUAGE_VERSION: return StringValue(cx, "WebGL GLSL ES 1.0", rv); @@ -417,12 +357,6 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } return JS::ObjectOrNullValue(obj); } - case LOCAL_GL_MAX_TRANSFORM_FEEDBACK_SEPARATE_ATTRIBS: { - if (!IsWebGL2()) { - break; - } - return JS::Int32Value(mGLMaxTransformFeedbackSeparateAttribs); - } // unsigned int. here we may have to return very large values like 2^32-1 that can't be represented as // javascript integer values. We just return them as doubles and javascript doesn't care. diff --git a/dom/canvas/WebGLContextUtils.cpp b/dom/canvas/WebGLContextUtils.cpp index 69fda519db9..f84e4276a91 100644 --- a/dom/canvas/WebGLContextUtils.cpp +++ b/dom/canvas/WebGLContextUtils.cpp @@ -75,6 +75,18 @@ TexImageTargetToTexTarget(TexImageTarget texImageTarget) } } +JS::Value +StringValue(JSContext* cx, const char* chars, ErrorResult& rv) +{ + JSString* str = JS_NewStringCopyZ(cx, chars); + if (!str) { + rv.Throw(NS_ERROR_OUT_OF_MEMORY); + return JS::NullValue(); + } + + return JS::StringValue(str); +} + GLComponents::GLComponents(TexInternalFormat internalformat) { TexInternalFormat unsizedformat = UnsizedInternalFormatFromInternalFormat(internalformat); diff --git a/dom/canvas/WebGLContextUtils.h b/dom/canvas/WebGLContextUtils.h index d130153f548..5535ee9fc69 100644 --- a/dom/canvas/WebGLContextUtils.h +++ b/dom/canvas/WebGLContextUtils.h @@ -56,6 +56,9 @@ size_t GetBitsPerTexel(TexInternalFormat effectiveinternalformat); // Returns GL_NONE if passed an invalid texture image target TexTarget TexImageTargetToTexTarget(TexImageTarget texImageTarget); +// Helper function to create a JS::Value from a C string +JS::Value StringValue(JSContext* cx, const char* str, ErrorResult& rv); + struct GLComponents { unsigned char mComponents; diff --git a/dom/canvas/WebGLTimerQuery.h b/dom/canvas/WebGLTimerQuery.h index d1224e93175..9f6205e9e18 100644 --- a/dom/canvas/WebGLTimerQuery.h +++ b/dom/canvas/WebGLTimerQuery.h @@ -7,6 +7,7 @@ #ifndef WEBGL_TIMER_QUERY_H_ #define WEBGL_TIMER_QUERY_H_ +#include "GLConsts.h" #include "nsWrapperCache.h" #include "WebGLObjectModel.h" diff --git a/dom/canvas/moz.build b/dom/canvas/moz.build index e8b1541be24..69367f4cd61 100644 --- a/dom/canvas/moz.build +++ b/dom/canvas/moz.build @@ -61,6 +61,7 @@ UNIFIED_SOURCES += [ 'WebGL2ContextPrograms.cpp', 'WebGL2ContextQueries.cpp', 'WebGL2ContextSamplers.cpp', + 'WebGL2ContextState.cpp', 'WebGL2ContextSync.cpp', 'WebGL2ContextTextures.cpp', 'WebGL2ContextTransformFeedback.cpp', From 065afd2df9885238e0b2acc7df25488adfaac379 Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Fri, 5 Jun 2015 15:06:01 +1000 Subject: [PATCH 123/297] Bug 1170855 - Part 2: Be consistent when handling pnames from extensions. r=jgilbert --- dom/canvas/WebGLContextState.cpp | 68 +++++++++++++++----------------- 1 file changed, 32 insertions(+), 36 deletions(-) diff --git a/dom/canvas/WebGLContextState.cpp b/dom/canvas/WebGLContextState.cpp index 6d6b99031f2..1ef0b99f399 100644 --- a/dom/canvas/WebGLContextState.cpp +++ b/dom/canvas/WebGLContextState.cpp @@ -180,6 +180,38 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } } + // Privileged string params exposed by WEBGL_debug_renderer_info: + if (IsExtensionEnabled(WebGLExtensionID::WEBGL_debug_renderer_info)) { + switch (pname) { + case UNMASKED_VENDOR_WEBGL: + case UNMASKED_RENDERER_WEBGL: + GLenum glstringname = LOCAL_GL_NONE; + if (pname == UNMASKED_VENDOR_WEBGL) { + glstringname = LOCAL_GL_VENDOR; + } else if (pname == UNMASKED_RENDERER_WEBGL) { + glstringname = LOCAL_GL_RENDERER; + } + const GLchar* string = (const GLchar*) gl->fGetString(glstringname); + return StringValue(cx, string, rv); + } + } + + if (IsExtensionEnabled(WebGLExtensionID::OES_standard_derivatives)) { + if (pname == LOCAL_GL_FRAGMENT_SHADER_DERIVATIVE_HINT) { + GLint i = 0; + gl->fGetIntegerv(pname, &i); + return JS::Int32Value(i); + } + } + + if (IsExtensionEnabled(WebGLExtensionID::EXT_texture_filter_anisotropic)) { + if (pname == LOCAL_GL_MAX_TEXTURE_MAX_ANISOTROPY_EXT) { + GLfloat f = 0.f; + gl->fGetFloatv(pname, &f); + return JS::NumberValue(f); + } + } + switch (pname) { // // String params @@ -192,24 +224,6 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) case LOCAL_GL_SHADING_LANGUAGE_VERSION: return StringValue(cx, "WebGL GLSL ES 1.0", rv); - // Privileged string params exposed by WEBGL_debug_renderer_info: - case UNMASKED_VENDOR_WEBGL: - case UNMASKED_RENDERER_WEBGL: { - // The privilege check is done in WebGLContext::IsExtensionSupported. - // So here we just have to check that the extension is enabled. - if (!IsExtensionEnabled(WebGLExtensionID::WEBGL_debug_renderer_info)) { - break; - } - GLenum glstringname = LOCAL_GL_NONE; - if (pname == UNMASKED_VENDOR_WEBGL) { - glstringname = LOCAL_GL_VENDOR; - } else if (pname == UNMASKED_RENDERER_WEBGL) { - glstringname = LOCAL_GL_RENDERER; - } - const char* string = reinterpret_cast(gl->fGetString(glstringname)); - return StringValue(cx, string, rv); - } - //////////////////////////////// // Single-value params @@ -320,15 +334,6 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } return JS::Int32Value(i); } - case LOCAL_GL_FRAGMENT_SHADER_DERIVATIVE_HINT: { - if (IsExtensionEnabled(WebGLExtensionID::OES_standard_derivatives)) { - GLint i = 0; - gl->fGetIntegerv(pname, &i); - return JS::Int32Value(i); - } else { - break; - } - } case LOCAL_GL_MAX_TEXTURE_SIZE: return JS::Int32Value(mGLMaxTextureSize); @@ -374,15 +379,6 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } // float - case LOCAL_GL_MAX_TEXTURE_MAX_ANISOTROPY_EXT: { - if (IsExtensionEnabled(WebGLExtensionID::EXT_texture_filter_anisotropic)) { - GLfloat f = 0.f; - gl->fGetFloatv(pname, &f); - return JS::DoubleValue(f); - } else { - break; - } - } case LOCAL_GL_DEPTH_CLEAR_VALUE: case LOCAL_GL_LINE_WIDTH: case LOCAL_GL_POLYGON_OFFSET_FACTOR: From d40845ed95d0ac9352e7866f156602ba42465142 Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Fri, 5 Jun 2015 15:12:11 +1000 Subject: [PATCH 124/297] Bug 1170855 - Part 3: Cleanup and better comments. r=jgilbert --- dom/canvas/WebGLContextState.cpp | 42 +++++++++++++++----------------- 1 file changed, 19 insertions(+), 23 deletions(-) diff --git a/dom/canvas/WebGLContextState.cpp b/dom/canvas/WebGLContextState.cpp index 1ef0b99f399..b24a3ba82f4 100644 --- a/dom/canvas/WebGLContextState.cpp +++ b/dom/canvas/WebGLContextState.cpp @@ -138,18 +138,15 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } else if (pname >= LOCAL_GL_DRAW_BUFFER0 && pname < GLenum(LOCAL_GL_DRAW_BUFFER0 + mGLMaxDrawBuffers)) { - if (mBoundDrawFramebuffer) { - GLint iv = 0; - gl->fGetIntegerv(pname, &iv); - return JS::Int32Value(iv); - } - GLint iv = 0; gl->fGetIntegerv(pname, &iv); - if (iv == GLint(LOCAL_GL_COLOR_ATTACHMENT0 + pname - LOCAL_GL_DRAW_BUFFER0)) { + if (mBoundDrawFramebuffer) + return JS::Int32Value(iv); + + const GLint index = (pname - LOCAL_GL_DRAW_BUFFER0); + if (iv == LOCAL_GL_COLOR_ATTACHMENT0 + index) return JS::Int32Value(LOCAL_GL_BACK); - } return JS::Int32Value(LOCAL_GL_NONE); } @@ -157,11 +154,9 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) if (IsExtensionEnabled(WebGLExtensionID::OES_vertex_array_object)) { if (pname == LOCAL_GL_VERTEX_ARRAY_BINDING) { - if (mBoundVertexArray == mDefaultVertexArray){ - return WebGLObjectAsJSValue(cx, (WebGLVertexArray *) nullptr, rv); - } - - return WebGLObjectAsJSValue(cx, mBoundVertexArray.get(), rv); + WebGLVertexArray* vao = + (mBoundVertexArray != mDefaultVertexArray) ? mBoundVertexArray.get() : nullptr; + return WebGLObjectAsJSValue(cx, vao, rv); } } @@ -169,10 +164,12 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) if (pname == LOCAL_GL_TIMESTAMP_EXT) { GLuint64 iv = 0; gl->fGetInteger64v(pname, (GLint64*) &iv); - return JS::NumberValue(uint64_t(iv)); + // TODO: JS doesn't support 64-bit integers. Be lossy and + // cast to double (53 bits) + return JS::NumberValue(static_cast(iv)); } else if (pname == LOCAL_GL_GPU_DISJOINT_EXT) { // When disjoint isn't supported, leave as false. - realGLboolean disjoint = 0; + realGLboolean disjoint = LOCAL_GL_FALSE; if (gl->IsExtensionSupported(gl::GLContext::EXT_disjoint_timer_query)) { gl->fGetBooleanv(pname, &disjoint); } @@ -365,18 +362,17 @@ WebGLContext::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) // unsigned int. here we may have to return very large values like 2^32-1 that can't be represented as // javascript integer values. We just return them as doubles and javascript doesn't care. - case LOCAL_GL_STENCIL_BACK_VALUE_MASK: { + case LOCAL_GL_STENCIL_BACK_VALUE_MASK: return JS::DoubleValue(mStencilValueMaskBack); // pass as FP value to allow large values such as 2^32-1. - } - case LOCAL_GL_STENCIL_BACK_WRITEMASK: { + + case LOCAL_GL_STENCIL_BACK_WRITEMASK: return JS::DoubleValue(mStencilWriteMaskBack); - } - case LOCAL_GL_STENCIL_VALUE_MASK: { + + case LOCAL_GL_STENCIL_VALUE_MASK: return JS::DoubleValue(mStencilValueMaskFront); - } - case LOCAL_GL_STENCIL_WRITEMASK: { + + case LOCAL_GL_STENCIL_WRITEMASK: return JS::DoubleValue(mStencilWriteMaskFront); - } // float case LOCAL_GL_DEPTH_CLEAR_VALUE: From 882d519ecac5eddd6508d8d7564be1ad12ab74f0 Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Fri, 5 Jun 2015 16:42:49 +1000 Subject: [PATCH 125/297] Bug 1170855 - Part 4: Pour in the WebGL 2 pnames. r=jgilbert --- dom/canvas/WebGL2ContextState.cpp | 127 ++++++++++++++++++++++++------ 1 file changed, 103 insertions(+), 24 deletions(-) diff --git a/dom/canvas/WebGL2ContextState.cpp b/dom/canvas/WebGL2ContextState.cpp index 7e8dfd39378..a9011052ffe 100644 --- a/dom/canvas/WebGL2ContextState.cpp +++ b/dom/canvas/WebGL2ContextState.cpp @@ -12,38 +12,79 @@ namespace mozilla { JS::Value WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) { + // The following cases are handled in WebGLContext::GetParameter(): + // case LOCAL_GL_MAX_COLOR_ATTACHMENTS: + // case LOCAL_GL_MAX_DRAW_BUFFERS: + // case LOCAL_GL_DRAW_BUFFERi: + if (IsContextLost()) return JS::NullValue(); MakeContextCurrent(); switch (pname) { - case LOCAL_GL_MAX_SAMPLES: - case LOCAL_GL_MAX_UNIFORM_BLOCK_SIZE: - case LOCAL_GL_MAX_VERTEX_UNIFORM_COMPONENTS: { - GLint val; - gl->fGetIntegerv(pname, &val); - return JS::NumberValue(uint32_t(val)); + /* GLboolean */ + case LOCAL_GL_RASTERIZER_DISCARD: + case LOCAL_GL_SAMPLE_ALPHA_TO_COVERAGE: + case LOCAL_GL_SAMPLE_COVERAGE: + case LOCAL_GL_TRANSFORM_FEEDBACK_PAUSED: + case LOCAL_GL_TRANSFORM_FEEDBACK_ACTIVE: + case LOCAL_GL_UNPACK_SKIP_IMAGES: + case LOCAL_GL_UNPACK_SKIP_PIXELS: + case LOCAL_GL_UNPACK_SKIP_ROWS: { + realGLboolean b = 0; + gl->fGetBooleanv(pname, &b); + return JS::BooleanValue(bool(b)); } - case LOCAL_GL_TEXTURE_BINDING_3D: - return WebGLObjectAsJSValue(cx, mBound3DTextures[mActiveTexture].get(), rv); + /* GLenum */ + case LOCAL_GL_FRAGMENT_SHADER_DERIVATIVE_HINT: + case LOCAL_GL_READ_BUFFER: + /* fall through */ - // DRAW_FRAMEBUFFER_BINDING is the same as FRAMEBUFFER_BINDING. - case LOCAL_GL_READ_FRAMEBUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundReadFramebuffer.get(), rv); + /* GLint */ + case LOCAL_GL_MAX_3D_TEXTURE_SIZE: + case LOCAL_GL_MAX_ARRAY_TEXTURE_LAYERS: + case LOCAL_GL_MAX_COMBINED_UNIFORM_BLOCKS: + case LOCAL_GL_MAX_ELEMENTS_INDICES: + case LOCAL_GL_MAX_ELEMENTS_VERTICES: + case LOCAL_GL_MAX_FRAGMENT_INPUT_COMPONENTS: + case LOCAL_GL_MAX_FRAGMENT_UNIFORM_BLOCKS: + case LOCAL_GL_MAX_FRAGMENT_UNIFORM_COMPONENTS: + case LOCAL_GL_MAX_PROGRAM_TEXEL_OFFSET: + case LOCAL_GL_MAX_SAMPLES: + case LOCAL_GL_MAX_TEXTURE_LOD_BIAS: + case LOCAL_GL_MAX_TRANSFORM_FEEDBACK_INTERLEAVED_COMPONENTS: + case LOCAL_GL_MAX_TRANSFORM_FEEDBACK_SEPARATE_ATTRIBS: + case LOCAL_GL_MAX_TRANSFORM_FEEDBACK_SEPARATE_COMPONENTS: + case LOCAL_GL_MAX_UNIFORM_BUFFER_BINDINGS: + case LOCAL_GL_MAX_VARYING_COMPONENTS: + case LOCAL_GL_MAX_VERTEX_OUTPUT_COMPONENTS: + case LOCAL_GL_MAX_VERTEX_UNIFORM_BLOCKS: + case LOCAL_GL_MAX_VERTEX_UNIFORM_COMPONENTS: + case LOCAL_GL_MIN_PROGRAM_TEXEL_OFFSET: + case LOCAL_GL_PACK_ROW_LENGTH: + case LOCAL_GL_PACK_SKIP_PIXELS: + case LOCAL_GL_PACK_SKIP_ROWS: + case LOCAL_GL_UNIFORM_BUFFER_OFFSET_ALIGNMENT: + case LOCAL_GL_UNPACK_IMAGE_HEIGHT: + case LOCAL_GL_UNPACK_ROW_LENGTH: { + GLint val; + gl->fGetIntegerv(pname, &val); + return JS::Int32Value(val); + } - case LOCAL_GL_PIXEL_PACK_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundPixelPackBuffer.get(), rv); - - case LOCAL_GL_PIXEL_UNPACK_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundPixelUnpackBuffer.get(), rv); - - case LOCAL_GL_UNIFORM_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundUniformBuffer.get(), rv); - - case LOCAL_GL_TRANSFORM_FEEDBACK_BUFFER_BINDING: - return WebGLObjectAsJSValue(cx, mBoundTransformFeedbackBuffer.get(), rv); + /* GLint64 */ + //case LOCAL_GL_MAX_CLIENT_WAIT_TIMEOUT_WEBGL: + case LOCAL_GL_MAX_ELEMENT_INDEX: + case LOCAL_GL_MAX_COMBINED_FRAGMENT_UNIFORM_COMPONENTS: + case LOCAL_GL_MAX_COMBINED_VERTEX_UNIFORM_COMPONENTS: + case LOCAL_GL_MAX_SERVER_WAIT_TIMEOUT: + case LOCAL_GL_MAX_UNIFORM_BLOCK_SIZE: { + GLint64 val; + gl->fGetInteger64v(pname, &val); + return JS::DoubleValue(static_cast(val)); + } case LOCAL_GL_COPY_READ_BUFFER_BINDING: return WebGLObjectAsJSValue(cx, mBoundCopyReadBuffer.get(), rv); @@ -51,8 +92,46 @@ WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) case LOCAL_GL_COPY_WRITE_BUFFER_BINDING: return WebGLObjectAsJSValue(cx, mBoundCopyWriteBuffer.get(), rv); - case LOCAL_GL_MAX_TRANSFORM_FEEDBACK_SEPARATE_ATTRIBS: - return JS::Int32Value(mGLMaxTransformFeedbackSeparateAttribs); + case LOCAL_GL_PIXEL_PACK_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundPixelPackBuffer.get(), rv); + + case LOCAL_GL_PIXEL_UNPACK_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundPixelUnpackBuffer.get(), rv); + + case LOCAL_GL_TRANSFORM_FEEDBACK_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundTransformFeedbackBuffer.get(), rv); + + case LOCAL_GL_UNIFORM_BUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundUniformBuffer.get(), rv); + + // DRAW_FRAMEBUFFER_BINDING is the same as FRAMEBUFFER_BINDING. + case LOCAL_GL_READ_FRAMEBUFFER_BINDING: + return WebGLObjectAsJSValue(cx, mBoundReadFramebuffer.get(), rv); + + case LOCAL_GL_SAMPLER_BINDING: + // TODO: Implement bound sampler tracking + //return WebGLObjectAsJSValue(cx, mBoundSamplers[mActiveTexture].get(), rv); + return JS::NullValue(); + + case LOCAL_GL_TEXTURE_BINDING_2D_ARRAY: + // TODO: Implement gl.TEXTURE_2D_ARRAY + // return WebGLObjectAsJSValue(cx, mBound2DTextureArrays[mActiveTexture].get(), rv); + return JS::NullValue(); + + case LOCAL_GL_TEXTURE_BINDING_3D: + return WebGLObjectAsJSValue(cx, mBound3DTextures[mActiveTexture].get(), rv); + + case LOCAL_GL_TRANSFORM_FEEDBACK_BINDING: { + WebGLTransformFeedback* tf = + (mBoundTransformFeedback != mDefaultTransformFeedback) ? mBoundTransformFeedback.get() : nullptr; + return WebGLObjectAsJSValue(cx, tf, rv); + } + + case LOCAL_GL_VERTEX_ARRAY_BINDING: { + WebGLVertexArray* vao = + (mBoundVertexArray != mDefaultVertexArray) ? mBoundVertexArray.get() : nullptr; + return WebGLObjectAsJSValue(cx, vao, rv); + } case LOCAL_GL_VERSION: return StringValue(cx, "WebGL 2.0", rv); From 16a912f1ccb071d642db2a78ce683bb6c5824793 Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Fri, 5 Jun 2015 17:13:41 +1000 Subject: [PATCH 126/297] Bug 1170855 - Part 5: Correctly load glGetInteger64v. r=jgilbert Correctly detect support for ARB_sync via GLFeature. --- gfx/gl/GLContext.cpp | 4 ++-- gfx/gl/GLContext.h | 1 + gfx/gl/GLContextFeatures.cpp | 9 +++++++++ 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/gfx/gl/GLContext.cpp b/gfx/gl/GLContext.cpp index aa78909cc89..1c4fa209a6b 100644 --- a/gfx/gl/GLContext.cpp +++ b/gfx/gl/GLContext.cpp @@ -794,7 +794,7 @@ GLContext::InitWithPrefix(const char *prefix, bool trygl) } } - if (IsExtensionSupported(ARB_sync)) { + if (IsSupported(GLFeature::sync)) { SymLoadStruct syncSymbols[] = { { (PRFuncPtr*) &mSymbols.fFenceSync, { "FenceSync", nullptr } }, { (PRFuncPtr*) &mSymbols.fIsSync, { "IsSync", nullptr } }, @@ -807,7 +807,7 @@ GLContext::InitWithPrefix(const char *prefix, bool trygl) }; if (!LoadSymbols(&syncSymbols[0], trygl, prefix)) { - NS_ERROR("GL supports ARB_sync without supplying its functions."); + NS_ERROR("GL supports sync without supplying its functions."); MarkExtensionUnsupported(ARB_sync); ClearSymbols(syncSymbols); diff --git a/gfx/gl/GLContext.h b/gfx/gl/GLContext.h index ee338234975..83d2fb8ad25 100644 --- a/gfx/gl/GLContext.h +++ b/gfx/gl/GLContext.h @@ -122,6 +122,7 @@ enum class GLFeature { sRGB_texture, sampler_objects, standard_derivatives, + sync, texture_3D, texture_3D_compressed, texture_3D_copy, diff --git a/gfx/gl/GLContextFeatures.cpp b/gfx/gl/GLContextFeatures.cpp index 7506ca84ccf..fefba7e3883 100644 --- a/gfx/gl/GLContextFeatures.cpp +++ b/gfx/gl/GLContextFeatures.cpp @@ -529,6 +529,15 @@ static const FeatureInfo sFeatureInfoArr[] = { GLContext::Extensions_End } }, + { + "sync", + GLVersion::GL3_2, + GLESVersion::ES3, + GLContext::ARB_sync, + { + GLContext::Extensions_End + } + }, { "texture_3D", GLVersion::GL1_2, From 22b063a531a49dc1c8d4034cd393ee18bc41fd85 Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Tue, 9 Jun 2015 10:18:19 +1000 Subject: [PATCH 127/297] Bug 1170855 - Part 6: Implement Sampler binding tracking. r=jgilbert --- dom/canvas/WebGL2ContextSamplers.cpp | 8 ++++++++ dom/canvas/WebGL2ContextState.cpp | 4 +--- dom/canvas/WebGLContext.cpp | 2 ++ dom/canvas/WebGLContext.h | 1 + dom/canvas/WebGLContextValidate.cpp | 2 ++ 5 files changed, 14 insertions(+), 3 deletions(-) diff --git a/dom/canvas/WebGL2ContextSamplers.cpp b/dom/canvas/WebGL2ContextSamplers.cpp index bad4b50bdb5..3e2b31ebd36 100644 --- a/dom/canvas/WebGL2ContextSamplers.cpp +++ b/dom/canvas/WebGL2ContextSamplers.cpp @@ -36,6 +36,12 @@ WebGL2Context::DeleteSampler(WebGLSampler* sampler) if (!sampler || sampler->IsDeleted()) return; + for (int n = 0; n < mGLMaxTextureUnits; n++) { + if (mBoundSamplers[n] == sampler) { + mBoundSamplers[n] = nullptr; + } + } + sampler->RequestDelete(); } @@ -74,6 +80,8 @@ WebGL2Context::BindSampler(GLuint unit, WebGLSampler* sampler) return ErrorInvalidOperation("bindSampler: binding deleted sampler"); WebGLContextUnchecked::BindSampler(unit, sampler); + + mBoundSamplers[unit] = sampler; } void diff --git a/dom/canvas/WebGL2ContextState.cpp b/dom/canvas/WebGL2ContextState.cpp index a9011052ffe..2d5f8d36632 100644 --- a/dom/canvas/WebGL2ContextState.cpp +++ b/dom/canvas/WebGL2ContextState.cpp @@ -109,9 +109,7 @@ WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) return WebGLObjectAsJSValue(cx, mBoundReadFramebuffer.get(), rv); case LOCAL_GL_SAMPLER_BINDING: - // TODO: Implement bound sampler tracking - //return WebGLObjectAsJSValue(cx, mBoundSamplers[mActiveTexture].get(), rv); - return JS::NullValue(); + return WebGLObjectAsJSValue(cx, mBoundSamplers[mActiveTexture].get(), rv); case LOCAL_GL_TEXTURE_BINDING_2D_ARRAY: // TODO: Implement gl.TEXTURE_2D_ARRAY diff --git a/dom/canvas/WebGLContext.cpp b/dom/canvas/WebGLContext.cpp index 97303063b63..a2ebf9d516e 100644 --- a/dom/canvas/WebGLContext.cpp +++ b/dom/canvas/WebGLContext.cpp @@ -325,6 +325,7 @@ WebGLContext::DestroyResourcesAndContext() mBound2DTextures.Clear(); mBoundCubeMapTextures.Clear(); mBound3DTextures.Clear(); + mBoundSamplers.Clear(); mBoundArrayBuffer = nullptr; mBoundCopyReadBuffer = nullptr; mBoundCopyWriteBuffer = nullptr; @@ -1949,6 +1950,7 @@ NS_IMPL_CYCLE_COLLECTION_WRAPPERCACHE(WebGLContext, mBound2DTextures, mBoundCubeMapTextures, mBound3DTextures, + mBoundSamplers, mBoundArrayBuffer, mBoundCopyReadBuffer, mBoundCopyWriteBuffer, diff --git a/dom/canvas/WebGLContext.h b/dom/canvas/WebGLContext.h index d48fd7c7e2a..9ec26c554ff 100644 --- a/dom/canvas/WebGLContext.h +++ b/dom/canvas/WebGLContext.h @@ -1435,6 +1435,7 @@ protected: nsTArray > mBound2DTextures; nsTArray > mBoundCubeMapTextures; nsTArray > mBound3DTextures; + nsTArray > mBoundSamplers; void ResolveTexturesForDraw() const; diff --git a/dom/canvas/WebGLContextValidate.cpp b/dom/canvas/WebGLContextValidate.cpp index 846401c1cc2..44bdb74a279 100644 --- a/dom/canvas/WebGLContextValidate.cpp +++ b/dom/canvas/WebGLContextValidate.cpp @@ -1755,6 +1755,7 @@ WebGLContext::InitAndValidateGL() mBound2DTextures.Clear(); mBoundCubeMapTextures.Clear(); mBound3DTextures.Clear(); + mBoundSamplers.Clear(); mBoundArrayBuffer = nullptr; mBoundTransformFeedbackBuffer = nullptr; @@ -1798,6 +1799,7 @@ WebGLContext::InitAndValidateGL() mBound2DTextures.SetLength(mGLMaxTextureUnits); mBoundCubeMapTextures.SetLength(mGLMaxTextureUnits); mBound3DTextures.SetLength(mGLMaxTextureUnits); + mBoundSamplers.SetLength(mGLMaxTextureUnits); if (MinCapabilityMode()) { mGLMaxTextureSize = MINVALUE_GL_MAX_TEXTURE_SIZE; From 999f44427840f07a7c43b2db26ee94a129b26871 Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Thu, 11 Jun 2015 14:36:04 +1000 Subject: [PATCH 128/297] Bug 1170855 - Part 7: Implement MAX_CLIENT_WAIT_TIMEOUT_WEBGL. r=jgilbert, r=smaug --- dom/canvas/WebGL2ContextState.cpp | 4 +++- dom/webidl/WebGL2RenderingContext.webidl | 3 +++ gfx/gl/GLConsts.h | 1 + 3 files changed, 7 insertions(+), 1 deletion(-) diff --git a/dom/canvas/WebGL2ContextState.cpp b/dom/canvas/WebGL2ContextState.cpp index 2d5f8d36632..547fa879df3 100644 --- a/dom/canvas/WebGL2ContextState.cpp +++ b/dom/canvas/WebGL2ContextState.cpp @@ -75,7 +75,9 @@ WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } /* GLint64 */ - //case LOCAL_GL_MAX_CLIENT_WAIT_TIMEOUT_WEBGL: + case LOCAL_GL_MAX_CLIENT_WAIT_TIMEOUT_WEBGL: + return JS::NumberValue(0); // TODO + case LOCAL_GL_MAX_ELEMENT_INDEX: case LOCAL_GL_MAX_COMBINED_FRAGMENT_UNIFORM_COMPONENTS: case LOCAL_GL_MAX_COMBINED_VERTEX_UNIFORM_COMPONENTS: diff --git a/dom/webidl/WebGL2RenderingContext.webidl b/dom/webidl/WebGL2RenderingContext.webidl index b8bba687887..30e4c9e16a7 100644 --- a/dom/webidl/WebGL2RenderingContext.webidl +++ b/dom/webidl/WebGL2RenderingContext.webidl @@ -312,6 +312,9 @@ interface WebGL2RenderingContext : WebGLRenderingContext const GLint64 TIMEOUT_IGNORED = -1; + /* WebGL-specific enums */ + const GLenum MAX_CLIENT_WAIT_TIMEOUT_WEBGL = 0x9247; + /* Buffer objects */ void copyBufferSubData(GLenum readTarget, GLenum writeTarget, GLintptr readOffset, GLintptr writeOffset, GLsizeiptr size); diff --git a/gfx/gl/GLConsts.h b/gfx/gl/GLConsts.h index b21dfe79a1a..5b3bbb419e9 100644 --- a/gfx/gl/GLConsts.h +++ b/gfx/gl/GLConsts.h @@ -2279,6 +2279,7 @@ #define LOCAL_GL_MAX_ATTRIB_STACK_DEPTH 0x0D35 #define LOCAL_GL_MAX_BINDABLE_UNIFORM_SIZE_EXT 0x8DED #define LOCAL_GL_MAX_CLIENT_ATTRIB_STACK_DEPTH 0x0D3B +#define LOCAL_GL_MAX_CLIENT_WAIT_TIMEOUT_WEBGL 0x9247 #define LOCAL_GL_MAX_CLIPMAP_DEPTH_SGIX 0x8177 #define LOCAL_GL_MAX_CLIPMAP_VIRTUAL_DEPTH_SGIX 0x8178 #define LOCAL_GL_MAX_CLIP_DISTANCES 0x0D32 From 6277ffe20c0bf209a559c533633747f46b1a509d Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Tue, 9 Jun 2015 10:32:22 +1000 Subject: [PATCH 129/297] Bug 1170855 - Part 8: MAX_SERVER_WAIT_TIMEOUT is unsigned. r=jgilbert --- dom/canvas/WebGL2ContextState.cpp | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/dom/canvas/WebGL2ContextState.cpp b/dom/canvas/WebGL2ContextState.cpp index 547fa879df3..4c4ac9c7af6 100644 --- a/dom/canvas/WebGL2ContextState.cpp +++ b/dom/canvas/WebGL2ContextState.cpp @@ -81,13 +81,20 @@ WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) case LOCAL_GL_MAX_ELEMENT_INDEX: case LOCAL_GL_MAX_COMBINED_FRAGMENT_UNIFORM_COMPONENTS: case LOCAL_GL_MAX_COMBINED_VERTEX_UNIFORM_COMPONENTS: - case LOCAL_GL_MAX_SERVER_WAIT_TIMEOUT: case LOCAL_GL_MAX_UNIFORM_BLOCK_SIZE: { GLint64 val; gl->fGetInteger64v(pname, &val); return JS::DoubleValue(static_cast(val)); } + + // GLuint64 + case LOCAL_GL_MAX_SERVER_WAIT_TIMEOUT: { + GLuint64 val; + gl->fGetInteger64v(pname, (GLint64*) &val); + return JS::DoubleValue(static_cast(val)); + } + case LOCAL_GL_COPY_READ_BUFFER_BINDING: return WebGLObjectAsJSValue(cx, mBoundCopyReadBuffer.get(), rv); From 0ac07d9b183bea4244392040940091f9c236e5b5 Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Tue, 9 Jun 2015 10:35:20 +1000 Subject: [PATCH 130/297] Bug 1170855 - Part 9: MAX_VARYING_COMPONENTS workaround. r=jgilbert Turns of querying MAX_VARYING_COMPONENTS on OS X 10.10 is buggy. Always returns 1. The spec says that the value is 4 times MAX_VARYING_VECTORS so work around using that method. --- dom/canvas/WebGL2ContextState.cpp | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/dom/canvas/WebGL2ContextState.cpp b/dom/canvas/WebGL2ContextState.cpp index 4c4ac9c7af6..db5f61950b3 100644 --- a/dom/canvas/WebGL2ContextState.cpp +++ b/dom/canvas/WebGL2ContextState.cpp @@ -58,7 +58,6 @@ WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) case LOCAL_GL_MAX_TRANSFORM_FEEDBACK_SEPARATE_ATTRIBS: case LOCAL_GL_MAX_TRANSFORM_FEEDBACK_SEPARATE_COMPONENTS: case LOCAL_GL_MAX_UNIFORM_BUFFER_BINDINGS: - case LOCAL_GL_MAX_VARYING_COMPONENTS: case LOCAL_GL_MAX_VERTEX_OUTPUT_COMPONENTS: case LOCAL_GL_MAX_VERTEX_UNIFORM_BLOCKS: case LOCAL_GL_MAX_VERTEX_UNIFORM_COMPONENTS: @@ -74,6 +73,14 @@ WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) return JS::Int32Value(val); } + case LOCAL_GL_MAX_VARYING_COMPONENTS: { + // On OS X Core Profile this is buggy. The spec says that the + // value is 4 * GL_MAX_VARYING_VECTORS + GLint val; + gl->fGetIntegerv(LOCAL_GL_MAX_VARYING_VECTORS, &val); + return JS::Int32Value(4*val); + } + /* GLint64 */ case LOCAL_GL_MAX_CLIENT_WAIT_TIMEOUT_WEBGL: return JS::NumberValue(0); // TODO @@ -88,7 +95,7 @@ WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } - // GLuint64 + /* GLuint64 */ case LOCAL_GL_MAX_SERVER_WAIT_TIMEOUT: { GLuint64 val; gl->fGetInteger64v(pname, (GLint64*) &val); From 3e1b34672119f216f51ee8bc8ce00062d1d54f70 Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Tue, 9 Jun 2015 10:37:28 +1000 Subject: [PATCH 131/297] Bug 1170855 - Part A: Don't error on MAX_ELEMENT_INDEX. r=jgilbert MAX_ELEMENT_INDEX appears in GL 4.3 or via ES3_compatibility. Work around on OSX 10.10 where max is GL 4.1. --- dom/canvas/WebGL2ContextState.cpp | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/dom/canvas/WebGL2ContextState.cpp b/dom/canvas/WebGL2ContextState.cpp index db5f61950b3..6d7ffb02125 100644 --- a/dom/canvas/WebGL2ContextState.cpp +++ b/dom/canvas/WebGL2ContextState.cpp @@ -86,6 +86,13 @@ WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) return JS::NumberValue(0); // TODO case LOCAL_GL_MAX_ELEMENT_INDEX: + // GL_MAX_ELEMENT_INDEX becomes available in GL 4.3 or via ES3 + // compatibility + if (!gl->IsSupported(gl::GLFeature::ES3_compatibility)) + return JS::NumberValue(0); + + /*** fall through to fGetInteger64v ***/ + case LOCAL_GL_MAX_COMBINED_FRAGMENT_UNIFORM_COMPONENTS: case LOCAL_GL_MAX_COMBINED_VERTEX_UNIFORM_COMPONENTS: case LOCAL_GL_MAX_UNIFORM_BLOCK_SIZE: { From 54f1e166da560ba5ee0afd7b7cde1444e914b382 Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Tue, 9 Jun 2015 10:40:56 +1000 Subject: [PATCH 132/297] Bug 1170855 - Part B: READ_BUFFER requires emulation for default FB. r=jgilbert WebGL internals use framebuffers to implement the default framebuffer. This means that we can't just return the result from glGetIntegerv(GL_READ_BUFFER, ...) --- dom/canvas/WebGL2ContextState.cpp | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/dom/canvas/WebGL2ContextState.cpp b/dom/canvas/WebGL2ContextState.cpp index 6d7ffb02125..09a842730b0 100644 --- a/dom/canvas/WebGL2ContextState.cpp +++ b/dom/canvas/WebGL2ContextState.cpp @@ -38,8 +38,17 @@ WebGL2Context::GetParameter(JSContext* cx, GLenum pname, ErrorResult& rv) } /* GLenum */ + case LOCAL_GL_READ_BUFFER: { + if (mBoundReadFramebuffer) { + GLint val = LOCAL_GL_NONE; + gl->fGetIntegerv(pname, &val); + return JS::Int32Value(val); + } + + return JS::Int32Value(LOCAL_GL_BACK); + } + case LOCAL_GL_FRAGMENT_SHADER_DERIVATIVE_HINT: - case LOCAL_GL_READ_BUFFER: /* fall through */ /* GLint */ From 1b384f439be8038a2c0613f47d0e0855ad691814 Mon Sep 17 00:00:00 2001 From: Dan Glastonbury Date: Wed, 10 Jun 2015 15:13:02 +1000 Subject: [PATCH 133/297] Bug 1170855 - Part C: Move _WEBGL GLenums from GLConsts.h to WebGLContext.h. r=jgilbert --- dom/canvas/WebGLContext.h | 10 ++++++++++ gfx/gl/GLConsts.h | 6 ------ 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/dom/canvas/WebGLContext.h b/dom/canvas/WebGLContext.h index 9ec26c554ff..1354c2eafcd 100644 --- a/dom/canvas/WebGLContext.h +++ b/dom/canvas/WebGLContext.h @@ -65,6 +65,16 @@ class nsIDocShell; #define MINVALUE_GL_MAX_RENDERBUFFER_SIZE 1024 // Different from the spec, which sets it to 1 on page 164 #define MINVALUE_GL_MAX_COMBINED_TEXTURE_IMAGE_UNITS 8 // Page 164 +/* + * WebGL-only GLenums + */ +#define LOCAL_GL_BROWSER_DEFAULT_WEBGL 0x9244 +#define LOCAL_GL_CONTEXT_LOST_WEBGL 0x9242 +#define LOCAL_GL_MAX_CLIENT_WAIT_TIMEOUT_WEBGL 0x9247 +#define LOCAL_GL_UNPACK_COLORSPACE_CONVERSION_WEBGL 0x9243 +#define LOCAL_GL_UNPACK_FLIP_Y_WEBGL 0x9240 +#define LOCAL_GL_UNPACK_PREMULTIPLY_ALPHA_WEBGL 0x9241 + namespace mozilla { class WebGLActiveInfo; diff --git a/gfx/gl/GLConsts.h b/gfx/gl/GLConsts.h index 5b3bbb419e9..0c1e43e8aac 100644 --- a/gfx/gl/GLConsts.h +++ b/gfx/gl/GLConsts.h @@ -283,7 +283,6 @@ #define LOCAL_GL_BOOL_VEC4_ARB 0x8B59 #define LOCAL_GL_BOUNDING_BOX_NV 0x908D #define LOCAL_GL_BOUNDING_BOX_OF_BOUNDING_BOXES_NV 0x909C -#define LOCAL_GL_BROWSER_DEFAULT_WEBGL 0x9244 #define LOCAL_GL_BUFFER 0x82E0 #define LOCAL_GL_BUFFER_ACCESS 0x88BB #define LOCAL_GL_BUFFER_ACCESS_ARB 0x88BB @@ -731,7 +730,6 @@ #define LOCAL_GL_CONTEXT_FLAG_DEBUG_BIT_KHR 0x00000002 #define LOCAL_GL_CONTEXT_FLAG_FORWARD_COMPATIBLE_BIT 0x00000001 #define LOCAL_GL_CONTEXT_FLAG_ROBUST_ACCESS_BIT_ARB 0x00000004 -#define LOCAL_GL_CONTEXT_LOST_WEBGL 0x9242 #define LOCAL_GL_CONTEXT_PROFILE_MASK 0x9126 #define LOCAL_GL_CONTEXT_ROBUST_ACCESS_EXT 0x90F3 #define LOCAL_GL_CONTINUOUS_AMD 0x9007 @@ -2279,7 +2277,6 @@ #define LOCAL_GL_MAX_ATTRIB_STACK_DEPTH 0x0D35 #define LOCAL_GL_MAX_BINDABLE_UNIFORM_SIZE_EXT 0x8DED #define LOCAL_GL_MAX_CLIENT_ATTRIB_STACK_DEPTH 0x0D3B -#define LOCAL_GL_MAX_CLIENT_WAIT_TIMEOUT_WEBGL 0x9247 #define LOCAL_GL_MAX_CLIPMAP_DEPTH_SGIX 0x8177 #define LOCAL_GL_MAX_CLIPMAP_VIRTUAL_DEPTH_SGIX 0x8178 #define LOCAL_GL_MAX_CLIP_DISTANCES 0x0D32 @@ -4681,19 +4678,16 @@ #define LOCAL_GL_UNPACK_ALIGNMENT 0x0CF5 #define LOCAL_GL_UNPACK_CLIENT_STORAGE_APPLE 0x85B2 #define LOCAL_GL_UNPACK_CMYK_HINT_EXT 0x800F -#define LOCAL_GL_UNPACK_COLORSPACE_CONVERSION_WEBGL 0x9243 #define LOCAL_GL_UNPACK_COMPRESSED_BLOCK_DEPTH 0x9129 #define LOCAL_GL_UNPACK_COMPRESSED_BLOCK_HEIGHT 0x9128 #define LOCAL_GL_UNPACK_COMPRESSED_BLOCK_SIZE 0x912A #define LOCAL_GL_UNPACK_COMPRESSED_BLOCK_WIDTH 0x9127 #define LOCAL_GL_UNPACK_COMPRESSED_SIZE_SGIX 0x831A #define LOCAL_GL_UNPACK_CONSTANT_DATA_SUNX 0x81D5 -#define LOCAL_GL_UNPACK_FLIP_Y_WEBGL 0x9240 #define LOCAL_GL_UNPACK_IMAGE_DEPTH_SGIS 0x8133 #define LOCAL_GL_UNPACK_IMAGE_HEIGHT 0x806E #define LOCAL_GL_UNPACK_IMAGE_HEIGHT_EXT 0x806E #define LOCAL_GL_UNPACK_LSB_FIRST 0x0CF1 -#define LOCAL_GL_UNPACK_PREMULTIPLY_ALPHA_WEBGL 0x9241 #define LOCAL_GL_UNPACK_RESAMPLE_OML 0x8985 #define LOCAL_GL_UNPACK_RESAMPLE_SGIX 0x842D #define LOCAL_GL_UNPACK_ROW_BYTES_APPLE 0x8A16 From 4eafe1a84a98e83244cdcc37b4b6af6e40b5be54 Mon Sep 17 00:00:00 2001 From: Kyle Machulis Date: Wed, 10 Jun 2015 16:16:40 -0700 Subject: [PATCH 134/297] Bug 1012403 - Reenable SettingsService tests; a=TEST-ONLY --- CLOBBER | 2 +- browser/installer/package-manifest.in | 2 + dom/settings/moz.build | 2 +- dom/settings/tests/mochitest.ini | 1 - dom/settings/tests/test_settings_service.js | 181 ++++++++++---------- 5 files changed, 97 insertions(+), 91 deletions(-) diff --git a/CLOBBER b/CLOBBER index 321838d35b0..860990bc94f 100644 --- a/CLOBBER +++ b/CLOBBER @@ -22,4 +22,4 @@ # changes to stick? As of bug 928195, this shouldn't be necessary! Please # don't change CLOBBER for WebIDL changes any more. -Bug 1165422 - Updated the Android SDK versions +Bug 1012403 - Update SettingsService tests (requires clobber due to package manifest change) diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index e2eb0b8118c..e40b7e04b7f 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -535,6 +535,8 @@ @RESPATH@/components/messageWakeupService.manifest @RESPATH@/components/SettingsManager.js @RESPATH@/components/SettingsManager.manifest +@BINPATH@/components/SettingsService.js +@BINPATH@/components/SettingsService.manifest @RESPATH@/components/Webapps.js @RESPATH@/components/Webapps.manifest @RESPATH@/components/AppsService.js diff --git a/dom/settings/moz.build b/dom/settings/moz.build index 10a6055ba12..325e8fca678 100644 --- a/dom/settings/moz.build +++ b/dom/settings/moz.build @@ -9,7 +9,7 @@ EXTRA_COMPONENTS += [ 'SettingsManager.manifest', ] -if CONFIG['MOZ_B2G']: +if CONFIG['MOZ_B2G'] or CONFIG['ENABLE_TESTS']: EXTRA_COMPONENTS += [ 'SettingsService.js', 'SettingsService.manifest', diff --git a/dom/settings/tests/mochitest.ini b/dom/settings/tests/mochitest.ini index 6d1ab67f309..87e3c3be926 100644 --- a/dom/settings/tests/mochitest.ini +++ b/dom/settings/tests/mochitest.ini @@ -1,5 +1,4 @@ [DEFAULT] -skip-if = (toolkit == 'gonk' && debug) #debug-only failure, bug 932878 support-files = file_loadserver.js file_bug1110872.js diff --git a/dom/settings/tests/test_settings_service.js b/dom/settings/tests/test_settings_service.js index 42f340acad1..33e026c137e 100644 --- a/dom/settings/tests/test_settings_service.js +++ b/dom/settings/tests/test_settings_service.js @@ -18,99 +18,104 @@ XPCOMUtils.defineLazyServiceGetter(this, "SettingsService", "nsISettingsService"); let tests = [ - /* Callback tests */ - function() { - let callbackCount = 10; + /* Callback tests */ + function() { + let callbackCount = 10; - let callback = { - handle: function(name, result) { - switch (callbackCount) { - case 10: - case 9: - is(result, true, "result is true"); - break; - case 8: - case 7: - is(result, false, "result is false"); - break; - case 6: - case 5: - is(result, 9, "result is 9"); - break; - case 4: - case 3: - is(result, 9.4, "result is 9.4"); - break; - case 2: - is(result, false, "result is false"); - break; - case 1: - is(result, null, "result is null"); - break; - default: - ok(false, "Unexpected call: " + callbackCount); - } + let callback = { + handle: function(name, result) { + switch (callbackCount) { + case 10: + case 9: + is(result, true, "result is true"); + break; + case 8: + case 7: + is(result, false, "result is false"); + break; + case 6: + case 5: + is(result, 9, "result is 9"); + break; + case 4: + case 3: + is(result, 9.4, "result is 9.4"); + break; + case 2: + is(result, false, "result is false"); + break; + case 1: + is(result, null, "result is null"); + break; + default: + ok(false, "Unexpected call: " + callbackCount); + } - --callbackCount; - if (callbackCount === 0) { - next(); - } + --callbackCount; + if (callbackCount === 0) { + next(); + } + }, + + handleError: function(name) { + ok(false, "error: " + name); + } + }; + + let lock = SettingsService.createLock(); + let lock1 = SettingsService.createLock(); + + lock.set("asdf", true, callback, null); + lock1.get("asdf", callback); + lock.get("asdf", callback); + lock.set("asdf", false, callback, null); + lock.get("asdf", callback); + lock.set("int", 9, callback, null); + lock.get("int", callback); + lock.set("doub", 9.4, callback, null); + lock.get("doub", callback); + lock1.get("asdfxxx", callback); }, - handleError: function(name) { - ok(false, "error: " + name); + /* Observer tests */ + function() { + const MOZSETTINGS_CHANGED = "mozsettings-changed"; + const TEST_OBSERVER_KEY = "test.observer.key"; + const TEST_OBSERVER_VALUE = true; + const TEST_OBSERVER_MESSAGE = "test.observer.message"; + + var obs = { + observe: function (subject, topic, data) { + + if (topic !== MOZSETTINGS_CHANGED) { + ok(false, "Event is not mozsettings-changed."); + return; + } + // Data is now stored in subject + if ("wrappedJSObject" in subject) { + ok(true, "JS object wrapped into subject"); + subject = subject.wrappedJSObject; + } + function checkProp(name, type, value) { + ok(name in subject, "subject." + name + " is present"); + is(typeof subject[name], type, "subject." + name + " is " + type); + is(subject[name], value, "subject." + name + " is " + value); + } + + checkProp("key", "string", TEST_OBSERVER_KEY); + checkProp("value", "boolean", TEST_OBSERVER_VALUE); + checkProp("isInternalChange", "boolean", true); + + Services.obs.removeObserver(this, MOZSETTINGS_CHANGED); + next(); + } + }; + + Services.obs.addObserver(obs, MOZSETTINGS_CHANGED, false); + + let lock = SettingsService.createLock(); + lock.set(TEST_OBSERVER_KEY, TEST_OBSERVER_VALUE, null); } - }; - - let lock = SettingsService.createLock(); - let lock1 = SettingsService.createLock(); - - lock.set("asdf", true, callback, null); - lock1.get("asdf", callback); - lock.get("asdf", callback); - lock.set("asdf", false, callback, null); - lock.get("asdf", callback); - lock.set("int", 9, callback, null); - lock.get("int", callback); - lock.set("doub", 9.4, callback, null); - lock.get("doub", callback); - lock1.get("asdfxxx", callback); - }, - - /* Observer tests */ - function() { - const MOZSETTINGS_CHANGED = "mozsettings-changed"; - const TEST_OBSERVER_KEY = "test.observer.key"; - const TEST_OBSERVER_VALUE = true; - const TEST_OBSERVER_MESSAGE = "test.observer.message"; - - function observer(subject, topic, data) { - - if (topic !== MOZSETTINGS_CHANGED) { - ok(false, "Event is not mozsettings-changed."); - return; - } - - data = JSON.parse(data); - function checkProp(name, type, value) { - ok(name in data, "data." + name + " is present"); - is(typeof data[name], type, "data." + name + " is " + type); - is(data[name], value, "data." + name + " is " + value); - } - - checkProp("key", "string", TEST_OBSERVER_KEY); - checkProp("value", "boolean", TEST_OBSERVER_VALUE); - checkProp("isInternalChange", "boolean", true); - - Services.obs.removeObserver(this, MOZSETTINGS_CHANGED); - next(); - } - - Services.obs.addObserver(observer, MOZSETTINGS_CHANGED, false); - - let lock = SettingsService.createLock(); - lock.set(TEST_OBSERVER_KEY, TEST_OBSERVER_VALUE, null); - } ]; function next() { From 55f73fe727494b6f09a6012eb81caa7396240d9e Mon Sep 17 00:00:00 2001 From: Daniel Holbert Date: Wed, 10 Jun 2015 22:59:45 -0700 Subject: [PATCH 135/297] Bug 1148294 followup: fix spec links in reftests flexbox-writing-mode-* to point to TR instead of ED spec version. (no review) DONTBUILD because just changing metadata within some tests --- .../w3c-css/submitted/flexbox/flexbox-writing-mode-001.html | 2 +- .../w3c-css/submitted/flexbox/flexbox-writing-mode-002.html | 2 +- .../w3c-css/submitted/flexbox/flexbox-writing-mode-003.html | 2 +- .../w3c-css/submitted/flexbox/flexbox-writing-mode-004.html | 2 +- .../w3c-css/submitted/flexbox/flexbox-writing-mode-005.html | 2 +- .../w3c-css/submitted/flexbox/flexbox-writing-mode-006.html | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/layout/reftests/w3c-css/submitted/flexbox/flexbox-writing-mode-001.html b/layout/reftests/w3c-css/submitted/flexbox/flexbox-writing-mode-001.html index a6ff66c6e85..b2fb6d3f1f0 100644 --- a/layout/reftests/w3c-css/submitted/flexbox/flexbox-writing-mode-001.html +++ b/layout/reftests/w3c-css/submitted/flexbox/flexbox-writing-mode-001.html @@ -7,7 +7,7 @@ CSS Test: Try various flex-flow values, with 'direction: ltr' and 'writing-mode: horizontal-tb' - + + + + +
+
+
+
+
+ + diff --git a/layout/reftests/writing-mode/1172774-percent-margin-2.html b/layout/reftests/writing-mode/1172774-percent-margin-2.html new file mode 100644 index 00000000000..55ce27f509c --- /dev/null +++ b/layout/reftests/writing-mode/1172774-percent-margin-2.html @@ -0,0 +1,59 @@ + + + + CSS Writing Modes Test: margin percentage and 'vertical-lr' + + + + + + +
+
+
+
+
+ + diff --git a/layout/reftests/writing-mode/1172774-percent-margin-3.html b/layout/reftests/writing-mode/1172774-percent-margin-3.html new file mode 100644 index 00000000000..03f5edde4f9 --- /dev/null +++ b/layout/reftests/writing-mode/1172774-percent-margin-3.html @@ -0,0 +1,63 @@ + + + + CSS Writing Modes Test: margin percentage and 'vertical-rl' + + + + + + +
+
+
+
+
+ + diff --git a/layout/reftests/writing-mode/1172774-percent-margin-4.html b/layout/reftests/writing-mode/1172774-percent-margin-4.html new file mode 100644 index 00000000000..adac543bed6 --- /dev/null +++ b/layout/reftests/writing-mode/1172774-percent-margin-4.html @@ -0,0 +1,63 @@ + + + + CSS Writing Modes Test: margin percentage and 'vertical-lr' + + + + + + +
+
+
+
+
+ + diff --git a/layout/reftests/writing-mode/1172774-percent-padding-1.html b/layout/reftests/writing-mode/1172774-percent-padding-1.html new file mode 100644 index 00000000000..d665db72528 --- /dev/null +++ b/layout/reftests/writing-mode/1172774-percent-padding-1.html @@ -0,0 +1,57 @@ + + + + CSS Writing Modes Test: padding percentage and 'vertical-rl' + + + + + +
+
Image download support must be enabled
+
+
Image download support must be enabled
+
+ + diff --git a/layout/reftests/writing-mode/1172774-percent-padding-2.html b/layout/reftests/writing-mode/1172774-percent-padding-2.html new file mode 100644 index 00000000000..2a9cb52f764 --- /dev/null +++ b/layout/reftests/writing-mode/1172774-percent-padding-2.html @@ -0,0 +1,58 @@ + + + + CSS Writing Modes Test: padding percentage and 'vertical-lr' + + + + + + +
+
Image download support must be enabled
+
+
Image download support must be enabled
+
+ + diff --git a/layout/reftests/writing-mode/1172774-percent-padding-3.html b/layout/reftests/writing-mode/1172774-percent-padding-3.html new file mode 100644 index 00000000000..fb897735a5c --- /dev/null +++ b/layout/reftests/writing-mode/1172774-percent-padding-3.html @@ -0,0 +1,62 @@ + + + + CSS Writing Modes Test: padding percentage and 'vertical-rl' + + + + + + +
+
Image download support must be enabled
+
+
Image download support must be enabled
+
+ + diff --git a/layout/reftests/writing-mode/1172774-percent-padding-4.html b/layout/reftests/writing-mode/1172774-percent-padding-4.html new file mode 100644 index 00000000000..a3d8859a5b1 --- /dev/null +++ b/layout/reftests/writing-mode/1172774-percent-padding-4.html @@ -0,0 +1,62 @@ + + + + CSS Writing Modes Test: padding percentage and 'vertical-lr' + + + + + + +
+
Image download support must be enabled
+
+
Image download support must be enabled
+
+ + diff --git a/layout/reftests/writing-mode/1172774-percent-vertical-ref.html b/layout/reftests/writing-mode/1172774-percent-vertical-ref.html new file mode 100644 index 00000000000..2fd2a2f08fa --- /dev/null +++ b/layout/reftests/writing-mode/1172774-percent-vertical-ref.html @@ -0,0 +1,10 @@ + + + + CSS Writing Modes Test: margin percentage and 'vertical-rl' + + + +
Image download support must be enabled
+ + \ No newline at end of file diff --git a/layout/reftests/writing-mode/blue-yellow-165w-206h.png b/layout/reftests/writing-mode/blue-yellow-165w-206h.png new file mode 100644 index 0000000000000000000000000000000000000000..3d70889ee25e01a2036b5bd49c189e700325deb6 GIT binary patch literal 460 zcmeAS@N?(olHy`uVBq!ia0vp^OM&O=u<5X=vX`mo` ziKnkC`+YVp4lTt;0doQv7#OoXT^vIyZoR#`k@tWCkE`Q}Zo zqFD~)qT25_Ma!FEU+kWB2Wx(xr;1b8&V6HUa39_E1RVkn6s!R;>mt+9BV03M9vBM( PV}ilc)z4*}Q$iB}`xxb| literal 0 HcmV?d00001 diff --git a/layout/reftests/writing-mode/blue-yellow-206w-165h.png b/layout/reftests/writing-mode/blue-yellow-206w-165h.png new file mode 100644 index 0000000000000000000000000000000000000000..47ceb84d3fbd2b09831616b9b53f565cf18bec07 GIT binary patch literal 463 zcmeAS@N?(olHy`uVBq!ia0vp^=YV)A2NRH-?H3A?U`coMb!1@J*w6hZkrl}2Ebxdd zW?X?_wfUrhg6t)pzOL-|8RZ!a4Sp%b+A=UO#(BCphE&{od-ot`LjaG%mO#m7MF#$+{rSaLb=5k67V>o`d z=#=Qq&tJy9JgZjq{VH-Sf%+AfOKakV`M*5^nv5$P5T0zd)~l}P@|1e!eFGTy44$rj JF6*2UngF03p}+tD literal 0 HcmV?d00001 diff --git a/layout/reftests/writing-mode/reftest.list b/layout/reftests/writing-mode/reftest.list index de7b241435c..a8174a84863 100644 --- a/layout/reftests/writing-mode/reftest.list +++ b/layout/reftests/writing-mode/reftest.list @@ -140,6 +140,14 @@ fails == 1147834-relative-overconstrained-vertical-rl-rtl.html 1147834-top-left- == 1157758-1-vertical-arabic.html 1157758-1-vertical-arabic-ref.html == 1158549-1-vertical-block-size-constraints.html 1158549-1-vertical-block-size-constraints-ref.html == 1163238-orthogonal-auto-margins.html 1163238-orthogonal-auto-margins-ref.html +== 1172774-percent-margin-1.html 1172774-percent-horizontal-ref.html +== 1172774-percent-margin-2.html 1172774-percent-horizontal-ref.html +== 1172774-percent-margin-3.html 1172774-percent-vertical-ref.html +== 1172774-percent-margin-4.html 1172774-percent-vertical-ref.html +== 1172774-percent-padding-1.html 1172774-percent-horizontal-ref.html +== 1172774-percent-padding-2.html 1172774-percent-horizontal-ref.html +== 1172774-percent-padding-3.html 1172774-percent-vertical-ref.html +== 1172774-percent-padding-4.html 1172774-percent-vertical-ref.html # Suite of tests from Gérard Talbot in bug 1079151 include abspos/reftest.list diff --git a/layout/reftests/writing-mode/swatch-yellow.png b/layout/reftests/writing-mode/swatch-yellow.png new file mode 100644 index 0000000000000000000000000000000000000000..1591aa0e2e274854ed836cf582235ea0202f9c8e GIT binary patch literal 84 zcmeAS@N?(olHy`uVBq!ia0vp^{2;L}@UB|w-0=Yb%E{-7; dw~`YS7=b)p2FBl7!dgHUgQu&X%Q~loCIDbL5Y7Mq literal 0 HcmV?d00001 From c6d59c76dce53a87d6b39233486228206e73452f Mon Sep 17 00:00:00 2001 From: Kyle Machulis Date: Wed, 10 Jun 2015 23:49:20 -0700 Subject: [PATCH 140/297] Backout 756fcc79ab98 due to bustage on OS X --- CLOBBER | 2 +- browser/installer/package-manifest.in | 2 - dom/settings/moz.build | 2 +- dom/settings/tests/mochitest.ini | 1 + dom/settings/tests/test_settings_service.js | 181 ++++++++++---------- 5 files changed, 91 insertions(+), 97 deletions(-) diff --git a/CLOBBER b/CLOBBER index 860990bc94f..321838d35b0 100644 --- a/CLOBBER +++ b/CLOBBER @@ -22,4 +22,4 @@ # changes to stick? As of bug 928195, this shouldn't be necessary! Please # don't change CLOBBER for WebIDL changes any more. -Bug 1012403 - Update SettingsService tests (requires clobber due to package manifest change) +Bug 1165422 - Updated the Android SDK versions diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in index e40b7e04b7f..e2eb0b8118c 100644 --- a/browser/installer/package-manifest.in +++ b/browser/installer/package-manifest.in @@ -535,8 +535,6 @@ @RESPATH@/components/messageWakeupService.manifest @RESPATH@/components/SettingsManager.js @RESPATH@/components/SettingsManager.manifest -@BINPATH@/components/SettingsService.js -@BINPATH@/components/SettingsService.manifest @RESPATH@/components/Webapps.js @RESPATH@/components/Webapps.manifest @RESPATH@/components/AppsService.js diff --git a/dom/settings/moz.build b/dom/settings/moz.build index 325e8fca678..10a6055ba12 100644 --- a/dom/settings/moz.build +++ b/dom/settings/moz.build @@ -9,7 +9,7 @@ EXTRA_COMPONENTS += [ 'SettingsManager.manifest', ] -if CONFIG['MOZ_B2G'] or CONFIG['ENABLE_TESTS']: +if CONFIG['MOZ_B2G']: EXTRA_COMPONENTS += [ 'SettingsService.js', 'SettingsService.manifest', diff --git a/dom/settings/tests/mochitest.ini b/dom/settings/tests/mochitest.ini index 87e3c3be926..6d1ab67f309 100644 --- a/dom/settings/tests/mochitest.ini +++ b/dom/settings/tests/mochitest.ini @@ -1,4 +1,5 @@ [DEFAULT] +skip-if = (toolkit == 'gonk' && debug) #debug-only failure, bug 932878 support-files = file_loadserver.js file_bug1110872.js diff --git a/dom/settings/tests/test_settings_service.js b/dom/settings/tests/test_settings_service.js index 33e026c137e..42f340acad1 100644 --- a/dom/settings/tests/test_settings_service.js +++ b/dom/settings/tests/test_settings_service.js @@ -18,104 +18,99 @@ XPCOMUtils.defineLazyServiceGetter(this, "SettingsService", "nsISettingsService"); let tests = [ - /* Callback tests */ - function() { - let callbackCount = 10; + /* Callback tests */ + function() { + let callbackCount = 10; - let callback = { - handle: function(name, result) { - switch (callbackCount) { - case 10: - case 9: - is(result, true, "result is true"); - break; - case 8: - case 7: - is(result, false, "result is false"); - break; - case 6: - case 5: - is(result, 9, "result is 9"); - break; - case 4: - case 3: - is(result, 9.4, "result is 9.4"); - break; - case 2: - is(result, false, "result is false"); - break; - case 1: - is(result, null, "result is null"); - break; - default: - ok(false, "Unexpected call: " + callbackCount); - } + let callback = { + handle: function(name, result) { + switch (callbackCount) { + case 10: + case 9: + is(result, true, "result is true"); + break; + case 8: + case 7: + is(result, false, "result is false"); + break; + case 6: + case 5: + is(result, 9, "result is 9"); + break; + case 4: + case 3: + is(result, 9.4, "result is 9.4"); + break; + case 2: + is(result, false, "result is false"); + break; + case 1: + is(result, null, "result is null"); + break; + default: + ok(false, "Unexpected call: " + callbackCount); + } - --callbackCount; - if (callbackCount === 0) { - next(); - } - }, - - handleError: function(name) { - ok(false, "error: " + name); - } - }; - - let lock = SettingsService.createLock(); - let lock1 = SettingsService.createLock(); - - lock.set("asdf", true, callback, null); - lock1.get("asdf", callback); - lock.get("asdf", callback); - lock.set("asdf", false, callback, null); - lock.get("asdf", callback); - lock.set("int", 9, callback, null); - lock.get("int", callback); - lock.set("doub", 9.4, callback, null); - lock.get("doub", callback); - lock1.get("asdfxxx", callback); + --callbackCount; + if (callbackCount === 0) { + next(); + } }, - /* Observer tests */ - function() { - const MOZSETTINGS_CHANGED = "mozsettings-changed"; - const TEST_OBSERVER_KEY = "test.observer.key"; - const TEST_OBSERVER_VALUE = true; - const TEST_OBSERVER_MESSAGE = "test.observer.message"; - - var obs = { - observe: function (subject, topic, data) { - - if (topic !== MOZSETTINGS_CHANGED) { - ok(false, "Event is not mozsettings-changed."); - return; - } - // Data is now stored in subject - if ("wrappedJSObject" in subject) { - ok(true, "JS object wrapped into subject"); - subject = subject.wrappedJSObject; - } - function checkProp(name, type, value) { - ok(name in subject, "subject." + name + " is present"); - is(typeof subject[name], type, "subject." + name + " is " + type); - is(subject[name], value, "subject." + name + " is " + value); - } - - checkProp("key", "string", TEST_OBSERVER_KEY); - checkProp("value", "boolean", TEST_OBSERVER_VALUE); - checkProp("isInternalChange", "boolean", true); - - Services.obs.removeObserver(this, MOZSETTINGS_CHANGED); - next(); - } - }; - - Services.obs.addObserver(obs, MOZSETTINGS_CHANGED, false); - - let lock = SettingsService.createLock(); - lock.set(TEST_OBSERVER_KEY, TEST_OBSERVER_VALUE, null); + handleError: function(name) { + ok(false, "error: " + name); } + }; + + let lock = SettingsService.createLock(); + let lock1 = SettingsService.createLock(); + + lock.set("asdf", true, callback, null); + lock1.get("asdf", callback); + lock.get("asdf", callback); + lock.set("asdf", false, callback, null); + lock.get("asdf", callback); + lock.set("int", 9, callback, null); + lock.get("int", callback); + lock.set("doub", 9.4, callback, null); + lock.get("doub", callback); + lock1.get("asdfxxx", callback); + }, + + /* Observer tests */ + function() { + const MOZSETTINGS_CHANGED = "mozsettings-changed"; + const TEST_OBSERVER_KEY = "test.observer.key"; + const TEST_OBSERVER_VALUE = true; + const TEST_OBSERVER_MESSAGE = "test.observer.message"; + + function observer(subject, topic, data) { + + if (topic !== MOZSETTINGS_CHANGED) { + ok(false, "Event is not mozsettings-changed."); + return; + } + + data = JSON.parse(data); + function checkProp(name, type, value) { + ok(name in data, "data." + name + " is present"); + is(typeof data[name], type, "data." + name + " is " + type); + is(data[name], value, "data." + name + " is " + value); + } + + checkProp("key", "string", TEST_OBSERVER_KEY); + checkProp("value", "boolean", TEST_OBSERVER_VALUE); + checkProp("isInternalChange", "boolean", true); + + Services.obs.removeObserver(this, MOZSETTINGS_CHANGED); + next(); + } + + Services.obs.addObserver(observer, MOZSETTINGS_CHANGED, false); + + let lock = SettingsService.createLock(); + lock.set(TEST_OBSERVER_KEY, TEST_OBSERVER_VALUE, null); + } ]; function next() { From 062f149fe032072f3b615e54160fc540b740f68c Mon Sep 17 00:00:00 2001 From: Jon Coppeard Date: Thu, 11 Jun 2015 07:58:36 +0100 Subject: [PATCH 141/297] Bug 1172193 - Also collect zones with cross zone pointers into the scheduled set r=terrence --- js/src/gc/GCRuntime.h | 1 + js/src/gc/RootMarking.cpp | 7 ++++++ js/src/jsgc.cpp | 45 +++++++++++++++++++++++++++++++++++++++ 3 files changed, 53 insertions(+) diff --git a/js/src/gc/GCRuntime.h b/js/src/gc/GCRuntime.h index 51013b99e5c..890fe100b2d 100644 --- a/js/src/gc/GCRuntime.h +++ b/js/src/gc/GCRuntime.h @@ -893,6 +893,7 @@ class GCRuntime SliceBudget defaultBudget(JS::gcreason::Reason reason, int64_t millis); void collect(bool incremental, SliceBudget budget, JS::gcreason::Reason reason); bool gcCycle(bool incremental, SliceBudget& budget, JS::gcreason::Reason reason); + void scheduleZonesWithIncomingCCWs(); gcstats::ZoneGCStats scanZonesBeforeGC(); void budgetIncrementalGC(SliceBudget& budget); void resetIncrementalGC(const char* reason); diff --git a/js/src/gc/RootMarking.cpp b/js/src/gc/RootMarking.cpp index bb0681fc402..e32373a5f87 100644 --- a/js/src/gc/RootMarking.cpp +++ b/js/src/gc/RootMarking.cpp @@ -418,10 +418,17 @@ js::gc::GCRuntime::markRuntime(JSTracer* trc, if (traceOrMark == MarkRuntime) { gcstats::AutoPhase ap(stats, gcstats::PHASE_MARK_CCWS); + /* + * For the first collection that happens in GCRuntime::collect() there + * should be no incoming edges from CCWs in uncollected zones, but for + * subsequent collections (e.g. caused by resets) this may no longer be + * true so we need to mark them here. + */ for (CompartmentsIter c(rt, SkipAtoms); !c.done(); c.next()) { if (!c->zone()->isCollecting()) c->markCrossCompartmentWrappers(trc); } + Debugger::markIncomingCrossCompartmentEdges(trc); } diff --git a/js/src/jsgc.cpp b/js/src/jsgc.cpp index eafd362940f..25389cfef2b 100644 --- a/js/src/jsgc.cpp +++ b/js/src/jsgc.cpp @@ -6091,6 +6091,49 @@ IsDeterministicGCReason(JS::gcreason::Reason reason) } #endif +void +GCRuntime::scheduleZonesWithIncomingCCWs() +{ + bool scheduledZones; + do { + scheduledZones = false; + for (ZonesIter zone(rt, SkipAtoms); !zone.done(); zone.next()) { + if (zone->isGCScheduled()) + continue; + for (CompartmentsInZoneIter comp(zone); !comp.done(); comp.next()) { + for (JSCompartment::WrapperEnum e(comp); !e.empty(); e.popFront()) { + const CrossCompartmentKey& key = e.front().key(); + if (key.kind == CrossCompartmentKey::ObjectWrapper) { + Zone* dest = static_cast(key.wrapped)->zone(); + if (dest->isGCScheduled()) { + zone->scheduleGC(); + scheduledZones = true; + goto nextZone; + } + } + } + } + nextZone:; + } + } while (scheduledZones); + +#ifdef DEBUG + for (ZonesIter zone(rt, SkipAtoms); !zone.done(); zone.next()) { + if (zone->isGCScheduled()) + continue; + for (CompartmentsInZoneIter comp(zone); !comp.done(); comp.next()) { + for (JSCompartment::WrapperEnum e(comp); !e.empty(); e.popFront()) { + const CrossCompartmentKey& key = e.front().key(); + if (key.kind == CrossCompartmentKey::ObjectWrapper) { + Zone* dest = static_cast(key.wrapped)->zone(); + MOZ_ASSERT(!dest->isGCScheduled()); + } + } + } + } +#endif +} + gcstats::ZoneGCStats GCRuntime::scanZonesBeforeGC() { @@ -6145,6 +6188,8 @@ GCRuntime::collect(bool incremental, SliceBudget budget, JS::gcreason::Reason re AutoStopVerifyingBarriers av(rt, reason == JS::gcreason::SHUTDOWN_CC || reason == JS::gcreason::DESTROY_RUNTIME); + scheduleZonesWithIncomingCCWs(); + gcstats::AutoGCSlice agc(stats, scanZonesBeforeGC(), invocationKind, budget, reason); bool repeat = false; From 94ce6c542b2424707585bc86206414d7f8bddda1 Mon Sep 17 00:00:00 2001 From: Jon Coppeard Date: Thu, 11 Jun 2015 07:58:36 +0100 Subject: [PATCH 142/297] Bug 1172641 - Fix class tests to not fail on builds where classes are not enabled r=shu --- .../basic/syntax-error-illegal-character.js | 63 +++++++++--------- .../tests/modules/export-declaration.js | 65 ++++++++++--------- js/src/tests/ecma_6/Class/newTargetMethods.js | 5 ++ .../ecma_6/Class/superPropEvalInsideArrow.js | 6 ++ .../ecma_6/Class/superPropHeavyweightArrow.js | 6 ++ 5 files changed, 86 insertions(+), 59 deletions(-) diff --git a/js/src/jit-test/tests/basic/syntax-error-illegal-character.js b/js/src/jit-test/tests/basic/syntax-error-illegal-character.js index 1a8551bafa7..0205bbcdd45 100644 --- a/js/src/jit-test/tests/basic/syntax-error-illegal-character.js +++ b/js/src/jit-test/tests/basic/syntax-error-illegal-character.js @@ -1,3 +1,5 @@ +load(libdir + "class.js"); + var JSMSG_ILLEGAL_CHARACTER = "illegal character"; var JSMSG_UNTERMINATED_STRING = "unterminated string literal"; @@ -25,7 +27,6 @@ function test_eval(code) { assertEq(caught, true); } - function test(code) { test_reflect(code); test_reflect("'use strict'; " + code); @@ -468,16 +469,18 @@ test_no_fun_no_eval("export const a = 1, b = @"); test_no_fun_no_eval("export const a = 1, b = 2 @"); test_no_fun_no_eval("export const a = 1, b = 2; @"); -test_no_fun_no_eval("export class @"); -test_no_fun_no_eval("export class Foo @"); -test_no_fun_no_eval("export class Foo { @"); -test_no_fun_no_eval("export class Foo { constructor @"); -test_no_fun_no_eval("export class Foo { constructor( @"); -test_no_fun_no_eval("export class Foo { constructor() @"); -test_no_fun_no_eval("export class Foo { constructor() { @"); -test_no_fun_no_eval("export class Foo { constructor() {} @"); -test_no_fun_no_eval("export class Foo { constructor() {} } @"); -test_no_fun_no_eval("export class Foo { constructor() {} }; @"); +if (classesEnabled()) { + test_no_fun_no_eval("export class @"); + test_no_fun_no_eval("export class Foo @"); + test_no_fun_no_eval("export class Foo { @"); + test_no_fun_no_eval("export class Foo { constructor @"); + test_no_fun_no_eval("export class Foo { constructor( @"); + test_no_fun_no_eval("export class Foo { constructor() @"); + test_no_fun_no_eval("export class Foo { constructor() { @"); + test_no_fun_no_eval("export class Foo { constructor() {} @"); + test_no_fun_no_eval("export class Foo { constructor() {} } @"); + test_no_fun_no_eval("export class Foo { constructor() {} }; @"); +} test_no_fun_no_eval("export default @"); test_no_fun_no_eval("export default 1 @"); @@ -496,25 +499,27 @@ test_no_fun_no_eval("export default function foo() { @"); test_no_fun_no_eval("export default function foo() {} @"); test_no_fun_no_eval("export default function foo() {}; @"); -test_no_fun_no_eval("export default class @"); -test_no_fun_no_eval("export default class { @"); -test_no_fun_no_eval("export default class { constructor @"); -test_no_fun_no_eval("export default class { constructor( @"); -test_no_fun_no_eval("export default class { constructor() @"); -test_no_fun_no_eval("export default class { constructor() { @"); -test_no_fun_no_eval("export default class { constructor() {} @"); -test_no_fun_no_eval("export default class { constructor() {} } @"); -test_no_fun_no_eval("export default class { constructor() {} }; @"); +if (classesEnabled()) { + test_no_fun_no_eval("export default class @"); + test_no_fun_no_eval("export default class { @"); + test_no_fun_no_eval("export default class { constructor @"); + test_no_fun_no_eval("export default class { constructor( @"); + test_no_fun_no_eval("export default class { constructor() @"); + test_no_fun_no_eval("export default class { constructor() { @"); + test_no_fun_no_eval("export default class { constructor() {} @"); + test_no_fun_no_eval("export default class { constructor() {} } @"); + test_no_fun_no_eval("export default class { constructor() {} }; @"); -test_no_fun_no_eval("export default class Foo @"); -test_no_fun_no_eval("export default class Foo { @"); -test_no_fun_no_eval("export default class Foo { constructor @"); -test_no_fun_no_eval("export default class Foo { constructor( @"); -test_no_fun_no_eval("export default class Foo { constructor() @"); -test_no_fun_no_eval("export default class Foo { constructor() { @"); -test_no_fun_no_eval("export default class Foo { constructor() {} @"); -test_no_fun_no_eval("export default class Foo { constructor() {} } @"); -test_no_fun_no_eval("export default class Foo { constructor() {} }; @"); + test_no_fun_no_eval("export default class Foo @"); + test_no_fun_no_eval("export default class Foo { @"); + test_no_fun_no_eval("export default class Foo { constructor @"); + test_no_fun_no_eval("export default class Foo { constructor( @"); + test_no_fun_no_eval("export default class Foo { constructor() @"); + test_no_fun_no_eval("export default class Foo { constructor() { @"); + test_no_fun_no_eval("export default class Foo { constructor() {} @"); + test_no_fun_no_eval("export default class Foo { constructor() {} } @"); + test_no_fun_no_eval("export default class Foo { constructor() {} }; @"); +} // import diff --git a/js/src/jit-test/tests/modules/export-declaration.js b/js/src/jit-test/tests/modules/export-declaration.js index 3dc2869b2b3..4036a748852 100644 --- a/js/src/jit-test/tests/modules/export-declaration.js +++ b/js/src/jit-test/tests/modules/export-declaration.js @@ -1,5 +1,6 @@ load(libdir + "match.js"); load(libdir + "asserts.js"); +load(libdir + "class.js"); var { Pattern, MatchError } = Match; @@ -202,16 +203,18 @@ program([ ) ]).assert(Reflect.parse("export function f() {}")); -program([ - exportDeclaration( - classDeclaration( - ident("Foo") - ), - null, - null, - false - ) -]).assert(Reflect.parse("export class Foo { constructor() {} }")); +if (classesEnabled()) { + program([ + exportDeclaration( + classDeclaration( + ident("Foo") + ), + null, + null, + false + ) + ]).assert(Reflect.parse("export class Foo { constructor() {} }")); +} program([ exportDeclaration( @@ -292,27 +295,29 @@ program([ ) ]).assert(Reflect.parse("export default function foo() {}")); -program([ - exportDeclaration( - classDeclaration( - ident("*default*") - ), - null, - null, - true - ) -]).assert(Reflect.parse("export default class { constructor() {} }")); +if (classesEnabled()) { + program([ + exportDeclaration( + classDeclaration( + ident("*default*") + ), + null, + null, + true + ) + ]).assert(Reflect.parse("export default class { constructor() {} }")); -program([ - exportDeclaration( - classDeclaration( - ident("Foo") - ), - null, - null, - true - ) -]).assert(Reflect.parse("export default class Foo { constructor() {} }")); + program([ + exportDeclaration( + classDeclaration( + ident("Foo") + ), + null, + null, + true + ) + ]).assert(Reflect.parse("export default class Foo { constructor() {} }")); +} program([ exportDeclaration( diff --git a/js/src/tests/ecma_6/Class/newTargetMethods.js b/js/src/tests/ecma_6/Class/newTargetMethods.js index 84dba1cec72..055ec0bf198 100644 --- a/js/src/tests/ecma_6/Class/newTargetMethods.js +++ b/js/src/tests/ecma_6/Class/newTargetMethods.js @@ -1,3 +1,5 @@ +var test = ` + // Just like newTargetDirectInvoke, except to prove it works in functions // defined with method syntax as well. Note that methods, getters, and setters // are not constructible. @@ -46,7 +48,10 @@ for (let i = 0; i < TEST_ITERATIONS; i++) clInst.cl; for (let i = 0; i < TEST_ITERATIONS; i++) clInst.cl = 4; +`; +if (classesEnabled()) + eval(test); if (typeof reportCompare === "function") reportCompare(0,0,"OK"); diff --git a/js/src/tests/ecma_6/Class/superPropEvalInsideArrow.js b/js/src/tests/ecma_6/Class/superPropEvalInsideArrow.js index 882f93ba0ac..c81d86c3dc0 100644 --- a/js/src/tests/ecma_6/Class/superPropEvalInsideArrow.js +++ b/js/src/tests/ecma_6/Class/superPropEvalInsideArrow.js @@ -1,3 +1,5 @@ +var test = ` + class foo { constructor() { } @@ -6,6 +8,10 @@ class foo { } } assertEq(new foo().method()(), Object.prototype.toString); +`; + +if (classesEnabled()) + eval(test); if (typeof reportCompare === "function") reportCompare(0,0,"OK"); diff --git a/js/src/tests/ecma_6/Class/superPropHeavyweightArrow.js b/js/src/tests/ecma_6/Class/superPropHeavyweightArrow.js index ce30690d539..dda69edc0c7 100644 --- a/js/src/tests/ecma_6/Class/superPropHeavyweightArrow.js +++ b/js/src/tests/ecma_6/Class/superPropHeavyweightArrow.js @@ -1,3 +1,5 @@ +var test = ` + class foo { constructor() { } @@ -7,6 +9,10 @@ class foo { } assertEq(new foo().method()(), Object.prototype.toString); +`; + +if (classesEnabled()) + eval(test); if (typeof reportCompare === "function") reportCompare(0,0,"OK"); From d5fbe794497de67d78abb32ddc3abe90cc307d86 Mon Sep 17 00:00:00 2001 From: Jean-Yves Avenard Date: Thu, 11 Jun 2015 15:49:49 +1000 Subject: [PATCH 143/297] Bug 1171330: P1. Add ContainerParser::MediaSegmentRange() method. r=kentuckyfriedtakahe And add abilities to MoofParser to indicate if a media segment is complete. In MP4 a media segment is made of a moof atom followed by one (or more) mdat atoms. --- dom/media/mediasource/ContainerParser.cpp | 34 +++++++++++-------- dom/media/mediasource/ContainerParser.h | 5 +++ media/libstagefright/binding/MoofParser.cpp | 23 +++++++++++++ .../binding/include/mp4_demuxer/MoofParser.h | 2 ++ 4 files changed, 50 insertions(+), 14 deletions(-) diff --git a/dom/media/mediasource/ContainerParser.cpp b/dom/media/mediasource/ContainerParser.cpp index 7b71016eaea..f867c5da150 100644 --- a/dom/media/mediasource/ContainerParser.cpp +++ b/dom/media/mediasource/ContainerParser.cpp @@ -92,6 +92,12 @@ ContainerParser::InitData() return mInitData; } +MediaByteRange +ContainerParser::MediaSegmentRange() +{ + return mCompleteByteRange; +} + class WebMContainerParser : public ContainerParser { public: explicit WebMContainerParser(const nsACString& aType) @@ -103,7 +109,7 @@ public: static const unsigned NS_PER_USEC = 1000; static const unsigned USEC_PER_SEC = 1000000; - bool IsInitSegmentPresent(MediaLargeByteBuffer* aData) + bool IsInitSegmentPresent(MediaLargeByteBuffer* aData) override { ContainerParser::IsInitSegmentPresent(aData); // XXX: This is overly primitive, needs to collect data as it's appended @@ -126,7 +132,7 @@ public: return false; } - bool IsMediaSegmentPresent(MediaLargeByteBuffer* aData) + bool IsMediaSegmentPresent(MediaLargeByteBuffer* aData) override { ContainerParser::IsMediaSegmentPresent(aData); // XXX: This is overly primitive, needs to collect data as it's appended @@ -148,7 +154,7 @@ public: } bool ParseStartAndEndTimestamps(MediaLargeByteBuffer* aData, - int64_t& aStart, int64_t& aEnd) + int64_t& aStart, int64_t& aEnd) override { bool initSegment = IsInitSegmentPresent(aData); if (initSegment) { @@ -219,7 +225,7 @@ public: return true; } - int64_t GetRoundingError() + int64_t GetRoundingError() override { int64_t error = mParser.GetTimecodeScale() / NS_PER_USEC; return error * 2; @@ -239,7 +245,7 @@ public: , mMonitor("MP4ContainerParser Index Monitor") {} - bool IsInitSegmentPresent(MediaLargeByteBuffer* aData) + bool IsInitSegmentPresent(MediaLargeByteBuffer* aData) override { ContainerParser::IsInitSegmentPresent(aData); // Each MP4 atom has a chunk size and chunk type. The root chunk in an MP4 @@ -259,7 +265,7 @@ public: (*aData)[7] == 'p'; } - bool IsMediaSegmentPresent(MediaLargeByteBuffer* aData) + bool IsMediaSegmentPresent(MediaLargeByteBuffer* aData) override { ContainerParser::IsMediaSegmentPresent(aData); if (aData->Length() < 8) { @@ -280,7 +286,7 @@ public: } bool ParseStartAndEndTimestamps(MediaLargeByteBuffer* aData, - int64_t& aStart, int64_t& aEnd) + int64_t& aStart, int64_t& aEnd) override { MonitorAutoLock mon(mMonitor); // We're not actually racing against anything, // but mParser requires us to hold a monitor. @@ -306,17 +312,16 @@ public: mParser->RebuildFragmentedIndex(byteRanges); if (initSegment || !HasCompleteInitData()) { - const MediaByteRange& range = mParser->mInitRange; - uint32_t length = range.mEnd - range.mStart; - if (length) { - if (!mInitData->SetLength(length, fallible)) { + MediaByteRange& range = mParser->mInitRange; + if (range.Length()) { + if (!mInitData->SetLength(range.Length(), fallible)) { // Super unlikely OOM return false; } char* buffer = reinterpret_cast(mInitData->Elements()); - mResource->ReadFromCache(buffer, range.mStart, length); + mResource->ReadFromCache(buffer, range.mStart, range.Length()); MSE_DEBUG(MP4ContainerParser ,"Stashed init of %u bytes.", - length); + range.Length()); } else { MSE_DEBUG(MP4ContainerParser, "Incomplete init found."); } @@ -326,6 +331,7 @@ public: mp4_demuxer::Interval compositionRange = mParser->GetCompositionRange(byteRanges); + mCompleteByteRange = mParser->FirstCompleteMediaSegment(); ErrorResult rv; mResource->EvictData(mParser->mOffset, mParser->mOffset, rv); if (NS_WARN_IF(rv.Failed())) { @@ -345,7 +351,7 @@ public: // Gaps of up to 35ms (marginally longer than a single frame at 30fps) are considered // to be sequential frames. - int64_t GetRoundingError() + int64_t GetRoundingError() override { return 35000; } diff --git a/dom/media/mediasource/ContainerParser.h b/dom/media/mediasource/ContainerParser.h index e4fa837b2af..12c008828eb 100644 --- a/dom/media/mediasource/ContainerParser.h +++ b/dom/media/mediasource/ContainerParser.h @@ -9,6 +9,7 @@ #include "nsRefPtr.h" #include "nsString.h" +#include "MediaResource.h" namespace mozilla { @@ -51,6 +52,9 @@ public: } bool HasCompleteInitData(); + // Return the byte range of the first complete media segment or an empty + // range if not complete. + MediaByteRange MediaSegmentRange(); static ContainerParser* CreateForMIMEType(const nsACString& aType); @@ -58,6 +62,7 @@ protected: nsRefPtr mInitData; nsRefPtr mResource; bool mHasInitData; + MediaByteRange mCompleteByteRange; const nsCString mType; }; diff --git a/media/libstagefright/binding/MoofParser.cpp b/media/libstagefright/binding/MoofParser.cpp index 3a7c445a35e..7c5e0d976c6 100644 --- a/media/libstagefright/binding/MoofParser.cpp +++ b/media/libstagefright/binding/MoofParser.cpp @@ -6,6 +6,7 @@ #include "mp4_demuxer/Box.h" #include "mp4_demuxer/SinfParser.h" #include +#include "Intervals.h" #include "mozilla/Logging.h" @@ -42,6 +43,7 @@ bool MoofParser::RebuildFragmentedIndex(BoxContext& aContext) { bool foundValidMoof = false; + bool foundMdat = false; for (Box box(&aContext, mOffset); box.IsAvailable(); box = box.Next()) { if (box.IsType("moov")) { @@ -62,13 +64,34 @@ MoofParser::RebuildFragmentedIndex(BoxContext& aContext) } mMoofs.AppendElement(moof); + mMediaRanges.AppendElement(moof.mRange); foundValidMoof = true; + } else if (box.IsType("mdat") && !Moofs().IsEmpty()) { + // Check if we have all our data from last moof. + Moof& moof = Moofs().LastElement(); + media::Interval datarange(moof.mMdatRange.mStart, moof.mMdatRange.mEnd, 0); + media::Interval mdat(box.Range().mStart, box.Range().mEnd, 0); + if (datarange.Intersects(mdat)) { + mMediaRanges.LastElement() = + mMediaRanges.LastElement().Extents(box.Range()); + } } mOffset = box.NextOffset(); } return foundValidMoof; } +MediaByteRange +MoofParser::FirstCompleteMediaSegment() +{ + for (uint32_t i = 0 ; i < mMediaRanges.Length(); i++) { + if (mMediaRanges[i].Contains(Moofs()[i].mMdatRange)) { + return mMediaRanges[i]; + } + } + return MediaByteRange(); +} + class BlockingStream : public Stream { public: explicit BlockingStream(Stream* aStream) : mStream(aStream) diff --git a/media/libstagefright/binding/include/mp4_demuxer/MoofParser.h b/media/libstagefright/binding/include/mp4_demuxer/MoofParser.h index a87703560cb..fa5648546a1 100644 --- a/media/libstagefright/binding/include/mp4_demuxer/MoofParser.h +++ b/media/libstagefright/binding/include/mp4_demuxer/MoofParser.h @@ -225,6 +225,7 @@ public: bool BlockingReadNextMoof(); bool HasMetadata(); + MediaByteRange FirstCompleteMediaSegment(); mozilla::MediaByteRange mInitRange; nsRefPtr mSource; @@ -240,6 +241,7 @@ public: nsTArray& Moofs() { mMonitor->AssertCurrentThreadOwns(); return mMoofs; } private: nsTArray mMoofs; + nsTArray mMediaRanges; bool mIsAudio; }; } From d1475aa9ef2e9919a059067bc1559d9a4f00a131 Mon Sep 17 00:00:00 2001 From: Jean-Yves Avenard Date: Thu, 11 Jun 2015 15:49:49 +1000 Subject: [PATCH 144/297] Bug 1171330: P2. Add -= and - operator to IntervalSet. r=mattwoodrow Remove an interval from an interval set. --- dom/media/Intervals.h | 24 ++++++ dom/media/gtest/TestIntervalSet.cpp | 127 ++++++++++++++++++++-------- 2 files changed, 117 insertions(+), 34 deletions(-) diff --git a/dom/media/Intervals.h b/dom/media/Intervals.h index a4d70b06b0c..4c051f61d0b 100644 --- a/dom/media/Intervals.h +++ b/dom/media/Intervals.h @@ -389,6 +389,30 @@ public: return intervals; } + // Excludes an interval from an IntervalSet. + // This is done by inverting aInterval within the bounds of mIntervals + // and then doing the intersection. + SelfType& operator-= (const ElemType& aInterval) + { + if (aInterval.IsEmpty() || mIntervals.IsEmpty()) { + return *this; + } + T firstEnd = std::max(mIntervals[0].mStart, aInterval.mStart); + T secondStart = std::min(mIntervals.LastElement().mEnd, aInterval.mEnd); + ElemType startInterval(mIntervals[0].mStart, firstEnd, aInterval.mFuzz); + ElemType endInterval(secondStart, mIntervals.LastElement().mEnd, aInterval.mFuzz); + SelfType intervals(Move(startInterval)); + intervals += Move(endInterval); + return Intersection(intervals); + } + + SelfType operator- (const ElemType& aInterval) + { + SelfType intervals(*this); + intervals -= aInterval; + return intervals; + } + // Mutate this IntervalSet to be the union of this and aOther. SelfType& Union(const SelfType& aOther) { diff --git a/dom/media/gtest/TestIntervalSet.cpp b/dom/media/gtest/TestIntervalSet.cpp index 08aac2041ee..f2198320f53 100644 --- a/dom/media/gtest/TestIntervalSet.cpp +++ b/dom/media/gtest/TestIntervalSet.cpp @@ -14,6 +14,7 @@ using namespace mozilla; typedef media::Interval ByteInterval; typedef media::Interval IntInterval; +typedef media::IntervalSet IntIntervals; ByteInterval CreateByteInterval(int32_t aStart, int32_t aEnd) { @@ -150,18 +151,18 @@ TEST(IntervalSet, Equals) TEST(IntervalSet, IntersectionIntervalSet) { - media::IntervalSet i0; + IntIntervals i0; i0 += IntInterval(5, 10); i0 += IntInterval(20, 25); i0 += IntInterval(40, 60); - media::IntervalSet i1; + IntIntervals i1; i1.Add(IntInterval(7, 15)); i1.Add(IntInterval(16, 27)); i1.Add(IntInterval(45, 50)); i1.Add(IntInterval(53, 57)); - media::IntervalSet i = media::Intersection(i0, i1); + IntIntervals i = media::Intersection(i0, i1); EXPECT_EQ(4u, i.Length()); @@ -192,10 +193,10 @@ static void Compare(const media::IntervalSet& aI1, } } -static void GeneratePermutations(media::IntervalSet aI1, - media::IntervalSet aI2) +static void GeneratePermutations(IntIntervals aI1, + IntIntervals aI2) { - media::IntervalSet i_ref = media::Intersection(aI1, aI2); + IntIntervals i_ref = media::Intersection(aI1, aI2); // Test all permutations possible std::vector comb1; for (uint32_t i = 0; i < aI1.Length(); i++) { @@ -209,13 +210,13 @@ static void GeneratePermutations(media::IntervalSet aI1, do { do { // Create intervals according to new indexes. - media::IntervalSet i_0; + IntIntervals i_0; for (uint32_t i = 0; i < comb1.size(); i++) { i_0 += aI1[comb1[i]]; } // Test that intervals are always normalized. Compare(aI1, i_0); - media::IntervalSet i_1; + IntIntervals i_1; for (uint32_t i = 0; i < comb2.size(); i++) { i_1 += aI2[comb2[i]]; } @@ -228,12 +229,12 @@ static void GeneratePermutations(media::IntervalSet aI1, TEST(IntervalSet, IntersectionNormalizedIntervalSet) { - media::IntervalSet i0; + IntIntervals i0; i0 += IntInterval(5, 10); i0 += IntInterval(20, 25); i0 += IntInterval(40, 60); - media::IntervalSet i1; + IntIntervals i1; i1.Add(IntInterval(7, 15)); i1.Add(IntInterval(16, 27)); i1.Add(IntInterval(45, 50)); @@ -244,12 +245,12 @@ TEST(IntervalSet, IntersectionNormalizedIntervalSet) TEST(IntervalSet, IntersectionUnorderedNonNormalizedIntervalSet) { - media::IntervalSet i0; + IntIntervals i0; i0 += IntInterval(5, 10); i0 += IntInterval(8, 25); i0 += IntInterval(24, 60); - media::IntervalSet i1; + IntIntervals i1; i1.Add(IntInterval(7, 15)); i1.Add(IntInterval(10, 27)); i1.Add(IntInterval(45, 50)); @@ -260,7 +261,7 @@ TEST(IntervalSet, IntersectionUnorderedNonNormalizedIntervalSet) TEST(IntervalSet, IntersectionNonNormalizedInterval) { - media::IntervalSet i0; + IntIntervals i0; i0 += IntInterval(5, 10); i0 += IntInterval(8, 25); i0 += IntInterval(30, 60); @@ -274,7 +275,7 @@ TEST(IntervalSet, IntersectionNonNormalizedInterval) TEST(IntervalSet, IntersectionUnorderedNonNormalizedInterval) { - media::IntervalSet i0; + IntIntervals i0; i0 += IntInterval(1, 3); i0 += IntInterval(1, 10); i0 += IntInterval(9, 12); @@ -291,22 +292,22 @@ TEST(IntervalSet, IntersectionUnorderedNonNormalizedInterval) EXPECT_EQ(i0[0].mEnd, i1.mEnd); } -static media::IntervalSet Duplicate(const media::IntervalSet& aValue) +static IntIntervals Duplicate(const IntIntervals& aValue) { - media::IntervalSet value(aValue); + IntIntervals value(aValue); return value; } TEST(IntervalSet, Normalize) { - media::IntervalSet i; + IntIntervals i; // Test IntervalSet + Interval operator. i = i + IntInterval(20, 30); // Test Internal + IntervalSet operator. i = IntInterval(2, 7) + i; // Test Interval + IntervalSet operator i = IntInterval(1, 8) + i; - media::IntervalSet interval; + IntIntervals interval; interval += IntInterval(5, 10); // Test += with rval move. i += Duplicate(interval); @@ -333,7 +334,7 @@ TEST(IntervalSet, Normalize) TEST(IntervalSet, ContainValue) { - media::IntervalSet i0; + IntIntervals i0; i0 += IntInterval(0, 10); i0 += IntInterval(15, 20); i0 += IntInterval(30, 50); @@ -345,7 +346,7 @@ TEST(IntervalSet, ContainValue) TEST(IntervalSet, ContainValueWithFuzz) { - media::IntervalSet i0; + IntIntervals i0; i0 += IntInterval(0, 10); i0 += IntInterval(15, 20, 1); i0 += IntInterval(30, 50); @@ -357,7 +358,7 @@ TEST(IntervalSet, ContainValueWithFuzz) TEST(IntervalSet, ContainInterval) { - media::IntervalSet i0; + IntIntervals i0; i0 += IntInterval(0, 10); i0 += IntInterval(15, 20); i0 += IntInterval(30, 50); @@ -373,7 +374,7 @@ TEST(IntervalSet, ContainInterval) TEST(IntervalSet, ContainIntervalWithFuzz) { - media::IntervalSet i0; + IntIntervals i0; i0 += IntInterval(0, 10); i0 += IntInterval(15, 20); i0 += IntInterval(30, 50); @@ -386,7 +387,7 @@ TEST(IntervalSet, ContainIntervalWithFuzz) EXPECT_FALSE(i0.Contains(IntInterval(15, 30))); EXPECT_FALSE(i0.Contains(IntInterval(30, 55))); - media::IntervalSet i1; + IntIntervals i1; i1 += IntInterval(0, 10, 1); i1 += IntInterval(15, 20, 1); i1 += IntInterval(30, 50, 1); @@ -408,18 +409,18 @@ TEST(IntervalSet, Span) TEST(IntervalSet, Union) { - media::IntervalSet i0; + IntIntervals i0; i0 += IntInterval(5, 10); i0 += IntInterval(20, 25); i0 += IntInterval(40, 60); - media::IntervalSet i1; + IntIntervals i1; i1.Add(IntInterval(7, 15)); i1.Add(IntInterval(16, 27)); i1.Add(IntInterval(45, 50)); i1.Add(IntInterval(53, 57)); - media::IntervalSet i = media::Union(i0, i1); + IntIntervals i = media::Union(i0, i1); EXPECT_EQ(3u, i.Length()); @@ -435,18 +436,18 @@ TEST(IntervalSet, Union) TEST(IntervalSet, UnionNotOrdered) { - media::IntervalSet i0; + IntIntervals i0; i0 += IntInterval(20, 25); i0 += IntInterval(40, 60); i0 += IntInterval(5, 10); - media::IntervalSet i1; + IntIntervals i1; i1.Add(IntInterval(16, 27)); i1.Add(IntInterval(7, 15)); i1.Add(IntInterval(53, 57)); i1.Add(IntInterval(45, 50)); - media::IntervalSet i = media::Union(i0, i1); + IntIntervals i = media::Union(i0, i1); EXPECT_EQ(3u, i.Length()); @@ -462,7 +463,7 @@ TEST(IntervalSet, UnionNotOrdered) TEST(IntervalSet, NormalizeFuzz) { - media::IntervalSet i0; + IntIntervals i0; i0 += IntInterval(11, 25, 0); i0 += IntInterval(5, 10, 1); i0 += IntInterval(40, 60, 1); @@ -478,7 +479,7 @@ TEST(IntervalSet, NormalizeFuzz) TEST(IntervalSet, UnionFuzz) { - media::IntervalSet i0; + IntIntervals i0; i0 += IntInterval(5, 10, 1); i0 += IntInterval(11, 25, 0); i0 += IntInterval(40, 60, 1); @@ -488,7 +489,7 @@ TEST(IntervalSet, UnionFuzz) EXPECT_EQ(40, i0[1].mStart); EXPECT_EQ(60, i0[1].mEnd); - media::IntervalSet i1; + IntIntervals i1; i1.Add(IntInterval(7, 15, 1)); i1.Add(IntInterval(16, 27, 1)); i1.Add(IntInterval(45, 50, 1)); @@ -501,7 +502,7 @@ TEST(IntervalSet, UnionFuzz) EXPECT_EQ(53, i1[2].mStart); EXPECT_EQ(57, i1[2].mEnd); - media::IntervalSet i = media::Union(i0, i1); + IntIntervals i = media::Union(i0, i1); EXPECT_EQ(2u, i.Length()); @@ -712,9 +713,67 @@ TEST(IntervalSet, FooIntervalSet) TEST(IntervalSet, StaticAssert) { - typedef media::IntervalSet IntIntervals; media::Interval i; static_assert(mozilla::IsSame::Type, nsTArray_CopyWithConstructors>::value, "Must use copy constructor"); static_assert(mozilla::IsSame::Type, nsTArray_CopyWithConstructors>::value, "Must use copy constructor"); } + +TEST(IntervalSet, Substraction) +{ + IntIntervals i0; + i0 += IntInterval(5, 10); + i0 += IntInterval(20, 25); + i0 += IntInterval(40, 60); + + IntInterval i1(8, 15); + i0 -= i1; + + EXPECT_EQ(3u, i0.Length()); + EXPECT_EQ(5, i0[0].mStart); + EXPECT_EQ(8, i0[0].mEnd); + EXPECT_EQ(20, i0[1].mStart); + EXPECT_EQ(25, i0[1].mEnd); + EXPECT_EQ(40, i0[2].mStart); + EXPECT_EQ(60, i0[2].mEnd); + + i0 = IntIntervals(); + i0 += IntInterval(5, 10); + i0 += IntInterval(20, 25); + i0 += IntInterval(40, 60); + i1 = IntInterval(0, 60); + i0 -= i1; + EXPECT_EQ(0u, i0.Length()); + + i0 = IntIntervals(); + i0 += IntInterval(5, 10); + i0 += IntInterval(20, 25); + i0 += IntInterval(40, 60); + i1 = IntInterval(0, 45); + i0 -= i1; + EXPECT_EQ(1u, i0.Length()); + EXPECT_EQ(45, i0[0].mStart); + EXPECT_EQ(60, i0[0].mEnd); + + i0 = IntIntervals(); + i0 += IntInterval(5, 10); + i0 += IntInterval(20, 25); + i0 += IntInterval(40, 60); + i1 = IntInterval(8, 45); + i0 -= i1; + EXPECT_EQ(2u, i0.Length()); + EXPECT_EQ(5, i0[0].mStart); + EXPECT_EQ(8, i0[0].mEnd); + EXPECT_EQ(45, i0[1].mStart); + EXPECT_EQ(60, i0[1].mEnd); + + i0 = IntIntervals(); + i0 += IntInterval(5, 10); + i0 += IntInterval(20, 25); + i0 += IntInterval(40, 60); + i1 = IntInterval(8, 70); + i0 -= i1; + EXPECT_EQ(1u, i0.Length()); + EXPECT_EQ(5, i0[0].mStart); + EXPECT_EQ(8, i0[0].mEnd); +} From a053be6ccd04dfd0262585e050a049cda063d7b0 Mon Sep 17 00:00:00 2001 From: Jean-Yves Avenard Date: Thu, 11 Jun 2015 15:49:49 +1000 Subject: [PATCH 145/297] Bug 1171330: P3. Add -=, - and * (with integer) operators to TimeUnit. r=mattwoodrow --- dom/media/TimeUnits.h | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/dom/media/TimeUnits.h b/dom/media/TimeUnits.h index 4aee59b88e9..d3e5f3d7876 100644 --- a/dom/media/TimeUnits.h +++ b/dom/media/TimeUnits.h @@ -173,6 +173,21 @@ public: MOZ_ASSERT(!IsInfinite() && !aOther.IsInfinite()); return TimeUnit(mValue - aOther.mValue); } + TimeUnit& operator += (const TimeUnit& aOther) { + *this = *this + aOther; + return *this; + } + TimeUnit& operator -= (const TimeUnit& aOther) { + *this = *this - aOther; + return *this; + } + + friend TimeUnit operator* (int aVal, const TimeUnit& aUnit) { + return TimeUnit(aUnit.mValue * aVal); + } + friend TimeUnit operator* (const TimeUnit& aUnit, int aVal) { + return TimeUnit(aUnit.mValue * aVal); + } bool IsValid() const { From 9c03bda07b9836c12bbf7429fe382f53c36c8df2 Mon Sep 17 00:00:00 2001 From: Jean-Yves Avenard Date: Thu, 11 Jun 2015 15:49:50 +1000 Subject: [PATCH 146/297] Bug 1171330: P5. Split AppendData task to be closer to spec. r=cajbir. --- dom/media/mediasource/SourceBuffer.cpp | 29 +++++----------- dom/media/mediasource/SourceBuffer.h | 5 ++- .../mediasource/SourceBufferContentManager.h | 14 +++++--- dom/media/mediasource/TrackBuffer.cpp | 33 ++++++++++++++----- dom/media/mediasource/TrackBuffer.h | 9 +++-- 5 files changed, 50 insertions(+), 40 deletions(-) diff --git a/dom/media/mediasource/SourceBuffer.cpp b/dom/media/mediasource/SourceBuffer.cpp index 232d07304ec..368a1e6edb1 100644 --- a/dom/media/mediasource/SourceBuffer.cpp +++ b/dom/media/mediasource/SourceBuffer.cpp @@ -37,30 +37,24 @@ namespace mozilla { namespace dom { -class AppendDataRunnable : public nsRunnable { +class BufferAppendRunnable : public nsRunnable { public: - AppendDataRunnable(SourceBuffer* aSourceBuffer, - MediaLargeByteBuffer* aData, - TimeUnit aTimestampOffset, - uint32_t aUpdateID) + BufferAppendRunnable(SourceBuffer* aSourceBuffer, + uint32_t aUpdateID) : mSourceBuffer(aSourceBuffer) - , mData(aData) - , mTimestampOffset(aTimestampOffset) , mUpdateID(aUpdateID) { } NS_IMETHOD Run() override final { - mSourceBuffer->AppendData(mData, mTimestampOffset, mUpdateID); + mSourceBuffer->BufferAppend(mUpdateID); return NS_OK; } private: nsRefPtr mSourceBuffer; - nsRefPtr mData; - TimeUnit mTimestampOffset; uint32_t mUpdateID; }; @@ -413,18 +407,18 @@ SourceBuffer::AppendData(const uint8_t* aData, uint32_t aLength, ErrorResult& aR if (!data) { return; } + mContentManager->AppendData(data, TimeUnit::FromSeconds(mTimestampOffset)); + StartUpdating(); MOZ_ASSERT(mAppendMode == SourceBufferAppendMode::Segments, "We don't handle timestampOffset for sequence mode yet"); - nsCOMPtr task = - new AppendDataRunnable(this, data, TimeUnit::FromSeconds(mTimestampOffset), mUpdateID); + nsCOMPtr task = new BufferAppendRunnable(this, mUpdateID); NS_DispatchToMainThread(task); } void -SourceBuffer::AppendData(MediaLargeByteBuffer* aData, TimeUnit aTimestampOffset, - uint32_t aUpdateID) +SourceBuffer::BufferAppend(uint32_t aUpdateID) { if (!mUpdating || aUpdateID != mUpdateID) { // The buffer append algorithm has been interrupted by abort(). @@ -439,12 +433,7 @@ SourceBuffer::AppendData(MediaLargeByteBuffer* aData, TimeUnit aTimestampOffset, MOZ_ASSERT(mMediaSource); MOZ_ASSERT(!mPendingAppend.Exists()); - if (!aData->Length()) { - StopUpdating(); - return; - } - - mPendingAppend.Begin(mContentManager->AppendData(aData, aTimestampOffset) + mPendingAppend.Begin(mContentManager->BufferAppend() ->Then(AbstractThread::MainThread(), __func__, this, &SourceBuffer::AppendDataCompletedWithSuccess, &SourceBuffer::AppendDataErrored)); diff --git a/dom/media/mediasource/SourceBuffer.h b/dom/media/mediasource/SourceBuffer.h index ce2e43c18cb..43ab13bd477 100644 --- a/dom/media/mediasource/SourceBuffer.h +++ b/dom/media/mediasource/SourceBuffer.h @@ -133,7 +133,7 @@ private: ~SourceBuffer(); friend class AsyncEventRunner; - friend class AppendDataRunnable; + friend class BufferAppendRunnable; friend class RangeRemovalRunnable; void DispatchSimpleEvent(const char* aName); void QueueAsyncSimpleEvent(const char* aName); @@ -150,8 +150,7 @@ private: // Shared implementation of AppendBuffer overloads. void AppendData(const uint8_t* aData, uint32_t aLength, ErrorResult& aRv); - void AppendData(MediaLargeByteBuffer* aData, TimeUnit aTimestampOffset, - uint32_t aAppendID); + void BufferAppend(uint32_t aAppendID); // Implement the "Append Error Algorithm". // Will call endOfStream() with "decode" error if aDecodeError is true. diff --git a/dom/media/mediasource/SourceBufferContentManager.h b/dom/media/mediasource/SourceBufferContentManager.h index df24f295f1e..e363ce63a7c 100644 --- a/dom/media/mediasource/SourceBufferContentManager.h +++ b/dom/media/mediasource/SourceBufferContentManager.h @@ -28,11 +28,15 @@ public: static already_AddRefed CreateManager(MediaSourceDecoder* aParentDecoder, const nsACString& aType); - // Append data to the current decoder. Also responsible for calling - // NotifyDataArrived on the decoder to keep buffered range computation up - // to date. Returns false if the append failed. - virtual nsRefPtr - AppendData(MediaLargeByteBuffer* aData, TimeUnit aTimestampOffset /* microseconds */) = 0; + // Add data to the end of the input buffer. + // Returns false if the append failed. + virtual bool + AppendData(MediaLargeByteBuffer* aData, TimeUnit aTimestampOffset) = 0; + + // Run MSE Buffer Append Algorithm + // 3.5.5 Buffer Append Algorithm. + // http://w3c.github.io/media-source/index.html#sourcebuffer-buffer-append + virtual nsRefPtr BufferAppend() = 0; // Abort any pending AppendData. virtual void AbortAppendData() = 0; diff --git a/dom/media/mediasource/TrackBuffer.cpp b/dom/media/mediasource/TrackBuffer.cpp index 55c729dfb99..cd6fbfde40b 100644 --- a/dom/media/mediasource/TrackBuffer.cpp +++ b/dom/media/mediasource/TrackBuffer.cpp @@ -138,18 +138,32 @@ TrackBuffer::ContinueShutdown() mShutdownPromise.Resolve(true, __func__); } -nsRefPtr +bool TrackBuffer::AppendData(MediaLargeByteBuffer* aData, TimeUnit aTimestampOffset) +{ + MOZ_ASSERT(NS_IsMainThread()); + mInputBuffer = aData; + mTimestampOffset = aTimestampOffset; + return true; +} + +nsRefPtr +TrackBuffer::BufferAppend() { MOZ_ASSERT(NS_IsMainThread()); MOZ_ASSERT(mInitializationPromise.IsEmpty()); + MOZ_ASSERT(mInputBuffer); + + if (mInputBuffer->IsEmpty()) { + return AppendPromise::CreateAndResolve(false, __func__); + } DecodersToInitialize decoders(this); nsRefPtr p = mInitializationPromise.Ensure(__func__); bool hadInitData = mParser->HasInitData(); bool hadCompleteInitData = mParser->HasCompleteInitData(); nsRefPtr oldInit = mParser->InitData(); - bool newInitData = mParser->IsInitSegmentPresent(aData); + bool newInitData = mParser->IsInitSegmentPresent(mInputBuffer); // TODO: Run more of the buffer append algorithm asynchronously. if (newInitData) { @@ -161,14 +175,14 @@ TrackBuffer::AppendData(MediaLargeByteBuffer* aData, TimeUnit aTimestampOffset) } int64_t start = 0, end = 0; - bool gotMedia = mParser->ParseStartAndEndTimestamps(aData, start, end); + bool gotMedia = mParser->ParseStartAndEndTimestamps(mInputBuffer, start, end); bool gotInit = mParser->HasCompleteInitData(); if (newInitData) { if (!gotInit) { // We need a new decoder, but we can't initialize it yet. nsRefPtr decoder = - NewDecoder(aTimestampOffset); + NewDecoder(mTimestampOffset); // The new decoder is stored in mDecoders/mCurrentDecoder, so we // don't need to do anything with 'decoder'. It's only a placeholder. if (!decoder) { @@ -176,7 +190,7 @@ TrackBuffer::AppendData(MediaLargeByteBuffer* aData, TimeUnit aTimestampOffset) return p; } } else { - if (!decoders.NewDecoder(aTimestampOffset)) { + if (!decoders.NewDecoder(mTimestampOffset)) { mInitializationPromise.Reject(NS_ERROR_FAILURE, __func__); return p; } @@ -189,9 +203,9 @@ TrackBuffer::AppendData(MediaLargeByteBuffer* aData, TimeUnit aTimestampOffset) } if (gotMedia) { - if (mParser->IsMediaSegmentPresent(aData) && mLastEndTimestamp && + if (mParser->IsMediaSegmentPresent(mInputBuffer) && mLastEndTimestamp && (!mParser->TimestampsFuzzyEqual(start, mLastEndTimestamp.value()) || - mLastTimestampOffset != aTimestampOffset || + mLastTimestampOffset != mTimestampOffset || mDecoderPerSegment || (mCurrentDecoder && mCurrentDecoder->WasTrimmed()))) { MSE_DEBUG("Data last=[%lld, %lld] overlaps [%lld, %lld]", @@ -202,7 +216,7 @@ TrackBuffer::AppendData(MediaLargeByteBuffer* aData, TimeUnit aTimestampOffset) // processed or not continuous, so we must create a new decoder // to handle the decoding. if (!hadCompleteInitData || - !decoders.NewDecoder(aTimestampOffset)) { + !decoders.NewDecoder(mTimestampOffset)) { mInitializationPromise.Reject(NS_ERROR_FAILURE, __func__); return p; } @@ -228,7 +242,7 @@ TrackBuffer::AppendData(MediaLargeByteBuffer* aData, TimeUnit aTimestampOffset) mAdjustedTimestamp = starttu; } - if (!AppendDataToCurrentResource(aData, end - start)) { + if (!AppendDataToCurrentResource(mInputBuffer, end - start)) { mInitializationPromise.Reject(NS_ERROR_FAILURE, __func__); return p; } @@ -957,6 +971,7 @@ TrackBuffer::ResetParserState() mParser = ContainerParser::CreateForMIMEType(mType); DiscardCurrentDecoder(); } + mInputBuffer = nullptr; } void diff --git a/dom/media/mediasource/TrackBuffer.h b/dom/media/mediasource/TrackBuffer.h index adb3f2f31b8..f3e080e21c7 100644 --- a/dom/media/mediasource/TrackBuffer.h +++ b/dom/media/mediasource/TrackBuffer.h @@ -30,11 +30,12 @@ public: nsRefPtr Shutdown(); + bool AppendData(MediaLargeByteBuffer* aData, TimeUnit aTimestampOffset) override; + // Append data to the current decoder. Also responsible for calling // NotifyDataArrived on the decoder to keep buffered range computation up - // to date. Returns false if the append failed. - nsRefPtr AppendData(MediaLargeByteBuffer* aData, - TimeUnit aTimestampOffset /* microseconds */) override; + // to date. + nsRefPtr BufferAppend() override; // Evicts data held in the current decoders SourceBufferResource from the // start of the buffer through to aPlaybackTime. aThreshold is used to @@ -162,6 +163,7 @@ private: SourceBufferDecoder* aDecoder); nsAutoPtr mParser; + nsRefPtr mInputBuffer; // A task queue using the shared media thread pool. Used exclusively to // initialize (i.e. call ReadMetadata on) decoders as they are created via @@ -196,6 +198,7 @@ private: // The timestamp offset used by our current decoder. TimeUnit mLastTimestampOffset; + TimeUnit mTimestampOffset; TimeUnit mAdjustedTimestamp; // True if at least one of our decoders has encrypted content. From 3ceb2a38b511be958aee74e5e2d0ddbc4d04b3ec Mon Sep 17 00:00:00 2001 From: Jean-Yves Avenard Date: Thu, 11 Jun 2015 15:55:12 +1000 Subject: [PATCH 147/297] Bug 1171330: P6. Make RangeRemoval use promises. r=cajbir --- dom/media/mediasource/SourceBuffer.cpp | 51 +++---------------- dom/media/mediasource/SourceBuffer.h | 3 -- .../mediasource/SourceBufferContentManager.h | 3 +- dom/media/mediasource/TrackBuffer.cpp | 10 ++-- dom/media/mediasource/TrackBuffer.h | 2 +- 5 files changed, 15 insertions(+), 54 deletions(-) diff --git a/dom/media/mediasource/SourceBuffer.cpp b/dom/media/mediasource/SourceBuffer.cpp index 368a1e6edb1..35151021c30 100644 --- a/dom/media/mediasource/SourceBuffer.cpp +++ b/dom/media/mediasource/SourceBuffer.cpp @@ -58,34 +58,6 @@ private: uint32_t mUpdateID; }; -class RangeRemovalRunnable : public nsRunnable { -public: - RangeRemovalRunnable(SourceBuffer* aSourceBuffer, - double aStart, - double aEnd) - : mSourceBuffer(aSourceBuffer) - , mStart(aStart) - , mEnd(aEnd) - { } - - NS_IMETHOD Run() override final { - - if (!mSourceBuffer->mUpdating) { - // abort was called in between. - return NS_OK; - } - mSourceBuffer->DoRangeRemoval(mStart, mEnd); - mSourceBuffer->StopUpdating(); - - return NS_OK; - } - -private: - nsRefPtr mSourceBuffer; - double mStart; - double mEnd; -}; - void SourceBuffer::SetMode(SourceBufferAppendMode aMode, ErrorResult& aRv) { @@ -245,29 +217,20 @@ SourceBuffer::Remove(double aStart, double aEnd, ErrorResult& aRv) mMediaSource->SetReadyState(MediaSourceReadyState::Open); } - StartUpdating(); - nsCOMPtr task = new RangeRemovalRunnable(this, aStart, aEnd); - NS_DispatchToMainThread(task); + RangeRemoval(aStart, aEnd); } void SourceBuffer::RangeRemoval(double aStart, double aEnd) { StartUpdating(); - DoRangeRemoval(aStart, aEnd); - nsCOMPtr task = - NS_NewRunnableMethod(this, &SourceBuffer::StopUpdating); - NS_DispatchToMainThread(task); -} -void -SourceBuffer::DoRangeRemoval(double aStart, double aEnd) -{ - MSE_DEBUG("DoRangeRemoval(%f, %f)", aStart, aEnd); - if (mContentManager && !IsInfinite(aStart)) { - mContentManager->RangeRemoval(TimeUnit::FromSeconds(aStart), - TimeUnit::FromSeconds(aEnd)); - } + nsRefPtr self = this; + mContentManager->RangeRemoval(TimeUnit::FromSeconds(aStart), + TimeUnit::FromSeconds(aEnd)) + ->Then(AbstractThread::MainThread(), __func__, + [self] (bool) { self->StopUpdating(); }, + []() { MOZ_ASSERT(false); }); } void diff --git a/dom/media/mediasource/SourceBuffer.h b/dom/media/mediasource/SourceBuffer.h index 43ab13bd477..81c6e98370d 100644 --- a/dom/media/mediasource/SourceBuffer.h +++ b/dom/media/mediasource/SourceBuffer.h @@ -117,8 +117,6 @@ public: // Runs the range removal algorithm as defined by the MSE spec. void RangeRemoval(double aStart, double aEnd); - // Actually remove data between aStart and aEnd - void DoRangeRemoval(double aStart, double aEnd); bool IsActive() const { @@ -134,7 +132,6 @@ private: friend class AsyncEventRunner; friend class BufferAppendRunnable; - friend class RangeRemovalRunnable; void DispatchSimpleEvent(const char* aName); void QueueAsyncSimpleEvent(const char* aName); diff --git a/dom/media/mediasource/SourceBufferContentManager.h b/dom/media/mediasource/SourceBufferContentManager.h index e363ce63a7c..3001590839c 100644 --- a/dom/media/mediasource/SourceBufferContentManager.h +++ b/dom/media/mediasource/SourceBufferContentManager.h @@ -24,6 +24,7 @@ public: NS_INLINE_DECL_THREADSAFE_REFCOUNTING(SourceBufferContentManager); typedef MediaPromise AppendPromise; + typedef AppendPromise RangeRemovalPromise; static already_AddRefed CreateManager(MediaSourceDecoder* aParentDecoder, const nsACString& aType); @@ -48,7 +49,7 @@ public: // Runs MSE range removal algorithm. // http://w3c.github.io/media-source/#sourcebuffer-coded-frame-removal - virtual bool RangeRemoval(TimeUnit aStart, TimeUnit aEnd) = 0; + virtual nsRefPtr RangeRemoval(TimeUnit aStart, TimeUnit aEnd) = 0; enum class EvictDataResult : int8_t { diff --git a/dom/media/mediasource/TrackBuffer.cpp b/dom/media/mediasource/TrackBuffer.cpp index cd6fbfde40b..0f2d88add43 100644 --- a/dom/media/mediasource/TrackBuffer.cpp +++ b/dom/media/mediasource/TrackBuffer.cpp @@ -1091,7 +1091,7 @@ TrackBuffer::RemoveDecoder(SourceBufferDecoder* aDecoder) aDecoder->GetReader()->TaskQueue()->Dispatch(task.forget()); } -bool +nsRefPtr TrackBuffer::RangeRemoval(TimeUnit aStart, TimeUnit aEnd) { MOZ_ASSERT(NS_IsMainThread()); @@ -1103,14 +1103,14 @@ TrackBuffer::RangeRemoval(TimeUnit aStart, TimeUnit aEnd) if (!buffered.Length() || aStart > bufferedEnd || aEnd < bufferedStart) { // Nothing to remove. - return false; + return RangeRemovalPromise::CreateAndResolve(false, __func__); } if (aStart > bufferedStart && aEnd < bufferedEnd) { // TODO. We only handle trimming and removal from the start. NS_WARNING("RangeRemoval unsupported arguments. " "Can only handle trimming (trim left or trim right"); - return false; + return RangeRemovalPromise::CreateAndResolve(false, __func__); } nsTArray decoders; @@ -1136,7 +1136,7 @@ TrackBuffer::RangeRemoval(TimeUnit aStart, TimeUnit aEnd) decoders[i]->GetResource()->EvictData(offset, offset, rv); if (NS_WARN_IF(rv.Failed())) { rv.SuppressException(); - return false; + return RangeRemovalPromise::CreateAndResolve(false, __func__); } } } @@ -1158,7 +1158,7 @@ TrackBuffer::RangeRemoval(TimeUnit aStart, TimeUnit aEnd) RemoveEmptyDecoders(decoders); NotifyTimeRangesChanged(); - return true; + return RangeRemovalPromise::CreateAndResolve(true, __func__); } void diff --git a/dom/media/mediasource/TrackBuffer.h b/dom/media/mediasource/TrackBuffer.h index f3e080e21c7..541d7dd230b 100644 --- a/dom/media/mediasource/TrackBuffer.h +++ b/dom/media/mediasource/TrackBuffer.h @@ -48,7 +48,7 @@ public: // of the buffer through to aTime. void EvictBefore(TimeUnit aTime) override; - bool RangeRemoval(TimeUnit aStart, TimeUnit aEnd) override; + nsRefPtr RangeRemoval(TimeUnit aStart, TimeUnit aEnd) override; void AbortAppendData() override; From da855c92ffe9e87402123690dc885d6e2baf09f0 Mon Sep 17 00:00:00 2001 From: Jean-Yves Avenard Date: Thu, 11 Jun 2015 15:55:20 +1000 Subject: [PATCH 148/297] Bug 1171330: P7. Add ability to retrieve init range to ContainerParser. r=cajbir Currently, we always assume that the init segment starts at offset 0. But this doesn't have to always be true. --- dom/media/mediasource/ContainerParser.cpp | 12 ++++++++++-- dom/media/mediasource/ContainerParser.h | 4 +++- 2 files changed, 13 insertions(+), 3 deletions(-) diff --git a/dom/media/mediasource/ContainerParser.cpp b/dom/media/mediasource/ContainerParser.cpp index f867c5da150..fc248b7c23e 100644 --- a/dom/media/mediasource/ContainerParser.cpp +++ b/dom/media/mediasource/ContainerParser.cpp @@ -95,7 +95,13 @@ ContainerParser::InitData() MediaByteRange ContainerParser::MediaSegmentRange() { - return mCompleteByteRange; + return mCompleteMediaSegmentRange; +} + +MediaByteRange +ContainerParser::InitSegmentRange() +{ + return mCompleteInitSegmentRange; } class WebMContainerParser : public ContainerParser { @@ -186,6 +192,7 @@ public: // Super unlikely OOM return false; } + mCompleteInitSegmentRange = MediaByteRange(0, mParser.mInitEndOffset); char* buffer = reinterpret_cast(mInitData->Elements()); mResource->ReadFromCache(buffer, 0, mParser.mInitEndOffset); MSE_DEBUG(WebMContainerParser, "Stashed init of %u bytes.", @@ -314,6 +321,7 @@ public: if (initSegment || !HasCompleteInitData()) { MediaByteRange& range = mParser->mInitRange; if (range.Length()) { + mCompleteInitSegmentRange = range; if (!mInitData->SetLength(range.Length(), fallible)) { // Super unlikely OOM return false; @@ -331,7 +339,7 @@ public: mp4_demuxer::Interval compositionRange = mParser->GetCompositionRange(byteRanges); - mCompleteByteRange = mParser->FirstCompleteMediaSegment(); + mCompleteMediaSegmentRange = mParser->FirstCompleteMediaSegment(); ErrorResult rv; mResource->EvictData(mParser->mOffset, mParser->mOffset, rv); if (NS_WARN_IF(rv.Failed())) { diff --git a/dom/media/mediasource/ContainerParser.h b/dom/media/mediasource/ContainerParser.h index 12c008828eb..868f7dd0b8d 100644 --- a/dom/media/mediasource/ContainerParser.h +++ b/dom/media/mediasource/ContainerParser.h @@ -55,6 +55,7 @@ public: // Return the byte range of the first complete media segment or an empty // range if not complete. MediaByteRange MediaSegmentRange(); + MediaByteRange InitSegmentRange(); static ContainerParser* CreateForMIMEType(const nsACString& aType); @@ -62,7 +63,8 @@ protected: nsRefPtr mInitData; nsRefPtr mResource; bool mHasInitData; - MediaByteRange mCompleteByteRange; + MediaByteRange mCompleteMediaSegmentRange; + MediaByteRange mCompleteInitSegmentRange; const nsCString mType; }; From 167e4fa057e721ef7ecdd86b2014004c21fe1b52 Mon Sep 17 00:00:00 2001 From: Jean-Yves Avenard Date: Thu, 11 Jun 2015 15:55:20 +1000 Subject: [PATCH 149/297] Bug 1171330: P8. Check MoofParser index before demuxing. r=cpearce --- dom/media/fmp4/MP4Demuxer.cpp | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/dom/media/fmp4/MP4Demuxer.cpp b/dom/media/fmp4/MP4Demuxer.cpp index d9fe1c442fc..6328cfb460e 100644 --- a/dom/media/fmp4/MP4Demuxer.cpp +++ b/dom/media/fmp4/MP4Demuxer.cpp @@ -168,7 +168,7 @@ MP4TrackDemuxer::MP4TrackDemuxer(MP4Demuxer* aParent, mInfo->IsAudio(), &mMonitor); mIterator = MakeUnique(mIndex); - NotifyDataArrived(); // Force update of index + EnsureUpToDateIndex(); // Force update of index } UniquePtr @@ -216,6 +216,7 @@ MP4TrackDemuxer::Seek(media::TimeUnit aTime) nsRefPtr MP4TrackDemuxer::GetSamples(int32_t aNumSamples) { + EnsureUpToDateIndex(); nsRefPtr samples = new SamplesHolder; if (!aNumSamples) { return SamplesPromise::CreateAndReject(DemuxerFailureReason::DEMUXER_ERROR, __func__); From 536c6580822fee1450a717e02d12d2cd8c71ed6a Mon Sep 17 00:00:00 2001 From: Jean-Yves Avenard Date: Thu, 11 Jun 2015 15:55:20 +1000 Subject: [PATCH 150/297] Bug 1171330: P9. Remove "Diamond Problem" with MediaDecoder inheritance. r=cpearce --- dom/media/AbstractMediaDecoder.h | 7 ++++++- dom/media/MediaDecoder.h | 3 +-- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/dom/media/AbstractMediaDecoder.h b/dom/media/AbstractMediaDecoder.h index 36c0e10ded0..ed2debd12f0 100644 --- a/dom/media/AbstractMediaDecoder.h +++ b/dom/media/AbstractMediaDecoder.h @@ -43,7 +43,7 @@ enum class MediaDecoderEventVisibility : int8_t { * The AbstractMediaDecoder class describes the public interface for a media decoder * and is used by the MediaReader classes. */ -class AbstractMediaDecoder : public nsISupports +class AbstractMediaDecoder : public nsIObserver { public: // Returns the monitor for other threads to synchronise access to @@ -146,6 +146,11 @@ public: AbstractMediaDecoder* mDecoder; }; + // Classes directly inheriting from AbstractMediaDecoder do not support + // Observe and it should never be called directly. + NS_IMETHOD Observe(nsISupports *aSubject, const char * aTopic, const char16_t * aData) override + { MOZ_CRASH("Forbidden method"); return NS_OK; } + #ifdef MOZ_EME virtual nsresult SetCDMProxy(CDMProxy* aProxy) { return NS_ERROR_NOT_IMPLEMENTED; } virtual CDMProxy* GetCDMProxy() { return nullptr; } diff --git a/dom/media/MediaDecoder.h b/dom/media/MediaDecoder.h index 9e9a9498371..93ac3a237cd 100644 --- a/dom/media/MediaDecoder.h +++ b/dom/media/MediaDecoder.h @@ -264,8 +264,7 @@ struct SeekTarget { MediaDecoderEventVisibility mEventVisibility; }; -class MediaDecoder : public nsIObserver, - public AbstractMediaDecoder +class MediaDecoder : public AbstractMediaDecoder { public: struct SeekResolveValue { From 203490e5bb4552b44f8b122710139b1e828ef2b6 Mon Sep 17 00:00:00 2001 From: Jean-Yves Avenard Date: Thu, 11 Jun 2015 15:55:20 +1000 Subject: [PATCH 151/297] Bug 1171330: P10. Add TrackBuffersManager object. r=cajbir This implements MSE's SourceBuffer exactly per spec. No memory or speed optimisations of any kind were added for the purpose of being 100% W3C spec compliant. --- dom/media/mediasource/SourceBuffer.cpp | 69 +- dom/media/mediasource/SourceBuffer.h | 16 +- .../SourceBufferContentManager.cpp | 13 +- .../mediasource/SourceBufferContentManager.h | 20 +- dom/media/mediasource/TrackBuffersManager.cpp | 1231 +++++++++++++++++ dom/media/mediasource/TrackBuffersManager.h | 239 ++++ dom/media/mediasource/moz.build | 1 + 7 files changed, 1573 insertions(+), 16 deletions(-) create mode 100644 dom/media/mediasource/TrackBuffersManager.cpp create mode 100644 dom/media/mediasource/TrackBuffersManager.h diff --git a/dom/media/mediasource/SourceBuffer.cpp b/dom/media/mediasource/SourceBuffer.cpp index 35151021c30..c95d82dcbba 100644 --- a/dom/media/mediasource/SourceBuffer.cpp +++ b/dom/media/mediasource/SourceBuffer.cpp @@ -61,28 +61,46 @@ private: void SourceBuffer::SetMode(SourceBufferAppendMode aMode, ErrorResult& aRv) { + typedef mozilla::SourceBufferContentManager::AppendState AppendState; + MOZ_ASSERT(NS_IsMainThread()); MSE_API("SetMode(aMode=%d)", aMode); if (!IsAttached() || mUpdating) { aRv.Throw(NS_ERROR_DOM_INVALID_STATE_ERR); return; } - if (aMode == SourceBufferAppendMode::Sequence) { + if (!mIsUsingFormatReader && aMode == SourceBufferAppendMode::Sequence) { aRv.Throw(NS_ERROR_DOM_NOT_SUPPORTED_ERR); return; } + if (mIsUsingFormatReader && mGenerateTimestamp && + aMode == SourceBufferAppendMode::Segments) { + aRv.Throw(NS_ERROR_DOM_INVALID_ACCESS_ERR); + return; + } MOZ_ASSERT(mMediaSource->ReadyState() != MediaSourceReadyState::Closed); if (mMediaSource->ReadyState() == MediaSourceReadyState::Ended) { mMediaSource->SetReadyState(MediaSourceReadyState::Open); } - // TODO: Test append state. - // TODO: If aMode is "sequence", set sequence start time. + if (mIsUsingFormatReader && + mContentManager->GetAppendState() == AppendState::PARSING_MEDIA_SEGMENT){ + aRv.Throw(NS_ERROR_DOM_INVALID_STATE_ERR); + return; + } + + if (mIsUsingFormatReader && aMode == SourceBufferAppendMode::Sequence) { + // Will set GroupStartTimestamp to GroupEndTimestamp. + mContentManager->RestartGroupStartTimestamp(); + } + mAppendMode = aMode; } void SourceBuffer::SetTimestampOffset(double aTimestampOffset, ErrorResult& aRv) { + typedef mozilla::SourceBufferContentManager::AppendState AppendState; + MOZ_ASSERT(NS_IsMainThread()); MSE_API("SetTimestampOffset(aTimestampOffset=%f)", aTimestampOffset); if (!IsAttached() || mUpdating) { @@ -93,9 +111,25 @@ SourceBuffer::SetTimestampOffset(double aTimestampOffset, ErrorResult& aRv) if (mMediaSource->ReadyState() == MediaSourceReadyState::Ended) { mMediaSource->SetReadyState(MediaSourceReadyState::Open); } - // TODO: Test append state. - // TODO: If aMode is "sequence", set sequence start time. + if (mIsUsingFormatReader && + mContentManager->GetAppendState() == AppendState::PARSING_MEDIA_SEGMENT){ + aRv.Throw(NS_ERROR_DOM_INVALID_STATE_ERR); + return; + } + mApparentTimestampOffset = aTimestampOffset; + mTimestampOffset = TimeUnit::FromSeconds(aTimestampOffset); + if (mIsUsingFormatReader && mAppendMode == SourceBufferAppendMode::Sequence) { + mContentManager->SetGroupStartTimestamp(mTimestampOffset); + } +} + +void +SourceBuffer::SetTimestampOffset(const TimeUnit& aTimestampOffset) +{ + MOZ_ASSERT(NS_IsMainThread()); + mTimestampOffset = aTimestampOffset; + mApparentTimestampOffset = aTimestampOffset.ToSeconds(); } already_AddRefed @@ -187,7 +221,7 @@ SourceBuffer::AbortBufferAppend() { if (mUpdating) { mPendingAppend.DisconnectIfExists(); - // TODO: Abort segment parser loop, and stream append loop algorithms. + // TODO: Abort stream append loop algorithms. // cancel any pending buffer append. mContentManager->AbortAppendData(); AbortUpdating(); @@ -260,7 +294,7 @@ SourceBuffer::SourceBuffer(MediaSource* aMediaSource, const nsACString& aType) , mMediaSource(aMediaSource) , mAppendWindowStart(0) , mAppendWindowEnd(PositiveInfinity()) - , mTimestampOffset(0) + , mApparentTimestampOffset(0) , mAppendMode(SourceBufferAppendMode::Segments) , mUpdating(false) , mActive(false) @@ -271,9 +305,26 @@ SourceBuffer::SourceBuffer(MediaSource* aMediaSource, const nsACString& aType) MOZ_ASSERT(aMediaSource); mEvictionThreshold = Preferences::GetUint("media.mediasource.eviction_threshold", 75 * (1 << 20)); - mContentManager = SourceBufferContentManager::CreateManager(aMediaSource->GetDecoder(), aType); + mContentManager = + SourceBufferContentManager::CreateManager(this, + aMediaSource->GetDecoder(), + aType); MSE_DEBUG("Create mContentManager=%p", mContentManager.get()); + if (aType.LowerCaseEqualsLiteral("audio/mpeg") || + aType.LowerCaseEqualsLiteral("audio/aac")) { + mGenerateTimestamp = true; + } else { + mGenerateTimestamp = false; + } + mIsUsingFormatReader = + Preferences::GetBool("media.mediasource.format-reader", false); + ErrorResult dummy; + if (mGenerateTimestamp) { + SetMode(SourceBufferAppendMode::Sequence, dummy); + } else { + SetMode(SourceBufferAppendMode::Segments, dummy); + } } SourceBuffer::~SourceBuffer() @@ -370,7 +421,7 @@ SourceBuffer::AppendData(const uint8_t* aData, uint32_t aLength, ErrorResult& aR if (!data) { return; } - mContentManager->AppendData(data, TimeUnit::FromSeconds(mTimestampOffset)); + mContentManager->AppendData(data, mTimestampOffset); StartUpdating(); diff --git a/dom/media/mediasource/SourceBuffer.h b/dom/media/mediasource/SourceBuffer.h index 81c6e98370d..34ad18bc3e1 100644 --- a/dom/media/mediasource/SourceBuffer.h +++ b/dom/media/mediasource/SourceBuffer.h @@ -11,6 +11,7 @@ #include "MediaSource.h" #include "js/RootingAPI.h" #include "mozilla/Assertions.h" +#include "mozilla/Atomics.h" #include "mozilla/Attributes.h" #include "mozilla/DOMEventTargetHelper.h" #include "mozilla/dom/SourceBufferBinding.h" @@ -32,8 +33,8 @@ namespace mozilla { class ErrorResult; class MediaLargeByteBuffer; -class TrackBuffer; template class AsyncEventRunner; +class TrackBuffersManager; namespace dom { @@ -62,7 +63,7 @@ public: double TimestampOffset() const { - return mTimestampOffset; + return mApparentTimestampOffset; } void SetTimestampOffset(double aTimestampOffset, ErrorResult& aRv); @@ -132,6 +133,7 @@ private: friend class AsyncEventRunner; friend class BufferAppendRunnable; + friend class mozilla::TrackBuffersManager; void DispatchSimpleEvent(const char* aName); void QueueAsyncSimpleEvent(const char* aName); @@ -164,6 +166,9 @@ private: void AppendDataCompletedWithSuccess(bool aHasActiveTracks); void AppendDataErrored(nsresult aError); + // Set timestampOffset, must be called on the main thread. + void SetTimestampOffset(const TimeUnit& aTimestampOffset); + nsRefPtr mMediaSource; uint32_t mEvictionThreshold; @@ -173,12 +178,15 @@ private: double mAppendWindowStart; double mAppendWindowEnd; - double mTimestampOffset; + double mApparentTimestampOffset; + TimeUnit mTimestampOffset; SourceBufferAppendMode mAppendMode; bool mUpdating; + bool mGenerateTimestamp; + bool mIsUsingFormatReader; - bool mActive; + mozilla::Atomic mActive; // Each time mUpdating is set to true, mUpdateID will be incremented. // This allows for a queued AppendData task to identify if it was earlier diff --git a/dom/media/mediasource/SourceBufferContentManager.cpp b/dom/media/mediasource/SourceBufferContentManager.cpp index 169201ad379..03189be8977 100644 --- a/dom/media/mediasource/SourceBufferContentManager.cpp +++ b/dom/media/mediasource/SourceBufferContentManager.cpp @@ -5,15 +5,24 @@ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ #include "SourceBufferContentManager.h" +#include "TrackBuffer.h" +#include "TrackBuffersManager.h" namespace mozilla { already_AddRefed -SourceBufferContentManager::CreateManager(MediaSourceDecoder* aParentDecoder, +SourceBufferContentManager::CreateManager(dom::SourceBuffer* aParent, + MediaSourceDecoder* aParentDecoder, const nsACString &aType) { nsRefPtr manager; - manager = new TrackBuffer(aParentDecoder, aType); + bool useFormatReader = + Preferences::GetBool("media.mediasource.format-reader", false); + if (useFormatReader) { + manager = new TrackBuffersManager(aParent, aParentDecoder, aType); + } else { + manager = new TrackBuffer(aParentDecoder, aType); + } return manager.forget(); } diff --git a/dom/media/mediasource/SourceBufferContentManager.h b/dom/media/mediasource/SourceBufferContentManager.h index 3001590839c..918d82aa87a 100644 --- a/dom/media/mediasource/SourceBufferContentManager.h +++ b/dom/media/mediasource/SourceBufferContentManager.h @@ -27,7 +27,8 @@ public: typedef AppendPromise RangeRemovalPromise; static already_AddRefed - CreateManager(MediaSourceDecoder* aParentDecoder, const nsACString& aType); + CreateManager(dom::SourceBuffer* aParent, MediaSourceDecoder* aParentDecoder, + const nsACString& aType); // Add data to the end of the input buffer. // Returns false if the append failed. @@ -82,6 +83,23 @@ public: // The parent SourceBuffer is about to be destroyed. virtual void Detach() = 0; + // Current state as per Segment Parser Loop Algorithm + // http://w3c.github.io/media-source/index.html#sourcebuffer-segment-parser-loop + enum class AppendState : int32_t + { + WAITING_FOR_SEGMENT, + PARSING_INIT_SEGMENT, + PARSING_MEDIA_SEGMENT, + }; + + virtual AppendState GetAppendState() + { + return AppendState::WAITING_FOR_SEGMENT; + } + + virtual void SetGroupStartTimestamp(const TimeUnit& aGroupStartTimestamp) {} + virtual void RestartGroupStartTimestamp() {} + #if defined(DEBUG) virtual void Dump(const char* aPath) { } #endif diff --git a/dom/media/mediasource/TrackBuffersManager.cpp b/dom/media/mediasource/TrackBuffersManager.cpp new file mode 100644 index 00000000000..fda8e82f599 --- /dev/null +++ b/dom/media/mediasource/TrackBuffersManager.cpp @@ -0,0 +1,1231 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "TrackBuffersManager.h" +#include "SourceBufferResource.h" +#include "SourceBuffer.h" + +#ifdef MOZ_FMP4 +#include "MP4Demuxer.h" +#endif + +#include + +extern PRLogModuleInfo* GetMediaSourceLog(); + +#define MSE_DEBUG(arg, ...) MOZ_LOG(GetMediaSourceLog(), mozilla::LogLevel::Debug, ("TrackBuffersManager(%p:%s)::%s: " arg, this, mType.get(), __func__, ##__VA_ARGS__)) +#define MSE_DEBUGV(arg, ...) MOZ_LOG(GetMediaSourceLog(), mozilla::LogLevel::Verbose, ("TrackBuffersManager(%p:%s)::%s: " arg, this, mType.get(), __func__, ##__VA_ARGS__)) + +namespace mozilla { + +static const char* +AppendStateToStr(TrackBuffersManager::AppendState aState) +{ + switch (aState) { + case TrackBuffersManager::AppendState::WAITING_FOR_SEGMENT: + return "WAITING_FOR_SEGMENT"; + case TrackBuffersManager::AppendState::PARSING_INIT_SEGMENT: + return "PARSING_INIT_SEGMENT"; + case TrackBuffersManager::AppendState::PARSING_MEDIA_SEGMENT: + return "PARSING_MEDIA_SEGMENT"; + default: + return "IMPOSSIBLE"; + } +} + +TrackBuffersManager::TrackBuffersManager(dom::SourceBuffer* aParent, MediaSourceDecoder* aParentDecoder, const nsACString& aType) + : mInputBuffer(new MediaLargeByteBuffer) + , mAppendState(AppendState::WAITING_FOR_SEGMENT) + , mBufferFull(false) + , mFirstInitializationSegmentReceived(false) + , mActiveTrack(false) + , mType(aType) + , mParser(ContainerParser::CreateForMIMEType(aType)) + , mTaskQueue(new MediaTaskQueue(GetMediaThreadPool(MediaThreadType::PLAYBACK))) + , mParent(new nsMainThreadPtrHolder(aParent, false /* strict */)) + , mParentDecoder(new nsMainThreadPtrHolder(aParentDecoder, false /* strict */)) + , mAbort(false) + , mMonitor("TrackBuffersManager") +{ + MOZ_ASSERT(NS_IsMainThread(), "Must be instanciated on the main thread"); +} + +bool +TrackBuffersManager::AppendData(MediaLargeByteBuffer* aData, + TimeUnit aTimestampOffset) +{ + MOZ_ASSERT(NS_IsMainThread()); + MonitorAutoLock mon(mMonitor); + MSE_DEBUG("Appending %lld bytes", aData->Length()); + mIncomingBuffers.AppendElement(IncomingBuffer(aData, aTimestampOffset)); + mEnded = false; + return true; +} + +nsRefPtr +TrackBuffersManager::BufferAppend() +{ + MOZ_ASSERT(NS_IsMainThread()); + MOZ_ASSERT(mAppendPromise.IsEmpty()); + nsRefPtr p = mAppendPromise.Ensure(__func__); + + nsCOMPtr task = + NS_NewRunnableMethod(this, &TrackBuffersManager::InitSegmentParserLoop); + GetTaskQueue()->Dispatch(task.forget()); + + return p; +} + +// Abort any pending AppendData. +// We don't really care about really aborting our inner loop as by spec the +// process is happening asynchronously, as such where and when we would abort is +// non-deterministic. The SourceBuffer also makes sure BufferAppend +// isn't called should the appendBuffer be immediately aborted. +void +TrackBuffersManager::AbortAppendData() +{ + MOZ_ASSERT(NS_IsMainThread()); + mAppendPromise.RejectIfExists(NS_ERROR_ABORT, __func__); +} + +void +TrackBuffersManager::ResetParserState() +{ + MOZ_ASSERT(NS_IsMainThread()); + MOZ_ASSERT(mAppendPromise.IsEmpty(), "AbortAppendData must have been called"); + + // 1. If the append state equals PARSING_MEDIA_SEGMENT and the input buffer contains some complete coded frames, then run the coded frame processing algorithm until all of these complete coded frames have been processed. + if (mAppendState == AppendState::PARSING_MEDIA_SEGMENT) { + nsCOMPtr task = + NS_NewRunnableMethod(this, &TrackBuffersManager::FinishCodedFrameProcessing); + GetTaskQueue()->Dispatch(task.forget()); + } else { + nsCOMPtr task = + NS_NewRunnableMethod(this, &TrackBuffersManager::CompleteResetParserState); + GetTaskQueue()->Dispatch(task.forget()); + } +} + +nsRefPtr +TrackBuffersManager::RangeRemoval(TimeUnit aStart, TimeUnit aEnd) +{ + MOZ_ASSERT(NS_IsMainThread()); + mEnded = false; + + nsRefPtr p = mRangeRemovalPromise.Ensure(__func__); + + nsCOMPtr task = + NS_NewRunnableMethodWithArg( + this, &TrackBuffersManager::CodedFrameRemoval, TimeInterval(aStart, aEnd)); + GetTaskQueue()->Dispatch(task.forget()); + return p; +} + +TrackBuffersManager::EvictDataResult +TrackBuffersManager::EvictData(TimeUnit aPlaybackTime, + uint32_t aThreshold, + TimeUnit* aBufferStartTime) +{ + // TODO. + return EvictDataResult::NO_DATA_EVICTED; +} + +void +TrackBuffersManager::EvictBefore(TimeUnit aTime) +{ + MOZ_ASSERT(NS_IsMainThread()); + nsCOMPtr task = + NS_NewRunnableMethodWithArg( + this, &TrackBuffersManager::CodedFrameRemoval, + TimeInterval(TimeUnit::FromSeconds(0), aTime)); + GetTaskQueue()->Dispatch(task.forget()); +} + +media::TimeIntervals +TrackBuffersManager::Buffered() +{ + MonitorAutoLock mon(mMonitor); + // http://w3c.github.io/media-source/index.html#widl-SourceBuffer-buffered + // 2. Let highest end time be the largest track buffer ranges end time across all the track buffers managed by this SourceBuffer object. + TimeUnit highestEndTime; + + nsTArray tracks; + if (HasVideo()) { + tracks.AppendElement(&mVideoBufferedRanges); + } + if (HasAudio()) { + tracks.AppendElement(&mAudioBufferedRanges); + } + for (auto trackRanges : tracks) { + highestEndTime = std::max(trackRanges->GetEnd(), highestEndTime); + } + + // 3. Let intersection ranges equal a TimeRange object containing a single range from 0 to highest end time. + TimeIntervals intersection{TimeInterval(TimeUnit::FromSeconds(0), highestEndTime)}; + + // 4. For each track buffer managed by this SourceBuffer, run the following steps: + // 1. Let track ranges equal the track buffer ranges for the current track buffer. + for (auto trackRanges : tracks) { + // 2. If readyState is "ended", then set the end time on the last range in track ranges to highest end time. + if (mEnded) { + trackRanges->Add(TimeInterval(trackRanges->GetEnd(), highestEndTime)); + } + // 3. Let new intersection ranges equal the intersection between the intersection ranges and the track ranges. + intersection.Intersection(*trackRanges); + } + return intersection; +} + +int64_t +TrackBuffersManager::GetSize() +{ + // TODO + return 0; +} + +void +TrackBuffersManager::Ended() +{ + mEnded = true; +} + +void +TrackBuffersManager::Detach() +{ + MOZ_ASSERT(NS_IsMainThread()); + MOZ_ASSERT(mAppendPromise.IsEmpty(), "Abort wasn't called"); + // Abort any pending promises. + mRangeRemovalPromise.ResolveIfExists(false, __func__); + // Clear our sourcebuffer + nsCOMPtr task = + NS_NewRunnableMethodWithArg( + this, &TrackBuffersManager::CodedFrameRemoval, + TimeInterval(TimeUnit::FromSeconds(0), TimeUnit::FromInfinity())); + GetTaskQueue()->Dispatch(task.forget()); +} + +#if defined(DEBUG) +void +TrackBuffersManager::Dump(const char* aPath) +{ + +} +#endif + +void +TrackBuffersManager::FinishCodedFrameProcessing() +{ + MOZ_ASSERT(OnTaskQueue()); + + if (mProcessingRequest.Exists()) { + NS_WARNING("Processing request pending"); + mProcessingRequest.Disconnect(); + } + // The spec requires us to complete parsing synchronously any outstanding + // frames in the current media segment. This can't be implemented in a way + // that makes sense. + // As such we simply completely ignore the result of any pending input buffer. + // TODO: Link to W3C bug. + + CompleteResetParserState(); +} + +void +TrackBuffersManager::CompleteResetParserState() +{ + MOZ_ASSERT(OnTaskQueue()); + + for (auto track : GetTracksList()) { + // 2. Unset the last decode timestamp on all track buffers. + track->mLastDecodeTimestamp.reset(); + // 3. Unset the last frame duration on all track buffers. + track->mLastFrameDuration.reset(); + // 4. Unset the highest end timestamp on all track buffers. + track->mHighestEndTimestamp.reset(); + // 5. Set the need random access point flag on all track buffers to true. + track->mNeedRandomAccessPoint = true; + + // if we have been aborted, we may have pending frames that we are going + // to discard now. + track->mQueuedSamples.Clear(); + } + // 6. Remove all bytes from the input buffer. + mIncomingBuffers.Clear(); + mInputBuffer->Clear(); + if (mCurrentInputBuffer) { + mCurrentInputBuffer->EvictAll(); + mCurrentInputBuffer = new SourceBufferResource(mType); + } + + // We could be left with a demuxer in an unusable state. It needs to be + // recreated. We store in the InputBuffer an init segment which will be parsed + // during the next Segment Parser Loop and a new demuxer will be created and + // initialized. + if (mFirstInitializationSegmentReceived) { + nsRefPtr initData = mParser->InitData(); + MOZ_ASSERT(initData->Length(), "we must have an init segment"); + // The aim here is really to destroy our current demuxer. + CreateDemuxerforMIMEType(); + mInputBuffer->AppendElements(*initData); + } + RecreateParser(); + + // 7. Set append state to WAITING_FOR_SEGMENT. + SetAppendState(AppendState::WAITING_FOR_SEGMENT); + + // We're done. + mAbort = false; +} + +void +TrackBuffersManager::CodedFrameRemoval(TimeInterval aInterval) +{ + MSE_DEBUG("From %.2fs to %.2f", + aInterval.mStart.ToSeconds(), aInterval.mEnd.ToSeconds()); + TimeUnit duration{TimeUnit::FromSeconds(mParentDecoder->GetMediaSourceDuration())}; + + MSE_DEBUG("duration:%.2f", duration.ToSeconds()); + MSE_DEBUG("before video ranges=%s", DumpTimeRanges(mVideoTracks.mBufferedRanges).get()); + MSE_DEBUG("before audio ranges=%s", DumpTimeRanges(mAudioTracks.mBufferedRanges).get()); + + // 1. Let start be the starting presentation timestamp for the removal range. + TimeUnit start = aInterval.mStart; + // 2. Let end be the end presentation timestamp for the removal range. + TimeUnit end = aInterval.mEnd; + + // 3. For each track buffer in this source buffer, run the following steps: + for (auto track : GetTracksList()) { + MSE_DEBUGV("Processing %s track", track->mInfo->mMimeType.get()); + // 1. Let remove end timestamp be the current value of duration + // See bug: https://www.w3.org/Bugs/Public/show_bug.cgi?id=28727 + TimeUnit removeEndTimestamp = std::max(duration, track->mBufferedRanges.GetEnd()); + + // 2. If this track buffer has a random access point timestamp that is greater than or equal to end, + // then update remove end timestamp to that random access point timestamp. + if (end < track->mBufferedRanges.GetEnd()) { + for (auto& frame : track->mBuffers.LastElement()) { + if (frame->mKeyframe && frame->mTime >= end.ToMicroseconds()) { + removeEndTimestamp = TimeUnit::FromMicroseconds(frame->mTime); + break; + } + } + } + // 3. Remove all media data, from this track buffer, that contain starting + // timestamps greater than or equal to start and less than the remove end timestamp. + TimeInterval removedInterval; + int32_t firstRemovedIndex = -1; + TrackBuffer& data = track->mBuffers.LastElement(); + for (uint32_t i = 0; i < data.Length(); i++) { + const auto& frame = data[i]; + if (frame->mTime >= start.ToMicroseconds() && + frame->mTime < removeEndTimestamp.ToMicroseconds()) { + if (firstRemovedIndex < 0) { + removedInterval = + TimeInterval(TimeUnit::FromMicroseconds(frame->mTime), + TimeUnit::FromMicroseconds(frame->mTime + frame->mDuration)); + firstRemovedIndex = i; + } else { + removedInterval = removedInterval.Span( + TimeInterval(TimeUnit::FromMicroseconds(frame->mTime), + TimeUnit::FromMicroseconds(frame->mTime + frame->mDuration))); + } + data.RemoveElementAt(i); + } + } + // 4. Remove decoding dependencies of the coded frames removed in the previous step: + // Remove all coded frames between the coded frames removed in the previous step and the next random access point after those removed frames. + if (firstRemovedIndex >= 0) { + for (uint32_t i = firstRemovedIndex; i < data.Length(); i++) { + const auto& frame = data[i]; + if (frame->mKeyframe) { + break; + } + removedInterval = removedInterval.Span( + TimeInterval(TimeUnit::FromMicroseconds(frame->mTime), + TimeUnit::FromMicroseconds(frame->mTime + frame->mDuration))); + data.RemoveElementAt(i); + } + } + track->mBufferedRanges -= removedInterval; + + // 5. If this object is in activeSourceBuffers, the current playback position + // is greater than or equal to start and less than the remove end timestamp, + // and HTMLMediaElement.readyState is greater than HAVE_METADATA, then set the + // HTMLMediaElement.readyState attribute to HAVE_METADATA and stall playback. + // This will be done by the MDSM during playback. + // TODO properly, so it works even if paused. + } + // 4. If buffer full flag equals true and this object is ready to accept more bytes, then set the buffer full flag to false. + // TODO. + mBufferFull = false; + { + MonitorAutoLock mon(mMonitor); + mVideoBufferedRanges = mVideoTracks.mBufferedRanges; + mAudioBufferedRanges = mAudioTracks.mBufferedRanges; + } + MSE_DEBUG("after video ranges=%s", DumpTimeRanges(mVideoTracks.mBufferedRanges).get()); + MSE_DEBUG("after audio ranges=%s", DumpTimeRanges(mAudioTracks.mBufferedRanges).get()); + + mRangeRemovalPromise.ResolveIfExists(true, __func__); +} + +void +TrackBuffersManager::InitSegmentParserLoop() +{ + AppendIncomingBuffers(); + SegmentParserLoop(); +} + +void +TrackBuffersManager::AppendIncomingBuffers() +{ + MOZ_ASSERT(OnTaskQueue()); + MonitorAutoLock mon(mMonitor); + for (auto& incomingBuffer : mIncomingBuffers) { + if (!mInputBuffer->AppendElements(*incomingBuffer.first())) { + RejectAppend(NS_ERROR_OUT_OF_MEMORY, __func__); + } + } + if (!mIncomingBuffers.IsEmpty()) { + mTimestampOffset = mIncomingBuffers.LastElement().second(); + mLastTimestampOffset = mTimestampOffset; + } + mIncomingBuffers.Clear(); +} + +void +TrackBuffersManager::SegmentParserLoop() +{ + MOZ_ASSERT(OnTaskQueue()); + while (true) { + bool completeMediaHeader; + // 1. If the input buffer is empty, then jump to the need more data step below. + if (!mInputBuffer || mInputBuffer->IsEmpty()) { + NeedMoreData(); + return; + } + // 2. If the input buffer contains bytes that violate the SourceBuffer + // byte stream format specification, then run the append error algorithm with + // the decode error parameter set to true and abort this algorithm. + // TODO + + // 3. Remove any bytes that the byte stream format specifications say must be + // ignored from the start of the input buffer. + // TODO + + // 4. If the append state equals WAITING_FOR_SEGMENT, then run the following + // steps: + if (mAppendState == AppendState::WAITING_FOR_SEGMENT) { + if (mParser->IsInitSegmentPresent(mInputBuffer)) { + SetAppendState(AppendState::PARSING_INIT_SEGMENT); + continue; + } + if (mParser->IsMediaSegmentPresent(mInputBuffer)) { + SetAppendState(AppendState::PARSING_MEDIA_SEGMENT); + continue; + } + // We have neither an init segment nor a media segment, this is invalid + // data. However, as we do not remove any bytes that are supposed to be + // ignored, we simply ignore them. + MSE_DEBUG("Found invalid data, ignoring for now"); + NeedMoreData(); + return; + } + + int64_t start, end; + completeMediaHeader = + mParser->ParseStartAndEndTimestamps(mInputBuffer, start, end); + + // 5. If the append state equals PARSING_INIT_SEGMENT, then run the + // following steps: + if (mAppendState == AppendState::PARSING_INIT_SEGMENT) { + if (mParser->InitSegmentRange().IsNull()) { + NeedMoreData(); + return; + } + InitializationSegmentReceived(); + return; + } + if (mAppendState == AppendState::PARSING_MEDIA_SEGMENT) { + // 1. If the first initialization segment received flag is false, then run the append error algorithm with the decode error parameter set to true and abort this algorithm. + if (!mFirstInitializationSegmentReceived) { + RejectAppend(NS_ERROR_FAILURE, __func__); + return; + } + // 2. If the input buffer does not contain a complete media segment header yet, then jump to the need more data step below. + if (!completeMediaHeader) { + NeedMoreData(); + return; + } + // 3. If the input buffer contains one or more complete coded frames, then run the coded frame processing algorithm. + nsRefPtr self = this; + mProcessingRequest.Begin(CodedFrameProcessing() + ->Then(GetTaskQueue(), __func__, + [self] (bool aNeedMoreData) { + self->mProcessingRequest.Complete(); + if (aNeedMoreData || self->mAbort) { + self->NeedMoreData(); + } else { + self->ScheduleSegmentParserLoop(); + } + }, + [self] (nsresult aRejectValue) { + self->mProcessingRequest.Complete(); + self->RejectAppend(aRejectValue, __func__); + })); + return; + } + } +} + +void +TrackBuffersManager::NeedMoreData() +{ + MSE_DEBUG(""); + // The entire mInputBuffer will be reparsed on the next Segment Parser Loop + // run, clear the current ContainerParser so it won't treat the same data + // twice which would shift all our offsets incorrectly. + RecreateParser(); + RestoreCachedVariables(); + mAppendPromise.ResolveIfExists(mActiveTrack, __func__); +} + +void +TrackBuffersManager::RejectAppend(nsresult aRejectValue, const char* aName) +{ + MSE_DEBUG("rv=%d", aRejectValue); + mAppendPromise.RejectIfExists(aRejectValue, aName); +} + +void +TrackBuffersManager::ScheduleSegmentParserLoop() +{ + nsCOMPtr task = + NS_NewRunnableMethod(this, &TrackBuffersManager::SegmentParserLoop); + GetTaskQueue()->Dispatch(task.forget()); +} + +void +TrackBuffersManager::CreateDemuxerforMIMEType() +{ + if (mVideoTracks.mDemuxer) { + mVideoTracks.mDemuxer->BreakCycles(); + mVideoTracks.mDemuxer = nullptr; + } + if (mAudioTracks.mDemuxer) { + mAudioTracks.mDemuxer->BreakCycles(); + mAudioTracks.mDemuxer = nullptr; + } + mInputDemuxer = nullptr; + if (mType.LowerCaseEqualsLiteral("video/webm") || mType.LowerCaseEqualsLiteral("audio/webm")) { + MOZ_ASSERT(false, "Waiting on WebMDemuxer"); + // mInputDemuxer = new WebMDemuxer(mCurrentInputBuffer); + } + +#ifdef MOZ_FMP4 + if (mType.LowerCaseEqualsLiteral("video/mp4") || mType.LowerCaseEqualsLiteral("audio/mp4")) { + mInputDemuxer = new MP4Demuxer(mCurrentInputBuffer); + return; + } +#endif + MOZ_ASSERT(false, "Not supported (yet)"); +} + +void +TrackBuffersManager::InitializationSegmentReceived() +{ + MOZ_ASSERT(mParser->HasCompleteInitData()); + mCurrentInputBuffer = new SourceBufferResource(mType); + mCurrentInputBuffer->AppendData(mParser->InitData()); + CreateDemuxerforMIMEType(); + if (!mInputDemuxer) { + MOZ_ASSERT(false, "TODO type not supported"); + return; + } + mDemuxerInitRequest.Begin(mInputDemuxer->Init() + ->Then(GetTaskQueue(), __func__, + this, + &TrackBuffersManager::OnDemuxerInitDone, + &TrackBuffersManager::OnDemuxerInitFailed)); +} + +void +TrackBuffersManager::OnDemuxerInitDone(nsresult) +{ + mDemuxerInitRequest.Complete(); + + if (mAbort) { + RejectAppend(NS_ERROR_ABORT, __func__); + return; + } + + MediaInfo info; + + uint32_t numVideos = mInputDemuxer->GetNumberTracks(TrackInfo::kVideoTrack); + if (numVideos) { + // We currently only handle the first video track. + mVideoTracks.mDemuxer = mInputDemuxer->GetTrackDemuxer(TrackInfo::kVideoTrack, 0); + MOZ_ASSERT(mVideoTracks.mDemuxer); + info.mVideo = *mVideoTracks.mDemuxer->GetInfo()->GetAsVideoInfo(); + } + + uint32_t numAudios = mInputDemuxer->GetNumberTracks(TrackInfo::kAudioTrack); + if (numAudios) { + // We currently only handle the first audio track. + mAudioTracks.mDemuxer = mInputDemuxer->GetTrackDemuxer(TrackInfo::kAudioTrack, 0); + MOZ_ASSERT(mAudioTracks.mDemuxer); + info.mAudio = *mAudioTracks.mDemuxer->GetInfo()->GetAsAudioInfo(); + } + + int64_t videoDuration = numVideos ? info.mVideo.mDuration : 0; + int64_t audioDuration = numAudios ? info.mAudio.mDuration : 0; + + int64_t duration = std::max(videoDuration, audioDuration); + // 1. Update the duration attribute if it currently equals NaN. + // Those steps are performed by the MediaSourceDecoder::SetInitialDuration + nsCOMPtr task = + NS_NewRunnableMethodWithArg(mParentDecoder, + &MediaSourceDecoder::SetInitialDuration, + duration ? duration : -1); + AbstractThread::MainThread()->Dispatch(task.forget()); + + // 2. If the initialization segment has no audio, video, or text tracks, then + // run the append error algorithm with the decode error parameter set to true + // and abort these steps. + if (!numVideos && !numAudios) { + RejectAppend(NS_ERROR_FAILURE, __func__); + return; + } + + // 3. If the first initialization segment received flag is true, then run the following steps: + if (mFirstInitializationSegmentReceived) { + if (numVideos != mVideoTracks.mNumTracks || + numAudios != mAudioTracks.mNumTracks || + (numVideos && info.mVideo.mMimeType != mVideoTracks.mInfo->mMimeType) || + (numAudios && info.mAudio.mMimeType != mAudioTracks.mInfo->mMimeType)) { + RejectAppend(NS_ERROR_FAILURE, __func__); + return; + } + // 1. If more than one track for a single type are present (ie 2 audio tracks), + // then the Track IDs match the ones in the first initialization segment. + // TODO + // 2. Add the appropriate track descriptions from this initialization + // segment to each of the track buffers. + // TODO + // 3. Set the need random access point flag on all track buffers to true. + mVideoTracks.mNeedRandomAccessPoint = true; + mAudioTracks.mNeedRandomAccessPoint = true; + } + + // 4. Let active track flag equal false. + mActiveTrack = false; + + // 5. If the first initialization segment received flag is false, then run the following steps: + if (!mFirstInitializationSegmentReceived) { + mAudioTracks.mNumTracks = numAudios; + // TODO: + // 1. If the initialization segment contains tracks with codecs the user agent + // does not support, then run the append error algorithm with the decode + // error parameter set to true and abort these steps. + + // 2. For each audio track in the initialization segment, run following steps: + // for (uint32_t i = 0; i < numAudios; i++) { + if (numAudios) { + // 1. Let audio byte stream track ID be the Track ID for the current track being processed. + // 2. Let audio language be a BCP 47 language tag for the language specified in the initialization segment for this track or an empty string if no language info is present. + // 3. If audio language equals an empty string or the 'und' BCP 47 value, then run the default track language algorithm with byteStreamTrackID set to audio byte stream track ID and type set to "audio" and assign the value returned by the algorithm to audio language. + // 4. Let audio label be a label specified in the initialization segment for this track or an empty string if no label info is present. + // 5. If audio label equals an empty string, then run the default track label algorithm with byteStreamTrackID set to audio byte stream track ID and type set to "audio" and assign the value returned by the algorithm to audio label. + // 6. Let audio kinds be an array of kind strings specified in the initialization segment for this track or an empty array if no kind information is provided. + // 7. If audio kinds equals an empty array, then run the default track kinds algorithm with byteStreamTrackID set to audio byte stream track ID and type set to "audio" and assign the value returned by the algorithm to audio kinds. + // 8. For each value in audio kinds, run the following steps: + // 1. Let current audio kind equal the value from audio kinds for this iteration of the loop. + // 2. Let new audio track be a new AudioTrack object. + // 3. Generate a unique ID and assign it to the id property on new audio track. + // 4. Assign audio language to the language property on new audio track. + // 5. Assign audio label to the label property on new audio track. + // 6. Assign current audio kind to the kind property on new audio track. + // 7. If audioTracks.length equals 0, then run the following steps: + // 1. Set the enabled property on new audio track to true. + // 2. Set active track flag to true. + mActiveTrack = true; + // 8. Add new audio track to the audioTracks attribute on this SourceBuffer object. + // 9. Queue a task to fire a trusted event named addtrack, that does not bubble and is not cancelable, and that uses the TrackEvent interface, at the AudioTrackList object referenced by the audioTracks attribute on this SourceBuffer object. + // 10. Add new audio track to the audioTracks attribute on the HTMLMediaElement. + // 11. Queue a task to fire a trusted event named addtrack, that does not bubble and is not cancelable, and that uses the TrackEvent interface, at the AudioTrackList object referenced by the audioTracks attribute on the HTMLMediaElement. + mAudioTracks.mBuffers.AppendElement(TrackBuffer()); + // 10. Add the track description for this track to the track buffer. + mAudioTracks.mInfo = info.mAudio.Clone(); + } + + mVideoTracks.mNumTracks = numVideos; + // 3. For each video track in the initialization segment, run following steps: + // for (uint32_t i = 0; i < numVideos; i++) { + if (numVideos) { + // 1. Let video byte stream track ID be the Track ID for the current track being processed. + // 2. Let video language be a BCP 47 language tag for the language specified in the initialization segment for this track or an empty string if no language info is present. + // 3. If video language equals an empty string or the 'und' BCP 47 value, then run the default track language algorithm with byteStreamTrackID set to video byte stream track ID and type set to "video" and assign the value returned by the algorithm to video language. + // 4. Let video label be a label specified in the initialization segment for this track or an empty string if no label info is present. + // 5. If video label equals an empty string, then run the default track label algorithm with byteStreamTrackID set to video byte stream track ID and type set to "video" and assign the value returned by the algorithm to video label. + // 6. Let video kinds be an array of kind strings specified in the initialization segment for this track or an empty array if no kind information is provided. + // 7. If video kinds equals an empty array, then run the default track kinds algorithm with byteStreamTrackID set to video byte stream track ID and type set to "video" and assign the value returned by the algorithm to video kinds. + // 8. For each value in video kinds, run the following steps: + // 1. Let current video kind equal the value from video kinds for this iteration of the loop. + // 2. Let new video track be a new VideoTrack object. + // 3. Generate a unique ID and assign it to the id property on new video track. + // 4. Assign video language to the language property on new video track. + // 5. Assign video label to the label property on new video track. + // 6. Assign current video kind to the kind property on new video track. + // 7. If videoTracks.length equals 0, then run the following steps: + // 1. Set the selected property on new video track to true. + // 2. Set active track flag to true. + mActiveTrack = true; + // 8. Add new video track to the videoTracks attribute on this SourceBuffer object. + // 9. Queue a task to fire a trusted event named addtrack, that does not bubble and is not cancelable, and that uses the TrackEvent interface, at the VideoTrackList object referenced by the videoTracks attribute on this SourceBuffer object. + // 10. Add new video track to the videoTracks attribute on the HTMLMediaElement. + // 11. Queue a task to fire a trusted event named addtrack, that does not bubble and is not cancelable, and that uses the TrackEvent interface, at the VideoTrackList object referenced by the videoTracks attribute on the HTMLMediaElement. + mVideoTracks.mBuffers.AppendElement(TrackBuffer()); + // 10. Add the track description for this track to the track buffer. + mVideoTracks.mInfo = info.mVideo.Clone(); + } + // 4. For each text track in the initialization segment, run following steps: + // 5. If active track flag equals true, then run the following steps: + // This is handled by SourceBuffer once the promise is resolved. + + // 6. Set first initialization segment received flag to true. + mFirstInitializationSegmentReceived = true; + } + + // TODO CHECK ENCRYPTION + UniquePtr crypto = mInputDemuxer->GetCrypto(); + if (crypto && crypto->IsEncrypted()) { +#ifdef MOZ_EME + // Try and dispatch 'encrypted'. Won't go if ready state still HAVE_NOTHING. + for (uint32_t i = 0; i < crypto->mInitDatas.Length(); i++) { +// NS_DispatchToMainThread( +// new DispatchKeyNeededEvent(mParentDecoder, crypto->mInitDatas[i].mInitData, NS_LITERAL_STRING("cenc"))); + } +#endif // MOZ_EME + info.mCrypto = *crypto; + mEncrypted = true; + } + + { + MonitorAutoLock mon(mMonitor); + mInfo = info; + } + + // 3. Remove the initialization segment bytes from the beginning of the input buffer. + mInputBuffer->RemoveElementsAt(0, mParser->InitSegmentRange().mEnd); + RecreateParser(); + + // 4. Set append state to WAITING_FOR_SEGMENT. + SetAppendState(AppendState::WAITING_FOR_SEGMENT); + // 5. Jump to the loop top step above. + ScheduleSegmentParserLoop(); +} + +void +TrackBuffersManager::OnDemuxerInitFailed(DemuxerFailureReason aFailure) +{ + MOZ_ASSERT(aFailure != DemuxerFailureReason::WAITING_FOR_DATA); + mDemuxerInitRequest.Complete(); + + RejectAppend(NS_ERROR_FAILURE, __func__); +} + +nsRefPtr +TrackBuffersManager::CodedFrameProcessing() +{ + MOZ_ASSERT(mProcessingPromise.IsEmpty()); + nsRefPtr p = mProcessingPromise.Ensure(__func__); + + int64_t offset = mCurrentInputBuffer->GetLength(); + MediaByteRange mediaRange = mParser->MediaSegmentRange(); + // The mediaRange is offset by the init segment position previously added. + int64_t rangeOffset = mParser->InitData()->Length(); + int64_t length; + if (mediaRange.IsNull()) { + length = mInputBuffer->Length(); + mCurrentInputBuffer->AppendData(mInputBuffer); + } else { + nsRefPtr segment = new MediaLargeByteBuffer; + length = mediaRange.Length(); + MOZ_ASSERT(mInputBuffer->Length() >= uint64_t(mediaRange.mEnd - rangeOffset), + "We're missing some data"); + MOZ_ASSERT(mediaRange.mStart >= rangeOffset, "Invalid media segment range"); + if (!segment->AppendElements(mInputBuffer->Elements() + + mediaRange.mStart - rangeOffset, length)) { + return CodedFrameProcessingPromise::CreateAndReject(NS_ERROR_OUT_OF_MEMORY, __func__); + } + mCurrentInputBuffer->AppendData(segment); + } + mInputDemuxer->NotifyDataArrived(length, offset); + + DoDemuxVideo(); + + return p; +} + +void +TrackBuffersManager::OnDemuxFailed(TrackType aTrack, + DemuxerFailureReason aFailure) +{ + MSE_DEBUG("Failed to demux %s, failure = %d", + aTrack == TrackType::kVideoTrack ? "video" : "audio", aFailure); + if (mAbort) { + mProcessingPromise.RejectIfExists(NS_ERROR_ABORT, __func__); + return; + } + switch (aFailure) { + case DemuxerFailureReason::END_OF_STREAM: + case DemuxerFailureReason::WAITING_FOR_DATA: + if (aTrack == TrackType::kVideoTrack) { + DoDemuxAudio(); + } else { + CompleteCodedFrameProcessing(); + } + break; + case DemuxerFailureReason::DEMUXER_ERROR: + mProcessingPromise.RejectIfExists(NS_ERROR_FAILURE, __func__); + break; + case DemuxerFailureReason::CANCELED: + case DemuxerFailureReason::SHUTDOWN: + mProcessingPromise.RejectIfExists(NS_ERROR_ABORT, __func__); + break; + default: + MOZ_ASSERT(false); + break; + } +} + +void +TrackBuffersManager::DoDemuxVideo() +{ + if (!HasVideo()) { + DoDemuxAudio(); + return; + } + mVideoTracks.mDemuxRequest.Begin(mVideoTracks.mDemuxer->GetSamples(-1) + ->Then(GetTaskQueue(), __func__, this, + &TrackBuffersManager::OnVideoDemuxCompleted, + &TrackBuffersManager::OnVideoDemuxFailed)); +} + +void +TrackBuffersManager::OnVideoDemuxCompleted(nsRefPtr aSamples) +{ + MSE_DEBUG("%d video samples demuxed", aSamples->mSamples.Length()); + mVideoTracks.mDemuxRequest.Complete(); + if (mAbort) { + mProcessingPromise.RejectIfExists(NS_ERROR_ABORT, __func__); + return; + } + mVideoTracks.mQueuedSamples.AppendElements(aSamples->mSamples); + DoDemuxAudio(); +} + +void +TrackBuffersManager::DoDemuxAudio() +{ + if (mAbort) { + mProcessingPromise.RejectIfExists(NS_ERROR_ABORT, __func__); + return; + } + if (!HasAudio()) { + CompleteCodedFrameProcessing(); + return; + } + mAudioTracks.mDemuxRequest.Begin(mAudioTracks.mDemuxer->GetSamples(-1) + ->Then(GetTaskQueue(), __func__, this, + &TrackBuffersManager::OnAudioDemuxCompleted, + &TrackBuffersManager::OnAudioDemuxFailed)); +} + +void +TrackBuffersManager::OnAudioDemuxCompleted(nsRefPtr aSamples) +{ + MSE_DEBUG("%d audio samples demuxed", aSamples->mSamples.Length()); + mAudioTracks.mDemuxRequest.Complete(); + if (mAbort) { + mProcessingPromise.RejectIfExists(NS_ERROR_ABORT, __func__); + return; + } + mAudioTracks.mQueuedSamples.AppendElements(aSamples->mSamples); + CompleteCodedFrameProcessing(); +} + +void +TrackBuffersManager::CompleteCodedFrameProcessing() +{ + MOZ_ASSERT(OnTaskQueue()); + + // 1. For each coded frame in the media segment run the following steps: + + for (auto& sample : mVideoTracks.mQueuedSamples) { + while (true) { + if (!ProcessFrame(sample, mVideoTracks)) { + break; + } + } + } + mVideoTracks.mQueuedSamples.Clear(); + + for (auto& sample : mAudioTracks.mQueuedSamples) { + while (true) { + if (!ProcessFrame(sample, mAudioTracks)) { + break; + } + } + } + mAudioTracks.mQueuedSamples.Clear(); + + { + MonitorAutoLock mon(mMonitor); + + // Save our final tracks buffered ranges. + mVideoBufferedRanges = mVideoTracks.mBufferedRanges; + mAudioBufferedRanges = mAudioTracks.mBufferedRanges; + } + + // Return to step 6.4 of Segment Parser Loop algorithm + // 4. If this SourceBuffer is full and cannot accept more media data, then set the buffer full flag to true. + // TODO + mBufferFull = false; + + // 5. If the input buffer does not contain a complete media segment, then jump to the need more data step below. + if (mParser->MediaSegmentRange().IsNull()) { + mProcessingPromise.ResolveIfExists(true, __func__); + return; + } + + // 6. Remove the media segment bytes from the beginning of the input buffer. + int64_t rangeOffset = mParser->InitSegmentRange().mEnd; + mInputBuffer->RemoveElementsAt(0, mParser->MediaSegmentRange().mEnd - rangeOffset); + RecreateParser(); + + // Clear our demuxer from any already processed data. + // As we have handled a complete media segment, it is safe to evict all data + // from the resource. + mCurrentInputBuffer->EvictAll(); + mInputDemuxer->NotifyDataRemoved(); + + // 7. Set append state to WAITING_FOR_SEGMENT. + SetAppendState(AppendState::WAITING_FOR_SEGMENT); + + // 8. Jump to the loop top step above. + mProcessingPromise.ResolveIfExists(false, __func__); +} + +bool +TrackBuffersManager::ProcessFrame(MediaRawData* aSample, + TrackData& aTrackData) +{ + TrackData* tracks[] = { &mVideoTracks, &mAudioTracks }; + TimeUnit presentationTimestamp; + TimeUnit decodeTimestamp; + + if (!mParent->mGenerateTimestamp) { + presentationTimestamp = TimeUnit::FromMicroseconds(aSample->mTime); + decodeTimestamp = TimeUnit::FromMicroseconds(aSample->mTimecode); + } + + // 2. Let frame duration be a double precision floating point representation of the coded frame's duration in seconds. + TimeUnit frameDuration{TimeUnit::FromMicroseconds(aSample->mDuration)}; + + // 3. If mode equals "sequence" and group start timestamp is set, then run the following steps: + if (mParent->mAppendMode == SourceBufferAppendMode::Sequence && + mGroupStartTimestamp.isSome()) { + mTimestampOffset = mGroupStartTimestamp.ref(); + mGroupEndTimestamp = mGroupStartTimestamp.ref(); + mVideoTracks.mNeedRandomAccessPoint = true; + mAudioTracks.mNeedRandomAccessPoint = true; + mGroupStartTimestamp.reset(); + } + + // 4. If timestampOffset is not 0, then run the following steps: + if (mTimestampOffset != TimeUnit::FromSeconds(0)) { + presentationTimestamp += mTimestampOffset; + decodeTimestamp += mTimestampOffset; + } + + MSE_DEBUGV("Processing %s frame(pts:%lld end:%lld, dts:%lld, duration:%lld, " + "kf:%d)", + aTrackData.mInfo->mMimeType.get(), + presentationTimestamp.ToMicroseconds(), + (presentationTimestamp + frameDuration).ToMicroseconds(), + decodeTimestamp.ToMicroseconds(), + frameDuration.ToMicroseconds(), + aSample->mKeyframe); + + // 5. Let track buffer equal the track buffer that the coded frame will be added to. + auto& trackBuffer = aTrackData; + + // 6. If last decode timestamp for track buffer is set and decode timestamp is less than last decode timestamp: + // OR + // If last decode timestamp for track buffer is set and the difference between decode timestamp and last decode timestamp is greater than 2 times last frame duration: + + // TODO: Maybe we should be using TimeStamp and TimeDuration instead? + + if ((trackBuffer.mLastDecodeTimestamp.isSome() && + decodeTimestamp < trackBuffer.mLastDecodeTimestamp.ref()) || + (trackBuffer.mLastDecodeTimestamp.isSome() && + decodeTimestamp - trackBuffer.mLastDecodeTimestamp.ref() > 2*trackBuffer.mLastFrameDuration.ref())) { + if (mParent->mAppendMode == SourceBufferAppendMode::Segments) { + mGroupEndTimestamp = presentationTimestamp; + } + if (mParent->mAppendMode == SourceBufferAppendMode::Sequence) { + mGroupStartTimestamp = Some(mGroupEndTimestamp); + } + for (auto& track : tracks) { + track->mLastDecodeTimestamp.reset(); + track->mLastFrameDuration.reset(); + track->mHighestEndTimestamp.reset(); + track->mNeedRandomAccessPoint = true; + } + return true; + } + + // 7. Let frame end timestamp equal the sum of presentation timestamp and frame duration. + TimeUnit frameEndTimestamp = presentationTimestamp + frameDuration; + + // 8. If presentation timestamp is less than appendWindowStart, then set the need random access point flag to true, drop the coded frame, and jump to the top of the loop to start processing the next coded frame. + if (presentationTimestamp.ToSeconds() < mParent->mAppendWindowStart) { + trackBuffer.mNeedRandomAccessPoint = true; + return false; + } + + // 9. If frame end timestamp is greater than appendWindowEnd, then set the need random access point flag to true, drop the coded frame, and jump to the top of the loop to start processing the next coded frame. + if (frameEndTimestamp.ToSeconds() > mParent->mAppendWindowEnd) { + trackBuffer.mNeedRandomAccessPoint = true; + return false; + } + + // 10. If the need random access point flag on track buffer equals true, then run the following steps: + if (trackBuffer.mNeedRandomAccessPoint) { + // 1. If the coded frame is not a random access point, then drop the coded frame and jump to the top of the loop to start processing the next coded frame. + if (!aSample->mKeyframe) { + return false; + } + // 2. Set the need random access point flag on track buffer to false. + trackBuffer.mNeedRandomAccessPoint = false; + } + + // TODO: Handle splicing of audio (and text) frames. + // 11. Let spliced audio frame be an unset variable for holding audio splice information + // 12. Let spliced timed text frame be an unset variable for holding timed text splice information + + // 13. If last decode timestamp for track buffer is unset and presentation timestamp falls within the presentation interval of a coded frame in track buffer,then run the following steps: + // For now we only handle replacing existing frames with the new ones. So we + // skip this step. + + // 14. Remove existing coded frames in track buffer: + + // There is an ambiguity on how to remove frames, which was lodged with: + // https://www.w3.org/Bugs/Public/show_bug.cgi?id=28710, implementing as per + // bug description. + int firstRemovedIndex = -1; + TimeInterval removedInterval; + TrackBuffer& data = trackBuffer.mBuffers.LastElement(); + if (trackBuffer.mBufferedRanges.Contains(presentationTimestamp)) { + if (trackBuffer.mHighestEndTimestamp.isNothing()) { + for (uint32_t i = 0; i < data.Length(); i++) { + MediaRawData* sample = data[i].get(); + if (sample->mTime >= presentationTimestamp.ToMicroseconds() && + sample->mTime < frameEndTimestamp.ToMicroseconds()) { + if (firstRemovedIndex < 0) { + removedInterval = + TimeInterval(TimeUnit::FromMicroseconds(sample->mTime), + TimeUnit::FromMicroseconds(sample->mTime + sample->mDuration)); + firstRemovedIndex = i; + } else { + removedInterval = removedInterval.Span( + TimeInterval(TimeUnit::FromMicroseconds(sample->mTime), + TimeUnit::FromMicroseconds(sample->mTime + sample->mDuration))); + } + data.RemoveElementAt(i); + } + } + } else if (trackBuffer.mHighestEndTimestamp.ref() <= presentationTimestamp) { + for (uint32_t i = 0; i < data.Length(); i++) { + MediaRawData* sample = data[i].get(); + if (sample->mTime >= trackBuffer.mHighestEndTimestamp.ref().ToMicroseconds() && + sample->mTime < frameEndTimestamp.ToMicroseconds()) { + if (firstRemovedIndex < 0) { + removedInterval = + TimeInterval(TimeUnit::FromMicroseconds(sample->mTime), + TimeUnit::FromMicroseconds(sample->mTime + sample->mDuration)); + firstRemovedIndex = i; + } else { + removedInterval = removedInterval.Span( + TimeInterval(TimeUnit::FromMicroseconds(sample->mTime), + TimeUnit::FromMicroseconds(sample->mTime + sample->mDuration))); + } + data.RemoveElementAt(i); + } + } + } + } + // 15. Remove decoding dependencies of the coded frames removed in the previous step: + // Remove all coded frames between the coded frames removed in the previous step and the next random access point after those removed frames. + if (firstRemovedIndex >= 0) { + for (uint32_t i = firstRemovedIndex; i < data.Length(); i++) { + MediaRawData* sample = data[i].get(); + if (sample->mKeyframe) { + break; + } + removedInterval = removedInterval.Span( + TimeInterval(TimeUnit::FromMicroseconds(sample->mTime), + TimeUnit::FromMicroseconds(sample->mTime + sample->mDuration))); + data.RemoveElementAt(i); + } + // Update our buffered range to exclude the range just removed. + trackBuffer.mBufferedRanges -= removedInterval; + } + + // 16. Add the coded frame with the presentation timestamp, decode timestamp, and frame duration to the track buffer. + aSample->mTime = presentationTimestamp.ToMicroseconds(); + aSample->mTimecode = decodeTimestamp.ToMicroseconds(); + if (firstRemovedIndex >= 0) { + data.InsertElementAt(firstRemovedIndex, aSample); + } else { + data.AppendElement(aSample); + } + // 17. Set last decode timestamp for track buffer to decode timestamp. + trackBuffer.mLastDecodeTimestamp = Some(decodeTimestamp); + // 18. Set last frame duration for track buffer to frame duration. + trackBuffer.mLastFrameDuration = Some(TimeUnit::FromMicroseconds(aSample->mDuration)); + // 19. If highest end timestamp for track buffer is unset or frame end timestamp is greater than highest end timestamp, then set highest end timestamp for track buffer to frame end timestamp. + if (trackBuffer.mHighestEndTimestamp.isNothing() || + frameEndTimestamp > trackBuffer.mHighestEndTimestamp.ref()) { + trackBuffer.mHighestEndTimestamp = Some(frameEndTimestamp); + } + // 20. If frame end timestamp is greater than group end timestamp, then set group end timestamp equal to frame end timestamp. + if (frameEndTimestamp > mGroupEndTimestamp) { + mGroupEndTimestamp = frameEndTimestamp; + } + // 21. If generate timestamps flag equals true, then set timestampOffset equal to frame end timestamp. + if (mParent->mGenerateTimestamp) { + mTimestampOffset = frameEndTimestamp; + } + + // Update our buffered range with new sample interval. + // We allow a fuzz factor in our interval of half a frame length, + // as fuzz is +/- value, giving an effective leeway of a full frame + // length. + trackBuffer.mBufferedRanges += + TimeInterval(presentationTimestamp, frameEndTimestamp, + TimeUnit::FromMicroseconds(aSample->mDuration / 2)); + return false; +} + +void +TrackBuffersManager::RecreateParser() +{ + // Recreate our parser for only the data remaining. This is required + // as it has parsed the entire InputBuffer provided. + // Once the old TrackBuffer/MediaSource implementation is removed + // we can optimize this part. TODO + nsRefPtr initData = mParser->InitData(); + mParser = ContainerParser::CreateForMIMEType(mType); + if (initData) { + int64_t start, end; + mParser->ParseStartAndEndTimestamps(initData, start, end); + } +} + +nsTArray +TrackBuffersManager::GetTracksList() +{ + nsTArray tracks; + if (HasVideo()) { + tracks.AppendElement(&mVideoTracks); + } + if (HasAudio()) { + tracks.AppendElement(&mAudioTracks); + } + return tracks; +} + +void +TrackBuffersManager::RestoreCachedVariables() +{ + if (mTimestampOffset != mLastTimestampOffset) { + nsCOMPtr task = + NS_NewRunnableMethodWithArg( + mParent.get(), + static_cast(&dom::SourceBuffer::SetTimestampOffset), /* beauty uh? :) */ + mTimestampOffset); + AbstractThread::MainThread()->Dispatch(task.forget()); + } +} + +void +TrackBuffersManager::SetAppendState(TrackBuffersManager::AppendState aAppendState) +{ + MSE_DEBUG("AppendState changed from %s to %s", + AppendStateToStr(mAppendState), AppendStateToStr(aAppendState)); + mAppendState = aAppendState; +} + +void +TrackBuffersManager::SetGroupStartTimestamp(const TimeUnit& aGroupStartTimestamp) +{ + if (NS_IsMainThread()) { + nsCOMPtr task = + NS_NewRunnableMethodWithArg( + this, + &TrackBuffersManager::SetGroupStartTimestamp, + aGroupStartTimestamp); + GetTaskQueue()->Dispatch(task.forget()); + return; + } + MOZ_ASSERT(OnTaskQueue()); + mGroupStartTimestamp = Some(aGroupStartTimestamp); +} + +void +TrackBuffersManager::RestartGroupStartTimestamp() +{ + if (NS_IsMainThread()) { + nsCOMPtr task = + NS_NewRunnableMethod(this, &TrackBuffersManager::RestartGroupStartTimestamp); + GetTaskQueue()->Dispatch(task.forget()); + return; + } + MOZ_ASSERT(OnTaskQueue()); + mGroupStartTimestamp = Some(mGroupEndTimestamp); +} + +TrackBuffersManager::~TrackBuffersManager() +{ + mTaskQueue->BeginShutdown(); + mTaskQueue = nullptr; +} + +MediaInfo +TrackBuffersManager::GetMetadata() +{ + MonitorAutoLock mon(mMonitor); + return mInfo; +} + +const TimeIntervals& +TrackBuffersManager::Buffered(TrackInfo::TrackType aTrack) +{ + MOZ_ASSERT(OnTaskQueue()); + return GetTracksData(aTrack).mBufferedRanges; +} + +const TrackBuffersManager::TrackBuffer& +TrackBuffersManager::GetTrackBuffer(TrackInfo::TrackType aTrack) +{ + MOZ_ASSERT(OnTaskQueue()); + return GetTracksData(aTrack).mBuffers.LastElement(); +} + +} +#undef MSE_DEBUG diff --git a/dom/media/mediasource/TrackBuffersManager.h b/dom/media/mediasource/TrackBuffersManager.h new file mode 100644 index 00000000000..090b9ee84e4 --- /dev/null +++ b/dom/media/mediasource/TrackBuffersManager.h @@ -0,0 +1,239 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef MOZILLA_TRACKBUFFERSMANAGER_H_ +#define MOZILLA_TRACKBUFFERSMANAGER_H_ + +#include "SourceBufferContentManager.h" +#include "MediaSourceDecoder.h" +#include "mozilla/Atomics.h" +#include "mozilla/Maybe.h" +#include "mozilla/Monitor.h" +#include "mozilla/Pair.h" +#include "nsProxyRelease.h" +#include "nsTArray.h" + +namespace mozilla { + +class ContainerParser; +class MediaLargeByteBuffer; +class MediaRawData; +class SourceBuffer; +class SourceBufferResource; + +using media::TimeUnit; +using media::TimeInterval; +using media::TimeIntervals; +using dom::SourceBufferAppendMode; + +class TrackBuffersManager : public SourceBufferContentManager { +public: + typedef MediaPromise CodedFrameProcessingPromise; + typedef TrackInfo::TrackType TrackType; + typedef MediaData::Type MediaType; + typedef nsTArray> TrackBuffer; + + TrackBuffersManager(dom::SourceBuffer* aParent, MediaSourceDecoder* aParentDecoder, const nsACString& aType); + + bool AppendData(MediaLargeByteBuffer* aData, TimeUnit aTimestampOffset) override; + + nsRefPtr BufferAppend() override; + + void AbortAppendData() override; + + void ResetParserState() override; + + nsRefPtr RangeRemoval(TimeUnit aStart, TimeUnit aEnd) override; + + EvictDataResult + EvictData(TimeUnit aPlaybackTime, uint32_t aThreshold, TimeUnit* aBufferStartTime) override; + + void EvictBefore(TimeUnit aTime) override; + + TimeIntervals Buffered() override; + + int64_t GetSize() override; + + void Ended() override; + + void Detach() override; + + AppendState GetAppendState() override + { + return mAppendState; + } + + void SetGroupStartTimestamp(const TimeUnit& aGroupStartTimestamp) override; + void RestartGroupStartTimestamp() override; + + // Interface for MediaSourceDemuxer + MediaInfo GetMetadata(); + const TrackBuffer& GetTrackBuffer(TrackInfo::TrackType aTrack); + const TimeIntervals& Buffered(TrackInfo::TrackType); + bool IsEnded() const + { + return mEnded; + } + +#if defined(DEBUG) + void Dump(const char* aPath) override; +#endif + +private: + virtual ~TrackBuffersManager(); + void InitSegmentParserLoop(); + void ScheduleSegmentParserLoop(); + void SegmentParserLoop(); + void AppendIncomingBuffers(); + void InitializationSegmentReceived(); + void CreateDemuxerforMIMEType(); + void NeedMoreData(); + void RejectAppend(nsresult aRejectValue, const char* aName); + // Will return a promise that will be resolved once all frames of the current + // media segment have been processed. + nsRefPtr CodedFrameProcessing(); + // Called by ResetParserState. Complete parsing the input buffer for the + // current media segment + void FinishCodedFrameProcessing(); + void CompleteCodedFrameProcessing(); + void CompleteResetParserState(); + void CodedFrameRemoval(TimeInterval aInterval); + void SetAppendState(AppendState aAppendState); + + bool HasVideo() const + { + return mVideoTracks.mNumTracks > 0; + } + bool HasAudio() const + { + return mAudioTracks.mNumTracks > 0; + } + + // The input buffer as per http://w3c.github.io/media-source/index.html#sourcebuffer-input-buffer + nsRefPtr mInputBuffer; + // The current append state as per https://w3c.github.io/media-source/#sourcebuffer-append-state + // Accessed on both the main thread and the task queue. + Atomic mAppendState; + // Buffer full flag as per https://w3c.github.io/media-source/#sourcebuffer-buffer-full-flag. + // Accessed on both the main thread and the task queue. + // TODO: Unused for now. + Atomic mBufferFull; + bool mFirstInitializationSegmentReceived; + bool mActiveTrack; + Maybe mGroupStartTimestamp; + TimeUnit mGroupEndTimestamp; + nsCString mType; + + // ContainerParser objects and methods. + // Those are used to parse the incoming input buffer. + + // Recreate the ContainerParser and only feed it with the previous init + // segment found. + void RecreateParser(); + nsAutoPtr mParser; + + // Demuxer objects and methods. + nsRefPtr mCurrentInputBuffer; + nsRefPtr mInputDemuxer; + void OnDemuxerInitDone(nsresult); + void OnDemuxerInitFailed(DemuxerFailureReason aFailure); + MediaPromiseRequestHolder mDemuxerInitRequest; + bool mEncrypted; + + void OnDemuxFailed(TrackType aTrack, DemuxerFailureReason aFailure); + void DoDemuxVideo(); + void OnVideoDemuxCompleted(nsRefPtr aSamples); + void OnVideoDemuxFailed(DemuxerFailureReason aFailure) + { + mVideoTracks.mDemuxRequest.Complete(); + OnDemuxFailed(TrackType::kVideoTrack, aFailure); + } + void DoDemuxAudio(); + void OnAudioDemuxCompleted(nsRefPtr aSamples); + void OnAudioDemuxFailed(DemuxerFailureReason aFailure) + { + mAudioTracks.mDemuxRequest.Complete(); + OnDemuxFailed(TrackType::kAudioTrack, aFailure); + } + + struct TrackData { + TrackData() + : mNumTracks(0) + , mNeedRandomAccessPoint(true) + {} + uint32_t mNumTracks; + Maybe mLastDecodeTimestamp; + Maybe mLastFrameDuration; + Maybe mHighestEndTimestamp; + bool mNeedRandomAccessPoint; + nsRefPtr mDemuxer; + TrackBuffer mQueuedSamples; + MediaPromiseRequestHolder mDemuxRequest; + UniquePtr mInfo; + // We only manage a single track of each type at this time. + nsTArray mBuffers; + TimeIntervals mBufferedRanges; + }; + bool ProcessFrame(MediaRawData* aSample, TrackData& aTrackData); + MediaPromiseRequestHolder mProcessingRequest; + MediaPromiseHolder mProcessingPromise; + + // SourceBuffer media promise (resolved on the main thread) + MediaPromiseHolder mAppendPromise; + MediaPromiseHolder mRangeRemovalPromise; + + // Trackbuffers definition. + nsTArray GetTracksList(); + TrackData& GetTracksData(TrackType aTrack) + { + switch(aTrack) { + case TrackType::kVideoTrack: + return mVideoTracks; + case TrackType::kAudioTrack: + default: + return mAudioTracks; + } + } + TrackData mVideoTracks; + TrackData mAudioTracks; + + // TaskQueue methods and objects. + AbstractThread* GetTaskQueue() { + return mTaskQueue; + } + bool OnTaskQueue() + { + return !GetTaskQueue() || GetTaskQueue()->IsCurrentThreadIn(); + } + RefPtr mTaskQueue; + + TimeUnit mTimestampOffset; + TimeUnit mLastTimestampOffset; + void RestoreCachedVariables(); + + // Strong references to external objects. + nsMainThreadPtrHandle mParent; + nsMainThreadPtrHandle mParentDecoder; + + // Set to true if abort is called. + Atomic mAbort; + // Set to true if mediasource state changed to ended. + Atomic mEnded; + + // Monitor to protect following objects accessed across multipple threads. + mutable Monitor mMonitor; + // Set by the main thread, but only when all our tasks are completes + // (e.g. when SourceBuffer.updating is false). So the monitor isn't + // technically required for mIncomingBuffer. + typedef Pair, TimeUnit> IncomingBuffer; + nsTArray mIncomingBuffers; + TimeIntervals mVideoBufferedRanges; + TimeIntervals mAudioBufferedRanges; + MediaInfo mInfo; +}; + +} // namespace mozilla +#endif /* MOZILLA_TRACKBUFFERSMANAGER_H_ */ diff --git a/dom/media/mediasource/moz.build b/dom/media/mediasource/moz.build index 8256df9d5d8..0667407da27 100644 --- a/dom/media/mediasource/moz.build +++ b/dom/media/mediasource/moz.build @@ -31,6 +31,7 @@ UNIFIED_SOURCES += [ 'SourceBufferList.cpp', 'SourceBufferResource.cpp', 'TrackBuffer.cpp', + 'TrackBuffersManager.cpp', ] FAIL_ON_WARNINGS = True From cb3649f81e587b76e11671a75ef7ebc667f6781d Mon Sep 17 00:00:00 2001 From: Jean-Yves Avenard Date: Thu, 11 Jun 2015 16:26:57 +1000 Subject: [PATCH 152/297] Bug 1171330: P11. Add eviction support. r=cajbir. We evict data in two steps. Up to playback time, or tail data. --- dom/media/mediasource/TrackBuffersManager.cpp | 95 ++++++++++++++++++- dom/media/mediasource/TrackBuffersManager.h | 7 ++ 2 files changed, 99 insertions(+), 3 deletions(-) diff --git a/dom/media/mediasource/TrackBuffersManager.cpp b/dom/media/mediasource/TrackBuffersManager.cpp index fda8e82f599..d4f924fdc55 100644 --- a/dom/media/mediasource/TrackBuffersManager.cpp +++ b/dom/media/mediasource/TrackBuffersManager.cpp @@ -129,7 +129,20 @@ TrackBuffersManager::EvictData(TimeUnit aPlaybackTime, uint32_t aThreshold, TimeUnit* aBufferStartTime) { - // TODO. + MOZ_ASSERT(NS_IsMainThread()); + + int64_t toEvict = GetSize() - aThreshold; + if (toEvict <= 0) { + return EvictDataResult::NO_DATA_EVICTED; + } + MSE_DEBUG("Reaching our size limit, schedule eviction of %lld bytes", toEvict); + + nsCOMPtr task = + NS_NewRunnableMethodWithArgs( + this, &TrackBuffersManager::DoEvictData, + aPlaybackTime, toEvict); + GetTaskQueue()->Dispatch(task.forget()); + return EvictDataResult::NO_DATA_EVICTED; } @@ -182,8 +195,7 @@ TrackBuffersManager::Buffered() int64_t TrackBuffersManager::GetSize() { - // TODO - return 0; + return mSizeSourceBuffer; } void @@ -280,6 +292,70 @@ TrackBuffersManager::CompleteResetParserState() mAbort = false; } +void +TrackBuffersManager::DoEvictData(const TimeUnit& aPlaybackTime, + uint32_t aSizeToEvict) +{ + MOZ_ASSERT(OnTaskQueue()); + + // Remove any data we've already played, up to 5s behind. + TimeUnit lowerLimit = aPlaybackTime - TimeUnit::FromSeconds(5); + TimeUnit to; + // Video is what takes the most space, only evict there if we have video. + const auto& track = HasVideo() ? mVideoTracks : mAudioTracks; + const auto& buffer = track.mBuffers.LastElement(); + uint32_t lastKeyFrameIndex = 0; + int64_t toEvict = aSizeToEvict; + uint32_t partialEvict = 0; + for (uint32_t i = 0; i < buffer.Length(); i++) { + const auto& frame = buffer[i]; + if (frame->mKeyframe) { + lastKeyFrameIndex = i; + toEvict -= partialEvict; + if (toEvict < 0) { + break; + } + partialEvict = 0; + } + if (frame->mTime >= lowerLimit.ToMicroseconds()) { + break; + } + partialEvict += sizeof(*frame) + frame->mSize; + } + if (lastKeyFrameIndex > 0) { + CodedFrameRemoval( + TimeInterval(TimeUnit::FromMicroseconds(0), + TimeUnit::FromMicroseconds(buffer[lastKeyFrameIndex-1]->mTime))); + } + if (toEvict <= 0) { + return; + } + + // Still some to remove. Remove data starting from the end, up to 5s ahead + // of our playtime. + TimeUnit upperLimit = aPlaybackTime + TimeUnit::FromSeconds(5); + for (int32_t i = buffer.Length() - 1; i >= 0; i--) { + const auto& frame = buffer[i]; + if (frame->mKeyframe) { + lastKeyFrameIndex = i; + toEvict -= partialEvict; + if (toEvict < 0) { + break; + } + partialEvict = 0; + } + if (frame->mTime <= upperLimit.ToMicroseconds()) { + break; + } + partialEvict += sizeof(*frame) + frame->mSize; + } + if (lastKeyFrameIndex < buffer.Length()) { + CodedFrameRemoval( + TimeInterval(TimeUnit::FromMicroseconds(buffer[lastKeyFrameIndex+1]->mTime), + TimeUnit::FromInfinity())); + } +} + void TrackBuffersManager::CodedFrameRemoval(TimeInterval aInterval) { @@ -332,6 +408,7 @@ TrackBuffersManager::CodedFrameRemoval(TimeInterval aInterval) TimeInterval(TimeUnit::FromMicroseconds(frame->mTime), TimeUnit::FromMicroseconds(frame->mTime + frame->mDuration))); } + track->mSizeBuffer -= sizeof(*frame) + frame->mSize; data.RemoveElementAt(i); } } @@ -346,6 +423,7 @@ TrackBuffersManager::CodedFrameRemoval(TimeInterval aInterval) removedInterval = removedInterval.Span( TimeInterval(TimeUnit::FromMicroseconds(frame->mTime), TimeUnit::FromMicroseconds(frame->mTime + frame->mDuration))); + track->mSizeBuffer -= sizeof(*frame) + frame->mSize; data.RemoveElementAt(i); } } @@ -369,6 +447,9 @@ TrackBuffersManager::CodedFrameRemoval(TimeInterval aInterval) MSE_DEBUG("after video ranges=%s", DumpTimeRanges(mVideoTracks.mBufferedRanges).get()); MSE_DEBUG("after audio ranges=%s", DumpTimeRanges(mAudioTracks.mBufferedRanges).get()); + // Update our reported total size. + mSizeSourceBuffer = mVideoTracks.mSizeBuffer + mAudioTracks.mSizeBuffer; + mRangeRemovalPromise.ResolveIfExists(true, __func__); } @@ -891,6 +972,9 @@ TrackBuffersManager::CompleteCodedFrameProcessing() mAudioBufferedRanges = mAudioTracks.mBufferedRanges; } + // Update our reported total size. + mSizeSourceBuffer = mVideoTracks.mSizeBuffer + mAudioTracks.mSizeBuffer; + // Return to step 6.4 of Segment Parser Loop algorithm // 4. If this SourceBuffer is full and cannot accept more media data, then set the buffer full flag to true. // TODO @@ -1046,6 +1130,7 @@ TrackBuffersManager::ProcessFrame(MediaRawData* aSample, TimeInterval(TimeUnit::FromMicroseconds(sample->mTime), TimeUnit::FromMicroseconds(sample->mTime + sample->mDuration))); } + trackBuffer.mSizeBuffer -= sizeof(*sample) + sample->mSize; data.RemoveElementAt(i); } } @@ -1064,6 +1149,7 @@ TrackBuffersManager::ProcessFrame(MediaRawData* aSample, TimeInterval(TimeUnit::FromMicroseconds(sample->mTime), TimeUnit::FromMicroseconds(sample->mTime + sample->mDuration))); } + trackBuffer.mSizeBuffer -= sizeof(*sample) + sample->mSize; data.RemoveElementAt(i); } } @@ -1080,6 +1166,7 @@ TrackBuffersManager::ProcessFrame(MediaRawData* aSample, removedInterval = removedInterval.Span( TimeInterval(TimeUnit::FromMicroseconds(sample->mTime), TimeUnit::FromMicroseconds(sample->mTime + sample->mDuration))); + trackBuffer.mSizeBuffer -= sizeof(*aSample) + sample->mSize; data.RemoveElementAt(i); } // Update our buffered range to exclude the range just removed. @@ -1094,6 +1181,8 @@ TrackBuffersManager::ProcessFrame(MediaRawData* aSample, } else { data.AppendElement(aSample); } + trackBuffer.mSizeBuffer += sizeof(*aSample) + aSample->mSize; + // 17. Set last decode timestamp for track buffer to decode timestamp. trackBuffer.mLastDecodeTimestamp = Some(decodeTimestamp); // 18. Set last frame duration for track buffer to frame duration. diff --git a/dom/media/mediasource/TrackBuffersManager.h b/dom/media/mediasource/TrackBuffersManager.h index 090b9ee84e4..a1868c61f17 100644 --- a/dom/media/mediasource/TrackBuffersManager.h +++ b/dom/media/mediasource/TrackBuffersManager.h @@ -159,10 +159,13 @@ private: OnDemuxFailed(TrackType::kAudioTrack, aFailure); } + void DoEvictData(const TimeUnit& aPlaybackTime, uint32_t aThreshold); + struct TrackData { TrackData() : mNumTracks(0) , mNeedRandomAccessPoint(true) + , mSizeBuffer(0) {} uint32_t mNumTracks; Maybe mLastDecodeTimestamp; @@ -176,6 +179,7 @@ private: // We only manage a single track of each type at this time. nsTArray mBuffers; TimeIntervals mBufferedRanges; + uint32_t mSizeBuffer; }; bool ProcessFrame(MediaRawData* aSample, TrackData& aTrackData); MediaPromiseRequestHolder mProcessingRequest; @@ -223,6 +227,9 @@ private: // Set to true if mediasource state changed to ended. Atomic mEnded; + // Global size of this source buffer content. + Atomic mSizeSourceBuffer; + // Monitor to protect following objects accessed across multipple threads. mutable Monitor mMonitor; // Set by the main thread, but only when all our tasks are completes From bdf0f568c032055ded4c6e93dac61691e4101a87 Mon Sep 17 00:00:00 2001 From: Jean-Yves Avenard Date: Thu, 11 Jun 2015 16:27:03 +1000 Subject: [PATCH 153/297] Bug 1171330: P12. Properly insert frames in DTS order. r=cajbir --- dom/media/mediasource/TrackBuffersManager.cpp | 24 ++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/dom/media/mediasource/TrackBuffersManager.cpp b/dom/media/mediasource/TrackBuffersManager.cpp index d4f924fdc55..a69504435be 100644 --- a/dom/media/mediasource/TrackBuffersManager.cpp +++ b/dom/media/mediasource/TrackBuffersManager.cpp @@ -1058,18 +1058,29 @@ TrackBuffersManager::ProcessFrame(MediaRawData* aSample, decodeTimestamp < trackBuffer.mLastDecodeTimestamp.ref()) || (trackBuffer.mLastDecodeTimestamp.isSome() && decodeTimestamp - trackBuffer.mLastDecodeTimestamp.ref() > 2*trackBuffer.mLastFrameDuration.ref())) { + + // 1a. If mode equals "segments": if (mParent->mAppendMode == SourceBufferAppendMode::Segments) { + // Set group end timestamp to presentation timestamp. mGroupEndTimestamp = presentationTimestamp; } + // 1b. If mode equals "sequence": if (mParent->mAppendMode == SourceBufferAppendMode::Sequence) { + // Set group start timestamp equal to the group end timestamp. mGroupStartTimestamp = Some(mGroupEndTimestamp); } for (auto& track : tracks) { + // 2. Unset the last decode timestamp on all track buffers. track->mLastDecodeTimestamp.reset(); + // 3. Unset the last frame duration on all track buffers. track->mLastFrameDuration.reset(); + // 4. Unset the highest end timestamp on all track buffers. track->mHighestEndTimestamp.reset(); + // 5. Set the need random access point flag on all track buffers to true. track->mNeedRandomAccessPoint = true; } + MSE_DEBUG("Detected discontinuity. Restarting process"); + // 6. Jump to the Loop Top step above to restart processing of the current coded frame. return true; } @@ -1179,7 +1190,18 @@ TrackBuffersManager::ProcessFrame(MediaRawData* aSample, if (firstRemovedIndex >= 0) { data.InsertElementAt(firstRemovedIndex, aSample); } else { - data.AppendElement(aSample); + if (data.IsEmpty() || aSample->mTimecode > data.LastElement()->mTimecode) { + data.AppendElement(aSample); + } else { + // Find where to insert frame. + for (uint32_t i = 0; i < data.Length(); i++) { + const auto& sample = data[i]; + if (sample->mTimecode > aSample->mTimecode) { + data.InsertElementAt(i, aSample); + break; + } + } + } } trackBuffer.mSizeBuffer += sizeof(*aSample) + aSample->mSize; From c20d96b2194e195214857ba35bb55042310f35d5 Mon Sep 17 00:00:00 2001 From: Jean-Yves Avenard Date: Thu, 11 Jun 2015 16:27:08 +1000 Subject: [PATCH 154/297] Bug 1171330: P13. Relax frame discontinuity detection. r=cajbir --- dom/media/mediasource/TrackBuffersManager.cpp | 25 +++++++++++++++++-- dom/media/mediasource/TrackBuffersManager.h | 2 ++ 2 files changed, 25 insertions(+), 2 deletions(-) diff --git a/dom/media/mediasource/TrackBuffersManager.cpp b/dom/media/mediasource/TrackBuffersManager.cpp index a69504435be..05b8429eeaf 100644 --- a/dom/media/mediasource/TrackBuffersManager.cpp +++ b/dom/media/mediasource/TrackBuffersManager.cpp @@ -263,6 +263,7 @@ TrackBuffersManager::CompleteResetParserState() // if we have been aborted, we may have pending frames that we are going // to discard now. track->mQueuedSamples.Clear(); + track->mLongestFrameDuration.reset(); } // 6. Remove all bytes from the input buffer. mIncomingBuffers.Clear(); @@ -699,6 +700,9 @@ TrackBuffersManager::OnDemuxerInitDone(nsresult) // 3. Set the need random access point flag on all track buffers to true. mVideoTracks.mNeedRandomAccessPoint = true; mAudioTracks.mNeedRandomAccessPoint = true; + + mVideoTracks.mLongestFrameDuration = mVideoTracks.mLastFrameDuration; + mAudioTracks.mLongestFrameDuration = mAudioTracks.mLastFrameDuration; } // 4. Let active track flag equal false. @@ -1054,10 +1058,15 @@ TrackBuffersManager::ProcessFrame(MediaRawData* aSample, // TODO: Maybe we should be using TimeStamp and TimeDuration instead? + // Some MP4 content may exhibit an extremely short frame duration. + // As such, we can't use the last frame duration as a way to detect + // discontinuities as required per step 6 above. + // Instead we use the biggest duration seen so far in this run (init + media + // segment). if ((trackBuffer.mLastDecodeTimestamp.isSome() && decodeTimestamp < trackBuffer.mLastDecodeTimestamp.ref()) || (trackBuffer.mLastDecodeTimestamp.isSome() && - decodeTimestamp - trackBuffer.mLastDecodeTimestamp.ref() > 2*trackBuffer.mLastFrameDuration.ref())) { + decodeTimestamp - trackBuffer.mLastDecodeTimestamp.ref() > 2*trackBuffer.mLongestFrameDuration.ref())) { // 1a. If mode equals "segments": if (mParent->mAppendMode == SourceBufferAppendMode::Segments) { @@ -1078,6 +1087,8 @@ TrackBuffersManager::ProcessFrame(MediaRawData* aSample, track->mHighestEndTimestamp.reset(); // 5. Set the need random access point flag on all track buffers to true. track->mNeedRandomAccessPoint = true; + + trackBuffer.mLongestFrameDuration.reset(); } MSE_DEBUG("Detected discontinuity. Restarting process"); // 6. Jump to the Loop Top step above to restart processing of the current coded frame. @@ -1208,7 +1219,17 @@ TrackBuffersManager::ProcessFrame(MediaRawData* aSample, // 17. Set last decode timestamp for track buffer to decode timestamp. trackBuffer.mLastDecodeTimestamp = Some(decodeTimestamp); // 18. Set last frame duration for track buffer to frame duration. - trackBuffer.mLastFrameDuration = Some(TimeUnit::FromMicroseconds(aSample->mDuration)); + trackBuffer.mLastFrameDuration = + Some(TimeUnit::FromMicroseconds(aSample->mDuration)); + + if (trackBuffer.mLongestFrameDuration.isNothing()) { + trackBuffer.mLongestFrameDuration = trackBuffer.mLastFrameDuration; + } else { + trackBuffer.mLongestFrameDuration = + Some(std::max(trackBuffer.mLongestFrameDuration.ref(), + trackBuffer.mLastFrameDuration.ref())); + } + // 19. If highest end timestamp for track buffer is unset or frame end timestamp is greater than highest end timestamp, then set highest end timestamp for track buffer to frame end timestamp. if (trackBuffer.mHighestEndTimestamp.isNothing() || frameEndTimestamp > trackBuffer.mHighestEndTimestamp.ref()) { diff --git a/dom/media/mediasource/TrackBuffersManager.h b/dom/media/mediasource/TrackBuffersManager.h index a1868c61f17..696739ac05f 100644 --- a/dom/media/mediasource/TrackBuffersManager.h +++ b/dom/media/mediasource/TrackBuffersManager.h @@ -171,6 +171,8 @@ private: Maybe mLastDecodeTimestamp; Maybe mLastFrameDuration; Maybe mHighestEndTimestamp; + // Longest frame duration seen in a coded frame group. + Maybe mLongestFrameDuration; bool mNeedRandomAccessPoint; nsRefPtr mDemuxer; TrackBuffer mQueuedSamples; From 15d5b7e4691305823820826e7cd56a8fc5aa6285 Mon Sep 17 00:00:00 2001 From: Jean-Yves Avenard Date: Thu, 11 Jun 2015 16:27:15 +1000 Subject: [PATCH 155/297] Bug 1171330: P14. Add ContainerParser::FirstCompleteMediaHeader() method. r=kentuckyfriedtakahe --- dom/media/mediasource/ContainerParser.cpp | 19 +++++++++++++------ dom/media/mediasource/ContainerParser.h | 12 +++++++++--- media/libstagefright/binding/MoofParser.cpp | 9 +++++++++ .../binding/include/mp4_demuxer/MoofParser.h | 1 + 4 files changed, 32 insertions(+), 9 deletions(-) diff --git a/dom/media/mediasource/ContainerParser.cpp b/dom/media/mediasource/ContainerParser.cpp index fc248b7c23e..24b78db8da7 100644 --- a/dom/media/mediasource/ContainerParser.cpp +++ b/dom/media/mediasource/ContainerParser.cpp @@ -92,18 +92,24 @@ ContainerParser::InitData() return mInitData; } -MediaByteRange -ContainerParser::MediaSegmentRange() -{ - return mCompleteMediaSegmentRange; -} - MediaByteRange ContainerParser::InitSegmentRange() { return mCompleteInitSegmentRange; } +MediaByteRange +ContainerParser::MediaHeaderRange() +{ + return mCompleteMediaHeaderRange; +} + +MediaByteRange +ContainerParser::MediaSegmentRange() +{ + return mCompleteMediaSegmentRange; +} + class WebMContainerParser : public ContainerParser { public: explicit WebMContainerParser(const nsACString& aType) @@ -339,6 +345,7 @@ public: mp4_demuxer::Interval compositionRange = mParser->GetCompositionRange(byteRanges); + mCompleteMediaHeaderRange = mParser->FirstCompleteMediaHeader(); mCompleteMediaSegmentRange = mParser->FirstCompleteMediaSegment(); ErrorResult rv; mResource->EvictData(mParser->mOffset, mParser->mOffset, rv); diff --git a/dom/media/mediasource/ContainerParser.h b/dom/media/mediasource/ContainerParser.h index 868f7dd0b8d..e567723845b 100644 --- a/dom/media/mediasource/ContainerParser.h +++ b/dom/media/mediasource/ContainerParser.h @@ -52,10 +52,15 @@ public: } bool HasCompleteInitData(); - // Return the byte range of the first complete media segment or an empty + // Returns the byte range of the first complete init segment, or an empty + // range if not complete. + MediaByteRange InitSegmentRange(); + // Returns the byte range of the first complete media segment header, + // or an empty range if not complete. + MediaByteRange MediaHeaderRange(); + // Returns the byte range of the first complete media segment or an empty // range if not complete. MediaByteRange MediaSegmentRange(); - MediaByteRange InitSegmentRange(); static ContainerParser* CreateForMIMEType(const nsACString& aType); @@ -63,8 +68,9 @@ protected: nsRefPtr mInitData; nsRefPtr mResource; bool mHasInitData; - MediaByteRange mCompleteMediaSegmentRange; MediaByteRange mCompleteInitSegmentRange; + MediaByteRange mCompleteMediaHeaderRange; + MediaByteRange mCompleteMediaSegmentRange; const nsCString mType; }; diff --git a/media/libstagefright/binding/MoofParser.cpp b/media/libstagefright/binding/MoofParser.cpp index 7c5e0d976c6..4c62c48ee31 100644 --- a/media/libstagefright/binding/MoofParser.cpp +++ b/media/libstagefright/binding/MoofParser.cpp @@ -81,6 +81,15 @@ MoofParser::RebuildFragmentedIndex(BoxContext& aContext) return foundValidMoof; } +MediaByteRange +MoofParser::FirstCompleteMediaHeader() +{ + if (Moofs().IsEmpty()) { + return MediaByteRange(); + } + return Moofs()[0].mRange; +} + MediaByteRange MoofParser::FirstCompleteMediaSegment() { diff --git a/media/libstagefright/binding/include/mp4_demuxer/MoofParser.h b/media/libstagefright/binding/include/mp4_demuxer/MoofParser.h index fa5648546a1..32f698fa318 100644 --- a/media/libstagefright/binding/include/mp4_demuxer/MoofParser.h +++ b/media/libstagefright/binding/include/mp4_demuxer/MoofParser.h @@ -226,6 +226,7 @@ public: bool BlockingReadNextMoof(); bool HasMetadata(); MediaByteRange FirstCompleteMediaSegment(); + MediaByteRange FirstCompleteMediaHeader(); mozilla::MediaByteRange mInitRange; nsRefPtr mSource; From 0bc333fe769f93639f8df6764f38c2fb7700938c Mon Sep 17 00:00:00 2001 From: Jean-Yves Avenard Date: Thu, 11 Jun 2015 16:33:05 +1000 Subject: [PATCH 156/297] Bug 1171330: P15. Better andle partial media segments. r=cajbir --- dom/media/mediasource/TrackBuffersManager.cpp | 100 ++++++++++++------ dom/media/mediasource/TrackBuffersManager.h | 37 ++++++- 2 files changed, 99 insertions(+), 38 deletions(-) diff --git a/dom/media/mediasource/TrackBuffersManager.cpp b/dom/media/mediasource/TrackBuffersManager.cpp index 05b8429eeaf..783437b603b 100644 --- a/dom/media/mediasource/TrackBuffersManager.cpp +++ b/dom/media/mediasource/TrackBuffersManager.cpp @@ -44,6 +44,7 @@ TrackBuffersManager::TrackBuffersManager(dom::SourceBuffer* aParent, MediaSource , mActiveTrack(false) , mType(aType) , mParser(ContainerParser::CreateForMIMEType(aType)) + , mProcessedInput(0) , mTaskQueue(new MediaTaskQueue(GetMediaThreadPool(MediaThreadType::PLAYBACK))) , mParent(new nsMainThreadPtrHolder(aParent, false /* strict */)) , mParentDecoder(new nsMainThreadPtrHolder(aParentDecoder, false /* strict */)) @@ -267,7 +268,7 @@ TrackBuffersManager::CompleteResetParserState() } // 6. Remove all bytes from the input buffer. mIncomingBuffers.Clear(); - mInputBuffer->Clear(); + mInputBuffer = nullptr; if (mCurrentInputBuffer) { mCurrentInputBuffer->EvictAll(); mCurrentInputBuffer = new SourceBufferResource(mType); @@ -282,7 +283,10 @@ TrackBuffersManager::CompleteResetParserState() MOZ_ASSERT(initData->Length(), "we must have an init segment"); // The aim here is really to destroy our current demuxer. CreateDemuxerforMIMEType(); - mInputBuffer->AppendElements(*initData); + // Recreate our input buffer. We can't directly assign the initData buffer + // to mInputBuffer as it will get modified in the Segment Parser Loop. + mInputBuffer = new MediaLargeByteBuffer; + MOZ_ALWAYS_TRUE(mInputBuffer->AppendElements(*initData, fallible)); } RecreateParser(); @@ -362,11 +366,25 @@ TrackBuffersManager::CodedFrameRemoval(TimeInterval aInterval) { MSE_DEBUG("From %.2fs to %.2f", aInterval.mStart.ToSeconds(), aInterval.mEnd.ToSeconds()); - TimeUnit duration{TimeUnit::FromSeconds(mParentDecoder->GetMediaSourceDuration())}; + + double mediaSourceDuration = mParentDecoder->GetMediaSourceDuration(); + if (IsNaN(mediaSourceDuration)) { + MSE_DEBUG("Nothing to remove, aborting"); + MonitorAutoLock mon(mMonitor); + mRangeRemovalPromise.ResolveIfExists(false, __func__); + return; + } + TimeUnit duration{TimeUnit::FromSeconds(mediaSourceDuration)}; MSE_DEBUG("duration:%.2f", duration.ToSeconds()); - MSE_DEBUG("before video ranges=%s", DumpTimeRanges(mVideoTracks.mBufferedRanges).get()); - MSE_DEBUG("before audio ranges=%s", DumpTimeRanges(mAudioTracks.mBufferedRanges).get()); + if (HasAudio()) { + MSE_DEBUG("before video ranges=%s", + DumpTimeRanges(mVideoTracks.mBufferedRanges).get()); + } + if (HasVideo()) { + MSE_DEBUG("before audio ranges=%s", + DumpTimeRanges(mAudioTracks.mBufferedRanges).get()); + } // 1. Let start be the starting presentation timestamp for the removal range. TimeUnit start = aInterval.mStart; @@ -445,8 +463,15 @@ TrackBuffersManager::CodedFrameRemoval(TimeInterval aInterval) mVideoBufferedRanges = mVideoTracks.mBufferedRanges; mAudioBufferedRanges = mAudioTracks.mBufferedRanges; } - MSE_DEBUG("after video ranges=%s", DumpTimeRanges(mVideoTracks.mBufferedRanges).get()); - MSE_DEBUG("after audio ranges=%s", DumpTimeRanges(mAudioTracks.mBufferedRanges).get()); + + if (HasAudio()) { + MSE_DEBUG("after video ranges=%s", + DumpTimeRanges(mVideoTracks.mBufferedRanges).get()); + } + if (HasVideo()) { + MSE_DEBUG("after audio ranges=%s", + DumpTimeRanges(mAudioTracks.mBufferedRanges).get()); + } // Update our reported total size. mSizeSourceBuffer = mVideoTracks.mSizeBuffer + mAudioTracks.mSizeBuffer; @@ -467,12 +492,12 @@ TrackBuffersManager::AppendIncomingBuffers() MOZ_ASSERT(OnTaskQueue()); MonitorAutoLock mon(mMonitor); for (auto& incomingBuffer : mIncomingBuffers) { - if (!mInputBuffer->AppendElements(*incomingBuffer.first())) { + if (!mInputBuffer) { + mInputBuffer = incomingBuffer.first(); + } else if (!mInputBuffer->AppendElements(*incomingBuffer.first(), fallible)) { RejectAppend(NS_ERROR_OUT_OF_MEMORY, __func__); } - } - if (!mIncomingBuffers.IsEmpty()) { - mTimestampOffset = mIncomingBuffers.LastElement().second(); + mTimestampOffset = incomingBuffer.second(); mLastTimestampOffset = mTimestampOffset; } mIncomingBuffers.Clear(); @@ -483,7 +508,6 @@ TrackBuffersManager::SegmentParserLoop() { MOZ_ASSERT(OnTaskQueue()); while (true) { - bool completeMediaHeader; // 1. If the input buffer is empty, then jump to the need more data step below. if (!mInputBuffer || mInputBuffer->IsEmpty()) { NeedMoreData(); @@ -518,8 +542,8 @@ TrackBuffersManager::SegmentParserLoop() } int64_t start, end; - completeMediaHeader = - mParser->ParseStartAndEndTimestamps(mInputBuffer, start, end); + mParser->ParseStartAndEndTimestamps(mInputBuffer, start, end); + mProcessedInput += mInputBuffer->Length(); // 5. If the append state equals PARSING_INIT_SEGMENT, then run the // following steps: @@ -538,7 +562,7 @@ TrackBuffersManager::SegmentParserLoop() return; } // 2. If the input buffer does not contain a complete media segment header yet, then jump to the need more data step below. - if (!completeMediaHeader) { + if (mParser->MediaHeaderRange().IsNull()) { NeedMoreData(); return; } @@ -567,10 +591,6 @@ void TrackBuffersManager::NeedMoreData() { MSE_DEBUG(""); - // The entire mInputBuffer will be reparsed on the next Segment Parser Loop - // run, clear the current ContainerParser so it won't treat the same data - // twice which would shift all our offsets incorrectly. - RecreateParser(); RestoreCachedVariables(); mAppendPromise.ResolveIfExists(mActiveTrack, __func__); } @@ -622,6 +642,12 @@ TrackBuffersManager::InitializationSegmentReceived() MOZ_ASSERT(mParser->HasCompleteInitData()); mCurrentInputBuffer = new SourceBufferResource(mType); mCurrentInputBuffer->AppendData(mParser->InitData()); + uint32_t initLength = mParser->InitSegmentRange().mEnd; + if (mInputBuffer->Length() == initLength) { + mInputBuffer = nullptr; + } else { + mInputBuffer->RemoveElementsAt(0, initLength); + } CreateDemuxerforMIMEType(); if (!mInputDemuxer) { MOZ_ASSERT(false, "TODO type not supported"); @@ -804,7 +830,9 @@ TrackBuffersManager::OnDemuxerInitDone(nsresult) } // 3. Remove the initialization segment bytes from the beginning of the input buffer. - mInputBuffer->RemoveElementsAt(0, mParser->InitSegmentRange().mEnd); + // This step has already been done in InitializationSegmentReceived when we + // transferred the content into mCurrentInputBuffer. + mCurrentInputBuffer->EvictAll(); RecreateParser(); // 4. Set append state to WAITING_FOR_SEGMENT. @@ -830,23 +858,21 @@ TrackBuffersManager::CodedFrameProcessing() int64_t offset = mCurrentInputBuffer->GetLength(); MediaByteRange mediaRange = mParser->MediaSegmentRange(); - // The mediaRange is offset by the init segment position previously added. - int64_t rangeOffset = mParser->InitData()->Length(); - int64_t length; + uint32_t length; if (mediaRange.IsNull()) { length = mInputBuffer->Length(); mCurrentInputBuffer->AppendData(mInputBuffer); + mInputBuffer = nullptr; } else { + // The mediaRange is offset by the init segment position previously added. + length = mediaRange.mEnd - (mProcessedInput - mInputBuffer->Length()); nsRefPtr segment = new MediaLargeByteBuffer; - length = mediaRange.Length(); - MOZ_ASSERT(mInputBuffer->Length() >= uint64_t(mediaRange.mEnd - rangeOffset), - "We're missing some data"); - MOZ_ASSERT(mediaRange.mStart >= rangeOffset, "Invalid media segment range"); - if (!segment->AppendElements(mInputBuffer->Elements() + - mediaRange.mStart - rangeOffset, length)) { + MOZ_ASSERT(mInputBuffer->Length() >= length); + if (!segment->AppendElements(mInputBuffer->Elements(), length, fallible)) { return CodedFrameProcessingPromise::CreateAndReject(NS_ERROR_OUT_OF_MEMORY, __func__); } mCurrentInputBuffer->AppendData(segment); + mInputBuffer->RemoveElementsAt(0, length); } mInputDemuxer->NotifyDataArrived(length, offset); @@ -974,6 +1000,14 @@ TrackBuffersManager::CompleteCodedFrameProcessing() // Save our final tracks buffered ranges. mVideoBufferedRanges = mVideoTracks.mBufferedRanges; mAudioBufferedRanges = mAudioTracks.mBufferedRanges; + if (HasAudio()) { + MSE_DEBUG("audio new buffered range = %s", + DumpTimeRanges(mAudioBufferedRanges).get()); + } + if (HasVideo()) { + MSE_DEBUG("video new buffered range = %s", + DumpTimeRanges(mVideoBufferedRanges).get()); + } } // Update our reported total size. @@ -991,15 +1025,12 @@ TrackBuffersManager::CompleteCodedFrameProcessing() } // 6. Remove the media segment bytes from the beginning of the input buffer. - int64_t rangeOffset = mParser->InitSegmentRange().mEnd; - mInputBuffer->RemoveElementsAt(0, mParser->MediaSegmentRange().mEnd - rangeOffset); - RecreateParser(); - // Clear our demuxer from any already processed data. // As we have handled a complete media segment, it is safe to evict all data // from the resource. mCurrentInputBuffer->EvictAll(); mInputDemuxer->NotifyDataRemoved(); + RecreateParser(); // 7. Set append state to WAITING_FOR_SEGMENT. SetAppendState(AppendState::WAITING_FOR_SEGMENT); @@ -1266,6 +1297,9 @@ TrackBuffersManager::RecreateParser() if (initData) { int64_t start, end; mParser->ParseStartAndEndTimestamps(initData, start, end); + mProcessedInput = initData->Length(); + } else { + mProcessedInput = 0; } } diff --git a/dom/media/mediasource/TrackBuffersManager.h b/dom/media/mediasource/TrackBuffersManager.h index 696739ac05f..5fcf3b76ee9 100644 --- a/dom/media/mediasource/TrackBuffersManager.h +++ b/dom/media/mediasource/TrackBuffersManager.h @@ -138,6 +138,9 @@ private: // Demuxer objects and methods. nsRefPtr mCurrentInputBuffer; nsRefPtr mInputDemuxer; + // Length already processed in current media segment. + uint32_t mProcessedInput; + void OnDemuxerInitDone(nsresult); void OnDemuxerInitFailed(DemuxerFailureReason aFailure); MediaPromiseRequestHolder mDemuxerInitRequest; @@ -168,20 +171,45 @@ private: , mSizeBuffer(0) {} uint32_t mNumTracks; + // Definition of variables: + // https://w3c.github.io/media-source/#track-buffers + // Last decode timestamp variable that stores the decode timestamp of the + // last coded frame appended in the current coded frame group. + // The variable is initially unset to indicate that no coded frames have + // been appended yet. Maybe mLastDecodeTimestamp; + // Last frame duration variable that stores the coded frame duration of the + // last coded frame appended in the current coded frame group. + // The variable is initially unset to indicate that no coded frames have + // been appended yet. Maybe mLastFrameDuration; + // Highest end timestamp variable that stores the highest coded frame end + // timestamp across all coded frames in the current coded frame group that + // were appended to this track buffer. + // The variable is initially unset to indicate that no coded frames have + // been appended yet. Maybe mHighestEndTimestamp; // Longest frame duration seen in a coded frame group. Maybe mLongestFrameDuration; + // Need random access point flag variable that keeps track of whether the + // track buffer is waiting for a random access point coded frame. + // The variable is initially set to true to indicate that random access + // point coded frame is needed before anything can be added to the track + // buffer. bool mNeedRandomAccessPoint; nsRefPtr mDemuxer; - TrackBuffer mQueuedSamples; MediaPromiseRequestHolder mDemuxRequest; - UniquePtr mInfo; + // Samples just demuxed, but not yet parsed. + TrackBuffer mQueuedSamples; // We only manage a single track of each type at this time. nsTArray mBuffers; + // Track buffer ranges variable that represents the presentation time ranges + // occupied by the coded frames currently stored in the track buffer. TimeIntervals mBufferedRanges; + // Byte size of all samples contained in this track buffer. uint32_t mSizeBuffer; + // TrackInfo of the first metadata received. + UniquePtr mInfo; }; bool ProcessFrame(MediaRawData* aSample, TrackData& aTrackData); MediaPromiseRequestHolder mProcessingRequest; @@ -234,13 +262,12 @@ private: // Monitor to protect following objects accessed across multipple threads. mutable Monitor mMonitor; - // Set by the main thread, but only when all our tasks are completes - // (e.g. when SourceBuffer.updating is false). So the monitor isn't - // technically required for mIncomingBuffer. typedef Pair, TimeUnit> IncomingBuffer; nsTArray mIncomingBuffers; + // Stable audio and video track time ranges. TimeIntervals mVideoBufferedRanges; TimeIntervals mAudioBufferedRanges; + // MediaInfo of the first init segment read. MediaInfo mInfo; }; From b03f4f26a18b67179d17b91f6195334aff11fdd6 Mon Sep 17 00:00:00 2001 From: Jean-Yves Avenard Date: Thu, 11 Jun 2015 16:33:10 +1000 Subject: [PATCH 157/297] Bug 1171330: P16. Use ProxyMediaCall and remove need for monitor. r=cajbir --- dom/media/mediasource/TrackBuffersManager.cpp | 91 ++++++++++++------- dom/media/mediasource/TrackBuffersManager.h | 20 ++-- 2 files changed, 69 insertions(+), 42 deletions(-) diff --git a/dom/media/mediasource/TrackBuffersManager.cpp b/dom/media/mediasource/TrackBuffersManager.cpp index 783437b603b..6d7b9717d8d 100644 --- a/dom/media/mediasource/TrackBuffersManager.cpp +++ b/dom/media/mediasource/TrackBuffersManager.cpp @@ -59,25 +59,32 @@ TrackBuffersManager::AppendData(MediaLargeByteBuffer* aData, TimeUnit aTimestampOffset) { MOZ_ASSERT(NS_IsMainThread()); - MonitorAutoLock mon(mMonitor); MSE_DEBUG("Appending %lld bytes", aData->Length()); - mIncomingBuffers.AppendElement(IncomingBuffer(aData, aTimestampOffset)); + mEnded = false; + nsCOMPtr task = + NS_NewRunnableMethodWithArg( + this, &TrackBuffersManager::AppendIncomingBuffer, + IncomingBuffer(aData, aTimestampOffset)); + GetTaskQueue()->Dispatch(task.forget()); return true; } +void +TrackBuffersManager::AppendIncomingBuffer(IncomingBuffer aData) +{ + MOZ_ASSERT(OnTaskQueue()); + mIncomingBuffers.AppendElement(aData); +} + nsRefPtr TrackBuffersManager::BufferAppend() { MOZ_ASSERT(NS_IsMainThread()); - MOZ_ASSERT(mAppendPromise.IsEmpty()); - nsRefPtr p = mAppendPromise.Ensure(__func__); + MSE_DEBUG(""); - nsCOMPtr task = - NS_NewRunnableMethod(this, &TrackBuffersManager::InitSegmentParserLoop); - GetTaskQueue()->Dispatch(task.forget()); - - return p; + return ProxyMediaCall(GetTaskQueue(), this, + __func__, &TrackBuffersManager::InitSegmentParserLoop); } // Abort any pending AppendData. @@ -89,14 +96,16 @@ void TrackBuffersManager::AbortAppendData() { MOZ_ASSERT(NS_IsMainThread()); - mAppendPromise.RejectIfExists(NS_ERROR_ABORT, __func__); + MSE_DEBUG(""); + + mAbort = true; } void TrackBuffersManager::ResetParserState() { MOZ_ASSERT(NS_IsMainThread()); - MOZ_ASSERT(mAppendPromise.IsEmpty(), "AbortAppendData must have been called"); + MSE_DEBUG(""); // 1. If the append state equals PARSING_MEDIA_SEGMENT and the input buffer contains some complete coded frames, then run the coded frame processing algorithm until all of these complete coded frames have been processed. if (mAppendState == AppendState::PARSING_MEDIA_SEGMENT) { @@ -114,15 +123,13 @@ nsRefPtr TrackBuffersManager::RangeRemoval(TimeUnit aStart, TimeUnit aEnd) { MOZ_ASSERT(NS_IsMainThread()); + MSE_DEBUG("From %.2f to %.2f", aStart.ToSeconds(), aEnd.ToSeconds()); + mEnded = false; - nsRefPtr p = mRangeRemovalPromise.Ensure(__func__); - - nsCOMPtr task = - NS_NewRunnableMethodWithArg( - this, &TrackBuffersManager::CodedFrameRemoval, TimeInterval(aStart, aEnd)); - GetTaskQueue()->Dispatch(task.forget()); - return p; + return ProxyMediaCall(GetTaskQueue(), this, __func__, + &TrackBuffersManager::CodedFrameRemovalWithPromise, + TimeInterval(aStart, aEnd)); } TrackBuffersManager::EvictDataResult @@ -152,9 +159,9 @@ TrackBuffersManager::EvictBefore(TimeUnit aTime) { MOZ_ASSERT(NS_IsMainThread()); nsCOMPtr task = - NS_NewRunnableMethodWithArg( - this, &TrackBuffersManager::CodedFrameRemoval, - TimeInterval(TimeUnit::FromSeconds(0), aTime)); + NS_NewRunnableMethodWithArg( + this, &TrackBuffersManager::CodedFrameRemoval, + TimeInterval(TimeUnit::FromSeconds(0), aTime)); GetTaskQueue()->Dispatch(task.forget()); } @@ -209,14 +216,13 @@ void TrackBuffersManager::Detach() { MOZ_ASSERT(NS_IsMainThread()); - MOZ_ASSERT(mAppendPromise.IsEmpty(), "Abort wasn't called"); - // Abort any pending promises. - mRangeRemovalPromise.ResolveIfExists(false, __func__); + MSE_DEBUG(""); + // Clear our sourcebuffer nsCOMPtr task = - NS_NewRunnableMethodWithArg( - this, &TrackBuffersManager::CodedFrameRemoval, - TimeInterval(TimeUnit::FromSeconds(0), TimeUnit::FromInfinity())); + NS_NewRunnableMethodWithArg( + this, &TrackBuffersManager::CodedFrameRemoval, + TimeInterval(TimeUnit::FromSeconds(0), TimeUnit::FromInfinity())); GetTaskQueue()->Dispatch(task.forget()); } @@ -250,6 +256,7 @@ void TrackBuffersManager::CompleteResetParserState() { MOZ_ASSERT(OnTaskQueue()); + MOZ_ASSERT(mAppendPromise.IsEmpty()); for (auto track : GetTracksList()) { // 2. Unset the last decode timestamp on all track buffers. @@ -361,18 +368,26 @@ TrackBuffersManager::DoEvictData(const TimeUnit& aPlaybackTime, } } -void +nsRefPtr +TrackBuffersManager::CodedFrameRemovalWithPromise(TimeInterval aInterval) +{ + MOZ_ASSERT(OnTaskQueue()); + bool rv = CodedFrameRemoval(aInterval); + return RangeRemovalPromise::CreateAndResolve(rv, __func__); +} + +bool TrackBuffersManager::CodedFrameRemoval(TimeInterval aInterval) { + MOZ_ASSERT(OnTaskQueue()); + MOZ_ASSERT(mAppendPromise.IsEmpty(), "Logic error: Append in progress"); MSE_DEBUG("From %.2fs to %.2f", aInterval.mStart.ToSeconds(), aInterval.mEnd.ToSeconds()); double mediaSourceDuration = mParentDecoder->GetMediaSourceDuration(); if (IsNaN(mediaSourceDuration)) { MSE_DEBUG("Nothing to remove, aborting"); - MonitorAutoLock mon(mMonitor); - mRangeRemovalPromise.ResolveIfExists(false, __func__); - return; + return false; } TimeUnit duration{TimeUnit::FromSeconds(mediaSourceDuration)}; @@ -391,6 +406,8 @@ TrackBuffersManager::CodedFrameRemoval(TimeInterval aInterval) // 2. Let end be the end presentation timestamp for the removal range. TimeUnit end = aInterval.mEnd; + bool dataRemoved = false; + // 3. For each track buffer in this source buffer, run the following steps: for (auto track : GetTracksList()) { MSE_DEBUGV("Processing %s track", track->mInfo->mMimeType.get()); @@ -445,6 +462,7 @@ TrackBuffersManager::CodedFrameRemoval(TimeInterval aInterval) track->mSizeBuffer -= sizeof(*frame) + frame->mSize; data.RemoveElementAt(i); } + dataRemoved = true; } track->mBufferedRanges -= removedInterval; @@ -476,14 +494,21 @@ TrackBuffersManager::CodedFrameRemoval(TimeInterval aInterval) // Update our reported total size. mSizeSourceBuffer = mVideoTracks.mSizeBuffer + mAudioTracks.mSizeBuffer; - mRangeRemovalPromise.ResolveIfExists(true, __func__); + return dataRemoved; } -void +nsRefPtr TrackBuffersManager::InitSegmentParserLoop() { + MOZ_ASSERT(OnTaskQueue()); + + MOZ_ASSERT(mAppendPromise.IsEmpty()); + nsRefPtr p = mAppendPromise.Ensure(__func__); + AppendIncomingBuffers(); SegmentParserLoop(); + + return p; } void diff --git a/dom/media/mediasource/TrackBuffersManager.h b/dom/media/mediasource/TrackBuffersManager.h index 5fcf3b76ee9..70a9e4466cc 100644 --- a/dom/media/mediasource/TrackBuffersManager.h +++ b/dom/media/mediasource/TrackBuffersManager.h @@ -84,7 +84,8 @@ public: private: virtual ~TrackBuffersManager(); - void InitSegmentParserLoop(); + // All following functions run on the taskqueue. + nsRefPtr InitSegmentParserLoop(); void ScheduleSegmentParserLoop(); void SegmentParserLoop(); void AppendIncomingBuffers(); @@ -95,12 +96,13 @@ private: // Will return a promise that will be resolved once all frames of the current // media segment have been processed. nsRefPtr CodedFrameProcessing(); - // Called by ResetParserState. Complete parsing the input buffer for the - // current media segment - void FinishCodedFrameProcessing(); void CompleteCodedFrameProcessing(); + // Called by ResetParserState. Complete parsing the input buffer for the + // current media segment. + void FinishCodedFrameProcessing(); void CompleteResetParserState(); - void CodedFrameRemoval(TimeInterval aInterval); + nsRefPtr CodedFrameRemovalWithPromise(TimeInterval aInterval); + bool CodedFrameRemoval(TimeInterval aInterval); void SetAppendState(AppendState aAppendState); bool HasVideo() const @@ -112,6 +114,10 @@ private: return mAudioTracks.mNumTracks > 0; } + typedef Pair, TimeUnit> IncomingBuffer; + void AppendIncomingBuffer(IncomingBuffer aData); + nsTArray mIncomingBuffers; + // The input buffer as per http://w3c.github.io/media-source/index.html#sourcebuffer-input-buffer nsRefPtr mInputBuffer; // The current append state as per https://w3c.github.io/media-source/#sourcebuffer-append-state @@ -215,9 +221,7 @@ private: MediaPromiseRequestHolder mProcessingRequest; MediaPromiseHolder mProcessingPromise; - // SourceBuffer media promise (resolved on the main thread) MediaPromiseHolder mAppendPromise; - MediaPromiseHolder mRangeRemovalPromise; // Trackbuffers definition. nsTArray GetTracksList(); @@ -262,8 +266,6 @@ private: // Monitor to protect following objects accessed across multipple threads. mutable Monitor mMonitor; - typedef Pair, TimeUnit> IncomingBuffer; - nsTArray mIncomingBuffers; // Stable audio and video track time ranges. TimeIntervals mVideoBufferedRanges; TimeIntervals mAudioBufferedRanges; From af9bb9c0215f75bea65d73e9492b674a369fa0c7 Mon Sep 17 00:00:00 2001 From: Jean-Yves Avenard Date: Thu, 11 Jun 2015 16:33:58 +1000 Subject: [PATCH 158/297] Bug 1171330: P17. Add diagnostic to ensure no pending append is going. r=cajbir --- dom/media/mediasource/TrackBuffersManager.cpp | 108 +++++++++++++----- dom/media/mediasource/TrackBuffersManager.h | 7 ++ 2 files changed, 85 insertions(+), 30 deletions(-) diff --git a/dom/media/mediasource/TrackBuffersManager.cpp b/dom/media/mediasource/TrackBuffersManager.cpp index 6d7b9717d8d..df6036dad31 100644 --- a/dom/media/mediasource/TrackBuffersManager.cpp +++ b/dom/media/mediasource/TrackBuffersManager.cpp @@ -45,6 +45,7 @@ TrackBuffersManager::TrackBuffersManager(dom::SourceBuffer* aParent, MediaSource , mType(aType) , mParser(ContainerParser::CreateForMIMEType(aType)) , mProcessedInput(0) + , mAppendRunning(false) , mTaskQueue(new MediaTaskQueue(GetMediaThreadPool(MediaThreadType::PLAYBACK))) , mParent(new nsMainThreadPtrHolder(aParent, false /* strict */)) , mParentDecoder(new nsMainThreadPtrHolder(aParentDecoder, false /* strict */)) @@ -75,6 +76,7 @@ TrackBuffersManager::AppendIncomingBuffer(IncomingBuffer aData) { MOZ_ASSERT(OnTaskQueue()); mIncomingBuffers.AppendElement(aData); + mAbort = false; } nsRefPtr @@ -92,6 +94,9 @@ TrackBuffersManager::BufferAppend() // process is happening asynchronously, as such where and when we would abort is // non-deterministic. The SourceBuffer also makes sure BufferAppend // isn't called should the appendBuffer be immediately aborted. +// We do however want to ensure that no new task will be dispatched on our task +// queue and only let the current one finish its job. For this we set mAbort +// to true. void TrackBuffersManager::AbortAppendData() { @@ -105,6 +110,7 @@ void TrackBuffersManager::ResetParserState() { MOZ_ASSERT(NS_IsMainThread()); + MOZ_ASSERT(!mAppendRunning, "AbortAppendData must have been called"); MSE_DEBUG(""); // 1. If the append state equals PARSING_MEDIA_SEGMENT and the input buffer contains some complete coded frames, then run the coded frame processing algorithm until all of these complete coded frames have been processed. @@ -117,6 +123,13 @@ TrackBuffersManager::ResetParserState() NS_NewRunnableMethod(this, &TrackBuffersManager::CompleteResetParserState); GetTaskQueue()->Dispatch(task.forget()); } + + // Our ResetParserState is really asynchronous, the current task has been + // interrupted and will complete shortly (or has already completed). + // We must however present to the main thread a stable, reset state. + // So we run the following operation now in the main thread. + // 7. Set append state to WAITING_FOR_SEGMENT. + SetAppendState(AppendState::WAITING_FOR_SEGMENT); } nsRefPtr @@ -138,12 +151,13 @@ TrackBuffersManager::EvictData(TimeUnit aPlaybackTime, TimeUnit* aBufferStartTime) { MOZ_ASSERT(NS_IsMainThread()); + MSE_DEBUG(""); int64_t toEvict = GetSize() - aThreshold; if (toEvict <= 0) { return EvictDataResult::NO_DATA_EVICTED; } - MSE_DEBUG("Reaching our size limit, schedule eviction of %lld bytes", toEvict); + MSE_DEBUG("Reaching our size limit, schedule eviction of %lld bytes", toEvict); nsCOMPtr task = NS_NewRunnableMethodWithArgs( @@ -158,6 +172,8 @@ void TrackBuffersManager::EvictBefore(TimeUnit aTime) { MOZ_ASSERT(NS_IsMainThread()); + MSE_DEBUG(""); + nsCOMPtr task = NS_NewRunnableMethodWithArg( this, &TrackBuffersManager::CodedFrameRemoval, @@ -168,6 +184,7 @@ TrackBuffersManager::EvictBefore(TimeUnit aTime) media::TimeIntervals TrackBuffersManager::Buffered() { + MSE_DEBUG(""); MonitorAutoLock mon(mMonitor); // http://w3c.github.io/media-source/index.html#widl-SourceBuffer-buffered // 2. Let highest end time be the largest track buffer ranges end time across all the track buffers managed by this SourceBuffer object. @@ -256,7 +273,8 @@ void TrackBuffersManager::CompleteResetParserState() { MOZ_ASSERT(OnTaskQueue()); - MOZ_ASSERT(mAppendPromise.IsEmpty()); + MOZ_ASSERT(!mAppendRunning); + MSE_DEBUG(""); for (auto track : GetTracksList()) { // 2. Unset the last decode timestamp on all track buffers. @@ -299,9 +317,6 @@ TrackBuffersManager::CompleteResetParserState() // 7. Set append state to WAITING_FOR_SEGMENT. SetAppendState(AppendState::WAITING_FOR_SEGMENT); - - // We're done. - mAbort = false; } void @@ -380,7 +395,7 @@ bool TrackBuffersManager::CodedFrameRemoval(TimeInterval aInterval) { MOZ_ASSERT(OnTaskQueue()); - MOZ_ASSERT(mAppendPromise.IsEmpty(), "Logic error: Append in progress"); + MOZ_ASSERT(!mAppendRunning, "Logic error: Append in progress"); MSE_DEBUG("From %.2fs to %.2f", aInterval.mStart.ToSeconds(), aInterval.mEnd.ToSeconds()); @@ -502,7 +517,7 @@ TrackBuffersManager::InitSegmentParserLoop() { MOZ_ASSERT(OnTaskQueue()); - MOZ_ASSERT(mAppendPromise.IsEmpty()); + MOZ_ASSERT(mAppendPromise.IsEmpty() && !mAppendRunning); nsRefPtr p = mAppendPromise.Ensure(__func__); AppendIncomingBuffers(); @@ -616,7 +631,10 @@ void TrackBuffersManager::NeedMoreData() { MSE_DEBUG(""); - RestoreCachedVariables(); + if (!mAbort) { + RestoreCachedVariables(); + } + mAppendRunning = false; mAppendPromise.ResolveIfExists(mActiveTrack, __func__); } @@ -624,6 +642,7 @@ void TrackBuffersManager::RejectAppend(nsresult aRejectValue, const char* aName) { MSE_DEBUG("rv=%d", aRejectValue); + mAppendRunning = false; mAppendPromise.RejectIfExists(aRejectValue, aName); } @@ -688,6 +707,8 @@ TrackBuffersManager::InitializationSegmentReceived() void TrackBuffersManager::OnDemuxerInitDone(nsresult) { + MOZ_ASSERT(OnTaskQueue()); + MSE_DEBUG("mAbort:%d", static_cast(mAbort)); mDemuxerInitRequest.Complete(); if (mAbort) { @@ -878,6 +899,7 @@ TrackBuffersManager::OnDemuxerInitFailed(DemuxerFailureReason aFailure) nsRefPtr TrackBuffersManager::CodedFrameProcessing() { + MOZ_ASSERT(OnTaskQueue()); MOZ_ASSERT(mProcessingPromise.IsEmpty()); nsRefPtr p = mProcessingPromise.Ensure(__func__); @@ -910,12 +932,10 @@ void TrackBuffersManager::OnDemuxFailed(TrackType aTrack, DemuxerFailureReason aFailure) { - MSE_DEBUG("Failed to demux %s, failure = %d", - aTrack == TrackType::kVideoTrack ? "video" : "audio", aFailure); - if (mAbort) { - mProcessingPromise.RejectIfExists(NS_ERROR_ABORT, __func__); - return; - } + MOZ_ASSERT(OnTaskQueue()); + MSE_DEBUG("Failed to demux %s, failure:%d mAbort:%d", + aTrack == TrackType::kVideoTrack ? "video" : "audio", + aFailure, static_cast(mAbort)); switch (aFailure) { case DemuxerFailureReason::END_OF_STREAM: case DemuxerFailureReason::WAITING_FOR_DATA: @@ -926,11 +946,11 @@ TrackBuffersManager::OnDemuxFailed(TrackType aTrack, } break; case DemuxerFailureReason::DEMUXER_ERROR: - mProcessingPromise.RejectIfExists(NS_ERROR_FAILURE, __func__); + RejectProcessing(NS_ERROR_FAILURE, __func__); break; case DemuxerFailureReason::CANCELED: case DemuxerFailureReason::SHUTDOWN: - mProcessingPromise.RejectIfExists(NS_ERROR_ABORT, __func__); + RejectProcessing(NS_ERROR_ABORT, __func__); break; default: MOZ_ASSERT(false); @@ -941,10 +961,16 @@ TrackBuffersManager::OnDemuxFailed(TrackType aTrack, void TrackBuffersManager::DoDemuxVideo() { + MOZ_ASSERT(OnTaskQueue()); + MSE_DEBUG("mAbort:%d", static_cast(mAbort)); if (!HasVideo()) { DoDemuxAudio(); return; } + if (mAbort) { + RejectProcessing(NS_ERROR_ABORT, __func__); + return; + } mVideoTracks.mDemuxRequest.Begin(mVideoTracks.mDemuxer->GetSamples(-1) ->Then(GetTaskQueue(), __func__, this, &TrackBuffersManager::OnVideoDemuxCompleted, @@ -954,12 +980,9 @@ TrackBuffersManager::DoDemuxVideo() void TrackBuffersManager::OnVideoDemuxCompleted(nsRefPtr aSamples) { + MOZ_ASSERT(OnTaskQueue()); MSE_DEBUG("%d video samples demuxed", aSamples->mSamples.Length()); mVideoTracks.mDemuxRequest.Complete(); - if (mAbort) { - mProcessingPromise.RejectIfExists(NS_ERROR_ABORT, __func__); - return; - } mVideoTracks.mQueuedSamples.AppendElements(aSamples->mSamples); DoDemuxAudio(); } @@ -967,14 +990,16 @@ TrackBuffersManager::OnVideoDemuxCompleted(nsRefPtr(mAbort)); if (!HasAudio()) { CompleteCodedFrameProcessing(); return; } + if (mAbort) { + RejectProcessing(NS_ERROR_ABORT, __func__); + return; + } mAudioTracks.mDemuxRequest.Begin(mAudioTracks.mDemuxer->GetSamples(-1) ->Then(GetTaskQueue(), __func__, this, &TrackBuffersManager::OnAudioDemuxCompleted, @@ -984,12 +1009,9 @@ TrackBuffersManager::DoDemuxAudio() void TrackBuffersManager::OnAudioDemuxCompleted(nsRefPtr aSamples) { + MOZ_ASSERT(OnTaskQueue()); MSE_DEBUG("%d audio samples demuxed", aSamples->mSamples.Length()); mAudioTracks.mDemuxRequest.Complete(); - if (mAbort) { - mProcessingPromise.RejectIfExists(NS_ERROR_ABORT, __func__); - return; - } mAudioTracks.mQueuedSamples.AppendElements(aSamples->mSamples); CompleteCodedFrameProcessing(); } @@ -998,6 +1020,7 @@ void TrackBuffersManager::CompleteCodedFrameProcessing() { MOZ_ASSERT(OnTaskQueue()); + MSE_DEBUG("mAbort:%d", static_cast(mAbort)); // 1. For each coded frame in the media segment run the following steps: @@ -1045,7 +1068,7 @@ TrackBuffersManager::CompleteCodedFrameProcessing() // 5. If the input buffer does not contain a complete media segment, then jump to the need more data step below. if (mParser->MediaSegmentRange().IsNull()) { - mProcessingPromise.ResolveIfExists(true, __func__); + ResolveProcessing(true, __func__); return; } @@ -1061,7 +1084,29 @@ TrackBuffersManager::CompleteCodedFrameProcessing() SetAppendState(AppendState::WAITING_FOR_SEGMENT); // 8. Jump to the loop top step above. - mProcessingPromise.ResolveIfExists(false, __func__); + ResolveProcessing(false, __func__); +} + +void +TrackBuffersManager::RejectProcessing(nsresult aRejectValue, const char* aName) +{ + if (mAbort) { + // mAppendPromise will be resolved immediately upon mProcessingPromise + // completing. + mAppendRunning = false; + } + mProcessingPromise.RejectIfExists(aRejectValue, __func__); +} + +void +TrackBuffersManager::ResolveProcessing(bool aResolveValue, const char* aName) +{ + if (mAbort) { + // mAppendPromise will be resolved immediately upon mProcessingPromise + // completing. + mAppendRunning = false; + } + mProcessingPromise.ResolveIfExists(aResolveValue, __func__); } bool @@ -1313,6 +1358,7 @@ TrackBuffersManager::ProcessFrame(MediaRawData* aSample, void TrackBuffersManager::RecreateParser() { + MOZ_ASSERT(OnTaskQueue()); // Recreate our parser for only the data remaining. This is required // as it has parsed the entire InputBuffer provided. // Once the old TrackBuffer/MediaSource implementation is removed @@ -1331,6 +1377,7 @@ TrackBuffersManager::RecreateParser() nsTArray TrackBuffersManager::GetTracksList() { + MOZ_ASSERT(OnTaskQueue()); nsTArray tracks; if (HasVideo()) { tracks.AppendElement(&mVideoTracks); @@ -1344,6 +1391,7 @@ TrackBuffersManager::GetTracksList() void TrackBuffersManager::RestoreCachedVariables() { + MOZ_ASSERT(OnTaskQueue()); if (mTimestampOffset != mLastTimestampOffset) { nsCOMPtr task = NS_NewRunnableMethodWithArg( diff --git a/dom/media/mediasource/TrackBuffersManager.h b/dom/media/mediasource/TrackBuffersManager.h index 70a9e4466cc..a2b9c28860f 100644 --- a/dom/media/mediasource/TrackBuffersManager.h +++ b/dom/media/mediasource/TrackBuffersManager.h @@ -217,11 +217,18 @@ private: // TrackInfo of the first metadata received. UniquePtr mInfo; }; + bool ProcessFrame(MediaRawData* aSample, TrackData& aTrackData); + void RejectProcessing(nsresult aRejectValue, const char* aName); + void ResolveProcessing(bool aResolveValue, const char* aName); MediaPromiseRequestHolder mProcessingRequest; MediaPromiseHolder mProcessingPromise; MediaPromiseHolder mAppendPromise; + // Set to true while SegmentParserLoop is running. This is used for diagnostic + // purposes only. We can't rely on mAppendPromise to be empty as it is only + // cleared in a follow up task. + bool mAppendRunning; // Trackbuffers definition. nsTArray GetTracksList(); From 692e9d863d495651986a7acfbe8a618714083b91 Mon Sep 17 00:00:00 2001 From: Jean-Yves Avenard Date: Thu, 11 Jun 2015 16:34:03 +1000 Subject: [PATCH 159/297] Bug 1171330: P18. Error when finding invalid data. r=cajbir --- dom/media/mediasource/TrackBuffersManager.cpp | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/dom/media/mediasource/TrackBuffersManager.cpp b/dom/media/mediasource/TrackBuffersManager.cpp index df6036dad31..c851ce0059e 100644 --- a/dom/media/mediasource/TrackBuffersManager.cpp +++ b/dom/media/mediasource/TrackBuffersManager.cpp @@ -574,10 +574,9 @@ TrackBuffersManager::SegmentParserLoop() continue; } // We have neither an init segment nor a media segment, this is invalid - // data. However, as we do not remove any bytes that are supposed to be - // ignored, we simply ignore them. - MSE_DEBUG("Found invalid data, ignoring for now"); - NeedMoreData(); + // data. + MSE_DEBUG("Found invalid data"); + RejectAppend(NS_ERROR_FAILURE, __func__); return; } From 2866fe663c87cd12970221f70688e7e7617410b7 Mon Sep 17 00:00:00 2001 From: Jean-Yves Avenard Date: Thu, 11 Jun 2015 16:34:03 +1000 Subject: [PATCH 160/297] Bug 1171330: P19. Use state mirroring for reading mediasource duration. r=bholley --- dom/media/mediasource/TrackBuffersManager.cpp | 27 +++++++++++++------ dom/media/mediasource/TrackBuffersManager.h | 6 ++++- 2 files changed, 24 insertions(+), 9 deletions(-) diff --git a/dom/media/mediasource/TrackBuffersManager.cpp b/dom/media/mediasource/TrackBuffersManager.cpp index c851ce0059e..70ebbf4f6f6 100644 --- a/dom/media/mediasource/TrackBuffersManager.cpp +++ b/dom/media/mediasource/TrackBuffersManager.cpp @@ -46,13 +46,21 @@ TrackBuffersManager::TrackBuffersManager(dom::SourceBuffer* aParent, MediaSource , mParser(ContainerParser::CreateForMIMEType(aType)) , mProcessedInput(0) , mAppendRunning(false) - , mTaskQueue(new MediaTaskQueue(GetMediaThreadPool(MediaThreadType::PLAYBACK))) + , mTaskQueue(new MediaTaskQueue(GetMediaThreadPool(MediaThreadType::PLAYBACK), + /* aSupportsTailDispatch = */ true)) , mParent(new nsMainThreadPtrHolder(aParent, false /* strict */)) , mParentDecoder(new nsMainThreadPtrHolder(aParentDecoder, false /* strict */)) + , mMediaSourceDuration(mTaskQueue, Maybe(), "TrackBuffersManager::mMediaSourceDuration (Mirror)") , mAbort(false) , mMonitor("TrackBuffersManager") { MOZ_ASSERT(NS_IsMainThread(), "Must be instanciated on the main thread"); + nsRefPtr self = this; + nsCOMPtr task = + NS_NewRunnableFunction([self] () { + self->mMediaSourceDuration.Connect(self->mParentDecoder->CanonicalExplicitDuration()); + }); + GetTaskQueue()->Dispatch(task.forget()); } bool @@ -235,11 +243,14 @@ TrackBuffersManager::Detach() MOZ_ASSERT(NS_IsMainThread()); MSE_DEBUG(""); - // Clear our sourcebuffer + nsRefPtr self = this; nsCOMPtr task = - NS_NewRunnableMethodWithArg( - this, &TrackBuffersManager::CodedFrameRemoval, - TimeInterval(TimeUnit::FromSeconds(0), TimeUnit::FromInfinity())); + NS_NewRunnableFunction([self] () { + // Clear our sourcebuffer + self->CodedFrameRemoval(TimeInterval(TimeUnit::FromSeconds(0), + TimeUnit::FromInfinity())); + self->mMediaSourceDuration.DisconnectIfConnected(); + }); GetTaskQueue()->Dispatch(task.forget()); } @@ -399,12 +410,12 @@ TrackBuffersManager::CodedFrameRemoval(TimeInterval aInterval) MSE_DEBUG("From %.2fs to %.2f", aInterval.mStart.ToSeconds(), aInterval.mEnd.ToSeconds()); - double mediaSourceDuration = mParentDecoder->GetMediaSourceDuration(); - if (IsNaN(mediaSourceDuration)) { + if (mMediaSourceDuration.Ref().isNothing() || + IsNaN(mMediaSourceDuration.Ref().ref())) { MSE_DEBUG("Nothing to remove, aborting"); return false; } - TimeUnit duration{TimeUnit::FromSeconds(mediaSourceDuration)}; + TimeUnit duration{TimeUnit::FromSeconds(mMediaSourceDuration.Ref().ref())}; MSE_DEBUG("duration:%.2f", duration.ToSeconds()); if (HasAudio()) { diff --git a/dom/media/mediasource/TrackBuffersManager.h b/dom/media/mediasource/TrackBuffersManager.h index a2b9c28860f..3d9577213b9 100644 --- a/dom/media/mediasource/TrackBuffersManager.h +++ b/dom/media/mediasource/TrackBuffersManager.h @@ -15,6 +15,7 @@ #include "mozilla/Pair.h" #include "nsProxyRelease.h" #include "nsTArray.h" +#include "StateMirroring.h" namespace mozilla { @@ -263,7 +264,10 @@ private: nsMainThreadPtrHandle mParent; nsMainThreadPtrHandle mParentDecoder; - // Set to true if abort is called. + // MediaSource duration mirrored from MediaDecoder on the main thread.. + Mirror> mMediaSourceDuration; + + // Set to true if abort was called. Atomic mAbort; // Set to true if mediasource state changed to ended. Atomic mEnded; From 282cb743da49ab667d6abf3e46b825a6a2610cfa Mon Sep 17 00:00:00 2001 From: "Carsten \"Tomcat\" Book" Date: Thu, 11 Jun 2015 10:08:42 +0200 Subject: [PATCH 161/297] Backed out changeset 45cdca10d5cd (bug 1168935) --- gfx/src/DriverInitCrashDetection.cpp | 44 +++--------------- gfx/src/DriverInitCrashDetection.h | 49 -------------------- toolkit/components/telemetry/Histograms.json | 8 ---- 3 files changed, 6 insertions(+), 95 deletions(-) diff --git a/gfx/src/DriverInitCrashDetection.cpp b/gfx/src/DriverInitCrashDetection.cpp index da6fb998a4a..16aa22244fe 100644 --- a/gfx/src/DriverInitCrashDetection.cpp +++ b/gfx/src/DriverInitCrashDetection.cpp @@ -10,7 +10,6 @@ #include "nsString.h" #include "nsXULAppAPI.h" #include "mozilla/Preferences.h" -#include "mozilla/Telemetry.h" #include "mozilla/gfx/Logging.h" namespace mozilla { @@ -29,16 +28,13 @@ DriverInitCrashDetection::DriverInitCrashDetection() return; } - if (sDisableAcceleration) { - // We already disabled acceleration earlier. - return; - } - if (RecoverFromDriverInitCrash()) { - // This is the first time we're checking for a crash recovery, so print - // a message and disable acceleration for anyone who asks for it. - gfxCriticalError(CriticalLog::DefaultOptions(false)) << "Recovered from graphics driver startup crash; acceleration disabled."; - sDisableAcceleration = true; + if (!sDisableAcceleration) { + // This is the first time we're checking for a crash recovery, so print + // a message and disable acceleration for anyone who asks for it. + gfxCriticalError(CriticalLog::DefaultOptions(false)) << "Recovered from graphics driver startup crash; acceleration disabled."; + sDisableAcceleration = true; + } return; } @@ -57,8 +53,6 @@ DriverInitCrashDetection::DriverInitCrashDetection() sEnvironmentHasBeenUpdated = true; return; } - - RecordTelemetry(TelemetryState::Okay); } DriverInitCrashDetection::~DriverInitCrashDetection() @@ -102,10 +96,6 @@ DriverInitCrashDetection::AllowDriverInitAttempt() // Flush preferences, so if we crash, we don't think the environment has changed again. FlushPreferences(); - - // If we crash, we'll just lose this. Not a big deal, next startup we'll - // record the failure. - RecordTelemetry(TelemetryState::EnvironmentChanged); } bool @@ -123,13 +113,11 @@ DriverInitCrashDetection::RecoverFromDriverInitCrash() gfxPrefs::SetDriverInitStatus(int32_t(DriverInitStatus::Recovered)); UpdateEnvironment(); FlushPreferences(); - RecordTelemetry(TelemetryState::RecoveredFromCrash); return true; } if (gfxPrefs::DriverInitStatus() == int32_t(DriverInitStatus::Recovered)) { // If we get here, we crashed in the current environment and have already // disabled acceleration. - RecordTelemetry(TelemetryState::DriverUseDisabled); return true; } return false; @@ -216,25 +204,5 @@ DriverInitCrashDetection::FlushPreferences() } } -void -DriverInitCrashDetection::RecordTelemetry(TelemetryState aState) -{ - // Since we run this in each child process, we only want the initial results - // from the chrome process. - if (XRE_GetProcessType() != GeckoProcessType_Default) { - return; - } - - // Since we instantiate this class more than once, make sure we only record - // the first state (since that is really all we care about). - static bool sTelemetryStateRecorded = false; - if (sTelemetryStateRecorded) { - return; - } - - Telemetry::Accumulate(Telemetry::GRAPHICS_DRIVER_STARTUP_TEST, int32_t(aState)); - sTelemetryStateRecorded = true; -} - } // namespace gfx } // namespace mozilla diff --git a/gfx/src/DriverInitCrashDetection.h b/gfx/src/DriverInitCrashDetection.h index 3a9a1692a12..77f7d945f79 100644 --- a/gfx/src/DriverInitCrashDetection.h +++ b/gfx/src/DriverInitCrashDetection.h @@ -38,53 +38,6 @@ public: return sDisableAcceleration; } - // NOTE: These are the values reported to Telemetry (GRAPHICS_DRIVER_STARTUP_TEST). - // Values should not change; add new values to the end. - // - // We report exactly one of these values on every startup. The only exception - // is when we crash during driver initialization; the relevant value will be - // reported on the next startup. The value can change from startup to startup. - // - // The initial value for any profile is "EnvironmentChanged"; this means we - // have not seen the environment before. The environment includes graphics - // driver versions, adpater IDs, the MOZ_APP version, and blacklisting - // information. - // - // If the user crashes, the next startup will have the "RecoveredFromCrash" - // state. Graphics acceleration will be disabled. Subsequent startups will - // have the "DriverUseDisabled" state. - // - // If the user does not crash, subsequent startups will have the "Okay" - // state. - // - // If the environment changes, the state (no matter what it is) will - // transition back to "EnvironmentChanged". - enum class TelemetryState { - // Environment is the same as before, and we detected no crash at that time. - // - // Valid state transitions: Okay -> EnvironmentChanged. - Okay = 0, - - // Environment has changed since the last time we checked drivers. If we - // detected a crash before, we re-enable acceleration to see if it will - // work in the new environment. - // - // Valid state transitions: EnvironmentChanged -> RecoveredFromCrash | Okay - EnvironmentChanged = 1, - - // The last startup crashed trying to enable graphics acceleration, and - // acceleration has just been disabled. - // - // Valid state transitions: RecoveredFromCrash -> DriverUseDisabled | EnvironmentChanged - RecoveredFromCrash = 2, - - // A previous session was in the RecoveredFromCrash state, and now graphics - // acceleration is disabled until the environment changes. - // - // Valid state transitions: DriverUseDisabled -> EnvironmentChanged - DriverUseDisabled = 3 - }; - private: bool InitLockFilePath(); bool UpdateEnvironment(); @@ -95,8 +48,6 @@ private: bool RecoverFromDriverInitCrash(); void FlushPreferences(); - void RecordTelemetry(TelemetryState aState); - private: static bool sDisableAcceleration; static bool sEnvironmentHasBeenUpdated; diff --git a/toolkit/components/telemetry/Histograms.json b/toolkit/components/telemetry/Histograms.json index c9eb9810eb0..a217caff848 100644 --- a/toolkit/components/telemetry/Histograms.json +++ b/toolkit/components/telemetry/Histograms.json @@ -8158,13 +8158,5 @@ "expires_in_version": "45", "kind": "boolean", "description": "Set if media.eme.enabled is false, in a build that supports the Adobe Primetime Content Decryption Module." - }, - "GRAPHICS_DRIVER_STARTUP_TEST": { - "alert_emails": ["danderson@mozilla.com"], - "expires_in_version": "never", - "kind": "enumerated", - "n_values": 20, - "releaseChannelCollection": "opt-out", - "description": "Reports the status of graphics driver initialization. 0=Okay, 1=Driver/GPU/Firefox changed, 2=Drivers crashed during last startup, 3=Drivers crashed in a previous startup. State 0 is normal, 1 indicates a system change, 2 indicates a catastrophic crash, 3 indicates a user that experienced state 2 and is now unaccelerated." } } From c6b0e39b0840463152cf322b86ba367df2f2e34d Mon Sep 17 00:00:00 2001 From: "Carsten \"Tomcat\" Book" Date: Thu, 11 Jun 2015 10:09:08 +0200 Subject: [PATCH 162/297] Backed out changeset 606cb8f08825 (bug 1168935) for test failures in browser_Troubleshoot.js --- gfx/src/DriverInitCrashDetection.cpp | 208 --------------------------- gfx/src/DriverInitCrashDetection.h | 65 --------- gfx/src/moz.build | 4 - gfx/thebes/gfxPrefs.h | 3 - gfx/thebes/gfxWindowsPlatform.cpp | 9 +- 5 files changed, 1 insertion(+), 288 deletions(-) delete mode 100644 gfx/src/DriverInitCrashDetection.cpp delete mode 100644 gfx/src/DriverInitCrashDetection.h diff --git a/gfx/src/DriverInitCrashDetection.cpp b/gfx/src/DriverInitCrashDetection.cpp deleted file mode 100644 index 16aa22244fe..00000000000 --- a/gfx/src/DriverInitCrashDetection.cpp +++ /dev/null @@ -1,208 +0,0 @@ -/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -#include "DriverInitCrashDetection.h" -#include "gfxPrefs.h" -#include "nsAppDirectoryServiceDefs.h" -#include "nsDirectoryServiceUtils.h" -#include "nsServiceManagerUtils.h" -#include "nsString.h" -#include "nsXULAppAPI.h" -#include "mozilla/Preferences.h" -#include "mozilla/gfx/Logging.h" - -namespace mozilla { -namespace gfx { - -bool DriverInitCrashDetection::sDisableAcceleration = false; -bool DriverInitCrashDetection::sEnvironmentHasBeenUpdated = false; - -DriverInitCrashDetection::DriverInitCrashDetection() - : mIsChromeProcess(XRE_GetProcessType() == GeckoProcessType_Default) -{ - // Only use the lockfile in the privileged process, which is responsible for - // the first driver initialization run. Child processes can't access the - // filesystme anyway. - if (mIsChromeProcess && !InitLockFilePath()) { - return; - } - - if (RecoverFromDriverInitCrash()) { - if (!sDisableAcceleration) { - // This is the first time we're checking for a crash recovery, so print - // a message and disable acceleration for anyone who asks for it. - gfxCriticalError(CriticalLog::DefaultOptions(false)) << "Recovered from graphics driver startup crash; acceleration disabled."; - sDisableAcceleration = true; - } - return; - } - - // If we previously disabled acceleration, we should have gone through - // RecoverFromDriverInitCrash(). - MOZ_ASSERT(!sDisableAcceleration); - - if (mIsChromeProcess && - (UpdateEnvironment() || sEnvironmentHasBeenUpdated)) - { - // Something in the environment changed, *or* a previous instance of this - // class already updated the environment. Allow a fresh attempt at driver - // acceleration. This doesn't mean the previous attempt failed, it just - // means we want to detect whether the new environment crashes. - AllowDriverInitAttempt(); - sEnvironmentHasBeenUpdated = true; - return; - } -} - -DriverInitCrashDetection::~DriverInitCrashDetection() -{ - if (mLockFile) { - mLockFile->Remove(false); - } - - if (gfxPrefs::DriverInitStatus() == int32_t(DriverInitStatus::Attempting)) { - // If we attempted to initialize the driver, and got this far without - // crashing, assume everything is okay. - gfxPrefs::SetDriverInitStatus(int32_t(DriverInitStatus::Okay)); - gfxCriticalError(CriticalLog::DefaultOptions(false)) << "Successfully verified new graphics environment."; - } -} - -bool -DriverInitCrashDetection::InitLockFilePath() -{ - NS_GetSpecialDirectory(NS_APP_USER_PROFILE_LOCAL_50_DIR, getter_AddRefs(mLockFile)); - if (!mLockFile) { - return false; - } - if (!NS_SUCCEEDED(mLockFile->AppendNative(NS_LITERAL_CSTRING("gfxinit.lock")))) { - return false; - } - return true; -} - -void -DriverInitCrashDetection::AllowDriverInitAttempt() -{ - // Create a temporary tombstone/lockfile. - FILE* fp; - if (!NS_SUCCEEDED(mLockFile->OpenANSIFileDesc("w", &fp))) { - return; - } - fclose(fp); - - gfxPrefs::SetDriverInitStatus(int32_t(DriverInitStatus::Attempting)); - - // Flush preferences, so if we crash, we don't think the environment has changed again. - FlushPreferences(); -} - -bool -DriverInitCrashDetection::RecoverFromDriverInitCrash() -{ - bool exists; - if (mLockFile && - NS_SUCCEEDED(mLockFile->Exists(&exists)) && - exists) - { - // If we get here, we've just recovered from a crash. Disable acceleration - // until the environment changes. Since we may have crashed before - // preferences we're flushed, we cache the environment again, then flush - // preferences so child processes can start right away. - gfxPrefs::SetDriverInitStatus(int32_t(DriverInitStatus::Recovered)); - UpdateEnvironment(); - FlushPreferences(); - return true; - } - if (gfxPrefs::DriverInitStatus() == int32_t(DriverInitStatus::Recovered)) { - // If we get here, we crashed in the current environment and have already - // disabled acceleration. - return true; - } - return false; -} - -bool -DriverInitCrashDetection::UpdateEnvironment() -{ - mGfxInfo = do_GetService("@mozilla.org/gfx/info;1"); - - bool changed = false; - if (mGfxInfo) { - nsString value; - - // Driver properties. - mGfxInfo->GetAdapterDriverVersion(value); - changed |= CheckAndUpdatePref("gfx.driver-init.driverVersion", value); - mGfxInfo->GetAdapterDeviceID(value); - changed |= CheckAndUpdatePref("gfx.driver-init.deviceID", value); - - // Feature status. -#if defined(XP_WIN) - bool d2dEnabled = gfxPrefs::Direct2DForceEnabled() || - (!gfxPrefs::Direct2DDisabled() && FeatureEnabled(nsIGfxInfo::FEATURE_DIRECT2D)); - changed |= CheckAndUpdateBoolPref("gfx.driver-init.feature-d2d", d2dEnabled); - - bool d3d11Enabled = !gfxPrefs::LayersPreferD3D9(); - if (!FeatureEnabled(nsIGfxInfo::FEATURE_DIRECT3D_11_LAYERS)) { - d3d11Enabled = false; - } - changed |= CheckAndUpdateBoolPref("gfx.driver-init.feature-d3d11", d3d11Enabled); -#endif - } - - // Firefox properties. - changed |= CheckAndUpdatePref("gfx.driver-init.appVersion", NS_LITERAL_STRING(MOZ_APP_VERSION)); - - // Finally, mark as changed if the status has been reset by the user. - changed |= (gfxPrefs::DriverInitStatus() == int32_t(DriverInitStatus::None)); - - mGfxInfo = nullptr; - return changed; -} - -bool -DriverInitCrashDetection::FeatureEnabled(int aFeature) -{ - int32_t status; - if (!NS_SUCCEEDED(mGfxInfo->GetFeatureStatus(aFeature, &status))) { - return false; - } - return status == nsIGfxInfo::FEATURE_STATUS_OK; -} - -bool -DriverInitCrashDetection::CheckAndUpdateBoolPref(const char* aPrefName, bool aCurrentValue) -{ - bool oldValue; - if (NS_SUCCEEDED(Preferences::GetBool(aPrefName, &oldValue)) && - oldValue == aCurrentValue) - { - return false; - } - Preferences::SetBool(aPrefName, aCurrentValue); - return true; -} - -bool -DriverInitCrashDetection::CheckAndUpdatePref(const char* aPrefName, const nsAString& aCurrentValue) -{ - nsAdoptingString oldValue = Preferences::GetString(aPrefName); - if (oldValue == aCurrentValue) { - return false; - } - Preferences::SetString(aPrefName, aCurrentValue); - return true; -} - -void -DriverInitCrashDetection::FlushPreferences() -{ - if (nsIPrefService* prefService = Preferences::GetService()) { - prefService->SavePrefFile(nullptr); - } -} - -} // namespace gfx -} // namespace mozilla diff --git a/gfx/src/DriverInitCrashDetection.h b/gfx/src/DriverInitCrashDetection.h deleted file mode 100644 index 77f7d945f79..00000000000 --- a/gfx/src/DriverInitCrashDetection.h +++ /dev/null @@ -1,65 +0,0 @@ -/* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ -/* This Source Code Form is subject to the terms of the Mozilla Public - * License, v. 2.0. If a copy of the MPL was not distributed with this - * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ -#ifndef gfx_src_DriverInitCrashDetection_h__ -#define gfx_src_DriverInitCrashDetection_h__ - -#include "gfxCore.h" -#include "nsCOMPtr.h" -#include "nsIGfxInfo.h" -#include "nsIFile.h" - -namespace mozilla { -namespace gfx { - -enum class DriverInitStatus -{ - // Drivers have not been initialized yet. - None, - - // We're attempting to initialize drivers. - Attempting, - - // Drivers were successfully initialized last run. - Okay, - - // We crashed during driver initialization, and have restarted. - Recovered -}; - -class DriverInitCrashDetection -{ -public: - DriverInitCrashDetection(); - ~DriverInitCrashDetection(); - - bool DisableAcceleration() const { - return sDisableAcceleration; - } - -private: - bool InitLockFilePath(); - bool UpdateEnvironment(); - bool CheckAndUpdatePref(const char* aPrefName, const nsAString& aCurrentValue); - bool CheckAndUpdateBoolPref(const char* aPrefName, bool aCurrentValue); - bool FeatureEnabled(int aFeature); - void AllowDriverInitAttempt(); - bool RecoverFromDriverInitCrash(); - void FlushPreferences(); - -private: - static bool sDisableAcceleration; - static bool sEnvironmentHasBeenUpdated; - -private: - bool mIsChromeProcess; - nsCOMPtr mGfxInfo; - nsCOMPtr mLockFile; -}; - -} // namespace gfx -} // namespace mozilla - -#endif // gfx_src_DriverInitCrashDetection_h__ - diff --git a/gfx/src/moz.build b/gfx/src/moz.build index 8f9bff14151..7d38432c293 100644 --- a/gfx/src/moz.build +++ b/gfx/src/moz.build @@ -11,10 +11,7 @@ XPIDL_SOURCES += [ XPIDL_MODULE = 'gfx' -DEFINES['MOZ_APP_VERSION'] = '"%s"' % CONFIG['MOZ_APP_VERSION'] - EXPORTS += [ - 'DriverInitCrashDetection.h', 'FilterSupport.h', 'gfxCore.h', 'gfxCrashReporterUtils.h', @@ -53,7 +50,6 @@ if CONFIG['MOZ_X11']: ] UNIFIED_SOURCES += [ - 'DriverInitCrashDetection.cpp', 'FilterSupport.cpp', 'gfxCrashReporterUtils.cpp', 'nsColor.cpp', diff --git a/gfx/thebes/gfxPrefs.h b/gfx/thebes/gfxPrefs.h index 90df5f942fa..38a95febd67 100644 --- a/gfx/thebes/gfxPrefs.h +++ b/gfx/thebes/gfxPrefs.h @@ -226,9 +226,6 @@ private: DECL_GFX_PREF(Once, "gfx.direct2d.force-enabled", Direct2DForceEnabled, bool, false); DECL_GFX_PREF(Live, "gfx.direct2d.use1_1", Direct2DUse1_1, bool, false); DECL_GFX_PREF(Live, "gfx.draw-color-bars", CompositorDrawColorBars, bool, false); - // This should be set to values in the DriverInitStatus enumeration found in - // DriverInitCrashDetection.h. - DECL_GFX_PREF(Live, "gfx.driver-init.status", DriverInitStatus, int32_t, 0); DECL_GFX_PREF(Live, "gfx.gralloc.fence-with-readpixels", GrallocFenceWithReadPixels, bool, false); DECL_GFX_PREF(Live, "gfx.layerscope.enabled", LayerScopeEnabled, bool, false); DECL_GFX_PREF(Live, "gfx.layerscope.port", LayerScopePort, int32_t, 23456); diff --git a/gfx/thebes/gfxWindowsPlatform.cpp b/gfx/thebes/gfxWindowsPlatform.cpp index 1e2e179c5b1..dea314dea83 100644 --- a/gfx/thebes/gfxWindowsPlatform.cpp +++ b/gfx/thebes/gfxWindowsPlatform.cpp @@ -78,7 +78,6 @@ #endif #include "VsyncSource.h" -#include "DriverInitCrashDetection.h" using namespace mozilla; using namespace mozilla::gfx; @@ -653,11 +652,6 @@ void gfxWindowsPlatform::VerifyD2DDevice(bool aAttemptForce) { #ifdef CAIRO_HAS_D2D_SURFACE - DriverInitCrashDetection detectCrashes; - if (detectCrashes.DisableAcceleration()) { - return; - } - if (mD2DDevice) { ID3D10Device1 *device = cairo_d2d_device_get_device(mD2DDevice); @@ -1870,8 +1864,7 @@ gfxWindowsPlatform::InitD3D11Devices() MOZ_ASSERT(!mD3D11Device); - DriverInitCrashDetection detectCrashes; - if (InSafeMode() || detectCrashes.DisableAcceleration()) { + if (InSafeMode()) { return; } From 8104170db0894285fc7faf5bd6bdaa214e62d461 Mon Sep 17 00:00:00 2001 From: Yanis Sellami Date: Mon, 8 Jun 2015 10:57:05 +0200 Subject: [PATCH 163/297] Bug 1118372 - Properly apply volume in WaveShaperNodeEngine. r=padenot --- dom/media/webaudio/WaveShaperNode.cpp | 4 +- dom/media/webaudio/test/mochitest.ini | 1 + dom/media/webaudio/test/test_bug1118372.html | 46 ++++++++++++++++++++ 3 files changed, 50 insertions(+), 1 deletion(-) create mode 100644 dom/media/webaudio/test/test_bug1118372.html diff --git a/dom/media/webaudio/WaveShaperNode.cpp b/dom/media/webaudio/WaveShaperNode.cpp index 5be59510073..29846ee37bd 100644 --- a/dom/media/webaudio/WaveShaperNode.cpp +++ b/dom/media/webaudio/WaveShaperNode.cpp @@ -229,7 +229,9 @@ public: AllocateAudioBlock(channelCount, aOutput); for (uint32_t i = 0; i < channelCount; ++i) { - const float* inputBuffer = static_cast(aInput.mChannelData[i]); + float* scaledSample = (float *)(aInput.mChannelData[i]); + AudioBlockInPlaceScale(scaledSample, aInput.mVolume); + const float* inputBuffer = static_cast(scaledSample); float* outputBuffer = const_cast (static_cast(aOutput->mChannelData[i])); float* sampleBuffer; diff --git a/dom/media/webaudio/test/mochitest.ini b/dom/media/webaudio/test/mochitest.ini index db6b26ffa14..94a90e7a6ab 100644 --- a/dom/media/webaudio/test/mochitest.ini +++ b/dom/media/webaudio/test/mochitest.ini @@ -84,6 +84,7 @@ tags=capturestream tags=capturestream [test_bug972678.html] [test_bug1056032.html] +[test_bug1118372.html] skip-if = toolkit == 'android' # bug 1056706 [test_channelMergerNode.html] [test_channelMergerNodeWithVolume.html] diff --git a/dom/media/webaudio/test/test_bug1118372.html b/dom/media/webaudio/test/test_bug1118372.html new file mode 100644 index 00000000000..ca3fc6b0df2 --- /dev/null +++ b/dom/media/webaudio/test/test_bug1118372.html @@ -0,0 +1,46 @@ + + + + Test WaveShaperNode with no curve + + + + + +
+
+
+ + From b7c437d1694f143c69230e0bfd583b30b334937f Mon Sep 17 00:00:00 2001 From: Francois Marier Date: Thu, 11 Jun 2015 21:48:17 +1200 Subject: [PATCH 164/297] Bug 1157081 - Make tracking protection work when malware and phishing protections are disabled. r=sworkman --- .../nsUrlClassifierDBService.cpp | 2 +- .../url-classifier/tests/mochitest/chrome.ini | 1 + .../test_trackingprotection_bug1157081.html | 138 ++++++++++++++++++ 3 files changed, 140 insertions(+), 1 deletion(-) create mode 100644 toolkit/components/url-classifier/tests/mochitest/test_trackingprotection_bug1157081.html diff --git a/toolkit/components/url-classifier/nsUrlClassifierDBService.cpp b/toolkit/components/url-classifier/nsUrlClassifierDBService.cpp index cd29cec81ad..652e45d8596 100644 --- a/toolkit/components/url-classifier/nsUrlClassifierDBService.cpp +++ b/toolkit/components/url-classifier/nsUrlClassifierDBService.cpp @@ -1205,7 +1205,7 @@ nsUrlClassifierDBService::Classify(nsIPrincipal* aPrincipal, NS_ENSURE_ARG(aPrincipal); NS_ENSURE_TRUE(gDbBackgroundThread, NS_ERROR_NOT_INITIALIZED); - if (!(mCheckMalware || mCheckPhishing)) { + if (!(mCheckMalware || mCheckPhishing || aTrackingProtectionEnabled)) { *result = false; return NS_OK; } diff --git a/toolkit/components/url-classifier/tests/mochitest/chrome.ini b/toolkit/components/url-classifier/tests/mochitest/chrome.ini index b6863635783..eca0beebfae 100644 --- a/toolkit/components/url-classifier/tests/mochitest/chrome.ini +++ b/toolkit/components/url-classifier/tests/mochitest/chrome.ini @@ -9,3 +9,4 @@ support-files = [test_classified_annotations.html] [test_allowlisted_annotations.html] [test_privatebrowsing_trackingprotection.html] +[test_trackingprotection_bug1157081.html] diff --git a/toolkit/components/url-classifier/tests/mochitest/test_trackingprotection_bug1157081.html b/toolkit/components/url-classifier/tests/mochitest/test_trackingprotection_bug1157081.html new file mode 100644 index 00000000000..34309629040 --- /dev/null +++ b/toolkit/components/url-classifier/tests/mochitest/test_trackingprotection_bug1157081.html @@ -0,0 +1,138 @@ + + + + + Test Tracking Protection with and without Safe Browsing (Bug #1157081) + + + + + +

+ +
+
+
+
+
+ + + From 8975fe6bad1d471686c627c8c21c446d203a654b Mon Sep 17 00:00:00 2001 From: Jan Varga Date: Thu, 11 Jun 2015 11:49:51 +0200 Subject: [PATCH 165/297] Bug 1170746 - Getting mutable files over a cursor crashes the browser; r=bent --- dom/indexedDB/ActorsChild.cpp | 2 + dom/indexedDB/test/mochitest.ini | 3 + .../test/test_filehandle_iteration.html | 77 +++++++++++++++++++ 3 files changed, 82 insertions(+) create mode 100644 dom/indexedDB/test/test_filehandle_iteration.html diff --git a/dom/indexedDB/ActorsChild.cpp b/dom/indexedDB/ActorsChild.cpp index 008ed9e8e8a..1212f1914e7 100644 --- a/dom/indexedDB/ActorsChild.cpp +++ b/dom/indexedDB/ActorsChild.cpp @@ -2518,6 +2518,7 @@ BackgroundCursorChild::HandleResponse( auto& response = const_cast(aResponse); StructuredCloneReadInfo cloneReadInfo(Move(response.cloneInfo())); + cloneReadInfo.mDatabase = mTransaction->Database(); ConvertActorsToBlobs(mTransaction->Database(), response.cloneInfo(), @@ -2579,6 +2580,7 @@ BackgroundCursorChild::HandleResponse(const IndexCursorResponse& aResponse) auto& response = const_cast(aResponse); StructuredCloneReadInfo cloneReadInfo(Move(response.cloneInfo())); + cloneReadInfo.mDatabase = mTransaction->Database(); ConvertActorsToBlobs(mTransaction->Database(), aResponse.cloneInfo(), diff --git a/dom/indexedDB/test/mochitest.ini b/dom/indexedDB/test/mochitest.ini index 0e2444dc614..1ee7325bdf4 100644 --- a/dom/indexedDB/test/mochitest.ini +++ b/dom/indexedDB/test/mochitest.ini @@ -196,6 +196,9 @@ skip-if = buildapp == 'b2g' || buildapp == 'mulet' || e10s [test_filehandle_getFile.html] # FileHandle is not supported in child processes. skip-if = buildapp == 'b2g' || buildapp == 'mulet' || e10s +[test_filehandle_iteration.html] +# FileHandle is not supported in child processes. +skip-if = buildapp == 'b2g' || buildapp == 'mulet' || e10s [test_filehandle_lifetimes.html] # FileHandle is not supported in child processes. skip-if = buildapp == 'b2g' || buildapp == 'mulet' || e10s diff --git a/dom/indexedDB/test/test_filehandle_iteration.html b/dom/indexedDB/test/test_filehandle_iteration.html new file mode 100644 index 00000000000..ebbc8b8beff --- /dev/null +++ b/dom/indexedDB/test/test_filehandle_iteration.html @@ -0,0 +1,77 @@ + + + + Indexed Database Property Test + + + + + + + + + + + + From 9dcb5f7db61e9cb3df78057517fa95e8f90dcfd2 Mon Sep 17 00:00:00 2001 From: Masayuki Nakano Date: Thu, 11 Jun 2015 19:50:15 +0900 Subject: [PATCH 166/297] Bug 1130937 part.1 nsGtkIMModule should cache selection r=m_kato --- widget/gtk/nsGtkIMModule.cpp | 193 +++++++++++++++++++++++------------ widget/gtk/nsGtkIMModule.h | 44 +++++++- widget/gtk/nsWindow.cpp | 2 +- 3 files changed, 171 insertions(+), 68 deletions(-) diff --git a/widget/gtk/nsGtkIMModule.cpp b/widget/gtk/nsGtkIMModule.cpp index 827e60a5f73..1b9021db71c 100644 --- a/widget/gtk/nsGtkIMModule.cpp +++ b/widget/gtk/nsGtkIMModule.cpp @@ -75,8 +75,30 @@ GetEventType(GdkEventKey* aKeyEvent) } } +class GetWritingModeName : public nsAutoCString +{ +public: + explicit GetWritingModeName(const WritingMode& aWritingMode) + { + if (!aWritingMode.IsVertical()) { + AssignLiteral("Horizontal"); + return; + } + if (aWritingMode.IsVerticalLR()) { + AssignLiteral("Vertical (LTR)"); + return; + } + AssignLiteral("Vertical (RTL)"); + } + virtual ~GetWritingModeName() {} +}; + const static bool kUseSimpleContextDefault = MOZ_WIDGET_GTK == 2; +/****************************************************************************** + * nsGtkIMModule + ******************************************************************************/ + nsGtkIMModule* nsGtkIMModule::sLastFocusedModule = nullptr; bool nsGtkIMModule::sUseSimpleContext; @@ -418,6 +440,7 @@ nsGtkIMModule::OnFocusChangeInGecko(bool aFocus) // We shouldn't carry over the removed string to another editor. mSelectedString.Truncate(); + mSelection.Clear(); } void @@ -714,8 +737,11 @@ nsGtkIMModule::Blur() } void -nsGtkIMModule::OnSelectionChange(nsWindow* aCaller) +nsGtkIMModule::OnSelectionChange(nsWindow* aCaller, + const IMENotification& aIMENotification) { + mSelection.Assign(aIMENotification); + if (MOZ_UNLIKELY(IsDestroyed())) { return; } @@ -739,42 +765,13 @@ nsGtkIMModule::OnSelectionChange(nsWindow* aCaller) // event handler. So, we're dispatching NS_COMPOSITION_START, // we should ignore selection change notification. if (mCompositionState == eCompositionState_CompositionStartDispatched) { - nsCOMPtr focusedWindow(mLastFocusedWindow); - nsEventStatus status; - WidgetQueryContentEvent selection(true, NS_QUERY_SELECTED_TEXT, - focusedWindow); - InitEvent(selection); - mLastFocusedWindow->DispatchEvent(&selection, status); - - bool cannotContinueComposition = false; - if (MOZ_UNLIKELY(IsDestroyed())) { - MOZ_LOG(gGtkIMLog, LogLevel::Info, - (" ERROR: nsGtkIMModule instance is destroyed during " - "querying selection offset")); - return; - } else if (NS_WARN_IF(!selection.mSucceeded)) { - cannotContinueComposition = true; - MOZ_LOG(gGtkIMLog, LogLevel::Info, - (" ERROR: failed to retrieve new caret offset")); - } else if (selection.mReply.mOffset == UINT32_MAX) { - cannotContinueComposition = true; + if (NS_WARN_IF(!mSelection.IsValid())) { MOZ_LOG(gGtkIMLog, LogLevel::Info, (" ERROR: new offset is too large, cannot keep composing")); - } else if (!mLastFocusedWindow || focusedWindow != mLastFocusedWindow) { - cannotContinueComposition = true; - MOZ_LOG(gGtkIMLog, LogLevel::Info, - (" ERROR: focus is changed during querying selection " - "offset")); - } else if (focusedWindow->Destroyed()) { - cannotContinueComposition = true; - MOZ_LOG(gGtkIMLog, LogLevel::Info, - (" ERROR: focused window started to be being destroyed " - "during querying selection offset")); - } - - if (!cannotContinueComposition) { + } else { // Modify the selection start offset with new offset. - mCompositionStart = selection.mReply.mOffset; + mCompositionStart = mSelection.mOffset; + // XXX We should modify mSelectedString? But how? MOZ_LOG(gGtkIMLog, LogLevel::Info, (" NOTE: mCompositionStart is updated to %u, " "the selection change doesn't cause resetting IM context", @@ -1082,13 +1079,7 @@ nsGtkIMModule::DispatchCompositionStart(GtkIMContext* aContext) return false; } - nsEventStatus status; - WidgetQueryContentEvent selection(true, NS_QUERY_SELECTED_TEXT, - mLastFocusedWindow); - InitEvent(selection); - mLastFocusedWindow->DispatchEvent(&selection, status); - - if (!selection.mSucceeded || selection.mReply.mOffset == UINT32_MAX) { + if (NS_WARN_IF(!EnsureToCacheSelection())) { MOZ_LOG(gGtkIMLog, LogLevel::Info, (" FAILED, cannot query the selection offset")); return false; @@ -1098,7 +1089,7 @@ nsGtkIMModule::DispatchCompositionStart(GtkIMContext* aContext) // even though we strongly hope it doesn't happen. // Every composition event should have the start offset for the result // because it may high cost if we query the offset every time. - mCompositionStart = selection.mReply.mOffset; + mCompositionStart = mSelection.mOffset; mDispatchedCompositionString.Truncate(); if (mProcessingKeyEvent && !mKeyDownEventWasSent && @@ -1126,6 +1117,7 @@ nsGtkIMModule::DispatchCompositionStart(GtkIMContext* aContext) mLastFocusedWindow); InitEvent(compEvent); nsCOMPtr kungFuDeathGrip = mLastFocusedWindow; + nsEventStatus status; mLastFocusedWindow->DispatchEvent(&compEvent, status); if (static_cast(kungFuDeathGrip.get())->IsDestroyed() || kungFuDeathGrip != mLastFocusedWindow) { @@ -1167,15 +1159,12 @@ nsGtkIMModule::DispatchCompositionChangeEvent( // Store the selected string which will be removed by following // compositionchange event. if (mCompositionState == eCompositionState_CompositionStartDispatched) { - // XXX We should assume, for now, any web applications don't change - // selection at handling this compositionchange event. - WidgetQueryContentEvent querySelectedTextEvent(true, - NS_QUERY_SELECTED_TEXT, - mLastFocusedWindow); - mLastFocusedWindow->DispatchEvent(&querySelectedTextEvent, status); - if (querySelectedTextEvent.mSucceeded) { - mSelectedString = querySelectedTextEvent.mReply.mString; - mCompositionStart = querySelectedTextEvent.mReply.mOffset; + if (NS_WARN_IF(!EnsureToCacheSelection(&mSelectedString))) { + // XXX How should we behave in this case?? + } else { + // XXX We should assume, for now, any web applications don't change + // selection at handling this compositionchange event. + mCompositionStart = mSelection.mOffset; } } @@ -1483,14 +1472,14 @@ nsGtkIMModule::GetCurrentParagraph(nsAString& aText, uint32_t& aCursorPos) // current selection. if (!EditorHasCompositionString()) { // Query cursor position & selection - WidgetQueryContentEvent querySelectedTextEvent(true, - NS_QUERY_SELECTED_TEXT, - mLastFocusedWindow); - mLastFocusedWindow->DispatchEvent(&querySelectedTextEvent, status); - NS_ENSURE_TRUE(querySelectedTextEvent.mSucceeded, NS_ERROR_FAILURE); + if (NS_WARN_IF(!EnsureToCacheSelection())) { + MOZ_LOG(gGtkIMLog, LogLevel::Info, + (" FAILED, due to no valid selection information")); + return NS_ERROR_FAILURE; + } - selOffset = querySelectedTextEvent.mReply.mOffset; - selLength = querySelectedTextEvent.mReply.mString.Length(); + selOffset = mSelection.mOffset; + selLength = mSelection.mLength; } MOZ_LOG(gGtkIMLog, LogLevel::Info, @@ -1588,14 +1577,12 @@ nsGtkIMModule::DeleteText(GtkIMContext* aContext, return NS_ERROR_FAILURE; } } else { - // Query cursor position & selection - WidgetQueryContentEvent querySelectedTextEvent(true, - NS_QUERY_SELECTED_TEXT, - mLastFocusedWindow); - lastFocusedWindow->DispatchEvent(&querySelectedTextEvent, status); - NS_ENSURE_TRUE(querySelectedTextEvent.mSucceeded, NS_ERROR_FAILURE); - - selOffset = querySelectedTextEvent.mReply.mOffset; + if (NS_WARN_IF(!EnsureToCacheSelection())) { + MOZ_LOG(gGtkIMLog, LogLevel::Info, + (" FAILED, due to no valid selection information")); + return NS_ERROR_FAILURE; + } + selOffset = mSelection.mOffset; } // Get all text contents of the focused editor @@ -1718,3 +1705,77 @@ nsGtkIMModule::InitEvent(WidgetGUIEvent& aEvent) { aEvent.time = PR_Now() / 1000; } + +bool +nsGtkIMModule::EnsureToCacheSelection(nsAString* aSelectedString) +{ + if (aSelectedString) { + aSelectedString->Truncate(); + } + + if (mSelection.IsValid() && + (!mSelection.Collapsed() || !aSelectedString)) { + return true; + } + + if (NS_WARN_IF(!mLastFocusedWindow)) { + MOZ_LOG(gGtkIMLog, LogLevel::Error, + ("GtkIMModule(%p): EnsureToCacheSelection(), FAILED, due to " + "no focused window", this)); + return false; + } + + nsEventStatus status; + WidgetQueryContentEvent selection(true, NS_QUERY_SELECTED_TEXT, + mLastFocusedWindow); + InitEvent(selection); + mLastFocusedWindow->DispatchEvent(&selection, status); + if (NS_WARN_IF(!selection.mSucceeded)) { + MOZ_LOG(gGtkIMLog, LogLevel::Error, + ("GtkIMModule(%p): EnsureToCacheSelection(), FAILED, due to " + "failure of query selection event", this)); + return false; + } + + mSelection.Assign(selection); + if (!mSelection.IsValid()) { + MOZ_LOG(gGtkIMLog, LogLevel::Error, + ("GtkIMModule(%p): EnsureToCacheSelection(), FAILED, due to " + "failure of query selection event (invalid result)", this)); + return false; + } + + if (!mSelection.Collapsed() && aSelectedString) { + aSelectedString->Assign(selection.mReply.mString); + } + + MOZ_LOG(gGtkIMLog, LogLevel::Debug, + ("GtkIMModule(%p): EnsureToCacheSelection(), Succeeded, mSelection=" + "{ mOffset=%u, mLength=%u, mWritingMode=%s }", + this, mSelection.mOffset, mSelection.mLength, + GetWritingModeName(mSelection.mWritingMode).get())); + return true; +} + +/****************************************************************************** + * nsGtkIMModule::Selection + ******************************************************************************/ + +void +nsGtkIMModule::Selection::Assign(const IMENotification& aIMENotification) +{ + MOZ_ASSERT(aIMENotification.mMessage == NOTIFY_IME_OF_SELECTION_CHANGE); + mOffset = aIMENotification.mSelectionChangeData.mOffset; + mLength = aIMENotification.mSelectionChangeData.mLength; + mWritingMode = aIMENotification.mSelectionChangeData.GetWritingMode(); +} + +void +nsGtkIMModule::Selection::Assign(const WidgetQueryContentEvent& aEvent) +{ + MOZ_ASSERT(aEvent.message == NS_QUERY_SELECTED_TEXT); + MOZ_ASSERT(aEvent.mSucceeded); + mOffset = aEvent.mReply.mOffset; + mLength = aEvent.mReply.mString.Length(); + mWritingMode = aEvent.GetWritingMode(); +} diff --git a/widget/gtk/nsGtkIMModule.h b/widget/gtk/nsGtkIMModule.h index edf4bd28b6d..fcb190d7701 100644 --- a/widget/gtk/nsGtkIMModule.h +++ b/widget/gtk/nsGtkIMModule.h @@ -16,13 +16,16 @@ #include "nsCOMPtr.h" #include "nsTArray.h" #include "nsIWidget.h" +#include "mozilla/CheckedInt.h" #include "mozilla/EventForwards.h" +#include "WritingModes.h" class nsWindow; class nsGtkIMModule { protected: + typedef mozilla::widget::IMENotification IMENotification; typedef mozilla::widget::InputContext InputContext; typedef mozilla::widget::InputContextAction InputContextAction; @@ -48,7 +51,8 @@ public: void OnFocusChangeInGecko(bool aFocus); // OnSelectionChange is a notification that selection (caret) is changed // in the focused editor. - void OnSelectionChange(nsWindow* aCaller); + void OnSelectionChange(nsWindow* aCaller, + const IMENotification& aIMENotification); // OnKeyEvent is called when aWindow gets a native key press event or a // native key release event. If this returns TRUE, the key event was @@ -177,6 +181,44 @@ protected: } } + struct Selection final + { + uint32_t mOffset; + uint32_t mLength; + WritingMode mWritingMode; + + Selection() + : mOffset(UINT32_MAX) + , mLength(UINT32_MAX) + { + } + + void Clear() + { + mOffset = UINT32_MAX; + mLength = UINT32_MAX; + mWritingMode = WritingMode(); + } + + void Assign(const IMENotification& aIMENotification); + void Assign(const WidgetQueryContentEvent& aSelectedTextEvent); + + bool IsValid() const { return mOffset != UINT32_MAX; } + bool Collapsed() const { return !mLength; } + uint32_t EndOffset() const + { + if (NS_WARN_IF(!IsValid())) { + return UINT32_MAX; + } + CheckedInt endOffset = + CheckedInt(mOffset) + mLength; + if (NS_WARN_IF(!endOffset.isValid())) { + return UINT32_MAX; + } + return endOffset.value(); + } + } mSelection; + bool EnsureToCacheSelection(nsAString* aSelectedString = nullptr); // mIsIMFocused is set to TRUE when we call gtk_im_context_focus_in(). And // it's set to FALSE when we call gtk_im_context_focus_out(). diff --git a/widget/gtk/nsWindow.cpp b/widget/gtk/nsWindow.cpp index c65271cf57b..2ed218f647b 100644 --- a/widget/gtk/nsWindow.cpp +++ b/widget/gtk/nsWindow.cpp @@ -5955,7 +5955,7 @@ nsWindow::NotifyIMEInternal(const IMENotification& aIMENotification) mIMModule->OnUpdateComposition(); return NS_OK; case NOTIFY_IME_OF_SELECTION_CHANGE: - mIMModule->OnSelectionChange(this); + mIMModule->OnSelectionChange(this, aIMENotification); return NS_OK; default: return NS_ERROR_NOT_IMPLEMENTED; From a5b8131fd7322ee721c9d86e818f5e1f2e5d129e Mon Sep 17 00:00:00 2001 From: Masayuki Nakano Date: Thu, 11 Jun 2015 19:50:15 +0900 Subject: [PATCH 167/297] Bug 1130937 part.2 nsGtkIMModule should set candidiate window position to bottom left of the target clause in vertical writing mode r=m_kato --- widget/TextEvents.h | 9 +++++++++ widget/TextRange.h | 32 ++++++++++++++++++++--------- widget/gtk/nsGtkIMModule.cpp | 39 +++++++++++++++++++++++++----------- widget/gtk/nsGtkIMModule.h | 30 ++++++++++++++++++++------- 4 files changed, 82 insertions(+), 28 deletions(-) diff --git a/widget/TextEvents.h b/widget/TextEvents.h index 44fc72379ba..2ffbee55416 100644 --- a/widget/TextEvents.h +++ b/widget/TextEvents.h @@ -410,6 +410,15 @@ public: return mRanges ? mRanges->TargetClauseOffset() : 0; } + uint32_t TargetClauseLength() const + { + uint32_t length = UINT32_MAX; + if (mRanges) { + length = mRanges->TargetClauseLength(); + } + return length == UINT32_MAX ? mData.Length() : length; + } + uint32_t RangeCount() const { return mRanges ? mRanges->Length() : 0; diff --git a/widget/TextRange.h b/widget/TextRange.h index b492ad9f009..36abbf09dca 100644 --- a/widget/TextRange.h +++ b/widget/TextRange.h @@ -195,6 +195,18 @@ class TextRangeArray final : public nsAutoTArray NS_INLINE_DECL_REFCOUNTING(TextRangeArray) + const TextRange* GetTargetClause() const + { + for (uint32_t i = 0; i < Length(); ++i) { + const TextRange& range = ElementAt(i); + if (range.mRangeType == NS_TEXTRANGE_SELECTEDRAWTEXT || + range.mRangeType == NS_TEXTRANGE_SELECTEDCONVERTEDTEXT) { + return ⦥ + } + } + return nullptr; + } + public: bool IsComposing() const { @@ -206,18 +218,20 @@ public: return false; } - // Returns target clase offset. If there are selected clauses, this returns + // Returns target clause offset. If there are selected clauses, this returns // the first selected clause offset. Otherwise, 0. uint32_t TargetClauseOffset() const { - for (uint32_t i = 0; i < Length(); ++i) { - const TextRange& range = ElementAt(i); - if (range.mRangeType == NS_TEXTRANGE_SELECTEDRAWTEXT || - range.mRangeType == NS_TEXTRANGE_SELECTEDCONVERTEDTEXT) { - return range.mStartOffset; - } - } - return 0; + const TextRange* range = GetTargetClause(); + return range ? range->mStartOffset : 0; + } + + // Returns target clause length. If there are selected clauses, this returns + // the first selected clause length. Otherwise, UINT32_MAX. + uint32_t TargetClauseLength() const + { + const TextRange* range = GetTargetClause(); + return range ? range->Length() : UINT32_MAX; } bool Equals(const TextRangeArray& aOther) const diff --git a/widget/gtk/nsGtkIMModule.cpp b/widget/gtk/nsGtkIMModule.cpp index 1b9021db71c..19484e27c48 100644 --- a/widget/gtk/nsGtkIMModule.cpp +++ b/widget/gtk/nsGtkIMModule.cpp @@ -14,6 +14,7 @@ #include "mozilla/MiscEvents.h" #include "mozilla/Preferences.h" #include "mozilla/TextEvents.h" +#include "WritingModes.h" using namespace mozilla; using namespace mozilla::widget; @@ -111,7 +112,6 @@ nsGtkIMModule::nsGtkIMModule(nsWindow* aOwnerWindow) , mComposingContext(nullptr) , mCompositionStart(UINT32_MAX) , mProcessingKeyEvent(nullptr) - , mCompositionTargetOffset(UINT32_MAX) , mCompositionState(eCompositionState_NotComposing) , mIsIMFocused(false) , mIsDeletingSurrounding(false) @@ -535,7 +535,7 @@ nsGtkIMModule::OnUpdateComposition() return; } - SetCursorPosition(GetActiveContext(), mCompositionTargetOffset); + SetCursorPosition(GetActiveContext()); } void @@ -819,7 +819,8 @@ nsGtkIMModule::OnStartCompositionNative(GtkIMContext *aContext) if (!DispatchCompositionStart(aContext)) { return; } - mCompositionTargetOffset = mCompositionStart; + mCompositionTargetRange.mOffset = mCompositionStart; + mCompositionTargetRange.mLength = 0; } /* static */ @@ -1195,7 +1196,9 @@ nsGtkIMModule::DispatchCompositionChangeEvent( // We cannot call SetCursorPosition for e10s-aware. // DispatchEvent is async on e10s, so composition rect isn't updated now // on tab parent. - mCompositionTargetOffset = targetOffset; + mCompositionTargetRange.mOffset = targetOffset; + mCompositionTargetRange.mLength = + compositionChangeEvent.mRanges->TargetClauseLength(); return true; } @@ -1238,7 +1241,7 @@ nsGtkIMModule::DispatchCompositionCommitEvent( NS_COMPOSITION_COMMIT_AS_IS; mCompositionState = eCompositionState_NotComposing; mCompositionStart = UINT32_MAX; - mCompositionTargetOffset = UINT32_MAX; + mCompositionTargetRange.Clear(); mDispatchedCompositionString.Truncate(); WidgetCompositionEvent compositionCommitEvent(true, message, @@ -1393,16 +1396,19 @@ nsGtkIMModule::CreateTextRangeArray(GtkIMContext* aContext, } void -nsGtkIMModule::SetCursorPosition(GtkIMContext* aContext, - uint32_t aTargetOffset) +nsGtkIMModule::SetCursorPosition(GtkIMContext* aContext) { MOZ_LOG(gGtkIMLog, LogLevel::Info, - ("GtkIMModule(%p): SetCursorPosition, aContext=%p, aTargetOffset=%u", - this, aContext, aTargetOffset)); + ("GtkIMModule(%p): SetCursorPosition, aContext=%p, " + "mCompositionTargetRange={ mOffset=%u, mLength=%u }" + "mSelection.mWritingMode=%s", + this, aContext, mCompositionTargetRange.mOffset, + mCompositionTargetRange.mLength, + GetWritingModeName(mSelection.mWritingMode).get())); - if (aTargetOffset == UINT32_MAX) { + if (!mCompositionTargetRange.IsValid()) { MOZ_LOG(gGtkIMLog, LogLevel::Info, - (" FAILED, aTargetOffset is wrong offset")); + (" FAILED, mCompositionTargetRange is invalid")); return; } @@ -1420,7 +1426,15 @@ nsGtkIMModule::SetCursorPosition(GtkIMContext* aContext, WidgetQueryContentEvent charRect(true, NS_QUERY_TEXT_RECT, mLastFocusedWindow); - charRect.InitForQueryTextRect(aTargetOffset, 1); + if (mSelection.mWritingMode.IsVertical()) { + // For preventing the candidate window to overlap the target clause, + // we should set fake (typically, very tall) caret rect. + uint32_t length = mCompositionTargetRange.mLength ? + mCompositionTargetRange.mLength : 1; + charRect.InitForQueryTextRect(mCompositionTargetRange.mOffset, length); + } else { + charRect.InitForQueryTextRect(mCompositionTargetRange.mOffset, 1); + } InitEvent(charRect); nsEventStatus status; mLastFocusedWindow->DispatchEvent(&charRect, status); @@ -1429,6 +1443,7 @@ nsGtkIMModule::SetCursorPosition(GtkIMContext* aContext, (" FAILED, NS_QUERY_TEXT_RECT was failed")); return; } + nsWindow* rootWindow = static_cast(mLastFocusedWindow->GetTopLevelWidget()); diff --git a/widget/gtk/nsGtkIMModule.h b/widget/gtk/nsGtkIMModule.h index fcb190d7701..c0ffc221589 100644 --- a/widget/gtk/nsGtkIMModule.h +++ b/widget/gtk/nsGtkIMModule.h @@ -125,8 +125,27 @@ protected: // event. GdkEventKey* mProcessingKeyEvent; - // current target offset of IME composition - uint32_t mCompositionTargetOffset; + struct Range + { + uint32_t mOffset; + uint32_t mLength; + + Range() + : mOffset(UINT32_MAX) + , mLength(UINT32_MAX) + { + } + + bool IsValid() const { return mOffset != UINT32_MAX; } + void Clear() + { + mOffset = UINT32_MAX; + mLength = UINT32_MAX; + } + }; + + // current target offset and length of IME composition + Range mCompositionTargetRange; // mCompositionState indicates current status of composition. enum eCompositionState { @@ -327,14 +346,11 @@ protected: const nsAString& aLastDispatchedData); /** - * Sets the offset's cursor position to IME. + * Move the candidate window with "fake" cursor position. * * @param aContext A GtkIMContext which is being handled. - * @param aTargetOffset Offset of a character which is anchor of - * a candidate window. This is offset in - * UTF-16 string. */ - void SetCursorPosition(GtkIMContext* aContext, uint32_t aTargetOffset); + void SetCursorPosition(GtkIMContext* aContext); // Queries the current selection offset of the window. uint32_t GetSelectionOffset(nsWindow* aWindow); From d0d418387f723c987b32ac0f4122df9e3ee28075 Mon Sep 17 00:00:00 2001 From: Masayuki Nakano Date: Thu, 11 Jun 2015 19:50:15 +0900 Subject: [PATCH 168/297] Bug 1130937 part.3 nsGtkIMModule should adjust candidate window position when layout is changed r=m_kato --- widget/gtk/nsGtkIMModule.cpp | 34 +++++++++++++++++++++++++--------- widget/gtk/nsGtkIMModule.h | 4 ++++ widget/gtk/nsWindow.cpp | 6 +++++- 3 files changed, 34 insertions(+), 10 deletions(-) diff --git a/widget/gtk/nsGtkIMModule.cpp b/widget/gtk/nsGtkIMModule.cpp index 19484e27c48..b80d273ef25 100644 --- a/widget/gtk/nsGtkIMModule.cpp +++ b/widget/gtk/nsGtkIMModule.cpp @@ -115,6 +115,7 @@ nsGtkIMModule::nsGtkIMModule(nsWindow* aOwnerWindow) , mCompositionState(eCompositionState_NotComposing) , mIsIMFocused(false) , mIsDeletingSurrounding(false) + , mLayoutChanged(false) { if (!gGtkIMLog) { gGtkIMLog = PR_NewLogModule("nsGtkIMModuleWidgets"); @@ -529,13 +530,28 @@ nsGtkIMModule::EndIMEComposition(nsWindow* aCaller) } void -nsGtkIMModule::OnUpdateComposition() +nsGtkIMModule::OnLayoutChange() { if (MOZ_UNLIKELY(IsDestroyed())) { return; } SetCursorPosition(GetActiveContext()); + mLayoutChanged = true; +} + +void +nsGtkIMModule::OnUpdateComposition() +{ + if (MOZ_UNLIKELY(IsDestroyed())) { + return; + } + + // If we've already set candidate window position, we don't need to update + // the position with update composition notification. + if (!mLayoutChanged) { + SetCursorPosition(GetActiveContext()); + } } void @@ -1184,6 +1200,14 @@ nsGtkIMModule::DispatchCompositionChangeEvent( mCompositionState = eCompositionState_CompositionChangeEventDispatched; + // We cannot call SetCursorPosition for e10s-aware. + // DispatchEvent is async on e10s, so composition rect isn't updated now + // on tab parent. + mLayoutChanged = false; + mCompositionTargetRange.mOffset = targetOffset; + mCompositionTargetRange.mLength = + compositionChangeEvent.mRanges->TargetClauseLength(); + mLastFocusedWindow->DispatchEvent(&compositionChangeEvent, status); if (lastFocusedWindow->IsDestroyed() || lastFocusedWindow != mLastFocusedWindow) { @@ -1192,14 +1216,6 @@ nsGtkIMModule::DispatchCompositionChangeEvent( "compositionchange event")); return false; } - - // We cannot call SetCursorPosition for e10s-aware. - // DispatchEvent is async on e10s, so composition rect isn't updated now - // on tab parent. - mCompositionTargetRange.mOffset = targetOffset; - mCompositionTargetRange.mLength = - compositionChangeEvent.mRanges->TargetClauseLength(); - return true; } diff --git a/widget/gtk/nsGtkIMModule.h b/widget/gtk/nsGtkIMModule.h index c0ffc221589..960c3460db2 100644 --- a/widget/gtk/nsGtkIMModule.h +++ b/widget/gtk/nsGtkIMModule.h @@ -69,6 +69,7 @@ public: const InputContextAction* aAction); InputContext GetInputContext(); void OnUpdateComposition(); + void OnLayoutChange(); protected: ~nsGtkIMModule(); @@ -255,6 +256,9 @@ protected: // mIsDeletingSurrounding is true while OnDeleteSurroundingNative() is // trying to delete the surrounding text. bool mIsDeletingSurrounding; + // mLayoutChanged is true after OnLayoutChange() is called. This is reset + // when NS_COMPOSITION_CHANGE is being dispatched. + bool mLayoutChanged; // sLastFocusedModule is a pointer to the last focused instance of this // class. When a instance is destroyed and sLastFocusedModule refers it, diff --git a/widget/gtk/nsWindow.cpp b/widget/gtk/nsWindow.cpp index 2ed218f647b..149bd4d0558 100644 --- a/widget/gtk/nsWindow.cpp +++ b/widget/gtk/nsWindow.cpp @@ -5951,6 +5951,9 @@ nsWindow::NotifyIMEInternal(const IMENotification& aIMENotification) case NOTIFY_IME_OF_BLUR: mIMModule->OnFocusChangeInGecko(false); return NS_OK; + case NOTIFY_IME_OF_POSITION_CHANGE: + mIMModule->OnLayoutChange(); + return NS_OK; case NOTIFY_IME_OF_COMPOSITION_UPDATE: mIMModule->OnUpdateComposition(); return NS_OK; @@ -5994,7 +5997,8 @@ nsIMEUpdatePreference nsWindow::GetIMEUpdatePreference() { nsIMEUpdatePreference updatePreference( - nsIMEUpdatePreference::NOTIFY_SELECTION_CHANGE); + nsIMEUpdatePreference::NOTIFY_SELECTION_CHANGE | + nsIMEUpdatePreference::NOTIFY_POSITION_CHANGE); // We shouldn't notify IME of selection change caused by changes of // composition string. Therefore, we don't need to be notified selection // changes which are caused by compositionchange events handled. From a45549362d582c39ded2bbff2ed871abfa5ddd04 Mon Sep 17 00:00:00 2001 From: Jacek Caban Date: Thu, 11 Jun 2015 13:12:11 +0200 Subject: [PATCH 169/297] Bug 1151318 - Fixed wchar_t/char16_t mismatch on mingw. --- dom/plugins/ipc/PluginInstanceChild.cpp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dom/plugins/ipc/PluginInstanceChild.cpp b/dom/plugins/ipc/PluginInstanceChild.cpp index 38cd1264e93..36bf4c048c7 100644 --- a/dom/plugins/ipc/PluginInstanceChild.cpp +++ b/dom/plugins/ipc/PluginInstanceChild.cpp @@ -1768,7 +1768,7 @@ PluginInstanceChild::SetCaptureHook(HWND aHwnd) wchar_t className[256] = {0}; int numChars = GetClassNameW(aHwnd, className, ArrayLength(className)); NS_NAMED_LITERAL_STRING(unityClassName, "Unity.WebPlayer"); - if (numChars == unityClassName.Length() && unityClassName == className) { + if (numChars == unityClassName.Length() && unityClassName == wwc(className)) { sSetCaptureHookData = new SetCaptureHookData(aHwnd); } return sUser32SetCaptureHookStub(aHwnd); From 4d57a5909ca4369c61ca3856b4d16d5dc872e906 Mon Sep 17 00:00:00 2001 From: Mike Perry Date: Wed, 10 Jun 2015 14:14:00 +0200 Subject: [PATCH 170/297] Bug 629558 - Pref to make Intermediate Cert Store memory-only. r=keeler --- security/manager/ssl/nsNSSComponent.cpp | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/security/manager/ssl/nsNSSComponent.cpp b/security/manager/ssl/nsNSSComponent.cpp index 977c810d9a1..4625002a946 100644 --- a/security/manager/ssl/nsNSSComponent.cpp +++ b/security/manager/ssl/nsNSSComponent.cpp @@ -1016,9 +1016,11 @@ nsNSSComponent::InitializeNSS() } SECStatus init_rv = SECFailure; - if (!profileStr.IsEmpty()) { + bool nocertdb = Preferences::GetBool("security.nocertdb", false); + + if (!nocertdb && !profileStr.IsEmpty()) { // First try to initialize the NSS DB in read/write mode. - SECStatus init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), false); + init_rv = ::mozilla::psm::InitializeNSS(profileStr.get(), false); // If that fails, attempt read-only mode. if (init_rv != SECSuccess) { MOZ_LOG(gPIPNSSLog, LogLevel::Debug, ("could not init NSS r/w in %s\n", profileStr.get())); @@ -1029,9 +1031,9 @@ nsNSSComponent::InitializeNSS() } } // If we haven't succeeded in initializing the DB in our profile - // directory or we don't have a profile at all, attempt to initialize - // with no DB. - if (init_rv != SECSuccess) { + // directory or we don't have a profile at all, or the "security.nocertdb" + // pref has been set to "true", attempt to initialize with no DB. + if (nocertdb || init_rv != SECSuccess) { init_rv = NSS_NoDB_Init(nullptr); } if (init_rv != SECSuccess) { From f1d2214a0b54ea6475a59adeec4f68501e0ec897 Mon Sep 17 00:00:00 2001 From: Cykesiopka Date: Wed, 10 Jun 2015 22:50:00 +0200 Subject: [PATCH 171/297] Bug 1171819 - Convert test_cert_eku-*.js to generate certificates at build time. r=keeler --- security/manager/ssl/tests/unit/moz.build | 1 + security/manager/ssl/tests/unit/pycert.py | 10 +- .../ssl/tests/unit/test_cert_eku-CA.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku-CA_EP.js | 284 +++++---- .../unit/test_cert_eku-CA_EP_NS_OS_SA_TS.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku-CA_NS.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku-CA_OS.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku-CA_SA.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku-CA_TS.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku-EP.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku-EP_NS.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku-EP_OS.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku-EP_SA.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku-EP_TS.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku-NONE.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku-NS.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku-NS_OS.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku-NS_SA.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku-NS_TS.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku-OS.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku-OS_SA.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku-OS_TS.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku-SA.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku-SA_TS.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku-TS.js | 284 +++++---- .../ssl/tests/unit/test_cert_eku/ca.der | Bin 684 -> 0 bytes .../tests/unit/test_cert_eku/ca.pem.certspec | 3 + .../test_cert_eku/ee-EKU-CA-int-EKU-CA.der | Bin 744 -> 0 bytes .../ee-EKU-CA-int-EKU-CA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA-int-EKU-CA_EP.der | Bin 750 -> 0 bytes .../ee-EKU-CA-int-EKU-CA_EP.pem.certspec | 5 + .../ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 774 -> 0 bytes ...-CA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA-int-EKU-CA_NS.der | Bin 750 -> 0 bytes .../ee-EKU-CA-int-EKU-CA_NS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA-int-EKU-CA_OS.der | Bin 750 -> 0 bytes .../ee-EKU-CA-int-EKU-CA_OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA-int-EKU-CA_SA.der | Bin 749 -> 0 bytes .../ee-EKU-CA-int-EKU-CA_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA-int-EKU-CA_TS.der | Bin 750 -> 0 bytes .../ee-EKU-CA-int-EKU-CA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA-int-EKU-EP.der | Bin 744 -> 0 bytes .../ee-EKU-CA-int-EKU-EP.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA-int-EKU-EP_NS.der | Bin 749 -> 0 bytes .../ee-EKU-CA-int-EKU-EP_NS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA-int-EKU-EP_OS.der | Bin 750 -> 0 bytes .../ee-EKU-CA-int-EKU-EP_OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA-int-EKU-EP_SA.der | Bin 749 -> 0 bytes .../ee-EKU-CA-int-EKU-EP_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA-int-EKU-EP_TS.der | Bin 750 -> 0 bytes .../ee-EKU-CA-int-EKU-EP_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA-int-EKU-NONE.der | Bin 748 -> 0 bytes .../ee-EKU-CA-int-EKU-NONE.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA-int-EKU-NS.der | Bin 744 -> 0 bytes .../ee-EKU-CA-int-EKU-NS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA-int-EKU-NS_OS.der | Bin 749 -> 0 bytes .../ee-EKU-CA-int-EKU-NS_OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA-int-EKU-NS_SA.der | Bin 750 -> 0 bytes .../ee-EKU-CA-int-EKU-NS_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA-int-EKU-NS_TS.der | Bin 749 -> 0 bytes .../ee-EKU-CA-int-EKU-NS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA-int-EKU-OS.der | Bin 744 -> 0 bytes .../ee-EKU-CA-int-EKU-OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA-int-EKU-OS_SA.der | Bin 750 -> 0 bytes .../ee-EKU-CA-int-EKU-OS_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA-int-EKU-OS_TS.der | Bin 750 -> 0 bytes .../ee-EKU-CA-int-EKU-OS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA-int-EKU-SA.der | Bin 744 -> 0 bytes .../ee-EKU-CA-int-EKU-SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA-int-EKU-SA_TS.der | Bin 750 -> 0 bytes .../ee-EKU-CA-int-EKU-SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA-int-EKU-TS.der | Bin 744 -> 0 bytes .../ee-EKU-CA-int-EKU-TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_EP-int-EKU-CA.der | Bin 757 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-CA.pem.certspec | 5 + .../ee-EKU-CA_EP-int-EKU-CA_EP.der | Bin 763 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-CA_EP.pem.certspec | 5 + ...ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 787 -> 0 bytes ..._EP-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../ee-EKU-CA_EP-int-EKU-CA_NS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-CA_NS.pem.certspec | 5 + .../ee-EKU-CA_EP-int-EKU-CA_OS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-CA_OS.pem.certspec | 5 + .../ee-EKU-CA_EP-int-EKU-CA_SA.der | Bin 762 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-CA_SA.pem.certspec | 5 + .../ee-EKU-CA_EP-int-EKU-CA_TS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-CA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_EP-int-EKU-EP.der | Bin 757 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-EP.pem.certspec | 5 + .../ee-EKU-CA_EP-int-EKU-EP_NS.der | Bin 762 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-EP_NS.pem.certspec | 5 + .../ee-EKU-CA_EP-int-EKU-EP_OS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-EP_OS.pem.certspec | 5 + .../ee-EKU-CA_EP-int-EKU-EP_SA.der | Bin 763 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-EP_SA.pem.certspec | 5 + .../ee-EKU-CA_EP-int-EKU-EP_TS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-EP_TS.pem.certspec | 5 + .../ee-EKU-CA_EP-int-EKU-NONE.der | Bin 761 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-NONE.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_EP-int-EKU-NS.der | Bin 757 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-NS.pem.certspec | 5 + .../ee-EKU-CA_EP-int-EKU-NS_OS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-NS_OS.pem.certspec | 5 + .../ee-EKU-CA_EP-int-EKU-NS_SA.der | Bin 762 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-NS_SA.pem.certspec | 5 + .../ee-EKU-CA_EP-int-EKU-NS_TS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-NS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_EP-int-EKU-OS.der | Bin 757 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-OS.pem.certspec | 5 + .../ee-EKU-CA_EP-int-EKU-OS_SA.der | Bin 763 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-OS_SA.pem.certspec | 5 + .../ee-EKU-CA_EP-int-EKU-OS_TS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-OS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_EP-int-EKU-SA.der | Bin 756 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-SA.pem.certspec | 5 + .../ee-EKU-CA_EP-int-EKU-SA_TS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_EP-int-EKU-TS.der | Bin 757 -> 0 bytes .../ee-EKU-CA_EP-int-EKU-TS.pem.certspec | 5 + .../ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA.der | Bin 810 -> 0 bytes ...-CA_EP_NS_OS_SA_TS-int-EKU-CA.pem.certspec | 5 + ...ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP.der | Bin 816 -> 0 bytes ..._EP_NS_OS_SA_TS-int-EKU-CA_EP.pem.certspec | 5 + ..._NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 839 -> 0 bytes ..._TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + ...ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS.der | Bin 815 -> 0 bytes ..._EP_NS_OS_SA_TS-int-EKU-CA_NS.pem.certspec | 5 + ...ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS.der | Bin 815 -> 0 bytes ..._EP_NS_OS_SA_TS-int-EKU-CA_OS.pem.certspec | 5 + ...ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA.der | Bin 816 -> 0 bytes ..._EP_NS_OS_SA_TS-int-EKU-CA_SA.pem.certspec | 5 + ...ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS.der | Bin 816 -> 0 bytes ..._EP_NS_OS_SA_TS-int-EKU-CA_TS.pem.certspec | 5 + .../ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP.der | Bin 810 -> 0 bytes ...-CA_EP_NS_OS_SA_TS-int-EKU-EP.pem.certspec | 5 + ...ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS.der | Bin 815 -> 0 bytes ..._EP_NS_OS_SA_TS-int-EKU-EP_NS.pem.certspec | 5 + ...ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.der | Bin 816 -> 0 bytes ..._EP_NS_OS_SA_TS-int-EKU-EP_OS.pem.certspec | 5 + ...ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA.der | Bin 816 -> 0 bytes ..._EP_NS_OS_SA_TS-int-EKU-EP_SA.pem.certspec | 5 + ...ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_TS.der | Bin 815 -> 0 bytes ..._EP_NS_OS_SA_TS-int-EKU-EP_TS.pem.certspec | 5 + .../ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE.der | Bin 814 -> 0 bytes ...A_EP_NS_OS_SA_TS-int-EKU-NONE.pem.certspec | 5 + .../ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS.der | Bin 810 -> 0 bytes ...-CA_EP_NS_OS_SA_TS-int-EKU-NS.pem.certspec | 5 + ...ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS.der | Bin 815 -> 0 bytes ..._EP_NS_OS_SA_TS-int-EKU-NS_OS.pem.certspec | 5 + ...ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_SA.der | Bin 815 -> 0 bytes ..._EP_NS_OS_SA_TS-int-EKU-NS_SA.pem.certspec | 5 + ...ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_TS.der | Bin 816 -> 0 bytes ..._EP_NS_OS_SA_TS-int-EKU-NS_TS.pem.certspec | 5 + .../ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS.der | Bin 810 -> 0 bytes ...-CA_EP_NS_OS_SA_TS-int-EKU-OS.pem.certspec | 5 + ...ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA.der | Bin 815 -> 0 bytes ..._EP_NS_OS_SA_TS-int-EKU-OS_SA.pem.certspec | 5 + ...ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS.der | Bin 815 -> 0 bytes ..._EP_NS_OS_SA_TS-int-EKU-OS_TS.pem.certspec | 5 + .../ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA.der | Bin 809 -> 0 bytes ...-CA_EP_NS_OS_SA_TS-int-EKU-SA.pem.certspec | 5 + ...ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA_TS.der | Bin 816 -> 0 bytes ..._EP_NS_OS_SA_TS-int-EKU-SA_TS.pem.certspec | 5 + .../ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-TS.der | Bin 810 -> 0 bytes ...-CA_EP_NS_OS_SA_TS-int-EKU-TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_NS-int-EKU-CA.der | Bin 758 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-CA.pem.certspec | 5 + .../ee-EKU-CA_NS-int-EKU-CA_EP.der | Bin 763 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-CA_EP.pem.certspec | 5 + ...ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 788 -> 0 bytes ..._NS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../ee-EKU-CA_NS-int-EKU-CA_NS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-CA_NS.pem.certspec | 5 + .../ee-EKU-CA_NS-int-EKU-CA_OS.der | Bin 764 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-CA_OS.pem.certspec | 5 + .../ee-EKU-CA_NS-int-EKU-CA_SA.der | Bin 764 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-CA_SA.pem.certspec | 5 + .../ee-EKU-CA_NS-int-EKU-CA_TS.der | Bin 764 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-CA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_NS-int-EKU-EP.der | Bin 758 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-EP.pem.certspec | 5 + .../ee-EKU-CA_NS-int-EKU-EP_NS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-EP_NS.pem.certspec | 5 + .../ee-EKU-CA_NS-int-EKU-EP_OS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-EP_OS.pem.certspec | 5 + .../ee-EKU-CA_NS-int-EKU-EP_SA.der | Bin 764 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-EP_SA.pem.certspec | 5 + .../ee-EKU-CA_NS-int-EKU-EP_TS.der | Bin 764 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-EP_TS.pem.certspec | 5 + .../ee-EKU-CA_NS-int-EKU-NONE.der | Bin 762 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-NONE.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_NS-int-EKU-NS.der | Bin 758 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-NS.pem.certspec | 5 + .../ee-EKU-CA_NS-int-EKU-NS_OS.der | Bin 764 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-NS_OS.pem.certspec | 5 + .../ee-EKU-CA_NS-int-EKU-NS_SA.der | Bin 764 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-NS_SA.pem.certspec | 5 + .../ee-EKU-CA_NS-int-EKU-NS_TS.der | Bin 764 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-NS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_NS-int-EKU-OS.der | Bin 758 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-OS.pem.certspec | 5 + .../ee-EKU-CA_NS-int-EKU-OS_SA.der | Bin 764 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-OS_SA.pem.certspec | 5 + .../ee-EKU-CA_NS-int-EKU-OS_TS.der | Bin 764 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-OS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_NS-int-EKU-SA.der | Bin 758 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-SA.pem.certspec | 5 + .../ee-EKU-CA_NS-int-EKU-SA_TS.der | Bin 764 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_NS-int-EKU-TS.der | Bin 758 -> 0 bytes .../ee-EKU-CA_NS-int-EKU-TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_OS-int-EKU-CA.der | Bin 757 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-CA.pem.certspec | 5 + .../ee-EKU-CA_OS-int-EKU-CA_EP.der | Bin 763 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-CA_EP.pem.certspec | 5 + ...ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 786 -> 0 bytes ..._OS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../ee-EKU-CA_OS-int-EKU-CA_NS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-CA_NS.pem.certspec | 5 + .../ee-EKU-CA_OS-int-EKU-CA_OS.der | Bin 762 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-CA_OS.pem.certspec | 5 + .../ee-EKU-CA_OS-int-EKU-CA_SA.der | Bin 762 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-CA_SA.pem.certspec | 5 + .../ee-EKU-CA_OS-int-EKU-CA_TS.der | Bin 762 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-CA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_OS-int-EKU-EP.der | Bin 756 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-EP.pem.certspec | 5 + .../ee-EKU-CA_OS-int-EKU-EP_NS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-EP_NS.pem.certspec | 5 + .../ee-EKU-CA_OS-int-EKU-EP_OS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-EP_OS.pem.certspec | 5 + .../ee-EKU-CA_OS-int-EKU-EP_SA.der | Bin 763 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-EP_SA.pem.certspec | 5 + .../ee-EKU-CA_OS-int-EKU-EP_TS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-EP_TS.pem.certspec | 5 + .../ee-EKU-CA_OS-int-EKU-NONE.der | Bin 761 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-NONE.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_OS-int-EKU-NS.der | Bin 757 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-NS.pem.certspec | 5 + .../ee-EKU-CA_OS-int-EKU-NS_OS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-NS_OS.pem.certspec | 5 + .../ee-EKU-CA_OS-int-EKU-NS_SA.der | Bin 763 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-NS_SA.pem.certspec | 5 + .../ee-EKU-CA_OS-int-EKU-NS_TS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-NS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_OS-int-EKU-OS.der | Bin 757 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-OS.pem.certspec | 5 + .../ee-EKU-CA_OS-int-EKU-OS_SA.der | Bin 763 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-OS_SA.pem.certspec | 5 + .../ee-EKU-CA_OS-int-EKU-OS_TS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-OS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_OS-int-EKU-SA.der | Bin 756 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-SA.pem.certspec | 5 + .../ee-EKU-CA_OS-int-EKU-SA_TS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_OS-int-EKU-TS.der | Bin 757 -> 0 bytes .../ee-EKU-CA_OS-int-EKU-TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_SA-int-EKU-CA.der | Bin 757 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-CA.pem.certspec | 5 + .../ee-EKU-CA_SA-int-EKU-CA_EP.der | Bin 763 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-CA_EP.pem.certspec | 5 + ...ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 787 -> 0 bytes ..._SA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../ee-EKU-CA_SA-int-EKU-CA_NS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-CA_NS.pem.certspec | 5 + .../ee-EKU-CA_SA-int-EKU-CA_OS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-CA_OS.pem.certspec | 5 + .../ee-EKU-CA_SA-int-EKU-CA_SA.der | Bin 763 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-CA_SA.pem.certspec | 5 + .../ee-EKU-CA_SA-int-EKU-CA_TS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-CA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_SA-int-EKU-EP.der | Bin 757 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-EP.pem.certspec | 5 + .../ee-EKU-CA_SA-int-EKU-EP_NS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-EP_NS.pem.certspec | 5 + .../ee-EKU-CA_SA-int-EKU-EP_OS.der | Bin 762 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-EP_OS.pem.certspec | 5 + .../ee-EKU-CA_SA-int-EKU-EP_SA.der | Bin 763 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-EP_SA.pem.certspec | 5 + .../ee-EKU-CA_SA-int-EKU-EP_TS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-EP_TS.pem.certspec | 5 + .../ee-EKU-CA_SA-int-EKU-NONE.der | Bin 761 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-NONE.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_SA-int-EKU-NS.der | Bin 757 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-NS.pem.certspec | 5 + .../ee-EKU-CA_SA-int-EKU-NS_OS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-NS_OS.pem.certspec | 5 + .../ee-EKU-CA_SA-int-EKU-NS_SA.der | Bin 763 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-NS_SA.pem.certspec | 5 + .../ee-EKU-CA_SA-int-EKU-NS_TS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-NS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_SA-int-EKU-OS.der | Bin 757 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-OS.pem.certspec | 5 + .../ee-EKU-CA_SA-int-EKU-OS_SA.der | Bin 763 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-OS_SA.pem.certspec | 5 + .../ee-EKU-CA_SA-int-EKU-OS_TS.der | Bin 762 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-OS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_SA-int-EKU-SA.der | Bin 757 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-SA.pem.certspec | 5 + .../ee-EKU-CA_SA-int-EKU-SA_TS.der | Bin 762 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_SA-int-EKU-TS.der | Bin 757 -> 0 bytes .../ee-EKU-CA_SA-int-EKU-TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_TS-int-EKU-CA.der | Bin 757 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-CA.pem.certspec | 5 + .../ee-EKU-CA_TS-int-EKU-CA_EP.der | Bin 763 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-CA_EP.pem.certspec | 5 + ...ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 787 -> 0 bytes ..._TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../ee-EKU-CA_TS-int-EKU-CA_NS.der | Bin 762 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-CA_NS.pem.certspec | 5 + .../ee-EKU-CA_TS-int-EKU-CA_OS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-CA_OS.pem.certspec | 5 + .../ee-EKU-CA_TS-int-EKU-CA_SA.der | Bin 762 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-CA_SA.pem.certspec | 5 + .../ee-EKU-CA_TS-int-EKU-CA_TS.der | Bin 762 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-CA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_TS-int-EKU-EP.der | Bin 756 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-EP.pem.certspec | 5 + .../ee-EKU-CA_TS-int-EKU-EP_NS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-EP_NS.pem.certspec | 5 + .../ee-EKU-CA_TS-int-EKU-EP_OS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-EP_OS.pem.certspec | 5 + .../ee-EKU-CA_TS-int-EKU-EP_SA.der | Bin 763 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-EP_SA.pem.certspec | 5 + .../ee-EKU-CA_TS-int-EKU-EP_TS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-EP_TS.pem.certspec | 5 + .../ee-EKU-CA_TS-int-EKU-NONE.der | Bin 761 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-NONE.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_TS-int-EKU-NS.der | Bin 757 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-NS.pem.certspec | 5 + .../ee-EKU-CA_TS-int-EKU-NS_OS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-NS_OS.pem.certspec | 5 + .../ee-EKU-CA_TS-int-EKU-NS_SA.der | Bin 762 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-NS_SA.pem.certspec | 5 + .../ee-EKU-CA_TS-int-EKU-NS_TS.der | Bin 763 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-NS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_TS-int-EKU-OS.der | Bin 757 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-OS.pem.certspec | 5 + .../ee-EKU-CA_TS-int-EKU-OS_SA.der | Bin 763 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-OS_SA.pem.certspec | 5 + .../ee-EKU-CA_TS-int-EKU-OS_TS.der | Bin 762 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-OS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_TS-int-EKU-SA.der | Bin 757 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-SA.pem.certspec | 5 + .../ee-EKU-CA_TS-int-EKU-SA_TS.der | Bin 762 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-CA_TS-int-EKU-TS.der | Bin 757 -> 0 bytes .../ee-EKU-CA_TS-int-EKU-TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-CA.der | Bin 744 -> 0 bytes .../ee-EKU-EP-int-EKU-CA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-CA_EP.der | Bin 750 -> 0 bytes .../ee-EKU-EP-int-EKU-CA_EP.pem.certspec | 5 + .../ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 774 -> 0 bytes ...-EP-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-CA_NS.der | Bin 750 -> 0 bytes .../ee-EKU-EP-int-EKU-CA_NS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-CA_OS.der | Bin 750 -> 0 bytes .../ee-EKU-EP-int-EKU-CA_OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-CA_SA.der | Bin 750 -> 0 bytes .../ee-EKU-EP-int-EKU-CA_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-CA_TS.der | Bin 749 -> 0 bytes .../ee-EKU-EP-int-EKU-CA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-EP.der | Bin 743 -> 0 bytes .../ee-EKU-EP-int-EKU-EP.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-EP_NS.der | Bin 750 -> 0 bytes .../ee-EKU-EP-int-EKU-EP_NS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-EP_OS.der | Bin 750 -> 0 bytes .../ee-EKU-EP-int-EKU-EP_OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-EP_SA.der | Bin 749 -> 0 bytes .../ee-EKU-EP-int-EKU-EP_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-EP_TS.der | Bin 750 -> 0 bytes .../ee-EKU-EP-int-EKU-EP_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-NONE.der | Bin 748 -> 0 bytes .../ee-EKU-EP-int-EKU-NONE.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-NS.der | Bin 744 -> 0 bytes .../ee-EKU-EP-int-EKU-NS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-NS_OS.der | Bin 750 -> 0 bytes .../ee-EKU-EP-int-EKU-NS_OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-NS_SA.der | Bin 750 -> 0 bytes .../ee-EKU-EP-int-EKU-NS_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-NS_TS.der | Bin 750 -> 0 bytes .../ee-EKU-EP-int-EKU-NS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-OS.der | Bin 744 -> 0 bytes .../ee-EKU-EP-int-EKU-OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-OS_SA.der | Bin 750 -> 0 bytes .../ee-EKU-EP-int-EKU-OS_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-OS_TS.der | Bin 749 -> 0 bytes .../ee-EKU-EP-int-EKU-OS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-SA.der | Bin 744 -> 0 bytes .../ee-EKU-EP-int-EKU-SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-SA_TS.der | Bin 749 -> 0 bytes .../ee-EKU-EP-int-EKU-SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP-int-EKU-TS.der | Bin 743 -> 0 bytes .../ee-EKU-EP-int-EKU-TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_NS-int-EKU-CA.der | Bin 758 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-CA.pem.certspec | 5 + .../ee-EKU-EP_NS-int-EKU-CA_EP.der | Bin 763 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-CA_EP.pem.certspec | 5 + ...ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 788 -> 0 bytes ..._NS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../ee-EKU-EP_NS-int-EKU-CA_NS.der | Bin 764 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-CA_NS.pem.certspec | 5 + .../ee-EKU-EP_NS-int-EKU-CA_OS.der | Bin 764 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-CA_OS.pem.certspec | 5 + .../ee-EKU-EP_NS-int-EKU-CA_SA.der | Bin 764 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-CA_SA.pem.certspec | 5 + .../ee-EKU-EP_NS-int-EKU-CA_TS.der | Bin 764 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-CA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_NS-int-EKU-EP.der | Bin 758 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-EP.pem.certspec | 5 + .../ee-EKU-EP_NS-int-EKU-EP_NS.der | Bin 764 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-EP_NS.pem.certspec | 5 + .../ee-EKU-EP_NS-int-EKU-EP_OS.der | Bin 764 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-EP_OS.pem.certspec | 5 + .../ee-EKU-EP_NS-int-EKU-EP_SA.der | Bin 764 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-EP_SA.pem.certspec | 5 + .../ee-EKU-EP_NS-int-EKU-EP_TS.der | Bin 764 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-EP_TS.pem.certspec | 5 + .../ee-EKU-EP_NS-int-EKU-NONE.der | Bin 762 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-NONE.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_NS-int-EKU-NS.der | Bin 758 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-NS.pem.certspec | 5 + .../ee-EKU-EP_NS-int-EKU-NS_OS.der | Bin 764 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-NS_OS.pem.certspec | 5 + .../ee-EKU-EP_NS-int-EKU-NS_SA.der | Bin 764 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-NS_SA.pem.certspec | 5 + .../ee-EKU-EP_NS-int-EKU-NS_TS.der | Bin 764 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-NS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_NS-int-EKU-OS.der | Bin 758 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-OS.pem.certspec | 5 + .../ee-EKU-EP_NS-int-EKU-OS_SA.der | Bin 764 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-OS_SA.pem.certspec | 5 + .../ee-EKU-EP_NS-int-EKU-OS_TS.der | Bin 764 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-OS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_NS-int-EKU-SA.der | Bin 757 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-SA.pem.certspec | 5 + .../ee-EKU-EP_NS-int-EKU-SA_TS.der | Bin 764 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_NS-int-EKU-TS.der | Bin 758 -> 0 bytes .../ee-EKU-EP_NS-int-EKU-TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_OS-int-EKU-CA.der | Bin 757 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-CA.pem.certspec | 5 + .../ee-EKU-EP_OS-int-EKU-CA_EP.der | Bin 763 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-CA_EP.pem.certspec | 5 + ...ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 787 -> 0 bytes ..._OS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../ee-EKU-EP_OS-int-EKU-CA_NS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-CA_NS.pem.certspec | 5 + .../ee-EKU-EP_OS-int-EKU-CA_OS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-CA_OS.pem.certspec | 5 + .../ee-EKU-EP_OS-int-EKU-CA_SA.der | Bin 763 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-CA_SA.pem.certspec | 5 + .../ee-EKU-EP_OS-int-EKU-CA_TS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-CA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_OS-int-EKU-EP.der | Bin 757 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-EP.pem.certspec | 5 + .../ee-EKU-EP_OS-int-EKU-EP_NS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-EP_NS.pem.certspec | 5 + .../ee-EKU-EP_OS-int-EKU-EP_OS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-EP_OS.pem.certspec | 5 + .../ee-EKU-EP_OS-int-EKU-EP_SA.der | Bin 763 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-EP_SA.pem.certspec | 5 + .../ee-EKU-EP_OS-int-EKU-EP_TS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-EP_TS.pem.certspec | 5 + .../ee-EKU-EP_OS-int-EKU-NONE.der | Bin 761 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-NONE.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_OS-int-EKU-NS.der | Bin 757 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-NS.pem.certspec | 5 + .../ee-EKU-EP_OS-int-EKU-NS_OS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-NS_OS.pem.certspec | 5 + .../ee-EKU-EP_OS-int-EKU-NS_SA.der | Bin 763 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-NS_SA.pem.certspec | 5 + .../ee-EKU-EP_OS-int-EKU-NS_TS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-NS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_OS-int-EKU-OS.der | Bin 756 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-OS.pem.certspec | 5 + .../ee-EKU-EP_OS-int-EKU-OS_SA.der | Bin 763 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-OS_SA.pem.certspec | 5 + .../ee-EKU-EP_OS-int-EKU-OS_TS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-OS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_OS-int-EKU-SA.der | Bin 757 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-SA.pem.certspec | 5 + .../ee-EKU-EP_OS-int-EKU-SA_TS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_OS-int-EKU-TS.der | Bin 757 -> 0 bytes .../ee-EKU-EP_OS-int-EKU-TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_SA-int-EKU-CA.der | Bin 757 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-CA.pem.certspec | 5 + .../ee-EKU-EP_SA-int-EKU-CA_EP.der | Bin 762 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-CA_EP.pem.certspec | 5 + ...ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 786 -> 0 bytes ..._SA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../ee-EKU-EP_SA-int-EKU-CA_NS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-CA_NS.pem.certspec | 5 + .../ee-EKU-EP_SA-int-EKU-CA_OS.der | Bin 762 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-CA_OS.pem.certspec | 5 + .../ee-EKU-EP_SA-int-EKU-CA_SA.der | Bin 763 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-CA_SA.pem.certspec | 5 + .../ee-EKU-EP_SA-int-EKU-CA_TS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-CA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_SA-int-EKU-EP.der | Bin 757 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-EP.pem.certspec | 5 + .../ee-EKU-EP_SA-int-EKU-EP_NS.der | Bin 762 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-EP_NS.pem.certspec | 5 + .../ee-EKU-EP_SA-int-EKU-EP_OS.der | Bin 762 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-EP_OS.pem.certspec | 5 + .../ee-EKU-EP_SA-int-EKU-EP_SA.der | Bin 763 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-EP_SA.pem.certspec | 5 + .../ee-EKU-EP_SA-int-EKU-EP_TS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-EP_TS.pem.certspec | 5 + .../ee-EKU-EP_SA-int-EKU-NONE.der | Bin 760 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-NONE.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_SA-int-EKU-NS.der | Bin 757 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-NS.pem.certspec | 5 + .../ee-EKU-EP_SA-int-EKU-NS_OS.der | Bin 762 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-NS_OS.pem.certspec | 5 + .../ee-EKU-EP_SA-int-EKU-NS_SA.der | Bin 763 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-NS_SA.pem.certspec | 5 + .../ee-EKU-EP_SA-int-EKU-NS_TS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-NS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_SA-int-EKU-OS.der | Bin 757 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-OS.pem.certspec | 5 + .../ee-EKU-EP_SA-int-EKU-OS_SA.der | Bin 763 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-OS_SA.pem.certspec | 5 + .../ee-EKU-EP_SA-int-EKU-OS_TS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-OS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_SA-int-EKU-SA.der | Bin 757 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-SA.pem.certspec | 5 + .../ee-EKU-EP_SA-int-EKU-SA_TS.der | Bin 762 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_SA-int-EKU-TS.der | Bin 757 -> 0 bytes .../ee-EKU-EP_SA-int-EKU-TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_TS-int-EKU-CA.der | Bin 756 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-CA.pem.certspec | 5 + .../ee-EKU-EP_TS-int-EKU-CA_EP.der | Bin 762 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-CA_EP.pem.certspec | 5 + ...ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 787 -> 0 bytes ..._TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../ee-EKU-EP_TS-int-EKU-CA_NS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-CA_NS.pem.certspec | 5 + .../ee-EKU-EP_TS-int-EKU-CA_OS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-CA_OS.pem.certspec | 5 + .../ee-EKU-EP_TS-int-EKU-CA_SA.der | Bin 763 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-CA_SA.pem.certspec | 5 + .../ee-EKU-EP_TS-int-EKU-CA_TS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-CA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_TS-int-EKU-EP.der | Bin 757 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-EP.pem.certspec | 5 + .../ee-EKU-EP_TS-int-EKU-EP_NS.der | Bin 762 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-EP_NS.pem.certspec | 5 + .../ee-EKU-EP_TS-int-EKU-EP_OS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-EP_OS.pem.certspec | 5 + .../ee-EKU-EP_TS-int-EKU-EP_SA.der | Bin 763 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-EP_SA.pem.certspec | 5 + .../ee-EKU-EP_TS-int-EKU-EP_TS.der | Bin 762 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-EP_TS.pem.certspec | 5 + .../ee-EKU-EP_TS-int-EKU-NONE.der | Bin 760 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-NONE.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_TS-int-EKU-NS.der | Bin 757 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-NS.pem.certspec | 5 + .../ee-EKU-EP_TS-int-EKU-NS_OS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-NS_OS.pem.certspec | 5 + .../ee-EKU-EP_TS-int-EKU-NS_SA.der | Bin 762 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-NS_SA.pem.certspec | 5 + .../ee-EKU-EP_TS-int-EKU-NS_TS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-NS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_TS-int-EKU-OS.der | Bin 757 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-OS.pem.certspec | 5 + .../ee-EKU-EP_TS-int-EKU-OS_SA.der | Bin 762 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-OS_SA.pem.certspec | 5 + .../ee-EKU-EP_TS-int-EKU-OS_TS.der | Bin 762 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-OS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_TS-int-EKU-SA.der | Bin 757 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-SA.pem.certspec | 5 + .../ee-EKU-EP_TS-int-EKU-SA_TS.der | Bin 763 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-EP_TS-int-EKU-TS.der | Bin 757 -> 0 bytes .../ee-EKU-EP_TS-int-EKU-TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NONE-int-EKU-CA.der | Bin 722 -> 0 bytes .../ee-EKU-NONE-int-EKU-CA.pem.certspec | 4 + .../ee-EKU-NONE-int-EKU-CA_EP.der | Bin 728 -> 0 bytes .../ee-EKU-NONE-int-EKU-CA_EP.pem.certspec | 4 + .../ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 752 -> 0 bytes ...ONE-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 4 + .../ee-EKU-NONE-int-EKU-CA_NS.der | Bin 728 -> 0 bytes .../ee-EKU-NONE-int-EKU-CA_NS.pem.certspec | 4 + .../ee-EKU-NONE-int-EKU-CA_OS.der | Bin 727 -> 0 bytes .../ee-EKU-NONE-int-EKU-CA_OS.pem.certspec | 4 + .../ee-EKU-NONE-int-EKU-CA_SA.der | Bin 728 -> 0 bytes .../ee-EKU-NONE-int-EKU-CA_SA.pem.certspec | 4 + .../ee-EKU-NONE-int-EKU-CA_TS.der | Bin 728 -> 0 bytes .../ee-EKU-NONE-int-EKU-CA_TS.pem.certspec | 4 + .../test_cert_eku/ee-EKU-NONE-int-EKU-EP.der | Bin 722 -> 0 bytes .../ee-EKU-NONE-int-EKU-EP.pem.certspec | 4 + .../ee-EKU-NONE-int-EKU-EP_NS.der | Bin 728 -> 0 bytes .../ee-EKU-NONE-int-EKU-EP_NS.pem.certspec | 4 + .../ee-EKU-NONE-int-EKU-EP_OS.der | Bin 728 -> 0 bytes .../ee-EKU-NONE-int-EKU-EP_OS.pem.certspec | 4 + .../ee-EKU-NONE-int-EKU-EP_SA.der | Bin 728 -> 0 bytes .../ee-EKU-NONE-int-EKU-EP_SA.pem.certspec | 4 + .../ee-EKU-NONE-int-EKU-EP_TS.der | Bin 728 -> 0 bytes .../ee-EKU-NONE-int-EKU-EP_TS.pem.certspec | 4 + .../ee-EKU-NONE-int-EKU-NONE.der | Bin 726 -> 0 bytes .../ee-EKU-NONE-int-EKU-NONE.pem.certspec | 4 + .../test_cert_eku/ee-EKU-NONE-int-EKU-NS.der | Bin 721 -> 0 bytes .../ee-EKU-NONE-int-EKU-NS.pem.certspec | 4 + .../ee-EKU-NONE-int-EKU-NS_OS.der | Bin 728 -> 0 bytes .../ee-EKU-NONE-int-EKU-NS_OS.pem.certspec | 4 + .../ee-EKU-NONE-int-EKU-NS_SA.der | Bin 728 -> 0 bytes .../ee-EKU-NONE-int-EKU-NS_SA.pem.certspec | 4 + .../ee-EKU-NONE-int-EKU-NS_TS.der | Bin 728 -> 0 bytes .../ee-EKU-NONE-int-EKU-NS_TS.pem.certspec | 4 + .../test_cert_eku/ee-EKU-NONE-int-EKU-OS.der | Bin 722 -> 0 bytes .../ee-EKU-NONE-int-EKU-OS.pem.certspec | 4 + .../ee-EKU-NONE-int-EKU-OS_SA.der | Bin 728 -> 0 bytes .../ee-EKU-NONE-int-EKU-OS_SA.pem.certspec | 4 + .../ee-EKU-NONE-int-EKU-OS_TS.der | Bin 728 -> 0 bytes .../ee-EKU-NONE-int-EKU-OS_TS.pem.certspec | 4 + .../test_cert_eku/ee-EKU-NONE-int-EKU-SA.der | Bin 722 -> 0 bytes .../ee-EKU-NONE-int-EKU-SA.pem.certspec | 4 + .../ee-EKU-NONE-int-EKU-SA_TS.der | Bin 728 -> 0 bytes .../ee-EKU-NONE-int-EKU-SA_TS.pem.certspec | 4 + .../test_cert_eku/ee-EKU-NONE-int-EKU-TS.der | Bin 722 -> 0 bytes .../ee-EKU-NONE-int-EKU-TS.pem.certspec | 4 + .../test_cert_eku/ee-EKU-NS-int-EKU-CA.der | Bin 745 -> 0 bytes .../ee-EKU-NS-int-EKU-CA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS-int-EKU-CA_EP.der | Bin 751 -> 0 bytes .../ee-EKU-NS-int-EKU-CA_EP.pem.certspec | 5 + .../ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 775 -> 0 bytes ...-NS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS-int-EKU-CA_NS.der | Bin 751 -> 0 bytes .../ee-EKU-NS-int-EKU-CA_NS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS-int-EKU-CA_OS.der | Bin 751 -> 0 bytes .../ee-EKU-NS-int-EKU-CA_OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS-int-EKU-CA_SA.der | Bin 751 -> 0 bytes .../ee-EKU-NS-int-EKU-CA_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS-int-EKU-CA_TS.der | Bin 751 -> 0 bytes .../ee-EKU-NS-int-EKU-CA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS-int-EKU-EP.der | Bin 745 -> 0 bytes .../ee-EKU-NS-int-EKU-EP.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS-int-EKU-EP_NS.der | Bin 751 -> 0 bytes .../ee-EKU-NS-int-EKU-EP_NS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS-int-EKU-EP_OS.der | Bin 751 -> 0 bytes .../ee-EKU-NS-int-EKU-EP_OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS-int-EKU-EP_SA.der | Bin 750 -> 0 bytes .../ee-EKU-NS-int-EKU-EP_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS-int-EKU-EP_TS.der | Bin 750 -> 0 bytes .../ee-EKU-NS-int-EKU-EP_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS-int-EKU-NONE.der | Bin 749 -> 0 bytes .../ee-EKU-NS-int-EKU-NONE.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS-int-EKU-NS.der | Bin 745 -> 0 bytes .../ee-EKU-NS-int-EKU-NS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS-int-EKU-NS_OS.der | Bin 751 -> 0 bytes .../ee-EKU-NS-int-EKU-NS_OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS-int-EKU-NS_SA.der | Bin 751 -> 0 bytes .../ee-EKU-NS-int-EKU-NS_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS-int-EKU-NS_TS.der | Bin 751 -> 0 bytes .../ee-EKU-NS-int-EKU-NS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS-int-EKU-OS.der | Bin 745 -> 0 bytes .../ee-EKU-NS-int-EKU-OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS-int-EKU-OS_SA.der | Bin 751 -> 0 bytes .../ee-EKU-NS-int-EKU-OS_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS-int-EKU-OS_TS.der | Bin 750 -> 0 bytes .../ee-EKU-NS-int-EKU-OS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS-int-EKU-SA.der | Bin 745 -> 0 bytes .../ee-EKU-NS-int-EKU-SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS-int-EKU-SA_TS.der | Bin 750 -> 0 bytes .../ee-EKU-NS-int-EKU-SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS-int-EKU-TS.der | Bin 745 -> 0 bytes .../ee-EKU-NS-int-EKU-TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS_OS-int-EKU-CA.der | Bin 758 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-CA.pem.certspec | 5 + .../ee-EKU-NS_OS-int-EKU-CA_EP.der | Bin 764 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-CA_EP.pem.certspec | 5 + ...ee-EKU-NS_OS-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 787 -> 0 bytes ..._OS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../ee-EKU-NS_OS-int-EKU-CA_NS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-CA_NS.pem.certspec | 5 + .../ee-EKU-NS_OS-int-EKU-CA_OS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-CA_OS.pem.certspec | 5 + .../ee-EKU-NS_OS-int-EKU-CA_SA.der | Bin 764 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-CA_SA.pem.certspec | 5 + .../ee-EKU-NS_OS-int-EKU-CA_TS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-CA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS_OS-int-EKU-EP.der | Bin 758 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-EP.pem.certspec | 5 + .../ee-EKU-NS_OS-int-EKU-EP_NS.der | Bin 763 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-EP_NS.pem.certspec | 5 + .../ee-EKU-NS_OS-int-EKU-EP_OS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-EP_OS.pem.certspec | 5 + .../ee-EKU-NS_OS-int-EKU-EP_SA.der | Bin 764 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-EP_SA.pem.certspec | 5 + .../ee-EKU-NS_OS-int-EKU-EP_TS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-EP_TS.pem.certspec | 5 + .../ee-EKU-NS_OS-int-EKU-NONE.der | Bin 762 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-NONE.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS_OS-int-EKU-NS.der | Bin 758 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-NS.pem.certspec | 5 + .../ee-EKU-NS_OS-int-EKU-NS_OS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-NS_OS.pem.certspec | 5 + .../ee-EKU-NS_OS-int-EKU-NS_SA.der | Bin 764 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-NS_SA.pem.certspec | 5 + .../ee-EKU-NS_OS-int-EKU-NS_TS.der | Bin 763 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-NS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS_OS-int-EKU-OS.der | Bin 758 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-OS.pem.certspec | 5 + .../ee-EKU-NS_OS-int-EKU-OS_SA.der | Bin 764 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-OS_SA.pem.certspec | 5 + .../ee-EKU-NS_OS-int-EKU-OS_TS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-OS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS_OS-int-EKU-SA.der | Bin 758 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-SA.pem.certspec | 5 + .../ee-EKU-NS_OS-int-EKU-SA_TS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS_OS-int-EKU-TS.der | Bin 758 -> 0 bytes .../ee-EKU-NS_OS-int-EKU-TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS_SA-int-EKU-CA.der | Bin 758 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-CA.pem.certspec | 5 + .../ee-EKU-NS_SA-int-EKU-CA_EP.der | Bin 764 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-CA_EP.pem.certspec | 5 + ...ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 788 -> 0 bytes ..._SA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../ee-EKU-NS_SA-int-EKU-CA_NS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-CA_NS.pem.certspec | 5 + .../ee-EKU-NS_SA-int-EKU-CA_OS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-CA_OS.pem.certspec | 5 + .../ee-EKU-NS_SA-int-EKU-CA_SA.der | Bin 764 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-CA_SA.pem.certspec | 5 + .../ee-EKU-NS_SA-int-EKU-CA_TS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-CA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS_SA-int-EKU-EP.der | Bin 758 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-EP.pem.certspec | 5 + .../ee-EKU-NS_SA-int-EKU-EP_NS.der | Bin 763 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-EP_NS.pem.certspec | 5 + .../ee-EKU-NS_SA-int-EKU-EP_OS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-EP_OS.pem.certspec | 5 + .../ee-EKU-NS_SA-int-EKU-EP_SA.der | Bin 764 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-EP_SA.pem.certspec | 5 + .../ee-EKU-NS_SA-int-EKU-EP_TS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-EP_TS.pem.certspec | 5 + .../ee-EKU-NS_SA-int-EKU-NONE.der | Bin 762 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-NONE.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS_SA-int-EKU-NS.der | Bin 758 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-NS.pem.certspec | 5 + .../ee-EKU-NS_SA-int-EKU-NS_OS.der | Bin 763 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-NS_OS.pem.certspec | 5 + .../ee-EKU-NS_SA-int-EKU-NS_SA.der | Bin 763 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-NS_SA.pem.certspec | 5 + .../ee-EKU-NS_SA-int-EKU-NS_TS.der | Bin 763 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-NS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS_SA-int-EKU-OS.der | Bin 758 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-OS.pem.certspec | 5 + .../ee-EKU-NS_SA-int-EKU-OS_SA.der | Bin 763 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-OS_SA.pem.certspec | 5 + .../ee-EKU-NS_SA-int-EKU-OS_TS.der | Bin 763 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-OS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS_SA-int-EKU-SA.der | Bin 757 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-SA.pem.certspec | 5 + .../ee-EKU-NS_SA-int-EKU-SA_TS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS_SA-int-EKU-TS.der | Bin 757 -> 0 bytes .../ee-EKU-NS_SA-int-EKU-TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS_TS-int-EKU-CA.der | Bin 758 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-CA.pem.certspec | 5 + .../ee-EKU-NS_TS-int-EKU-CA_EP.der | Bin 764 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-CA_EP.pem.certspec | 5 + ...ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 787 -> 0 bytes ..._TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../ee-EKU-NS_TS-int-EKU-CA_NS.der | Bin 763 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-CA_NS.pem.certspec | 5 + .../ee-EKU-NS_TS-int-EKU-CA_OS.der | Bin 763 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-CA_OS.pem.certspec | 5 + .../ee-EKU-NS_TS-int-EKU-CA_SA.der | Bin 764 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-CA_SA.pem.certspec | 5 + .../ee-EKU-NS_TS-int-EKU-CA_TS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-CA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS_TS-int-EKU-EP.der | Bin 757 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-EP.pem.certspec | 5 + .../ee-EKU-NS_TS-int-EKU-EP_NS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-EP_NS.pem.certspec | 5 + .../ee-EKU-NS_TS-int-EKU-EP_OS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-EP_OS.pem.certspec | 5 + .../ee-EKU-NS_TS-int-EKU-EP_SA.der | Bin 764 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-EP_SA.pem.certspec | 5 + .../ee-EKU-NS_TS-int-EKU-EP_TS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-EP_TS.pem.certspec | 5 + .../ee-EKU-NS_TS-int-EKU-NONE.der | Bin 762 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-NONE.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS_TS-int-EKU-NS.der | Bin 758 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-NS.pem.certspec | 5 + .../ee-EKU-NS_TS-int-EKU-NS_OS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-NS_OS.pem.certspec | 5 + .../ee-EKU-NS_TS-int-EKU-NS_SA.der | Bin 763 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-NS_SA.pem.certspec | 5 + .../ee-EKU-NS_TS-int-EKU-NS_TS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-NS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS_TS-int-EKU-OS.der | Bin 758 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-OS.pem.certspec | 5 + .../ee-EKU-NS_TS-int-EKU-OS_SA.der | Bin 764 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-OS_SA.pem.certspec | 5 + .../ee-EKU-NS_TS-int-EKU-OS_TS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-OS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS_TS-int-EKU-SA.der | Bin 757 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-SA.pem.certspec | 5 + .../ee-EKU-NS_TS-int-EKU-SA_TS.der | Bin 764 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-NS_TS-int-EKU-TS.der | Bin 758 -> 0 bytes .../ee-EKU-NS_TS-int-EKU-TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-CA.der | Bin 744 -> 0 bytes .../ee-EKU-OS-int-EKU-CA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-CA_EP.der | Bin 750 -> 0 bytes .../ee-EKU-OS-int-EKU-CA_EP.pem.certspec | 5 + .../ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 774 -> 0 bytes ...-OS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-CA_NS.der | Bin 750 -> 0 bytes .../ee-EKU-OS-int-EKU-CA_NS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-CA_OS.der | Bin 749 -> 0 bytes .../ee-EKU-OS-int-EKU-CA_OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-CA_SA.der | Bin 750 -> 0 bytes .../ee-EKU-OS-int-EKU-CA_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-CA_TS.der | Bin 749 -> 0 bytes .../ee-EKU-OS-int-EKU-CA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-EP.der | Bin 744 -> 0 bytes .../ee-EKU-OS-int-EKU-EP.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-EP_NS.der | Bin 749 -> 0 bytes .../ee-EKU-OS-int-EKU-EP_NS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-EP_OS.der | Bin 750 -> 0 bytes .../ee-EKU-OS-int-EKU-EP_OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-EP_SA.der | Bin 750 -> 0 bytes .../ee-EKU-OS-int-EKU-EP_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-EP_TS.der | Bin 750 -> 0 bytes .../ee-EKU-OS-int-EKU-EP_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-NONE.der | Bin 748 -> 0 bytes .../ee-EKU-OS-int-EKU-NONE.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-NS.der | Bin 744 -> 0 bytes .../ee-EKU-OS-int-EKU-NS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-NS_OS.der | Bin 750 -> 0 bytes .../ee-EKU-OS-int-EKU-NS_OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-NS_SA.der | Bin 749 -> 0 bytes .../ee-EKU-OS-int-EKU-NS_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-NS_TS.der | Bin 750 -> 0 bytes .../ee-EKU-OS-int-EKU-NS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-OS.der | Bin 744 -> 0 bytes .../ee-EKU-OS-int-EKU-OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-OS_SA.der | Bin 750 -> 0 bytes .../ee-EKU-OS-int-EKU-OS_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-OS_TS.der | Bin 749 -> 0 bytes .../ee-EKU-OS-int-EKU-OS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-SA.der | Bin 744 -> 0 bytes .../ee-EKU-OS-int-EKU-SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-SA_TS.der | Bin 750 -> 0 bytes .../ee-EKU-OS-int-EKU-SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS-int-EKU-TS.der | Bin 744 -> 0 bytes .../ee-EKU-OS-int-EKU-TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS_SA-int-EKU-CA.der | Bin 757 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-CA.pem.certspec | 5 + .../ee-EKU-OS_SA-int-EKU-CA_EP.der | Bin 763 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-CA_EP.pem.certspec | 5 + ...ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 786 -> 0 bytes ..._SA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../ee-EKU-OS_SA-int-EKU-CA_NS.der | Bin 763 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-CA_NS.pem.certspec | 5 + .../ee-EKU-OS_SA-int-EKU-CA_OS.der | Bin 763 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-CA_OS.pem.certspec | 5 + .../ee-EKU-OS_SA-int-EKU-CA_SA.der | Bin 763 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-CA_SA.pem.certspec | 5 + .../ee-EKU-OS_SA-int-EKU-CA_TS.der | Bin 763 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-CA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS_SA-int-EKU-EP.der | Bin 757 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-EP.pem.certspec | 5 + .../ee-EKU-OS_SA-int-EKU-EP_NS.der | Bin 762 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-EP_NS.pem.certspec | 5 + .../ee-EKU-OS_SA-int-EKU-EP_OS.der | Bin 763 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-EP_OS.pem.certspec | 5 + .../ee-EKU-OS_SA-int-EKU-EP_SA.der | Bin 763 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-EP_SA.pem.certspec | 5 + .../ee-EKU-OS_SA-int-EKU-EP_TS.der | Bin 763 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-EP_TS.pem.certspec | 5 + .../ee-EKU-OS_SA-int-EKU-NONE.der | Bin 760 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-NONE.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS_SA-int-EKU-NS.der | Bin 757 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-NS.pem.certspec | 5 + .../ee-EKU-OS_SA-int-EKU-NS_OS.der | Bin 762 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-NS_OS.pem.certspec | 5 + .../ee-EKU-OS_SA-int-EKU-NS_SA.der | Bin 762 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-NS_SA.pem.certspec | 5 + .../ee-EKU-OS_SA-int-EKU-NS_TS.der | Bin 763 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-NS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS_SA-int-EKU-OS.der | Bin 757 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-OS.pem.certspec | 5 + .../ee-EKU-OS_SA-int-EKU-OS_SA.der | Bin 763 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-OS_SA.pem.certspec | 5 + .../ee-EKU-OS_SA-int-EKU-OS_TS.der | Bin 763 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-OS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS_SA-int-EKU-SA.der | Bin 757 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-SA.pem.certspec | 5 + .../ee-EKU-OS_SA-int-EKU-SA_TS.der | Bin 763 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS_SA-int-EKU-TS.der | Bin 756 -> 0 bytes .../ee-EKU-OS_SA-int-EKU-TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS_TS-int-EKU-CA.der | Bin 757 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-CA.pem.certspec | 5 + .../ee-EKU-OS_TS-int-EKU-CA_EP.der | Bin 763 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-CA_EP.pem.certspec | 5 + ...ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 787 -> 0 bytes ..._TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../ee-EKU-OS_TS-int-EKU-CA_NS.der | Bin 763 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-CA_NS.pem.certspec | 5 + .../ee-EKU-OS_TS-int-EKU-CA_OS.der | Bin 763 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-CA_OS.pem.certspec | 5 + .../ee-EKU-OS_TS-int-EKU-CA_SA.der | Bin 763 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-CA_SA.pem.certspec | 5 + .../ee-EKU-OS_TS-int-EKU-CA_TS.der | Bin 763 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-CA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS_TS-int-EKU-EP.der | Bin 757 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-EP.pem.certspec | 5 + .../ee-EKU-OS_TS-int-EKU-EP_NS.der | Bin 762 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-EP_NS.pem.certspec | 5 + .../ee-EKU-OS_TS-int-EKU-EP_OS.der | Bin 763 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-EP_OS.pem.certspec | 5 + .../ee-EKU-OS_TS-int-EKU-EP_SA.der | Bin 763 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-EP_SA.pem.certspec | 5 + .../ee-EKU-OS_TS-int-EKU-EP_TS.der | Bin 762 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-EP_TS.pem.certspec | 5 + .../ee-EKU-OS_TS-int-EKU-NONE.der | Bin 761 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-NONE.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS_TS-int-EKU-NS.der | Bin 757 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-NS.pem.certspec | 5 + .../ee-EKU-OS_TS-int-EKU-NS_OS.der | Bin 763 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-NS_OS.pem.certspec | 5 + .../ee-EKU-OS_TS-int-EKU-NS_SA.der | Bin 763 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-NS_SA.pem.certspec | 5 + .../ee-EKU-OS_TS-int-EKU-NS_TS.der | Bin 763 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-NS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS_TS-int-EKU-OS.der | Bin 757 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-OS.pem.certspec | 5 + .../ee-EKU-OS_TS-int-EKU-OS_SA.der | Bin 763 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-OS_SA.pem.certspec | 5 + .../ee-EKU-OS_TS-int-EKU-OS_TS.der | Bin 763 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-OS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS_TS-int-EKU-SA.der | Bin 756 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-SA.pem.certspec | 5 + .../ee-EKU-OS_TS-int-EKU-SA_TS.der | Bin 763 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-OS_TS-int-EKU-TS.der | Bin 757 -> 0 bytes .../ee-EKU-OS_TS-int-EKU-TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-CA.der | Bin 744 -> 0 bytes .../ee-EKU-SA-int-EKU-CA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-CA_EP.der | Bin 750 -> 0 bytes .../ee-EKU-SA-int-EKU-CA_EP.pem.certspec | 5 + .../ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 773 -> 0 bytes ...-SA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-CA_NS.der | Bin 750 -> 0 bytes .../ee-EKU-SA-int-EKU-CA_NS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-CA_OS.der | Bin 749 -> 0 bytes .../ee-EKU-SA-int-EKU-CA_OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-CA_SA.der | Bin 750 -> 0 bytes .../ee-EKU-SA-int-EKU-CA_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-CA_TS.der | Bin 750 -> 0 bytes .../ee-EKU-SA-int-EKU-CA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-EP.der | Bin 744 -> 0 bytes .../ee-EKU-SA-int-EKU-EP.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-EP_NS.der | Bin 750 -> 0 bytes .../ee-EKU-SA-int-EKU-EP_NS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-EP_OS.der | Bin 750 -> 0 bytes .../ee-EKU-SA-int-EKU-EP_OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-EP_SA.der | Bin 749 -> 0 bytes .../ee-EKU-SA-int-EKU-EP_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-EP_TS.der | Bin 750 -> 0 bytes .../ee-EKU-SA-int-EKU-EP_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-NONE.der | Bin 748 -> 0 bytes .../ee-EKU-SA-int-EKU-NONE.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-NS.der | Bin 743 -> 0 bytes .../ee-EKU-SA-int-EKU-NS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-NS_OS.der | Bin 750 -> 0 bytes .../ee-EKU-SA-int-EKU-NS_OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-NS_SA.der | Bin 749 -> 0 bytes .../ee-EKU-SA-int-EKU-NS_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-NS_TS.der | Bin 750 -> 0 bytes .../ee-EKU-SA-int-EKU-NS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-OS.der | Bin 744 -> 0 bytes .../ee-EKU-SA-int-EKU-OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-OS_SA.der | Bin 750 -> 0 bytes .../ee-EKU-SA-int-EKU-OS_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-OS_TS.der | Bin 750 -> 0 bytes .../ee-EKU-SA-int-EKU-OS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-SA.der | Bin 744 -> 0 bytes .../ee-EKU-SA-int-EKU-SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-SA_TS.der | Bin 750 -> 0 bytes .../ee-EKU-SA-int-EKU-SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA-int-EKU-TS.der | Bin 744 -> 0 bytes .../ee-EKU-SA-int-EKU-TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA_TS-int-EKU-CA.der | Bin 756 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-CA.pem.certspec | 5 + .../ee-EKU-SA_TS-int-EKU-CA_EP.der | Bin 762 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-CA_EP.pem.certspec | 5 + ...ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 787 -> 0 bytes ..._TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../ee-EKU-SA_TS-int-EKU-CA_NS.der | Bin 762 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-CA_NS.pem.certspec | 5 + .../ee-EKU-SA_TS-int-EKU-CA_OS.der | Bin 763 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-CA_OS.pem.certspec | 5 + .../ee-EKU-SA_TS-int-EKU-CA_SA.der | Bin 762 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-CA_SA.pem.certspec | 5 + .../ee-EKU-SA_TS-int-EKU-CA_TS.der | Bin 763 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-CA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA_TS-int-EKU-EP.der | Bin 757 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-EP.pem.certspec | 5 + .../ee-EKU-SA_TS-int-EKU-EP_NS.der | Bin 763 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-EP_NS.pem.certspec | 5 + .../ee-EKU-SA_TS-int-EKU-EP_OS.der | Bin 763 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-EP_OS.pem.certspec | 5 + .../ee-EKU-SA_TS-int-EKU-EP_SA.der | Bin 763 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-EP_SA.pem.certspec | 5 + .../ee-EKU-SA_TS-int-EKU-EP_TS.der | Bin 763 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-EP_TS.pem.certspec | 5 + .../ee-EKU-SA_TS-int-EKU-NONE.der | Bin 761 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-NONE.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA_TS-int-EKU-NS.der | Bin 757 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-NS.pem.certspec | 5 + .../ee-EKU-SA_TS-int-EKU-NS_OS.der | Bin 763 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-NS_OS.pem.certspec | 5 + .../ee-EKU-SA_TS-int-EKU-NS_SA.der | Bin 763 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-NS_SA.pem.certspec | 5 + .../ee-EKU-SA_TS-int-EKU-NS_TS.der | Bin 763 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-NS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA_TS-int-EKU-OS.der | Bin 757 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-OS.pem.certspec | 5 + .../ee-EKU-SA_TS-int-EKU-OS_SA.der | Bin 762 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-OS_SA.pem.certspec | 5 + .../ee-EKU-SA_TS-int-EKU-OS_TS.der | Bin 763 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-OS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA_TS-int-EKU-SA.der | Bin 757 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-SA.pem.certspec | 5 + .../ee-EKU-SA_TS-int-EKU-SA_TS.der | Bin 762 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-SA_TS-int-EKU-TS.der | Bin 757 -> 0 bytes .../ee-EKU-SA_TS-int-EKU-TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-CA.der | Bin 744 -> 0 bytes .../ee-EKU-TS-int-EKU-CA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-CA_EP.der | Bin 750 -> 0 bytes .../ee-EKU-TS-int-EKU-CA_EP.pem.certspec | 5 + .../ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 774 -> 0 bytes ...-TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-CA_NS.der | Bin 750 -> 0 bytes .../ee-EKU-TS-int-EKU-CA_NS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-CA_OS.der | Bin 750 -> 0 bytes .../ee-EKU-TS-int-EKU-CA_OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-CA_SA.der | Bin 750 -> 0 bytes .../ee-EKU-TS-int-EKU-CA_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-CA_TS.der | Bin 750 -> 0 bytes .../ee-EKU-TS-int-EKU-CA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-EP.der | Bin 744 -> 0 bytes .../ee-EKU-TS-int-EKU-EP.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-EP_NS.der | Bin 749 -> 0 bytes .../ee-EKU-TS-int-EKU-EP_NS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-EP_OS.der | Bin 750 -> 0 bytes .../ee-EKU-TS-int-EKU-EP_OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-EP_SA.der | Bin 750 -> 0 bytes .../ee-EKU-TS-int-EKU-EP_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-EP_TS.der | Bin 750 -> 0 bytes .../ee-EKU-TS-int-EKU-EP_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-NONE.der | Bin 748 -> 0 bytes .../ee-EKU-TS-int-EKU-NONE.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-NS.der | Bin 744 -> 0 bytes .../ee-EKU-TS-int-EKU-NS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-NS_OS.der | Bin 750 -> 0 bytes .../ee-EKU-TS-int-EKU-NS_OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-NS_SA.der | Bin 750 -> 0 bytes .../ee-EKU-TS-int-EKU-NS_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-NS_TS.der | Bin 750 -> 0 bytes .../ee-EKU-TS-int-EKU-NS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-OS.der | Bin 744 -> 0 bytes .../ee-EKU-TS-int-EKU-OS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-OS_SA.der | Bin 750 -> 0 bytes .../ee-EKU-TS-int-EKU-OS_SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-OS_TS.der | Bin 750 -> 0 bytes .../ee-EKU-TS-int-EKU-OS_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-SA.der | Bin 744 -> 0 bytes .../ee-EKU-TS-int-EKU-SA.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-SA_TS.der | Bin 749 -> 0 bytes .../ee-EKU-TS-int-EKU-SA_TS.pem.certspec | 5 + .../test_cert_eku/ee-EKU-TS-int-EKU-TS.der | Bin 744 -> 0 bytes .../ee-EKU-TS-int-EKU-TS.pem.certspec | 5 + .../ssl/tests/unit/test_cert_eku/generate.py | 128 ++-- .../tests/unit/test_cert_eku/int-EKU-CA.der | Bin 728 -> 0 bytes .../test_cert_eku/int-EKU-CA.pem.certspec | 5 + .../unit/test_cert_eku/int-EKU-CA_EP.der | Bin 742 -> 0 bytes .../test_cert_eku/int-EKU-CA_EP.pem.certspec | 5 + .../int-EKU-CA_EP_NS_OS_SA_TS.der | Bin 795 -> 0 bytes .../int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec | 5 + .../unit/test_cert_eku/int-EKU-CA_NS.der | Bin 743 -> 0 bytes .../test_cert_eku/int-EKU-CA_NS.pem.certspec | 5 + .../unit/test_cert_eku/int-EKU-CA_OS.der | Bin 742 -> 0 bytes .../test_cert_eku/int-EKU-CA_OS.pem.certspec | 5 + .../unit/test_cert_eku/int-EKU-CA_SA.der | Bin 742 -> 0 bytes .../test_cert_eku/int-EKU-CA_SA.pem.certspec | 5 + .../unit/test_cert_eku/int-EKU-CA_TS.der | Bin 742 -> 0 bytes .../test_cert_eku/int-EKU-CA_TS.pem.certspec | 5 + .../tests/unit/test_cert_eku/int-EKU-EP.der | Bin 729 -> 0 bytes .../test_cert_eku/int-EKU-EP.pem.certspec | 5 + .../unit/test_cert_eku/int-EKU-EP_NS.der | Bin 743 -> 0 bytes .../test_cert_eku/int-EKU-EP_NS.pem.certspec | 5 + .../unit/test_cert_eku/int-EKU-EP_OS.der | Bin 742 -> 0 bytes .../test_cert_eku/int-EKU-EP_OS.pem.certspec | 5 + .../unit/test_cert_eku/int-EKU-EP_SA.der | Bin 742 -> 0 bytes .../test_cert_eku/int-EKU-EP_SA.pem.certspec | 5 + .../unit/test_cert_eku/int-EKU-EP_TS.der | Bin 741 -> 0 bytes .../test_cert_eku/int-EKU-EP_TS.pem.certspec | 5 + .../tests/unit/test_cert_eku/int-EKU-NONE.der | Bin 710 -> 0 bytes .../test_cert_eku/int-EKU-NONE.pem.certspec | 4 + .../tests/unit/test_cert_eku/int-EKU-NS.der | Bin 730 -> 0 bytes .../test_cert_eku/int-EKU-NS.pem.certspec | 5 + .../unit/test_cert_eku/int-EKU-NS_OS.der | Bin 743 -> 0 bytes .../test_cert_eku/int-EKU-NS_OS.pem.certspec | 5 + .../unit/test_cert_eku/int-EKU-NS_SA.der | Bin 743 -> 0 bytes .../test_cert_eku/int-EKU-NS_SA.pem.certspec | 5 + .../unit/test_cert_eku/int-EKU-NS_TS.der | Bin 742 -> 0 bytes .../test_cert_eku/int-EKU-NS_TS.pem.certspec | 5 + .../tests/unit/test_cert_eku/int-EKU-OS.der | Bin 729 -> 0 bytes .../test_cert_eku/int-EKU-OS.pem.certspec | 5 + .../unit/test_cert_eku/int-EKU-OS_SA.der | Bin 741 -> 0 bytes .../test_cert_eku/int-EKU-OS_SA.pem.certspec | 5 + .../unit/test_cert_eku/int-EKU-OS_TS.der | Bin 742 -> 0 bytes .../test_cert_eku/int-EKU-OS_TS.pem.certspec | 5 + .../tests/unit/test_cert_eku/int-EKU-SA.der | Bin 729 -> 0 bytes .../test_cert_eku/int-EKU-SA.pem.certspec | 5 + .../unit/test_cert_eku/int-EKU-SA_TS.der | Bin 742 -> 0 bytes .../test_cert_eku/int-EKU-SA_TS.pem.certspec | 5 + .../tests/unit/test_cert_eku/int-EKU-TS.der | Bin 728 -> 0 bytes .../test_cert_eku/int-EKU-TS.pem.certspec | 5 + .../ssl/tests/unit/test_cert_eku/moz.build | 570 ++++++++++++++++++ 1133 files changed, 6632 insertions(+), 3348 deletions(-) delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ca.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ca.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_EP_NS_OS_SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP_NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP_NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NONE.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NONE.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NS_OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NS_OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-OS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-OS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-OS_SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-OS_SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-OS_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-OS_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-SA.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-SA.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-SA_TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-SA_TS.pem.certspec delete mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-TS.der create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/int-EKU-TS.pem.certspec create mode 100644 security/manager/ssl/tests/unit/test_cert_eku/moz.build diff --git a/security/manager/ssl/tests/unit/moz.build b/security/manager/ssl/tests/unit/moz.build index 4f3731d12b4..002cda2861d 100644 --- a/security/manager/ssl/tests/unit/moz.build +++ b/security/manager/ssl/tests/unit/moz.build @@ -6,6 +6,7 @@ DIRS += ['tlsserver'] TEST_DIRS += [ + 'test_cert_eku', 'test_cert_keyUsage', 'test_cert_trust', 'test_intermediate_basic_usage_constraints', diff --git a/security/manager/ssl/tests/unit/pycert.py b/security/manager/ssl/tests/unit/pycert.py index de114847be4..3b89de80b4f 100755 --- a/security/manager/ssl/tests/unit/pycert.py +++ b/security/manager/ssl/tests/unit/pycert.py @@ -19,7 +19,9 @@ Known extensions are: basicConstraints:[cA],[pathLenConstraint] keyUsage:[digitalSignature,nonRepudiation,keyEncipherment, dataEncipherment,keyAgreement,keyCertSign,cRLSign] -extKeyUsage:[serverAuth,clientAuth,codeSigning,emailProtection] +extKeyUsage:[serverAuth,clientAuth,codeSigning,emailProtection + nsSGC, # Netscape Server Gated Crypto + OCSPSigning,timeStamping] In the future it will be possible to specify other properties of the generated certificate (for example, its validity period, signature @@ -283,6 +285,12 @@ class Certificate: return rfc2459.id_kp_codeSigning if keyPurpose == 'emailProtection': return rfc2459.id_kp_emailProtection + if keyPurpose == 'nsSGC': + return univ.ObjectIdentifier('2.16.840.1.113730.4.1') + if keyPurpose == 'OCSPSigning': + return univ.ObjectIdentifier('1.3.6.1.5.5.7.3.9') + if keyPurpose == 'timeStamping': + return rfc2459.id_kp_timeStamping raise UnknownKeyPurposeTypeError(keyPurpose) def addExtKeyUsage(self, extKeyUsage): diff --git a/security/manager/ssl/tests/unit/test_cert_eku-CA.js b/security/manager/ssl/tests/unit/test_cert_eku-CA.js index cad9e665134..4e87309c95c 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-CA.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-CA.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-CA', ',,'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-CA_EP.js b/security/manager/ssl/tests/unit/test_cert_eku-CA_EP.js index 11a6b03864c..002e04e5ebc 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-CA_EP.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-CA_EP.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-CA_EP', ',,'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-CA_EP_NS_OS_SA_TS.js b/security/manager/ssl/tests/unit/test_cert_eku-CA_EP_NS_OS_SA_TS.js index 71217a7db96..31176e01324 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-CA_EP_NS_OS_SA_TS.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-CA_EP_NS_OS_SA_TS.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-CA_EP_NS_OS_SA_TS', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-CA_NS.js b/security/manager/ssl/tests/unit/test_cert_eku-CA_NS.js index dfad636abbc..077425a6ae4 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-CA_NS.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-CA_NS.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-CA_NS', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_NS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_NS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_NS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_NS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_NS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_NS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_NS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_NS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_NS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_NS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_NS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_NS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-CA_OS.js b/security/manager/ssl/tests/unit/test_cert_eku-CA_OS.js index 35a45e99929..433c661ebe2 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-CA_OS.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-CA_OS.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-CA_OS', ',,'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_OS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_OS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_OS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_OS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_OS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_OS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-CA_SA.js b/security/manager/ssl/tests/unit/test_cert_eku-CA_SA.js index e6e77674994..e93002e2569 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-CA_SA.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-CA_SA.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-CA_SA', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_SA'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_SA'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_SA'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_SA'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_SA'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_SA'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-CA_TS.js b/security/manager/ssl/tests/unit/test_cert_eku-CA_TS.js index b2c14cabc29..17b85fd956a 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-CA_TS.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-CA_TS.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-CA_TS', ',,'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_TS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_TS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_TS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_TS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_TS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_TS'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-CA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-EP.js b/security/manager/ssl/tests/unit/test_cert_eku-EP.js index 48cb8082502..36a27ef1a87 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-EP.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-EP.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-EP', ',,'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-EP_NS.js b/security/manager/ssl/tests/unit/test_cert_eku-EP_NS.js index e80efb9e458..c86febf1964 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-EP_NS.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-EP_NS.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-EP_NS', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_NS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_NS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_NS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_NS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_NS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_NS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_NS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_NS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_NS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_NS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_NS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_NS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_NS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_NS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_NS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_NS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_NS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_NS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-EP_OS.js b/security/manager/ssl/tests/unit/test_cert_eku-EP_OS.js index 525a824c7d4..239985adb24 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-EP_OS.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-EP_OS.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-EP_OS', ',,'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_OS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_OS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_OS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_OS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_OS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_OS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_OS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_OS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_OS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_OS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_OS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_OS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-EP_SA.js b/security/manager/ssl/tests/unit/test_cert_eku-EP_SA.js index 55ebb98e98d..d226167c51c 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-EP_SA.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-EP_SA.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-EP_SA', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_SA'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_SA'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_SA'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_SA'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_SA'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_SA'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_SA'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_SA'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_SA'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_SA'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_SA'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_SA'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-EP_TS.js b/security/manager/ssl/tests/unit/test_cert_eku-EP_TS.js index f50e09c3b84..8fec28b06dc 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-EP_TS.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-EP_TS.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-EP_TS', ',,'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_TS.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_TS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_TS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_TS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_TS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_TS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_TS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_TS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_TS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_TS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_TS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_TS'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_TS'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-EP_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-NONE.js b/security/manager/ssl/tests/unit/test_cert_eku-NONE.js index 0b7ca0b1f3e..120047c0abf 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-NONE.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-NONE.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-NONE', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NONE.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NONE.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NONE'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NONE'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-NS.js b/security/manager/ssl/tests/unit/test_cert_eku-NS.js index c384b39e1c5..4ddd3edd1d0 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-NS.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-NS.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-NS', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-NS_OS.js b/security/manager/ssl/tests/unit/test_cert_eku-NS_OS.js index c63afd9fa19..1428d81a055 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-NS_OS.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-NS_OS.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-NS_OS', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_OS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_OS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_OS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_OS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_OS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_OS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_OS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-NS_SA.js b/security/manager/ssl/tests/unit/test_cert_eku-NS_SA.js index f0281517cc3..570da4711a8 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-NS_SA.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-NS_SA.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-NS_SA', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-NS_TS.js b/security/manager/ssl/tests/unit/test_cert_eku-NS_TS.js index ad03ce1962f..3f48daaedd0 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-NS_TS.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-NS_TS.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-NS_TS', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_TS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_TS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_TS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_TS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_TS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_TS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-NS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-OS.js b/security/manager/ssl/tests/unit/test_cert_eku-OS.js index c551136b80c..83156040b0b 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-OS.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-OS.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-OS', ',,'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-OS_SA.js b/security/manager/ssl/tests/unit/test_cert_eku-OS_SA.js index b7b0512c9c1..04e621d3fdf 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-OS_SA.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-OS_SA.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-OS_SA', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_SA'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_SA'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_SA'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_SA'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_SA'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_SA'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-OS_TS.js b/security/manager/ssl/tests/unit/test_cert_eku-OS_TS.js index 4cd9f09a16a..40919a7aee4 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-OS_TS.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-OS_TS.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-OS_TS', ',,'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_TS.der'), PRErrorCodeSuccess, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-OS_TS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-OS_TS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-OS_TS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-OS_TS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-OS_TS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-OS_TS'), PRErrorCodeSuccess, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-OS_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-SA.js b/security/manager/ssl/tests/unit/test_cert_eku-SA.js index aff598b5bdf..61c0d32f10f 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-SA.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-SA.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-SA', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-SA_TS.js b/security/manager/ssl/tests/unit/test_cert_eku-SA_TS.js index 599301d686e..139c583ef0b 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-SA_TS.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-SA_TS.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-SA_TS', ',,'), PRErrorCodeSuccess, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA_TS.der'), PRErrorCodeSuccess, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA_TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA_TS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA_TS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA_TS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA_TS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA_TS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA_TS'), PRErrorCodeSuccess, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-SA_TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku-TS.js b/security/manager/ssl/tests/unit/test_cert_eku-TS.js index c7173f4fdb9..5b4e94a37f6 100644 --- a/security/manager/ssl/tests/unit/test_cert_eku-TS.js +++ b/security/manager/ssl/tests/unit/test_cert_eku-TS.js @@ -11,156 +11,154 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { load_cert("ca", "CT,CT,CT"); checkCertErrorGeneric(certdb, load_cert('int-EKU-TS', ',,'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); - checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-TS.der'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_NS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-CA_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_NS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-EP_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NONE-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-NS_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-OS_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-SA_TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLClient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageSSLServer); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_KEY_USAGE, certificateUsageSSLCA); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailSigner); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageEmailRecipient); + checkCertErrorGeneric(certdb, cert_from_file('ee-EKU-TS-int-EKU-TS'), SEC_ERROR_INADEQUATE_CERT_TYPE, certificateUsageStatusResponder); } diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ca.der b/security/manager/ssl/tests/unit/test_cert_eku/ca.der deleted file mode 100644 index 3c8fbb38546598f788b0e5445130477ed47217af..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 684 zcmXqLVp?I)#5iFAGZP~d6CTvEs7x?7obDMnXmVm+#-S zWT|5D>f5oa@^&4+a5l{3vA%JX!hOep-PSHAZ(3FF_b@w}tjv(DbK1Rzbu#NoYr{*k zJA?O}`thM=M%tYZ^Lq6gUHkk~U+n&T{x@&hXB+j&?&-T{D%^DEJ@ae%tOr>?MdfB& zKbmKn!t^BE?UPI>*G@6jw92l}vwUx;*l#ene`ZGL3b(s6*Kbz-99(?#cHq^tpcs!I zKf`;Om>C%u7YiE*8t?~jiM9{M?-`J3RC-`CFDe*99hq_a6<`^Cx=V!%4ggL)l9gKhQbeVfwGBqhiYxi*vsc zIJafadHm$(`!_qj-FuXinsY|t=jM)YTSK~SEcb`6`y3H8u{42)_qOCKW7{)dE-X48 zF|my|S?r8(^7(X?h*Tb%uW!t=PR{R;wf+8t`GsSg%!=7(8S?n!7R^!l8hlTbW6E(> z!P_&xOo?`xyiT9tc;|#!QKbj=OWaN}{$9ot6;~NAzsJ<%49rc8{0uGI$m!@L#`UqB)RWCF{d<4UoY$O_rLIamp8sOW=|%bXi_Pzb zZkggg!){IdWe@A^vQ=3XW*429ORom+np4S^;8+~sssDXP64RU98%GZ})!lP%E<9et zUh}3QuQM}i)|#J^)4Cocr568dUX=6p!h}l`(!v+b_`1z~+1u&QEKCLr2HYSf zKMM;p6Y~!PF%Uj12Yet!gVe)yul3I@InJLbgV7MdbteRnoo?*q^tQqOa3$xZG-Me1Ya?m`U*<)_- zv$Nvfy|eUwwAibB?^=Jz(Dg*W&jyhn8Pm5eDfO0p%dl7esq`Z&DWlJq_At%8FTCPn z(-S!v+tg&08>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+e!oc-H^}IdNV?69Z!-b0b4jV^gyzab6=3*96KnP%>07kb~$HPfdkt)I~L; ziBSpJLPk~w<|amd2B4d`n3@r}(-|D7R zDu?PD&AYhz^0Q9kjlE>TN4BE*do@Z9Omw~x`Inb*!zr$y&8&N?f4yFN z@U8u#=WkT!eR}LX@q_BdSvNN7^&b4ay}!)up>ovYx0^0CZm6~qy!kMv-~K4GzO&l1 z?JX5js|~tWet)#Bt~LBi{j*MP$$e=lO0u`SwDf=WFs0>rZ{)V!_&H>=%DyupUI8uL zq6~Qv|MLXnb&fO{UF*!9F~RlIrkbn!=O2ultN%17N>;(-vZGdsyg=Nx#fy@1h89cuU~D0Z?p8jYpq6FTkF4e?`>h^H`$_B6FK`y;<=mi z`I~d>U3YZ8zrR>Td)*q%uM2FgEqx!YI6k>o#$saX%c9O5D+3qn1ymTDv(2Bx8P~Vx zO~9%jZg=FiRJ(1B(zp2dPelE}F&2|eqWuc#%ge6^mCGnjzNMM`l`B7tIgIhTX>pnU zk*2yi`M(;H?{a^-k$Qh#yk^T{hOJL|C+QhY-rj%M@8!xr)j9g*+3UK_oVXMv002ks BC076d diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_EP.pem.certspec new file mode 100644 index 00000000000..dc6be4883a1 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP +subject:ee-EKU-CA-int-EKU-CA_EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.der deleted file mode 100644 index b13e83bd4ed5fa3a75ba2ae0560bdd940e1f3cd3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 774 zcmXqLVrDXEVtloLnTe5!iG}gKoUH*b8>d#AN85K^Mn-N{1_KpCB?ARE=1>-99?8tS z5?xpCP+e!oc-Mef=&IdNV?69Z!-b0b4jV^hm0ab6=3*96Kn&@IStO^iy&4q;?vU~XdMX8^jDi>Zl`k>Tk9Q^Sd3wSSBzvDbyKd3*NV zBT42J?Lloq3W<85tcQEdf=aanxL&)8M=@8+9@3d~a_aX-p&9#{FYH-h`)bzZ=-^K? zH%eaFv-HTfdr9XWzf}%dl9`hJ`ZCLh{nK+-FPK*LGKFXI%0fTeSuEap4(j|5Z=U^Y z^OntM7_`NP5PcQZo0d~?eyrn{^Odb#hCxci6b z3h%U%?H}iz+ite=h+jsky#Mn}8DTwfWZ8k<$R(4=)qed?}8VO(}-06W6%dyZ;uR$2#q`)7=ecJH1QmjO^{t?YDF`VLy3J>xq?f-yzv=KREU* N>nYX_X;+Mr0RXcoEf4?z diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec new file mode 100644 index 00000000000..66f8b6c3718 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP_NS_OS_SA_TS +subject:ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_NS.der deleted file mode 100644 index 00d84160666d95e19dd65234458a71e884eb8491..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AR~U%#939O$>~p#CeTCToWkQK*>3mI7%n41{+8Gvr$VrpV!WH|Bh^r`7iPU^DTmrq?iCGdlL?r-K$Zl|?hmNOI{ zJY}@I>-Ut)rqk|qu`9fJ-DUA~!VTtz*?GzrYCp{q{MB~hq2Q(8R~GNoUb|{46T41| zM-w|A*VKE<_0UgtG~QddU^1}x1IjcHzeE(T>m7l zmU%0;y?x?=H3@N3e7DS7cjn=ayweq}&DME7U)~6HR34k56=blvWQM2Br|wh*uI(So z)86t1$d=p@2lt4UEJWLB{ki9+)m6p~^PJ$K6go%haNTqm7S`TX>`+)M9{iwBzMGBGnUFfKMSFfiZ*hNP@83zGqZ z0XK-r&%(mY#QeiR48&1oWc<&ESeahFcR4p<$Yp!+DSH`R9 znYSZEnol2_v^())dk<@XNdGP!2llHS{r?|aE7A^A30mor_-3<&=;Ho+JX>V-HDu1d zeUhdo{N>QaWDUOL+nh&Ubgnftx^ncv!B>`#^PWAZ)Yo~ib60%vvDR~o<&>qG)=k>| zROxo;`i!o9sT;oY>Tdb!w8B5IOh{JjX!dPZ+s@KtjhJ9(<;G5l=-0cyYlPof_}XrB z(lL8GTi4iwmHq5q4dG0Q>M{#U=N*v{_&oo|JNN4>cbR1pX1q;H`0H@GhD(t(tt1Hm D?7Jz4 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_NS.pem.certspec new file mode 100644 index 00000000000..13992cf2458 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_NS +subject:ee-EKU-CA-int-EKU-CA_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_OS.der deleted file mode 100644 index a125997963e3b22faf190a228ae4fee87d95db45..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6ANShhfM~&Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@`U~U%#939O$3mI7%n41{+8Gvr$VrpV!WVjQQ{n;mIv3EyWSj_Pi+r2+>b*wvLa%$!2f=HW? zy}p&lpT9R|751B@|06o;f5Vo>nu$!;t)gO{a_SX)_c*)0^W_SeJrCaQdgE-&?b);B z%)HB{`z`zK$Sw&ya7W?FZ2v1K7p5p3xBMV1q(9Yjs_N!VFOB0j&f~XT{&K}+E@sts zX@&h;cP(>CTp+9y@L2lw?%5%S zkowrPT&4H<@rPm;nk7Fc&6E15b-C3$N34DY^YV`@;vG{zaV?EzyqovXQ{ut;mUY5AXYLJ%8TuWTi3x+^V-a6+ax$AYE{Lf!+8K1qpqLaGfgV1S@`7B1#R~!P_!!l## z#28s8E`BZG^yf&jj%$ZiM|s_fE~CdaOq1@Zbmo0-Syw$@z*5xBPwlt8*dED_{inp3 zqFfSx^%-it-Rrvj>Z@*3?vN23`E$NLs^)4cr)`# zbX~neb)6mKgB=az#CZ)(42+G;jSNjq3@oC=d5u6^6DZd}$xy*S4x&>$H5IB+7uAd= zMkQnm8Ce;an;7{SfKK9KYGPz$n02IiqVz$YjJf5(obqoDw-BD;=9-}y{% z(3{7FG7&ugjvnsW6te4;*5(Ma@<}D3F(#$V=5OMD8mC;2py@r5=KPj_y}?A+{gtR=j zchaGHW}7BA!}C8c*t~F8lu3G3tF|Q5xNM(J)M+MWMh3>kMg|53oWPKj6=q>FU@+hY zG5J|on3I#5s*H^PS$GV%*f_M=7+G1_nVFD76&Q`cP-SFjb*SfZJ2$oSK}Fz! zqYVLE*QKZaV9>~37x8~F+o|4Ch0}8{$`o7JooG0?ZAQKS^h{Zs8+RHQ^QPDsoG*Db zZ;8UEMeollc!$pUzV(62#s!ym`0%d36(jpe$99&8`-EvvH!!P4-aG5l-4_d4_p+BhmQd-8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+e!o_>f=&IdNV?69Z!-b0b4j6GOu&ab6=3*96KnP%>07kb~$HPfdkt)I~L; ziBSpJLPk~w<|amd2B4d`n3@IF}y&zrJ#e?|xUi}lPqmoUBdDmBnsba=v# zM?W-_l=t{d(tXN4sgCvCjQzVlZ8$k;u^126@7l72Pkspz3H(y0wkrr~e>|~WPf}A} z=FIhL-cGlV`qXrKJGIu&Dq6Q$P3Yq8M@t@-1=XBWOf6*pdVj^g+-R-;5lIntm&5ay zByit}yYYD|@4OSeOQqVcO*&I}c4xTy+vy)7_q=VlW@2V!U|eiuU|_%r3`tpG7A6A* z18xwLpM`~)iTQ_t7>J|F$oQXy$AF8CLz|6}m6e^D2{}}O(FhDxMux)OQwuttg=v<& zu2M8vG4&jG&3C0D&o%G1`k$D?5%&1X&Q~8)?$3$bd`Ix>^}w~!XVz{qSl{umkT22N z;=qGlPHUECCe>BXkdbbg(C(&ae>8jk`c3DZd^Ll)TE0ycWq9rIW``1EzzWyI-1#=? zM?)XjJnC}bZmMoF{oM0bS7=VjRHH+0)+S71&kvhrT3tW)#p>@yd#?2vn*I2`e!g$Z zKG8Ys9ilI!qowSPuQ=H5vx(A-J*w1VmS3vE&hRGsXk*XbX|}n|zKUt-mk!MSR{bom z|FNK^;;$D64s5J3n6UHugr}3Z@+N4eq{s4FoZNLz-eilH;+idMUY&b>>g@8**~@je F0sxu{EZYD8 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_TS.pem.certspec new file mode 100644 index 00000000000..59beb877117 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-CA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_TS +subject:ee-EKU-CA-int-EKU-CA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP.der deleted file mode 100644 index 7a62c36e94e3c768e0812846c922f3c1359b4c53..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 744 zcmXqLVtQiG#CT=_GZP~d6AP1d#AN85K^Mn-N{1_Mz;VFN)n=1>-99vDF~MKYj? zQ3=^9Mpg#qCPsb+pli68niv@wu5}!4^v&Au-#iuiZR=eo_Gd*e)5?hTvQ_Y!=bDEMAai1zwBQzTs8m)rTa^aYbU zM>2&S4hb*uIJRl3vGw)O(~g|~Eo`E7;iy#QuQ$Ph#_I2Erg(MlcsSSJeqoNSn!xND zGuA_!j8ysyl~xqFs4TAPN$6+{l?{*Ez4Cs>P0cM^J(~XB$X4W>HvM=&VGo}rQ(~BS zlkcom>4u&&_TPNxU@o$Ly1}c@(~PrApZPwpJ-AKy`Bk-NkF1)Gg#I-TNZB*R?bS&g zlhQAoTYmCCnz80o{gTCxo~iNhe0fyUy6XE6X+tJvMh3>kMg|53oWNj|6=q>FU@+hY zG5J|on3I#5s*H^PS$GV%*f_M=7+G1_nVFD76&QiQP-SHJR9|7o*?ypWV|~%b zxt)=&QEic{p9<*TQ+dVmdrq;4s(-=k?dMK&)fId?{JEw?;pFcbTU@LI5`APQ)`)s+ z;o7IOYp$Wi$-o-^zcV++Pny2(_l;|ZEMgkE?srUoGhNea*|rJBb)F9yR3AxX>^>;2 zysUO{^Y&g2sjFH)OlQ2``kqhe*3?vN23`E$NLs^)4cr)`# zbX~nebzKAE{elhT#CZ)(42+G;jSNjq3@xI>d5u6^6DZd}$xy*S4x&>$H5IJU*-;nO zj3!1UWD6Nt8JL?G`5Ayt;$muIWMtU6Pw(4;8IvulcRo2+co-LT9>N!9N7LP zLh(2MvD-JErid`OrapNuX3HIZs4jEQlcYNds$6eQKVe(DopIZiBuDO@Zw~(1b^37A zmq{o8URzk4)v)M+e&+7t)Du^ICrta_X{EDA+vlD9uRvwzosah+LW%7P9Kk|oShv)dMwyhj2u_mnI{9_^q_cuwePU0(dTV?w|JwBv%&})=?H+qP zFsROpf4XGuNfR0IMZ3fDoP-^wGO9SOsFnBLm}NBLf2iPGCsN3bQa7 zFc@%ynEWg(%uLKb48%YjRYu1DEIbBWY#iEbjI6Be%uL9k3XDczs4_CtZr-xJV!@xP z9qf1NFFpERx;)9KE$$JcrDJ-t{*}yY0vn7j&sit>{$4)B(APEN~h z;&bxic;L4s{-JidncM8!CPvQ>&D|XP%A5OlL2hk9R7#gh$GeKn@g{E;H7G8adG}RM z->WB9?Mgy+?eTJU(!MX^ziKv!_X@p~)STfNBD;Lb2l2NTpG57K+|txIY3}ae*R7|% F0{}`3F(m*1 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP_NS.pem.certspec new file mode 100644 index 00000000000..8cefd22bada --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_NS +subject:ee-EKU-CA-int-EKU-EP_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP_OS.der deleted file mode 100644 index 55ed1c8b2cb2d266f7954dfdb425c9ee0f5cdc91..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AM%5%v=LrHcqWJkGAi;jEvl@3I60(JitPIRejQk8hH*qmFF)}i26L&S_=M*Q*K)iTSLzLxHM>tV6rxK-pcxkc_(!u`b;@41%OKQPx;EPHYA z-SXq!%o}tU1ijf~Y#x%ya6i$&>`l7eHH|C5k4~&gYF63v^XaCYc3xriT=i87$u;@? z(H2^(n!l*^y!y8{{?+axENof%_gR{?zS8GAUwk+8XPdElN0do<-$GtaCT2zk#>GYk1_qqKkdzf>VKQJa z;07`ISy-5vn12|EfjFv+jQ?4947k`hwAmP0S=pJHkV6$1jlfW4WazsQ-spQaKY-`5 zo0L}A$Gy9SxSdt5Mhjcyex3IDhm7>zS>8ud8oId;7A$$ezdiMB%Gsia*2ZjGys`p} z%l;m2o_t=lpu}`@|D@li9_e-d^wXClqFD|JVPoSau{mgK_iB z=?%~2luf@($$TjDDrHe7xApJ?C$o31j4! z;5D3eWwJQSHhb5e?dP-8Dtz8~^#&g9_Ii>W#I(Zl-@(<-ce?hh%axSeZ>xVHx()!T CZz50t diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP_OS.pem.certspec new file mode 100644 index 00000000000..0d7acfe6790 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_OS +subject:ee-EKU-CA-int-EKU-EP_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP_SA.der deleted file mode 100644 index 9879a4093ad00f7476d3069add5acebcfc589faa..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 749 zcmXqLVtQ%N#CUN5GZP~d6SM1t3kJMwoLX%jZQpqr8M#>*3?vN23`E$NLs^)4cr)`# zbX~nebzKAEgB=az#CZ)(42+G;jSNjqj7+1%d5u6^6DZd}$xy*S4x&>$H5IJU*-;nO zj3!1UWD6Nt8JL?G`5Ayt;$muIWMnuwf5{aO$0e!E3%{~6{=M_3!T6>HUwS~M#`}a@ zdY5NRl-TvC(!lxGtmj*1^zYwo_ae3H-kD%6JFdt2pK~wGVcaIYFZ9eJ#i}_Si*Kx6 zB)(bpsAxfG`I)}Gogo(vm>js4ka&*0)H{LU)vcQ${BbvCE?%GF^fN5*tMw$sPOCk! z4}7jZ(#U9PBzrujDEt=|x_r=PQftBHBwMG|d0Hx6dT;*v?DYMY#4S;l z-(IP{->Lg)GF#;TbJ-hvbaO(t&E6G|se;D=N z+Iy1(%a{Ducj_MtI7thKe~^}XZeAVhFSEB;OK1T(++2ow^GTm6t{MY0hGiQaV z1KRi(jPCa?+RxSN6}?rW=#&r`wLI60(JitPIRejQk8hH*qmFF)}jD{AVwsuCS|j%LltFOFv5Ps``AfC{j3ad(4#| zkNi!yHyTv;*>I;?b$YA03BQii3sTg4ox^ISenNTgY`sr=*+jM+sff6m&ed^4m)~^f zwB=h1l^#r(o6&P-&ZIl<<_JheudL7A@o*!D=j7J?z5gYeJtkfc6Ok2r*S95Xi4CU- z+Z1Nqy^m+I&JEtgsNny^`Nb5;^6S%?KKgw>{r^j%Qjf>usFiM?EY`VxzjcxIs>8w` z)1Ds_j$CmwSKCN~PpEF0j@#jkb1t!7OZ28YAJ6g&J@Qp&yKRrb?$pv;F~cigemqT*U+y=Ml>-nurw14we_?BxrR+vC0Plty)vr(3qVRWbey;q&9L zITI;(ka=#WsmR)eXY;Qa<~Zm-J+$oMje39XF8+h8%N;)CCuKj1I{Bz&<>q9*C7BQB zhI}?_Uv6^Dr*PiiwD;LLD*7w_@BK5uFekN`MY+DAK;!nV<5~4@cx&b#G}=)0e@)X) E0Ic*P*8l(j diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP_TS.pem.certspec new file mode 100644 index 00000000000..aa55bae5b19 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-EP_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_TS +subject:ee-EKU-CA-int-EKU-EP_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NONE.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NONE.der deleted file mode 100644 index 0ccfff208b5182a0760bb1ac7eb53a35442dbcdc..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 748 zcmXqLVtQfF#CTx=GZP~d6AP1g#sdRhHcqWJkGAi;jEvl@3`;=G0?2F6C_Muw&)#>P?Nyhb3d36yJ~Xee(W3(+W+nhMtE?5K-k zL=&SDvUQBC49rc8{0u-BaWOS9GBT{M6YMwkY`i`#Iq7#=kGOc3 zdQ$g#_eReNbJM?97CEGyy}fkF$=B;YDBB1wD)^_HCYvU@_e1+0eOUvI*xJZMUXAtT zzNeZ^-p@D?$?h^GO6_J*&U5{r0&5N#y)s`^U{b-wv{KYI<4*rA$vNg+3S0WGx9m5T zzx7=3{=K>LC;a>tR8`n$qc&0XJ=^wWKeNAPO%S(`(J)i3RsS(J(fuzo!@~RT3{^vK zIadb7h~7#4h}ex-6>ifA^5<*$ozZ+?3awy8aJoydr$QVDCi!x$~O5cHOV+*?w!G#IfT+6?T5N z#l60NSYdVjtFcOF!uPWH%`PgJjO%S@URd-re|1x{wNuyH9~;kps9t~TMyuMk6`{+& z)_;uX&f#w}*WJ4`^UB=AM?3U881L=1^QaGM?mA)~$GmP&SL@3NzWpETzw~aAI-@;T zN7PLGTaU8nu_H|-rHsxE&3P7VyG~Y|m5Ru{wq0?Te5=&G<;+{(`5sLAWYE*$^i8|D zTJJT>cK-$EbN5u-wtp|5xjZ@T_3y{=GLOrW9tMd7XWv-bs(JqSr+ZUa>UBlcRc|Q* E0A*Dx$p8QV diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NONE.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NONE.pem.certspec new file mode 100644 index 00000000000..6cfebf4615e --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NONE.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NONE +subject:ee-EKU-CA-int-EKU-NONE +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NS.der deleted file mode 100644 index d4a7e079411ecdf4490225d0fa4d247531e8cf27..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 744 zcmXqLVtQiG#CT=_GZP~d6AR;fb`JwyHcqWJkGAi;jEvl@3Nqp)`#KQ9MutBfwPvvjA5$6Ueb>IeFD;BUzwS}+ zr#b6WZdawBef?WZ{%Y@&y`1)5yZPqnnY=yG%E_y3wC`ZXYYXcyHcJ|>PMOaxbm{=h zjPHxLvjzn_Jz;y;&??N4d}r~rOFQ+CT=ch@p7!l#;jI+wS+Tin#@U6dH1==1{$Y>P zY_`^%H73C`%RVWzEt$CJTxrhcrY{Qv3i6e0=h#dBtFpWrfxJj2W=00a#YP4O2AsfPloe)SGGH*^ z1~K_rSeTiZe;9~?II4_{|5jOCQF9;HrABI$w(9}4?VQNSYhoWRkxV8{JFPR*X?~2x$hw3khvi@!CmwxQLe^{&Qy>Q;2-F z?9}^%-LH+B=eM>>2dv11|n?Cp)AZiyqS3= zx~|@#x_-g&{=o)v;=G0?2F6C_Muw&)CI(UByhb3d36yJ~WT;>u2hk~>nhMtF?5K-s zMiZkFvW1MS49rc8{0u-RaWOS9GBVt^`XRIEUi&SLkfZv15l0_>U&H*-lHtkwdB0-5 zYwQospDpz$Tx#p#oI?{<*-f0LpVPQ{bJ0r`p7@-`g{*2zADZ5Lw=u5pyu%dvgwX!z z=SH)nq&GgWj{hI!&|o0B>Uj?HwG%#)Yv-Kbc>dup_wFN8l@vI*r``)VaFI3o!2wGj z9*0xOYtMfXDrH-kI9X>?UUBK7g-kAIx^3Fdv|Vw2@c9z+;uu4g>;9RJuNu~;H2!A| zE2v^I=GF1%=i17ga&=Rc%8peO7EO(L3%w36p3;(D z8m?*f>U3Ay!S4%Byyu7#pO$#N;m*7-#TV8XAO0kCkcpX*fpM{sfq?-hFeGJ#S(pqM z47fo|eijyHCgvXoVjzwxBjbM-9s@2m4sA9@R#tXqCge~BMk6p(85z#CoY7^Om$hcU zMx)<-$Gg$q+jnFw+WY;K_vFr~`XkRP4xhWajZZmyOY{=fxhETU*ab~B+@;AaoN1ch z^ZV(h+zjR>(GzR^cCCFFq*sDnM{=21KPeh zt>b#-&&*ky%K2bv>bL4AQ+7Gq*Kf$Q*PHt1dhK^<<4gBF+*_xw|1m{&I>++A?r9eK E05@kR_W%F@ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NS_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NS_OS.pem.certspec new file mode 100644 index 00000000000..833c9affc46 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NS_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_OS +subject:ee-EKU-CA-int-EKU-NS_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NS_SA.der deleted file mode 100644 index 0c02bd19f07408d3ddd578062c89a2d77366dbe9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6APp1c`XB8HcqWJkGAi;jEvl@3I60(JitPIRejQk8hH*qmFF)}hd%ogrYx-L9#gG9AhzJ4PI>x6mwSDtO@&-6az zG}qAgS`qs(vvX4qY`knQU7T_ELb=9AyIG1;f6X{orJ^?ZV@Yyx$>plM!Edun4GZTd zEe~7P7kB8TXn&07`tbHV^=~si38jB%{JA+NSG(MRlPP_p=<(f?910IyZCtS3*t$!~ zK09!F?)R6Cd#}C^zGUxp)b;f1bBg~>*`YkyX(7(wRsVPGEN*A<$c+8x zF)7C0Li@_^J07}gidd6F^uZ{Jwb!byGBGnUFfKMSFfiZ*hNP@83zGqZ z0XK-r&%(mY#QeiR48&1oWc<&$}+;2QD0V zwfF8-X6xtPeoAw`yI63!s;*HnWy;m|xb^IG$CUmlPwu(Bzob07Ogm&w!J4kF1mX4_ z5no-m6`SVH75>pB#_?}W62DRC9r+rac|LJ(v}g3booi`ev%)jbY};3rt;+>f6RK6k z-gY`H-ts}8$EPTkL4B9XdSmH#3#Ij>pU+uW(!6k~){c9hJf2@*bV#b?T;X?lf~xf1 zs(b7CPPEN6t$*LS!180jrurF~i3er9v11|n?Cp)AZiyqS3= zx~|@#x_-g&A;AW6;=G0?2F6C_Muw&)CgxG%yhb3d36yJ~WT;>u2hk~>nhMtF?5K-s zMiZkFvW1MS49rc8{0u-RaWOS9GBSKuUntda@#0E8(YCfrCtFz)SA0-^xOPWgjh0%G z_N*=M;x?qXJn-IW&EPm)W77JwbALU&t~{eFdB5%K`^uN?-&@xFevvcturotMPLR&2 z-k9yV&%!3yoR8f9O60JhHn;v?`^P1ZKgak-KHhA+BJP)v%lFF<7d5<`x%ALP%k@9F zj!*Tu=p6n*ZT;H(8#mXQ>Pk+S-qJCf-?-!9efcWcDX$Mce6&73E4JF9qP=*=k6oP? ze3F(0)E~3?;Gf*6#mFqNs5^0nhWswuvNK^zuefQ2S?q;v)*;4S{kwgeg0Awup2)<^$iTSR$iTpW6Bv@R!YoV% z3pXxMahZt>sHp^a~5up3CW(H GcK`r1W-mGb diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NS_TS.pem.certspec new file mode 100644 index 00000000000..50960a89320 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-NS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_TS +subject:ee-EKU-CA-int-EKU-NS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-OS.der deleted file mode 100644 index 5324cf3b3a0111dd7afb93d6060f141ed68822b0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 744 zcmXqLVtQiG#CT=_GZP~d6AP1{&L#t1HcqWJkGAi;jEvl@3e&_xvGjdwbn#lK_dFE@@f6LN@^=$mr8*Tw#59)Uoy;*V-|*~4&D4v} zqrFS_Jla;hwc;~R`qn*}dQ62ihkMJjZm#WqJei4^k%4isk%55$ComXgg;|&k7!0^U zOnw#?W+vtz24WzNDkI~679ImGHV$nzMpjmKW+voN1x6q+R2doe*D@TsJjL9l ztN%QFY=1a<=e{Hh-fwSWPP+y!-L8CC^Yi1sQ#Ex}*_~Lm7TrB9abxT13WJ_!_nHB* C87tKQ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-OS.pem.certspec new file mode 100644 index 00000000000..bb2356237f0 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS +subject:ee-EKU-CA-int-EKU-OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-OS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-OS_SA.der deleted file mode 100644 index 318c9fdf02d670f1e43ff0363664d40f1a251adc..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AMFk<6i?_HcqWJkGAi;jEvl@3I60(JitPIRejQk8hH*qmFF)}i|UsA=oIh(0#vWw-@fb;CTK27!8l_3#n;JjO> zVw0b8_QvPNUuPTg@8V+Zx+N~hl%HQ;R3sI|{&mJYF10OR)St5d-X$E6bnl^L&HRaM zeaEdtP94^iYkMg|53oWPKj6=q>F zU@+hYG5J|on3I#5s*H^PS$GV%*f_M=7+G1_nVFD76&Q`cP-SG8TI0!(UOOeS z_TO6hsKZ+>8Ju{i=zf-AU;T=`7p6r_?&HsUW1?l2rLjNyiZ(l&TseR43ad@bOJ>WS z4!GBS{9(krnOnP;ZOv!)efL(cC%5BI8FCa?CYtl09tA!+-9z#r?gulXJA3GV6f zi+}4@m-Mx!_;}tq!^=Kup;wL^HEG;s))T(s{E@&5ZGOKz_su$SK_KpsuQc24rP{lk zPo*7+^UtiA@!~H_k-^81XbXuRv1e*zn&TYdhzL! FGyojxD4zfT diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-OS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-OS_SA.pem.certspec new file mode 100644 index 00000000000..4bc4749d5e1 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-OS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_SA +subject:ee-EKU-CA-int-EKU-OS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-OS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-OS_TS.der deleted file mode 100644 index 4bfe5f651cb23d08c8f80a0afc62a398aa3f87c6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AR;yk^loI60(JitPIRejQk8hH*qmFF)}h7b-gaZ4}84)@Wu7_Z=L>qILG$jQnA^$w#NDS+zn!X7h7Ln#gKmD0=w@M zdFicF?H7MiI&k@FZ|~%FZdCzA{s&*KeCu)IW%#v%_0JZbFn#n~>b>i|exIs+bwa9t z*KKw$%4|OMqvl?cW91oM=35@K&$cz_Zr@OUoX7acE1`gtv@@k|LaGl{M_&D^FSByq zgY8T2&M2O$a(=-P*KXqy#()W8@K|lZ zBa+`3)joZeGkiEL`P;PSwG%GBC}D8?F0jntRPw2x56=B%VrFDuTx?`uV896sNm*eQ zCIbcoZV;27g@u`k`G$GzB=T_b(n!y;k8khA-&o!5q;WU% zSE8YdNvn|d!kgMF`KRd|^Ag(s`^0)FuIt%9d`ot^#R*>77*$`t;GKn*>{_GaZxU;> z53jg=g){Z8^G&7_f!xJ1>PA})-YuN diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-OS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-OS_TS.pem.certspec new file mode 100644 index 00000000000..e1bf5848bd6 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-OS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_TS +subject:ee-EKU-CA-int-EKU-OS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA-int-EKU-SA.der deleted file mode 100644 index 460306e9953f0b96567c086bc7e4b635553b8f91..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 744 zcmXqLVtQiG#CT=_GZP~d6APo*@;(DzHcqWJkGAi;jEvl@3D%hz3a)UClQk@a)m;g{UcT)(@7{=Twr;}Y3_({6>y zo+#G19D7jsPvb8!899|2&8E)>Z4%PinXd%NTxDWrWMEuuWME*x2@FPAVHPF>1_N#o zlb?l!nTh#_ff$IR%Emfe{D{RYrzpZ>b4W73QpMlRj3p z{}{viseMU`g-XF(+s@zo8Pj^$dSda*M>8$NQ|kp*zpu@Ru8wnXSKeyPOww?But5z{ScoJ%PhT z?c!szGl7nZauOQ4Cwk+nZ~fEck2pVbd(F=@7B!Q_TUWhEDwq|vebObB`wdyI{~vz% zf2osS)qy2)pSB*Xc|5s{VZxP@9hbv{PtX3pY^AcYN41K9E=%C#Ge@7al^>Je*~U%#939O$|(=#CeTCToWkQK*>sE}_gUK!L75F3?4E7y<;dLdvuRU$*g!bRo zOsA)cgv4og#EWe#e6Z0bZ}ZI7iRqs^nBqOEH!O?S*b?>LY-h#ay-d8fBIh@$zuQzD zwlF*Gnj>ppPK~DY)Kg!kR$CniX#H|ATvGedk0i^ygFZ`yDSSJazDa88@&C)z z+_fIA6nQl2CeGmDkhEbjH7D%;h`{CN~ZQTNJU|gz45YF*7nSE;ceSFyI7+q^vLtlL3PP zH;Bp4!otkN{KG&D#8G8r{LjK;z{SR)&Bn;e%FfJ$9IC)*1coXj!v?0LoIl(JADdpe za@v(S+pn9|xuj)Z~zT?U*A5+bAd3h~QK(GDsV}ZVF&W4oiIK1Y7Mb5e7 zQY=wlZZW05J9@+pmxz}-?^=VTU&o=j;pSPz$V*9DwIn}-5-}@lO;LW= zXSsXj&)lV9^YZylcWn+4+`Hp;x{0RKDJGU#XP$WNpH>s}_I*(N*?ci^d#AN85K^Mn-N{1_Mz;VFN)n=1>-99vDF~MKYj? zQ3=^9Mpg#qCPsb+pli68niv@wrd>B!-<(?3((sr6lnC3ZQ>inhnoAZPKA^ux1ydc9`ZKd-t`-C}{A_$l>mlb^4Z z`FJ4uM%wv!?JFrP4@>%^lr5L6td3*;!kV;0c_$MyBLm}NBLf2iPGB&~3bQa7Fc@%y znEWg(%uLKb48%YjRYu1DEIbBWY#iEbjI6Be%uL9k3XDKts4_C_PHuX;-6k;A=T>Il z)?FnW_0!IIPB#9sx+`Lphq?%Q&MH5^~#&{L#L+wj^$og z?yNoY8PBp6%?o!eey1H|xK%Rx_(u7hdY@MQisaQI_A$>`byb-#+nm zux`6;82)jFy=(BN-TIG88&)*3O)gS4o|uvSh4;;o>}D_T3Z}1oRTU+B+zbDI_4uq< zo*B6!>w(m2*W?>MDN9|AtxSyAmXv(jyn4c<%2unzmsUm>{$C+^>5$fKd9^*iC-wcf z=ac3xV-o!?iX|y2BGC0r&8y1>SvzO1*^t_%v$3{v-EIZR$!nK<6pp|D-v2{gd-(;9 zd-wOH{nCGZ#^qtOxbu>_l@r$SF+Qu9Wc)p7e)_AIm)IJ+1zySSO!*tF^6;5()Kiw- zeHq`UhsvvzPyVx0SXNET^<*}OnEJx>W6I|Yrr0wvGcqtPwlT0W-~@)GtS}3c0fPZI zh{?~w!py|{!$1MVQDtQO&mv|Z!p5P^#>mRb&dda7u^@*pFgAhV%gC^2?d!QeFQ0$K z+^VS6Y-4q)?cR^IZok**`fN=M{_B_)Td^i!i-aC?wR*nr>GN&|6O?8JF5thgM>fVPuu4U; zWldR#fO)#&wI6DXd`ug5-iTTAYKOzCSG7XXHS@C8%?c2_9^|=k-)|x3?yGW)zXN)D G{{sMM%_tNA diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA.pem.certspec new file mode 100644 index 00000000000..de437fd6843 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA +subject:ee-EKU-CA_EP-int-EKU-CA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_EP.der deleted file mode 100644 index 1d6e19cb2ce931225f388f2102ce7e26ed8b8d5d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6APop#MK78Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@`U<6Q#`~U%#939jZMv>#CeTCToWkQK-Ey$KoO!-Dm4|MQ5V&i zCPpP>I~iFSn41{+8Gz2>VrpV!WVr28<@1br&1rR`EzIl8R*4mr@4hqNNkDS9jlhOM8y z_Lt8vSW&Jk%u&a*gZ!v6ZGb01zVjBZ115RLI$_leE888@d zgP8m*EX+*IKMWK=992ff|16-W;?QPeWMyS%W`eU=ki!=kr@-)KWH=k3aK2yu&w(vOQb)rp%oq|K&`@&%iHYR~P*8noz2l8ExdW|KriyE`iE3?2@{6 zD7z)GFPXsoDDCKhu49{+Q$9xIWzP7tWO{rp&Lw+@IES-!)e^^fmWBp1-D1 z|L%n?jVoC?zKeus_T3A=eELh>ALl2v_tlaQFU?77=4ib<=iapSR!qBeoaUH4nXC)| D*D@n< diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_EP.pem.certspec new file mode 100644 index 00000000000..db6438a8b0e --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP +subject:ee-EKU-CA_EP-int-EKU-CA_EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.der deleted file mode 100644 index 063773088def94890b7226ae3d6dc2664c9e9f90..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 787 zcmXqLV&*q!V*I{d#AN85K^Mn-N{1_KpCB?ARE=1>-99?8tS z5?xpCP+e!oc-Mef=&IdNV?69Z!-b0b4jV^hm0ab6=3*96KnFf`OR z(1nIS_O^iy&Zee6)U~XdMX8<~vi>Zl`k>T0%3$NZUT^!+hAXzW}ihj@D z1uH}fHd#d!KC_woOzu&dMz-ZsLB<)<0vp(L<)7y_neR2yRk#d(8tspI|9I_3{irYB#dljz=}wB8;p}>Z zv97UGrP|fVnf0q={o5n;5BO|%%y=tq`_ooM>T}QB&J*w67w&m~xBb<}19K~`WgcPg zu)g`GetE;PTS3>CDDF6VgrnqR!BpW$|3z=qb(TI$KEdZ5&3LKgZ<~^FB+pj2HFCyB zZTKdC`N7R77T3F@!uRqrE(Zm@1r13Nx-ARLub=$K*lcNd@0H!u*6nYZm>C%u7uy(E z8E^svR#upW$$-It8^q*iVPR%s{sE3QSye{H|14q#B5WMmY>cd|?95DX77KFt0^=GO zzKjgzi9fx~A4V^v-<9_Eh?&q+W`hsQUb9(nX=K+pRVo;@fL2 z^mRtWZQnAx-Icc=v2JC&{_*v(;HDQJ+Z^kU?hj$@l&yJn`u}CCTim7>6!-$w^fM1u zbenCNqq`yC_M@%;7fxIiHJP!pU&`r=&$E~EOZJL|oC)|E;@r5iCiT2Q=aNHtUo&Iw R&i!PW=PmqBZSuPnhXIOiGCTkP diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec new file mode 100644 index 00000000000..2af0eb0d4b4 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP_NS_OS_SA_TS +subject:ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_NS.der deleted file mode 100644 index aa45882ea9b534cf9db06dcbb53390961d1b8709..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6ARGiSrtPxF%4pfvTahfg(hwRB9?rqicXJ zsxeKBO2~FHvNA9?G4eA2oyEn}#K_37SVZo7;ni)N(dry(cU=pDZf$x#J23wHLNm7i zhQ8hPT1CC{-mZCke?@xADOt6fyHEI4v}DY!?YeFBb>BqUWhXBlPTK- z$j=Ygw=F(;;qT18r*FHR^`?7&m+a7Zm(}xj#hIkMRduU3zni`*<;<_$&33O&NeXX% zzawR)>)W^dhXS-%Gxj}_`1#~@LiFt~Zf=5m%Qt1(>~&y#x##o^#`R3hj0}v6Z49goIDvsFE6l=V zz+k`)V)C=FFf%d#Fi-$-R2donvw)(CLz|6}m6e^D3C?0c4qsrL0>hV)A)$EYU;CD| zGJF^2KahF0b@e6*;k(Cn?hBju=gEuO+20q){^L^L<(YL~l+&hq%an}OcVZnfR|%cT zb*wiiD=B~V@?g#5#P)MD?{K~fn&Wsr?3uV=6UzyMB`MDq+!3EPxm~D7^#2ykId_)* zc(TdYKv7_-P2s((22*4#Prm#5VAB%kmu3$2<}X)mdys$ai1F2|1~JC$M zr}%hYY;yAP;A~d(lX($lFKKwu`QM66=dNA%FA8cNKdygi+6sA}?qs9mkLIp&(e3Z~ IbJM>L0Kj}TjsO4v diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_NS.pem.certspec new file mode 100644 index 00000000000..6909ad8f825 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_NS +subject:ee-EKU-CA_EP-int-EKU-CA_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_OS.der deleted file mode 100644 index afaed132a21bbaa715e04c8e61f676434758987d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6APo;elr7JHcqWJkGAi;jEvl@3K7Y@*9o7fK6~YpEuV#N=X8dDw z>xqXY&$(GMUdgjLNZ6m>5q)2&(%nYBi{qQe{JD?K%&Q7HRM#eOH12%geS-HASK7S; z!H*wgh17hy@%n(P_iWF8dzU#!sv7rs@)_L~v4~q)%EZjbz_{4Pz{-FV7?`rcEKCLr z2HYSfKMM;p6Y~!P1rSG-k?}tZD5^NL*%(<_*_oN(EEeSO1;!~bd>I*9A0J!ZFKbq; zdAwBQ#BSH~j}Fam58owN$k21sCwA+nDIQ(CLTk$weP$@XarMmC*LDx>yXB%77td8W zA=>F!;Qw?%W5lI=rS(a-1HO76{#ku^*~Ty#ySJAnwl6G*GhEa0uu$pS>iC(L_`M-neJNLp*LB}Db^^RN=LEl4?DA*%fr9I{r#?P@C$smaSA2b#wqLGwbooLX%jZQpqr8M#>*3?vN23`E$NLs^)4cr)`# zbX~neb)6mKgB=az#CZ)(42+G;jSNjq3@oC=d5u6^6DZd})lk_$5u#HnH5I1OH9!~D zm?lOgWIGvI8JL?G`5Az&;$muIWMnwBW|cAf)-r1bj+c{O{MohT)AvbP+~1=XrS)87 zyy_?sH5-<>v=1o+L`y*k>NwP~x8&e7qoEQ6$w{f4;q|ua}qYx;M*? zW2(S4#tBJR3X8R7IG>S}VGBNR<%IXerL`dj7dqGO`0ze$!eNc28K0Ex zG7T=A-|a9r{psE6nCm(_r|rJO`RvfO_5Yjfeu_uWEa9B{$G=7QePp%whVs@g^Cs_I zrr)$aa+1Yk$xqU!>tCpUG=EWE|NL9!lOr;A^JDZH5}BA885kGa7+4u_0s~W4n1#uJ z!GIgY( zY?9A-lwSq>J$tEkN=%_|jbzAnoh=n1e_S)Jcd)&DeMj_d`R&=2Nw=AmD!RYT4i!kx zoc*Ps{HgGRrCEPgv8@bieKE=OUgLs|Z&D}BU^7ejEd6@z{xe4W(?xz4#=I%z)5|-c z@@einjoYs#x=j1f;MewT*0fInvLEVZiL@`AG*@-W%=VeL-Uj|zdFi>YnEpz`3!Vnd z+~Pv9!a9E(u*2YcAqSusO% zcf^(br!3|6$}V;0tZjNGl{BAkZH86Qp@4kW7Y4j62lcp%k2Wkb*rl$2v)kYp-)F5O HtF{6FlO!d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+e!o_>f=&IdNV?69Z!-b0b4j6GNjYab6=3*96KnP&HIGP=x4|N==1nbPdo& zHKvJC3E56YRtDxKMt%mMv$&X=7#SJXI>~6C5izLPyKC3g+xIl5|JD9|^-GQN$}J+F zqOQt{%;!6|L*$sQd)HM}8`nF!@mF_gGPHKBWZ2~ScF&hJf5V>t>2W+eHG5n4v?m+x zANHMnBYq#>$IovwcK-XvYdxPy{L2<^(>Ra#C7n}_I^DSN#bd_JphI&j0*|FIw-+UM zuN8LB7mS$n(@luogn{Gw)C$wtY$>g`Y)DaQ9mvh-n+2;y*1kr z6P*LkHU?G(oWQ`86=q>F zU@+hYG5J|on3j^%T$dB)?6r%gkIqbg?I% z-SkXe(X~urW9Hg^@stwn_8X5UUOgR5ymc(Mj9* zJE(Tw#q3G}r~KM)nMwx?-k1pHZ0wg<{BxCI8)McdIlDa!nNPwCw;4+$ecbx>(~{}m H7S{m)#i%Vr diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_TS.pem.certspec new file mode 100644 index 00000000000..f466f456262 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-CA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_TS +subject:ee-EKU-CA_EP-int-EKU-CA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-EP.der deleted file mode 100644 index 9aa333f92f2537409d0ea7ea9c6c068b62f4916e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6AR<&LkA3a**LY@JlekVGBR?rG8l*&3L6NrF^94+^KfP6 zmFT*9hw8cp7|4n98k!gw8<`s!nwl7zMv3zpfw(46u7Q%Ff`J@Fn|Nv}SeLV7yla3i zk{L~mO31b`vNA9?G4eA29mK`d#K_37twN{l@|%6eC84>!tF}L8spv9pdnG@4wZXZK z`fHvnx!G5=K-6=m`|>W`J+8Cn2`^VZIO(SBkEez@^YWdwMV5St*;w~_eu1;+qO$Jd zPRH}VwB!1(w@o|rYIDXWFH5Caui4*zd|X&x+j5J=E;n@5=?C|9t~s#H6$?53#PHd( z3iX5kBWG>d7qHJ&n72QD#>(5zxBKK5Z#VW>t~gsJzAGiuF*ojIE}#E3iRzMBN1jPL zM%2E1^1*H~b8E(V*@c~xmS^sgUn;(*sQiWJn`9`G6b;@#=gRU7)=H&dxE;2@{#g2GmoqfE?<42+9y46F<|fgvd?%)(^A zV89Jx^0TloGco@#PylgM85#exh#82macHwKva+%>Gr?Ib$l(i&OwFK&IDv8zMn-S_Tt>%GPcesr$Q*_!^7LuGUQ;#Ctk8RrFV z{&?fLmBk5my(w<@w%t3!6+Pd21s_{gWSjhnpbdxSxt1S#mv(cdWR>sThN!#me!omm zKjf9s-}7STx4#Sd9AfSiug-k>RC4+`#Y;1UuE@VN>A7Az|5j$M?Y_mcpRLh4oWYQB z|NWNIe~PR=ior&UzCC;9WbSn6z|xt&CnqLMx#8(i-Z}SDyxn3}lP7OZ#V)jvn)6TM zaeuOfGgy@t?O$BRoc8qro z&_y+-iBSpJPDWM+<|amd2B53Bn3@lG+kPI|J)Tnm}dUd zDCM?jdmfjt`MmDeT@GUI8Joqk9UYpdu@!AOZFS(?|Lvx#zm%62F4teA(Lco?t==x{ z=fb)*rIm#fgcK7L-<*!D?D;BIBlqjqNw$0cF5B;B@V4O&Uz)kG-Y<+>>fUARhQ(Xs z*|*OA&)s<3YyNHa;5~b9wBP0_v`B5RU%zShB)-6#P8R}H3qQS=Hmec;@l1&${^G8y zMpiDm&+hJ=b1!^lcY4v2UQG`Dw)QU)?PkwQ+%4~lZ1-kjW@KPoY-3<$zzGaYSz#6? z0|oP5Qb2 zbz(K!&D`Ivy&o3uoE6aM7rsH9Kaul9eD0>wO2xCwpUPX<3sz0zoHR9Rna5t|U-xDT zTdi96E_{E9g4h(@6aCgM(rZ*6l|-G}mvr!@-04e((vp@9-Ri!pL@u#5xu^lTcU4EV!d9M`lksKLLO^m zbeb@lryjfCu4xuEZDaPimtyS9M?!3_u~eRWd5@_hWT2c z$4w50=f^%>r*h81&&BKU9IsEO-|BI$`m$+3{eNjEUhYF0wl=>v9eEX8S@L^*g;ajd zyHx-INC5Rx#x0hvF^p_ofY%ayKdh(nBU3tXcjkb z=>A=j%I`|wB!Bu57rEu>-IQ-a^@|SF$ba5ws&j7R$IlLvmn!dN{$0DOarX_c%RToO z`ps;+%gHm>$Mx|dqj0G*^+c&aq41GV>c5}#=s*S9(kMQ#4Ok((49eMkpxW?l%wl`R~bI$eZ zFJ=yLNJ)y8ikg1*Qs-p1Z<5dSIrfGzI8I&VqNS0~rptIHR$1%t#z2myN zgGshu|M9lgj6NwwVbNZjqn!V4PoAsrWsY{g%@ekFUF^1x%g*GkzIY_(?EN_tTCSO2 z@>tH9+Q(dx7CbR*+l&XU2O`Terdsi9&S^})*Cu@G{o?&g1pPg9R6QFMzG!TV&3eKu z{$WpNiL%i+(hn+m8O*;dlP;1(oU#-@Z;XEe~NlBHDcA>8xcsy75oM&&^+bK&W_4&rFU@ zh6VYPEs|K$#hhexv**lMoW{SnYeV0c4GoNkBpnx4$$pC{xxP8+=FN#BGnec>`eBMM zOUX^HKTW$Po2C6@jeGU%Mcbj+a>m)y3OCG{5ZU*h{n)SG&)H1Oj0}v6Z49goIDvsF zE6l=Vz+k`)V)C=FFf%d#Fi-$-R2donvw)(CLz|6}m6e^D3C?0c4qsrL0>hV)K}<-^ zh_&uoW?6a1jY)@cCu?lmQRXsH?<}*v|FgL#udJKip_psjA7-l%eUzgtmW|75-~I`^ z-M+sHKVf0U5SPn5tJ&`ouS7t-RzP6Yf`^7{f7qOUEcfHpjga&M#`0V|o3Zj~uzUBqI z-_pCXH*nXGEHw5GQY6i`ga)f%-Ijl&Dyaj^0mjYn?LIr KC-DAku>=6FQ7a4p diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-EP_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-EP_SA.pem.certspec new file mode 100644 index 00000000000..a38a46a3c42 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-EP_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_SA +subject:ee-EKU-CA_EP-int-EKU-EP_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-EP_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-EP_TS.der deleted file mode 100644 index 6d2f9dbf69af510b216b4cf8a6df2231ee0de414..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AR;%7o7&YY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;zNQB~U%#939O^hs~#CeTCToWkQK-Ey$KoO!-Dm4|X(b+NH zH9!~Dm?lOgWIGvI8JL?G`5A!D;$muIWMp_V!D1zsb|j03-E^*K+s3yS1rA-llKqWq zJ6rLJ^{38it%_cgH+hHnij{pfVs1Ok*7@xg*qnD`-b)L?#4}E7UtboS|BE}X<@jz5 z>CYZs)2wsSDe2lz*W%~6;d<;9hgkB=l;^yvxp7eQht4SA7-Gy>a^2(mzu};ucI+6P$7TM8UVD=wq^G*ACQ) z%fGV!*du@5E3`4?(%1GqHhS}OiZ!l=swWG*ubJ|1kM80rXBjIl3bXcgoi}^1V8iw) z3Tq3i3w$^)UHSHP-*@ZEhZz?S1YMU(%FA6BrSkdH$qB2f*E2CQGB7T-F|ab=1O}$8 zFbk6bg8?^)$HGuOQ8)~%kh@?XT(!2ZmxPyt<6xn=tf&)B|yV(Yyk{o6*10!>amd2ubj-edp1 zbKW1{Kf4-nb=}N&?@uW6v^=`?<<#$0MGp-2^ep-RNx$`rHT$y@XSVJ9f2Fa}N@PdK z3$fnZrROs?Jde8gbnD}tp^G1vCzm*Ra>so%zPDv&vNrpgX|m4djP_muQ||CjHqd&a M^*!!oM&9Ik0Eyc+X8-^I diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-EP_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-EP_TS.pem.certspec new file mode 100644 index 00000000000..f24e372704b --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-EP_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_TS +subject:ee-EKU-CA_EP-int-EKU-EP_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-NONE.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-NONE.der deleted file mode 100644 index c82b660e3483f95b397b2f17438d3086567cfd21..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 761 zcmXqLV)|;(#CUfBGZP~d6AP2o#5@CDHcqWJkGAi;jEvl@3`;=G0?2F6C_Muw&)#>P?Nyhb3d36yJ~VyI-G0MRI!nhMtE>=^GF zpo?Nk6QdHcjf|`e%uS5^3_wS5F*PwVGQ9XKJu(D;WD1=uX%#mwbEj(!){s{eb)b_-bQr)S-F7Auu{>^;V`co)=zQUA3 zvFY;*muTGZyM9!m{>kL}nVe4-`TBmXTC?Kj3*}dnqOVAG^hyimp6}yNp13IZk=#<{ z6IQxWMcJLTJ5DMZCvodHJ^2$g*X#Kur(OG^xQwfvECe5^<@^iFaC~#^$c&&1`bF!q z-0wQpY|gAde2RT}BvUfOg`KKi{_@G|r8Z4xJg2fR^F-URtB8Fu#^>M zVKQJa;07`ISy-5vn16u7SXPyh@jr{0fe0IiHX9==D?2k2oW+71zQ7m-hA$(7L1OLS zc@Zrut8Sdzz;Q8eb0V)Od)D0DdSWL`9-rhZ}!MtfxzyAcL_XljIF)rhXJGR+3uH}Q%rkw3D z(|LL~ZEQ_@&HLw?PsE-7P1Ywi@d`X>+IaSH$D0eAE1Y(!y+0njKkS61tkkRjrSXZ+ zzpp>_-RGisf`VVhtBEl*dY9Cnb2Ql_ZQV7ubG$`85kGa7+4u_0z*<(n1#uJ z!GIgYS6L0~T(R zxb~~*21guB_%lD!<5Y9k%ERy6Vk(nwEO3~se~U%#939O-u};#CeTCToWkQK-Ey$KoO!-Dm4|X(b+NH zH9!~Dm?lOgWIGvI8JL?G`5A!D;$muIWMnwIv;C28oq}{^AZw7^_bvN$^reo}KHD{! z|08?kk;w_#FWgCO{ZnpJ{31n_JkjUIz2X^rUkGUxoc$wo)!X!is$bgwJAvCgcYZ5tn6mZ3^*dV_ z?yeV>pX%)PDTYne&e^}<^{weIgY7==7W#E%`!*BFGci4ddAns4o7UXuQt9}UY@;{j za2V-aR{aDlZ#>aq#4NbW?YeP=u3LBQrdBYYZ$et30oo!BUcuk*6%ST~)%|ALrho2I?-)0n&v11|n?Cp)AZiyqS3= zx~|@#x_-g&!Hx!U;=G0?2F6C_Muw&)CMHqhyhb3d36yJ~YN%|W2+=8(nhMtF>=^GF zpo?lu6QdHcos6su%uS5^3_w?LF*PwVGMw`Cnwc_b+xdp)mL9DMcR6mpk+=L2E0JI% zX3V7PvuqucJHJCH$G-FPsv~RP$r<;yY;b-fmOn))r(&VmmPpsbFE{`BHgk@m%z`i5 zS`$y6@?%m9I>nVGqq`!jRxRh_**rB7c9t|g8D61=%?zLammA)FIyq(Qxx4nR7ax6G z<8dn^;jcJL+@|=#4Kb;0(?32_KV-(4ed*(!Q@a=6$WK&z6?A2T_q!k8nOLu_J#g{M z-z`sC+ATwZr}QD-SW@+FWpR(d^0>s z?!`$v%w21uBcGYBHF?=XIh)^c(F-URtB8Fz?2nc zVKQJa;07`ISy-5vn12{3fHmRb&dda7u^@*pFiwHt%g7+;HzSl` zM)~YMo6s)){O__N=YP9pt=RjxZpDEo%OtDk?JQsEv$gnqa;#r`E@uhry-jD=&8w*l z**Qn_uQ`9F!JQdqb9*ZHU7VB6QN?vv%8s4+eu?pxMm6ad0xUacOL;%?daIwZuJses zoGseDNsIRWOWVinzH%Kav%1@{d7N)Lx7$7PvU=Ddl^o19_km84-(CTxw94J{f}6NF z4qqutuPm7y_wbBu&5vJ)7Fd#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+h;^_>f=&IdNV?69Z!-b0b4j6BF|&ab6=3*96KnP&HIGP=x4|N=*f8basq) z4bVk3rioDr*-l1Q2IeM4eg>ekxR{z485yo*8t{d8usky4TV-ID=isM!x$zF$0`1dZ zE05W2jVyk_Gq=o2B6#Pd4=0|odbD`!i9VfIIGOdj%@5Z_YbW<_ns0UZ&XU8DTE`@h z`gtEQy&}JeZEbky?nk%(vgdB9u}N}aVEvx(I_rUjM(Kon;imz%?v|IPMV{T5sbR6Aqt=_(7Rx7_|2ksipv>|Zh6_}KYfPw%qN-YRz1 z>BkLQkyHKs_jd3oRC;R(w`(;7XF(bx+jbKKjThQ zuZo{1d4*aXvhVuUuJ%5wlJBy*`{ncR`Ni7D-k+M?t8!bIiJ6gsaj}hol>sL(FlB{V zm<$*UxIs*Q78YhE<{t(MAdV^{<9`-VRB>ptF|x9?;-d4-PZR{ zuinA`{4mQ*u1S-PI-Xu>D3gl#e9zQ3hkuc^p8L+L2MUt+&AGQd>*xE5w?_*Mk1udt z(#iJ7`{j`d&V06OJ=ShX;$QB(bo!;|eYQKdtjMXmnQkNTTI^}k>HA-9i=LmweLP(K KtI@IdGnxUmRV(}e diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-NS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-NS_TS.pem.certspec new file mode 100644 index 00000000000..78329b6b762 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-NS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_TS +subject:ee-EKU-CA_EP-int-EKU-NS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-OS.der deleted file mode 100644 index d7f7e938677efe47cd176a52688fed05fd35ed60..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6APp2y;TOhY@Awc9&O)w85y}*84N@Xg$)GRm_u2ZdAKt3 zN_1VlLv{Uw4dldm4NVM;jm(V|L^4@q(4_5!!nuWnVEgUJPT2s|tE%e=e_Q34vzNSBFG}`A)=B{jh5>fT4 zr`O6Z!@eXVp|wRVc3GIm>_hg)>mR<6OIC2!UcMoy%W%O(Ua<=MmVH`h84ufiN#U$%j^}ES#yb?6n!&@oV~Qi)BqEI80)jRfPD~{x-CzI3fDz{X(aI z+;wX$`;Om?JyxOHk}lrSBe;9L=8iucD>CbzOv&}h%)IC({jvSP_wo~w?M5dz7rtXQ zXX#Kf-!HX)S9;Ke57jQUM?xO8ciW!xGWvH;=ajsVvPFM%llR<$Ro|}e`)rfDXkPM# z$Y;0CSUH)??{)K-vd^qe&O0+i#n-O?{$6iIU%`9_Phx}t<$f* F1pv549S8sb diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-OS.pem.certspec new file mode 100644 index 00000000000..fe9935c383d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS +subject:ee-EKU-CA_EP-int-EKU-OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-OS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-OS_SA.der deleted file mode 100644 index 0497e9e7af217c7257aeca944c027a281cfae6a7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AQ!TgHsK7**LY@JlekVGBR?rG8jl0iW!KoF^94+^YCWo zmFT*9hwAzV#|Jwa$cghBniv=xnHw3JnwXkIiSrtPxF%4pfvTahfg(hwRB9?%qqAeY zYk)4QF-?q0$aXTaGB7tW@-qOP#l_Ub$jC5dV)#z`$!{x@Z%*EE``Vqfl9Nkpe@`jN z3w-T-#>~yRQlKP%xtBll(mfk4-``@o^kVK;>t9@|a~vKvcFYsd(7XIlxa3k^3ExSc zTLld}?|65qySbieI#ru0EId!tO71$?+?u~u_BAIzSN+a4fAfl-fBsnbP$2MPp?c*z*3WV+7tLe$E;z2ZW&Q1p zN1G1M%htY^b#R)4K|AXjRfjJD3hQNi&VBi2|M7izz12B$CT2zk#>F-URtB8Fz?2nc zVKQJa;07`ISy-5vn12{3fHmRb&dda7u^@*pFiwHt%g9iEdZPRz z?=|~5w!ST#ZE)ZAZur6}j5{p5ZJeZ%rNTKFjke^L>Ij~A**W3cZPknoKIwlwvboo= zT5Xrv@n~w5-K~C^%Dn%)-cR%8efI~ZPEN71`=g}C5wt;O=5Kbd7oI{HCXD@_U$tIH zB{4S$FP|*3&2ZAp{qsEzoi0w|?zFalU96t9NBqZuFdvz7(&|-yXM=gYKTkWZeW}Ja zJkecKf6e#TlY9KmSalzFE^gib#AkLG&zIeG44>BQy4dQ-e{Iv6MBSPL|Ce>9E%wn~ z{nxZPL#gcM?H@P4y#|@CsgM=QQoJj;?DhyGhpexsp3k%c6_~(xrVoR I%RKoo0MP&_YXATM diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-OS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-OS_SA.pem.certspec new file mode 100644 index 00000000000..3c1d4868678 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-OS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_SA +subject:ee-EKU-CA_EP-int-EKU-OS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-OS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-OS_TS.der deleted file mode 100644 index b784c68663705d7ab9925b0d0ba60fca107f3dbe..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6APnm>3#!VHcqWJkGAi;jEvl@3_( zX{nRsza;E z-)dkp_u?x5^rgr5P1$rRt9195xM>TfNbY7AxX@X$`U;cJ=a#B^cGc@QHIFqcezzue z2NPEnyOml7$3CT0|Jz@RlsVa+O`qZ`B&aRCULZ+ePp5D%6Eh=QUCeZ)@ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-OS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-OS_TS.pem.certspec new file mode 100644 index 00000000000..ecdc29c8a89 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-OS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_TS +subject:ee-EKU-CA_EP-int-EKU-OS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-SA.der deleted file mode 100644 index 44fe585c4b52667e3b582f2a4ec06cc2e8424dc9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 756 zcmXqLV)|gv#CT%?GZP~d6SGK4i~%njr&gOs+jm|@Ms8LH15ra^13@07kb`IwPfZ2ua(0Y&4bVk0 zqlr-o*)~R22IeM4eg>d>xR{z485wpb3I9AMX4b=`9r$|L#)qeOoZrs;KS9~wA=s#B za#WO#_{rxS;zmnUdLP}IQz;wwNlWqQhsW)lfq&Ll{PdE#y0JJQGr}TTbGv1H;-iy7 zJNA@R)PA`AHgkT~OREQaF0Lxf3e{Nb)v8+O_~o&ybK9NAXP2{E zYwO!ki90$*KhErYdHI!|c)8?T7tyt~TpykX_Eq_?$j#;Bn(*`WQZw!Yji&B`Q6ITl z&s=Sc3$K+*3*A;)sW(UdsN}34>&~5-Whwqrc*hPAZHuQ@8Qdmi6n-@EPSfPGYMxow zXH+{q@j!$G6MqnA$h3d@GKQ=%Wx`YZ-%R(O^!OtaGb01zVjBZ115RK_$_leE888@d zgP8m*EX+*IKMWK=992ff|14q#B5WMmY>cd|?95DX77KFt0%H>xzKjeFjpRPa_jA|IdHc9mp!#K(_9p-N>o@+M_gqOK`^z3NnXQ-3{14lh+Ryj>>o=bI zfGVNifg6e!$VEE}CW&8Md}Wi%N1+S+vdh*rHfsv;8_M*sd%9ka{#M)iQtEh$@xGV# z7S5}V+nwwX6poybv2goUg>CKjmMPD~@BaOEYIk_zQ{MIAL8aBZB+R<=?YpOy>a6QfM)OOG@16?y zR`aaI%{IPfX>YVd=4Q?RS{o{2%@;0eN&5S&Z%6-f0l{q>|2&@D_xR$h?7oQ?6cY`M G-T?qt#wMl! diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-SA.pem.certspec new file mode 100644 index 00000000000..fd9cbd2f412 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-SA +subject:ee-EKU-CA_EP-int-EKU-SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-SA_TS.der deleted file mode 100644 index 9584402210681010f30c5d0f30ddb6e4d68685e8..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AMGH4x0fl8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP~Bk1_>f=&IdNV?69Z!-b0b4jQv=f|ab6=3*96KnP&HIGP=x4|N=*f8basq) z4bVk3rioDr*-l1Q2IeM4eg>ekxR{z485wru%HR3bvE#@+uLS1GhGm|Tl1xzr!FTs` zyvU!az>>0J<-$v!KkRmkmdu#=tA5htt&1+J{|#RG*6o>?sCVp&yr-UT=5pVkUeNGG z=tiNnUi4{(725ZB4}A}Ko2mP1OGJ+GDL;YCCwuy4_}$$9`Ih0*or;T>dQKB=x$yGQ zlRp!$a$ok_p3q)Z9cx>oH2Y~K%c;$Q(-}qdKJPiHv;XDX?IHR{FD_F_C~MxRcTlQu z!o<1i|LkX4?$MN3Xet`CK>YEs8`?R20jlahe|k@rdBX9nJ}Q4+&etmCbLEaoe&0&Z zJYw0yU6GjkHq~8<|LPgvgXx<;hH_jFYn&?9k#O`HOhd*3 z9%*lXt9#;{EjNA&?tPGF-soM^yiH-YX~Xx;2~z3>C4z6m97 LIrlYa`s-2vXYDs? diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-SA_TS.pem.certspec new file mode 100644 index 00000000000..a0aa1b86bd2 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-SA_TS +subject:ee-EKU-CA_EP-int-EKU-SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP-int-EKU-TS.der deleted file mode 100644 index 15771cefb0373d0d993f604a01473e97462beab9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6ANR-1P23NHcqWJkGAi;jEvl@3s6+m?1x}w7_h^r^)#OmJ0+=Y!JIX zp;l%2tbGzy+#gtTlJD}Y>2>?-l4A1U_onuv=Ce;O^4qlaFN+1A-dEiza$Z4_VdeH6 z-t&`W??d5 zFyIC;`B_+)nV5eVD1bPsjEw(T#0*5(IJDUqSy|bcncyrIrT@Z?|a5|`a?xE9Xrd82OS#OtXO^IQ8Gu4~vP2f|8 zg)QrpW|pq|Q=eI|H_~eR)fGbXidKhfD6vTfyoirZW3?#PKRV0nyzjKM*&Bmb$Ee;_ z^-&V>xG41c+LyiGCFRz6#XsFP^+ON8f}MZHE2FY!bAL=)JV~GFQSb9yhN)g5C+;*Y z+}ZoNQ=B6%y29!7A--jX&MjB%H4{BVnEs`vFA-kCxpng6ZAqW_-^I^cozD>R&r#sE zj2xqU%(?6y;Ww!_OR|NkjraKYCo@5qwPB{BO^B}gMp}_uz?^Ob0`Zl4_9Vh ziLR@6sIIf4ft)z6p^1U9k-3qfsj;bXlsK;uh-(7n8t5777-&JXDW|4Fb;Y{|#QO!u z`v=DdJI03u>mr%g#HfU9Gb1Yla}y&!gFzD`7gG}>Bg1K(h0R+I^A#>St9jk_{-?X< ziXojZPX)`0ym3yf%ldVIXZ@`+d{dQ#I>jE=2fgdB`tao>=QGyJZ?1Q!vs64~>5Uft zf1>rzm9ET`KYg`Qf3IDNeyw)*hV1Pn*Js1n z#gU9_js~sSBI_E!W`9@6iQ}=~Avd%O2?o2@2!+<)`f z-lV)UF5Yl^(8_7uZSIR-=Jg*-{iQo)+KJe|2fd=pvSe5B-uBy;ZSV8uDdQ&gb9xu1 zM;>f^HLY{fezDzY3yyZbF7D!5s9(){$wt6cIiXc=%9&}WL)i3M)Ss0yF*7nSE>1N_ zHsAz?s;n>zlL3PPH;Bp4!otkN{KLQ##8G8r{Lf-^+z-uLYEOPt?hsj))m>}FlM(jh^-aB(F3F3$#M@s?tNm>rV`aeXzE1l6P0tDE0)6(g z+&vro^TfHZQiDt0fq{Dh5B+?b`(9Tpgj@BSuW;`FbDe9?Yadq%oI3eF8%Oy?!7br) z6x2@fPFgQ+Cn>h2mVdQ3bMNY76R&Kz^sVyep4K*=7cJrMyWYq*&N}zm%Y3kv&R4C>Gr2x(p3|T|HT>-VA2D0*=jo{a+zSBL{x%o@ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA.pem.certspec new file mode 100644 index 00000000000..6ea37c22e2f --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA +subject:ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection,nsSGC,OCSPSigning,serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP.der deleted file mode 100644 index 943b256c69b69fce721b0093dc34b751d96e8359..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 816 zcmXqLV%9NeViH-v%*4pV#KQ1#%?<-zHcqWJkGAi;jEvl@3|a^k#(CI-ev=0=95#-?Ub;=D#6t_hTDU}&gspbOEdmYRyt81EMx z?;ji=>=+*stcz-76QdHc{fw*(%uS5^3e_YcCbteE4PGgI&JK)xUS&;&~gu zV&D2CK}TpQkL{*YoOkEf%`;ua6(HXx;E*7-`$yWvCb_Ge(M@^k*3+#6nASBihy8Jm zkBtp--^1{7ud$VgS?)YR?frdD?bauk{}f4)G&ZS}e`~<9YUag7l3d3Z)++hQH+5g= zWa}$=JcUElow zdq`EgxOLji2j=t7&n@gcA7Z$>?^LK6^XI}t7WoR-KYiSJ$-J$l%;oK+koJ9FS5?KY znX~84b+=vZ5$0K9IwH69?_CxYnB1V+v~l0}Af|NI<8e$u)x2TSx!m#<&#tL{n=yxN kqwu|nmOL}3JFp6#R9<`HVcg>4`oljyJ8h|$nRRIi0R1p6`v3p{ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP.pem.certspec new file mode 100644 index 00000000000..b4d50f5e899 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP +subject:ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection,nsSGC,OCSPSigning,serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der deleted file mode 100644 index 07c806cac3434c7aae6e6b128cfea1d2aa13f744..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 839 zcmXqLVs)FR?K>|cBR4C9fr_D$fdU(IC<`->WM*E8 zuB&&buCrsjYe2kTaJ+wTe6VADNU(vNIIp3Jfw7Ufk)f%vsb!QnuMvoA0_7Um8d@7z zLQFAAO~r1AE^gzS7?qIS#mLIQ+{DPwV9>yRcV+sOg7`0qir2no&JVHd50iIt zU-QcL*3?&aCR+thRBw+t{(jRG8Lf;BVG-uiV%t0)e2(k3Kh}59H}AKCg`RFu=M|xe z?N<(@3%1|eaWPae+-{$Y*zT*Xl@q3Yo)8;;>Yl*+O6`LkOI#E6PT$Oa@~dLLV%wo$ z75PeCJ%Ppg%NK4fWMa&IE~oO&cIw6!3-@l8t<4=mKY5l%9PhAoU@BGPT&lzLE<$hl z{gheLpUt)@+<#*B?qf3~7uoFX73v?{!$~ zuD9~BPuh>{UlgMFyOwv?%H!V|z4aaM+_yZK;@dWF&*L|;HU}#Y^0zA<+NsGO%3o!m z`gz$SpXj9SdEcLSUp4;{kaK_4-7=o?@0T|Ft}wX0$0O?anYZRl?jQEp3-p|Ct*w6a zZgsuLweq))kvn&lo-SRxswbg(BRlJZ>k}UAn!&g3MrAAW$F)n&D8)Wcx0Go68Er7} zSz^zU8=Jp49<5EVa{Z7Vnv}7%PeY?oO;gfLq%!)2$`mOp_wO|_M~~LzFs1!H6{Bs} la&y9*AK#*PZ#i{kr+`w$!XLf7G2!n68qKTRKQB}A2LPMJKH>lX diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec new file mode 100644 index 00000000000..dbcab96b084 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP_NS_OS_SA_TS +subject:ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection,nsSGC,OCSPSigning,serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS.der deleted file mode 100644 index 36ac3f27b4d8947e0541eb899fc7f94031a5b379..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 815 zcmXqLV%9cjViI1!%*4pV#4K`J%7B-RQ>)FR?K>|cBR4C9frO!$fe0IOC<`+WZ)RSJ zuB&&buCrsjU$B9kIIp3Jfw7Ufk)f%Hfl-t=uMvoA0_7SQ8tNP9LUgL7rouG31_1TO z`v=DdJI03u>!KRj#HfU9KO-vxa}y&!gFzD`7gG}>Bg3MmN-K`%VoFc)?`yw3K5KWL z@V)o)-G_ayJ6JJT@lN)r`^DI{^t*mfp?P;##*5MmQp|ZSKb5m=6fENw&yE&+HTUw_ z^YwqMqKwQBe%Ziy^yU}00)dDQbCb4vKmWaP?sj00pMNVLd~IVB18b&DZ>i%rU1*x5PKIqNt-T(O3q**rWZFUJPsn*l{B}S(%A%Wu|p6 z{k8m*3RB7i88h+OQFHE8eb~!a^e4r0rO4^op^q0|jBwa@y6FAP?Ta_cJ87FS9J_Z= zA?3Jxt4DC+`4`59)A&51zhz50ZCzq>D(sc3CW}Kt#-qjeO7soau(&9s0fdt3*z3wLH%yqm-ySP5+yUUeoE4z^+s4ly+YX zlbvc4zIEln?`KqN%q%}ixGlQnP&8}Zl)qU8e(AfbKYD+Xm=u_t^D0DAojW}5!TRNe z|GwB*Ot){g=iL6uNcw8x%74#H@;|11WLaQxGs(97xx-S{L!W#8Y`L{tR`)eqd=8K5 z>4@pOqy4Y;%n;1mDe1JlCSf&0yZOy~%UUPScT8OT;&XNTl^aL4YMm2&@;p;6$6et- kOrQu`?|qg>$9tugZRg%EE1?{`SXp7G7N=|9Ughh102wqbxc~qF diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS.pem.certspec new file mode 100644 index 00000000000..407a048e82b --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_NS +subject:ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection,nsSGC,OCSPSigning,serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS.der deleted file mode 100644 index ba02a840326a5797217f1920fabb9a608ec657c6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 815 zcmXqLV%9cjViI1!%*4pV#2l$sZ@|mOsnzDu_MMlJk(-slK*CVWK!lAsl!cjxH#4t9 z*VQ{z*V!@NKiEJ{oY&CAz}U##$k5cpz${9f*9gQlfpQHD4fPFlAv)DkQ(+oi1LFOH zf!gDP9pgiSby1CMVpKx5pOKY;xrvdV!Jvtei>Zl`k>T{;hEt1n{5gJD@YC8~Cg!I( zmN@C{p1Q@6xy$54Nn&E|@rOk$H)iJzxw>>`a-AT~{nfmb& zf44~Hr^N(We{$44;#2*nVWWfJ8F{{dQl`3Gb01z;#7lV z15RMT$_leE888@dgP8m*EX+*IKMXuU992ff|19cd|?95DX77H6^LYoI; z+YcueMz|m+oP`kMK#mAtLI6etBST1h-=#aElSOCw-hTc5L!a?few8hjbrYs5E;{1) zS(;~IW&Zhli@XKiFG>{j?fKVV{8s(p>+dLHE7HHm))nmh zIDN0Io!}*=)fZ3oWv%M@A!jV};zn)atTV4=vaV|NG*6Zic{p3&Z)#72tFh(Xsmtmz z>puOSoU8FEV#TVm$!C7~r*ips2KP4Kka^6>u@5qwPB{BO^B}gMoyhn1Kizb0`Zl4{v5( ziLR@6sIIePe6XW|oH(zciGi_^xsjo%iGgL5IIj_iYXapO7#ivu=t6X=rKZ9(x(3Ai z1;_gb15Jnz3D!k5vWZa%*?vY=2IeM4eg=akMlPl%Mn;C4&O8o^!c!-nl$)o%C}Dy6 zA-7#O^-e}=?7o>BXO(C+Ka=SUHV~RzfT{ECm*w&cp<=8Z`wK0Z}%!Q9MXz*rc`Om-%u`i`gV)h zItA`)x*n5UeS$qE$wqitA2k!2Xk^8Bm9=h0OT>=Z1;z2dTS`v7*7`Vie}VKoZdLn( zcV76UZ4A;h+npA7$nC-1in&}L&~Wo2h(g0ooII1}1D z7~6h0u`t2~IpHjX7zc7h022Z*A{ZH*H}b^gMUWPJC9g>RK>$A}jh+5<{AUbQo1uD6!1*i&893wB=59U}I}ak$wH3Kq;i?oprQPTt-9+Pt=6> zN8@Fc<~-VWlH2pNRNiCM+)$YRRM zhN_MgOBb*F_NINuiN9O=CmLr*PTs#iVvdr`q*X#H6YZC(7AMUXsn=Yf(!#@7xOR>D kR_$**k+N!{9h2%WSqaI%xK+}9Z)?m|k0L(p7*)|Y0EW^bS^xk5 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA.pem.certspec new file mode 100644 index 00000000000..40b39de5efc --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_SA +subject:ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection,nsSGC,OCSPSigning,serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS.der deleted file mode 100644 index f783736d614fc4ff8083d0207adee6aae021293a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 816 zcmXqLV%9NeViH-v%*4pV#KO3BS*Zap8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+e!o_>f=&IdNV?69Z!-b0b4j6GNjYab6=3*96KnFf`OR(1qw!OHGAobPb62 z3y${>jt>SIqKj%|6QdHc{fw*(%uS5^3w*SRy>XHtJ6@Qui(!Rr6_`1i%FZY11-FLeJ-a_LZ}7ey4w^Wx|d33z@o)KDZ*c=C8rWe=^Uu`Y)Ko@ugjB z;zJW&)l-MEwQv+1fiIezkEtJ8mGTX{voIMj7;uA_{46ZYOw2zFJV6{)M#ldv_6D|W9NKJ*tgP(JOmG$p8)rhB z2V>h0Cl*GyASaxK5aU3O2w*}0Mg${+&R5E53t^mOXL&?f+Bo56`uVx%Lm{@!Pj}@0DZyUDzoQ zbceM|U2Xd7f197_ocs8w)^p|E+&e-1<@4TN;jk(4Z!}!{uT*q>b@ii0AMdKGZLIsA z+-j-*KJ&$Of15Mg&sLdd-A%YQDa*lOQuS3{<)zCPg<5BSSX*F m6F$%Flsq&4Pob>`AW#-F@)t#O5CR|Fr-(r8=|# diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS.pem.certspec new file mode 100644 index 00000000000..20af12b1801 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_TS +subject:ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection,nsSGC,OCSPSigning,serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP.der deleted file mode 100644 index 9cb9cbcdbb06fcdcb2751be6b28ca3cd01bdf3ad..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 810 zcmXqLVpcO~V&YrC%*4pV#KL65Hqn5WjZ>@5qwPB{BO^B}gMp}_uz?^Ob0`Zl4_9Vh ziLR@6sIF^(ft)z6p^1U9k-3qfsfnR!lsK;uh-(7n8t5777-&JXDW|4_bvZl6y9UJj z1;_gb#|JychXm^)nb*Xqglsb-D+6;ABR_*d6C)Q>6C)$T=8A>qw{X2o-P(l}pbA8`kPLX!@>Yw-?zM0Y);N#Mf#QWK3i-m)` zk6OCptzKjG*%2Z<0qbsvd^0YqUmYO#gMY4IYWCmgdHd`aIzHQYbHQ)NFZcg_soekO z=H{+TTjXvwy*=}LZ}y*AkN*AJX@7s(-Ly^r4NhFx+UN9UkwJG(g<+m)!79$T6HR9@ z@ToXNGez|aPW4+FcgrZ4vDS8dR9kD%>KMayUY8R(wG9|`wc>jlhr0DQulkY#yTv;zu z{Vu#Xz0m)ejonp+1|Ocdea&H#8fo8J-2^H^zCC`}o$YFE&C4&r+N*zKW9inC+~z~g z%aRpXBH!g~xG-04t=SdR|Bdjc+04=HW=YmxZp8N}Td;+%T{!KLO&Xis=`S8B kYMmwGr(RgI$S!ZJ0LLmOMgRZ+ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP.pem.certspec new file mode 100644 index 00000000000..9c83946d5f2 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP +subject:ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection,nsSGC,OCSPSigning,serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS.der deleted file mode 100644 index 982f14c081c02b5fecc40eb41302bc8ca2bc9b4d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 815 zcmXqLV%9cjViI1!%*4pV#LRvCf&niZr&gOs+jm|@Ms8LH0|`Sh0}(dnP!?t$-psrb zU03f=UDtqkzhDD7ab80c17jm|BSTXYLyIVJULz3K1j;oqG}JfHh3HgEO$BRoc8mw> zjrR|Z4|a?X3D!k5vWZa%*?vY=2IeM4eg=akMlPl%Mn;A=Ugld{{I7~8%-b|Ia!S$P z)nZ@&ulbucab~9QpIMtHvPRxqJ@@!zReuB9ie-k+UiL264n6aFZaJ?Q$F{}4Ctfk$ z!hGcauVqcM@1#cWOp3U1`*Nj3?|luQ$XT+LS7v>46`8NUj>Ft{UZR-rCh=Pg&->Zm zPMnp^6chbJ>$~Cnmanr_^Xm&(7w;*^vN~vZaZ9D}=E)1seGY1F=t(OvJZgGI(p1V` zSTwj;Pqf8kZm-j$IZ;>UI{N1;{`+}$WjRMSPc#29p{lo+S4fBdw!UfJ_rz__zYhf} zlP+F&x%4^wS;jUiJHHv*R%>-x%=LPHu6*i*uFq?y&s#sEHF8VS>PL3JZH_ZBGcqtP zPBln2-~mRb&dda7v9NI_ zw0SVL{cvJogbQ-QSqL!>)_2?vpJ1#HKWq*ZhyIHhV8H3%yw^!<>3*92iNaRl-eA(Q~Soe)~e4tv|JW$+PG!u z(I*;@SKkc0!BStK|3u_?^^L`!vW_X6G5uJ0YwP>l7suGht;s)Gee{jmp@XcK p3nq(Bt*a?mwsKG2vb?!|w(38m|GBpPP@D2UdzzuPgpl#VuK@U2KrsLS diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS.pem.certspec new file mode 100644 index 00000000000..f1f62b5810a --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_NS +subject:ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection,nsSGC,OCSPSigning,serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.der deleted file mode 100644 index ecacad03fd17c8396062ad3d907f02eea22407d7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 816 zcmXqLV%9NeViH-v%*4pV#KIVVA>DwNjZ>@5qwPB{BO^B}gMoyhn1Kizb0`Zl4{v5( ziLR@6sIF^3ynnEPoH(zciGi_^xsjo%iIGv1IIj_iYXapO7#ivu=t6X=rKW;4Iy=S# z_4)+^wZ{iL#)ky!q8i!6sDx}kBP#=Q6C*!^K@%evQxhX2!?8u{WsdkmZQlg2AXzv{^0q=agvGu(uFG$Uz-=d zh<5qUdhfOD`DMpmrXO1Mul3Clad%U{ovRJ=1g}l$l<3&@t3r(T)w=_lEh%h9v)o?j zt8cpZ@M?I9Wp-%$?~Lk{|9!@#N_Quo;e2ajc0BTiP4q0?M(vJvue)K@N~Jz}c6t{q zLp&A4Gwjw+V|k?*x_{&Ao98U{6yLaef_KSUf1%rKAItWL2!;eSN-lpax7q(xk9?ZpexyNHT3I~(;=S1UN3J$ZO?n>X z6|s-w$dupbRn?aCZ+!8vZSD+r<+FE!SWQkd8L@6LeO;~g>$K$@P4T@(SGgL5Hp{o3 zIlJOZ26{oP;KtN*2Usej=#u$63o|^ pv2Ss#R7+pj%eAKyroVsg^z7rwMu!gvj@Jt=oIGJpS$zJydjLT+J2U_Q diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.pem.certspec new file mode 100644 index 00000000000..ec233882e1f --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_OS +subject:ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection,nsSGC,OCSPSigning,serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA.der deleted file mode 100644 index 405eb97018cbce203b08a4cbfb949f05a41a40f3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 816 zcmXqLV%9NeViH-v%*4pV#KO2%&&hz7jZ>@5qwPB{BO^B}gMoyhn1Kizb0`Zl4{v5( ziLR@6sIF^3e6XW|oH(zciGi_^xsjo%iIHiPIIj_iYXapO7#ivu=t6X=rKW;4Iy=S# z_4)BPG;8}=pj0|hoj%qQz{x4N|?OS7oR?Dne-0rW+tqQLi zJ~eA!`G`BgMR{$+my}Ea@z6gvHwd*k8yVi}-?cY>@0(Z7)!Z-N$_0n@Y`mNJ;_ZDg zW@r1);B|eF~QNvCwi|%mv2mp-=W`}X%KPyi+XH~OR>-D+|btMWkE5`8FoU) z0+n8M$NbDo(4BHU*W^p8jbnAXUBQQcwNEuVq{8a|@1EGcIfQBZ)Ao{yJ8r$}O~}3b nza*in(W83H39WUKIb{`-=D)fkcf;mIndXrii#saUcP|3~mO?W^ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA.pem.certspec new file mode 100644 index 00000000000..77103f20178 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_SA +subject:ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection,nsSGC,OCSPSigning,serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_TS.der deleted file mode 100644 index e903244baeae0a654726edbab176fb41f1f62bfe..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 815 zcmXqLV%9cjViI1!%*4pV#9V*O%Yc`SQ>)FR?K>|cBR4C9frO!$fe0IOC<`+WZ)RSJ zuB&&bu4_PiNU(vNIIp3Jfw7Ufk)f%Hk!6%PuMvoA0_7SQ8tNP9LUgL7rh+v(JH`X` z`US`P2ge6H0u9kcHL{6O3E6%|RtDxKMt%l^CPpr%CPqevW4syrOohyziapWGoa(yG z^zHRUN!hQ8;wyL0_}I8#&HcI6Aa-k6|?K&7i#UV zjK0sg_mZFs%jK4B;`y#$7X}q*WIcJ}!E*R$uICg};mUZqzJlKZ{2bxCT3bHZIf|~H zaMaF9MaDu=-FK1L|DEE`7B4!@v`adF_NJA`W>>TPwk$mqe9>fjVUV_x+s~;5E9Ojz zZPfJF`_jvAud=M9iffHaKtuS^3(K7P1l(e#uUw(QbKi};V?) zn|$NAO>&3T%S|ei|2^|={Sh4auV~|)YY(g*s7TJSkJuq$u=R})yR$@P?eyH`hZI$! nuP=R^diX)>nINuzC&YS#Zy7`-WLd#AN85K^Mn-N{1_N-99-hp+ z5?xpCP+dQNKUV`eab80c17jm|BSTXYW8)}sULz3K1j;oqFw`^9foN1sO$F<7c8qro zi1!PQ_YaN_c8m`R)E~X|%Mur>p62Ceoc3hJ^e!5Pn z`r9h+$W;gDpHq9M?U--EDb@T`Dcs|KxSf&o)?U4q?=2f2>6#t6U-_ET=&Szvg|8hy zgdRVY6RPi&=j-efwCuGtW5u`Z3ysVEWaoW%dvZlYk4GV$r7SIm(G z6V2`R9Lv3J#3kOcK>og>u)7kw+M(8(pp2D!Yxra5@AB_2j^6eCrAx9@``z12%!~|- zi&G7f4LE_}Dl5#wWWZp+4Px@MurM<*|1j_baa0)@|FhT|*s^hGvoW%=vNJQmSuAXv z32h#XZ9kk?7~z7Pa27(0134mq$p9D;j0~;DuiTdJ&s!@r=IP6~_|+Zz6SMtR zUi`n<*qdTo)6n^5fJUqNnL<{GF0*@Af6`Z@u~N ztLs|NPjkywtaF$mYqns?iS+^}Bv{JlIxOQZU2$#M38(&t_ZKl@UN`TlK{ zoxD54)}LRyfml#N%+WoxVvmY*iyco_5atYT>3q+_ACG_hBk`; diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE.pem.certspec new file mode 100644 index 00000000000..c85f407d5a5 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NONE +subject:ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection,nsSGC,OCSPSigning,serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS.der deleted file mode 100644 index c29cc4af113de79029203ce4fa3f442f86717ec6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 810 zcmXqLVpcO~V&YrC%*4pV#KQ1?*G~gpHcqWJkGAi;jEvl@3&93Si$9}=vKWL^`a60*&VtPIRejQk7+O^jSjO^l2T2S4)P+z=#{P-;K>_0u&8 zpI%(?k>25-7V6^FfB%(+$21eKk{Q~@d%O7WhgT=&1PdStKj_55C!_BB#3`ib8hfw>Ek&sv0B`1ZSbQ~fda-`dh~(LWi3 z?`ikQ^L$;^bMeE^yEBzfMxRex@<;3RqM6ziM?>6X^6q|lE~&TjW4V6a<~DsMW=00a z#i<6#2Asf9l@(@TGGH*^1~K_rSeTiZe;9azII4_{|5@w}Y}q)p*%(<_*_oN(EEYD- zgfys^l zm^2Mc9m*bLwHc`-O`F2EHvMeA7spRsi-!~4jy;ue)?F>a`>*~6m-ThMw1bCRpMRRL z%YIpM+DOJ3~#=NnWXHf_K2% zZBsZVn`@deR=Hb+EYp0&wED*X8AWHW{GTVaenzBj|Igja`G22gGgg@MYv$DTI!b?a zbFW`?30N%C5kE)IBh>r-#_4=p3u~Eg%WR)BV_VbCm;-kEtQseM4p>z1qa%5Ow!5ie o_G%%$hD&`j&qgVVeU)`CJ#U@&P=s@zmwa)?3ZARa)jB2t00vbuIsgCw diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS.pem.certspec new file mode 100644 index 00000000000..9da87dac0bf --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS +subject:ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection,nsSGC,OCSPSigning,serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS.der deleted file mode 100644 index 82bd9c04c61c586159df452bd5e1cd3b36ecb72d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 815 zcmXqLV%9cjViI1!%*4pV#O(5InE@{wr&gOs+jm|@Ms8LH0|`Sh0}(dnP!?t$-psrb zU03f=UBBRX|6l_-ab80c17jm|BSTXY6N4ymULz3K1j;oqG}JfHh3HgEO$BRoc8qro zhzDzr4|a?X3D!k5vWZa%*?vY=2IeM4eg=akMlPl%Mn;CaPKO;H**<>2{rUZ`q%R*; zO-y?)_pIrQ|9A8+Gu|cQKwb+s)*Wo^O1Su&rv!j9f<)N@}Gy*-ENOeu3X^KriYbt?Xn=b4xp85kF* z8YCNV0s~f7n1#uJ!GIgY4Fd`TkLhdiuPx!iF3Wwmg9sT;fJ1<7)PA;)H6|KOc zwehY;@BLTJuir~POWrr-$@K>(R_Vn2TA;h#FL23H(YH=zkGABk75bs_arc_5E`^FO z?|*DmXgKB&R$2IMo6gl|wY=q?8hsSU%pJ>PIG_xGH}nwO36Rdl3ZAdKYU8Dy4C%E($1b~D{9_8TAiG< z{C%yBYuJ^^vJ9C*+1@u+2F`TKQ}+Jv zHR`;TO47=k_hxWur`~&iHOHhl%OmcGf8(nYJo`RzB$++gH)--i+kPgMi|6~8?)+On zH?2eY?6cb|tDhP#_@i(1V5Z^X{${JQnos34I{r&W9%m>kFNj(d_4afAX(nby2FAsy z2FV7Tz<`w%W??d5FyIC;`B_+)nV5eVc!D^pjEw(T>s>z)&vZ~H#E^EYhM$CqiG6I2t=TFad9_u>nx zopfMzTwbi=H?GIuR6MpXKhnfz|Ftyeh|5jU@27qX@-iu^?p|@|#EhknCw#jl6>XVz zTre|!QF2L^-XzmVw#@qPzn-xC_vNhhH_LeH{%?l-etzE>vh$RA{iLF0npr;bzBE!j z=XEncrBxv3n;F}(6**0+M-^BuN^F=aCABtjxt%fV$t~ZOY~Nj%G-I-@5qwPB{BO^B}gMoyhn1Kizb0`Zl4{v5( ziLR@6sIFgdd`Pf?oH(zciGi_^xsjo%iHUiXIIj_iYXapO7#ivu=t6X=rKW;4Iy=U@ z2E+rk`v=DdI|2>SMK!XCQ3=_8Mpg#qCPsb+gC<5UrY1&4hAV~jeo3e9zEYMxdq!*0 z%!_;%B}yxF*ll-RU?|9+E+V$X-|4x6P208l8LRGO1mv~|9oe70e)`qbkv|^!d2jsp ztGDc_QRN2yoa^y(i`zsbwYMzRO8SwZ(&us9s@>wK7r)l&pC=k_cg#?$ed{}0&`19K z#_d_t&Wk_c56E`AuvySb$@qelQP?U0!RR#~GgdkUG*7J;d0paBzo=04wg~6O#KwI- zOWo zAlZNu7_hR!EKCLr2HYSfKMM;p6Y~!PPY_3yk?}u^y@4$ohc+7{D=RxQ6P(4u#+lIO z!Pxf0iG>j^$O&g5#5j;60+Yoohb$-vxCsSa<2_N(7m*=85}!tngr2L|_rA6$R@TXgMmP0^RL z^*%^+Xf>T|PMx6DP#F7h-mk2q(%b)SyeL?CG|6p-fTeImev{Nm%}r(>W-Pz_FTr=u zgA?f=<8rHuR3?7^Cx%iR!#=KNIosWT*ZLdh z)|AY1$?eS+q3rTUv={z)((rF$wCU^pue6RFxcl?n>BqV|B%7bMs@5qwPB{BO^B}gMp}_uz?^Ob0`Zl4_9Vh ziLR@6sIGsoft)z6p^1U9k-3qfsfnp!lsK;uh-(7n8t5777-&JXDW|4_bvZl6y9UJj z1;_gb#|JychXm^)nb*Xqglsb-D+6;ABR_*d6C)Q>6C)$Ts<->HW0o&C>zCFi<)C;> zzfSV+{3{uU9?ZS1rhHqN?S^)Y|E1q&N*B4k*zuH0)wWS%spcmeuZN%XB38{#Q<@a? z_Da{1^c>!OZZ|?>cKY9{`*Mh3+MP`&+~-}s%=XZnJ)%-7v+>m8qZei6J-S=fQ;f3a zi@aYM^V;$?^Q^gUo7;L=gkDRr@`=uv*J3p*-fs@iv;X3IMCT;%%rZ^MzjNVkK#p2v zdtAcz2N&iB=-N-$m|-AU(%N$8_M{f}#cz$)OgLzCyN1hX%I_;OUa9qecIVtTHxTOE z5>@=rVODKM#DyF4+cTJgpEAFB96Hb7u!^%$|Iq@Q#>3YRKk<2gh)J`xZYdKpBLm~& zRD)y#PGG3Y3bQa7Fc@%ynEWg(%uLKb3_L*`RYu1DEcOPrY#iEbjI6Be%uH|=3ma!b zn+Idt4<{BzxF9E-g%IOFjtF2907e8O!(lcnqc52~4`zHny(I5Yab5GjkI^k>4jVU0 z==Wz$?ci(reV(UV`c=ry7vk>gH%F&ub8T9G-|%DeAx}&8_evI4dMCqQK3(=mA;V)& zT*9Vg#jCrfWIagn{~>SR{_1?l=f!rreUfAr`^fCz*HCDGaQ*g%m9tLX(_bF*bhF!` zT+MAlx^ho$eVX|Fj&@aCKo$@0rk}azHrQ=;-{Q=+RpYrY`<6vPb%(v$BOlD0rNnOH zWIiF;ChX~a-<>Vi+-;>660uf+VW+KpdrnDxUv}LmvD?czV2$dXo6U<%wj^y``^lGc n<+6C)tO?m#-oZ+9U&XtgKJ~Oe=j5*REq~N@?JS7phzBO}9U%f?O9a=riOe)8Wke|?)K zLvM54Gl{>2?hBhf+}_>HeUqoXwKn{;SpFoI_~iWuj;U$Ndg?K2M;L|~tIgPXsVTrq zyy?YMt0$+Ih7|9eWh$mrY*E;7uG!)G{*1L(cFq@c@$yP}X}NgY?wgu>H;Sh16Mp{pG33~+zP#o-6Eh^#{Vq#2DWS*+H8!htnAE8a25+2XF{6? zW7`iW7Dl)rC!B>4<3NrGU_t;!1S3Q4tGJi@KCG4y6FOu**eLzz9?Zvsh8b?pgnt0~WUH`{jYu<)E4b|Y?@40)=j^5cFLC&=j@Aq+@`=+pO z|76Q}OS2}y>6(lwD{nju;w@bwVprq$q;!$)GpBPOZq>RUE7~=i$wn{oAr6e%>yrLWsMfr2fs6K zpCa|`;G|pE@8rwyyU25!uJ>Zj_YStOc|O%P^@U0GkFT3s?ibFP{!r@1?7sROcI}nY nvmVX2_x``njhplFK8dw+>(6OdrrzDn5q7pq-YCyZRWcj^t1LHx diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA.pem.certspec new file mode 100644 index 00000000000..66776690cc7 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_SA +subject:ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection,nsSGC,OCSPSigning,serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS.der deleted file mode 100644 index befb083d420d4f69303613e55cf53d38692bd6ef..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 815 zcmXqLV%9cjViI1!%*4pV#4PKUXu!+HsnzDu_MMlJk(-slK*CVWK!lAsl!cjxH#4t9 z*VQ{z*FQKuB-lVsoY&CAz}U##$k5cp)FMip*9gQlfpQHD4fPFlAv)DkQ^6XY9phaC z;{Af-fhGhy0u9kcHL{6O3E6%|RtDxKMt%l^CPpr%CPqevr=R~%Ul&&OGxP17Yd0DE+BS};#@QKV@C{sXK{S&S+d=JO4mZszl&FC_gv_F7!bT$c8ak6 znNB&`(`;F3#y>BK38+fl4?K9FWA9DTZ|nBu?Oa*7!OfuenwS8u)TxqpJQLWZPCeKb zH23y~5bw_}&G-B~Zat2={I=hDrK{+ZowurL+*ZCltS1w5?OlR{oL^tCE$d8nDmVJlpDM!t?j1G3H&7f|Hj&5 z%dfbqI=8CtlF`lgQIbEl@JjM&SD&&k(FZw{ls;~k(fVr`muBgN?9x3z?2ejHcXo09#Zrt-wI zskM#Fzh?he zZ+F+J%<@%|uq%m}ekb7CZ}q2dlX`NTB?NBXOcy%#=hLriAEk|Mh9BqgxHp0Es=$Qo z)RN7?*0bVn-+L6nW_6^GtwZEQMmd+8rsVA|)4TkK4p_Z0+hOt9BIfb$8*$=G`eg1^ nufLXlDC5w{$9>nj{_Ec|Vmf6sp=mkGWAz;mpXpiq{+Iv&I7Kwx diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS.pem.certspec new file mode 100644 index 00000000000..ecb3c4e9404 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_TS +subject:ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection,nsSGC,OCSPSigning,serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA.der deleted file mode 100644 index 26f53dc62be32f39c8820dfd26e57d9207f1bab3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 809 zcmXqLVpcV1V&YxE%*4pV#H_OIrU5S-r&gOs+jm|@Ms8LH15ra^13@xq2XB;i z>i7HMVe)>$?~KCmEvdHsL1%0)e6XFj$6`w6k7q9%MeP$FiI z^uP4O{J#$UwJ*9MYie}(a@ha=>}hXipDzkJ%^f*Eo+~r^??SeOFHe=@46ZUUGcqtP zPBln2-~@)MtS}3c0fPZIh{?~w!py|{!@v{7QDtQO&th+2%f_M2#>mRb&dda7v9NI_ zw0SVL{cvJogbQ-QSqL!>_1E*5KPxb{mx!)MO6>CY_H`41ErhgN?n+u_rAiD!+x z)2m}giz0q~+3r5|nAg`0j$WK6SVII7k1veY*v#5hmV3E-u43fFwDc?YtJDwHs0(}+ zy!3x{^X3gXtu;ZfUiJmQ2-OzU;QG|@??I!xrgOoOdG&7|Y|s=SNGK%4WdJ#;Mij(e|B}k&&B~!9c=L%s_;VIh2K&hc`2? zMAy|jR5#c$J|x&cPMp`!#K73d+{n<>)W9@KoYx4%HGy&s3=Q=SbRjy`Qd7YiogL#{ z1LFOH6C)$Ts^f)w8GVi%msMD0zEI0> z>c@i6)zwZV%*~-61U>p#pNAV6zH13ENI3p+-&r=16@?|sTqjH~lleyV{|Kl^ik0qAW@Wysd>hZt)SaelTzC}&@=}Xaf_2XV>p4K?&_~%Y+ zr5vNa52Km?>k6NoCx_;!F9_RrtNDylOT;4ax?C zjW;dA{+zgutU2GFPjhEUxK$+0a;cu$b3Jt0O)W!bo2cUZWo9O-F8ktDFEcSSGB7Sq zHApt#1O}|EFbk6bg8?^)$x7C^@MAvDuifB=Jx0+8>RN(NDjJM`~95=_~nK z#BXZ8-r}{m*o@n9(rnqHHLB~M_@?iFe_zQm;ZtG5{GuaI-D65cJ_MvS+E18Q6(h1f zgYE5{HwCMFQ)j%{{i^iap)C-7~r>ns^@8ZdKSN~=$ zK52Hq@tjHH!8O|t9KGjNobc(@9mbtp=}Y#the?DS4wme&YqVn4Z$2H7_(<_V*6PBy nd>eds{5jd#AN85K^Mn-N{1_Mz;VFN)n=1>-99vDFCcMXX5 z3y${>jt_Q>4++*qGOvkI3E5^wRtDxKMt%l^CPpr%CPqevlSY0a*LGBer1k#se&qag zlG!Pv*=bM0dM7;hF1b_tCqYCa@@)y%ulZS@a!w_N%#Ep%e;ItW{iew3BOA*b&v5w5y!VgTohME1wv!o~d;5cdLNff zcGr?IbY@7*g z9*k{2oLCs)f}C&`LW~1BB7jK%7!iyN={bU`{4UeAIcq-07Dk>swA*}Pj*`)5u50Rj z&Rp*vvw9h;Pi|SipMRdo%SX$-1Agf=N~cGq&1w%i%Y3rD##fS?C0C+lrjMEUgr7!h zU6YS364`NUv6G*@liHFg4)7FMG-tDe;)KTEO;X!>7d m%eKF})2%t--#PoIoBndB#w&hYdr0y67rmnA=cC+D9R>ie;w!KK diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-TS.pem.certspec new file mode 100644 index 00000000000..e04570e48cd --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-TS +subject:ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,emailProtection,nsSGC,OCSPSigning,serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA.der deleted file mode 100644 index 9f8e684d1d4ef4e976c9111d9b3ba8cd7a5536eb..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 758 zcmXqLV)|sz#CU4~GZP~d6ANRpg02BC8>d#AN85K^Mn-N{1_Mz;VFN)n=1>-99WcRZ)+`>QZwgttqs%IKvXkZX=O@o1?uOpj`={iQ z@8%hC-;UjG;4|Y0y|mc>KmQHJLuWpFxIgvny_~C%u7uytFn6(PqHpfXbusvHA&J=RGs&MD- zbwY{{hl=JfWS6%(wY7f_$T1hUQak7T#qiJ_t&MujkqK7_zWlvl1f#-t9 zmgO2VWG}kve*Dv11|n?Cp)AZiyqS3= zx~|@#y3UUAt^o#e;=G0?2F6C_Muw)wre;y%yhb3d36yJ~YN%|W2+=8(nhMkC7p#kF zOcSFLvYm{q49rc8{0u->aWOS9GBWJG{m<%h6nFBJi|3+RnS=6oHI+Sku<_CTn5&Fy zR`9Qy;%DK-#(RCjloc$k?LH6USDx#1xget2Sug##O8)0k<-FJonYWC~4ct~#D!A$N ztzq@i$T_X^fB!dGZMoi!S6ux^LdAzC=zWw@*l_;V+va_5c73bu zjhLo>JkvLSYVQ)JgUSEaAJut~s8zp+?^$cwq1vlAFETMRGB7T-HLy0|1O}$8Fbk6b zg8?^)$r9sg_ZVga^;n!o;eoYJUIf0Pr?qvsPPT4Oe$ z`a74ZZOn$5g%W*%*6-GuR24t-wC@&uBD+$4vh+bw6`LrZjnWmf*9m_4ae2OWRy;>`Ty+ISxWIgyNhQX)|<()ZTTsa!y+fRmK5?l-qpFwo;m-( zm3^LkXN2y?iUrozf9?OGxk6#v&aO3Q&%e%)U$MC_^7nNAzpvHYe-zrc&tL2pF@d#AN85K^Mn-N{1_KpCB?ARE=1>-99?8tS z5?xpCP+e!oc-Mef=&IdNV?69Z!-b0b4jV^hm0ab6=3*96KnFf`OR z(1nv#8-!=-Sgddwdu0KMzQJN zxvehFa_V#~zp-JO)9so0Hv`kZnVuGS!W?w%71!w*XIMTinPzWq^3jF8&HUfSttyS2 zNtd&qS*>)O?W|*O7%*wpwL^D|k7+V{@p5aFoQh1BKi+RQWq0-R$U7=B2B}QUj0}v6 zZ4ImqIDr8xE6l=Vz+k`)V)C=FFf%d#Fi-?>R2donvxpmrvTCgo diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec new file mode 100644 index 00000000000..2cb46537459 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP_NS_OS_SA_TS +subject:ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_NS.der deleted file mode 100644 index 532ec167e93d23a962906297b77a0ab595c14aa0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6En+M2LoOv11|n?Cp)AZiyqS3= zx~|@#y3UUAe!&KE;=G0?2F6C_Muw&)21Zfhyhb3d36yJ~YN%|W2+=8(nu^e6jI0dIO^o~uKv!`wH8C!^m&<9h z9oJoGJ{4t>)5Gw<$u_iTVb?=eugosfLT|aEs}mPlmmB#TI?ND%XDs`=`o6HN`p=*X zDP^V?U;TbQQEKA06n}Be={K7XTVK81D-pIrQ&MYclAfRO>72(6C;!)Nn||qezHVv1 zdo9E5Unj1y@0Rad)VV?O_6?aU##MgIuI>755O@&rH2aCp(~T*Y?3tJu85kGa8dw`}0s~W4n1#uJ!GIgY z7AL$J4E_Dm2RE#R8zF9jW}f>z^^`=spVjjW}3H%?EScQtv8a#1R}y& zzjO=p=dG$a=X}(mDre?}TU{?svi~=7oU-Tg{rfrPk3@6Yjm^sfF_wIGLyC#N(2p*236e#W#$vhyae)=50S|KsGv*cvF1dP7$+Hedtwuxol2rPav`;Z@(j_DFbP3fn>Kh_<3E%E4H3%lE9 zkNfZUXa#e(TTR)?J;B=JrupgqYM!jQf3=Ozr58Sx;Q2APcmL1a0J%-h5s8oQFVs21 zb)jzY+J=N2hEx{+hI!W2C3}PC@{7-Rj*Hv(Zocr2-@J~G_bG&QS^nS)Qu`*+_IcB? z?$le#5*)9zWhM1yPCIaT-I1h!*GvztkDK=QwCl#X+)T`j42+9y4Xh0~fq^M2%)(^A zV89Jx^0TloGco@F2ePaxBjbM-aRX5{4sA9@R#tXqCN|E5HV?+OA5JWc$N>zDRA2xz zGPJGl2BFla@CV554?0m4z74n{q}o< z4A;G_*MeN8o=IGCGVW+upWE|Q2b_LR<$BlNuyL>Ap0c(lnjF7V@8_2!YF(S7zB9m5 zrpjM@y?9jJI@RnXxmmZjL}i=YUAUmV?Dw|Yd+Zdi+|HAg+!ZByaBE?%m0yy@lliYX_H=2er5t?$tPM<>&;JUTmUh0J!}>Ye QV%pTIJyH)oHQX-+0L*$W+yDRo diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_OS.pem.certspec new file mode 100644 index 00000000000..4d6bee2ba13 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_OS +subject:ee-EKU-CA_NS-int-EKU-CA_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_SA.der deleted file mode 100644 index ef98dbfec75c6601d10ab24ed8b7351ee61bc781..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6ANR>%c%yuY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@`U~U%#939O$;of#CeTCToWkQK-Ey$KoO!-Dm4|R(JxpR z)tDwmC1g7pSs9p{82K51&f;QfVq|34|FUeZsd>>1A9Yd9o{uZU7G@`1x2yW|LUv?nCcmK1bKKOw8Evz1uJNv%%I|pCtXS_2ij<{&;iwpOoIU zYq~$PD=|BTs$?Eu@YA{`eD_;i+jG$)dtKtfXIAk}SXl0%;&^${-2Gy@{do(H?bCI0 zUYWycyzuRpJJU*vo>j+`e4g-s%`ShQ7i)e;(?vJSUyH22uV$~Q&Q-ksJ>EY&x1n6 zw{nxhCry0aH92l8*BL=IrA-GvHczgwRB>2jSEC=#y^)ETk%4ist%0=xConK&g;|&k z7!0^UOnw#?W+vtz;6RpDWn}!%B5okc#-Yu|$jZvj%*4i-(B{F|_QQ#V5jlW?kqQi8 zMuvuE+UwI;3R@Q^ziWB4ah7ZN+YQV1v$tj2q@V7U;Qz}X{OGyZ+SOXe?n&D|$zZfN zsXm$E`lmDP%dOpBPq{B!>Hhw(!K#U$C70U?bj^1?5|)+3pC@xwc;1uk2hN?yHQe^! zdsnvJ;=_eqZMAu8x_G^gzb|PyF8^xR=jgdb$&(VN?a~OyXk}XJ)c)n`^J^|&cLiR4 zUaHA@b;UU+jmXHzv-^6UDD+J1{3`Kwi-hLz>nj#4v`P86-`jD; RviUn7nO0Bi{g$UrqB$u};{Oy3KrTxTjL?=ek+^@tmd>(|m4bev7Mr%_sQ!Xpv9% zj;~=>;g1(5)~sO9s1)DaHthjV%P;??*VF$-D*Y5p2o{OVlZfRo`d%2}ytd@z6U{D9 zsh}GZ{AJk>yNMoqwp}ak)wfN5x;%=`zloS|ibdqLT790z>oW0OzqXdzO}E{$#NK}4 z7tyY#M<$fYEc48mC!FQJ_3st$UCDfL_O;%ZM0%sc1a^HmB4<0BL;wHkCCz7_`L76` zc*Nr8k@f3OW)@6T+dt3NBe`P572(=Gll@MIu4>INW@2V!U|ei#U~Rw&3`|*J7A6A* z18xwLpM`~)iTMXOkY!aF8UM408;G)TXtOc0va&NXv2iA}c`&y9aAILZ4q#xU0t1+l zq5t_OmhAo9>KH|}T+pQde>RQe|@;n>BxltXr_^1Yk7RAiqDbmvRRTTc%$vRYI) zWuG={$;4X$jjlHXf~Gl67YSXzM((nikD__$!IJ?^mN&Lk8-K94Y1aSJQnJ2x&-U8+ z5k?j4;Xln+9r0jn5K~;;tl6}yKgjs>rHhjf2gtuXv{yPYLH}QA*$crBe`e{F{r0f> zIU(%8{mau+ZgaLg+B?O>2m7zm{2VeplJ{d_E6r&)Ro$-aE&Ab~;eSw_|bb zKc%~8L$6gi?>4GuUy<yv<6Dv&Ij$F12 OF6%t#^ZwffuFnA5E-K#u diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_TS.pem.certspec new file mode 100644 index 00000000000..6b817ea4fc4 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-CA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_TS +subject:ee-EKU-CA_NS-int-EKU-CA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP.der deleted file mode 100644 index 0b013d5068e726044247be275f290faccb4f68db..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 758 zcmXqLV)|sz#CU4~GZP~d6APm%?=}NoHcqWJkGAi;jEvl@3dyaw<5jk)@qqu z4^HPRw@y#_v1$TCeEf>7T7SRCTNDa?T~OKjz~uhhCz~&+uUK~Dp+(BwDyQ%b&3^h< zw=92`S1IOczuk!8)Q+_Z7J63JsfTsr_!Iwp`ML0B$B|Rsej+z+W;Pc6te5uKx%*z? ziZ^!z4_+47#LBecr%*%dw&NLk`g3ed7`Aft$xKfCB!2vr*;B0rCA>~sHtxM2{(7g_ z>Svt2-{fq!SFtGHe*51fSLSws=o-;8sGB7T-HLy0|1cs!nFbk6b zg8?^)$+qkM&0^P>^hn&`Roa{A3>G~Jv7kx6{yRnzoIl7qwYSJNDIdJwJApPxzgxO!4yeEgF4^?Ym=Z z_3T&N*!p(W>%hOaS+6vmI=BB#Q1Q>2MfDRMBOQbO*_PZ{5cXD_Q9OOo@!If7IvQOQ z*s`;q?awzmy?UE(c#7Ba^Q+qSZOd9W$LjnlgXI0X^@(c)EkepXG^{hVbhf|WJIm|L z*USlmixf`Wn}4|AS7k#E0=iNi+*L$g3Ri9hJ_tn9~ P_nh{77F%!o85gwyvRWx5 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP.pem.certspec new file mode 100644 index 00000000000..b5529716aa6 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP +subject:ee-EKU-CA_NS-int-EKU-EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_NS.der deleted file mode 100644 index 286d729cf8dcb90d56465807730e6dd353315f5e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6SMsDQUhK#POUbNw(q=*jNGgY1`>v11|n?Cp)AZiyqS3= zx~|@#x~>87e!&KE;=G0?2F6C_Muw&)hL%y{yhb3d36yJ~YN%|W2+=8(nhMtF>6jI0dIO^o~uKv!`wH8C5Jy}*+&@HKDmC#YvZ>0eG496x%2pSJ>yS*`M4cD3m+}tWH;%U$-Rkr=B20Z zcApLUc6`m7Um^#OH2Y^VZIh5bE+(-+pZUafyDQwYe=bv4?03>n>_p9vzP*d`&)+>? zZ=lY9IX&=yiSWUUvyDstR`2uuJVESd!{i0r`$O%gJ7_9inJSyK>hRe=8&?SJaK9^X zr$0C9i*JeGQceda|3A0(xLsQFpY!aVj4cv#BwWI`o}VbE~Pj|3ualI|soOyQH>MM><-(9~tVZQP5V{)PL{qi%|T^R3ePPtLB zy)Kujt%pPYpRQcSYs;-Z4wirKwM(UVG0O19KD^B|SHfb#<;z@`j2_SD%J6HrlfxkY zY0Kn?_tKx{ep$IaVP^4V|D4&?mYX+s>4bPKw^^|%Vq;w39gpR0zX~?lOs|{FTBu|3 znZ<|I_-mu!+P%9@u_gSB5BC;$8x}ps)8ghGwJoA*-3J&l1mu6QGhJVMU=j01v%f9- z-S2IYkbN=df55vRNA%__ToC7U;X&&(UG3}3>y?i@YuEIhxXH}lWcB>|)A}DL|G1gH U%65xZg@t!b&FWv18Dg3w0OMLZHUIzs diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_NS.pem.certspec new file mode 100644 index 00000000000..7f8e905c1f4 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_NS +subject:ee-EKU-CA_NS-int-EKU-EP_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_OS.der deleted file mode 100644 index 2fbec915c547d56e4b980b145d898e8694c625af..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6SEy_qyaA*r&gOs+jm|@Ms8LH0|`Sh0}(dnP!?t$-psrb zU03f=UDtqk|6l_-ab80c17jm|BSTXYBcmvBULz3K1j;o~HB>fGgy@t?O$BRoc8vE6 z);c9mB$O%Tp z&CL6GJ}*sK@-o_cd2Z#x>s_Djy${aTu>aSw^x$!cudLq`%yoUa;~iGKmT)c>3)9wwOdw}zfQUo zUAMCRor&zEw1Z3Er_9P`O6t~l-0WF@c;1{?cDZM)F&CxRSA~~ppEBTG5-JuvaBj2<9`-$15q{(Z8k<$R(574HqL}L55~41PArVb0St^( zU;r~R_)S;0Qku#k=%;7jXVbEG`avO+je&=Lnsy3&Z_-pgm$c2r!{>f&z?81WH~p*A zN@O_hiMfjX6ZkIJyJo*mi814L&NKRRYZumW-IyYERn+A5#*0yJ_wPH?@$zoy!==X( zRtcq?4&|S{f$~yCq4R5! zk`nfTGO0`TAiBro~X<#ygehO;p2%9 Shf{6CLxq)#o7Ky5g4+Ov-7X&h diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_OS.pem.certspec new file mode 100644 index 00000000000..15d95f0c233 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_OS +subject:ee-EKU-CA_NS-int-EKU-EP_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_SA.der deleted file mode 100644 index e4c26bac116cda0b2a4fa47b1f2dcb61bc18d52b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6APnugq8s>8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+ix6_+Uo^IdNV?69Z!-b0b4j6C=|oab6=3*96KnP&HIGP=x4|N=*f8bassQ z3)V$7rioDr*-l1Q2IeM4eg>ekxR{z485zF$r0ITL@#5+FOV)KckvKNVy@U+ibRe&zs&_WMg$i#JI! z@4w+8~RH(TP}IX=I5Ul%*4#dz_{4fz}kQl7?`rc zEKCLr2HYSfKMM;p6Y~#nAj_&UGX7@~HxOmx&}L&~Wo2h(V&hC`^I&ZI;l#p-9KgUx z1qLu9Lq^(G*U8~MPvY8aotQp39NqK3YP#>CjNGVaSG9iVmo*+pVLBjKo#f86%aXjfQSi88VW-&7 SkB{@6)Rftr6t_RPWB>qx1uz2u diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_SA.pem.certspec new file mode 100644 index 00000000000..df08a6e7f6a --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_SA +subject:ee-EKU-CA_NS-int-EKU-EP_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_TS.der deleted file mode 100644 index b04f8f22389b32b2f462d4362e4f36a33285be9e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AQzhWz`0}Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;zNQB~U%#939O^hs~#CeTCToWkQK-Ey$KoO!-Dm4|X(b+NH zFIX4Vm?lOgWIGvI8JL?G`5A!D;$muIWMnw=Vu#8y=X)_z7KAW#o$L}V`tLf)nX$F* zROki$Vg*(gg%_@yby$p?_9*ebUsI#~=vBt9$vQ9g%dT(n>+9%4`>>yuvYqr&++e_xJ$yJNZtHxn}>1LI;_18W0LU|`A$ zvoIMj7;uA_{46ZYOw2#Pfh?=a$oQW{+(49#Lz|6}m6e^DiH$R%&4aP+hZ74UasUG( z6&S#b3|23F`(quQ-f18 zYNe;E&b3+QHrXqgze#__&pxlbRWHt@G;MBN#BwiY*UA~p$@|yNxBGRdIsHrc@7#5L Td|bMb@rN>Ahv!IWE(ityO`|Q$ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_TS.pem.certspec new file mode 100644 index 00000000000..0a96cb86dce --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-EP_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_TS +subject:ee-EKU-CA_NS-int-EKU-EP_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NONE.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NONE.der deleted file mode 100644 index bb43acc74a93dd82a48ca0bfca987f69c18091af..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6AQz)_pJuJY@Awc9&O)w85y}*84Sb?MGb`6m_u2Zd3ZAO zN_1VlLv{W9{ag*?#CZ)(42+G;jSNjqjE$qjd5u6^6DZd}#ZbvW0isbdH5IJS*)iTP zSQo{VCPpP>8yQ&{n41{+8Gw%BVrpV!WO&;zkuDpRS{*6Z0M1_d}I2rd$uROct4bV*x@$$ zz=cTF1$VOrsun7~PpVwK^~BSaUAvC8vUolGSyj2|+P`g2XGmEdv@=`Td3jH_BHx+Q zTk`g;I?K*g@lEdf4_kXL=hd2>d;=e6Ptn4v8IO1Bw`Oo9rmwTrF!S?kJ#8Dva3o~a*;$t1D?|kL zusQEZSoF5&sOpcoVmfQNCpQK6ZL8MXxt8N+=Nvba6){P9*O#RGUr(|=y*{e>e%Owr z*UWbUe=qbCzdr4j*Y>4p3^Q~mR3>aROR5#@j#fC(%A*=BcujGKE|;|6e92EG>>)Q? zwsF0_aA>~0QJh>*m3`pLmoM6vpTBc`$>+)tkCWd|?%J}V#3giwa$|8vnCudLcLS3o zm&(eSj)x@YsD5wlyl(lK!NK*y)xBi2W% zD=)utYyQsdwmInM!WyR+eLo5d&X+t{%6Hg!%DtbLq|StDo#at6e{=n`+lB2S+JQ$t z7B7q~t6IxZaJ}-7Y2=m9=8v`?nzPd39n%u|zhW;F8?*O{@*Mns=J{#Xs7Wtg*G5&Y zF}Krp5r4*-@mK!YK9TuDOO9oR=*W zYM=E!xc$Y=+5IN_UG7!Ne*6boyltcVJih-=XjQs)$4h3#hTUF?omI+GhYx)_;Bbob zN$XMlhNhAqe+9#|Or3A^KbY`GX>!IqZ82?zR}bc0Tgb%B$iTSR*1+0;6Bv@R!YoV% z3c@`c@tJ6T4*D{#AOcV10b$m)+jDe(8MGeecq$ zuDDIjsM9tPm6ol4^TGevoEKm7UX}75-ll3&B(UuJVZFs>QURTx+3G*#@@=@vRD5;i zji;5;i%joSad9dOZ7Fiq*>SVSBuL`51jLKsfg0rwid2mNrD;X zXPxBz9m5mMLiy*HYw-texY)?EcZ=Y=-|KzrLqD9?nHCiCYU+`!=H4|kcb=I2G-tuC zzILsgrKjZej+oE%^|*6haD|nzlFG&ERXmD!Kb^SweiGxP7qJ@!a_pV=l%>DCtE4^E R{P9{*zQfJJJg4rk0{}v_ECB!j diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS.pem.certspec new file mode 100644 index 00000000000..753a04bfa22 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS +subject:ee-EKU-CA_NS-int-EKU-NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS_OS.der deleted file mode 100644 index f52d80e13f35b8227296646958ad6911017a230e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AM$=Y6$~gHcqWJkGAi;jEvl@3 zY0CZ3HY+GJyPaio)A_H;Qrz~-a*P-Gp4+m-dWYn{?Y04%QZ&U>HGY44n8z3X!=|k7 zL+!!9*j1lr70FsWDGK5hYPt1VK+lwUvr?Y#<~tW-9wv7=YZmy#zV|-0?TDkFw0Ftk zkLK5oc7Dq&R*-wyKP&jcffa3zKRllNp1-(w*Fk4CIe!8F#lHd@qI@MEa^IUAd4D?F zOMW$nopO_!t&KNX@jSYGchmIAz6^_gXFW7ZFIe`TPrOfGb3vLu=fdw&#>{Fkdma9(A1m_QBqYrUzH2>{;K=#LURRxY*Xf+JF-nn6knw zOa=@F+#n`D3kx$7^AB(!%c?Rm{$~+45M|@gW@BV!WoKq$<4kDtU~K#0#KMRiz`#fa z1~4PTQqFtc&ukbk1m!3_i4&UCGU1y*wvhjq)BR5ct`()a9XmcDZR_zp(VyO(Pxvdh z)r2Ws_?40)q(hCj|v3+LJ+a8O`f zt^cCHUi-|CUHRhaQ-3=h`L9-_Wp#Z=*p&TD+b(~6+F3Ve_8-k1+qZhXekrz|nYS^0 zu4%?z!D~T9;@*OHlcjp1vpWC9O5Re;_*ECTL+tdrg-2bB9=|=`Y7oJ-|JsDpSHH2z S@(CvEPvZD2nQbJh@eBYQGAZ`} diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS_OS.pem.certspec new file mode 100644 index 00000000000..d85c501c66c --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_OS +subject:ee-EKU-CA_NS-int-EKU-NS_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS_SA.der deleted file mode 100644 index 49c65d33b1736e5f1fa05aacb9742d81096281fd..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AM#9Wsm_c8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+h;^_+Uo^IdNV?69Z!-b0b4j6BCmtab6=3*96KnP&HIGP=x4|N=*f8bassQ z3)V$7rioDr*-l1Q2IeM4eg>ekxR{z485y3fXnVbqdza_G2dr6XEqC{?_NpG3S~*3VeP*m6V8 zLfXtN{aTQ=@;{Tww~9?o?)!Ff1}@Sz`tPb!C^h47d-@3%JFW0NQ$O%rUL8}lc|zp3 z9aVSrud@l9lw2Ln5v;K>Xpz^2^iRxhg&(Gz3cAp2>UEouiJ6gsaj~s|wE-tEFlB{V zm<$*UxIs*Q78YhE<{#idmQ`hB{Ldn8Aj-y}&Bn;e%FfKh#+lIO!Pxf0iG>k4fPs+; z3}B#{OFqkW^u0SN$q;hF=uPqWLxHnT-x=EoA+=Z{bb9r>gfx=4aH_o=O;dCisZfEDV~!1;$@xK`HeE7 ztUqnbUj53xFlqkk14@RPDYrwM7Z`$p&3k5P&3Eyv1&ZIT?CUyT+tl}hHb z3SP@=`tRiwyy(HCIL1}06DBTHP~7F!{g3E5QH& diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS_SA.pem.certspec new file mode 100644 index 00000000000..36be7c143d8 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_SA +subject:ee-EKU-CA_NS-int-EKU-NS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-NS_TS.der deleted file mode 100644 index 04b861389e58946475e5a1ced9ef3b9158da02a9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AQ!FZ(9v`**LY@JlekVGBR?rG8jl0iW!KoF^94+^YCWo zmFT*9hwAzT$A<(P$cghBniv=xnHw3JnwVHbiSrtPxF%4pfvTahfg(hwRB9?%qqAeY zU$8E!F-?q0$aXTaGB7tW@-qOP#l_Ub$jIr3%GQ}P|$bP z$%0;mZT-c!qm-UXZ#X}9&6%uSrXt(p^;_Ltv+r?jeRSsgoY`3hugufhrimsT_!Pf% z(iABck&tLv>z1~YX$P;};i%cyyt=ud{Oj%w*DQ>HOzD!Zll^Ny?zSZcQ|aB5X_Qs#}q@B4hh19==d z_XLT5lT}-^{>q2y>g)-gY7y=n=KkNTG>yA|ow#y;@8ax~&Ut~Gw5oTs3201~%eoLQ z_qb7=@1_j@>z`W%p4(2AZ>wxdsT6g#-F&gbeYwbQOWD0l%!~|-i){_84LE^;DJ#sv zWWZp+4Px@MurM<*{{RQFtSTepe-?2AQ8o^3Hbz!fc4j6v&V)7(#;(E>zGvdm(8B?-)&u`Qc%|#(~SX9QWIA_RNgbqZN@=1r*|h5KJD7QsN-|bImJi3 zr3~TAn!lWj_4E{F*R#EpA*eF_{$s-zb<4MVM0}8RtjcYl@cysj6ZR?D-sSnHzON{l z^^38ATXxB+cRwVnr?Lf1-o9zZwPO?irLLTH|3W~k%tzrIE_O>k_io?oar{;jSo+pw zHdipzt6x^V#>cDP_i3}q?ED=&yz1ljEz>N?;gi@JtrDdDD^lA~!!TUplYTVY=EsZ0 z`_D$b`=O=s-X>H_;7vU5m43l&zY~s$vgT!a8}vd?GBGnUFfO(=ur}ZXhNP@83zGqZ z0XK-r&%(mY#QeiR5yVktWc<$}ZXn9Wq0Pp~%F52n#KxJ>=E2zZ!-<6vIe>xD2@GIH z1~2X3Yf}F|^pX%dx|!|SRFB`+7bbpWn0BFd^8a1m=ROm?@%&Hvv<=4PdS9aqmDIXz zdba+z(*B)3|DD7ZhG4-gV~^I2`eV-)XFVVHNTe3%?llyVf z-K|acO6@nDf8ANLctyq0@3M0ngx@~nIQ39eVfE%4slut%^%uG&SG84!?Ekjb{NnBX zf=Q9}9ACQf9o(+QFZ5I=-ECmu6nI^Vcfc5OviHA0Jx&&;# zlMrbiu&zR4sXo)4ZSP}TuC4H9EPEGZBJG~RyYuy`)?)jQHOq9IY>KDmMkLs!7@aPh zt3CO1L0qFiYmeA2*?48=XD1XnR#{~g%-PU2#dN+|^DYI4JEjirGK>-u^`u{Yf3zYq ztT8v^yg}L14#~9WmRad-adU3)>~eju@788VTUnOS@R@<9+UoTBw7UOpyLmg@!{X7T znX}uJ*nBr%Gf7T+!ZqKFHBv_M!{>Ew4>xGN$k06G@X4}HS95yrZpE(eN1ax3 z$EkSyeX#mpTpiD8#Z@Oa96r}|X03_LRLvBVE`ELcd++g0XQY)9YA^k8*w<^k{~oh1XE(#L z>ud8>_ZEM>(>9eMR_wR&BP}7#IgQT0d|vOG7J88V-X6Qpdh)j}{l8RJ@~*P?s-dQu zYq}bfb@TqcJLbt~+a2Ll+9vp^a#qoykM`-E7eo64j}$Avj#y=EQnYgYF^eaQbS6r0 za=krU@_gjF@<}Z(Tomw(eiD$|C^SA!?Y|*J@e(I^3@Z|X;Y4!R1IaX_~-cFpn z>)YJ;q-mR%YN`F1FK|Ca-?Mcp!&(v7-HT7`a{C~eBmRZy0w-TXs7ORm*~EB7uhMu$ S_gSY}`1U-Ix6Y}a zui)Lp50_+r6y&^)?mF|l{#MfeGi)pB{d5xetx9K!_{c1r117M-70=oV!6%=^n9zS6Dl4>nGyv5*k|G%vtKQrB}~ zSLv~wzw0NoeJU#s%k^|x7d7EFpQKz*MQqIZl@Au^o>7r@XJTe#U|ei#U~Rw&3`|*J z7A6A*18xwLpM`~)iTMXOkY!aF8UM408;G)TXtOc0va&NXv2iA}c`&y9aAILZ4q#xU z0t1+l!Nnwd-KPqr#ol7A>!)77^w!`1uEyCdmrh=}bu@Y@7k}!5r?*^_A_JT(Z5do4mz-uVuX! z0{5ob7|yy7>TcF?b*k>_g;6mFTK@% zDrS;>^PFM_w|>z#Tb6vS{it{N2;Yimws>d9zK&d-pWmAOD}+U`|H`hs5?%Da7X UdEb_(cgfB4WApai=K>D`0C+Sze*gdg diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-OS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-OS_TS.pem.certspec new file mode 100644 index 00000000000..70b5297c88d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-OS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_TS +subject:ee-EKU-CA_NS-int-EKU-OS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-SA.der deleted file mode 100644 index e52ed8a169578ca6d427badc588fc09644b760c4..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 758 zcmXqLV)|sz#CU4~GZP~d6AKd?&s+muHcqWJkGAi;jEvl@3PU3nJQxQ#F7~Lw0{ZIWqzNl%~uwf{^8EAzKwwz38wcJ zCj@0}_bAes;jEQicxUp&4(F;3i%PC7)?k`_^yk4%b<_Fv-MSCYa{rT=jebn^M1YJriGp6idv zM~1(B=+4NucDY#iEbjI6Be%uH;Y32h#XZ9kk?7?A@Q7@fcX zW@Jd+Xy=nS{eF`0WQLSer*3mM=uFu))VAp&Mb*pAttXrI86<6 zalFLw^=nwj#qH(2@*filzH{kpxx*njdoq)ePU|7zd57gWtp0CKIy7_p1&*#;S+3I( zW;y+GGY@Ha{CfQ?(?>*j8r z1$Sr75mFMbnRm{m%uAPT^Ow@4Rd4dD-*>+Gb9C>jLqfYxXNAwIj1ZoG*01DmqCYb*IOOmom;r@+t*L0i+}!6{rh}craaR^ zA%TroQ?>6HPknoP=WZ@;C!M!ps;hfB#1+fil}sNLB>xHHPCs=jZlU}n^U|UfSG%g- zc368()V9vF*PQxka_MR5!tbi>vO<3|*<0V~Pkj7dZdGx^%ty<(MZ~1uf6o1O) zxaJqr+!^B6dHU10Gh-=p;XQZqseX0KB-~Lxk$95+AT*z&G&M<@;&HPA{z;qE#Dy)t!ALqRd=tcKzd@y$pUY7OJ%sKU>iBqw#ggrx|=Ursi%N zDrEx_xlfyIvefSKQ04i5`_c~1dfTv+n7JFaN$E=KakxrE)|^XxU;T1LAOOY0C+`3N diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-SA_TS.pem.certspec new file mode 100644 index 00000000000..97181c44966 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-SA_TS +subject:ee-EKU-CA_NS-int-EKU-SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-TS.der deleted file mode 100644 index 2f16f733b0d23e2341b79fb86ca7b8f8ddc58046..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 758 zcmXqLV)|sz#CU4~GZP~d6AR;-8J`V!**LY@JlekVGBR?rG8l*&3L6NrF^94+^KfP6 zmFT*9hw6p|8_0?C8k!gw8<`s!nwlC|M2Yhnfw(46u7Q%Ff`J@Fn|Nv}SeLV7ykD>` zk{L~mO31b`vNA9?G4eA29mK`d#K_37CU+rozH8=xx9qwP^KXlmWHS8uAYjjO@Y0rI z?@4>>4@e|+&kml{CK6^p$K52o{m~kwhrTNm+jY}b7}s9dK6UjM&SOE#bDeTiyk8jX z*pgYWAws|Kl=It{YNEYc=kW8$@>gt8jPZQqe8%p0gGbsv)pmcsPttt5LYZy#)^Iiz z#eeeu_~xIY`W}0i#MG;-^4;E22KVQ6Zdm)+* z8-s)Bn->-Ke6ll^lHK&RCDHjWt_D2vyQe^z|rT~!WUDnb4UAGIo&)v$6%$qQH@-qi#zS%y~Z@e$9XHmG|LAzodSt-=4uZ>7(7R)*rK`h|ap=6_v(V RDqJ8jZ70Lt+gszV0syM0D2M<6 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-TS.pem.certspec new file mode 100644 index 00000000000..81cd22b8178 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_NS-int-EKU-TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-TS +subject:ee-EKU-CA_NS-int-EKU-TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA.der deleted file mode 100644 index 8710d285661ee84aecf913f35341791b1906ace7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6APoK*l7b^HcqWJkGAi;jEvl@3t&`W??d5 zFyIC;`B_+)nV5eVD1bPsjEw(T#0*5(IJDUqSy|bcncyr=%d7u~Wh?qF7pralADtdy@0G}|=Iw*IZrJj2tH^X`L`pMhfFZ-({%$XFhRNPKb{pTvdCC)Rpbu5h7 zcUgA(&A&nCFP!T>%=wOef3V3v{+B-tZ=JpO-{tWQ>(lQioS77mZyk8!yhz#tp2I$e z*4{p@t0XJ1Ji2nF@Sb_=Vr-sVwP8J8%lSGu>sjW`89s&@QMo!|VzTn)zA0LNmqfS~ zim5QYEc$*lz^3raeh%x4lP@o={&P>~*m3I!x$;A8i|4TaEU^*XGd*tA?3AS}amp7K IEchG?03hQr4gdfE diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA.pem.certspec new file mode 100644 index 00000000000..54ac4e41d6f --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA +subject:ee-EKU-CA_OS-int-EKU-CA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_EP.der deleted file mode 100644 index c0fd7969a53aa747fcdc77cc05c1c755ae18ea5e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AP2T-FyRHHcqWJkGAi;jEvl@3|a^k#(CI-ev=0=95#-`>`;=D#6t_hTDplYaWpa{_^m6{6E=pU?$ zYD^QO60)6)tPIRejQk8hXK^t#F)}i&3pC)LSDOB7g3Eu6FI6*Uo|V2J_5Nj8O;OAo zhbJG;*{_Oet#-P(a;f$o9_25)qjDA1E%zl^`n~yiK;-h1SiS<0DTn|62;aDO<*L=T z*MD)oynKl>V`0lOo>kYT$}e7i(EQ2T7Sk1VOTYC9OE4r$%!oYT|I~JdRO2)5znhri zFMdA3v}?o74HBJ?JXHL168r@Az4UEpJnSj*aNEjn$F4m+Z8tN}z<-wg=aqt-n)5yu zbu6+tawT{L*A(^k=YjWMpJZ6Dq;r=2l6mq*u_miue=54w^SyG>*YEyjQu{CIayM%rTlSfTO ztBLzUuKD5d0oyZYN<}=YGTgj;oljFq;ex)Cf804@CLFP_uAg_r*f?3?QP&hH+oEf% z4Ga(aOu8P3{642<&aiUrJHY@ueMZyU6Y9dV1Rh=XUD>`}xaRPQNriGBl&*8C@rmoF zN3%AqJS}m+$YkH99^)F0eOIMkOcYu^y(Is`lXXlM;lCD2YO`OPdA4d}uami-z!7V% zz<=rT)6~me&MuwfYm=gUW#Zu}XJ1B|WEi;gAH4eQuYW@H%EKS#-%~!ObG@x%_x{)0 J^xoMq003C*Gl>8I diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_EP.pem.certspec new file mode 100644 index 00000000000..be955d1ba75 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP +subject:ee-EKU-CA_OS-int-EKU-CA_EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS.der deleted file mode 100644 index 3e571be1f5176d44ce96c36e73395c302a9ab6c1..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 786 zcmXqLV&*ewV*Iv%nTe5!iP?7B1Or|+POUbNw(q=*jNGgY1}cV11`2G* z{u#~tFMejKS^J*w*Jbb%FLwHWNn9c!`NWRW_SgNbQ+CZ;Ir%v6$B&s(d^%Brcbzk? zI5Wxb-rXu>rkp&d?3==hj`=gsbDw%+^!fp(zHwOP8c9C&H5IpN0#}K=-+ia$Lku^k z&xSvJ3vccBOFH1Jw$Nvn%{uXImsg5j_3~Ft)2@5CMK*r+9nO`nr|pgq%<@bsTpcxU z|B0Vfy-!y7{hs%0i@|YL&21G2Cx6cSzu5JBc#?-f#|>ZOQ}0@jaERSbdnJ)FbJw{) zQ&$^aiMyTlQtQ^D-y0@xG)tVj_4J($(X4mQe|q|N-e0asA`gx|eNkI|#jKNwnUR5U zv5kS10VgnEWrbOo3>XZ!K}>!Y7G@^qAK++{Rb^!S&mv|Z!p5P^#>mRb&dda7aUzE= zFs^~&%gB(iFSTU3(WAtb211G5EL#s8n0+|8I`t#3&Lu`^E~6&t!;?9e|6eM=J88-s zkA0sCZ@mkBIZxQH>+_}Szc}p{cX|u8@yM-y^5kZxx{tzx{-v9Dc7OUj*UzeA=AYxg zI^#b1EIj7W+a+{6lq({xwSsT4z1QmIJvvWxxBiS(sj5%XSDkuvO3#ui79aP=kC`vHcslEAV;t-}C8*1%ZyW V#ZR8{YNY+Plr@k@`Ihig2>_>nI=KJ< diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec new file mode 100644 index 00000000000..b84a09c2c15 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP_NS_OS_SA_TS +subject:ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_NS.der deleted file mode 100644 index 05b9908266f0afab30bd296602ac81ed586b23c5..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AR<>OVbQ^**LY@JlekVGBR?rG8jl0iW!KoF^94+^YCWo zmFT*9hw3^z#`^^u$cghBniv=xnHw3Jniv>GiSrtPxF%4pfvTahfg(hwRB9?rqkph2 zsxeKBO2~FHvNA9?G4eA2oyEn}#K_37!!cU1^Fm&}*p5}F&V89t`(|-+=dww2j^-cU z_H%6jpU>~p89IhfuNX4d+We6SK3(OxV3Obrv)ug?H%NYy=3FlIFU^p{uj8}3Y{}t5 z^X*+t?}9F@-&Pyh6Ex+R@aL=VJ}T}lUE$ESPvY*52?n{!Ci`zTh?x}0*eiw|{r_A~ z_x+@0Ntj~p&c4;ZWZs0@n$+z}4fjhh=Gj-zJ6UCx&6Ym>*!EYy zzARcKGBHGSeNvjr6IR7DRWmnUm%ZbiYgsY-^pm@l=l=D-kg3T0cZ{EnSs ztuteOwS3prvWVq3UI;e@Yh37WHk--jdZ1!KbZ*2ZpMX!{uhxiP-m-i9=TN0*dfN)N z*ByR%q@_sRCI3C6o-gmyxNW(cRQlBKHJ5U&n;)n;W$AY1C&$xwrk9noM|c-Z316oF zbZYLE1J{BhcxHaQy3Qn^b8E?w3i;lMl#W8hqW`laKdfEk{y)ixXSMmfSPSW{l?+?= ztPK5TV|hr&;BVTSu1Q<+f3@rSPnsm&EqrzI?%;!$nq{_1TvyVR+$0}XyP HidX^w`*tk| diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_NS.pem.certspec new file mode 100644 index 00000000000..b7627e2a337 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_NS +subject:ee-EKU-CA_OS-int-EKU-CA_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-CA_OS.der deleted file mode 100644 index a312cb01a758dd81e09b76c72ced28c3f89d934e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6SHZ^K?7bkPOUbNw(q=*jNGgY1`>v11|n?Cp)AZiyqS3= zx~|@#y3UUA{=o)v;=G0?2F6C_Muw&)24+#>yhb3d36yJ~YN%|W2+=8(nu^e6jI0dIO^o~uKv!`wH8C>$K|jp&K_>7W{GA{Ah(!?>t^^OZAqvB)OB0 zdv`rguk(8QD${oQ^d4`G23E6;hiVVZIF_&}I_1`!zoM?{OfvSO?yLE}7~c--TKNC# z-Dj?E4vMacDmlE3U0P~-thw}MNB0ZzhgkLsd2qA$Zq8|+_~@VGrh6}3q^4wdtjb?e za;)BSiSm_%x3)h1(zZp`RwaSr3fB5veP@+ z!fn6AuiNrk?`HfAFV`=*Ycifm9SXX!DMVClncV*mKX-;r{qyH>+QIKOhcxdTSrL=a zJN?=MGu`spwc7k$rn0LpKji&Yq1K%Hy$6C|2vOYpvbQ#Snu_fob} z$*;9iUB6zfVS1wa_1Xog`)`E46p3+{3%&V!=EluJIk~xc{St3)@=sW;^yB28KX3lN zIb*au%izO_8=}+os^mC5+E&k;{8-4Mk-O~VbiQks*c&%|a^NiaIWMp&>Ez|D;=fnb zoK)0Kytre!ZP@p3H#LMdsyw@C|KQc$5{3SHL-w>!iA+WH4-E8*3?vN23`E$NLs^)4cr)`# zbX~neb)6mKgB=az#CZ)(42+G;jSNjq3@oF>d5u6^6DZd})lk_$5u#HnH5I1OKUf#l zm?lOgWIGvI8JL?G`5Az&;$muIWMtTB&cR`}ll|x9-%I^65BxMSe17Hii3I87`b?%* z3)Pl%7S)Q*Se|)swY{?Q?OhCaV>th;+b-lAFe}cj)xEb|P4kt;OcjQW^ZNd%MXc)d z&hMUCblB4%^g@k|t!b3SoY^xDIrnhCS2}X~$C};ice%1z*sO?Z^!9wa{QmYuXYG_& z18qxyO`hOOz<`9@YpXbG=*KapUBpdvl(X&0Z>r>o^om-9< z1}bvLFP_X{IwASX;+)DK($;DHtKJ7Le7lhC^P1xtmbaf@it+i;`Q`KGnKK@2c)#^! zf75DRt@*QFc;}qtnL2aUp$XmL^G`l*`EF!a=V5xaVLuZyBLm}N8v`o?PGDfl3bQa7 zFc@%ynEWg(%uLKb3=}{dRYu1DETE|3&}L&~Wo2h(g0nc0!xtE*!0=^cXe#0nThgYv zS+^^xLny>Av}1MCLv?`ym2Q!AnHT-xAD*_bmNm4*dxqQPpFJHTW2oPsnEGG|%a`j- zdnYySJbh7OqvS!yJ?rCC-@XwpI9xFMy#aUXt?Lc_J;j%cGdDb3`bN^k`@%i1P4Y8# zy|@x``i$_4{JFhqv-FFzY<7t}Tz6Hb_2bLm?@Mg%JF68I*UoP~IB~zRLFR)`91Sn- z6`nsliCLeWd4rUQ0Gtjx)Q)IZjxqIov11|n?Cp)AZiyqS3= zx~|@#y3UUAA;AW6;=G0?2F6C_Muw&)hDK51yhb3d36yJ~YN%|W2+=8(nhMkCAFPXN zOcSFLvYm{q49rc8{0u->aWOS9GBO+p-SY3lRcm*T`latASa%nkyRyfsIiOcSS0vmv z^xB>4#Q~{TpY1D&>nLZLx72N((xpt5x-)?Xt1=7NA1q{cKC{Aq!7+hfTOLN&gf#Fw z*!35g^Qp&$-e})?FaGnUNqO(1&hM>X^*4F$Cq}Wzwy;&=hZWtnZ=J;I5XHG;fAGtQ ztrP5wR~5{=J*9)W=5^b=p1}Q~@lBV*ID~>$E$DH-lK4Nw!amq{`Lza42g}*klFvQ+ z!?!ghZQU1R(I9EeynOlPHO;?8_AZot|8C*O0)gcd|?95DX7AJD}0^<}IzKjef7Q1bhN{+d2 z&@t)oX%?mGO>X-Ol8bI_YfZhz)b)AcTeA|;r>kxm)iMiiT(Yz~>W=U15MhxS|L=Z# z?;^3xVg4D%t1Sy-o-Npr!sI6QE}!{V;XL)tCnq!HN}FXbdQ|pv@v8Xy)&l%boE1%( znP1*?N}S5Sm&1QnVs8Jc#~b(UPApT>dCpU_V@1dkgF;*3({~b6E+0JnQk5k#Zsvc7 zyRS79^CowOZkxM-ZPBSatr|;@pY~3R6nk~{(^AGM(~bU}uDtxI>u9md_Fqo_C>T(&&wOV!mF`#7&ZvI5JycOUX=zGCZeQF&5S=F>C#BL6sFuYG*3`7lu4FuVkLs^)4xH9uf zbX~nebzK7t~U%#939O$<$=#CeTCToWkQK*>jl>&G95CM>wp!TNrBaG+oODx~yT6Q1!wXU}HTB4_3MLN?|ZO*itwq@J&UWgoJ ziv2Io_Hvp)X8)Ud7Qq5#ZJl$U+XCucKYrAeWIv?(ZFx;V+s5LnEw|RPHt+LxZWZ1z z<4?`Gqt^RY6lbyeu3yY&%NX=tu0u^a$ntS>@sm!gzjrr_Z(X)Aci{>9ANE(*Y!*zY z;O73an(0k*ko2yLmP%WUl6nK`qtZ@4I)2b2pih`Z^4XFuP5BA3*PMfHw4AWuEB3v1 zEcqRKSY39K=bFrmhVARFJZbQFXfApF)0r&Bn;e%FfILXK^BjFEBQN;mgRNnQY`VKlaDs z)Jxkp>2I?(4NuO$(2@{mx@58W#n(!8e{BT5e0jV3E9?4|R==OId2Wppb!;uwDQ8g# z`e37+aQvo))wb_NiyCKro4D|^UxaeR>?08zPr~x|EO)!4<<+WscGf}nijy0CR6TE> za1Jgyyej7G>%FsVkI&-0+5IAPQO~=y4e}lNlCR(Io0V=PrZf5OddFk?R?g0{k-V5HQTEG2 z|LL(6n`h67SU11;|AF%ir<1$q+FNfjH?R9w!g93T?v1kXde%R4k32m8`r!Nam>#r_^seb<%ZP0#vA75FkaPdwr zk(ZB{zAp``H~h`A_|ftYZ!SOov~kjU$C(dBB2RzGC=X#$yl~rb8C&3u@NQ>~qMT}$ zS=lv;8a~?t7gaX|FowKXA8e`F`9R}V2xCeh-%qx^=J8uLCS=?9I%lY@QZ2SynTeT^fpM{oft3L#Ffe6> zS(pqM47fo|eijyHCgvXo3LuUuBjbM-P*ibfvoW%=vNJQmS)9n>3yf1>_%bq-cb>Fy z5~f8kWBybDN3+q_-aLI*}!+u=uM{^7L)OgK3o6D=S4U zWhLQhxq^RAET}uxwXwrv((UNv`^^i)pHAZ49?RMDr)N`ZY0EX|k52FHg>0m;3JC!}FfBIsVi$zSGvdDSO)C(k<#< Le{~Y>nCSul&{!`a diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-EP_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-EP_NS.pem.certspec new file mode 100644 index 00000000000..a0825edaffd --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-EP_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_NS +subject:ee-EKU-CA_OS-int-EKU-EP_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-EP_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-EP_OS.der deleted file mode 100644 index 495396c111a56ae81bbf444ca43849ccbab9eb08..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AP2->M#RdHcqWJkGAi;jEvl@3f&y7m5r4#W_lMBzUB6nLqe^eS{QGk~ zJ8RIK`h}O@ZOoeR@{_abpGW#EA1<(0#E4D3(=FRM{nwW{zeU&Ttm^-NYO(XO9<|t# zFBK(82RC`#vM6UXm%1=_s;*Pc<6Vz#D|a@}+uT3%c)7#0*23ej6Ja63gi(Up8HzPEqxzjt3~dC{g$sp4-O2mY0Dx4dQQG-b$L z+T*3^q$u0+@`q7^Ts!lDsEPswzwh&AP3iq+&z|v;MfJvcCT2zk#>F-URtB8Fz?2nc zVKQJa;07`ISy-5vn12{3fHmRb&dda7aUzE=FiwHt%gEqzF=%kRIyK9sRLLrLumTLI3J&yC3M)_OCy5?%eMk zK_|W6CUIR9_qZ*|-S9ieda^~g&~n=i_czbq!dA>F_t?@?>vBg?{;oQnxhmVem$35s zslHZp`}v5GL1)*GpG$AIoXDGfQ0t%gG6|bCN4$9p&tKpB=a1bdHRjGUN`78{mCn}u zzt*k1cu|w^txMta`j{7Utj|6Ea_55cX{sw6j;7l4)gOB{xwv`Ld#x++yM0gI4ff=| zxo6V-Q?C|P&yRVd9lcPq#N@$)-fAV=C@YC`pQJyW-5tg9(AKN!^^aQB@cbP&_V%=t KO0L*^^&9|4Bs69K diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-EP_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-EP_OS.pem.certspec new file mode 100644 index 00000000000..67daa2d53b9 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-EP_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_OS +subject:ee-EKU-CA_OS-int-EKU-EP_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-EP_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-EP_SA.der deleted file mode 100644 index a20eb9774f96b3d3f7a1606657d700658b253e97..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6APnt?K1;jHcqWJkGAi;jEvl@3%|QOGW*V6!n}KFUnq`8oS#WaoC* zl#`#IKMFD9UldcyEgkvdZ@(C`z0#e9&+j_TO+K#LY zeYE6CO&&9uU1w!P|6eS%OxM3y=^1qYFGKPD-YiZ_Ru+lBoh{tkZq1#2qpj%kA7jnD zg<)m}hgP3#$XR**Da%FHof^zvCoMi}u7CEZ-H#1(#a>38o`2f@muNt+{qA$S)52bg z>6Cc*eER-P;GbNQ^bEH?jpkYE@_KBHX?_}qY;!-Yu97?|w06d;!_U?;-1T1?Y&<EZOwQVU1Hk&?E0weI{l`2FArU237`~z`&Fh zW??d5FyIC;`B_+)nV5eVD1bPsjEw(TKvBh^&Bn;e%FfILXK^BjFECDl;mgRtc1f}= zd}-xhWsYYnGIuH7x;1f5kL<<@osYMlYU|Y*+_({@%W-&qnH#^kWz|)-SxT=RZf;f# zYPazeT)}gH)uXD{KLWm74AJr>~$Y_CzRcdzs0+K z!(zVj-^V)d{wVtVds4P>=H;2Mwj6!Rc8`TM_W*yH+>-Fce-3@SVtmBbEky6mv$~QE z;<0@?7deh>m>ha$_Z5xEq8su{|GqwvrgxQ5XXB*{E#@oM@9HUd`|IqqQY}lX&?On( ze;B{6(Gt8{a4c9s@#;xuQ(eCON`_Y(DkHz&@3HVYC323py70}xeK8Lh`2Ol`yiqsF K&fWW`+OH&Q z?-;}P=sE>ScT)x}`QU{&P!$CpI0kr>P<_yaGd+4fk%}1{OPiu z&W-!xuRnX1cy+~}nI}|iPrGgq&oX>tmudJh_Q7%E(+%N`8{-|iIj5~%qUY|o;i3C` z>#37CXO-RX@D|{^B=0cAZenoHMn+}tu>ARFESGZJI`_)IB23?z>0Pl-l0@7Y`vnU! zB@7}8J2Z}L+03+3m9b#W^@a^=t1mw|*|JjLa%1Q`4pAm%Mh3>kHU?G(oWQV@6=q>F zU@+hYG5J|on3a6$K2F-KF4y^ ztlZtNEvj#S-k}osv*nWXtNWpc{-r#95Lm~xFX!71?&;Ud*}sMa|7H1?8qU6gVS{qm z&X7Nxu`1PHdtb^gGzs`}>F;vR?!~F9QZBs@ysVenaJp46u(miX)%#WPn_HjVvT4a| zxkE3e^3ST%xbUF!mS5pPq2hDyNdeu375WyZ4*vIkGnZ|yFyG(M4P9MAFG^=`wrrR_ zD{V~;&+GlI@n1quOKjG@=B)kr@Q41!12>JH&0Y9l`pp?vwKBctZ*RFJvuxk9FcrPW H4nITz^U@;w diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NONE.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NONE.pem.certspec new file mode 100644 index 00000000000..b4ee8384a56 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NONE.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NONE +subject:ee-EKU-CA_OS-int-EKU-NONE +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS.der deleted file mode 100644 index f6b8a33af1a037616ac137742ecfe0a9ba031f31..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6APn~qLu+K8>d#AN85K^Mn-N{1_Mz;VFN)n=1>-99vDFC_Yc-Z zGNXx63E4JARtDxKMt%mMgSeQQ7#SH>y9lfjnIF(|>qC7@-E6NMCjGy6I+9N9{pA10 zGTlWpxaWk~CHs#;{&Utn$j!cgbeTX*Y-L&DJ*C9#wO-o%eb z{ht_iu0Hzz=a0=X$)60itqbPA5_M};(y=FDm(O-FR)}l~4;K|(wol|E|MQ9d8cHdK zp-aumLMC1ee;mi&t?6+5!>jB6LqmgiY_{!Qwg2i~D}A}J{wUd<`xe}})TE>JeeKO) z&nZFK>Dd=YHB2`N`$wgzNW}H{I=Nx7$~~@sepy_(LXUMh3>kHU?G(oWPKj6=q>F zU@+hYG5J|on3%H^wmqVLlOb`53w0fG)&YdyI>P1~^ zNOE`C`9(`IcwS3f&$bMlc|GLg-kG62Q?%P#I^{b~pLvnM@TQKtQ~hlEEVk*dp6fj^ zn3wV+L0G3LQgq)=xu{yd|LfHgWVqiPo6_bnZ4--3;{9B!=tmDXa=H{6Zb{l&WFK_= zScS^|X=00`B5ypXygXy?`kJ54S0a5;BJ#SvDdo0WTttjM5k@|%HG II99v|05K9W2mk;8 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS.pem.certspec new file mode 100644 index 00000000000..91aa9c048b9 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS +subject:ee-EKU-CA_OS-int-EKU-NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS_OS.der deleted file mode 100644 index 694cbca82f3bbffe75030915597308d1cfe345b5..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AR;JSrY?ZHcqWJkGAi;jEvl@3tzzWN|t3GWw*Luos z^1@B4q^zSRx)_x5*S*k+b7XP-q5oUe>A~~Z>C)fjLW={EcU!uxSghbarA8|$|K#8J zz_T_}gDO&WK1MfYb^rgqLMCgP8i!U}^R$=2C${IPX_Y5Fh_c9A@Z#c^j%(9dr8eBX zGi&OPuh)#PuCO+-UDR=BvaRcLq2`sTT%V-xweWwxpt!a;G;gKu{rvfb9gMtpCf*d7 zaLQkO-R$si&xupaXPlSfXhiKi zbJ_XdWdb)>IG^nk=$T(;KWFl>GxrxbO}zLv{8!24yOT~bF*7nSF19hSGT;OTrmQdv zlL3PPH;Bp4!otkN{KG&2#8G8r{Lcc4Dh_QnMpjmKW+pg`6FGc=aS9AyMh0ibwQRkL zFPgJ*iE?*?M_hMO^OA z-i+$FtUGHhUn@$=-?G$vCUJktnv2XrX3J{(gff(;NFG|db9da_M+I}rpS9LD7_U;F zmUyCUkDJYY^^ya5iC2?M^US^_N-FMgxe+-b{?D;PyDoD)xyiF(@5}R{(pd-o&z-hG zyrb3klEuos*ExiWT(0#yK724)ME0k^g{u!wWkl|)?de}!V)E$ZTZOXg|LyZPYHPPm J{(gS99sppbFSh^y diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS_OS.pem.certspec new file mode 100644 index 00000000000..d49e9489dd4 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_OS +subject:ee-EKU-CA_OS-int-EKU-NS_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS_SA.der deleted file mode 100644 index 54c89bfcb2f3abfd4bf15c48d185a770bed169d3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6APod@?-;EHcqWJkGAi;jEvl@3|)&~oaQsa z?>A&tBv?M%BgprHwcLd<((cjwEg}*=?)hPUkvvWc-YTw(1KuuNvv1+av*!=yN<2_o zB-A#2*N0CP$vbM_|1deRREBBSYX@HbbyKwt?ALN#@@B)oC%u7uy(E8E^svQ&yOT z$$-It8^q*iVPR%s{$Zd1;;1q*{$~M26^Aw(BP%OAGZUP}i5$MbI0c3;BZHXPyhS-V zTvvGa$o`!&SI>J%I>)KQi-JW|c~;9!-%w>9@G5>&ww!m@mNzHM?`1!D_b)5BrF7jP z|2Mtq?3Gh$JB+lOt}o<1`bb0jo7i3XslJX4g{OBlKbbt&(y{Nyf?L&=9iCg$5BT}U zpLg;6v&6QP>u)ssSMNC{Hv`t4-FrJ;YvQ-$Cdtdi%c8eheSSB$R9)KAG-&(pW#u|= z4tz4;_@FId(k@Woo_B=@)L H63HR}49O*G diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS_SA.pem.certspec new file mode 100644 index 00000000000..727bad6bff3 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_SA +subject:ee-EKU-CA_OS-int-EKU-NS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS_TS.der deleted file mode 100644 index d42282b3ddf2e904cd44600d298985801a60afe6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6APo9>3IWQHcqWJkGAi;jEvl@3ti=XvG3UxQ*Pa#^l>-K&-vCnE#6JdEziEV$}4xu z!#$tBEo_zg_IbLo&(r&o2c~Ux(bBEEWcB3h5p(I$d<2?T~7Msi6=dBKJy)D-19$8_0eCIxPhc3lj_enXk*J$ZoV2%j? zX|*Hufq{4G(UAk<$A5at#ZciXKTyxe(YTKOiVJn@|6F>b^VdTrRO-5 zwZ1PhU3I0i@%P*Oh=^tTS5|*Haq~m^^UEHx)24`C&a-&s^6QL_`?;RvJV(Jw#>28J LTc>C2t_%PGmLxMB diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS_TS.pem.certspec new file mode 100644 index 00000000000..40c9aa01abd --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-NS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_TS +subject:ee-EKU-CA_OS-int-EKU-NS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-OS.der deleted file mode 100644 index 15f83ce6646ee07c2800405064a6e3f59def7554..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6AP2hgkS?+HcqWJkGAi;jEvl@3bp%hg6DO`qSxOK2+lTfyK*BwXi{Be1*_QK#qKy0Ww7J?gC@O0AMARxynQnIMe4UVb1s*h5tQDy@VK>aQrwwe zzl3B;m#yv6pOBVbGk4Q()zpg)9V!$7eE#sb4ug Hy?rMDTUH~n diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-OS.pem.certspec new file mode 100644 index 00000000000..81ff16815fd --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS +subject:ee-EKU-CA_OS-int-EKU-OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-OS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-OS_SA.der deleted file mode 100644 index 52c59566e1e610fbe32ab432252ff548b3ccbd1e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AR-s83O}eHcqWJkGAi;jEvl@3aE_DzU!ytm6_*;CflpY8e|mtS9WyIam&;eF}5U3KD5{7)y(zBb3d>E?{< zc0Z**ZJIVq^^?Ovbvu))>BR;eJB{1=P8z0g70zq?Deh5tDBaFs+NJ*HT}#e9J*WQ0 zW521-hEsO}II7HNST{tKm%e?L(YLubG-36h6Uyu>7s>w#QMRq&i;3GC6t4Vir-wwg znXu--{r+s_E$vCHRx}zx}v-GthLwT zMGT=AS1wU<{j{UUd*z<_`ko2TCZzdPHf=Qe(_(6PoY6GJ{zc)*W7>=h?Q}iDANnl0 zVXD1q-JuSPmETJ1+4p8|DO`KsvA@^gy-vcEpEIX4SQby65fHwm-h0n}=G8|ff4j0s z&g_0C)O=R)k8HK?&s`ywKTq{+zIjICso2vvMu*QmH*Sgwg_x}UAHkfLY1yjczx4hG zvy!Zf&)z-azFx+7XrBF*=(L^bMkV}P1JbsgI9=T4Fman&Nyl?Ta!_{kv|DQ1RuiNxy z+tsq2CAS61BU2`bYO zdF*z_E?woohMj*DS{zvqc3l@7vlh>Y_fuIUQ?tnV1~_RyXnFMp8r0RC(gdVgvD_3g$W<3XZJmNW5u;ev@6AJ?GjD# zw1^*5#elI@j*+^DVD$yqv`5{MtpRcyYod$qOahElWG}-YPy(Zw#|N!=S8L z)ai^ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-OS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-OS_TS.pem.certspec new file mode 100644 index 00000000000..2f290d4fc1e --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-OS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_TS +subject:ee-EKU-CA_OS-int-EKU-OS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-SA.der deleted file mode 100644 index 6c38f0cbe85f5a82b0124433214fcb4ca714c323..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 756 zcmXqLV)|gv#CT%?GZP~d6EoA>!v?%;oLX%jZQpqr8M#>*3`7lu4FuVkLs^)4xH9uf zbX~neb%PxZ~U%#939O%05q#CeTCToWkQK*>FyERRWlyU4Y~91orZ=*=QHtX6-P@xeylBG{xh@fmBO@lOkWsU z9a{Rs!nP`(NILi5jOSSuzf4_|(WK+W^7$_-0_?@CzHQp7adl5?(1vB3O8#XpiD0Vd zOU!ND>l$7o%4@sA%c*f9Blk_tCl_u$_{?!-)vas&Q#u=@bo#wb_XJ#v06-|3lg;gL7z{rmYWy(tMNc>8On&R-OgzRcis$*Gk*tD~zAxhY;h zWcfY!&c9*{lY?tQ^U^N;VhmdF_`WOI*!z^xo{FKeruu`cAm+gNcq#-#$f&N#DN-ckJiCbj$9T FAOL_yBM|@q diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-SA.pem.certspec new file mode 100644 index 00000000000..59cbf9a236a --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-SA +subject:ee-EKU-CA_OS-int-EKU-SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-SA_TS.der deleted file mode 100644 index ffe08638b9e4a7df374c3a7619ac773b1622c7ae..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6ANSGZyf_(HcqWJkGAi;jEvl@34x8&aPjFr(aU|Dzuud^ zsxLjrdL8#MhSygXm93Uo`TVz^$G4;d#<$J}w*}2!`|x_B<*ceBH_TV2>*-ZyzEHL^ z5RP6frD@%}+5L@V-?I5T_@-`7HkVjz{cPFnIP09tEX%_Jb~-lCvh|slrnGLNzM!9Y z>b+|=reF0OHtJgZ`Y4y?d3yaR<hC84)cUhdzERjD1n<3x|^ zi$~ipI9Q)+yT|DE_apOvv>Tt7=V<)lTiN(6?ECBzney&$jZDmp42+9y46F<|fq^M2 z%)(^AV89Jx^0TloGco@#PylgM85#exfTD^+n~jl`m7SRh&f-K4UtpX9!!w{c{2`MIOrP%=G&S-XD@f(tG3eQ%-$IhGiNTb-d(uj zMcuq#ds}=~asK9&fARHK-@D#a=aofWH>U5YnH!m2;36_b*nf#=$-MhQ-f`Dz8{eO? zzgA!@VBb^5BO<@|rN>IgfCoFYa<*BR{};G1Q{-vI(Vzt9r`Aulb<9gW_BlA`zvZUY z^K~v?&O5N@x5kn+DYl7;4Zn5rSD#Vi(t8+xi1C=$-~4=%YU9quL)iVEcJg(`rQBVgDSSbC@%JYeD(}|>{0dyL zM9D(b$bZ{*-P_lmb=YKn+T^ajb8YbLRA2oag{$iq`&~2Udtk7GmHGNE0jDoJOgV3f z8;JgzD_m3b;8W>B-piY(W}ll@So>UO-TLWqQ#jsgq^?a1`8w-4hq7B)gj^;kXQ0~s z8I!v|UFMJyy~om8kzo}yt!a{Eb4q39p(eI>dxRbwU(CeJ$iTSR#=y#e6Bv@R!YoV% z3A_`Oo+ z_1T1$cTb*vLeTw`|GgU1ixV!eJ~^)SXR?|cYxL}A$(&E^uP(^*vbt_FrQTobl9Z#_ znL`JY40LwtvMp-(x5dd(scn{L_4DAD*>zLi$HqsPKfB$Y{P;1`!8QAP%~a!$Dx@9# zT2RIn?kPTHP0*Ajf7#ly4dNw4Rm7`ae<_ogu5I63==me_#}?Pg>kseU61&Bd|6Sh) z(JFPjD;2M&J9jN*Wm|hU##i=8NO;by;(HM;>heu;DU|{BuL7i;*G-S=i_;l1# HfO#nZn$#wv diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-TS.pem.certspec new file mode 100644 index 00000000000..bf19fb7b6c2 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_OS-int-EKU-TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-TS +subject:ee-EKU-CA_OS-int-EKU-TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA.der deleted file mode 100644 index f5bc9657d0e1e64893e57cc302922f939c3e7b9c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6AP24+5!V!HcqWJkGAi;jEvl@39{JW1$JNJJCZ0M{&wk|jE_r?@PL6987w<$eZBLx{(@*>L z%oTq<|7|c&Si1gd#wL;Od8=<+GUbwJOKZF+AiMuoLc3jhaI$P+WAdiWo6p*`h0io9 zUYqhexOGO#-;)m|4X$Y1$df*??Bdh52MVV0C41iNEk9kz)OW5uXD6qvg#X2ND<8aB z_VIJa8o328lz(0S+wyB!?0&Jvm=v#V9FhBVT&4G~k8O8)qQ~1+U-RX-=IQf13nu*+ zao--6?H$6d9N{(RW8}0y8ILEixV}$O+Pwc@4}Ud36EhUZ~2T}MM`&P zCobrbd-=z{V&V!$mv{2BUX*r=ZLO0mT^pWw@>|up zNKuE$(@vztKbRINwZ&fU@bX+MucVX5OZ1n8zsx(HVOZ%U{CYu5DbMAO16|a^k#(CI-ev=0=95#-`>`;=D#6t_hTDplYaWpa{_^m6{6E80@Hv zYD^QO60)6)tPIRejQk8hXK^t#F)}h7R6hOTPto2iwSUo0Z^E}v*L!_g{>6-6k;mKB z+SVFo_Ot%${ZS|7RyBj&dg|iqs^#xYuFPKCmp$Dysha;s8mnP&!YqT7>CX)>&5-7b zN&FzUuEDRP>8yd?ujx}IPUIa>KOM=P9XKayjn)2xp8vVlmTK%gWYnU2!6jsSo1=nL zz_)_!>lP$N`+Pcfdg4bNprDmdLhju&H!m~f*ua}sw zf*Wq0pLeLkF{s}1&a#-*b=&eY%$LYNbX@b*$>mmfhll=-)~zy({x99POWp91QG8qx z)5^haFU)+cu6&NyW!=Adx8_Y;CmrB1ZBTG5;`70C7|q8UM3@qKZSCjggg=otX*FVnhyKV4MQOmyyA7-@=-Adv|AA zoIA{Ui$_RQ@^f z&EMW_@>1ETvHk_u{H)k{8%~HCJ}-){n`xjPd28VT!@W-*Of~N)>AI9%by&W=gX{a| z_x|EKA&;G>a=0wN{8wdi*_qJT)2`PK8l_yatLA?(cC;!~_PA>>Q@_{uhSxNu&!BZ2TS6BUAt#E1K!PI5GMFR2$JB5?e>(aAl F006HpDtrI{ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_EP.pem.certspec new file mode 100644 index 00000000000..438379b917f --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP +subject:ee-EKU-CA_SA-int-EKU-CA_EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.der deleted file mode 100644 index dd9168a3812efd45de7af199cb9ea67edb12d46c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 787 zcmXqLV&*q!V*I{#|!%gWdmZMga) zCHBUOzJIglPuv@{YblFQV9qsx%z3p@NesoZ+> z`?B|)-x>rHuPpA9YVzH1ws50P)f@w7vz?)uS56yTa{h2C@ptX?#})xHd}vzxs{tQX!5F@M>6d_`_ZSFMH8k_7qmh7-4# z?>a4xPqE*h|MsB7-(~VwpS!b*37NRxU)Xb|D=w{1`QGul&ehzXYU?-os~Fqf+WqIF zrl#H55NH5VC9@^bLlSRF5`-F4FL)7%cfJIW=7AGU0&u&#SH`~#K%zk6q zkh^^IwwgeHRT-W~bEmFa>C4pb_}y*(6E}gx@FN>G?A@3m6ZCg#c~+JEpY98jei=TQ zBBg2lg}-HCi>2KZo_`_>?gbsldFRA0{mSEcug?9YEn<}i03{hW2mk;8 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec new file mode 100644 index 00000000000..4d18f1df9ea --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP_NS_OS_SA_TS +subject:ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_NS.der deleted file mode 100644 index e353079baf6f87679889e73c9c7353eb605c567d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6ANSg>mvrdY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@`U~U%#939O$>~p#CeTCToWkQK-Ey$KoO!-Dm4|RG1yTT z)tDwmC1g7pSs9p{82K51&f;QfVq|1EI)AUxBb`NpRU1t``bs~zRGkZSsXDa#!Ftia z`zu@IrL5$p%$mJ(&jXv>Fj7p99(+GG+Je&S4LZcWbpzV?_~$}Jh3*6XdWRf;l}UXw3~ zT3~Q)^7M(X?|(ed#CqqUxD)TTq>r@|V!|_D@7r;$n~9l`fpM{oft3L#Ffe6>S(pqM z47fo|eijyHCgvXo3LuUuBjbM-P*ibfvoW%=vNJQmS&Ycx3yf1>_%bqhFTUozf-_?q zXT+N8sa_Jh-XC&KU1H>O$;7;PfBba@xnJuaIW_V8oAz(w?#_o?>{o+3Y8$<0e76Uet6^3J?F>tF1D*aCC_(keirmX+px0jR`%S3M|e^_U(DBD+@0UUO~xzqmK{xMf)FvNx$KBoer%htKn6mW*HVO7Ov+M-P(cDR%_Uh>*(9-_Tlr z&;4}v-CeUbuiT*$Bl$;hPNZNW=l83-|17Lxd#)89Wb7%gt0MA#g_w8rwgY<<3m(3d zDfsr#*XV4*vhM~So4j5+hReU@ss8$^T0AJqc-mwutM3igOCK+7Uby?vJIgSB1Jj#H z59jqS>0}O^EBV1C;le%BEsO5xR%|&?CjT`vr`cdqhb$8_BLm}N8v`o?PGDfl3bQa7 zFc@%ynEWg(%uLKb3=}{dRYu1DETE|3&}L&~Wo2h(g0mQr!xtE*!0=^cu#3CjHBar{ zys1u=*IK81yZc?$FkSEY<=A5a=R~S5YnFKE%wB!5LX|1AJTIa8sIljZ!oHAz>8X8| znSpD0EBA@!DD>LQJ-6zB)+_frtELKfFJ5&1>A$=R_A^{dN@r@`-|^4$+5CXAqmN@I z3e@W#aa!^6spKB{wAqb2)YffQb^g1^`SIr5wv}^}!<_rm{lT5zM%+r<pZjuGn#HCQE^BN4h^-U3ae$xis`BxP z7V(Q*H}j}PS6Q-$9y=v+ddIci?0H)%lf}8)&z7<@P0Bkc9^P)`z24@9`;?1;tBTTH zk8a(6KvL`LwdZ_daf)vyUu_f4HQ4GqCCB-8vr+5&u8B;0?DzJhT8KP6(DeT3`+J`& zE&Xdf|C%{pTKVbH+x$mcPP4pE653OD>+H#ZO}tmaWs=;wTljto@3qW|pZ&l@CjX|@ zx3`8Z^ED=lu~+9_5%-zC)3YtcJG)Y*e%i!rukC-%3Ezz0V8-HJ95SnM-oo9i_q!x- zf4|$lJ;iq8bO|@j%MY?G?!ErzGP6>VJ^km~8SfS{F*7nSF19hSGT;OTrmQdvlL3PP zH;Bp4!otkN{KG&2#8G8r{Lcc4Dh_QnMpjmKW+pg`5jlK;aS9AyMh2TS^}4JNZy(?P zDd?Q`@|0fb;)TDPGCmumn@h&2t8cyF8|-#qg*iLhg~zpJVuym$b7VEoOs`Dvs-MOv z(VD(Yhs~`qWX^=sQf7*kpVz$jB=6I?Ca7WCx{9SM{9a7*t2*L+YVGXkUqAHM>Q>B( zQfhiru#ea3n5D6+=0xd*Lg|k})wwim=ky13Iuxm{dR%u_`H-W?3AP)jP2Vvjtznw5 z;{46X{*;tgp*s7zd49g-lBL{eh?MoxEzUpgxyZ zPQlrE>V^-?6A$g2uIjtzZ_Et2g+1pbrB3f&Y8?00H?m3V_$Q+elX%pB?*FILcurar E08~dQ(*OVf diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_SA.pem.certspec new file mode 100644 index 00000000000..59ee96cd813 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_SA +subject:ee-EKU-CA_SA-int-EKU-CA_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_TS.der deleted file mode 100644 index a815cfb5fe645f30f8a4b39c7900a16527e0142b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AR;Ie;Wf{HcqWJkGAi;jEvl@3l+&SHx_ad91!F62-9+;??$hY8<2?Zvkm&-|3Li4)~&&8m1?Z@Y81 zw}*!G!(uO)aJL81(>&5k>!t^7KeK7kwk-;xiG_Nvr9}Lyye^k9>=WHCuA1>Nd*iZC z&BYf3mR!`G`k{m)Us7ulfAF-URtB8Fz?2ncVKQJa z;07`ISy-5vn12{3fHmRb&dda7F(QXAFiwHt%gEr)`gjRr&y)T4 zJ*&KeJw%>+YoB{CsWm??N#jwon996j=d+edGZlU>vyXf5|6<0nl!v}cQ;ij>)`MKck*I`6q<_@KqgNRoirzT5GMi~Br^C!^{;n5Oxtss&u1@gd F2LPKHC~^P* diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_TS.pem.certspec new file mode 100644 index 00000000000..1c324d378db --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-CA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_TS +subject:ee-EKU-CA_SA-int-EKU-CA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP.der deleted file mode 100644 index a9d6a1a2c155d1b87598aae04d32bbe2ec4122d6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6APnaU9bT!8>d#AN85K^Mn-N{1_Mz;VFN)n=1>-99vDFC4|dc= zGNXx63E4JARtDxKMt%mMgSeQQ7#SJP%n&`H7*SL#Q@Qhs$${e!nfqU`e>(qqNBy+) z!tb^DlWLx>$znS5PNe4eg<}!fdvD*V&9G~|c!4Ws{W~9)x5at#ITdqPnEA``WGc(p z{+C|THIXrAhR(U0Q)86MJrD4?o|fRuUMZ;>WG3Q_;5%?)rG>fM(*`&YHle_}Ek4b%(E~ z9W3G4m-{Dq_7z3@psT;X*0{zk{Nd=icMq@6tEoJ`2hO}{>brVs{S5mBn>MsDKa2U9 zmF8=F;Za7^bEV3-GSB+_SC1D6ovIYplzpY_GN)_zWF}@t2FArU237`~z>t&`W??d5 zFyIC;`B_+)nV5eVD1bPsjEw(T#0*5(IJDUqSy|bcncyr&S)e9Iv05CTlW_FRlHH zmUCSFq4%c>Zmki%wZ%u|LzlQtvW4)4Zx#jpAFA73SGB2rUEeJ3w`~*men;?pTE?h)umB>#iE(p z&VBbds`7o-RCc*F53epO2)>o};m@`$;mU=!ukwx<|$ IMS4#e0mtSqX8-^I diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP.pem.certspec new file mode 100644 index 00000000000..eaafb68a2f3 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP +subject:ee-EKU-CA_SA-int-EKU-EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_NS.der deleted file mode 100644 index 5287e3dba9ef50ab7184937a85d1666f73506a4a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AM#_g02BC8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+ix6c)wr+IdNV?69Z!-b0b4j6GO`=ab6=3*96KnP&HIGP=x4|N=*f8baspn zcGN{RrioDr*-l1Q2IeM4eg>ekxR{z485x%Q`yTmdRqHv&Vqc)KIP;d7mt6dA#H2Ij z2r5kEESj{GWnu3BRq>M<-4mB8?UI-_!OP{nlG=8G-FfFPJ&jA>yjFHyW`z-F{_=7r zSuMfVWh<=LrXIQ@*xk4Iz^aRuHj^EU3O?^lXPB4D8*+?cpWph=Dm_b8e|43d-DWOU z=GAcLU}m}Mm9H~Cb042@X9`oQ&u!z`Z#wUAJ>yf8oOkVmXv#d_oyor@bVc^RUjMlB zfo{z)xw}&z@+R24mCt6MBG4pr@@dxpgqf#!r`dngUSmBsezIkEhHHGB^8}T78}*%- zTeLH;oL~M=eOb=-OID&E_iQoC&G*S#H)-dKSrSEmmCpz+XJTe#U|eitU}eAw3`|*J z7A6A*18xwLpM`~)iTQ_t0*Ir^$oQWH6jdDBY>cd|?95DX79(=_0^<}IzKjff=RW$U zyj^2{?4%7-bluw}?U|3%WcJ1syt=w;69;dY*u#Cd7sXzjd2e>`FQ1^Qvv)pv?ulKv zfX`enbLClq45PxeC--M^IF(8DbuuLLwmv9Pw`BK?uuI#w?21*as^yQ*3HOg}^g8?E zp=o2^qvjCBbCRC}exDbTKHIqCr^K>kmRWb#SB9)$VY)Trim2GF({sW!eoVCr-~F** zfkBbvv_-rZt)jBadmnswn0DFuUUgTV_VdQ_me485wvC${)+tu8{FvE)^GVO|r8yeg z{NwM>x&3rcf?{IFF@6c-?RO`puJitA({Lu7+sgj)FaC_Z%`?{DJs!RC#-+Zm=jYYQ Krknl_p927a9V?pv diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_NS.pem.certspec new file mode 100644 index 00000000000..130fee6245d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_NS +subject:ee-EKU-CA_SA-int-EKU-EP_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_OS.der deleted file mode 100644 index b450ab87fb7cb6729629645daa1fec16f4468259..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6Lap*(+0e3oLX%jZQpqr8M#>*3?vN23`E$NLs^)4cr)`# zbX~nebzKAE{eunU#CZ)(42+G;jSNjqjEthhd5u6^6DZd})lk_$5u#HnH5IJU*)cxY zQ5V&iCPpP>I~iFSn41{+8Gx?hVrpV!WH`FbsyilS>AA(8w`AAxeY|@udw)l)-GzyK zGwPeT%MGs0JLvR~>GAJ$sfM>s4=;Lc$zTpY!e`tXA6FW*Goxz5k<-zmy| zeol-1tw`qongP#pY(*qlw7+d)F!&)+ELN*;y}7L-W}{zh{nJSIwOQ6%tbb2E>Y8zX z(gpLBRJOB+z8gzh1?X(vJXQ2lfLGcNo_$}vHU1x3CAwNe$7#s|+l|-jlh+8}T>7Z) zGV9sbij3AzKH134GvWBYL)80)YtUBfr_wsNr><4pEqIrM{m|PHBaJPU7aBvrTb3hC9}v@ z+ZcuNznRK^H9K?!WzWCXsQe?n`|CrI+jF=s6~CEq^xa*3)#v`tZhjNA{2uXR%hs+u zu^ovM8D`u5*d!Ap{J(ausknxv+RLrCL&Gav?ETn68V<-we5~h;O)gjbtDPSqkfW_? Ic|Kzs0C@5y0ssI2 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_OS.pem.certspec new file mode 100644 index 00000000000..e953334cbaa --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_OS +subject:ee-EKU-CA_SA-int-EKU-EP_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_SA.der deleted file mode 100644 index cb8ba58176b4370764de4114b3d2523cf765e844..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AR-L-USA{Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;)5Lx~U%#939O^nQ<#CeTCToWkQK-Ey$KoO!-Dm4|X(b*BG zQ5V&iCPpP>I~iFSn41{+8Gz2>VrpV!WVp#V?Tp0r>;u)GpTvsIz2F)zp466RY_E9b zN?)Ps=0X+s=sl{X0e4w<&Hnl(Oj)S7;=H`WO4l~M!hbD44jsBPrT3b1bfx0NjSjn& zTu%q@_?#5ANN;b%3cil57pkYPEib+hmG-zjLc{mTA{Ud>@~2kt-LmJI^iqNGO5eSr z8>&5rD-7LvcAxgSsjx#+s>ZBaK@$CK2?>55sKpLCunx-JxHCg zcxUyB70SC`T#OdEuthCdOU)xM^r3gVO-Od~Nx8s}8O|?^PhA((v<+SE^q{x?6=T}> zlWqU!sxwaHZ(qg4%N=|;*0+R7TH?;fZ#)t9QL1MjxC@j|?-AcO`@y_5%omvhUL;Ih zo>u90@NfBq!z>$lJ_sK0&(&L5T4H+T%_{SJ`PVB}Pq_cfdB&Y?mv^EZT}M`=u!uPw z+x5ZXR@HGoskO^kJPP~vDBb6uC0RMO*JuHs`3f!0jC&t0O(_k&a`)s;v6-hVE^Sh5 IW^OYA01@CNfdBvi diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_SA.pem.certspec new file mode 100644 index 00000000000..9eb0794d86a --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_SA +subject:ee-EKU-CA_SA-int-EKU-EP_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_TS.der deleted file mode 100644 index 196311c63971bf391fbaccff39424b8a9a0601fb..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AR<-)8PiZY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;zNQB~U%#939O^hs~#CeTCToWkQK-Ey$KoO!-Dm4|X(b+LR z*ijeNm?lOgWIGvI8JL?G`5A!D;$muIWMo*@x=%%SX*-wC(f@tFrPq3J-Fo`1^Z%YL zQ!ElyPH#D~bpKgp5fwjQ-fUf?qd`eNXPmPY!K2BkxpCo=GqcB)2jiztVg3aSWhjAxY6BQ^en|MKW58@AM0M7zoqN)Ix}R>)Q8>+ zKS%A_dT;LLBkl{{J#q>AHND1xL;Ce@BME0&r3rkg+dOAX>SfB}-=-_c^q!0LnbM~; zDeq;oH)jAc#Rdln(=C|=BJQWk zbtFEm$O!w}%X>yWTi}l6*ZVpFG46|YJUPDqzRn8)MTzIeOw5c7jEijytPD7TfhjA@ z!eqc;zzt&Zv#>BTG5;`70C7|q8UM3@qKZSCjggg=otX*FVnhyKV4MQOmyv-<#2{eb z&i&1AuKpC<>!kAF&Ek9C%ncyRk%y6wBl zd7^Of%fghWTfR=UVzidI=dfj=`9;OTTXW{HZJ%=~p(Ob2|NO}-(>^DsnlU_z-SwI2 zV|w__yGGJy0;H<`+;tXpzof3goG9r~-%zyiOsf0Wi(Xr-&AZm_^tx)NbzyRF_RICB JFS7oQ0sxsDD0%<@ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_TS.pem.certspec new file mode 100644 index 00000000000..72958e17fbf --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-EP_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_TS +subject:ee-EKU-CA_SA-int-EKU-EP_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NONE.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NONE.der deleted file mode 100644 index f484601df929957784d424a150ecccb9123e5b1a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 761 zcmXqLV)|;(#CUfBGZP~d6ARef3~;noySk~Rs}f*v$r=#eP4E$Inwznt7Nt+hKFW)mk>*g7;hI(0KO>X}ED1Ecw-^uG9 zY_r$X`fKLm@FU>zk2hX7|7_WLxWuMpVE`MK+_aFF4~6Zs&P-$XV+h#$?(GSl2j0s> z3p{_VIDdpQU`crVneF+mZ5%1OLe)|yA1CYkEOs!TE3CI<;@R+5rdGIm}hS;$SpXaf?Gx$;X zfvx;oCd=yUhYnb1-wbh@_b@c#m*5Ja8Nm^<8zLg3tsFht=g*&cGyKVE)<(0GzdiHr z?>}t+BHGSb6d0zz)v(a}(=%;XrAOcEFP_T|?PXKZUmtmK{hCt> z&4ynLxL5Egi16m$TVxhJdvEkae!rDfUeaZezqeXHJh|`Jb+ae!8z-`ExV2Nw%-_QC z)-s{@yxSUfD*cn`acs8!e^)R^anj}OHJ$5YOfN4k+3m2zV%y1&7iCQQTa0u5v`gJm JHIK;d1^^gKD2@OC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NONE.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NONE.pem.certspec new file mode 100644 index 00000000000..c56d1310cf6 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NONE.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NONE +subject:ee-EKU-CA_SA-int-EKU-NONE +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NS.der deleted file mode 100644 index 765066653233852a404a0df54825decfbe2665d3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6AQyK*;xj>Y@Awc9&O)w85y}*84N@Xg$)GRm_u2ZdAKt3 zN_1VlLv{Uv4dldm4NVM;jm(Vt#mC*6lXsF^ZEH*i~QCoz$Nu zK4*E7__T=+Uf&9Qr#M$$vTTL0q4Om3#y;=U%M{G3tIzMgFLmXw#Fv&{-Fws5HD}#A z%-ek9gf`c`&gey5e|aicBdnw+`qAD^)2y` zn#$T+sl2u~gY|ZNKW1rS9HENgiaEtW{)lE9s&^6y*CSAkG)lFgH z+7Q{dU!N9=tUhcma?@~cF7KrPxez3aoLgYPbHWM==1LI;F11kegU`WaevoIMj z7;uA_{46ZYOw2zF6hItRM#ldvVg@2?9NKJ*tgP(JOmG$>a`*yc6BxdX4BO^kOL}RR z{IPtR<@X-OMsH`4N_j5k+aWG(rVM8)?i{|}@OmyUqd=|1eK*$M!QCpl<|=pE3{t;O zwW-`)`OYrne&Ax0ptYXjcjbO7?b)=ly6eDO*{$-meuKhjX4SS|;A|#nbI?(n{Zh&EGV&^h|Q=w>_HE{>D!7M)-o)caQfj56d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+h;^c>iDnIdNV?69Z!-b0b4j6BENIab6=3*96KnP&HIGP=x4|N=*f8baspn zcGN{RrioDr*-l1Q2IeM4eg>ekxR{z485wRwXK%i6d267NV9efViD_5$bG+oTKJ#i# z-8fh2*l`cbr0CjR_cXqA&pz_SHF{#R^(NsvH&hj6wwt#W zaHllC*eX=!`XJ!y>Z?*~BAHcoUz9QITN(Xbh38A|2XXN~^RHd|Jt6CTkH^Dejcdm2 ziJMe)6~!fLc&c<*?CZ;>AFDgq%QLI>{N-ew`@d&xRh=H#zjM-$jfELAmK;5H|2Kn8 zf>=+f-@(x6$ARMR0qd9eYegR5TB&lO#;44Ciub+$zos4$o4{}@$>OPSuE>f{pNdX= zYW=dE|L`;o^9`%Dr%cYcYOJcPA%3sg;N`LVzOU|{OWCyhHWM==1LI;F11kegU|`A$ zvoIMj7;uA_{46ZYOw2zF6hItRM#ldvps3=|W@BV!WoKrBvlx-X7Z|6&@MUB;{YiUI z*^8z>^0G>H&*%QsjeX?Lp7Tt5$E00hvp@f47nJ0^&$#$jA5-VqDbJlZ)fgDO;XL)I z?(<{y#WB*#_3u8it+rHDNlA5`q&?%irrC)rc1#J!We&0KIQ6+C_x+QtV!0MS3l`G-1G3AMA@1YG{j@IW+ek^R5d$TLjncsCoyyHff>keCOW-K;X`p<~B>D!$0 zZI;G0W$e$~zZVNE*!eK!!@`p~r_4A`cpTLeytZ)a-5!bW)Bf8e+e<8j&rH67c_{pytHY%$a~W?qJ6{myE;J+Ps{N0_5D9}@$6x< L_Ki0_^nV8cN`x`G diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NS_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NS_OS.pem.certspec new file mode 100644 index 00000000000..e00ed010ac9 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NS_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_OS +subject:ee-EKU-CA_SA-int-EKU-NS_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NS_SA.der deleted file mode 100644 index 5edcb1c561c8caa3e80657968ca50428a4b32eb7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AR;k2T2CJY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv{Uv~U%#939O-xLp#CeTCToWkQK-Ey$KoO!-Dm4|X(b*BG zQ5V&iCPpP>I~iFSn41{+8Gz2>VrpV!WZ0}-)fe!|rF2bIytQ+U&L7bLyg9$2iy3-MH)h`GBg9w1lX_!Q{nFi&tl7_^E3!9Q$+r^w(oo zH?K0Ph!m5&dTHv!lZ$V@nB108{B3{k9E;em6aFZhaL$|4Y-l?xT5WNp1wl= zp81lV?-xAoEIa3*^{!@bXM>g0vii-_R|!wasOmm7jpd$1%!-cI{ywpU?>EkW&Wc^u z_h_Sb==;AF|1Ur7;rsl5S;3r(0ljw)^L|wN!@K*#%OkVSu?HwlnjZ1B@#d+^ZZ9Uf zTyD7VAUF4koo)@kq-uZe5x==N8rzbur~1p4Ox{+uG_ENvY=gFr{pDz#3wL?6+6wmW zn6y;??rE0~%TBlK^)_TQI8eyK#<}P6)E4C{x%xl;o)meIp(uAFx&DC2?$r~x0!`y* z#4j=BOpT9M=v0nrD^xbz^TYThn@pDHn!pdUYjylnce*vIX+Lp%p87afkhOio{}-P# J_2=`;001i#Ed#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+h;^_>f=&IdNV?69Z!-b0b4j6BCOlab6=3*96KnP&HIGP=x4|N=*f8baspn zcGN{RrioDr*-l1Q2IeM4eg>ekxR{z485xfL`cNFU!Rh3+)73Td!G+9hrS=ome`%gu zt7^PvnYdhI`p%Ss^Y29uFL-k&yK3R?)Tr{OleleX9gzDq_s$y6lIxAU_x3MpZL~O` zF{kX>B9&do776L3zLnOxo_%Wf3)Zr&@^)5x|9gI%a+B{iTWyMCl$8u)BfsO1|K%3H z_K8GEPF=hB=vJR|&ny3Sp7$trt6Flfe}3PN){6lglVvBJXAksfTW~ja#oCRSlGmUNytcKU|ax7yn7%2(SO-g`JP<=xlG zWC``FF}`|y`ISw2VmAK0_qQLrbEqQS&$U(AlF{ad{328H=S<9u42+9y46F<|fq^M2 z%)(^AV89Jx^0TloGco@#PylgM85#exfTD^+n~jl`m7SRh&SFFkUtpX9!E`wo56eJ`zO+RS+(T5gpkTN1CxM-Q$`ORhcqxMWEw(~fhlw-?K~ z7BjrRafS2Jht`tNy~_?ATwmd05w0t7Ci!k=TV}=1pQkU%CaGRo_Dmspv#9M8+mz>B ITWgL10I1g{asU7T diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NS_TS.pem.certspec new file mode 100644 index 00000000000..c6c2a7b258a --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-NS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_TS +subject:ee-EKU-CA_SA-int-EKU-NS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-OS.der deleted file mode 100644 index 9e0ea7b4065908cbd609414ea8448e9041cc22c7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6AP2U*J=Y^HcqWJkGAi;jEvl@3871dU=IvbSod7~ANZgbC#n!|nEg4QA5 zq;5$jT8p*TKC<+k?Mup~J(w>)ER1D+0f5fAE`o zw~@?+UE2+&@|{1EWW6l4u=~;e?pfcCnewwVa+hA`;&9P3^AGs@oO!d-QJ$4W?-v!Q z$zA5#FBrlaZZYF!ahq_UmUYU9J!*|YA7>p^WIp3;skwjJhP%G@JlnpU;Od+)ZLh0u z(4_vA@_9V1AI}C_%v@-bbNAoB+<&v)Mj9TBiZEy`WMXDyU|eitU}eAw3`tpGVEix` zaD$lqEG*1S%s&hiKpa&@#{Vp01|n=6+H8!htnAE8a26wS_yS`S7`}`Q4n`So&!_T4 zU%hfQ@xi0xM<3a`sp=%g-!Amwyw~tWo%#8rPfLpTd8%6o9Cj$zeRweFLjTD$V=2a6 z7ukN=Yq?m&Od#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+kAv_+Uo^IdNV?69Z!-b0b4j6H}8Yab6=3*96KnP&HIGP=x4|N=*f8ban)4 z)I~L>iBSpJPDWM+<|amd2B5RJn3@$m7d~x zV1f!SH?VSM8?gEOULbBqqp)qB_1*PNFA*^`j#YrEjiDaY&E*}d2O znw5AreW?f2$8wf0XH$KzIVXoG``SJUwhH`zZHw-s_7?#v7k=4ytSVHMS91>Sli+j{ z6z|yHvS!uIZM%->YT3#ax=xAI|2EGoBPlOsOXtKXhUzxbtpz`J9_7CO#-b#AN?TFw zp#~1G`=Z;wbW2pKhMo!f`ts!RhGQyr>n~+!U)htX|4xc`=E^rK_Wd^%T{BbScCFk` H6v11|n?Cp)AZiyqS3= zx~|@#y8glOA;AW6;=G0?2F6C_Muw&)rWR4+yhb3d36yJ~YN%|W2+=8(nhMtF>=+;H zsEcY$6QdHcos6su%uS5^3_w?LF*PwVG92D_`QW-kcRzpn+q~k?$&$^EMUt!jb6nI+ z6g+)gJ!Ji^Gw%hrEEZqW<^27jzT&F+Ia?pZZeH<(op=7G33BGwY)Xq)n<#v|r*rq* z;l&4K@-!5BAHSH?EV5j4`uus@bh|<z`uuf>;RCe3HIWwSnd;Cb0sr{k(-6W=?WY5yl>x9Gv;;?;}4 z%v;*j;W_WqlYGH8$*u(lUdtJGu8IxtSW&)iw}I1xmkmu0FC~a+XM360)}NdK0ko;ywGfQ5Ng%ET%Ls{ycwqrlMqs<&u?4 z{hlRm|M_v{v11-Sp69!xIrrxtu42A2^Q=|M`zLE^52R0gvPCZc+^utebfz+#SkU0$ z+5YzVf_ce`^>3DN&1G4+Z^c2aTeg-RTfcu0=rPQQi_Kqrm6z}KyJb;)2^xmSuYP~% z+j=G9yW0xY0GBJ5YIP>x&R1Mh>%mx?`($#s0gJ!vD$@@iCi5?H?v-v>q46rCSMz0y N$y&{GGOllD0ssgBJ177E diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-OS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-OS_TS.pem.certspec new file mode 100644 index 00000000000..c9480dbd35e --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-OS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_TS +subject:ee-EKU-CA_SA-int-EKU-OS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-SA.der deleted file mode 100644 index 0b3d0be7db8c6e50603158e103e620305ae0bf5c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6AKfIZlM7$8>d#AN85K^Mn-N{1_Mz;VFN)n=1>-99vDFC4|dc= zGNXx63E4JARtDxKMt%mMgSeQQ7#SHB?DPKCd*|q1SvH-k2FF|3#Wb&M6j+`6pfXSI z$E>rrB}FV0r_WVuOaJ@zT0!9a{y0~<2URfHx zLP&p4L86qH$hK{9o7T!LS^P3w+VuD2CtRhH!O~fm9V6pKtg2mPJ7W8STX^;_ZxcFs zcbz8l%A4O0WqX_5jcU?Zl9PE}?a!&474rVE_pZPE@_)+uABj4;<;BS})-<;qkhy(w z&4GvWb`|YNaM!sUX)sIH{+XhKn99So+kPmn-}9OO^ac}^R0p1$tNw(ppQpIyU-n7v zn_mt^Ts3Hj-}v*m`*yRho5T0bQVy1^UOb!0Q)Fx5&R`~HMh3>kHU?G(oWPKj6=q>F zU@+hYG5J|on3m*dGtyi8A=xHD1f?yaMdbM^>%rq7EjQx^1^FRh_&GyVAy?X705 z^RD0g7p`VW7R*3?vN23`E$NLs^)4cr)`# zbX~neb%Pz_LxK(D#CZ)(42+G;jSNjq4NRlNd5u6^6DZd})lk_$5u#HnH5IJU*)cxY zQ5V&iCPpP>I~iFSn41{+8Gx?hVrpV!WVpEAQ2zPGW;yndXNXoSlvoee?EQ zRwDZD)w)v$m`+N$9LURRsmPQaIN%Nk@Gk*omKuh6EhYF?f1 zjCYO~Dl2qsiBZ*4^Dl~0tNZBluu$LvQO+kA(ra(&{tCtiOKb7biL;0S(tc>DdEJ6AIPY(LE< zvS`xg^Y6ZNtiE;Plwg!b!?A0-pZe+@DvWZUV>k2Q0sC()lP)pEig6{KpMSkTaxZV! zIfKhz3j%LT3H;giHM;Yw*xE%|=9BJ4TvYWFD>=p-UaQ(0Rg*0zue59FvIpJu^B>O< J<_>wS0RU78EII%H diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-SA_TS.pem.certspec new file mode 100644 index 00000000000..55bc17e776d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-SA_TS +subject:ee-EKU-CA_SA-int-EKU-SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-TS.der deleted file mode 100644 index ce550ebf6a86d55130f2fe70cc2924e698f11655..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6AP2Iw37iZ8>d#AN85K^Mn-N{1_Mz;VFN)n=1>-99vDFC4|dc= zGNXx63E4JARtDxKMt%mMgSeQQ7#SH}d@fnKT(W#!3HOufKUT(he-kNZv8lHyelp)< z@|FDpaogom*Bs=P^_8<&vRiyn<=Lr^&Aqt#FE2bgH{`^6w)MMf#7}L$v~p9f*iM7% zdb#%}B!=CYe1K2+Nmz!>p{A`I_Y%AwpJCm3|JB{ z;0p3Jj~S}jtQLW zdHg6M!bE!8MMbO9`h7YEmR8eGH9xs(Raz-1^WZI`*+X9@W=00a#Wn_32AsfYd>I*P_kGgy zpZ`+T^ZyEsm6hvv8%zp%Y~ancPGQZC3e%36>W;so*0Q*+sFu3>bGc;cowL&uJH@}A z-{q@f`0Kf$O-?{*a@K4E@CQ%YW%zc`_ZmA4M}e@+)MgmYGRKKfCL%DVv+TY=-%|747N? z@~{6didtxXHzf5@>}#E~sZ~Pfww-Ex@nNsh4Gi+}m}+P~l0Tc@wx K@Oo{yfieIAa4`b_ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-TS.pem.certspec new file mode 100644 index 00000000000..a773b1c5068 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_SA-int-EKU-TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-TS +subject:ee-EKU-CA_SA-int-EKU-TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA.der deleted file mode 100644 index 98a3559310c8ca40bc7c2b833b82effb9909b778..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6ARf2&EV?ATP6o%T~B;5>fLvGwTdEF zg1p!-F4cpX)=%$NFHzNv=UK6)*LlUiw;G?8@vtwqm$8n>Dm+!*pyc$~DlCNWc2Sjw z{Gs*X?ElZ}@ErI2^VoHt<1520=a;;yGr6qfuxK|EGb01zVjBZ115RK_$_leE888@d zgP8m*EX+*IKMWK=992ff|14q#B5WMmY>cd|?95DX76)?p0%H>xzKje{R?l3ubv}#w zq>%HfOj9nnNt&2>?BC{p;o<(|?3I_-75oisn%iS*`TDPTpHctznb}gwePKKYkI6M8 z8G7$gFgutVbc?ay;@{PRS|=&~GqF3SF1%Utk5N4M@mmER_1_;I&+tWt3(UXi;+6U8 zQ(XVwx;lTeH3G{T73W8F9O=DMxqr_qVbwsZ3kPQ1XK9|aW5w?e4A0YrJXH$6te@`f z8~1eLyHlsP{@!sQ)7$3Tl358s$vR=xsW&T{UYN7kJZ4tQPEPsyo$bPdGc010Rw(Rf zo_YLT^J=Z#%{zdh@8EDajAUDcLxZ|I!5YC=M;)?_1h FIRHt_B-sD} diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA.pem.certspec new file mode 100644 index 00000000000..782e6a28446 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA +subject:ee-EKU-CA_TS-int-EKU-CA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_EP.der deleted file mode 100644 index b93a54e2693ec3f4bd34f268a05b2719c88dd759..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6ANQ|XSe|`8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+e!oc-H^}IdNV?69Z!-b0b4jV^i}eab6=3*96KnP&HIGP=x4|N==1n3<=gn zHKvJC3E56YRtDxKMt%mMv$&X=7#SIM2mCwRy!ibU{>&FqcSCOF=4|Tvr*|}3uFu)# z|FRW7)~~C+xk>8Yhxv{-qhu4p3rzMs5)<0*sUNp$;aicwMbArQnf$)K&%N*YW{*+z zZ5QcFB@*-GU!>Totv8?S8u>r^M$4a~ANq+F&4+_Gy!rj}{8N?Gjnh01#jqW34@RZIyFk9+(+D_b-y1()?L(|0(UA_n0KBsw3yVw%2^k^!TugOoH2)9O2}1@n&a& zzt7)Z{Oa9`yYh=ptXN-l!`q?r zy|-Y)&O>Z@hc|ytetIySY4PC?d#+6Ts`I7%Ql8+Gw-^5G(R$?&o^!fa_|*Pwx@T3s zI`b`T+qCmp=wwOtcNaN0#iK1U&sR5>2o?Fx&6|1e3!CM}2|M*SFA8faX8Y*(RYUGa z;*t~dSmv@j-6(t8{FA%7;KFg4-fPBfd|hmhb~U%#939O$-d8#CeTCToWkQz|c_N zKo??)T52lHkdR|?I7MBX_|;qHPdCcq?{WFg_ht(J zlggq+348V&2(tRcY^cGmu`2KMUj4>(-V5Y8){8w7JM9w2yzsc}+wJqOBpZ7f@3n}W zCt_16qx@~j!y})WgXYVWWbJyet?2rtJHGsZN&S9(dyeMM3TwFMp%&U{^Qq{Pv&i~S z;RlQUzgAP~o)EKn<^LnPs;Ul=6--IJf)=^ces8E}eJL9B{KCDS>(AZZ-(+HDWMEuu zV_;>#2@F_SVHPF>1_N#olb?l!nTh!aIND@Y85#exh#82macHwKva+%>Gr?IL$l(i& zYhd^?GH`EkXS|&DYQn_>v2Qy)cYUclRCISsTb^jQ zHP@6T;qPwA$HN3z9VZ{y_%{0E<~5s3vMSdnJ&gV0CH2pY@zaaMpx!+am9mdG3(LfM z45#loIniQfV&aN|=@yS>W>wbegf5w<=O|y@*&nEsCa*iQO4qUaG~2g%ch9cL3}ty% z&i;Sb`TqLM368H9ZQc4IxMSHdEw!V9N=7OQezql#D;`wF)M&UUBo!u!MpRnYt@^*( TXhn+fp%O7>y$#k20_Fk$f1@z} diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec new file mode 100644 index 00000000000..6926938f080 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP_NS_OS_SA_TS +subject:ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_NS.der deleted file mode 100644 index a86309426a60989b9e8811a794885d1f6c7d7d28..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6Ejm@i~%njr&gOs+jm|@Ms8LH0|`Sh0}(dnP!?t$-psrb zU03f=U1!I5zhDD7ab80c17jm|BSTXY1EVN$ULz3K1j;o~HB>fGgy@t?O@(O;3D!k5 zrioDr*-l1Q2IeM4eg>ecxR{z485u4vHQe^M_r8ts>-OH<*R@Y?UH2`Vwf%1VH4E)W z40WuP4`*fHdu`_Rf?Yx+^i#mzJuQCbOn%N2Z~l4E!kVz4@XhsCN-I`&tK3>?vgYZ* zmGx)eB*=<63Mx*UcW`nMHTrX>^3KVL=a0_LZxHEP#dhlMYsdV*XUwX;{>XVc@7I?0yojZi ziI0A~h>tO2yTHLv^kMUjSSGeZTl#VYc3yQqvFG#Wy9dutjXq++@WG6;l;1jGkNINj zhn11?M|NFX&b&Oypn_fO#HC={m95sx4jkClbV&5LT_+PWBLm}N8v`o?PGDfl3bQa7 zFc@%ynEWg(%uLKb3=}{dRYu1DETE|3&}L&~Wo2h(g0nb~!xtE*!0=^cP~Df$EHC_b z6DQ*X?V@S3q6&=i?CrU)=`gK6d+7FiD_s}sJi^ ztao7F7A>Z?^2_pXNReYNnqu+IFsuCmS=CGW1T zICX`iZO&x#HT<2)3?_CVB0tx7d$8JNJzBYj;oR5dd$0Q?-@9;sk;Qv`ZBNk`*8Nsr zxc|s+eza{thI)1UOXnr?Pm1nPQ8ybTm5=-jfT{p+ZspyANeoS%p$sSYG18t@9%cMBc5w!nk(=;p2xgd@s(Ek-2(+T HX3GNr73MAm diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_NS.pem.certspec new file mode 100644 index 00000000000..aed2690d71b --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_NS +subject:ee-EKU-CA_TS-int-EKU-CA_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_OS.der deleted file mode 100644 index bd8100d7be185dd4a435c891637838587d59287b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6APn;;|v2{HcqWJkGAi;jEvl@3% zK11wCU|m2^vET2B`}`C`O`|WIzPjVGLei_h+2=QH3^VW8F>h^ALkw$3)iLiWjjaqA2SgTxj$c7No3x3JtlTxgN?TgCSJMO6|`C4!dV0NKmVi; zcnFAde&3vZex=ky3n9^mfA7A{PzyB>7C73vxoN-0Fa0{X&C9B*6Kg!@{$q)Iw$#e< ze(&U{r~?-+i}9UIdls7?drnkO@<`++VddGE{UYjSe||5x{#k-*vDBJ3GV!~DuZk&r zjc5ui+*VzCRNb#(x@PaYMb9N11r*QzUzQi5qG}S-XUoLQ$iTSR#=y#e6BwAX!YoV% z3c%9)*kxbwL?|l&cr$Uf~y>Nwkyn$ zb@(}JYWKNW_FVGb&1+}&%3JO^ZgI3HRrH$2{*!K{k-8~D2R~HJP`T|_c;)E6;*Dum z?Kdu@=zM*$`?H>iy1V~7RR@3f69@kBRo{5C^cc(6r1a%awk{6pH(mbw_^J47R#v-b z&9)5@-(&3A<1_8-{V8u=bneu)lfUBM@if<~*w%Z^`~$LEuWWz1m#eEKG)v;@h9`3U zrcKtDZud-C{$`HKJ~f7^H{L4!llh%9BDj2y6y!O7+4`rqN$S?} Hm;6isWM45l diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_OS.pem.certspec new file mode 100644 index 00000000000..695f45634d0 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_OS +subject:ee-EKU-CA_TS-int-EKU-CA_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_SA.der deleted file mode 100644 index a7d30e35ca27806e3e65bf6f9eb4f9bf34959d81..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6LYO!qX91)r&gOs+jm|@Ms8LH0|`Sh0}(dnP!?t$-psrb zU03f=U1!JmU`GQvab80c17jm|BSTXY1Is9JULz3K1j;o~HB>fGgy@t?O@(O;3D!k5 zrioDr*-l1Q2IeM4eg>ecxR{z485#EMJTYh4-P3cpTqZGpw&Lb0KKjn% z7*_mVkZ`n5UcvCql4~oY%`8J4{8lbZdlsu%u}59T;!DJnYgJ{(Wz1H{eBXA>d%leA z*CWe5R5XdoKa{xb8B>&WphH{+^Z~uyM8!-UiCHN>h4l0j$K6-(>_(`%A|!nn0b9_p+x&b?eO-0eVdFY_e`(uc67K< z@3Xk5c%2Ya?^ksdGSz>$h+0gqHna# zTvpk#;^NuI2A1p3^ek8{)3xB&uQlfc@6UEOmynayoOojHS>;6uoKe$1whPSvF)>6} ztM=DinT5`Ot6PJSZqG!_soMc#pY+W@A&lg&er%&i#;1|2leWT G>;eFrpfh;@ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_SA.pem.certspec new file mode 100644 index 00000000000..72adc5647a6 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_SA +subject:ee-EKU-CA_TS-int-EKU-CA_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-CA_TS.der deleted file mode 100644 index fbae65e20f7209c12b2d999747f07295301e9f62..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6EpwfasysAPOUbNw(q=*jNGgY1`>v11|n?Cp)AZiyqS3= zx~|@#y3UUAA;AW6;=G0?2F6C_Muw&)hQ?9iyhb3d36yJ~YN%|W2+=8(nu^e6jI0dIO^o~uKv!`wH8CYMHA!EDmyWUmb|IgsXV{zNwfPdb)7Qc{| zPcpwQ$-h|o?%d0IlZDoq7t%f*`tb0`n=9gbKXUEg&$Q&ia<2)W-!JlKu71eq!Z+^; z)3P{Wrzw?du8OZI>^F|MzwJHayc1hkH&0x9a{KbjtNL!O)M-4haPlObiMC3ly1pGC5?Hscy9B|IL3ZFmu_<&`nP!dN1(JIV<`8OuOuUzJ0}g zW-V_%c~54qmJ0i|BS+(qpvcm6k(+mtk{3OT_;SXY?`>t%UpMz(gMLd_ zW9XBMB42upr(Ox@dLNehZDmPmZTe!Rd7VoxeuzD>lZly;fpM{oft3L#Ffe6>S(pqM z47fo|eijyHCgvXo3LuUuBjbM-P*ibfvoW%=vNJQmSscjW3yf1>_%brgzx!*(v_re^ z>IZIp<0CM4!j_D*!V4d#FSF(3KU{NKrs;tjPc+Bwh7UVLSL%Fg+Z1(INKn$g+vjy= z$h0IA1JQyLxo#qCg#sV81)tu_R$X~YWJ|-9RbQ8fdrS{^kh-(a?b}t=eRW+OI=mek znL(k4x@M{F^q6MBJAdY?h}0c3mWi_pC;y)?Y0~2QC&z>KKe+Xo(R|(ItBHn@Pjauh zF8{D>&B|>aafvS-mUx?c^slvPTK}{~UL`#COYf7A^rf*Y;wE3X^^%ptVRfS33cO5SgcwMv~?r|$0idh#`0JJ)2nM_5Ra^k#(CI-ev=0=95CWfX_;=D#6t_hTDpk%0EAP3PVo|+2QDjyJh))( z%-%Or=X-f;cgEi;SXc5|Q)YdY663E4haKLwAGEpbHDlZBjsx8{vYkEOJ`-H?_}VP* zq#Cac=ko%mhjc{ub(EaBeE9jc!b1U{GWPZ>1)X0dU@FqVc03|l*45T<(V<1MTQ6+4 zKG=V}`Tp_i{u4qMT&{M{aq<1N``qjEn?XJCd)%DhcG|!uvMlDa{=s%tnV1!A%Q8f6%&pa7WMXDyU|eitU}eAw3`tpG7A6A* z18xwLpM`~)iTQ_t0*Ir^$oQW{%s_;VLz|6}m6e^D3C`j`4qsqw0>hV)!QHh_q&M+k z%g;sm)701AnlWo%vcir2^D^HretgfzWjim^xLWba^n(n~G9F@^tV!OGNQyBw6=fB!jepge6={1u)1lh^;(P}Jk;`}m@zDAF#rYon-1 G@(lo)2q-N8 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP.pem.certspec new file mode 100644 index 00000000000..46e71b1e8ad --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP +subject:ee-EKU-CA_TS-int-EKU-EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_NS.der deleted file mode 100644 index 2653cd48173e87a7110cb7291d7464de8a77fe66..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6ARvP;{AdR~U%#939O$;rg#CeTCToWkQK-Ey$KoO!-Dm4|X(b+LR zBv=>Km?lOgWIGvI8JL?G`5A!D;$muIWMnuSc4PkEn6>KN_Z=^5Ow0aKu)l!)Kv~M( zXG+GZXCuts@A&wvxPI!i=574zIQ827Q=MjPK0j&unf8CjEzZ2U)zx#b^3wEeXIF>x z^R#SJzcBG!!%b&P&1tq5)lXGBUT5W7`)K8|mVe8_tJY3`Tv)|xyLwmK;#U?%cA^kpV&R=Z-RXu1~Dh3+ioJcri~SLD8J%ld7<@jMeVBLm}N8v`o?PGDfl z3bQa7Fc@%ynEWg(%uLKb3=}{dRYu1DETE|3&}L&~Wo2h(g0nb~!xtE*!0=^caCc9R z<#y?ktDlwIA9H)=;&m>cCmudpu)3es{19))>e=zLj_4=6oZG!jqVZ!z_rjhd zI}hnDTENcZ(HIdo*&?L#vg>4)yv(`_=gnprYgNqMcHBifD!EzpW9|~YtvY^s+jXyP zFAugiyLoIeQ(?a0a^BgO9h=U7wR#oUqSZUsyQEjW?@VPF`-=yi;vJhW9=yI?%|dAD z-4hvRt(w0%k51L7`G52KrZ;A<4U!uTS6s0(dnY{o!1|pl?qzuDSx#t}S`kpa{6j!V L-@W5=UvdEeS9CN* diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_NS.pem.certspec new file mode 100644 index 00000000000..8d325684381 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_NS +subject:ee-EKU-CA_TS-int-EKU-EP_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_OS.der deleted file mode 100644 index 00e63d39c684df058d3c89ce85aabdec4d753700..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6APpIjHL#=Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;{AgS~U%#939O^l4A#CeTCToWkQK-Ey$KoO!-Dm4|X(b+LR zBv=>Km?lOgWIGvI8JL?G`5A!D;$muIWMp_)X)G7Fa;nV|_NA4vm7h-B?SJ&OHbjoR+ky`CKrW zA*F@)THz{whfRL_xVG|6ONjZz^kL(jB~OJ%)EnP2EyrBP=XJN*Njf!sEwFz(&|FKsI0W?0pw_xrG{=eZK@ zY55KjCB{G1&4eS@cQ5bn_!_G6e6vHZMrux7?~GgbT3M#gUhwgt^o^ctjlC;A)h1kD z829X)!*5rQ-`|B_y4+Ch?C@jRbmdswWr6QLe{02-PM;7|&cw{fz_{4Pz{-FV7?`rc zEKCLr2HYSfKMM;p6Y~!P1rSG-k?}tZD5^NL*%(<_*_oN(EDq%G1;!~bd>I*fnsmS>(Qd6SMwbtBhw_KF5Gp(`>y-;2uTxP_={Is|6|#RiDgu{AqGjasR8H zpca2k!_bW?`LWx!C)}Ld@kC$fmD*>m`?U(f%{A-z_PcG^DQ!951VB{hdjC z&CyG76>Cd6oiCJ}_hLxiKmVb4=&!(zj3)vP855tnEe%eZY3$ah{66b|(wv5qF>Ph_ z{ob>`O_F*oAym|HR!a2!orEnu;p@I&5`=K2H`9J3U_elvC(Leg@ IY`xn;09nl}*#H0l diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_OS.pem.certspec new file mode 100644 index 00000000000..6d208655eff --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_OS +subject:ee-EKU-CA_TS-int-EKU-EP_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_SA.der deleted file mode 100644 index 1e9fea659ea562cf094a02413d9afea7907fd19a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AKfQqL~3N8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+ix6_+Uo^IdNV?69Z!-b0b4j6C<-Iab6=3*96KnP&HIGP=x4|N=*f8baspn z3D!k5rioDr*-l1Q2IeM4eg>ekxR{z485y>|w^dx1&1BWZ@b%7w>p$j9U-Q00d4^?K$CFDRcPW>J2~C($=tRG#o2^C3s^!*ViWj zo1|8qe81_x5KE_AmR5cGjy;Xi`K(KS@)f4kTb?cDc3!hIhRb%p@1~UnZdr+<_KR)J z=iJd<#2@FhG zVHPF>1_N#olb?l!nTh#_fdYu5%E@aMQ>aDciEUM^>)R5m z=tp0;b1!86-uU9N`O(rZl8%SE_PL8@z4vq2B>UuEQPza#9!Kk=B7Qy*KJmTm#{ByW zqPg6x&)2>4N!43E$s=Ghr{DU@H$2nWzU&n%N;n_P;;tE%@8r3y^w|D=pZ-7c-e3J^ K;_B_yx3d8s*){wC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_SA.pem.certspec new file mode 100644 index 00000000000..8491cc578c1 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_SA +subject:ee-EKU-CA_TS-int-EKU-EP_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_TS.der deleted file mode 100644 index 6635974da99edbdac341095bdb430defc92be55f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AMFcbDRM$8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+ix6_>f=&IdNV?69Z!-b0b4j6JvuYab6=3*96KnP&HIGP=x4|N=*f8ban)4 z)I~L>iBSpJPDWM+<|amd2B5RJn3@pb`i4}T1uec$}?gx;O; zd$cO2^!S*p?5w`zzM;V4%jp^OD)~gzwp|oFa!$X_ zz3TM$z0LLHFZ#Qc1HN7BU#ps@T*;;?cjk?s$CBXXf|s9tlRcyGW2eClm+5WUknmVB`SI`cw&&+V@)=xp_Mc}s|3=Dmez~Z~ z)=2g3OQSSbHF4feoPULHo5L-cg^3) G&O`wD$0Uyc diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_TS.pem.certspec new file mode 100644 index 00000000000..a04a5f2b080 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-EP_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_TS +subject:ee-EKU-CA_TS-int-EKU-EP_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NONE.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NONE.der deleted file mode 100644 index 527b02884e85263c6e3058244532e81d0619ce04..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 761 zcmXqLV)|;(#CUfBGZP~d6AP2}k2C{bHcqWJkGAi;jEvl@3`;=G0?2F6C_Muw&)#>P?Nyhb3d36yJ~VyI-G0MRI!nhMtE>=+*s ztczkw6QdHcjf|`e%uS5^3_wS5F*PwVG92prr+fHgY&+)xJCB7oXE9nns(Z`%xOnlQ zMOpJdyH7o#r&YP=v&S5D*7fJ-Xi4xU$!JZSz_NjFi}>n|YWw*)7BjIW%z5$HvbeLc zO~LzO&fMd{8ymj=+M!d>UQ;blk?z;+shKj8B{L0h6|NPVQRk?@$-4A^5?OTVuv+yLlwCW}5;jbHZd+A@cRj~ZeV`moD z)_cz?RP5shSv3J?S?P;qlg}0jDqH{h$g0FPb>l<_w@+ftKRQmm75ARPv^do2vXa`| z88XW+@=i=CU-+PZp51%S#H!qV5vd%xO6o>Zv8N&vGb01zVjBZ115RLA$_leE z888@dgP8m*EX+*IKfqxutIEjupGC|-gpEU+jggg=otX*F;y?~xV2lF8mytoWeo|K9 z6uyT{tIQdmd#>}+$xH0}>mdAG%`uBcHnY-9n~wMJ(qw zUAeBHGWYfGsWSmR=Dtl(u#|7%}aQOT-X1&HHwdibr=jz5cD`viZ*I4Kln;(%Ed+hCAzQgmDRDOHh zv-a&AmMd)wa+Vg{co*inlC4CtAae5ZsT~nAA1fWAE~ZT^Rj}JEc%@%m^5(qVe8Mwt zJ~z~Taw+x8`--@a5pq)XeFZ!6%g_AzU*1?|TCvu}hf}>GMf`}*ksFYhC3wxky2IJsno8-4s!@?TE>y?Nmjhgo6!KQqVH zZRh+OJoQ`03NfxK$<#K^dt7-5%YK(nP}lO5Q8*}VdC<8v`N~AKtp9sjv>Xj8n=TxF zEK_rxJ@WUgy0wK*0$y&8{p8G6FHup&p0l~yXT5cZ+NP)zuNGfTv5VH>c^a<#%XmZA zr)9aj)3!?e`%&`!Tzb8e@ItYFIVxAY4*o0J{c*=rDWk{lR!MD)FSUPB>he@|xp&f` z88r^fjDk0FTIPnGr?IL$l(i&OnCk`S z+*2`HYya!nriych3*Ve;s1ScH+_U(~sRev%f;>6zEftTwE|}uRdMH$R_o;QlC1%oF zs!B5ENoq&Dv^=-`#O){5N7E(5j~(E;)$}~#cZEp5WY9J);h4saD<&-3UZ`og+f0So z!Ias^-~-F~Z?8YS+t23rygIMJbid;qIac;Gj?WB-Wv+GG#q9d89QWT*c~Sc|8dx->#jf>>J*@EOmYN%ZI@? J?@7;e002)8EMfov diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NS.pem.certspec new file mode 100644 index 00000000000..bb97e8411a4 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS +subject:ee-EKU-CA_TS-int-EKU-NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NS_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NS_OS.der deleted file mode 100644 index cf54c87c8bf98e52f8c122cebcfb7a2c4391b1de..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AL2)kAVR%8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+h;^c>iDnIdNV?69Z!-b0b4j6BENIab6=3*96KnP&HIGP=x4|N=*f8baspn z3D!k5rioDr*-l1Q2IeM4eg>ekxR{z485yp$>1hbckcp3C#}{?A?4wP2sda*H_zAGh4P#8(ii>2CA?*|LUeU9Y8!YB!Z{O3(nO;|tu`4^_uVd!< zC41`B+`N5nQaTw|_p9X{eKFVBJM?aDs;~m%&kY;ae!2Ib|6kXm*7yIO`!?;m8(Ok@ z?bF3)^o8eNzxQ3irj_r*eZPys7j{ZdE-z}CFzZpj?S=hvcS2tIGnLJ_9qzTbVZj_@ z&U7}WgNN>J>+t>=Cj57k!r$K;S38Hh{hnwid3Z02(4>vWD!O0z8go9F_V;<+%9jyy zH$?3JeAt??Dw*;10>3}67SA*4EIepZ!dA95t4g+Xj^)9VW&)`l3g!pcD)}W}?0w{5 I5StSX0M_sfGgy@t?O$BRoc8m`R z)uN_0(jo02&K6s&?Y3mZp-WUB=#v%`- zKU`WrQ(v&!HAwWBnb3*G-)*nsU;e#xVDZ`AFaEB+x#M!GX17JGzpT3UGkvBX(>Of& zPWbu#s69DrO+@axSE?p{ANy5~vlc1X%=H&&E$ryqurHd4nUR5Uv5kS10VgmpWrbOo z3>XZ!K}>!Y7G@^q9|j5_jw&PLe-=Gr?IL$l(i&Q(*WqGB7ahWpumD z|9I=6Kf7bM>^~H`I%UC+lqf4T?kK*#42}Z@51Cw71>W7GuB9etsg- zep-OHa?6JD zPD_sc%y{-mCpffb!Q_ga7Hl-%YzJ9%O@9Nv`j87S! z&W$+n`Pzypdmr#WFkMrqeVB(k-1^SB`ulYY+w6C|?p|g6+{jC&J8+|G(zE?HV~@_b z6fyr)YUVn7=e!F~GV>=t-&z^SU?O$mmb&uv&2LuAzLNBcverqR{VDI}-Jb!6cFBGA J6knyb6#xOiE0zEN diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NS_SA.pem.certspec new file mode 100644 index 00000000000..a43942ade86 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_SA +subject:ee-EKU-CA_TS-int-EKU-NS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NS_TS.der deleted file mode 100644 index 4857244d6af66f433fa7c77596c6a40e394b9d35..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AR-;0W||&HcqWJkGAi;jEvl@31ZfRP(>gbu%3(m7%uuHjHv|1s7;nRgZ z=jSZomVaEPAODc4@SC4!sQ!XA&kGZ;O0!F4MJ(-+HoR4NZK;}>;p0`+UI%9={>$3@ z@`d9P=jg@FH=kcG-u=RtbKBnAQM<0(Jh<nt_(K%C0L0I@jO2JYN0eM#!;^Ppb5OTJGIkvhGCRjn(%BcwJX%z_%lPk!>T3)a^I28%x8>wZ{Cg?;k@ITw3iYB0_HNdBO_Sb# zG5B=x<(j+EzQGukTr2OO?!< LYo(GO)i(hE=TtP$ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NS_TS.pem.certspec new file mode 100644 index 00000000000..edc9421aba4 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-NS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_TS +subject:ee-EKU-CA_TS-int-EKU-NS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-OS.der deleted file mode 100644 index 9889ea8986721f025e9e6987c257875ea1baf2b9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6AP26-3$X>HcqWJkGAi;jEvl@3-75irK{SVn+Cz#s66!J-@AcO^-9}jugxNd9%w>(pc7*r7ktg=Q(^$Qrl=%`-z#+ z_3~%8$>!}6NiP-dtIRfhTzfhC$`<*&0_lt5S1u%0{NvOvwbDMAek*$lZ{M+u?{8nM ziTHhT`uiQ{wJ_~qQ@7{8-J@aZSuOeGWsifus&t9U)$i$rqmdw(RF`X%X%JP zQ3qZR_YF6+1EtT~-n}2TltHt9i8`l~hEwJ&<2xp;Ow5c7jEijytPD7TAt@`&!eqc; zzzt&Zv#>BTG5;`70C7|q8UM408HliPXtOc0va&NX!C4&0;R}pSVE8gJ7-lXo{&%$Z z?bVMvPqqdY?D#VwJ!Oh!jX>ggzX@V2cQtPEEJ#XavfElQVafkV@7HYN{apHKr`|(eRv)sfU*R`krZY zgJsjnm$CCKS9J5~9{AFmw6l?f{rPtT(+#uPT8>gipUeS zsLJziN_`UUoR$C7^h}aNOsluaV!wVMlLNp1lu=x4U;e IpUpcJ02@XsEC2ui diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-OS.pem.certspec new file mode 100644 index 00000000000..6523d83fe5f --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS +subject:ee-EKU-CA_TS-int-EKU-OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-OS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-OS_SA.der deleted file mode 100644 index f54e2d7db6fc41045a63a548f3833e55b3153233..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6ANS2TyFzjHcqWJkGAi;jEvl@3zjsX3%>J~s_{}4|KVIde{5pL>Fle`!d+4LqrY;8W8r8rVVo#l= zmmJ|>yT0M-$L5x`ix)3a>aUm8$}3F{4gMGW^+l2N!pFb%cLX#&IveQD#Nn+hc&{*T z!m7Pn*3O+OvvcMO;oineZe0ckX3M)=hMz zW|U+H`&(vTKCtAx$0@bTJB~ak_3Tz$ao*)m%pLz`)^qI}UcEbfv~q3xzSF63POUbNw(q=*jNGgY1`>v11|n?Cp)AZiyqS3= zx~|@#y8glOA;AW6;=G0?2F6C_Muw&)rWR4+yhb3d36yJ~YN%|W2+=8(nhMtF>6jI0dIO^o~uKv!`wH8CBLm}N8v`o?PGDfl3bQa7 zFc@%ynEWg(%uLKb3=}{dRYu1DETE|3&}L&~Wo2h(g0nb~!xtE*!0=^c2$--i`D4KT z1gV4D@88!A$TMKh_$YAceEa4=?{~9Pqb&rwe)Fa+eCThzDDUw_HiP{ly+YTFzQ4MB zE#<`Ol&m{5Z&x~B61!A=XX1BdneYa;Q;Y9iT*Ebi@y9*OSAspCvI04_tEDxZ^7v+Z zt4~1htKP#4=YJ=9r^=@DZvDcy$bWjC>fu@Y@Q1Sj|#vHJ9gFCIy7a67tBL$0!}`dErwl143rzms->dNR#tgn{Ih{stPiCF(bCSxx{tx_Y zWS*tZA^y|Bf&21?-D;=ezVLqXnLO=4{5qrF4{2Q|>@(f}+V&hcnQ(WKiT=A6-!}K% zws;-ra&VS=>s8-~KXYFtM$TJQeD>*|4(1klF3tZeI`-FNZ=0_3$hfGp_n1nRw0xVM zVBO81I)B#fPq^E%*YzC#bPf&;-Q6HM`5B5u!rSA72Xzitcv z39Ijg7fxrW`}Omjre?rAj==K=FLcyv$(#;uJ7Lv$(42{xk%4isje(T`Com*sg;|&k z7!0^UOnw#?W+vtz1_~gKDkI~67BK@6HV$nzMpjmKW+pg`137$wu?Y-cMur*u9(z05 zr}79SyO(U*8d;~Gy@uh>>iwl`=kBo=OO-M9oL9*y;ZyL|SjT_gA_wJglbnRbjVyN5k2?-SselaNqcDres zz1CT{rcw5s>w%iZBAW6>m*2X7T^(h_v3Wrf`z(cPOUyo>XXiQIF2W@vI6KzxNQxt8 z2y4ontD=!^`cKR@Ph_l(=kT@_nLL%vmD|vHm1MR+t>dR4-DR^JOx`T6*sFQL-}d0z z#lfDfU+ucMbrc2S@1KACz&zA`-BY!luE)Ap1l>)F6u4#5@FVocLlyZBPnF;kpSSt! H`W68Ig(M{g diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-SA.pem.certspec new file mode 100644 index 00000000000..253a8843072 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-SA +subject:ee-EKU-CA_TS-int-EKU-SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-SA_TS.der deleted file mode 100644 index 3743a74c865a77beebe2296639b14dbd8383b481..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6SJOdr~xkfGgy@t?O$BRo25Hnq zHKvJC3E56YRtDxKMt%mMtGJk&7#SH>-pIS$_gOw9Qp4$5eV@sTluhQPdtR={4)>jz zX`jF3$G>^YzABZZO&FGpHtOUjSfEO&oS(pqM z47fo|eijyHCgvXo3LuUuBjbM-P*ibfvoW%=vNJQmSscjW3yf1>_%bqVC|Fx1;n-MV zrtDhU=K1fz-zx^^OnKhA@6Nxw=lhd;#vKYJA11uk6=`t@Y8P?snPs$Ydit}Z`_-*{ zGV`R^sZHwA6Csa!mAK?LG5+~+z*+c@*4Jmw$sbPs%c!2#uj@Ad z#@hI*>@_QEcUxSXw?1xH&4=P_URl+-+0~N+Tn{)Y{ZH||$z8m*P5n&u#bqVy9h&C# Gy8-~@kTEC# diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-SA_TS.pem.certspec new file mode 100644 index 00000000000..5b898b6b32a --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-SA_TS +subject:ee-EKU-CA_TS-int-EKU-SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-TS.der deleted file mode 100644 index e1520c6cb5482dfd14ae02400a30fc2db8ece1d1..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6AR-qP9FnaHcqWJkGAi;jEvl@3 z_y0aLzW5y!fCAl7}AAhC^t>@1-+|*P)^LIa&CFiuXl<|DV61obmTZ9d#yVMh3>kHU?G(oWPKj6=q>F zU@+hYG5J|on3{Pij1$pcR$fnO~(R+WxY{fi z?%8$Fk}=k= Gr!fHH$t73- diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-TS.pem.certspec new file mode 100644 index 00000000000..847b0dc0555 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-CA_TS-int-EKU-TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-TS +subject:ee-EKU-CA_TS-int-EKU-TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:clientAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA.der deleted file mode 100644 index 4ba4cd277ca858944c639c62eb500ef4954d7643..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 744 zcmXqLVtQiG#CT=_GZP~d6APo)qmu@_Y@Awc9&O)w85y}*84N@Xg$)GRm_u2ZdAKt3 zN_1VlLv@`U4dldm4NVM;jm(VW?W~rPrCaI-(jXFlGXC{ojYz# zzW-b(?&V3p;-hnByz@)k)U)yTz1H2&uOH6mV$n5^Tqb%By6D-|ZX2YTrjy z%{#GOq~lhH{>_)|WlBfCKM9j*V$(59%#)sIJKKxT{c?Kw-Fci3pKRM{6LZ1pMP`EN zD}L|z4$FNZfh%1P2Wci${jc|*D(Na+AX(*j;^3o#)j~}#4o*+JVE&+SMe#y@O`*N9 zu6dWmCam*#nDNLv%zi0mRb&dh=ws=x>YhAJaN$@`)-t=^rrPgiOM z=cm8;`t-|z_k9W(&o@+yy#Duw$@rOK@VWfs&o`Ry_^);2!dZ?}izOmg%$?l%O-*}7 z$0Va|3v?bjnhE|4Vv}*xFLn7Rh&8f=cbPZOk5g0rmrq(KHOS1>+0FdVx2S7ym*?o-!qu{%kV~I zP1PS0Q3oN#zz*Zg+f}C*my0WA>dDKre&kDx_`E@+_r4sfEyJ9xbqhD;SDif(yD>!j za#)r2zM9v%(%X#+t7CZgoY3_QvpdmwGkWK<*-nSgENjzEIWo_OQNrtK+Y0+{CjnHE BD@*_Y diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA.pem.certspec new file mode 100644 index 00000000000..07aea5e252e --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA +subject:ee-EKU-EP-int-EKU-CA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_EP.der deleted file mode 100644 index 455273c224f56535051b5b83ea0e1579e1617527..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AR-CE?)y)HcqWJkGAi;jEvl@3|a^k#(CI-ev=0=95#-`>`;=D#6t_hTDpk%0EAP3PYo|+2Q=o+Al zYDN>I60(JitPIRejQk8hH*qmFF)}jjFXi`lSNOX3a?w-et)^S-ezc$dq}{K)Bd_lC zc6I}|`luh57H!IZ@{p}g!X{U_s{PaMEhqf{H=5LmNhR}3pTAOFS=jZy?f_YH$c5yj$ypp41=s|ISu&8S9*iZ)tBD z82=x)+2hGG_wKZpb6$QpWOuD1d)2#1f$xs^oT;5zWXilM2eVFs-a{Xj;Nyxay?Vg*z?EQO@7)OYS-l zx$@?u%H2EWv^Cvvcw6gTYC7q>olNA=(20B*r@viZW-tesSv4 zgvoV0UUdo^GWP0+PU+ms8u`23{QmUm9253g>8gl5vG6^=PcNar?^dwVx_CLZ-*asL zyN2trCn$eAZY1+&O5~#(vunZw^Cr~m2BlS>cr$ta<*obMw!HLo5u5Ul+f&2KC&IDs zVhsOwj(-n$@7Pb-#w)pR{la;R_5O0?U3u-LwMT4AjdjdiuC|2lcdSd#AN85K^Mn-N{1_KpCB?ARE=1>-99?8tS z5?xpCP+e!oc-Mef=&IdNV?69Z!-b0b4j69a=Nab6=3*96Kn&@PT? za%Y#0ySd&IEph7!f$cW>3nOTxs z*RRX|!egMZSVH^%HrxGQXH*$Gr>jYS(=Gmbp(ygx<|CKXEnYNleztE#GLyrXV{7-7 z|2Dcb@B9b3J!$ou_C9@(n{)n6?TQEY#JKo_nBGN3&R&_>yzKpxi+nnoGm?a7TbycN z`@uA90|%o+&slkEslxsVd_0>?W0}`uzcSbq<*=a0cy!dD187+C6Cwtbv*~1??b@|z#z0cG( zO#0=z=X0Lm>*MiDX1-49W^=f9%1=3T>&2D)9s$|!Pu}H|pF2H=i?iTob*SXOqUMIU z9BH~U%#939fpnBOuMvoA0_7Sg87dgaL3E0zrh+xP2I!)i z(Zr~PY#}2n19KB2KLgNBTue=jj0~5i^M7>U{Hz)2!IK%9kQ_egNLE$Lj;X~O`;z|I zGhGZjna<*Jc!7k|sshn<>9_7zTD)7r$f5VPc<1BB&r@IPe>fO$&(L<|iH)VtJ_a!_ zojm)+@vZ$)>0FXAzW=w(vw5~TE=K1|$xEYx3DfSCOQo0Z{=eC3io~RpZF6rg>Y4kq zJY;!o+@x#TJl6}0b$L?is@FHK&)H?QfRiO;-K&T0wM%bIl6Z79&8%`VO2Orllv^z#UEc|?PTV#-e$8ibKIZTfiAcCGM^lr|G4v2 z@R}X+t8XfvIAt(7n6J%GPDbfObHe#Ai*j7DInGBQl%ob|}?q~5fa zn#kqG!YkzebUV*zc_O_waBJ3@w+GTP(l@+u)b7h+?tGYC`eEj?yU98|3tkw-Yr9`p zn4;~l(0sC;8ob zUPbZ`xmJ6v&WvE0#c@Z#L{-QCY}f;?MO8xK{!uQ6rIWtB{I60(JitPIRejQk8hH*qmFF)}hdO8-;+!+c`a1nWs`*DUnHf7Q)>Vs>&e)2TVz zn{#x8boCOIV}IW(nJC5`e*ec`dCpDR%a*R=P?c`2-uhPd!|%Dik{|Y;WxQe2Bi(S% zeM9eeN1lZduP$3H&26;4Kc~QKY0H~m1qHfCg!l4oe&Ms&baTSb*_$`q^_zbu>FutF z$!jOKA6Vy_>Y~_nl<$$o?{z|7a#!7YzJ&J= z=X3V|CiQUts<{38Ppti|6uKbssF6wPPM(unyRNgCXRdiRyFnQsPhkH$Yt$VdFBk3?t`?f8@-q)kwdHg&2;c{Q+#6TuyMh3>kMg|53oWPKj6=q>F zU@+hYG5J|on3I#5s*H^PS$GV%*f_M=7+G1_nOTrS6&Q`cP-SG;Vh}!Gc7N9z z9WT2>Wj=S_<`!?i_bzvf1+&E6lKkCA7kWP^tb2EFuJMFthW8)kmxjJlJIm@`keQnpo>l+W~zqJ(f?0$OS*m<9&r}_1{EH6rRyYCZ> zklwcNe^$)}^93F6ndiEHXWCde^Qg70oxP4^b=BnM##U$J&+fFCXB)Kt|LG@JG-Qsy zoqN{i1KZ4Q9*6yzx7}_%4F24~9@246#VA^&JLvVA=iI9`zdyC>R+aqxc$wj?6P!w6 zvL8EQ)_7SNiZQ0W5BW5G<{9mh*GUVRR!U{P{#UWPI-s@mv#0K+`2k;i%g)8j(9*eV G9s~f9NGpi| diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_OS.pem.certspec new file mode 100644 index 00000000000..85bad13f336 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_OS +subject:ee-EKU-EP-int-EKU-CA_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_SA.der deleted file mode 100644 index b7a61634b96aff1422bba44241bc375dd52adabc..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6ANRG-#r6fHcqWJkGAi;jEvl@3I60(JitPIRejQk8hH*qmFF)}h-ov>0|qvrkOIqF?c0#;=QUcG3#hHG8jmx6sF z6MyfN_twY|YFX;~!t3JYj$@8UWgY%ioesmtGG$`b^IKRSgiKz3f9J8-%M@5!aELr_u z+w0Gt6{r9I=_p1v11|n?Cp)AZiyqS3= zx~|@#y3UUAA;AW6;=G0?2F6C_Muw&)hQ?9iyhb3d36yJ~WT;>u2hk~>nhMtF8la16 zMiZkFvW1MS49rc8{0u-RaWOS9GBTXkIy@`zz~NI#7unwIwsVfy(juPR(Vu)lruEI7 z<2CDBx6fa((6FYaRL1#rRg(X*ExXrG3-H~r%&1j2I4`kzuJxAf%S4a%302MWoRgvL zaV_xC&I;qboDU2#f7Pk1-kaOxd)1=b-fdwZBeSIM&RgNjrey3Y&3<3gTqIe1L}rTK zn!iedvv`dr2A`YMrIvL3=j+YadNOmP?q5i|E8=xGHL&l&)g2EOJueB>`mim=|K4P$ zmeS8cKHT;D6dxTgDHm?I$oy)GQ^kkdKNfYo6z|xevRqtg;ikZkjXFIZB8y#ozF4W6 zi#0qlo%<-}T4V!LrHRwhM{Yq69ay}pBIdZtzIr&HiJ6gsaj}tsfdMBlBxQwJm<$*U zxIs*Q78YhE<{t)PAdV^{<9`+&11>fWZ8k<$R(56<!7A5M%qm5~XTe{~D@rJdxz#r`K+ZDaMH*;b$aS4f|d;}vBU4m9h~ z+oB=;^8ZD3x4X9eiXj=tlJ&e^eRS8-Um8?)vU0)JyK0BN9aFe=uUB5MfR``ibk$B_ z)}X47dST{;@0Qod9Ex4NNJH%AgcQT-|?dyNn8>3(S8S_^DY{m-Q{Zcbn}iVeNHC; D*bgQ3 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_TS.pem.certspec new file mode 100644 index 00000000000..72762a8d111 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-CA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_TS +subject:ee-EKU-EP-int-EKU-CA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP.der deleted file mode 100644 index 23884bfc04b90f306b2f94044d5d27e52cc26bda..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 743 zcmXqLVtQ=Q#CUoEGZP~d6Elm8z5y>Ar&gOs+jm|@Ms8LH15ra^13@v_SZhFhzOE2Qct~e#8&awd#>)NYkT(JQ+6~~joI?m;)BVAVA(TQD$N9Dt-J9; zi}7O9)|))}^Gj6sS#Dp@%U`?dNmQoJP34v9fzv$f7j_&GikC0jzf7_Ab>Q~q%jc*6 zGkg=<8^G-R_Qa&p*vgy@I^L6xXsf$!+2FL?`NElilOKyBmM@K3;dAVU&+FEy4<7tZ zNwR#hXcoK4#RHjhH%TnHeOf1b;i?}8uWaO58S!xIC#Pu*nJUU>x3Vm-d3V8xQ?i*+ zxb}A7)XL?zt@kGF*0A}rHn76bCR}m5^wTLTnV1TqXEyu$>ajqu$yBtA;`dB*)i~uSnz6z2qfuNW_m#(LQop8j z91PPd>Nzie=YkWX>%F;Wmv~E`|85Y!^3gu8EDbisu=@#LmwdixKgYaa=PSh<4qLAH zMQ(DDwVdpnwP{7(i){*XkH5eBwjhqXE$DcDj)uaies)vwe`h+*S4FJf@cu&baR3q^ BD#!o; diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP.pem.certspec new file mode 100644 index 00000000000..9a20174f90f --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP +subject:ee-EKU-EP-int-EKU-EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_NS.der deleted file mode 100644 index df0023b997217e69e6d88b92fdefacc1d66d55af..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AR;3%|8abY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;{AdR~U%#939O$;rg#CeTCToWkQK*>3mI7%n41{+8Gvr$VrpV!WH`tdUD*0B_`)`c&&;jsf_s>CK1M8?J?q%b%dRqh zM;+%?r8rd2n{>pcHotpUiF#`7clmfl)rrS%O0PSkA+XKr$Nn9rE35l~9CD>Uw2>s)zQeTL}^zXvZ>Gm|$Kujmv^ z%{syM&ndvbEi&cR{^hp>PA|>;%;Ceg&}9CEM!wCNMe2N8UK+7<&-}-*gIj*vEzWG8 z$;(_7=O%1d6}{7&y#DjGqr2K!BUBkh7Njb^`D66=X4~~*VZK7k`=6PLwo*}HfWZ8k<$R(56<ea$|8bIZ;5 zA-}(gwlp_9n0-Sz*S5Poul3l&+1o$&nOzV%;89YUmiG5jf5cuLdJx@`vi8TR zce*id?GHQTo8DR9nrLzHc==cRG}ilFpU*CMt`HEtlauSdfa!$^W(wRoW9R8w_846dhP-yUiZ@W zO>a+%N|)xB@zxdZ3o)JcT;PP)QnASM<@dgJg}8n1dJz=%EAuVW=hwLsDtB^%r!P7N E0DfFE*8l(j diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_NS.pem.certspec new file mode 100644 index 00000000000..8b8c422d007 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_NS +subject:ee-EKU-EP-int-EKU-EP_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_OS.der deleted file mode 100644 index 7700fd1d787863c6271a7f4f6c3583d5af6535ac..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AQy!@%0A0Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;{AgS~U%#939O^l4A#CeTCToWkQK*>3mI7%n41{+8Gvr$VrpV!WVn#xk#{za$w+_e55WWOOONL-wA-h2?Q->~X5YJM`9D6U+>uud5#V69W9oO=)^1w1y!id0zl+YL&onx?F3WBE z4<3df4TWi168)ENE1XW>yXT?z%gc`nPb-(VZ2tP8i(88S%k~xKCcLYPwt05cK0Ku- z|9gH^+4k7weDnXNo7heMD0q-(_tM#(p;NnWO+J0wcfDLo|DH8r$_`s2`6Daxw#wUXKiToHFR6R{NvE1=_ds^Z|`h=7;rM} zoSnU{$NU|ZO{YE{$gHc*YC$GGchwVFfKMSFfiZ*hNP@83zGqZ z0XK-r&%(mY#QeiR48&1oWc<&~M8_my>#-A-GQ~&U894RdTKVeJy~4TSb7dl&U#$IBAu#J)&iCwBT2UQbq5o|D z>ILMbs|)$vP~G{efBm23Yo|2VZEF`Op29B79IhsRpWp0e$Ya8|3IB55br)dqlruT+$atCj>3=Yq5iaNcQ zZKjd#q~84>#aepgGh7($E}8CG?L5O`&1ZFIS?{iv&aIrWXErmkJlSMqx0ma6%j^5I z*OveB{jFKfR&*>W+>Wz+!kyTtX+4XlTuUr)N-53#FUVWp7#9CRgLl@G>Wb*-MbiPm C+9n79 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_OS.pem.certspec new file mode 100644 index 00000000000..aa2d7df4303 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_OS +subject:ee-EKU-EP-int-EKU-EP_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_SA.der deleted file mode 100644 index 0ee083c7fc9b4631fb2a21bf4f03394da81a8991..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 749 zcmXqLVtQ%N#CUN5GZP~d6LaYADg$0NPOUbNw(q=*jNGgY1`>v11|n?Cp)AZiyqS3= zx~|@#x~>87!Hx!U;=G0?2F6C_Muw&)MrKjsyhb3d36yJ~WT;>u2hk~>nhMpZi)uy_ zqY|=(jI0dIO^o~uKqqlAH8C-ad$1?lt9jL;a!It$%rs; zEOgJVdf)f|p5??c-TfBG{N;_^rx&$0uN4ke**>yq`RK2r%ceQo#c_p-77z2)cD-xU z|A(Ktp?cbM|K-le53AJoB`?z9cUE}yu0;6Zt()JOm>C%u7aJKE7;pkZQdXFS$$-It z8^q*iVPR%s{$U^n;;1q*{%7Ga;9}#@W@BV!WoKqV4pm?@0z;LN!901>>ZVOw{}k?e z_iNoHW3i3fPDOArwUoKHq%JCUkC^)V$osz?vRq$Wes9rP@pn&@W6i9x13#bcte7&{ zS3>y{lH#%I46^cwbrEm)w(j;lIR^_PMeVq$zZ0^z)@}S=*A^_vp?-vP;zNQB~U%#939O^gkq#CeTCToWkQK*>3mI7%n41{+8Gvr$VrpV!WY|8NdlrPgY#s zaLkq|-62eUhL%|ySJC&)3+3k8%07>k-ErJY;G^C~hBW0F4bNZZ>m8O7=Hq)RA1Z%C zX!DBGdefI5%xbpXew*>tTE6ekV$NO^kiRndq^iT3_jl&1_(XNaToX#2?C$$+oqyS% z`0S9-JQIb<{BPUz7tDz0ZusVU_SCVy4ayY`p?nFuORKBIqUr^&_;&P8ytwRq%ADgJ z-(t+NzRYTUd`-naFVHQxAaG#|?^!104<+BD0uTH()LQaj`Ob?iT1Th-&|b1pZ|a&Q zSKnV;b)E5V)|_PRQ|&+R-eH*cA(-V;orgxq<;J8x zSGE?u3*3>`oqBbz#);j1)ASD|{R)`1%#+h6e=6I*x!U{mcWrsu*uLxVK9+n7b&)r_ zBFxmh=l@iAB^vT(;d<^Zrg`Fwxq(bm-RM`<##K~wd9ABrtHk@HjR zc&1JT|GePniJvPzDeU?^ODlBknJ;hibt>1rSJ;>>;+t`OU*>ba3var-w>A{rx_G($ zNzCCI4XLG_YCL>5{=cn#&v5pJ%dARP!P^A|=l8y9I^>_6e&mPK5k)((?Pgbm7^cmM F0RXxAGD-jd diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_TS.pem.certspec new file mode 100644 index 00000000000..327725e4fc1 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-EP_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_TS +subject:ee-EKU-EP-int-EKU-EP_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-NONE.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-NONE.der deleted file mode 100644 index 5fabb9b728304739915bead2ef0d3246bce01104..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 748 zcmXqLVtQfF#CTx=GZP~d6AR;`;yMFfHcqWJkGAi;jEvl@3`;=G0?2F6C_Muw&)#wJnXyhb3d36yJ~Xee(W3(+W+nhMtE8la0} zL=&SDvUQBC49rc8{0u-BaWOS9GBRAd-n;6t+zF@d1>856zTEWgr(&vDzs^D~rwOZ0 z=qdCGUhHqsD)wp=zN#}}@;}dG?VhUyZQpN85fVN3>c*Ckd+UDky=pA`edNk@ottSd zb_%kF`wIOy`SEes!HPL^{uG4%%KY%+SvBYG%k?UUFE-BdXbIc?yjSFJ;eU}M_R9s5 zm7ksNGt9Ab)X0?l^0mF7^V09j!PB=^ac@bwr_9SQ8{WjbvAN-1)hCvj^DEDJc;;KP z#O|LUS0*bry>n8L>K^G2Njc7I&(Ht-%daZR@ouS=PR7%f9Wf=^I}WHb7bV=DXwGYk1_qqKfRq(xVKQJa z;07`ISy-5vn12|EfjFv+jQ?4947k`hwAmP0S=pIckV6$1iNH{0WKgxfdSI9K?YMr~ zNgwvr1wT~&JKy7v==uwN3qQ?EN{(F0ZXuXA{o;ms3v{+tE&cv0e(k%KxJNl}U-=&> zOZH7`q_KbKPFFi%_jK{TGj7b+%2tK>EXfaz$p0LA_`$q24ZOeD{Ux_ew%d8w z$BSvj`@qWybLw-K_rE#eBF#OyCu?clcE7jBRE!=5#+0}yaP8|)&3|$E^9noJ@JD{t zB6nl2-1k|$S;=kM!6y-d0diMO)n@o}4 z+^+h_Ja7}ey6Z`9^qhk=W|AS_j!um^cu-_MZ$kJ@(dM$58onBV>;uYpa0EnYrTcKH{1{)ZZttx>vX z_qJ)AIkWk&b(qM;^&VoI_CBcdzr68Jt?`_TZ;GCAEA#$V4!9z=t1(bD?$)+Q-6zZY zyu**WFa6@NP&{n!dGGH5dLegJzhqmc|9+AYXLON?nUR5Uv5|p+0VgmRWrbOo3>XZ! zK}>!Y7G@^q9|mF|jw&PLe-<7CE;bHrHbz!fc4ijjPz6RHFjN^CI8NSqfAWH3lwYyW z6!{A^g*+FQs~RO~x$mU$+4n#1ZLit?{a?&- zpYkndyQMD({^^f?Ca~EfK`ya-u>7y$FKUt=a$ox!wv2#y`QLlFyY3-`I7P9P8lqo ze^T^(=!5k~I#Yh!yA*d=XJ?m)=Ehqdueg$G%~w6UwSNh-PWs3Aow5H|+O2oz`86Z~ E0I^##MF0Q* diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-NS.pem.certspec new file mode 100644 index 00000000000..ebb7e997f25 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS +subject:ee-EKU-EP-int-EKU-NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-NS_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-NS_OS.der deleted file mode 100644 index a45c88a4c2292c17e0db7ecf7ef014e68b4b5dda..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AM$+j%)*7HcqWJkGAi;jEvl@3I60(JitPIRejQk8hH*qmFF)}jzTBEXH%9EdVy`^_ul;-Vtmg;z<;O2tYH8(lG zUU(K}XrS@YpxJq5KuS-%mE*@lEG9ety?plT$lh{&(|`}j`@Wvw3Z7y3|5V^}R>ONq zJl%={XQtiXC;v0ma%oEW2IbY;I#!o@?pFI%?KU|!Z{h!4%ti73|Lw2YRWu$hT(_yt zwxBus&xR>QP0Ngfud}2qb1J^1|8*|Um7B}1msHNF*>@=S#?yOY4hvWgYiSi+x#-7V zYq#Ll&j>?L53!3CDlN-bo_o3W72CNq?`rQ`56gvL1YVVtmbfY29xoK)xtO=K9d+9{wQzsnnfb2a_N6>MS9SjOtUMc;P?qR4QTvjR zWt{bY`Gc z5B3uR9_d`uxql-`tVgD5aiZ~Jt%uh_0#EF+e8_ZPS96ui>06c#m*yO>So3*<;cAVL FHUKI60(JitPIRejQk8hH*qmFF)}h7emBcX;b7W}YWXnV6aMQqx&78&`Y}|ZbJ5PC zXWb^!f1dBq=~R7X5S?{G{rmkgzo7h^w?4MrEUiA4ur+ek)f;iY0mmYh z%jF+9+&#WNRb*Q#+H0p>d3e3dXQv}S_sfJ%UXcIoKNB+}1LI;N0|Nt2U`WaevoIMj z7;uA_{46ZYOw2zF#6TQXM#ldvJO*5B9NKJ*tgP(JEXbh>j7DInGBWg7#H`ZHE=tT* znr{-Yu|MQ73;!Rs7@4Pc>K+_AJN41R2Mcce?Q%K&{O*&D*O)dtiZK+toDh|GiRt== zj^-Wb??0Qu>SZVO@TAOxyXhJAM{FzveZEKExpKlV`Rk((E>C+MPjHv)dA&q#ukPFQ zTVjis-ZKrC2!1EE6iJ)`p|Jct4d$L zpZdSEzT1;eKV-}~+Mn5LaKl%vd);(N_3jz7*E)7)6I60(JitPIRejQk8hH*qmFF)}hdd*(Eya?-KStILg+TPC`0k3PcK&9P$nouht1 zE0;*Gn}0$fzt3iqvRrI4muZ;c>6F%{%`<1;b$XQ=r@c1kaMIC;J^H2}Opk;Gp4%5w zH$(2$_oM&!oZ0ryC)?|ypZoI<|MqJNPnr9uY`5Z7AEq}xs=3meI<9dBZtOgIa{J5U zclv`q8yqdT=T@}rmXA&JUi$}{25Z)vUUW$cd03~YU~Q*4SK7C}!12uj2@ys0`~TS< z7Oe<5JbTyGcT&qADLv8KKZij+D=Yi;+|=xV^7TAyjeq_BXS9CsXLOC+A^7Xk1#>ZZ z<<#h&v`wE=vJSDaZY^Ei&b92Uc9U)4+-dpq_)W^L2s1G=GB7SSGB7aU1cs!nFbk6b zg8?^)$6r*(&jD0at?KG)DOoTOth`UOKXr$M`%wna~~b-)ZOeEt%&J>()lTyL#&3 zMK0lzkjXkrKCE9?cZVl}ZTlV0gB_l6d<`MW&l1=TRfD-jlQ?1?e%`D8Id|4mb>Sz5 zmnzEKU!`wcI-9BZo@%+c=(@6hYnH5-6Kkk3f1lh%=NlevAyd{X%>9|(8d~uF_@ywl zsNYj+y#%6D9p2YWlX`#@o4Grs{F*VeaCf6%|^` zoOjl9#2+}n%XE8Npz4Ku#dT#|Hx4;8Z8Yj*{^m7p-#m*35pU%qKQ6SirLun%RC!Sd E0M64U?EnA( diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-NS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-NS_TS.pem.certspec new file mode 100644 index 00000000000..73b95e0e279 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-NS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_TS +subject:ee-EKU-EP-int-EKU-NS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-OS.der deleted file mode 100644 index e167181c884ecb8b330d377a96ed953e7ec62eef..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 744 zcmXqLVtQiG#CT=_GZP~d6AQz$J$DRv**LY@JlekVGBR?rG8l*&3L6NrF^94+^KfP6 zmFT*9hwAzV8_0?C8k!gw8<`s!nwppzMv3zpfw(46u7SLvtbsH{n@DOZSeI*nE|LLF zj7rE>F|sl+H!<=v0A0hy)Wpch@Kv>7Tk{3K8!aJ~ZPOOSoGDD!-X*(dPUiNnro8um zDe$we*!OGG@dC=%XD)YDL-!o$tGIP=2Khjpg? zk6y&~X^H5xkVoE2KixU|;9=v9w#um;vVwCrXDv@Wz4-YZ%^#`j3r_vYnmVUNeYb{r z-`&QKN5%h`U(n*Qad^EaC_E-A4d0(-oU-AS9l` z|L**2=gCZ5Go~I`b1Qbc?KGz7w?fkCi{|>xelC>cc7C=+yHdr0rBe!>UcF|JSamva zMu|-7-0fP6mgJw>nAFaAm_h!~?9%nV#~YS52sqh(N($CiJ-b@u!5(jqTOsDopY3L! F2LOk&G7bO$ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-OS.pem.certspec new file mode 100644 index 00000000000..2c1e5e67d27 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS +subject:ee-EKU-EP-int-EKU-OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-OS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-OS_SA.der deleted file mode 100644 index 4f5a2a13069b1829a23b9f45e9b0813d08f77397..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6APo|?P&(QY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv{Uw~U%#939O-xOr#CeTCToWkQK*>IzFq&os+6V0iuxv;mp)dV;C+1LW*EoPPixt?u8z&3D@6Vp^ zTN5nyEKjg$HVNA!qdp_$e`janmMgZ&1uOUj|GZmtw&|DZrft&?p1tP#+`RdIzRK0V zuYTGIJTcl{Si`H8(Pl8^+nzZZJK9#A$a{S0&4ZHGk9pMz`-(B-?pA-_v+i>wF;TptF|Z>0%~kMh3>kMg|53oWPKj6=q>F zU@+hYG5J|on3I#5s*H^PS$GV%*f_M=7+G1_nOTrS6&Q`cP-SE&Ua-|u;90G8 z@AR6iYj%I9)EzlwAadNjV_w5+{e7yJLdDN^YYWY;TCsWS)-ny|eC78I7th^NNsD;1 z<9NSd^3Tm*qVz2_x9Rho(+i!Jl(*(koYz_gmj&#*YbP4sn&&!TWvPnd*TOI!G zLG%7ozLh51_IxSY;k+xn)u_E|=9AE_X}^E`U(srFDfG^-r|Fh)|8F&%GFtDk_(-0Q F1ptAnET8}Y diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-OS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-OS_SA.pem.certspec new file mode 100644 index 00000000000..feb45bdd177 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-OS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_SA +subject:ee-EKU-EP-int-EKU-OS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-OS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-OS_TS.der deleted file mode 100644 index 639cb13067769ded4b23c43229572d27635bbad7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 749 zcmXqLVtQ%N#CUN5GZP~d6SJC4hygDfr&gOs+jm|@Ms8LH0|`Sh0}(dnP!?t$-psrb zU03f=UH{eExR{z485zDk4(L#bK0Bjh()JXkb9)1VE}WU8nz@(1L+Ibs zSL-}9(pFtJ&;2T0?-AwDv(j+Z%e_kfb6-4UY%l13a^O4Hl+3JEwyPP;n5X^aTI5mI za51^GLlvVgqdp*DL^5q@T`3L`82#OZ7a{n%}%VUw&vK@Yx z@6XvDSQ)*}$f8Q|!lAQnN(ZhTc@`RJ^W;}X&z?u!TirJb1nkQ8xcRNvvS|Oi7mXt&Z!*Vwsp385kEE85kIF0z*<(n1#uJ z!GIgYeqDC_u=m%C4ENPf?QL@xn@w5vdIpO>`-PvSLXQMlrlzdj>%Q0IXuSt- z{-;ex%M{-~&^cXjH2v)NBWw0NJdn!x|LlUbOP?J~dGAtwmH&{Y&4fu)uhzT$o@)DX zXJfm|EB-?l-dRhT$X*dPPU-G@;bE#X?_FKSI;9q)3r}s|CoSLJpQ*Nb?hTfe(zhcl z%K0x!rOjKcb$ZXl!-0juvn#__F!9@Oix&K6x~|I4yuFeC-0h_{?E7+_8MQ1ww2=L( zP`GP{jiju2$irn#dVBweJ-D%Nxllp&l+WMagyq+3I9R>8u~tJ#WZ|K#h8>b7N{b|K Ge*plE-7(() diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-OS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-OS_TS.pem.certspec new file mode 100644 index 00000000000..866f25d0ce7 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-OS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_TS +subject:ee-EKU-EP-int-EKU-OS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-SA.der deleted file mode 100644 index 03954fa4d84e566c6ba8a7129fc39e5122bacbda..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 744 zcmXqLVtQiG#CT=_GZP~d6ANQb-7f=PHcqWJkGAi;jEvl@3nHpy(V)7;os{`r*o!!~b@i=}nRZ>+lc>lbXY z&VA!KL2CA4PmLvNx79B`{$R`@@2q6?p|kQln>$yy>}K)kJN?^dU7Hg6^j$))h~hWN zsL++aqWVpjz2mzdq#Si?zQ@fMy0_V!6mu`tA7x@@WMEuuWME*x2@FPAVHPF>1_N#o zlb?l!nTh#_ff$IR%E@^y2=E*I5LH2jsY zk}Y6{9K-MF-zr}foMwN|B~w|@$mqTqS5I!8O67ykqVe2M zLtb!s-&Zr4zT}E*d6CBJ6&EjS#Qci8dhbDOj}E7LbEmX2%ZuxeH9nj?5p%Y3qu$8{ z40B}9O+Nc-!s3Qy|Lb;6vQL#hoc67Bc8iVnHb1Rdb0sW~ik5Y$ZtZxXGINIOr>J>P zG>)WC?A-sSky9bgNaC=|*`4P^R!)@?SrJ;A#HTX7^K#VAi|3zsWPDM-bZqwBb58&r C>nMc) diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-SA.pem.certspec new file mode 100644 index 00000000000..cfe6ce909c6 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-SA +subject:ee-EKU-EP-int-EKU-SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-SA_TS.der deleted file mode 100644 index 960720bc44be6d8314276a225db545089f7ea78c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 749 zcmXqLVtQ%N#CUN5GZP~d6LT(;vH>p}r&gOs+jm|@Ms8LH0|`Sh0}(dnP!?t$-psrb zU03f=-C)P~kYEEjab80c17jm|BSTYD1JfvRULz3K1j;o~GE^{-gXk1bO$BRo4bVk3 zqlr-o*+NEE2IeM4eg>eExR{z485x$Edc9ut|7-JfMfKCaE?qWPmn-c3d|g@a+~U19 zil?(*KXyxJ%ygNjdf|}WLO$>EUgKJ>r5n?}I6iu0@z0BEv`X`V-}WY3zUwzzct!^;|jOs?dV3%Ju7xyhjc6?u3d|toc ze2ibmjx4Jkp_@8AH=n#PKlZLfn$z>vvl&~|Uj3UgZ902YtX-Svkr{o*ZBr&^EK}4< z+_oxBZNgpAth~49*EDFoY_zYP-?ZD`Q=#e6h4#RGj`@}tl0L8<4t+pa=}+#JYr_)ClBqI=d^vP+us>I zTqau$j+RN?V7+j0!vvdnCxfU1)3>vqHahdbF)vJX#Rr4q8CsvOFA|X9{?KF`zX$-T C^B+9` diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-SA_TS.pem.certspec new file mode 100644 index 00000000000..c48a71b85fb --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-SA_TS +subject:ee-EKU-EP-int-EKU-SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-TS.der deleted file mode 100644 index 35023a369d2e627a10062e63c37df0ba1dea0720..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 743 zcmXqLVtQ=Q#CUoEGZP~d6SGUsd;?xKPOUbNw(q=*jNGgY2BL<-27+wNp)AZiT$y<# zx~|@#x*@>^a^k#(CI-ev=0=95rUsT#;=D#6t_hTDAa5vZAPvzbl9~$ERqn{+1p3%Sx*H4u5~ORzS*3 zpk!jr>g|hnb?^vF%Q13TWGHYg)qZnKfhqinhicTwhD zX0WdGx}@(5waq6u9&GbDz`Nw`*{pt6i4?S9$rrlgYzJvSHa>(ai>aN^%?Q6^?a2FArk1_lP4z+jXWW??d5FyIC; z`B_+)nV5eVh=Dk&jEw(TcnrAMIJDUqSy|bcS&%~&7=gf0Wn^e``mq1-eBYfp%Y)C_ zaukQlvuebYwck;@t#nqGSGm{N@FvfxXX!iEJn!x6oFMJqP&g;$xzQtuqjT-{e(067 z{;vG+)EY}y^>a=CSb5*hJRh`K=UDsV6+5Se^-r4dQ7iD8WA#VjAO3z3G7;GlCA0Sa z(*B=O_xnh5O;owgx$V>6)marZzb^}!JLTY}^n<7UPd`!bi&@TU{o(yj{&|x%e+y>L zZfo9>{_M^*hwbk&UFv#d`Bwc2Vn6g_!8F^on{_7r4_jOQVc&~3H?57Ek3Kgzoh#TO zef+X(R6+*VnM-}wZ*vCC`1G>>vak5(zQ!MFGq3KH$h=pwD&d{l#OP`LDi^+OvH$>G C#4&XM diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-TS.pem.certspec new file mode 100644 index 00000000000..b9246348f86 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP-int-EKU-TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-TS +subject:ee-EKU-EP-int-EKU-TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA.der deleted file mode 100644 index 0e593e89214ccd29f3014d670bdada863b80f21a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 758 zcmXqLV)|sz#CU4~GZP~d6AP1@rmX=l8>d#AN85K^Mn-N{1_Mz;VFN)n=1>-99v9c<_Y2lV zGNXx63E4JARtDxKMt%mMgSeQQ7#SJ1xd&b-nylQm?C4>AW#2>hUwM8|$lTpv#^#-{ zF(-D_I*SB_M^9uJcn;^Rx%Vw0StXvAU-NRilX`OYw3}<) zt&`W??d5 zFyIC;`B_+)nV5eVD1tbujEw(T#0^B*IJDUqSy|bcS=cxe+B_KBemJo(A_p)qI)MSq z$dGx?dcz+HVO7beQwyGazx(?Bq+KlDW|?mdmi#X|xbn{(=4D?_HnYdwy~1-U_tk7p z>uYANxr(#@uyzL(KR3IU)4tDqep-Riyt7Ghofp2{d}J?^DtGa{noDQa%a4kV*(dm( z7KdgYxl!GBz$>Su*5K4(OncCI#O1I->M7oFQ@phrExidR0cm9)3SpBg6Xug@2>^h$sjWaj6 P`j&k^f0;?E^us>@XFDwo diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA.pem.certspec new file mode 100644 index 00000000000..e47e4c8a5d9 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA +subject:ee-EKU-EP_NS-int-EKU-CA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_EP.der deleted file mode 100644 index bca02d2b769d0530f76ebff3e09f239c68a471d3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6SL>U00Uk&POUbNw(q=*jNGgY1`>v11|n?Cp)AZiyqS3= zx~|@#y3UUAt^o#e;=G0?2F6C_Muw)wrsh%Nyhb3d36yJ~YN%|W2+=8(nhMtF8W8Un ztcz+)6QdHcos6su%uS5^3_w?LF*PwVGF+Yz5i_bk^@ z-HL11Cr+83QFps{Li&RRDw;YmGdD!)UuC#)V_uX+UFWsqR|Df1_S8aZG*8Wk1)wTXN^G z?c&+dOKd%Mt$A=@jbNJY0=`1dhYJh?pO*aOXX1D&L+tynHb|zD)M$VL26ke*@n_ZMFk-Mad5RDpt%)`z+f&JhMxgtucT9 znuoP3jh8(-BBN+>^}=0^DZTEj$v$6lHyqEKV<)&`uwz?2nc zVKQJa;07`ISy-5vn16r+Syq*i@jr{WfhZe?HX9==D?2j_8)rhB2V>h0Cl*HJ00u@X zFn}2uD#DfY9CB9aP1brh~uW+bbged}s;+WEfZtcKUK#ZveD2#|Vg zXI|;NopE1}!z3fWAM-QWw5Q8Q&0-9$;98x|?pr;@;T`jr_@jZbAJ`1G1dGY^t(+aW TB7((Z_uezs{ilztH|+udmFzA^ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_EP.pem.certspec new file mode 100644 index 00000000000..79b01d6abcb --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP +subject:ee-EKU-EP_NS-int-EKU-CA_EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.der deleted file mode 100644 index 5a26305c5effba388df1bd2aa3af48359e819e30..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 788 zcmXqLViquHV*IgynTe5!iG^X~Jq`n2HcqWJkGAi;jEvl@38wZ8RfnoU&-9f+&x+H{m4G&PynLXu}W1APp)dh!y!wNie z*>>!*S@$tzyP?~>)#6f{iuekhEcS`WoO>_9<{kfR`}O>e=++svvpj8NSSQLwF|V6h zcTm~=3*+hVh)fBmHTkF0XROV7arlYm0ZG}Wea0JfA~H5KYzpyCe^OiQSjWGhV*asN zybor^&eCAoS9R1PDVCdaii__Y4xiHbX|rtROi8X^7b5vGdGSHp{r4l(s}pp@147RB z?>V}AS-nWWtZ5I*3*?M~*M8Z_ZxHfy(l^7FD0B9`5fTF7B6$V>E&eZj%f!scz_{4f zz}kQl7_hR!EKCLr2HYSfKMM;p6Y~!PMG!}ok?}u^xPd4ehc+7{D=RxQ3ma!bn+Idt z4<{Bz$>RmrOnbor`D{GiC=np?)`r`qUGK`&aZ<7-k83R z;!xRHTk>*N*YRmJ#kY$%H_TS4ThO>8%LP7(E4cpCEcxhV;{N!MLX83dW|%Mj diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec new file mode 100644 index 00000000000..e34b42c3547 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP_NS_OS_SA_TS +subject:ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_NS.der deleted file mode 100644 index 0bb89e00d490b5d8fdb03680e42f31fa60ba1947..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AP2_%UA7~CYr0Dxby~1!al)3?;MEtDvph01 zPwcL<+7gnq$%W6eIo-x(-Q$({&hIa}?ce%D=$dFF522g`eof_X-8n`2T&PZGTpdSFZoBceQPi;Whb)UY}j5hsq;! zZ{64Y=g+${*H%7wOWejIg@vN5VXlP{%BI{c*8?(w-v1F-^_yMf_DVx#aks9HxV)#) z%Yv%8f4En28(;o;YblpzT-J2HGG4i_*#|bcSMR(0$y?CqT5G-T7t1Nv!qS-zTnlgb zY;SU$^K(i1;zuGuofFGzW}nJ7T@&+k#pgT~7HOg1Ow5c7jEijztPMDUfhjA@!eqc; zzzt&Zv#>BTG5-JuvaBj2<9`-$15q{(Z8k<$R(568lLOxWzTO#Fj%ep?OKV?^GTLWN%UFd!zF~@{~l!tbf}c z{p$L7gg=>UDqlzERejfDk0RD;)#H{?HN3|{f^Jz{b2qIF5uY4sC;j*#gHfH!t_{Z) z?&wbL`4P@MX`ZE`;r{Tr-z`(8-u!X9XRg-7DJtQzi<>GRCqL#q8KVCBt4-!pt-0SG OyqGAGBAlxDemww@9VAWw diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_NS.pem.certspec new file mode 100644 index 00000000000..ce588ae5afc --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_NS +subject:ee-EKU-EP_NS-int-EKU-CA_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_OS.der deleted file mode 100644 index cde7da628fa5415b9ea88ee744bfd1853871c80d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AP36c3%TtHcqWJkGAi;jEvl@37I^Zka#x2=Jc7_IJ4%$JCcv-m7oyusyy__`2}5B{F7H+s?Q@O=Gg0^;GP^--?@x!ER?HEgF~B zJD$^y^N8ES%|CNb{>uxKd-b1AZBTG5-JuvaBj2<9`-$15q{(Z8k<$R(56LwN9Io{QgC5l%4Uc`t9-A8h7ny9)GxRawF?wt=n31 SR^qZw%UkMw?p@y_$pip^At_Y= diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_OS.pem.certspec new file mode 100644 index 00000000000..06b05c96d7c --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_OS +subject:ee-EKU-EP_NS-int-EKU-CA_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_SA.der deleted file mode 100644 index 369c504607d1aa4dec06fdd9adec4defd28a2627..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AM$U_HzSXHcqWJkGAi;jEvl@3&iK99HdiFcqF|vj?_#a#Ej-s^x2fx=PJI@=Ld}kKk8PK!IM=2d z-t|l;?E?DO#qeluy;{HXx`^!?-Ulstm$Ie8{<=A)|I^>n%f!scz_{4fz}kQl7?`rc zEKCLr2HYSfKMM;p6Y~#nAj_&UGX7@~HxOmx&}L&~Wo2h(VdG3_^I&ZI;l#p-9KgUx z1qLu9L+km_)%jJn4(!Yi-Oss&1hv|}(Ovec%3-x?l(wqon_8!wMJMII zx$kV!WqFrbw$O8zua!fIgl}1XX-7a3cjf!7MZ#U%XU0#vk*eoi-2L>^pUMOWzm!Yi z8c*IVF<&sjdPV-ll{cSjMi=-k=l-`dCMhQDpJDX;(l diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_SA.pem.certspec new file mode 100644 index 00000000000..b72f54848f3 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_SA +subject:ee-EKU-EP_NS-int-EKU-CA_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-CA_TS.der deleted file mode 100644 index 960807a9e6ac932a90c7ede2393aa62a9c377918..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AR-mjhzO(Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@`U<3oZC~U%#939O$?2r#CeTCToWkQK-Ey$KoO!-Dm4|X(KR66 zFIX4Vm?lOgWIGvI8JL?G`5A!D;$muIWMtUhvp1?e`1IyS+kQIa&)D#|XX5Oz#-OJg z8}%0{aA$5lF;%TEm(lmCmZ~v(Tb9t(wRP85I7kIc&z9Zhb@j2x*;wz+P?Z~p)PtX8 zUATB?$)Pfb&^g)Xcb@8<@XCE*M`O?16+(W2OKWcxb8A03S@qPbYEg~HKEY@5O)A2< zx0HKVr6d^ef7HAgTTr;Uu{=84Ok8ApsCi@cBkOh68IMk{m47+m)ZMf@{qCm@Dov=} ze&&z%KJF7P$BrnU$+bPm{_fAlHpZFp^I{ITmD!{RZ*yC~96IOn5v~96Md_NSr*fMr z7N{)vsgl1%Aa2v~HS@*x-9DD@kygVWIeGKpKhXxi8@N-2nV1o zzyM}s=&ab(dEk?cn*Y4Rm+J$jeVBYVXGxf1<~HG`uC#7JmjlzjrEPlRc(;7Nw`((B z|H;E1F-(bde!Kh>(_aZ&ZR$IG^`KPk`j3joeg{9;C+Jc$XWsMnJ+5LZk&B`aSnj-R z^GjId%=)rN`%Yg-UdwcHZep|G!ZQxWVY_cm&nR*~Rc!wALa*L8AG5$u63KlRY~ zW#MstF2~e|+m30lmCGg+b%<{Hn|AVPR3u|T+2kqFE33GU3vZh0x%-&%Y)az9rcP>@6 Ty-g>-d#AN85K^Mn-N{1_Mz;VFN)n=1>-99WcRZ)e5Zf|xMO75GrGe0lw>!PjaxBd1Cz1GfsLSlMWeyu&ruBUmQ9&VG`_(*-}!J}*b zy-K^#$ecbwmr2ui@p%)8oQm*6C!H=Vj-S$76tSLBfOBz-^mARoB`|S(UuZJ3J>lP|cIXO>$M*O6fE$v(T zg3=%N#ZR8kbMB3Jpy0`Wd)Fy!Ffu6PTiU#d|M(&enP5iCA5U)|$T+0Iw(Hokw)OjY zGGBUE-7(0%ecV>q%3{a+*>esk+E-g0=W=j}^;#i$zxJH){SHfhcRAD8X;mL{6{@pp zc$zqjTWoiKsCRp_EhXStf9Hm%SHEY~{$$)yF`e&&t5zD5{maw4+Lf%AxORNVlH?J7 zy7GSA#G}r3S`XhO?7#7f$?43)^Qrgudw-rCapjDVx1;1?@0auSrlpCsq-SoOv-elO RP-*l1Z?}uz1%{@u0|5TbHLm~w diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP.pem.certspec new file mode 100644 index 00000000000..d7596c71bf9 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP +subject:ee-EKU-EP_NS-int-EKU-EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_NS.der deleted file mode 100644 index 65eb74dd0367d2fb2d111bfe970ab1f0b22a15b5..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AQx|xhV#`Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;{AdR~U%#939O$;rg#CeTCToWkQK-Ey$KoO!-Dm4|MQ5V&i zCPpP>I~iFSn41{+8Gz2>VrpV!WVocfhB@+$_Jq*S*RH%cXrJs>_`RYzM=Nm0B)+=` z-n>?ATzgJTH@P(Bfr(3X`B0-KIezJ zX4iW~uKyKF`_H^dY3}Y1f7FjIShzAFd}CVB>GUd_k}Eb@zVDtIpWTaQmd^+vBAVv_yZ@Tv+G-dg|&c zcH2Ly-B!@pF1=<^`vLZ_J~!?4Z2v8F=l!&m{nOaW#LURRxY*Xf+JF-nn6knwOa=@F z+#n`D3kx$7^AB(!%c?Rm{$~+45M|@gW@BV!WoKq#<4kDtU~K#0#KMRiz`#fa1~4Oo zhv}|W46EA|)Y`b#mMLB0i*Hzx{gQ73$A>*%9PTDr$jCOhyfa`6=GMbfJK*$kLhSZHqc4tZDk3&3AeC=K46vmQGu49(@z; zWqB?lRladwbxczn^P68kl&U*A{flx8-_BQRht}PQyw77W$>vzArN&QZzH{gA3e5k) z8s2kozV0HWXRR?R*H`sREcvweuk*@PU9F-oa?Y4q9x-A4{X)I6?CDX?RGk*lX1`zh OZZFyO^B#4)@B{#B@GQCj diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_NS.pem.certspec new file mode 100644 index 00000000000..61e58941b22 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_NS +subject:ee-EKU-EP_NS-int-EKU-EP_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_OS.der deleted file mode 100644 index a85cf54fd9c4ac1ab00b206463b2f9c1adfb6567..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AR;sTqOfuHcqWJkGAi;jEvl@3GU*|6XsYPZz)=GI(Lzg{wW7OwYJ?xbI)v$ zGkY*|`>W`q3;yNG-><4VHhsQil#41)rH;S!nuf^-ul&7NStxj6)-OvB`Ip?4HmCg0 z*#1$8WOr-X)t_OkReb-5mFL2?Z#iFioe!#A*!U{h;{LX}*RvDZ9@yw^)t%CEWGO@Q zr=@%RKDDoE-BsK(K2+1=Xfu6RXOLL5v!40fhJz9NWLNAc zYW%dz@ZDxfljy{A@$FV-{|*QnzDaXECUjgbdHZoDW=00a#kL042Asgaloe)SGGH*^ z1~K_rSeTiZe}Ds7R+W+QKa045C>w`18zU<#J2ML#XF{6?W7`iW7Dlv41qLu9gHmrn zWX3}i8Jk3rRLzBzzifH7Jk)t7`)PU9zplK3BCpg1;p>_gzlceCcKgjixou}xe4ABo zc0yb8eM_wKv$gl?KD}-g*mGuLteBR>wPfvClJ9jK9*e5pzSuO;MB-q^r-_SvHoS?G z7rVaIx9jwV;1fdEW~5(@o&3p@xvHXP@^PL|vV^;C$nT%f z9kpxim)k6fKj-d=o6a2@EUkH6=cdxt)ndVs`-+t z*30lXK6w4$)n8uGuPVle3(WtzcI;-VdDW$O`AImhX}YwI{*V7U%QwuQerpc@oNexFUy+nSmk^jXXXCv>uL$&R~xn!eiD;6&3U5i z)iwXVO7ujr>zu~7XEgrbp|hBC($*s)9C=$<=U%!r_3eRs4(~(#o@Y?p z`HZS%WfSf64(?gEwWMbEcb-CRaO|hhV$s!e_j=nDU-L^>?R&G@IoR^7o%j6xlRg=IFU?qVsZD1=$9={{pVV!9 z+ghaGp8KB>HtAr+r1^3QTV)>gFS`+*am`YA|GU-yekYgjzSN#y?Ajj}pLecmy>CHd zb=&&LsN8(+i6(=JXvoR^^c7%=%qQ PPsF^y^YnG+s*l$I4nHo@ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_SA.pem.certspec new file mode 100644 index 00000000000..8d3c803614e --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_SA +subject:ee-EKU-EP_NS-int-EKU-EP_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_TS.der deleted file mode 100644 index cd21d53c2c7f72e180487bb6f67841cdc6637f9f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AR<_FWv^cY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;zNQB~U%#939O^gkq#CeTCToWkQK-Ey$KoO!-Dm4|R(JxpR z)tDwmC1g7pSs9p{82K51&f;QfVq|2vEG!?vtT*$3ckIG_YL+p>cbqN;^E zghWfY)+No0NPjAQe2M1A`>_$H3=1PqcqMLWVU~8N%&uOrb*kBPrsC;&8oI7-5_6h< zUJ?r1w#Cpczu7yWhh^CWYsV9Pzf9L3emra5-g$fyE18%X85kGa8dw`}0s~W4n1#uJ z!GIgYM0S@J?6ZQWJGnncOEzHX7wcpMUkJ^ZU!Nsy&GRcWR~C z71zSIoTZ;d|KBOR;(03iOJcd$++*|pzOkOS*^hIJsi8&r<)vr1F8A{0JBqgdH%Yqi z`UadR2^Pb|K_%+3q}VPzj=F7 z?H!Nii&Zni65|gZni~B(vmwE%vxPCC>9XAx$Ewd>|4n&gw)CVfvO1%uBDC}k-{CIL PfZM{g9ZgnQ?@s~%ZDc3F diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_TS.pem.certspec new file mode 100644 index 00000000000..e23404c6b8a --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-EP_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_TS +subject:ee-EKU-EP_NS-int-EKU-EP_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-NONE.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-NONE.der deleted file mode 100644 index 810d57baa7c36256a889b13697186fbbd8d55fea..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6AR;uw{Hx1**LY@JlekVGBR?rG8l*(iW&&BF^94+^YCQm zmFT*9hwA$I`?(s(iSrto7#JIw8yT9K7@I_i^BRG;CQz<{ilLH$0z{)^YARTtYe2kT zur7)zO^iy&HZrm@FgG#sGXNdM#ni;e$Z%&V_usY3JMKxR9npv^{B`PprMdpii$-#H z?!KPT$lA%sD9fkh)!;k-pqm80+&xLR({ue#t~n%~c6OE9PPe_wuX`T6DP|wLFY)}b zmNmE3Uey@h>THi__2;|O)}0&RyysxRO?Suq9h%|7dv9&p{lT-|UNSYOfRp7(z;gA1 zi$PcC7VYeCQVeSrxZQV8(BzosAF1{fvB|p}B~}$kH}U+s>9+Jw`&7&RtXxgm)+=A{ zC%#+!UN`j72z3zg2G;Psp9sWgCm` z6@6m+^XbZu>7_qHw|qFrEcuvqUg5kO|NF1LxLKpjT78dv|E{_1y`K9^8WS)&Wn{bs+XU} zdMdc2RQ-q%Eh}4bR(11{gVm=QQfsZ>70kJ8eNLBe*_$QRY`Yt`u~%<1Sn_zf){^IY zFIBIamyvblhh_@fGHnIbtW(QmCLMpnwoEEOv-=~*t{jGi*5W&vQr`Vp;kcDiZfBBf z?A?b7PKFNq8+_Sb#3c(A)e2mBWHyU$ULDh7?Z3RUXUqvKzJF+jlYht4rhji)U-@Sy z`n#z&tlHnjuU@Ro@Udpi$9GfjSFY)hlAc?XyZ)M**rmm%>wZ29f8T03dzGlsmZrXo S)2AqzCk8Id#AN85K^Mn-N{1_Mz;VFN)n=1>-99v9c<_Y2lV zGNXx63E4JARtDxKMt%mMgSeQQ7#SI!^cFolbX4QN$C=~G=bqViUwxAL*sHd#K2XVE zTGrht*=^TXsC$Jl1Fomi({uK6%8+JH=3|FM5PAdJpFs|<+=N-}7k7qx9?=Ss+I7^37d%w`qo|dEj zW=)3ZQ28(`ZN;3z8pQbrns-P;G=;T z-vSQa{YF9DyBT9W`0wOi=3KlrsX6M(ixbPN_`fi>@@NKWMM$u8S# zr?qe{+jOrub56$cB(V)=Ols$EZ*jiNU_1Hz8BQHBn@MYSO|oE!Jf5p`(xZGHXPn0C zw)oGoPE}`jv~U%#939O-u}<#CeTCToWkQK-Ey$KoO!-Dm4|X(KR66 zFIX4Vm?lOgWIGvI8JL?G`5A!D;$muIWMr7~_`bFJPZ}BCW z=eG+?u-fQwMZfB^?KeZgQq!+}i!SWbp7qUR{fdGIPaE8;c5trvw>0->+DFd66DNK* z{gKFG5_7%g;MEJg5+Z9)OfR}JRepI}$i9w6%OBUI$K5HIn-FmD&BN{I`4}R9M$U2( zeI~Z$_q1J8!q`?;$GzFSZ%c?8!;SBr8{(IIn_0^pKS|Rm=EGV36Ir|XHzwreY`?*_ zc}m`WMM0h(6PXe&apMPUcDr)!PHN(Pcf#=*OXIIV$23|C<|=TG}+S1T&$|^Bj56TZt2?7`wr}yX=Jx5$J@x+urh}+i$n+d(B_fe~U%#939O-xLq#CeTCToWkQK-Ey$KoO!-Dm4|X(KR66 zFIX4Vm?lOgWIGvI8JL?G`5A!D;$muIWMsHLC)}ne`Pru@5gmI{Up?+V!2fXbiyz{} zcdy15idVZROtqbS_iFZ|LhA~X=BKY^EMI;OZjPysT<;}P#uoLya(CI)tCl*FGI=W> zGTfBstNtN9(|!e;BuA^oUbhdAZui7Jdt>1H%-zM6n=eZ5>5BLM0TBl_^@O+GienK2iYuU}Yl%lm8drRBBPCf$|fmnmL-B|4OY(WG9?q(kk~ zoVF`ITf$eye7<|s^})hFDbH~1yYcG#_dxAD&l$AEV)MMUM)Cv-;aZ+^D#H4`%<1LI;_18W0LU|`A$ zvoIMj7;uA_{46ZYOw2#Pfh?=a$oQW{+(49#Lz|6}m6e^Dg^e?z&4aP+hZ74UasUG( z6&S#b4BDMd>mE1r_xeucEwa`te{9Qj?E381KdFy)KS|OtW>%BnHQ-*ijp-71z16}! z>S1D<{jzSSTN|`CGF;mFEpUrek?PsWYbXEz-~2#F*D&@`Z%N#WAHo-utQ8}pSM)k= z6S!c(@xtxRtykhYJkqBQ39QUu{LX(h@I=L}qK!`9dfcxyOc5(S>bzFB_|cxQ;<*q0 z9^aDjx^eX%lPz8?ha6uWwJhHz#r=EN*0-0t9pdiDe@xoQ=@b*{AvDGEJ0oA|#_!df zCAL32SIxQW=VI_f%_6fWT6BAZmr;(^$5Y=$ti6SUK1jTsEIIp?_8j562BEhZ*4wWX S+5haHnL~U%#939O-wAK#CeTCToWkQK-Ey$KoO!-Dm4|X(KR66 zFIX4Vm?lOgWIGvI8JL?G`5A!D;$muIWMtS_^ioRngS}K(=?sQxS5B)>vDqcxwB%3i z{?xmhgf68s9N>7R|CKSw$a%KHhjZnbN27bBjBvmC;6{0 zqb2!o$`@?tQSy3qc*Bo)y(xb-O2xG0SH*L0)HB*=!~?4O zd6PaF-DzB+k+lnFo@$PB>Hj01xbw}b8}q`S?=UOfch~T!&hle@Tl)SN%>36i+jrUP z_*ZvreC!+@k~6i8n0(jHxt-0?=u#hKxB0eW%^t0Kw(7=6CT2zk#>KV<)&`uwz?2nc zVKQJa;07`ISy-5vn16r+Syq*i@jr{WfhZe?HX9==D?2j_8)rhB2V>h0Cl*HJ00u@X zFn}2umaN}*wJGUewPyX9Jgr9+4Of#ToVKs;{t`CfNmIt|&MAJalX}DsT>dxh+}c?` zL>pO(lnUE+YHT^KbScwv`MSE>AN`hY7H?(O;jylM;<*3!pM#On3>qgtUjA(M{l*@> z37N_p%MN_9*0}VYW%?55`@8p^NV@ks^zX~|n|FAm*g4{q<5HyUOD^Bxdp%3}MK1?$ z?#wbnx2d%eoZPt)>@^Bs!{sv7r93v2$#7hsGH1n`nr|0%Rw`z6gztIFf3Pz2i|NY4 z@-?l+Chm$2tm+4x9bWHcs*7ZPTou>ArZRc&$_cVfdxfrkt*iBOT3?vSqNU9e*x8!y Sb5e6s#jevHr4es#vH<{aNh-?# diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-NS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-NS_TS.pem.certspec new file mode 100644 index 00000000000..e59e2c7d181 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-NS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_TS +subject:ee-EKU-EP_NS-int-EKU-NS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-OS.der deleted file mode 100644 index f4de6a8d31e25a7cc16972b864d46fb3d6bfc858..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 758 zcmXqLV)|sz#CU4~GZP~d6AM#R=Pm#II}e*EiFTWmu2cB35&e=nDAZX@AQ(R>cy+fCx-v={ku_U_bK5M$NXn^ z9pmYDZ%-AxC-LD2EAw5GGV`ue@_(BI*6mZ;9vGhJ+xck!!D$k%cHFx5|HC%j-sN#@ zx#heT*5rrm*GEiy7^i~W|3^$-J+}`}GI_md zmTLWi0FN(A>t6maQ#kN^eanJHt=p`AtoncA1pge#p3{%*)y_XXR(m|IZn3rP3GGGm zFNt*dzguYg>s#m@Rtvj}%4_PinUXuEukC-^)$wVX!M<1~W=00a#kL042AsfGYeI`{J$n;l`x$@&bsQ-qp!E7`FwsIe(Uy>nM$GT zOX|{}p1-6m^_g4s!~Zm2Q(eo4j_+4%bf&IR+?x0}R=#BB(wIl8H&1HKTy*d8m$cua z(>f-cggGxHZ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-OS.pem.certspec new file mode 100644 index 00000000000..5e9da855e4e --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS +subject:ee-EKU-EP_NS-int-EKU-OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-OS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-OS_SA.der deleted file mode 100644 index a69547b4eab4fe59151cf846f1fb47809810447d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AP2KS*Zap8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+kAv_+Uo^IdNV?69Z!-b0b4j6I0VDab6=3*96KnP&HIGP=x4|N=*f8bPb62 z3)V$7rioDr*-l1Q2IeM4eg>ekxR{z485th#VM)$$(J-;Oc_mm(`*=yN(M{K;IR&-P zs~V0?T;R7iTq5+hy4mLTjW&rXv+lR(T_{;p+2X4$bA8$5a*xScdg8pnEjfGA9yX_| zdgNvmZaJgvy)gW^Qo5`2w19(C*o`v1C)P;&cuigs+Tgm#sLE)PX3vDchjNOs_dYF} z>i&>XM)bf#=@#w3^{eeR=S)pe|Gb8YW6HZbALmDWPFp=wOeaD8)|6I<1B>6Vv*q0i zmo>b$GQnkYoI8_odkC}Az4C)cR`%Mwu8!O))Fgj$;=Ax4TLa}b`|g->FC!-0PwQh? ztmF2WJ%LGc@0oM93MdJr-{Cr!EF!9%em|G6IenOO zbIGTc6a6Mvq;;%$q8D};I;?$BtN8y=+no{ri3Y^XH5Tlk*o8Ol@4h zNb<$(8B$rDe6bpv6wB7vGV~tqSvrlyzj^DQL@|XL@fpcIGd3?c9sIwt;kekL+3Jdg zhvxA!x=gZ`XgQ_Askz~DK|u0VpKF;55)bJq#IFysmvRk0zPVMqt7HPlAGHG3InwO8h^DGc>|{yz7=VbHm8$UUz?;UIwU5MEQ_`CrH- zenQ{v4e75d)*N5>LFaSDs+C)An(o`txAOYKm2DM1uX981OPmqZDSyAlJnVFO=lgGV z3oqUdQa;F{;TK{bwX*c`B~Q6I(!o#9u|89JZ5WW9x%;7IC=)Xy1LI;_18W0LU|`A$ zvoIMj7;uA_{46ZYOw2#Pfh?=a$oQW{+(49#Lz|6}m6e^Dg^e?z&4aP+hZ74UasUG( z6&S$4aD6CMt`!v68oWkfLF>V*LempFy{GKT)DUqwwd~L0RU%oh_IjjbP7=>Z-zB%y zbBks4j>o%0W_Lx+J0$Y*rkTx3?X}N}TCQzql8aBZT^FPEcJIufBdp0ayUKLAIBbG4 zqW|%frykv~>tD;_eGi4!EEQXIajN{3O*j4DOm>}h!OW!U_A9NJDjCz5b;?UN&A!%n z((kIt6314f%u6rlF5ro^4|#s6A~9@UrP_;xt_NCaQrCS$a$iSQSWNZ2rq-vu?76G+ z?CF~Irc=J;U0z%2uz!X|`D+QLWp@la-4=f?zGTgAwpet5{EPqM5dmtgR%vl79n_U& SXX#4*7j)lQ@Hp}r&gOs+jm|@Ms8LH15ra^13@07kb`IwPfZ2uat(<03)V$4 zqlr-o*)~R22IeM4eg>d>xR{z485xe1ES1#RyR5q4k=fV6f>TWA-MaZV1%KKl%>J8g z<=U0|6F7IS3`tZFjqlsfDdvIlLe3YxGMdx2Al55PSJuo#e;P z3za&oDvSRG`X1ahb^q1SsVqH;y+$b)H172o2DZ3Qo|$~)sZ2)7`Q&+_UpK7H@>sd= z>z&Nn{1#nThf6Q&%K})_eLf~sECw_;YWTChQudj|T50!lll>f*se6`~C~2*bU2-})E52Rgj?U~*-aAuTe4jVOyo)O8 z^zt~WKl4H7nwHWVmv~O+R<>5{O`0zsC&?i2V3R)+Gb01zVp{`i15RK_$_leE888@d zgP8m*EX+*IKMWK>992ff|19DLqHG-6Y>cd|?941|oC$3njBP)hSQwE57#N+v0A^%} zXI4E{uvpta-!sBgo;NUQnVG*x=Ps6I^Zh>Lb?Z)=aE&cN%qKs-aH?F-bm!ly>fcsd z>Bf9$xsf*IR{kW(nT;{Owk)yvbG`A1tBzDt`JpLKH#K?Je{`|hY_{RT)>Bfk^SI9T z2JPJBWB9V(;pWFhSs_=iEmrKfc82ZFiCg#I1z7C(5mYi!U9ah;|94@L)7JK!Qq3Oa z`%~UN_woPh7j*hz(836>US%ya=9cznhd0?wY?^3WrFv|w8LNfGWyzePzqk1dYl;*1 zENx_-rF8nMXPr|6Z;XOYyxkl=wfxDn0c15uNrI2Ul?*0G06w7&4zJhBood~&<$yre4s5_RkO z>$xworY?5SRmHl;i$5AT+g!AeoxS_W zj~BluyG%XRGU2Ir^z-92m2FZJo2IlM+nAb=_-)qn{11gonV1o zzyM}s5UYQ3uE`S~}yy{0okM2&ymtcQ}kS$-l))3YUY zjBn?$=&0rMoXE^NJ$vWx&b#?HmmZxxZ_S~h-Qf#)vhbt${;4h; zf8A~W_L={Dc)&X9z{Pd};rlI)hmPj?U5)gVahtQFyUO1-vRHZgi#toMZms$8`g`3@ zr|8&Tkq!^;6DMy4ZF^_;JS2)~`+PQL*@jteOs5PN$<{aZx;yURx~^%ru`=)Ydi71a Ro|||}2xiUp<1c%$0|2EFD7*jw diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-SA_TS.pem.certspec new file mode 100644 index 00000000000..f5d1a2fc2b1 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-SA_TS +subject:ee-EKU-EP_NS-int-EKU-SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-TS.der deleted file mode 100644 index a544b2aef86810ab60edff549a6dca5037f03df3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 758 zcmXqLV)|sz#CU4~GZP~d6AP1`AGZN78>d#AN85K^Mn-N{1_Mz;VFN)n=1>-99v9c<_Y2lV zGNXx63E4JARtDxKMt%mMgSeQQ7#SJPR{!?D`b;_LRl?fB4gY+K7hO9Z`>}EFe7-;X z-fzj@I8j~YhmcP2yOdjJOQ+cC_*GLl4<9ovzn`^v)|Y$1 z;!6xSl+S7nE&8?9^16pzOTxm{(tFD$WrqF ztX>&-)byUO3wL$bt1Tf~i;XyItBaOPU5&cReDrerqF;G2&la*Z@G5pNI?46qylb)b zH~G}(@g+m*mZ(FPjb(i8F^>F%oq>xUtm^%6Mf=twQ`05P%Ac*IHcu)xJCtg%^^NG0 zDeF@Wqj_Q$I|NKFHG3~@>1uW$cV)0&+Ttfx&jffjGchwVFfO(=ur}ZXhNP@83zGqZ z0XK-r&%(mY#QeiR5yVktWc<$}ZXn9Wq0Pp~%F52n!p51<=E2zZ!-<6vIe>xD2@GIH z28Bxx7`9GmE^w=O_3QDh`;n~QkKR*x5OyN?;NuxR@B9}EEO@tNeycvG0MnX=yXjlH zUM*y)N@7+py`T|RWE7#bS>X!5E3fqPi`Ld6`w|0|#hY$u*k;8vuVMBZmx$Ya7p*2} zd(8W?v!Ijb%A@U>u0QML6`$oSh`h_VGJHz7lz)9B$EsWw@z8HF<_Zm+x5CW!U);R5 zY*qE7;I$8Y6 zoEZ^etIMf7E422ClSO(~)~73#yXs!)-T0Mum_g&r!6uE#lV5U+dMvMa{dc*S>Z=C( O9`iMqz4OI{ZDj%f6DE)V diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-TS.pem.certspec new file mode 100644 index 00000000000..014c4d6a0ce --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_NS-int-EKU-TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-TS +subject:ee-EKU-EP_NS-int-EKU-TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA.der deleted file mode 100644 index f738d77f812f57ffd7a09877d3563e07dcd8d8d1..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6APn%IEw)<8>d#AN85K^Mn-N{1_Mz;VFN)n=1>-99v9c<_Yc-Z zGNXx63E4JARtDxKMt%mMgSeQQ7#SH}?WoxCRIWa=k@xS+SYhWk`aKL%`Ti$8&j@?H z4!U*Bx9rc?W9Kye@7zlNz1noHRymzTtS~Dc6(TI&U^Px7fd$>h@QmbF+=h|EkFPZKV>DQ~!4BteDe!`KG+A z^P{t89!!6i5$Mb*aU_zBZIA`&*Zsh z4;)HlFurAO%lX=}_}F{X1^YJ}BxLLeF+U@)LN%ASmuY_Gi6_Y|e5xG&dDY*UHEtAS zujiTXes5}(&_%`WS(ge1!Sr@zIm49EMDTvx>3$o8$Co6GEZkU5XB$Z@^i z^bV`v|uhYZ)KTkTdhYJI8oikECFeoM&17%KAi^ zyoGui?-Gvba_kUEFt=m0Jv007Bn8iPKO2fZ-ajB|oV$~MipoX5YaypKPoA<0=_<9D HvRw)QbSNZ@ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA.pem.certspec new file mode 100644 index 00000000000..1de9b809bdc --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA +subject:ee-EKU-EP_OS-int-EKU-CA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_EP.der deleted file mode 100644 index 15a3bdbc031149a3f89fc2737073cca90f84e87c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AR<>_zVMHHcqWJkGAi;jEvl@3|a^k#(CI-ev=0=95#-`>`;=D#6t_hTDplYaWpa{_^m6{6H=o%33 zAFPXNOcSFLvYm{q49rc8{0u;6aWOS9GBTVG{*&#+Ttq1aTj&P%LCd_J4g1w(ev-xpYOW5Of1V`68gCcc`u zsBUXO*_`RWe>x}~n)Rj0&EZtW?nQUb@6^>QY7JB>d%5YB-%FW;29+Fpy?r&J{!i_1 zVy)71m-;C8X4`eu6&il3vm7=$98uaPT+Dp;l4QQBKKr#DX>aCc{R>exE_sw2R*pU(Fyw6c053-nTeT^fpM{oft3L#Ffe6> zS(pqM47fo|eijyHCgvXo3LuUuBjbM-P*ibfvoW%=vNN;5S)9n>3yf1>_%bp$@>E~Y zsPdR)5TB;W^KyT$`dOtT-f!2r7IlPn-RHWKd1-wvYxc4a>`uEMZw-4E9dh6Lhv~-P zPcIZT!@P7(O-TFie<1Ij;Pn|zM!`Rs7Pq_mXWl88`P~1DfQ-#to}jP`cdj?w@hE<2 zGofLPrg+bD2G2VyN*bO`wf}Y|Yqz%kG{-;AUu$;lX%E)jl4>gO!!jx1U|qcPtDgc^ zbq`#>|0?@)c;cgcwZwUKdftpKdD0GCzY^?wYvgv_&N4`S`_yCA_qN}2E=inztzqAh zUVU!=f~5hP8-sdIUQta*ca>Q={X?beI)_E6wa#-pns(GL&h&^eSCw~tdPQYYpvv(u I$y1lI0BR5`ssI20 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_EP.pem.certspec new file mode 100644 index 00000000000..92670826f0b --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP +subject:ee-EKU-EP_OS-int-EKU-CA_EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.der deleted file mode 100644 index dac77c151d73774e8b9a98b90dc584859b43b498..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 787 zcmXqLV&*q!V*I{XJfw_s1p8@DxE~X|%Muua#-zNQxpMUn6+Qjob ztNwVK{Lzu^mk19{w5a%YHrdJJ&pk&!t^d&>^_(SJOzPMtSM=`6DQtSbS?KOs(F-i1 zSIX-Y*Ii&Wp0B`RTah_+zSaKOQ@8U~-RO)m;P`mAU`_a&Ov{b@!JX%J`@j3(yVRTa z58v&J6$QOdr}tK|ycSNfd$nBdo9X#^R?WLR?g{t&{r}d)ZrY zcHS>yQ_LIc_v~KZ{7^O^sOa$5#{5aWb3Q)m^Eeh)xp8ycYgxXS-!ke`t&MNCGBGnU zFfO(+urlBT2CS?w3zGqZ0XK-r&%(mY#QXysZL+G2jQ?503`E#CwAmP0S=pIc;4Dt$ z@CC*-Fnk#qHs@XIzmi^ASuOJ~xBIPd_-^(Wr9TfH;)ppJ`s;X5ux7@(1WTT8m!$Q- zYD8R+ziYBepx~*jh{U!@`#ho_`j|{zA@H5;(_6b4Dn)jw_jCHKI~TQpPu|@{n}}Z zr2dxd(DxVpqcL;G(hr7ZR~NHfROOqIqTO^^dClqdO*U2+y|RF4<2n4D!6%=aLTqx%E4l diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec new file mode 100644 index 00000000000..0f0365ed1fa --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP_NS_OS_SA_TS +subject:ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_NS.der deleted file mode 100644 index 20cf9305f4d6f02c02d90fa8af462be4771dd1fe..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AR~U%#939fpnBOuMvoA0_7U08Y&woLUc-{rh+xP2E_XZ z>!KRd#HfU9CnGBZa}y&!1JGGqOihf83~M!~&Nm7=9QXYC-6`E)CRx93H*H&1Ywh>u zf8CU8xgTwMGp)39Z{D_6?spa1W)b*2izn~E54l6?y;Fmi`teu1J*mEP>;3lpfR&GK zGn8g*jI!`p|G$yJY5k%OgC_GTw)Pv=0W)@Y9-Uw7`!fF*pX3q6Lq!4gZf;Dyr}vq@ zF0;SrG4o;Jhf7(j)|ot6xV?Dm&G*-`b57(08nUt*?9SV_{g#B*OF0%*tF||C@vM25 z43wD@tHPJu`#(v?{>Ze8DZ8^GB3~a7JksQ__9koTy`$Zk@+-Wno}{upoW{6jVN$z=s|{zL^Suv`L)Pb?zrk~p z{obL5N&TDD-$@BaT=jL+KU`Ljk+CmdLnVA&_O2}ps}|XwZQgNVv-ytIDwf6?oaN=S z3tc}Y894nX3~_WTq}P;tPAe(A(SjS8^S5yPaoADjce?ECnuX3^fA$^9zEbf#TcKFYZR=O1uH;o-(mdv2%MPVw I3M{_}0ANonf&c&j diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_NS.pem.certspec new file mode 100644 index 00000000000..2d1400c7491 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_NS +subject:ee-EKU-EP_OS-int-EKU-CA_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_OS.der deleted file mode 100644 index 332cfcf7dda5a3990e37e2fec43c769f2d466ec7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AP2}a}5JtHcqWJkGAi;jEvl@3YKhf?vz_q`DpeX$3G>9I3K6At(0^re0-?#WX5i*b^i+| zm+bwM&bOTD#1fa9uWM_khbQyu2=2iE@SP;$6s&8mNtCO zT{FS%D*v-7l|TJ?8|D=ym+rf3V|>}jXSZz$PwU^5{8h(=mONH?74$;v^uik|WmZ-e zM~qLHJFMYRQJEzyVlATeF#5>BH~-)NJkTc1>#4T?+>0=8CT2zk#>F-URtB8Fz?2nc zVKQJa;07`ISy-5vn12{3fHmRb&ddU5aUzE=FiwHt%gA86_wb#Y z@26$jC7FDyW0XnewSIh}=0$nbDl;Rs^#z*KRC)B4T^46wVy9kOYH8xe&6VPnyjJG! z4)dp0$+C0ZKN_|svu{4z?fCbPy6nmzlke|}_kM|3-2PvQD|+|R$!;$e9ApogSigGC zmJ7FKJR_CQcV5A>MQ{bt6eUAE5G(GFQ0$T{zu`l_`4aOuL~ZJ zTA07Yre}`f{WZK|re#g%Tl?FWC?06+S)^{e&cHq4$U61o@(cayU0CzTtn2ed9ap7js?jacP;e zF1x^^6(q*fbWzaeLc2_L-95IIvqdty7F~7s^jhBVV&biH1}At~V;UHKJeZLFZ|_4n z*|3BI*H*W!az1da^r8Ed5~clypEQ4#_4{sn!s1zTMrTLKRjc2dd-FwSJiGg4%hEYa zdP`60KVe=NX|dywY;=^};_XhG7Re+>U(VsznemwM*5=O>&eSbeU;XFW(swPU`|sNJ zeD<6Cm8W>dN!Mz|`Src+}L0Lzdl983^o`dIREi&vA|0sTc`*$e=UHP*%)6!?Y77O1u<;c+& z&;MIU9Xsn{Xu9Ua_t|YBi){CXZG5f4Hs@W&Y^R%x_WZsr|9-0F;UE<`-?V*m&Yz2S zdN8|CD6qxa?GMw5Gh%P*5?Y)pJ+57v{4;1bn_OpSbmkI{H%>-pUoZIj{`Z_MeH}dk LivJ5fWlRGA6m>2b diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_SA.pem.certspec new file mode 100644 index 00000000000..12b21d2fa27 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_SA +subject:ee-EKU-EP_OS-int-EKU-CA_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-CA_TS.der deleted file mode 100644 index 9d847c30f6f7819fd28afffa54cdf4e05be0b6d0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6APna*Ixr(HcqWJkGAi;jEvl@3a4UMZfLtWk#ivaQPV<+vI%$2WzW&{5`yP>rr2r5Y+>UQe2Zee0cXM4ZVt=wmsDh<<^7Y^SzjWLT^S##u ze%N|#2@FhG zVHPF>1_N#olb?l!nTh#_fdYu5%E zDuoX_Ww(Ymx?j*c$)UNGtyY8O=y~TgXYYIuRaz*$&Ck{L&qO&XLA}r7-j6?8)a=+% zz-?i;VR`n##Pr1vjb}~jB z-^x{!d)@4O#=o^2g3dKFsF}QC)LFa9!(3;kMCVN2lIk16tZo}0s2S$Wl9hgmd~o-e&U~VOhWm; zFH7t7XE$Fz?XEl7pgQ4`ok5$zjKAFH#re&nBPTySdq8xa)eaefLZdTjzjLo9N0~jy z`q7^*e&}(w@t(AemP_ujw<<5Nxnz+0=wa!W?>iJLKb+H)Yx}wPTfxi!Ym(+fev(TP zQ2pxOd+o)fqD|kAop3WaHl_AzwBM$mJ4*jN(zniKVrFDuTx?@tWxxpxNm*eQCIbco zZV;27g@u`k`Gu33q$@RvP;{AdR~U%#939O$;rg#CeTCToWkQK-Ey$KoO!-Dm4|R(LY!h z)tDwmC1g7pSs9p{82K51&f;QfVq|2vQF^B6z^RquCqhrU?h)MHVB5x(R3LiYCV?^&&8n!iSMQF3gW-t@DFuJBFIlQs69y5Q5BI_XUgX}7&XUEZ$WbFOsx z$I02n+q3pAXS;Zcl~w=7pN$*l_}`aV7{7Ffio;}${8PO49%{$(Rt1RPYB$r^Vj?c4 z^g3s;{cN8#j$b}}zxAjs5||H?9w{;rcM{!)A6!K3K=!gm+eo%X3v)Jf8@S!2CF zZOQBTN@lIkFaOC@)R`K}^X=5us&jeD3+`wz89!+X<~_J`&z{S9*#Yc}3XZ7z{Vkm9 zw)M49bK2*|(`BDUn`^D2{#8EJaTA^R!YjNf+e7!lqjn}{Mh3>kHU?G(oWQ`86=q>F zU@+hYG5J|on3-@GN%@IyZ;NgHW4x{`aj~VZf#sLC`@MN4w^&|GE80+; ze)_MH)udx<7R)YrEp;t8BV&cJ-p4yS+LT@yM58vrXkv+Hmn}zRJST? zl(#S29+9YSuKjY_o4wwj0_oWMeuN1U>e)bvf30BR8dF}T?eoEEM>-GuylY75q z)qO3mdfx}WYo3UFXXO#M=IH;h)OS^iZ8n>6qTxFcUVEvmejE3VZr3gf&8gnT$h58D G%@zPun=lRl diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_NS.pem.certspec new file mode 100644 index 00000000000..32921ee6c7f --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_NS +subject:ee-EKU-EP_OS-int-EKU-EP_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_OS.der deleted file mode 100644 index 27952c7ac49929ec68b9b5d2cd23123e17529e73..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AQzHfLR8-Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;{AgS~U%#939O^l4A#CeTCToWkQK-Ey$KoO!-Dm4|MQ5V&i zCPpP>I~iFSn41{+8Gz2>VrpV!WSG|$DdhF;JG<^S6IS`4U(@#SG-xk%Y~&Q0TXJ(# z@ZI1Csy>^3{XA+G*a!EB9CZ3R$ve=ezw< z`?9L%Z2wko>yf~ubZ_bTz;DyHsfh)f9{IT@_{<-kOOi?aO>IHDnd8lRYCdMpKBRc7 z{fKG3!0V6aC!9KJ>b&uKPtnE3d!<*?ejk|fecJn^JHE;j(rzxk9rr!3^eVE@ez4Z%zaX4}mUsS(pqM z47fo|eijyHCgvXo3LuUuBjbM-P*ibfvoW%=vNN;5S)9n>3yf1>_%bp~-0rMonR;pJ z;uZHgv;J)q|7GVXx8}zrnbl4_{;c^;a@p2mQv2J=84tGJ^e;JjTd~g6Z|9z$ir$W1 ztADS5x+OkBs^@xAYQp@jKRO0-BTrRZ6&GfTZpN|S>qg4v)F{ujzC%!*DsFV^i z*T*30eZnWVKVEYR*Qyw3UFvhZvhmf9H4B!-IXKI0Z+tREbLy@acZ9_Px5VcNK3wh4 z_EEg+)82RXW(pRMm)A*NUZhwWYNzS%B~f=b=GxZh2PahR-jTZgec6V8F<)H diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_OS.pem.certspec new file mode 100644 index 00000000000..7b7fc2267e8 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_OS +subject:ee-EKU-EP_OS-int-EKU-EP_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_SA.der deleted file mode 100644 index 2760c59724b37bc8e7af6a07ddb3fc4bb8f8c373..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AR<%NBa$U**LY@JlekVGBR?rG8jl0iW!KoF^94+^YCWo zmFT*9hw8cp#0NVX$cghBniv=xnHw3Jni!cyiSrtPxF%4pfvTahfg(hwRB9?rqkph2 zsxeKBO2~FHvNA9?G4eA2oyEn}#K_2SYifzcrI-=}xuz{U4QH>Bx&Bdb!=d;<9YwYKRX1=R1ZEWGmEHwYAwzMm&H(HoyiGJGK3X`c_##8A_pX-StNv2MCG;dg@D&yMa%C^UDbUzdD_zEzw-;t?pJCZdY^wwDb+mj-Zoaj z)7!1)3)ENdf8x61`P?lZMW^_sSv*xZzqvvx(01FExuK3TCYbFJe8l6!JZ)y?6RoAb H546nzGNCf- diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_SA.pem.certspec new file mode 100644 index 00000000000..918f26c84d0 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_SA +subject:ee-EKU-EP_OS-int-EKU-EP_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-EP_TS.der deleted file mode 100644 index cfd1dadcd9c4c232fa56f6fedb5d8e19400f01c3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AP1{&Q}9oHcqWJkGAi;jEvl@3pR&Jn9(X1#Wj z2Io=U^XYT@=Tx5+l__{$)A;RdEX#g{55Y>0vU;zs3T9n+Fu-&9pR#GvRi8dAQxN{2 z{&?&C^AT)G>Bgp$SGxZ7KKO3o>Kl)D9<2_MU%dKo#MASK+}BT#Ubg>naIXDq{ZFs& zURh+-5`2Hd8MZe^tM*rj>t${H=b2Ej^T6!=8`s{uv0g8Ng(>0Fv2~xB6nR`l^WIjv zXwUfhd!5_Eg%5wp=vX~H|8`o{cd@tne8+ST>P3q_*~-|nB=T#z@QQg;m5%&NQmmM_ zQ&0N)iNr{sis~k}-x+fkO!AR`x~+51GkNoGN)frMzfWAw#LURRxY)+P%77CXn6knw zOa=@F+#n`D3kx$7^A7_B5J#1f@jnYFsyMXS7+G1_nOWd0PUP?f#wjp-85x$nz4z`{ zLaM~ig7kdP=xfnC9{;Sj2sRgw3HiNv+tS`+@}E?nt_-_*V4F$Z>Gz30m!DYm?ZSfN z4&3(|qV7G6ujIQq)2y1eCUE)2TP7bTeT)&E@^atYmzw{V?Khg3GWFbza7n)^mY_`{ zOLiWu&q!aCaMn@b`FWdjM+{0UJ z+Wje0YOA-zCI0@gX!7eR?-CU>kJ&JuSTw;gW%|9g1%lITo^F-*VwxJb^40Q(?eX{2 zSJ}m+bI(fED(GxoYQ*Axe1G!mTNkVfY_2$L5_5F3eA1Km+je@!`;=G0?2F6C_Muw&)#wJnXyhb3d36yJ~VyI-G0MRI!nhMtE8W8Uv ztczkw6QdHcjf|`e%uS5^3_wS5F*PwVGOYO1v>F<~OM_e;0M2MD^YQPbOwY2FArU237`~z_64R zW??d5FyIC;`B_+)nV5fo!&p|8k?}u^n1Kizhc+7{D=RxQ3!KG?9KOI91%@vpL)??Q z_w>!q=+4VoEc5u7@CSiRj%A;3C*Cx$F8drGd}W`=Vv(3DTcp2AoM}HG_2wYobDn*b z{|mlP%k5+TDZFs{-oKI(COP}GxW1iVp|9Y@K6l+_<^sJ%8#LBxtiQ>=&qw2yl4o1n zBG0-D-hm%Znk{r++88%U-r>CbLEhb&ou$G5j&rtK3I{!B5_{+*(dDo&uFGfQmv_!{ zx_rHY0)^LhKby?`PiWoj`O9u^JNuZYrC7`R`+kY}fy+7*e_x&Hqr6o5k50Jb%QKCV zOeL$2+fEZG_`D|V`N;#n+Vq+fxx=DX-_cw#JIpU#p6XORYg)CjySkk7PJy$T zwk#TpEuB6!96Yx8ZeGsChw;L?KW685Dz53X+a0+ivgK_2f`Zz~QRf{ed1{L5-;@6H zq2`S01U1{8(LoIRXPv#!=gHBWBD7y-@%c&hY*AcJdo(nbxR`5+PULq9zVyqh?6k6c zj6I9Xh3q{c651+uuz^OL^ISEim8zIu04WJgB!x%~TGbDk+p z`zXGB0!QtP_5JdZW^qp=FL(aD@AIsd>&0G`hV)A*bf4!;8qD zZ|n;fxZYSBSd@91tz^N5{P5q={YjVR#@slcwYp^T!&zTCB3aHXa=E!`@v<8m-c^77 zxP)!*oya|NBPYAQU)=R!Z>8P4>=~C1R!F=x56cQlGYKu~wdy=OE3z%?UXS_w3Nv9f zP92svmu|{Li`N{u#qmm@KtWaSbb{Y(m-$S}u5ae{2?+_YEQ_tnHlDe_JATnCX+1V^A?rX|1%zZRb2f;<1pio_*0ks#8pnYI@&GC);aS1gyrdj zE&Mw!*7AJ(*Sh2L^cANIRd+KgYTVw?b$!-vuEU}^dnzKIikzI#&cVlhm+3)ir^glB HJIXNtR-+~Q diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-NS.pem.certspec new file mode 100644 index 00000000000..6cdc0d76f02 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS +subject:ee-EKU-EP_OS-int-EKU-NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-NS_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-NS_OS.der deleted file mode 100644 index 378d3ef0c939685c777263f19eeb77b71dfb5ff0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AQ!9erp3>HcqWJkGAi;jEvl@3xo-IkUa`&fsmB9$tvJKq;~vFo zS1NPyWY42M(T8E;5xM>?(iN7r>)x-c<2UTNC49bYt>|3&N$Xo?p6yiLwC2LhJF_h& z#I_~Z1uPY|_Wdl^(Xdj)b=s7k>}mRo-@BgU)c6soNypY-@mat5?_|m6ttG6sHA`C0{9hV)!C?Dw)ohiG zZ416KhF_cX{h6vvpkT_P)7o3#o=^GFF?aqc&q$VlOP-Z%wV&^p|Ct>A=VhNj;McdFM5LwT;(#_V@Zs3yZr?AF{Yad}-Sno^57XHi4!5{-Ub0B`eN%TIX-S zww?X{kbav+H<@d%e)z{~jb(|uz~ziX?)N_1yzFBtQu%4L I^Q7it0E?0>L;wH) diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-NS_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-NS_OS.pem.certspec new file mode 100644 index 00000000000..7e9ba787090 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-NS_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_OS +subject:ee-EKU-EP_OS-int-EKU-NS_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-NS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-NS_SA.der deleted file mode 100644 index cd9d8f2ac339ace9fe6eb9f0ef21ec6f88a8a81c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6APpM|5O8BHcqWJkGAi;jEvl@3B}=0uXz58q2+(GsPUoP^!!CrTRF6vqe^Oyf8K5QE9nx`^rI7Vr%e?( z)cZYlb6r)`e9f!ETvu;#vn$Cj(mvU}ASFmDed^pDb+hfnkLtwN?sseMy?ujw$^9jk zAG%X#CG`5~B-Ji1F_@mhe(Ts`qog#(;N2>vyY1V(c|6W+J?_*ri<8+U=iu21A5GH( zJ11-knA#F@B!9hcRa8D*1n0+?&lsLTLh*zvHa$!-QvxWcJHYqLh`{&bn zXBe(qDG1_~gKDkI~67En}iXtOc0va&O?z*(Hg;R}pYVE8gJ#6Ldzpxrch zlJ?I7XVpbCQ-URah^;m|Jl|%s#`lnOF|N}mHs1C>puG5XT5PA-#y<8N(aTg1SnG(M zlkWZ?krkl5QfbnOSO34o&${yROkUxiwDs>lF5DBMcc^A}F3Wdr`4TCgO}p26Z`~dE z&1La{Nu29WhjYx{5P#fZ`ZBh|=Zbb1UHsS>_2=}?v^6^p&$zJR@5B?S$E#M|S6;Ak zg~L`QKU>oeX%iJ^$J<&aZhkHs!s0&Fs4|XQUB>xZ%4)k`rTbMECWL#k)$F+Oy8S?w z4{O1z6S8THSH0edzG#l)d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+h;^_>f=&IdNV?69Z!-b0b4j6BElQab6=3*96KnP&HIGP=x4|N=*f8bPb62 z57tFBrioDr*-l1Q2IeM4eg>ekxR{z485!0%$~xsY3Nxme^T z-P(CTaf+X>;qezbjmw(;s+x0GDIYv}o^kE(Uw76Wnh<<`?xSbfk&9l2YGf5S&(f1W zY4J&9?e5|O)m%kO%2#|X@J~O=qJBYt$;Nhg;8P+QFt8RR)=RTujg3TxHeuFnDcU8W7<>u-4lB;)jo#0#lGh>IUM&$3H2F1Ng|LjPNua^uswnoXi zgiX-ll;BR^565jIbj%)i<@Xg%(Hu2~2c9Aa4R?(}`T_xzp@hdgihRjgYR)!OSEH(7JnW6vcAF0x+w^Ed2c zo|wb-J+B;lOINMi;XLX6&cLoTiykifUp?3Rl-Dp#%UZdaIfcD_YCs|1b;~sV#|I~` J(NX(y902KMEad07kb`IwPfZ2uat(<057tF8 zqlr-o*)~R22IeM4eg>d>xR{z485wpwJ+sKKY%yDJ?z{p^$63Z+G7qA*PQCiyPS+vz zRhH1#pw0i!+h2CdDBAJ;%k>}YWGmyNc0Jxb{qogSeOB`_6F=IDtSncWa!)Mt)|;2x zG!L1EL`~FO%*bB-|I^#uzm_^LHvh0Ms&<{_${N4sr=KL6z7+0yYbPcm!n@|Z*X)}c zl6~xs&h*Z0^boUHkrVRD^Rig^T$|~R(I=gLtxeSD?9!MwCztE+O{pt8fAknXS-vb( z_{>c;2CqYrxnH)pb^q*inOz!H>Q>v+^0+*AZP7Q~2raLwKDTBLT_r81zqz|QS+}jL zoANc$y8R}%m``|xOVRA|jz#Cal6^nd{(7$P@ofty6EhM&` z2QJREeQRnwcdhZ;^q;XaVviU-;e7DA^?6c-sm+0$H3uSCO8NIay4P$YynE?ce?jTQ zz1x*FO;4^?RCrgIDR+>2oi5+0878qS4XWVsL=Pa7MM`^L0WJKERO+3%uZ7j=gl3Vnv GW;Osa@F%MP diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-OS.pem.certspec new file mode 100644 index 00000000000..b12f51bbc7e --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS +subject:ee-EKU-EP_OS-int-EKU-OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-OS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-OS_SA.der deleted file mode 100644 index b9bf3e9a4081ed09568f94ed68ad0d46f24e30d5..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AQyapM?gzY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv{Uw~U%#939O-xOr#CeTCToWkQK-Ey$KoO!-Dm4|X(KR66 zKUf#lm?lOgWIGvI8JL?G`5A!D;$muIWMsJUn5&${|H56VtFJe>biDexmMz zX%l!ONmWbIX}R*`N7Ho<2`v`SIT`vf?vUc;2hYCvG7L&qE;@`<(1xXAIs^TXkp=fSvl)`?mdAZe{bW|++Lr=^t6dVlWzW+ymE3;s?)W- z98Z+?T(IMw+8J@HZGWVZ-lLmLmv5eD%@9u(T_5&oU;eLlCT2zk#>F-URtB8Fz?2nc zVKQJa;07`ISy-5vn12{3fHmRb&ddU5aUzE=FiwHt%g9js&EuE& z&IexM%AeZG^2~0l6xr-P!X+$!mn|Z_`=Ywl&aWY&vqAo zoETa9*f~eg>J@fSLDVD1q>(b^|FXVh*QL)wea{le|3g_jOGImU& zHi?Iqeb8RBZQWk&fS(`l?p5(^GYDX0xEdz%xAj9vdR^7ymG-;DxTgKq{;A!o!SD9d I`R?400M{`p%m4rY diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-OS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-OS_SA.pem.certspec new file mode 100644 index 00000000000..d103a253699 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-OS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_SA +subject:ee-EKU-EP_OS-int-EKU-OS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-OS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-OS_TS.der deleted file mode 100644 index 1fc92e516691dc1e51c52868151307177e4ba51a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AP2Yv2p`mHcqWJkGAi;jEvl@3kuV^c8nv!z#$%m$0kJickvHCD?#gl-8R{!%%Dl787V*IQ3a`HUx zDLV@7ez`oHv$$)uz2w=Khk|eKS|ayP@U_kMt!5=firxp0CNeQIGB7T-F|ab=1O}$8 zFbk6bg8?^)$x#w#0o<=`wu?bE3JWJF&zqD)LlbsHYU0dy{ z4{T;$t1##0{b|RaShx$8JY|{2P`kME_Kb+4#_7i#7V$^82pi2PKC%15w?m9OT)d+M za&Jng9y{NkCv10QO@>C{m%xd-cdU47YxnJZsMFnab&J%>jDzX6zxtnU{4-mT!dB+}fNvOR0rJ|IvdD z>MR=`Jxji{N<#bk$qkmQTxshzzn*RL`^nFnQ*J(={43;HCErProaru#r&V8xl&y=H KbFk5Bsuuv#CowSq diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-OS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-OS_TS.pem.certspec new file mode 100644 index 00000000000..eb37a421672 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-OS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_TS +subject:ee-EKU-EP_OS-int-EKU-OS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-SA.der deleted file mode 100644 index 72f910ef8dff587f7e15c4a801ead69c8b1d8951..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6APoI+&lwbHcqWJkGAi;jEvl@3@W4OAyZ=tz z;M==p-h4iGnV2H)rb!ED2Sy9dN=v)C)aOIhUx!KOrZXn$&SdiWd**yqLmk8MoQItr zznluc{u1B)I_r$3`uzpz?-e7MESU4Tjz8TmU+8*#8LNnqwA=R2OD6Mk@V52t$bL3S zTSD66PAg6E||+mUYSbSzkFx;g%2g#E&gYfArZ~O?}i|vN^#};4~Mr z>-Woj`z}}gHJWqd-FfD1jLeI7R5(g=l*aDTY`^lzkcpX*fpM{oft3L#FeGJ#S(pqM z47fo|eijyHCgvXo3LuUuBjbM-F#{1c4sA9@R#tXq7C4I&IedY!2@GFG1_vE)rRH@) zPxF2($n^QmH^oR|^P8Q4J(~^g-!_X{@kd^1-kv27547FkuT@`@eIRkVx01l_GoH&= z#B9B=soUDV$ozR}*PSmfzLh!8U%>ZO`DUPRKYyMm@|4p-? Hd)RjX&b21Z diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-SA.pem.certspec new file mode 100644 index 00000000000..b43ab0fc6f3 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-SA +subject:ee-EKU-EP_OS-int-EKU-SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-SA_TS.der deleted file mode 100644 index 3c5da712da6bde21ab0bcb7afccbe624d23cd351..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AR-Wg?9$LY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@24<3oZC~U%#939O%2SV#CeTCToWkQK-Ey$KoO!-Dm4|X(KR66 zKUf#lm?lOgWIGvI8JL?G`5A!D;$muIWMtS7yu$U{o{TqLtPyjgr)es-S6b`Ez7_Z- zle78N52s_h`QJ=tybzjD%KoBz+k5{NcWpx&R&QiE{BgqcrAx}=zIHEDxW1}uv$baM zrMkC|_wLd>_qFCyVYj*Q$%*lC3z7`Po~^w1e5KmDo@+@&{uXo^)Jh9{ZjebpC4y;ZGCWz_hkArk7@qN>plL++pmw&pX&a;WpDcN z+tI9*B`Wu(>Srb!hd4~WDqMNP;oiq9>o)(ZF?=Y`^37+mg@wVh53cSd$L>g6PMLrE zg82Piw|H~wtkpQ@O0iM(*ZFZt#LH{rYcW1CLrg=i;U43bE5zOm11J{#XTU7M7s-{LLdF`v^{ KY4r4)@c;l`elKSL diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-SA_TS.pem.certspec new file mode 100644 index 00000000000..9a45dd9ae2f --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-SA_TS +subject:ee-EKU-EP_OS-int-EKU-SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-TS.der deleted file mode 100644 index 25ff8866d7fdd86f2b28907a8774801b3e2c1768..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6AQz~WxNKwY@Awc9&O)w85y}*84N@Xg$)GRm_u2ZdAKt3 zN_1VlLv=%f4dldm4NVM;jm(VrSv`pmqlMRry)yx*xdg@y52fsEIs^pEab zC1+C_K2@8k_RTh1>GP>z&#M`g36-JwdA{##pMT`MXizG4K(S?|qMfYauU(##|F*wj zEa`DewA+y;Fd^n(+RS;C938#RcOsp49DhD{Pi#ZTet&`W??d5 zFyIC;`B_+)nV5eVD1bPsjEw(T#0*5(IJDUqSy|bcS>P;A;x~EG1+&@x!V6NlGb-ai8zAGo(&3(h{xjVnW#{SM) z)mvNN><=(35!$KoMs}IE{3id7M|Iy8ZdYBF_TX?4_ql>y_gE_Wr24C7{=9Z}-RJKM z?4IpA8O-|bhRgApuN`z|`k(mZ7QffQ;_M1huDu^xM4xB61=wFrwb51(c@uSQO@j0( zhbNLUk(>RG9i6v2?zO0W_cv}1VL|SBwu$qEjf-X~tK6K>B)#8vqx|BH!ask@urFAe IwJ*R40LkkomjD0& diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-TS.pem.certspec new file mode 100644 index 00000000000..f21c9a38c12 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_OS-int-EKU-TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-TS +subject:ee-EKU-EP_OS-int-EKU-TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA.der deleted file mode 100644 index 293a450a9c37891c144efd2cded7644fb94440f2..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6AL33_ge#AHcqWJkGAi;jEvl@3*G<17r`pVMhX3?rb_u6LKfg;{uWgB#=gYmg^@*E%2Zz>@yI;5JsJI74cWc9M$Ob^j6}JN+olN^KGd!47rlH&Mf=&P5k<@>fEVH zw`~?2IAu03{(D{X@lPSocb+U{ah$ODT+B^}E2gbotr_ucvwKYig75f0!W-SbBCy2J5n>nlDetN16126G%uW;yol`?g<&FBVEi-+It#v*B&(k-3ud zqNY9IYp6cE!iuHPw&+j(rqd6zh24TaU%Mps&4Vkut=6?Guc%L+{k0l@{Q7TgDyyr` zi2B$aUwdAzHRwXo(sPasnGPxv=O?_0c@^cq_~H-YlBa1!;`}-@@BB1;&QT-BdB4hB z_W8?OC!NFozMXxBrATX^8PA3#4sANeexHfj{<(;ULG!oPmD!08g=W?5x7TU#?-x3{ zcze@+=63(%R?pKmS8sX1xwv11|n?Cp)AZiyqS3= zx~|@#y3UUAt^o#e;=G0?2F6C_Muw)wrsh%Nyhb3d36yJ~YN%|W2+=8(nhMtF8W11s zsEcY$6QdHcos6su%uS5^3_w?LF*PwVGVIvCQ{=b!+~b9Ra&&iW%-!nKo*3((-@iM% z{M7ra3{O5f-BKy_Xwem)T%~<@R*Nya+QF~a0vzLbie1H=3Kx6qw7V^_-QdvsfGaA? z&)-|2@Snr>)5|xf(s_4G+v$E*Yf3fSPldTBFKspaE$#l{M_GmSZ`b8KrWViG)Uq7T zM_3pLc3jl=+0uTfT;G0{VkcS0uLK6t+E-{IFe7i(4;{C*-?tvS1&iJ6gsaj}hol>sL(FlB{V zm<$*UxIs*Q78YhE<{t(MAdV^{<9`-VRB>ptF|x91jL6{&j8kCvGBT+9-uPpn zxAX*8cSz>RLUu3C#gBJ?{`B{ntKxyz-APo1t>?*Tq+nPV>o86dE zt;>3SGsn#ZVdvKM$3|S%t(+4o`{U~2c+u3Jf-K?1n-(QrlkiSd5NcUUr^oNP8j{R{D{X@0q zwXaR;-%_zvq?_IAGpF=ccJ9-O$5)>*S)Km4Aokq)M-LV3=bk)}+xoRifoGeu$Eg-e Iv0quz0RCz#L;wH) diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_EP.pem.certspec new file mode 100644 index 00000000000..2730d56c9f7 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP +subject:ee-EKU-EP_SA-int-EKU-CA_EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS.der deleted file mode 100644 index b5bd09708f50144b3c1fdd1bf626358638ff284a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 786 zcmXqLV&*ewV*Iv%nTe5!iP)FR?K>|cBR4C9fr_D$fdU(IC<`->WM*E8 zuB&&buCrsjYe2kTaJ+wTe6VADNU(vNIIp3Jfw7Ufk)f%HfkBiwuMvoA0_7SQ8tNP9 zLQGLhO$8eQG$Ghg7q^j3j7rFEVPs`sZerwT0J@fosfm%1;rIdPdnSGM`%l`p$+lh4 zQ<8ml+u~rO@~VT2PXBmy$0O$On{5)ix@;$MdHih6WceRC#mLQR`SqMLMt>JB)$w~X z@t>FawimB7qqbj{{m1(LS)qmF#Z3?1{?eYGvPk0XRuMVVMk_kPi#pK|_)Tgu0qKV}~lD_vT6^NrEY`(L(nWil}{ zGB7T-F|ab=1O}|EFbk6bg8?^)$P;2 zuSY9Syf7CJy7TXpLC0*HCB2t-<%e`f z=b3#FxP5@hhml=6KXkr|jO8^qI9h4;C!tU$Cb# X&HGf1{NWpIb+fGgy@t?O$BRo4TukR z)I~L>iBSpJPDWM+<|amd2B5RJn3@pP|Y?6oixC#4-V>;4*_ zIduHsg=xnw1(z2%J^c8|Z;D=$nCG)~H@6Ge{O$5MlExbxoNbzQd;c}L-RoViO}@2H z`Pip3TIZjpltgPi^p^Yjaf`*Iz14Znf)l=M+IcKtbgjL_dnIL@z2LQGdAvsE3P~#ut#>^ zl#fT3%=2o$7nZ%V>B@TNfIEl64#zk2#yr&$i+{dH<ukYfAHj~ z_9Si=W|jprH9oCOJuFlEXw}Lo$5zg&ce@xEeH} z<7>6@)`q#4`==N&A6Ot6lO(UVHN0NwMvjSiUc}xLI^~n2wb!w2db-d<*C#uypnA`v z$W0G7sVMJBcgov!HZ5lE23yZI<;@NLeEZ+6dArMO&&`Y6wsqyT^Kv;{T$sM82*3M% zbkRQhgO;WqF5-u#&pkPDF8{UL*-s7hZY)TzIIDHHuzJUz#0~0sZ%(Uc-C242+O4y@ zm{UtU|Lr?}LWptsnJs*d>o!z>u)W)Pa=DX~;ntZdr5vA*WaU3nUj3Y3f&15Er=O*Z zK38RMHB9@Xb6{1J2jBcljJwPyZf5nm@#q25BnF19!k0YUiqlG8PO$t|)c@=T>vp{# Kb`k1rikbk_Nid)Q diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_NS.pem.certspec new file mode 100644 index 00000000000..907676f8d4f --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_NS +subject:ee-EKU-EP_SA-int-EKU-CA_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-CA_OS.der deleted file mode 100644 index 64df6db52116b6bbcc3df51d0aed03f02fac4a79..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6SHB)Ap>4EPOUbNw(q=*jNGgY1`>v11|n?Cp)AZiyqS3= zx~|@#y3UUA{=o)v;=G0?2F6C_Muw&)2If)Xyhb3d36yJ~YN%|W2+=8(nhMtF8W11s zsEcY$6QdHcos6su%uS5^3_w?LF*PwVG8})RJjZ_X!rf)FD&M_IxuSRF7V}Iiwq@(h z<{rK~<-H}#?03I&^>%g@PQ6g@ySe}P)n$`61w<*x&32QMTXR$+=FGpKM2nUq6@TY5 zx>+CjXR_@t--ldC zjdRhhzt$Y$QLN1Cv!D0cEiRK)<>^WF)vM$BPQ-KBC`$6~`Ri)BOl#l8OB}gNpUp7d z!6hMT{bA1bGaG-r*W{^wZrrnf))QgY4xw`#J!&^as3<&uNMR@ z>~q#%5-!iXxFXo-=A@pTvR&b;{w?>^`PclfbMYxXsZ)*@m6@0s85kGa7+4u_0s~W4 zn1#uJ!GIgYwP+D%Xg0b?RGmDe4nwdEOEN}yWOKi>0PGe-SWkD z)}iku;;xHMHjMkaF+(%;&)X8S%+#5!7kzzpg?+GiDKvLl)ar&rF6*7&-b*=6T6;d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+e!o_+Uo^IdNV?69Z!-b0b4j69daAab6=3*96KnP&HIGP=x4|N=*f8bPWJ% z)I~L>iBSpJPDWM+<|amd2B5RJn3@8_!D4r^Azzdh9tuT>k&(msAg#^jpT8Se?--~8C#6!dlXl-<)*7|+gYmq^U>PM3{6 z{Mn2zF6!5jRhe5(sn2`g!z}kyWZ!a!UL}cq1C`B2f$nF-OfPz_Vtp30;amFy**1;k zSLIh8T=sTF;p2Da+ot?=>Fd}+T;Ra9;rspl-*yoBl1MzhElbw1tw z#ebHatbH{x=jLC%u7uy(E8E^svQ&yOT z$$-It8^q*iVPR%s{$Zd1;;1q*{$~M26^Aw(BP%OAGYg!>h#bDaI0c3;BZIVu*F9W} z-FVC5%DdNP*_+-wv;TP-86P}7S9i_Am`h(}TlwC|K990xsDFL;IhT{rl^qpb>otxm zxvx7Euue6L@6a-{Am%p_Q<7&+U*q8@6JzuF<^L|_4|DHn{eRWFfb9yK;6&{;*{1n7 z9`O`Lyy)4fyYXpb{LfjRLz6##+}Yj5a{Q)?e9o`=_sy#A8Vk;uI`_*~*%?a?&n}C7 z=l^g1UX=^w4FSGdIbq+NN}Y-V7E7{RGm5;tVEbxS_jLJJSBqNRKK#{PC3ySh?tQE? K+QaW|Vg>*%~U%#939O$?2r#CeTCToWkQK-Ey$KoO!-Dm4|X(KR4G z*ijeNm?lOgWIGvI8JL?G`5A!D;$muIWMnv*H^1?(@QWkrPZYQ(F3>n-qO+}H`pNu> z{9o5A>b2KMo?oMqA2c;`(}zBd-iRyTf6INj^Knn3$*&#DF0seBkw+YHHX4J ziO!b$QkGvCVovX0Z*+Xyg!!8TPBR9Ck3v+&$I55A_ub~zfee{#lf zSx9fLpYu(9nvmlh8>YiNT#Oc?T1_AKFfwgj+*@_!{`RF}3jaSDCwF;fMFuR*?Azlu z#oK)C+)uVFrmy~P+dI4EA(KIp?4pw!)?Ge6*M9%4&chmo(pv(=TatZ!zTL`5?oL!Y zCA;?PqmPyPN#`8eex!6|Ua%Wr}Xf&B^}@);qPibt_4H`+A5y z$1gNt4%gjHIg<~k=Mo|Wq7oU$)I8?_cIYHrzc{lm()8<&?n@Oq|Ys@PYp z*)ezGE2C>U*&=_vRA-$~m}|8DzfDy9cda|o`-MCj+m5Z@cp~(TgfWX>ci0Ni()*Pk ze{VC(woIH+{qyn)lYQ>2Pkpz%z43#tlT2P@vQXH>rYPm6hvHJpHK;?=vnc_XYb~l zhv%_uUn1~8tJz&*$X&&HvQV&KQ>M4&l+;~NPUgJ!d7fmVlJ$wCtm5mHO`4T#|+*Wd@B>JB^P`Hl2Q;^qMvkGb01zVjBZ115RK_$_leE888@d zgP8m*EX+*IKMWK=992ff|14q#B5WMmY>cd|?942179(=_0%H>xzKjfi&+~MBXY+H{ z-g#|tMYbLv!rWP>iBtRKL(4*sOb=FBwDoGq+DAuvHt{}_xWg&JwB^UN1^HLAbR_bP z&rb7uQN7S;(FH!m_=Z=eDhs#x2e>MB`$e1Y`cw9A F69A!WCjtNf diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP.pem.certspec new file mode 100644 index 00000000000..1b124b1490d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP +subject:ee-EKU-EP_SA-int-EKU-EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_NS.der deleted file mode 100644 index 3a9b5462d41ca33475de01aeaf916fd66319c6d4..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6SGs{1Or|+POUbNw(q=*jNGgY1`>v11|n?Cp)AZiyqS3= zx~|@#x~>87e!&KE;=G0?2F6C_Muw&)Mg~#hyhb3d36yJ~YN%|W2+=8(nhMhx?5K-s zOcSFLvYm{q49rc8{0u->aWOS9GBUiocOl-~^YOLF6~+FV+GbByT)u1gHs_ZZ!>27< zysAIH@x9!(`Ry(lr=PDMU%$5O*9r4IA1!Czyj90;U7_+&GJ0*ei<6Jz4K~`}d|hs~yySqOmqq!z?vv!Jo#GhI0Ey zEZ@~)?P_e)&IJDL^*v?0-pN-);OquJ<~dK^aQmJ4k^b?}wF8@4pBv5f6R-T5sx;-D z)v}wH#C`ai_bn>+5SZk*Iyp3}G^|QSjhER&QfAkOGtn=cCIvrhF5^6;xmsxV!yMzM zRXcREOwA`gW>>V_kb7zO#GoFd$-d3pleSFB4xE`R&cw{fz_{4Pz{-FV7?`rcEKCLr z2HYSfKMM;p6Y~!P1rSG-k?}tZD5^NL*%(<_*_m13EJoz;1;!~bd>I*R`|}#rvKn3X zu8+7QyJqLtV~;;5uMLP@E%j^3hO62}y_4Je72kLGzxtyy>s)gC+Xd@y2vvMp;ddtU zV^W*6yacy=hVz@{Z+8Ak)>xXEtvBU^+-?(wDI(5EY<83R1a6xhPYYSZKUZd6{NXDf z_3wWy={~ebXLE3?X;#ibbJ0nwPM-43Pczqzzo!Wwj9tI_-hnH6{zj>5A5?C;maty-EU%DE*df!Untxo+7DqY$ G{saK1C@q%& diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_NS.pem.certspec new file mode 100644 index 00000000000..8567f0a5804 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_NS +subject:ee-EKU-EP_SA-int-EKU-EP_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_OS.der deleted file mode 100644 index 32cda4a64eef6eb6cb4af676fdbdb215bf5e0f0f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6LS>vJp*1gPOUbNw(q=*jNGgY1`>v11|n?Cp)AZiyqS3= zx~|@#x~>87{=o)v;=G0?2F6C_Muw&)M#fR%yhb3d36yJ~YN%|W2+=8(nhMhx?5K-s zOcSFLvYm{q49rc8{0u->aWOS9GBRv2txKqtn{F=p^#7*2(&1AZ9uyq(h&%na^l_ze zWA`8b$r}@mr#z}+J`kwK(_4=htnFJXl7ZGTb0PRQq4MN$?qRo#YW#J#J!%oTCZ--MA4#$rMGIIDDindO%6y~ zboFWKo8Gq*PWJx#TUM!fX9?e|$1&&TF@_sm|5WR}Xs_e+hY98t=56mvvP>VVM|)XM ztGe@gB9q3U#tC=V)V`>;mD+tKa*OxLWWD-dhAR7?y1$)Py|J`Ik>f(ngqst-ZV;^I F2LLMuE1LiS diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_OS.pem.certspec new file mode 100644 index 00000000000..4ebfbcc4f52 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_OS +subject:ee-EKU-EP_SA-int-EKU-EP_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_SA.der deleted file mode 100644 index 490517ffc21fe5d18c35b5bd8f048eb512a5a903..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AP31&qD^hY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;)5Lx~U%#939O^nQ=#CeTCToWkQK-Ey$KoO!-Dm4|MQ5V&i zCPpP>I~iFSn41{+8Gz2>VrpV!WZ2+r@n~P^?&XhW>;B>`vH5Qyl5}xrp_b_O`+N4d zl&zGBcNAx56P_})^1RmJ>&F)v++eyJFo}bWr}f0=D~W4Y>^u8++NT1+8Qt6sCjF)j zV%$YuvN8JB2g1Uu{`Q@AwGvRwh$*x%jhwgh^l>Ls*_Aug!w=t>W@6iP)=yGeWv%+U zI>x^mEK^ROe{QgGZpF2X*eu4Es#YTVcZ6=>YTcjBcJoo#w||M9soAARwEB!bYM)P+ zv^RF(^N&)~%I&;cE&blPb4LC?k3t#$iysxFJwBzL)cqHt;Vu~RQ%Z(u?fyltyFP1O zSR&q1Z@g#Ig))u}8)D{rZduH~-9>2nozHp}(rcNR85tNC+Zb3GZ~_BUR+xp!fWd$p z#N=mTVP<0fVW0rws4_DCX8}bOhc+7{D=RxQ3!KG>9KOIf1%@vp!-5V|@on?2i(lRH zeapS;;bpw9`yH41$3AXRICOB+aq9_uK8JdHf;QzlW-Buts@)mwuthz1q0Ei+yz8}> zPb^gWXMbH{o(PwN^4%}r*KobAShDA8;g|5;DdxNH+c~KUh5GB2O={oryKEbOCL2XESK$Fs+#G;IQB(65u~Ds#WdGYXoW>@_~|>&gFDj0=w)tb4Pz=-x|S z?)QhAekjHjc1~iRb2&ETmP(uloA=bWkAsxszvq{4i*OcMee2}8!$nh8c`2kTI+{rX E0GU4~EdT%j diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_SA.pem.certspec new file mode 100644 index 00000000000..385b43f52c6 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_SA +subject:ee-EKU-EP_SA-int-EKU-EP_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_TS.der deleted file mode 100644 index 6b479971c8acdaebe24289217d76ed8fe0430c5f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AQzMxbp_QY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;zNQB~U%#939O^gkq#CeTCToWkQK-Ey$KoO!-Dm4|RG1yTT z)tDwmC1g7pSs9p{82K51&f;QfVq|2v%JkRtH@EZBAXBDqbNU3kW-tH9c|>X1Q>RT| zC4=XmouByrswC&`=12bFPYdoIYu&>sF3lEKDYm|^C|RR?U6<+4{?~?VF3ny=w#x-N zsxs|)cuw8;)%|1t&i9J)SBgZGB)cd|?942179(=_0^<}IzKjgQwk2Jh&4Ug!y`Dt3EpZXK_ z_Y{1M{Df~`i52J6aXfHbkmJQYi-&D*7c7yva_l~L-iHzw-z@^%4I1Ki?$2Mj@2y-5 zpWVD=Vtij#u3RvCiJ!vG|HpsSS50>P%lcrp(Sf(g*J~Gia6c@$tx_nlZ0+f@4eBaW z&!m2y(jNaHa=P5rj4j3+HXU0aYyB{LqW`*|=Eq)2O)_QM%(c%wRz<3!^2EyBKinUR zO#T1C?#i8mR*C2Ttb8IlQ^?0i#i?a)rc6flnvOV~7hK<-s$|%^?C4kAtECYlq|sRa G%nSg(kttIE diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_TS.pem.certspec new file mode 100644 index 00000000000..0460d6fb7b1 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-EP_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_TS +subject:ee-EKU-EP_SA-int-EKU-EP_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-NONE.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-NONE.der deleted file mode 100644 index dd25ebb045c36f760ee5439737844aad2e7c4340..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 760 zcmXqLV)|mx#CT@`GZP~d6LV2{kpV9or&gOs+jm|@Ms8LH193x917SAiP!?t$p3J-w zU03f=T|a+6R|7e5UPBWDV%o@qTZGw&(2H2P0tm}0AX^4Zfl8POBZ9(B9>rLdb%v)H6IZRh3r zr_%XvN9?@3TJYOLBbMtClAq0r|==I7Q-cTE?&&!(JFYn&h^m5bMB4q z|DUG)vDJNHY~3{T=Z53eFDFjh)vTJXcqK?-;_9yzhi?A0Sh8ixo`b^Y{(QFowN_@C z%aeOj0Z#fED-OQ-qx3aKS9Qe-$1jL6{&j8S0tGBVV4GhU5# zKi15>>F3SU-%KCo*z%ru!@sM_bw$wc{dpoUKUH|v_Rix_PYPoAWjk?G^hJ}HrT^BZ za44AHd&uwnG0x9;&-EW&>vrxs_HEzPiwZAy30(WUq)GVb-10{$4FQ***B&rAS{l%l z&2#11*1-Hnw)-~B;?&eU`9*tzW9OO6v8-o~C%SWXuhu=`^P82?_g$l_MQqyP-4mC{ zFHO#^E#wau`EOkKoBOwzp_gsv<&e7d8E53>Hk{O$wDRD`g|+7%%3bH!py=)=W%y%S z8MF5CHA+Q3o7Yv%z5Z`%M5y!+)gzmi=v=sJBpDvors%Lt@z%$kd)scWx%N;?>+GEB K$i){w%mV;RGcX|l diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-NONE.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-NONE.pem.certspec new file mode 100644 index 00000000000..220d3d537cd --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-NONE.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NONE +subject:ee-EKU-EP_SA-int-EKU-NONE +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-NS.der deleted file mode 100644 index b0a265397aa748cc0d1eac0c21f21e0840be947e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6AP2qr&k8NY@Awc9&O)w85y}*84N@Xg$)GRm_u2ZdAKt3 zN_1VlLv{Uv4dldm4NVM;jm(Vt8+i8p-%jcne4B z#0f=bj^`WrXZ%>&d1VEQQSHMylUcj>MwgV=$v8H>Jhp#z=ifYSnJm%P0F>ezCyTwlpH_^e#_%hj)6e>Kg0@lPbjxPo3B$8p<-^^@)9HYuz&# z56}K=_wLbU;cxpCt}W7c3idOuQ;~IjGWXiP{Z)_l-RPbW+8B5IjB zPu%FbbJ+bSb_{!zPWEvx{O9*C^_+wFnZ=Da`Xkx$O_`V(85kGa7+4u_0z*<(n1#uJ z!GIgYt_fI)lxRTTQ8+PcwJVp7x-%cxGF= zXDa`1@w+pGPQUKy6IQYQW)=Htt75WqRkYC6D*i8rTo}C>djH?6H&}g#M}N<~S=I$d zN>^R5u4}T8D6%b|oU&Hz$J^lI$9Iq9{;r8{zy0X%@^jz+2%E3mIYa%y^I$J`-AMkA zGS5T~?Uz3i%FerSd$3R4!)4c|U3hD*Z+5Fpx4?7ZYQ?AQR$p7M20hMcKE14S)tRH` zUzi_Qw!rNvqm91WCjMrv11|n?Cp)AZiyqS3= zx~|@#x_-g&{=o)v;=G0?2F6C_Muw&)CPq=>yhb3d36yJ~YN%|W2+=8(nhMtF8W11s zsEcY$6QdHcos6su%uS5^3_w?LF*PwVGTfHEplczl=V(5~&+xHD$kgV^hqtiVPT60o ztyi*9L_ChcsyW8x?uuQ@x8^zfOTTP^%>{UfKK zr@`J_Hx=%m@bQdG`IYOh7`f_-$YO>5J1h53n{>FLT_I>w#PvPhmu^Vz-u!j~-??S$ z{tG&|*njvX|0Up4&$hT^8}<6Y{%>;AmrV`}du8ML&;BP*%6|$eYOl7+?ub%&cFe!C=78Ym4gar;#`(rGF*7nSF19hSGT;OTrmQdv zlL3PPH;Bp4!otkN{KG&2#8G8r{Lcc4Dh_QnMpjmKW)?V$5jlK;aS9AyMurpa@kXCk z_T=ejUzuVd!SlyzE7t?IFOQbl?se4D5lD+wUvjyIJ4gEb;wH5{5_NH3f_DV?Cp|qW zB`KZZIq9+-Afk-cs}I%3Ei} zm#4ToKU6>R?!G>8qL|Q{lN*@*Ojia*a&{j~eL9iZ;K{_v+qne3G0tRo=Q8)xhqL^R z7hL%ii>H2Mshu1x`0EY-g+K+?q>bSk(-pE~JS*5e9xF3yrWQU6TlGb)xqvHg`y15@ zENrt{C074;>%G!=IoWap$BqRz7D-)Xe~_a!C4kY>t5K-Gn^{FWa0?rIz}sZ8hz+^P z%p$Ws`>klvoT9UDS?z3Y*N1yvt=)gy^XOfr_fMW!p8a*gn2DK@fpM{oft3L#Ffe6> zS(pqM47fo|eijyHCgvXo3LuUuBjbM-P*ibfvoW%=vNN;5S&Ycx3yf1>_%br6i*3E} z!)?-w19zq+~QtRpLv?j@`f9{L;%WNA-hhZe{%J=r#9sukUR-)qQ5sv-ll1*Llw7R^A_x zw`F;yqPLj+1J=XZD_M`+TpVb-nRiXy29`^8Sr7kj{+m<d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+h;^_>f=&IdNV?69Z!-b0b4j6BElQab6=3*96KnP&HIGP=x4|N=*f8bPb3P zcGN{RrioDr*-l1Q2IeM4eg>ekxR{z485yo`E{{#RxO?a1V|%8Ql{MwOw>xFos+r!i z^OL=6d%3#xhWd)n!p2(9wGXt!TIEj@+3|h(>eap3ldrA|TzhxF$U&Ze6YF_yx^!@4 zm!|Y<=Lz?_lg{+vT*ZCD(+?7`GW6oy&J2s?cZF* z(Jk& zp{3s|vY*<1o@cj4W#QdAo?XkfDLvNtBENCV&qtEc?{dsJnV1S&+%Pvdsgkq_?7hWz3f80f}h?Ax^)_IdpvK4%!*;)$j=NnV-v|g zSeH9_>GYHR+OZQF>sCwWe(&@Do%tu>(~heW z#se$`rJ+|k=NpDDd9U`vnT_!$_a%w!JGTBDelC^y{~ZHY1*LH>e575Zw)pHmTT$g| zuZ_IHQ}^4*to2!uF*(<1+NE=bw;!*GIBJwTWns|W`Mr;Fep~7E7}mDTcp`hd%=Sic zPVWY>Yx^Q5Z1oYYIQlXEfmd7cyd~#2v^V)hM7-bK7h>{wljA2VZzqMXl4YVdR4x=O IduO%{0AM65;s5{u diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-NS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-NS_TS.pem.certspec new file mode 100644 index 00000000000..801d98320da --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-NS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_TS +subject:ee-EKU-EP_SA-int-EKU-NS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-OS.der deleted file mode 100644 index 9531f2f6cd50bfbaa45cc2867df9c99ee1e113c3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6AQz29a#fjHcqWJkGAi;jEvl@3>EqfV9gZ`a8o?_cJNN8E`dfP;8-N(0A&SJY= zpmNda2%Bov`G0HcmTV7Nd+xS#&fLtm+mi3>QIhXx*G&DsZ<3!Sb5%;*tcfl@C%#X1 z*{QsbqioCjg(pjd|B588`1<2d%IC#@YSO>HIy^nXzES4R)oHhExwIHc91V(p9GPn) zR^K(}*-yK>c5bE_al0m+X%oKErj~dkx$t^TXidsp$6_XCMh3>kHU?G(oWPKj6=q>F zU@+hYG5J|on3H%^+8;D#diIZvRAqmObsk*E|AGR~p^>-fG?1d&|)D@uytF>(31R-RG}9V|~0#`}Y2iwWk(`IqZFyDE>vr z&e@^pMx6OYr?Y+x^Y&GCryIC(@fm1$-6~yYJ+JFkLcM3q*=3KMwv=^T_&&!k(8Tq} I0p8$+0P%n?9RL6T diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-OS.pem.certspec new file mode 100644 index 00000000000..49ecc0aa35c --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS +subject:ee-EKU-EP_SA-int-EKU-OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-OS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-OS_SA.der deleted file mode 100644 index 1d54a30508b39615477f4bd42c9298c1929714cb..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6ANSf!pR1_Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv{Uw~U%#939O-xOr#CeTCToWkQK-Ey$KoO!-Dm4|X(KP_5 zQ5V&iCPpP>I~iFSn41{+8Gz2>VrpV!WLWR4+_<>t^y;_0yC*#tyy`1u(tnr#`I_=K zMvt23J!_w)d&1xK{(t*L^NXb4pMOy!KL5BS(<_PHUYGR)=6E?Kr8ZrNn^emx_kjIU zxgj~K&*2ALq8IVUH?aJrOwSFf7S#LURRxY)+P%77CXn6knw zOa=@F+#n`D3kx$7^A7_B5J#1f@jnYFsyMXS7+G1_nOWd0M&$4X#wjp-85vyCUTPO_ z?3p3-e$(TxPiF?}skA6x$vb`7>(XMq+H1lJ9vN0_R#Fw?!hInd!upSTaO=? IwFKij05{VwcK`qY diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-OS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-OS_SA.pem.certspec new file mode 100644 index 00000000000..8997027f6a6 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-OS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_SA +subject:ee-EKU-EP_SA-int-EKU-OS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-OS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_SA-int-EKU-OS_TS.der deleted file mode 100644 index 7a66cb2e7394eed955c7465382f126adee7655ba..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AR`l5Go7!@WwMnU7|I5!Lk2ucb%P*{I>uuTmyer7(!J?`c zuFR=vvm=X>HT)0Rzi(XL(d;tMxAf!LbId)RaYq_`^=_S6d3zT5| z*2A;Sr+Cq-?+2M976TjpzyrJw%75>p0l5i zCtvhz**E{Q^uk3w^QzivFE99RQNB85ve3J_O`?Bp_{=);GN(#J@JY&rFLSTQ${5a@ zBe$C+tIHx;=fTzG@LX6ZMAW+4)ax-1SwBCmCxHdqI;6dYeL<6eD*lS*oB1CCXT7zvn5V%WANS<(wM_MyKwix z*vSEDmWobX>C3n4H_NmxSP^>5?ZMwAh86FBd|+DDWyE59yqcS-*+RDN_oRaF_j&{7 zYX<$Xe;0B~syR5dB=G0={=L)n3%>t78vIZziSGx`Y3}r-hRIrQEc2%mKzpKUZnDK*o&|&*bmzIyz&<1BL0CS++8j%eK7mYZBafb1D-vBLm}N8v`o?PGCsN3bQa7 zFc@%ynEWg(%uLKb3=}{dRYu1DEMf*CY#iEbjI6Be%q(ygBXalxV-py@j11aEKiBbH z{KfjlC`&``Vad7e!c3n!o|r4mGU9LRn_wPUZnbzvqHxT)+!^N9zDv%3?`FEcMy@va zv(&8v=O&o$Rao~~XU{}C_2A8)-fpnub5lz9Ok)%FN>TgwbVY^=Q;tT^Zx z6mJ@n(`Lg!wz}mqUE7^lTwh82>3pp#E+Y8kgZko>9K8d}SA37lJrOv11|n?Cp)AZiyqS3= zx~|@#y1|a|A;AW6;=G0?2F6C_Muw)Q24+#>yhb3d36yJ~YN%|W2+=8(nhMtF8W11s zsEcY$6QdHcos6su%uS5^3_w?LF*PwVG8|Q5++wylf-Uve+^yG5C)_b`>VEkqEyJ>s zF>9~gk)LG(g%`MItloQjjp89OkC@Lt`^)^d$4UFj%!;lQ-q`YA@z?zI{F!sL?y>!v z@~-Ee(%Oq#>o2nIUo>k??9$UQ&lGg_vV^Tvd+^`*;d>?*b=R#S^Z5%?TkId{oV<4= za+=u3HSbS23B0~vX}v3E_swgjGW@*z7MA#Cum8D3a_-wT*%mqKH5OYdPxD$20>8GC0e>{$U?4I_H^9l22^~DYS>snTAKJzr@*0*^I zTSGGD`%JEt)Kp);?CW9YQ;UzSSUr(XnthSAkG=Ajb+?#4pJ!rbWMEuuV_;>#2@FhG zVHPF>1_N#olb?l!nTh#_fdYu5%EQY)4gFN>}x=V$yoGcPFk z^sji^a3kAgpXRKbsvEhV)LGa!sCohlF zGEVm#<}#m{T=|BlSmszvlLUj-C$pmwOAFRVn;1ml|@xqbo*^_=4TED z6AX=S%P_F3=)CRW<=v|wb-3v5k?RWLU0b)MeC(XaF4w7}w&kGV+8L)7vdEuac*3TN zeetdQU2C`;SJtt=5^FAA&(F%r_@*Lno96$O_B}gaI5Z~eSNWfC`w-1%IDhpj%arBc z=Q>Z!-Y=J>Vag)dpFEFEUtRkK`-wx70v|-ESl4~k^HgSy(rpf!a)m)II`db%Yn8N9 z;sN#x9L}ksXL$8kE~eV6UA|SU-&r40@ccuv=DJrul*K12=2~vzWRP0^K-$W6bN%{v E05vxg64+JhI zvVPyWYt{bgF=rmkm~LD6G`Yacv52X5SNih{q4g5^fQoq@ z^B2qs6|k6|xO8dN>yysx?>U=HQ}55%5_-R3bKKJ^E7P0%Cb*lYg`Dk^-;fx%`QC~> z{8tRlKUJFh`gQQ;U#$vSqGpfTZ~W_f=XEh5*lgPlfxok-8P#elo~eJ-&Jk=@c;(RS zWzuRorv$GuPf1HCJiC4C-e(P07&hx!SBjsye`EQcIJv8n3Tso3DIOGQ`XRPaIJ-KI zqy0w|*QDdW4rgq9aVPgBUs3jw*Z&xQJL~QanZOo z=}%VB|927bUJ9W--n$o0p5xlI*+(v^Lhj<`W!6*wB`xN5kZ1fix#nxrFBhNR-wLmq z2c9hZTvg$DUXY{ug8S497adkFl6oY)t0b!G$D5WVRh~bCCPh4WIL~0$^MeV8CWV$C z@_GL=P~yW+QP*t`CcpIZaF~!jHFp13Q$6*{*5x7-*hMZc?LJ_!wDP3Op8tQIoo`(A z_|PoF`TJxttt8!SzN*gqD7iB>en;xDCC7Q1((g1f^1Wu@TiGhSA@)|sv11|n?Cp)AZiyqS3= zx~|@#y3UUAt^o#e;=G0?2F6C_Muw)wrsh%Nyhb3d36yJ~YN%|W2+=8(nhMtF8W0~6 ztcz+)6QdHcos6su%uS5^3_w?LF*PwVGMxPVb-~^XH)N-5ySiLR{ocO?rz76fv8_EF z^EJ&&DQD4#OQnz*u%9XDlJCy6w6P8;Ctvsv{pSJk=eYw8oEl;Z49Ut8( z>DCJ2+VZ^1y7E-p{L+f(19eKl8P&B;?nje;Pp&&x@#o^lX{-zfBlgE>L^FPt&ewYO zo?C9~0;^ZkmmaNLrH`(pel-z4vnl>H(}CT2zk#>F-URtB8Fz?2nc zVKQJa;07`ISy-5vn12{3fHmRb&ddU5aUh2;FiwHt%gDgDC-u$x z6f>16>dj{oRu#uho8hls)9xlc)EApk^S90&cioWC`>Wma=2M~ zrSx$-zq<5i>!&73-PJfeXMOk8`<0iPy!RC_%k?t<=PG<2HFc+l%$)K7fkeg+51*I1 z_HadSm;U&6{cJ_g>73KIPYEbXKd^3T;qCZUzSf2AG*zAKQ{ZSs^oxb6JQowB0eG8`6ej5>dHYpC;% Kb&A)|tOWq`nKQru diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_EP.pem.certspec new file mode 100644 index 00000000000..9360753eda7 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP +subject:ee-EKU-EP_TS-int-EKU-CA_EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.der deleted file mode 100644 index 5e1a5ab64168be5ef5739bdb2a87b6f94209de5f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 787 zcmXqLV&*q!V*I{lg!GHcqWJkGAi;jEvl@3XJfw_s1p8@DxE~X|%Muyw$KX~5RRp@tqvwU&= zHb&p67qibqx7{#ZTOphwW~ucysd2+>Wf(BSB~hwu+Izr2b@@BtsSz{j7PA^IPT0^Ij-E2hIQT7-``vN zRCX5|UxB9JVg_@bvsR`i)>9I@c6!^n8u{JZD|LR?;p^HwhF=Sk1CHsit|$~};5eVV zq0#c)C7Z97kqT$*+_|2HzBB9@SN=w|PE^>Uf@`s#UqGyX|^Uca$7 z?<*tcSLaEU$9gxhY;7u8xp_w@)8uM~#x>sj@>PbROsf3G}7@%l-vySYrvj0}v6 zZ49goIDr8xE6l=Vz+k`)V)C=FFf%d#07sjwDkI~67BK@6HV$nzMpjmKW)?V$137$w zaSaS#Mh3gcx870uCrWrvWM0`)bs)p3p?v0^m=?d?FF2(?Yz~uH$^CRnN6x8>QNo|3 z?x`M7vf!UzC)!qas!_7{*PLzP%+LScf9Q4LMdZ?qkNx+Bc<(EE`{nxzulwAY*zw`j zesg}mAVy#3hwF~)JzV0kTaCf%^Bw0S^%j2eTW21<)&2OcVhr=4$D%?><*IR zzi+Bfn3&pa=Or>!djJ3c diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec new file mode 100644 index 00000000000..0ab5481a75c --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP_NS_OS_SA_TS +subject:ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_NS.der deleted file mode 100644 index bf631379f7d414d842e32ff2039081b7f5502d0a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AQz?Z^8z=Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@`U~U%#939fpnBOuMvoA0_7U08Y&woLUc-{rh+xP2E>O1 z>!KRd#HfU9CnGBZa}y&!1JGGqOihf842#aLT#<6jeA&0DRZJ}RL;s)k@KxD+vrbHd z(L_93GwsdqyQNV9Dq90RO5RnnnjL$#D0`d5O3`Wm)aBVUcKcoyU#7cTvSZS@g$Y*` zI-P!ByDxm9KIpe&=@0$3pHn)UEOnE_W0LPr`0!>%W zEA;tizi_UsyMO26Kh`tPcd|?942176)?p0^<}IzKjeLj_DnH zb5Zr*$2{MYq8*n5>&0cBaU4-!u|Ghk&~MYnh)sJRiz!ub{WaMZGj;QJxr_g%{hsBq zX#I)vpD(RgU3TouyoqV;tcO3i2bJf${+JN+O}ICmb<(4h>4yK}HeCHPBh@icdb?fL zL$>`}mF5?6dVQL9^vq1T$~U|H1GOJ&HU71^_fKY*$U3$I$rF8Lgco*til`;7ugPN6 zi8)|qkR_@5!hCDgzc}{m$9OxJ?``_SwPm$M{j*=s@;MnAT5W$eB}L?=nppF&%BE?@ z*QNAEaqpCm@!1fNnRCNUqDXq$(XwYN72T!WB2@G*7tLEA_uKX1*O_bHOU7OMxru#) K^u_NhuL1x$&M|5L diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_NS.pem.certspec new file mode 100644 index 00000000000..f9313ecd0f5 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_NS +subject:ee-EKU-EP_TS-int-EKU-CA_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_OS.der deleted file mode 100644 index ddf1810b8cf445128a08d0dfee09906ed9cf786f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6ANQq@mm94HcqWJkGAi;jEvl@3+rZm}P<uR_}_rZdmeTVC|1R2?Hu>WS%XnVjj zF5tD#(jVs|Z6>yyKBvd2$Kx>L%?d$*t#R>&ed|vd?0)`3)5&S`yu+NQ!ZSr{xNfmn zzH@OnD;OjHy7zsklE=#Xr$4kjThV{B*iay`_nP~%=9^(@$2V~^-L9Om>x5oT%94#O zt2Y?E)IW4g?hN18MZee1;$Hmxx`$|df_8hrirMRWcbfd(WO6d5Z|YTOv7B-ouOQCn^?m73gy_A5v(1(Z6qoSjxNfLkYYSI^L>( L=vm(#v`hd1abYrx diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_OS.pem.certspec new file mode 100644 index 00000000000..9e6e5d447fa --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_OS +subject:ee-EKU-EP_TS-int-EKU-CA_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_SA.der deleted file mode 100644 index 0fc46a38013234aecef796784efbc491eb6dd103..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AP2Y$v+0XY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@`U~U%#939O$-g9#CeTCToWkQK-Ey$KoO!-Dm4|X(KR4G zBv=>Km?lOgWIGvI8JL?G`5A!D;$muIWMsHglrNX7v&1q$E9L1E&)#(Iz=xVY^7T%C z?+kbSVDYZv-`iU69}H|fyS2h zUpRSoo#dYKmggJqFMsod@yUsEEzw^6f%5Kq#q+dWTc^mq*<^m~rLzB(*=y>Kn_GSe zQ<-X>m8f(<;o1%ULn199%YD>RUl*)Yj{lck~(Ch0C(aVNx)iJ6gsaj}hol>sL(FlB{V zm<$*UxIs*Q78YhE<{t(MAdV^{<9`-VRB>ptF|x919LV7dj8kCvGBTtEtegEw z?p4ft@uewhwpYpzzj*Foqds-#g~Y$pPTmYXy-R{^ncrzOO@5D$CGY1v@ISK4ULZHA zp@F$wbnB$DZTp_3xgOL1Zg;6Pcj=xD8A%-L)*s~$`+t>R~!=3lfOL%fT zP3ZD^j_C`uZiLx(oyncd+2FnW)Y+ZF`Sa$z6M2=qXx*M={$cLPUlskHE-@^5UiG5k zck{B)&797S4vl69(v>6);va6hq$tU9==8jpgt7_#XJ%*%)J+Qtyz#%wsO+M8-&E%V zR_nY!HXg0vJiV5AyPK~U%#939O$?2r#CeTCToWkQK-Ey$KoO!-Dm4|X(KP_5 zQ5V&iCPpP>I~iFSn41{+8Gz2>VrpV!WH@!h%`@&?=%NGL*Lr%!u>4yS;I-TJ->Y2X zSu5Ln7r)w@>b7gKPW%qnsoxlD>{_6A3?(-*^ zJIW2qUOeZxx{XP3K}O>2chgN4pD9oNXBeHxTKMZ4m(|KyGkX&Db-Z8x(M426v((7S0kZE4XS;~CQ-lk> zm}j}~#qS&5?r!*W_3X1^v(?ji51d)PW0$ML8D<^*mx}U-o!3qNS-(O-bjzv0JG>vP z=bd)!+92*79yH}+#+31M4*dL!eXg-jp;?=B*MqrDEal(*ug|DV_27E&sIukUBj>Y^0-k+qb$hbm zmq5gUO{vl+Pu*B?ZdFO|#Q^;pVb$wCoK8B9fl*aw7OCDZlYhx9>VMEna<%DRsd)d{ J*^i$a0|0T>Dt`a~ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_TS.pem.certspec new file mode 100644 index 00000000000..6715da6008b --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-CA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_TS +subject:ee-EKU-EP_TS-int-EKU-CA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP.der deleted file mode 100644 index 5cfca1fc03fd6da2d1dfca58080876bad48350ba..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6ARj>qI?RVrBoK9sxSbYrqjm%)Ny$J^hhzk7df`-_C>b5C*c z*DwFl{OiT}NmF$VYmWwHE)wwH%y*<)^O3ro;Kn0WId`Y57J2#TmF5lUSJPb2S2nhP zYvp2Pn(8`f_H={Y#Xn6CSSEF@{`&TV^#0r{8J^3ta?@@yA7h+lvXCe4gQ>L(o*n!~=aQ)ONhw3kWnYeHM7=tEeVX|} z%d(%Y8}I*@+2nG5@ybN|8H&YcxEG!~xb~b7e`NEc`Ap1=42+9y46F<|fgvd?%)(^A zV89Jx^0TloGco@#PylgM85#exh#82macHwKva+%>v%py#$l(i&O)d+t@p4 z(N@2uQE7D?e;gVWB<&X5s1f=b{rS7)bOTu@?JJI6x1-HphJ|155zn?-UX*j;XE2*p zja%F2V*BoY<;SM1Ul+RW4@<0E+GL;9s4Lf|ACTX+qW(xr_UXR6X(=oZ7dc1sFO=*~ zyZqwo`!MVIKhoP2zt?^`x9j$X^Wt3zKNGLt-ZdoNSLX{ji{=aoIzobhSd4^w0JuokY(oNM5SQa`LfMwpKYI HyLc7=UpFs+ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP.pem.certspec new file mode 100644 index 00000000000..545822248e7 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP +subject:ee-EKU-EP_TS-int-EKU-EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_NS.der deleted file mode 100644 index 5f1bd284a259ed0a86ee5c9b43d08cc52bd7c01c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6SF?ErvWb;r&gOs+jm|@Ms8LH0|`Sh0}(dnP!?t$-psrb zU03f=UDtqkzhDD7ab80c17jm|BSTXYBZDY$ULz3K1j;o~HB>fGgy@t?O@(O;3D!k5 zrioDr*-l1Q2IeM4eg>ecxR{z485#Dt-n^f0a=FB>az_03uyqr~l1pB;EnlJ{s}o&1 zMelUDPj zKC7j&?%^+dEo`=8|4SoGf18}pj`m zdNpE$f&Gu`9`99>%8YE=qh#9WSsvn(bbY=2(mU%1i#0Dzy;rgB(7lb7_MGnd@e6i7 z>{_(ze0JW-#1;1M0+)YP&-Ytt5S>4D*(9~iFZup6F*7nSF19hSGT;OTrmQdvlL3PP zH;Bp4!otkN{KG&2#8G8r{Lcc4Dh_QnMpjmKW)?V$137$waS9AyMh3lPzrUVZmpUfB z;`$}s>$Nj-*A6>_`&OOlv!riverT2LTFPF|eQ475i02EMmO4GTu<@#QhqpWXY=NcA zMNakIubd~MIqUPon7dPJ{$KN$q8Fw5DMe@IrAre+8)B`5{$I<8HFx5Xyf(ArTy?Df`@zv?a?pN$L8$QiE$6}+^d+gVWPQK&Y5{i^> z+~ew5^Yizqjss7c*=N>WlF?kUBX#4gmAw)V^m&XNJlAm8y!f+l#+2I6{mzj)-O5c% z?F1G}>l9A8_3Xu#8{b{eo}Q@LcDhl&V}-cM+G#tt-WDs(Uf+7_EZeDLPd7YJX7Euy Gk`Dk>d@OSS diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_NS.pem.certspec new file mode 100644 index 00000000000..960186a49c1 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_NS +subject:ee-EKU-EP_TS-int-EKU-EP_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_OS.der deleted file mode 100644 index a95026607cd3a6a0e0723350cc181940bab821b5..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AMGDak~L88>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+ix6c>iDnIdNV?69Z!-b0b4j6C;x-ab6=3*96KnP&HIGP=x4|N==1n3<=gn zHKvJC3E56YRtDxKMt%mMv$&X=7#SJvt~=y$&)9vJm5ymZevyYnti`c>vl*@GdOQB6 zwt5PE4D4PU^`-ju{X!d)o2o&^pL({H-{if+!w_(OCfnnPW0PjCG+iBDS0nS_jql58 z#cQhfDD<8bXL-bS-{!)dISDfIzcjOXKb|u-`T6i}OFTzXJVW^oGxJ&PwHE~Lt?ps# zI8%2&RCo2Mko!u@y7nlDF$L~x;9s66ZzN{7_@4033j(||FFjS|(sYb3HD8n0@>Bn) z<)5z5W65t*mq!Y4s~*jGBy>@(HfqBR#`kZHgBTG5;`70C7|q8UM3@qKZSCjggg=otXvB;y?~xV4MQOmysc~U-E5%hmisI zAuH)tlQp$7k3JW_vtPV*Dv#kixi2|x$7I_U2^kB&J|Xt@jn6iGqx3gi_g!@AUXR1XwNoaE=r4+9NPo~&a<{E?;s5T4g!9|4$L{J3 zlf4%%I@4hH`%52trv1>&5C1D?wsZc5@cQB_s}69~ze!cP_S19w118S`_lpIO8Ti*6 zT7Es^{;QwcBC^}(G3{)c5x29;Mr6{3jT&!tPem+z*SBIp{ZU>It%DhSd&`z=cl^sz zIj6v5i~8gL7sYP{U1x67>b_V|7#VPQa>b%KUU#m}@V|U(y$nm&ZJ*t>d*od1B$u-s GxdQ;Tjw-bP diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_OS.pem.certspec new file mode 100644 index 00000000000..bcd82c9546d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_OS +subject:ee-EKU-EP_TS-int-EKU-EP_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_SA.der deleted file mode 100644 index 4c04a304a752f8ed278b4efd9b3003c48993c44b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AQz(>;DXR**LY@JlekVGBR?rG8jl0iW!KoF^94+^YCWo zmFT*9hw8cp#0NVX$cghBniv=xnHw3Jni!c!iSrtPxF%4pfvTahfg(hwRB9?rV@R+r zsxeKBO2~FHvNA9?G4eA2oyEn}#K_37w{xlg<%om6%Z~8s8h3A*CYAJK(WP4jI`=xd z_*6C5{rG<ATrzd+(<1#mq&Ad}E$Wn8~5isJW}&sA_ZQ+kdH_9nP-TpY68& zgu!%arxp5)hOZ+23e}qb7gg~76~6x~9&GznJ%2plIo~UGo_F3Apx30aPe}A`!NAiNXX;lZrcY04uw{=_m zbHQE4*n)Y||K}V^h&dqo?uN7WlA}{+{5@Kq6uK?!SSk}UBLm}N8v`o?PGDfl3bQa7 zFc@%ynEWg(%uLKb3=}{dRYu1DETE|3&}L&~Wo2h(fwMS}!xtE*!0=^cD44sbdvWB| zTK!z1U+pP9?^imn7Gb=z2Q;{DT``wsWj*Hi#&kGUvV1>kf~#9clF!c>d1+ za4+Q1|JsvZ9zBk_A9~mOU);${oUXjBQ;Tmd^XFaS_hi@iFn+tLRg*Ks1fDd6E^S-q zZN}8guya{v=;Y&@@6Fg8d@Lt-hmcaWn?Do70xpK*h9X=$YPP)iT6=WgOsidYxYpET8|e+TL)PdflJb+YCO7>3$MFDHk? HSlA5!nyN2- diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_SA.pem.certspec new file mode 100644 index 00000000000..2d2c85eb27d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_SA +subject:ee-EKU-EP_TS-int-EKU-EP_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_TS.der deleted file mode 100644 index 32624bc16c0900983bdf2b311e417fc1d905d100..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6SI|_hygDfr&gOs+jm|@Ms8LH0|`Sh0}(dnP!?t$-psrb zU03f=UDts4kYEEjab80c17jm|BSTXYW5XzMULz3K1j;o~HB>fGgy@t?O+{$bMKz|0 zQ3=^jMpg#qCPsb+psTo;niv@wmgM|!74}h=`ML97{`8b7zA2M;y}z5s;=9tT;-&G* z;@pjsbeVQ--+Ux>_d?yxt0%2{XZ6WcK*3vbLubY3+Y>w55{|j_KM0v(?{eIt``enw zs)?7*sUGHAWn`pN$F%m}qqi4*HU_X=cCVGJnw2?QjCb8L`%^y!vfQ7goUnK)cJUzd zNzEdQYsq>IiccNwH0%yZdtW*xs@GH?tGZPB!opDT`Ohc!ORQL4EMk)W;I>GofA*#P zh>ccXs%06ngfxv6;%Cg>S9;;AW`@6OQw2IkqBdMbbj|0#7DpMh3>kHU?G(oWQ`86=q>FU@+hY zG5J|on3yLQqxqqC>`Z~rRUY4&!qtZ3ci>4I#^*^&x#x z{!!DQd7~xnXhO8|+GA^GYwzl+RQJz0%kWp&_juzgDa*qQKmU1{R7F?CWt3@nDITv7 zUvAvHW9xO94}8z>zmgPa$y@LKVc*N6F^kf*YmXg_o+-2HdQVd6?hBVg4$jG7vr@DJ E0Ex6Mo&W#< diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_TS.pem.certspec new file mode 100644 index 00000000000..d48f444dfa7 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-EP_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_TS +subject:ee-EKU-EP_TS-int-EKU-EP_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NONE.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NONE.der deleted file mode 100644 index ee5d61b046f57aacb894e23bf80e73687f47ff4d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 760 zcmXqLV)|mx#CT@`GZP~d6Eo{B0Rvt(POUbNw(q=*jNGgY2I7XI2EuI2p)AZiJeheV zx~|@#x_qY|=>jI0dIO^o~uKsRwQH8CHO^b`?mi#694^5!Etq;yp84I>dq_17XGo$OsYA4C6A(>+stheE*9iFAjT0fiP5#? z=eZtHnF+I(hR7;~9IOjCqj4vt>4@D2);)6POM0@OUJ3QoVUF*7CMM$hv*e0(o?F`v zmcJ|SsF(R1xIZiHOYIx?_HI_DNiu8y<>~!88EeQAEn%=lQ*~D3vB>^t&xo*{p0;P| zJ@YS0OBqeF7x6#x^J@RvKNDtbm~N4A_?frJZn2eXckM2j9e8rb|9Y-7H7BO~Zgo+a zaD=HwDQ<;J`B5vc54@LL_GI?w%XpRaeo4(cpWHIfor#%|fpM{oft3L#Ff3(-S(pqM z47fo|eijyHCgvaDFqTziWc<$}W+1}Gq0Pp~%F52n0%vg`hc7Tjf#J)@V4n8N)vL~W z>8Wpg_WN^MUp&r{j$*&D%CKgEt@eiFKPK1HFk<+*Iif9ci5pT$-?FJRuf+j)-4@_rxxm7Aw-Su-oT-{g4D zW0ycS&nG77ixSi?KNZ*GD&^O&ketVH{&<7XT1(zTSzl|Jp8xw{G`IF!Q~0-s>CQ1{ zCwiSa-*^9Af&Sv+1S^p``HqL}dzgQ=?OJ}WohLMw`}t(u7`9*U_cZo@65qJ!;U(9} zoJ>ZG1KOU&e4SQV-Ld4BVXr9H+{3SIcUA>{-F5JSWbaI+CXtEPU(BDg*r~2?<-!)- HXWlOX;J7E+ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NONE.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NONE.pem.certspec new file mode 100644 index 00000000000..2559414ee74 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NONE.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NONE +subject:ee-EKU-EP_TS-int-EKU-NONE +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NS.der deleted file mode 100644 index 8753ee874adce5d399d02e4f7dba289bcd5921ee..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6APo9QicI98>d#AN85K^Mn-N{1_Mz;VFN)n=1>-99v9c<4++*q zGNXx63E4JARtDxKMt%mMgSeQQ7#SHZ{&^W}$^Ol4=80IAu=X?^F4GSRSLVld@BQ>O z>p_yI*L1I5qgP$-XKwvwTXnuLH`Sy0v6Iw~rE#(L8yGhk*L!19LV7dj7?zpGBT`gNHn-H zm!0EpE3f&+?O(U5tiDwJ?^;~3-=*T;fom7CYyEY5&YyXRC;o%nns2s?OTV8?*7IEV zMWr&MLX3CVZDzE9a@W4Q=PLES|G7AC^ex zZ?IzF$;|> z-T9Dz#{v%X{yZZltI87C_vvwY*BJ}*r)Gu@byD9rFPzGl{z7m5v)?*1?U(}g7)PYFz_fHcqWJkGAi;jEvl@3S(m+n z%Y2o-h0A=cXD>VOWn#y|pG#IqTXN4#JLKUbu(_A*T;{gCgx}9ky!{e)!2^^KIp{b_64_*rJ zRfX$vUcVw|p}7Bw-RFls{~LAB|J{?t^Iozh@@whMtM%)zXrz`OSC0(-XZ_hAn}ELEemIb`_1RUCW1G9+z!8(AG6*joQau{fpM{oft3L#Ffe6> zS(pqM47fo|eijyHCgvXo3LuUuBjbM-P*ibfvoW%=vNN;5SscjW3yf1>_%bpu{EY2i zl#uYaKTp~-eVRm!TJYLsNnQHh6+Z;NdcXA7d42xyx0B)X6f5=LGH6fzS~*=+d$IWJ ztt+0-|GC=e+2UOp(_6j%PJ0vnBg^3R2SvxZW^8hI&IKvFwc~l!ci7z2p3UghnQl#Q z_x_0$TDwAZr-|*8U;g-Tlg5g@F83tA_01Jlxv%>m@w3A<`TO6cRAZ*Gt1)<#v3z~! zb*4~F^Mw7eyMBQyxEDxi2=IP&_3B#p?48KY3Hz1rF}^V{$<=o~74wi!`o;Cu9Hs diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NS_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NS_OS.pem.certspec new file mode 100644 index 00000000000..dba65baca6c --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NS_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_OS +subject:ee-EKU-EP_TS-int-EKU-NS_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-NS_SA.der deleted file mode 100644 index 52d5b8ec8dfdd986a62fd61c8c210425d511f7dd..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6SJ0itpP6^r&gOs+jm|@Ms8LH0|`Sh0}(dnP!?t$-psrb zU03f=UBBS?U`GQvab80c17jm|BSTXY6VoVhULz3K1j;o~HB>fGgy@t?O$BRo4Tuj3 z)e*ZtA zIYhJS$cy9gpS}ug$y`-?)A&8B_Dbn>iAjH3j8)FdT5bHb@7(e)Y5|+Imh7IIGQ;hh z>HE;kyk#6tOTySHwM1HP*bD`W4gF)ccK=dnx_cjTcY|gtJ`r!A*=w_5vU&6~Cg(I#L-^)BnelyAL?ZtKTAJtEM;LyT( z;-=QRqpSG*3eL=lTKC`QP+i|t&6fO!bDzI9j?(=#%T#_p6EhW9I5#li z;1=FZGnXylZ?Dt$ShA&4T+PAm=r4(X&smb(rdB*n-S=3x@SpNm9V;`V98Mm|u8XP$ zi!!o`zp8v#JoR>i#LSBc&z2d*)E!!~%z1V7-1+zau95#Ea{a@U6eGQRQP)}ynjRBb z>tFP}xY6~g@RiR`EGsm8clxB{Sv}dE_fy2{?45@%8r2n7E7{5~JGUp!? z=JHO8H!XFEoDz6AF-Ir+^9RG0zLg4*2m7{pe{a9&{Q2$6x6>rvN?-JQrnh@b(h+T~ z$F@SgKaBR8aUYlYm8v26udsbuNz!SBwPsIK&fn7Pi(39&!Zs%3ox~U%#939O-wAK#CeTCToWkQK-Ey$KoO!-Dm4|X(KP_5 zQ5V&iCPpP>I~iFSn41{+8Gz2>VrpV!WZ3JuS0`HhwRORQ>Fz7${+aMNaN`A^Yb`|-x#|0@AC);8A?0xyQ#ReopHVb>FEgviw1TvV z`yO#qF3dI(PBJjPc-!_rPfX<94&SXG{9~Ni*nXv~_+>9M@pf9v&Hc9D>ji^01l(5H zAX&>fR0%f!scz_{4Pz{-FV7?`rc zEKCLr2HYSfKMM;p6Y~!P1rSG-k?}tZD5^NL*%(<_*_m13EDq%G1;!~bd>I*LPbxXn zb*N2iN1pkb)^q(15})_!tNi3<*NOgPBzUm#>}_Yo71!37vDm3E-@;axQNJTP-qxc& zgz=mUCKD|C=K554z!^a;57Kv`WBUiTJWQWejy7yn)*B!p?x&L!STjT-x z+KO#~nJUH|I?6kDiHq9$AGK%yGntR$;k1Vq*Piucg-t#=E8^-p=3OyPfBFQH7(F+N zZpw&=YCfG5pm8@pLbs@T&F_h;Ue@S_HGB&MgwG+xq+KO67fhH*UCW{%v!!;MB_HTz1P8&gFdLm?o1OG@0Sz z!Ki|!9jnb}m3TJG_?xy)EuA&@Qq||&?68`tH_U#Q2R6Js#M+~_r#^HEPTDHLzvD!xal`{5!WZ@q}#XOnmfL|dRf-h=k%kHLp^g- zn%-Ocd~e{@`H;e+<{q;1(3MN`c`g@owQUsId)mBpi6#>>BLm}N8v`o?PGCsN3bQa7 zFc@%ynEWg(%uLKb3=}{dRYu1DEMf*CY#iEbjI6Be%q(yg2XgoVV-py@j0_v@yh&0l z|FGQW_7d*BE*E|;mh4k55YvCk->JAtcIhGY6g2@M_nsME{d;+j{;0AwD%2HjtIgXH zq%&!@;hCi3{{|-d2PBSUs%&!kdXVYfvo&ufD?}~P`QSd`Tb**h>*3S4EwU!QV0rmA zX~%@ur={)Jhn>HBS9C@4nG-waF`ZhYtH@Wzy5-BU-vSxU0eQb9T`y~KFe)t2eK+ON zb0*PE)A-`H%O2%l+`r`W4wj6~d)tqB|2X8QFm3ka?mExZ9F3C58xAM}C3@PJ@=iVDnv3)+F{KcH#^YkX9$CWIbY0_J! Ja+BRU7ytkeDhU7p diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-OS.pem.certspec new file mode 100644 index 00000000000..d129c1f3a46 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS +subject:ee-EKU-EP_TS-int-EKU-OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-OS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-OS_SA.der deleted file mode 100644 index efd8e70fe93d5ad0936b34330759a1353f8c8596..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6SG?24g+2`POUbNw(q=*jNGgY1`>v11|n?Cp)AZiyqS3= zx~|@#y8glO!Hx!U;=G0?2F6C_Muw&)rlwKiyhb3d36yJ~YN%|W2+=8(nhMtF8W0~6 ztcz+)6QdHcos6su%uS5^3_w?LF*PwVGCcIL4frYTV7n|;fkWZG&?)1PSK)q7yDD!z z-CJ@z^52Cb`Q6dC{A!X-*=L`BX{9x1g8c!}HTIkK2fK%USv%+SOWWx(b4<=2*z9-w z$NrBOZ1y~}$+&o6hLu0-g`cmU&MEh<-Z<^Vb>)=D7k(VEsChFj&p|=B^zh3Ia=9VW zr>C22%9`0^-Mrc5Lt;pP;i(e-z&BC`=O&&!6)54G-FC73&hF?{AI?vIvU26|snrY5 zu9-4H`B?SuIjqwDzSG=vGM{`@+?o*fCt!-hkF9!Z*(;{Yv{a>;n5S)+c=YAG$6r?I z)VSS_lw47LMrL)u3DvvHUD=P^uQ~oM`H6hlu|IeJ{CRl3b|MoqBLm}N8v`o?PGDfl z3bQa7Fc@%ynEWg(%uLKb3=}{dRYu1DETE|3&}L&~Wo2h(fwMS}!xtE*!0=^cm>05m zO06N|f*XIV^}^oEe{@rs`LFTe`(=B6^_R*!YSuD}*ZVO?>i-i6Hd%2aR7Ov8kJP_+ zAC#l#oENE++H_z+`JZc-*_01HSH3H`pJV^&=2cx4dV4RmMwU0`=@+k<{-ax1-txM; zV10b{KaI$#dMisAl&)Fv3FN(gpz->bbsGDTy>XwX>h;ZlB+r!LxUBzPtJ`R2tHS|N@e3*|ox-sZW_vP@CvS7N~Q zx$k$RteoVz;iK}4O-IgM_TINXwdN6*)v>h~mVErj)>ZZKHQT}ZLqZ)I{FAI|yc!OE Lu3^2le%U<$MJ6fGgy@t?O$BRo4FGD? zMKz|0Q3=^jMpg#qCPsb+psTo;niv@wF0IbESQxOlL|=XFVd31nOCG*#dEu^FoSgAb zWD@(%fNqHy(dE@TUd_w6l?&#FV~CVL2f>Cmq@U(9>s zypny8IfHrp)jNC4QrD>@+egk(aTAXU;K@bhx3{}b85~>mqlFV6DjBK`LMOFOi}!W z>aC9NZ)&{q{U>qXuKzsHGCk?_6LThJMh3>kHU?G(oWQ`86=q>F zU@+hYG5J|on3#jbpG_=O;yl}R&kgR}9J&SA3xjh$O`G4wH?N$G0Oq;jnwAAX#*Fqm>K5IL@UU;kF H+8`?cSJo@u diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-OS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-OS_TS.pem.certspec new file mode 100644 index 00000000000..31434c4585b --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-OS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_TS +subject:ee-EKU-EP_TS-int-EKU-OS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-SA.der deleted file mode 100644 index 8b88606e9a092f2b8df79cdf3fda708c76f303ea..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6ANSi;&20AHcqWJkGAi;jEvl@3Y`p0EH6M`Gs|FZvCJ%z=H`w)v<>hJ3%la?-ZvwNE0u~j=?u+vt2 z+7sV7dceGiVJ36lA9(#pRFPb7DpZeoGdi9pQ`E+=GQ(&^h zgN$t}(h7{%PFBup-gMFEMQ7);i@z$be3-~JXZw*al_Cj`yrtN-N^Cv7b&tZL)*Zjx zB+RC7Q@(4*)UhyhRk26z0d4<)jD$-Ghut-EV2(*My(=FjF)rGA?B1Jb$~6U5}4*H#0|M&$7(&=r3?rt!#N|KH+Iv Ii~U%#939O%2SV#CeTCToWkQK-Ey$KoO!-Dm4|X(KP_5 zQ5V&iCPpP>I~iFSn41{+8Gz2>VrpV!WVpOeC&gCWeUnkC-L9EzIQfAb3_?@bRgC$X|GysfOunmu`L>4sEKB`Kl$navXAbG_O(L^UkP zIr-&rXj`=Ap1-!f93`3`Kh>`LkaLQ^{Gi6_*{{1EM|V#>>;6Ms^TP4ndMZ;4&KDW$ z9`{m`H2%sk<(sCD7{8C`@{;Of^YaX!SeBK~Kc?waz$#<3#N?;(=8~qo@3sP2jz?X8 zTz<1f^ncj9#j{u|igo^d6nbM#2@FhGVHPF> z1_N#olb?l!nTh#_fdYu5%EX+WWGZ$L8_Vq8{6J;J(Ca&Z-*~&S~WAfeyVhKsz-^*|Pjk>G! zaV1yIe73Err)L`JDmu8mTo`&od#}Ef-nq0u_PPA)vR11E2p@dCcBa4mt||6fMbqw` zW-;l#X;(M*jkrPXCXbtOf3;SbX{M~_SYH0RHEZ$Px&WsY8&#)mJh+@;kPFYjW=|TfzJ4ZW$+&PM=UR{%4kUz>nkCgK6c@KUbV*J!UJCpj zd4A}bHNB%IBu&rfqh(&l_gOQh-8&HU_KxD=wHr$3zFupz>!+*Zme7^6O?MeAEntqk zwfV-`&-oXh9|?H;eCnF=y7L;%H~3vIh}xC$?9aO)Wd7t-j6uLQ2d2mtdHqBCWjyA- zVRMQ5-}%1w?jByRz?~cGiaKxlzx5BcyZk$K;-;%}lbM(q85kGa7+4u_0z*<(n1#uJ z!GIgYt4=QdC0i1-im`_6%|=;vKUuSln}rJ>zGBYt;5^qhReO5iF+s&wJNuX$csPXR zYZKSk8YXS|s;G7QS?ia@?Oz-AWCeeH6UuN-CL(k1?@xChO@6B)F?}23mGWB}+pqV; z%KJrTnyzcUvVNWDtk^xDH=o*QTQC3k`Pao03;G{-hdgO^?(;Z(5ce|^m z#+plXaMtaA?6Xj^ZL_?#_trvI{VOgzx>%|-S8KP5pJ(5>)ubVIi^ekJuSWCF&$Usz zESdN;umAu6 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-TS.pem.certspec new file mode 100644 index 00000000000..ad25f7e0068 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-EP_TS-int-EKU-TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-TS +subject:ee-EKU-EP_TS-int-EKU-TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:emailProtection,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA.der deleted file mode 100644 index 89cf14593344e9d9e7c14962dedcc8a1d3f7d4c9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 722 zcmXqLVmfEg#JFt%GZP~d6AP2Zv*`xBY@Awc9&O)w85y}*84N@Xg$)GRm_u2ZdAKt3 zN_1VlLv@`U4dldm4NVM;jm(VIG=x?9CwfV zl7}px>gJx735nUaC|X;X_R9+|Tuxf`Q=y){WmhUQ!vy__mXG~G+w5(b>WfRq(xVKQJa z;07`ISy-5vn13LL9x$qap~uJ&u=~i59g41&#jn+U8C4tNwC2dTG_DZXXj$B$wCw3@ zhlE`$_PuBJi^VzpwoAO-wf1WVf9Qd3`4&mZhoUk$uZk{+R#fI0il5pL6dYu-NpAhc z@Z%Nd-Y@%{x_qY4X{*XQ--k;?7A>2#u{R<_wqthgk%>+oOJ%&@NSeHoWUjLdIAO8s za{$}ct8!WkU$2^yJ*!B0?$gp|oX?KsR&EMYm$Q8p`}*q1E$p*aw>|#heZa%Fpl9hV z@r22zCIxuQ+C2ZnCU4qb_^J1f=q0(GEDD)d|I5GcU6&C4^w`ut1rviea})<%bzSgZ ie&MXVmHiK|FE=f-n|?{R_FH+_HEl%^-_(oK-v9viRv)1N diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA.pem.certspec new file mode 100644 index 00000000000..29ca65d2433 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA.pem.certspec @@ -0,0 +1,4 @@ +issuer:int-EKU-CA +subject:ee-EKU-NONE-int-EKU-CA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_EP.der deleted file mode 100644 index ce1035fdbdeec30ec10848fa7f3c3fdbea89312a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 728 zcmXqLV!C3`#JFbxGZP~d6AP2y=hp_jY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@`U<6Q#`~U%#939jZH10#CeTCToWkQK*dnWKmnptGBp*f(a+z{ zRTtHiCPpP>D;ZfCn41{+8Gx?hVrpV!WH|Df_20xVcj9D@XPygajw-Kqa($;=I5Gc5 z@O7(IbN=3P2>jqXC;!WJrp|4@m0s-s-E*@2#hOd0$7XGruSnUvGGA?;FV6OAy}MUm<&Lt?&yy!Sx_;7V)wjU9 z8=VWDGM&7|RJn6 z!TCl%&MeaYo*AwY;;rvcv|ahIO6RBgsTWooJ=6DnpZWRkm4m+eTuD4%`otac=7w#5 zukB{6{V}R(*{XQ$RE_Sx^Sv3FZU~)aE!_Ej-LpS$eD?0V%hAg6?&^-C6@`1f mgYcY}l diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_EP.pem.certspec new file mode 100644 index 00000000000..e0c5e1e022d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_EP.pem.certspec @@ -0,0 +1,4 @@ +issuer:int-EKU-CA_EP +subject:ee-EKU-NONE-int-EKU-CA_EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.der deleted file mode 100644 index 438134bccfc144afaeeb7ba68310cd107a6d1025..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 752 zcmXqLVtQlH#CT-^GZP~d6AQz&Bkl&gY@Awc9&O)w85y}*84Oeml?)Wvm_u2Zc_cIQ zN_1VlLv@`U<6Q&d{et8DgX4o8<3oZC~U%#939O$-d8#CeTCToWkQz`#(? zKnG%qYHBLj5I=uES6$pDHZdw8JB5*zfw_s1p8@DvE~X|%MuyirEaWy_GPGP<{_(zG z&Y!r7Yk_YcFPvD)HevB{=DEp#?wc>s<wbj-gH}^)oG~M@eN6OU1 zNME1K%5U3^F8VCpvG97-lFv-hmv@SsTw@dG^x((*vxToDI|O$Ktm8O0fp7B^;k~*| zKd$*QnRRAWY1v2|+Pvw!=iJbTZxXK@+2?Sr?0}T6jKi0%mS;XQ{$w5#GOvAacS-8O z$EZ!x`&v__YXTN!h!k$ya-Qu|WX}F~a~agW-TA>YBY%pz$o37tCMOuUy%+Nj z&4^u{{O0Ax$7>TigR_3w&&l+ZZu8_(OSGS7zTx|;ze;S|vc24E+K)cZzE*LoTJ5lb zlc~U%#939fpnBOuMvoA0_7U07%CYkKy*r`rh+y4`TM!* zqMFjgsDx}KBP#=Q6C*zZ&{bSaO^l2Ti$u~toO&;HyV6=^o&Ss}p0zR2DXYJP{QWzz zIKt_!?8)ylD#Uh4yKX&^_9JCkM(@{dx7P+HXCCw=FH(02Z|J+!X#L`c(HwT>NsDEE zt!84Muyg+2N`IwFLHSE-6mM2;(-+lH&e>WPS*KDVawqAy>hupSTs(0n4w`4&i|KX# zUvzJul5pCTmRofuF3Yl*JWn?09qV=LXkNtVn*8=%^x@TS11>OM-k?@_)cV!jP$8MB z%Qc!m?(W%_vN^@>ljw~Z8(bqex*GO3eJ#70E9k%0hxN~ahyTNKe739A%%3&)9^*mZ z?_$^LIwrPS&UfX}Ecvls$xN4HI^&mLOFb+4pS5)@;$>oHWMEt@Wgua|2@FeFVHPF> z1_N#olb?l!nTh!aa_9jg3>bQh3>o}?G*(^wSMcP)!rohA?jM_9Kb9On%@Mq2LV=#E_3DD)yAvMS1fS_T-q_L@E3K^bIq2f9 z*0)PHUNoKLT#~vdvpt-pd7i!DDT~P_>D$fk9x?smn*Dyh;?>DLpZyOuwgjt{`g8QG zTVvY6kTt`U!RF@YTVW}>jCEfwo~+T6QHhK0C=Y$&ENbq5qxszLuHNmuC%C43e(~*c j$fPYM8?K*!Z)SCl{ppr3Gj0eRWPW0&nNt2Ye%31h`64W# diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_NS.pem.certspec new file mode 100644 index 00000000000..716e5456e3c --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_NS.pem.certspec @@ -0,0 +1,4 @@ +issuer:int-EKU-CA_NS +subject:ee-EKU-NONE-int-EKU-CA_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_OS.der deleted file mode 100644 index 1bc090052bd5db2d957b2602024e6122b9edda9d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 727 zcmXqLV!CY5#JGC_GZP~d6LZ}%9RprAPOUbNw(q=*jNGgY1`>v11|n?Cp)AZiyqS3= zx~|@#y3UUA{=o)v;=G0?2F6C_Muw&)2If)Xyhb3d36yJ~VyI-G0MRL#nhMtF=kMpL zi)u;}qY|=}jI0dIO^o~uKu2*gH8Cx)8HoSbTKY4W`ZiA>Cl42+AV3?vLVfng~t%)(^A zV89Jx^0TloGco@_4n1Im0Yi_Gp~d`>!Zw}*S==gRp_zqy^fzAM3bKnauWD!cz@xSB z&-*`nAE`f1SiNwr!o1qgAxHa7-Ty~6zb2Pafgh&g{(=Zqa{Pbi=~>_JmIRpL^ZwV}0uK z;I9V`J>C5Mn&6vvReL&0ey~U%#939O$-g9#CeTCToWkQK*dnWKmnptGBp*f(a+z{ zRTtHiCPpP>D;ZfCn41{+8Gx?hVrpV!WZ1oMI`hP*S1q-g_ZKo<=9J2xuqozsj^wh+ zrzNY5vI;p&qHcLIp9v5Y@^KanDO_?bnZGURp;noGn|!HEL#yW+)t60LC$=!#JLR6< z@0J%+*Yj1k*x|~1oju9@J}Uckk9NE7>v_NO{~3{!J}38>?qv9^vG3foi#vl)vsJ2? zS3LgwW$UWrYDFm*)00%ct~`@&|8k>ne~*shjf-E66EZJ8Pzt{6y!g|KSxibV&cDgy zoAN$}>(sBcZ)2zGY~b^)&Ya_Y@s48cG?uRyf5dN$Ys%fEp`2{__kxDnR*SV)yxrc; zY2%>1oP%!~|-i=_-C3^;*dDJ#sv zWWZp+4Px@MurM<*|3D5sV1xlfkC8!i*}M-Le0G--jvGFj?R2M-O@BhWT#yOl{1z|6 z&}+W>c4zk&m+W2e#cD>!LQd^zB32WMPkNu|;hQQFK9yzKe)pY|+%LyHbGxm>qTyFF zC3!;8yao4fZVqwWlf?AxkJ@+Dvqd#Lj4STvr+XIp=xP5@dG;($S!=%3 zp9`J+i(hQ7>AD+&R;T~Aa%B~UZAhD1w42{B`bXNYkU1yh@+?^U*YBvE_5YYaZ?xP3 lshyq{4_?ha%fI%6`=Pc2d^3&~um4~U%#939O$?2r#CeTCToWkQK*dnWKmnptGBp*f(a+z{ zRTtHiCPpP>D;ZfCn41{+8Gx?hVrpV!WZ2qN9aInzEo$+6ZjM3TmQx3w9G_>kC+v7c z>GuoS>2t)_AJLPEUp=8UZ_3k~$8rN!Swy|Ux?fxgRr2J=jpDSSak36MN30 zt~09e%g!E&Os}NBigo-Yn{U4qf84P9xXG>uwpJ<2!!PJFF*7nSE|xNoFyI7+rK~Uu zlL3PPH;Bp4!otkN`~x}kfDr}^Jw^t5i(dOvGq34hJ2%DTQgB!NMYoBUrm7w6yeBKn z?|0>KzV8E;1I{1+7>j+({?c+!Px0=7O{^EVwoeubjY=(aqvl)ZvpuSMvG&s3g<&O* z(-g%w-IM+}+saDlD|?ej-&U7h^DN~qrC1rR5P$H2iFZ-H&t(?x1ARR!Gkyr`9s5+V lNBhlgdyA&>_L-6lTAk*``z~-^UuXHsO-k=Ub#mk{X8?plCg=bF diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_TS.pem.certspec new file mode 100644 index 00000000000..836a310ab3b --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-CA_TS.pem.certspec @@ -0,0 +1,4 @@ +issuer:int-EKU-CA_TS +subject:ee-EKU-NONE-int-EKU-CA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP.der deleted file mode 100644 index 634ad5b05646f31db5a789745457191605d37e92..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 722 zcmXqLVmfEg#JFt%GZP~d6ANSX(JBL8HcqWJkGAi;jEvl@3C*s76?}`G&=;-%1Q^T<_=HxNE;yJ?iAlEk|c; znZ$a1Lc*@>Uw6NL@1GX^p=8+J3;iK_KV0 zx5DY;Oid5Y`p>9+o8?{XzwPelc!wZgZSDz+Y`^VjG-qOFWMEt@Wgua|2@FVCVHPF> z1_N#olb?l!nTh!aa_9l03K)8f3{So!Y<|Xgb4#x8I^kyV(_UIL<0B7d&E0;}W!8aX z(%i=tcvmC@K0Ye*^}^wpL&k5+1=wExa&A=p*UMd^yzyJb#)nMRUki&?Gkkvjs*L^Z zA+Jr*`!DXkGQTi?(Zm0e-8yZ_OZMFtm~Upa;E(&2=QB3U{M&GO&E%^18FPH}-ui62 z(3YUOEv@LV4 z9l6ny_IZ|ArfcWq#cOxft(7e}vbN>Q#0z>S(z&e4S9ClR{QR@h(@LpSaMmm(!IJYP l?-x&#m9Sm$Z{35%0w$aG2|mm|*JAivi|xk|5s!SGdH`|CF+l(T diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP.pem.certspec new file mode 100644 index 00000000000..31b7258cca5 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP.pem.certspec @@ -0,0 +1,4 @@ +issuer:int-EKU-EP +subject:ee-EKU-NONE-int-EKU-EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_NS.der deleted file mode 100644 index eb11be31c8351463feea5cefb89d4c9e685ca420..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 728 zcmXqLV!C3`#JFbxGZP~d6ANSZ`*jAqY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;{AdR~U%#939O^ghp#CeTCToWkQK*dnWKmnptGBp*f(a+z{ zRTtHiCPpP>D;ZfCn41{+8Gx?hVrpV!WVk=)zRtGvBPU$$bxr&!lhN30x%|A(H_;sp zANIX7Vn3MVWaG8l(@grS)3o$U>l+@;*4S*sy1(+;Zr92E9j9KbS`~d*@Bf)&s^(!+ zcKR(_Ii*J3a9W<+iB)SHeoZ~rHBHBU)AaQX?ovm??*04z=Ujb4zP7<8rj?)BC&|=b zInY<9nKbc-m-hE8!5a6rxPX1LbCH{5(#Jlko zwlf&>e>Q1yeqN@?;!&5O)^9z<%{RPezJ9XimV@bQG#fmAzEZ4Aetj)xWAnSXkJI!w z++*hrd_A4t%ueJ$-ps|<7;NY6y=E)0sVQCN`k|f=jfD<}nV1tIghJDVN$)Z9D4A?GJ?iYpk2Jqg#;YkZtDl zV!tn^OU4|b&bUz-u~xIx_I`P?AjS0*D-&a=l}cpo3jOu%n>4svSPOV z-u^ysmy~YAF^j?*cJq&J<6yGyC^>gKW0#23&!-CaR|cNH+WzJImlu!c>@waia)4)v zUae~LmFK)FNqHw8$<-ZyEa7}B-9@+O3Ny#VtR>Zlw=(`T_$vBzxgFo}?ARTZYFX;D nQ)64s-i(;&n8MC}RQ`_K3H{>5|D3lizHi3)&TrOP)tQn24OlS? diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_NS.pem.certspec new file mode 100644 index 00000000000..733c813e2a4 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_NS.pem.certspec @@ -0,0 +1,4 @@ +issuer:int-EKU-EP_NS +subject:ee-EKU-NONE-int-EKU-EP_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_OS.der deleted file mode 100644 index 0ce029c4a4352f5e96b2b63f24bd1d38a8a4faf3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 728 zcmXqLV!C3`#JFbxGZP~d6AQyXo3#eKY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;{AgS~U%#939O^i&U#CeTCToWkQK*dnWKmnptGBp*f(a+z{ zRTtHiCPpP>D;ZfCn41{+8Gx?hVrpV!WH_E+GJZ|BKHpxkFtv|5sf2Oi<_A33yuK#~CtYt~NAj=t5aKxPV%jakP|F~)@wIg0t zU7fxCo+ihq_|LbP-n-?>7B}#a1U+uWy_Dxc$bG2;FDgM$`8@oR7JXCOlE!;Hkus z^G%I+pC7ofC4axnxdkd`5Ax_I7-X-Wc0_s7vAxGd?;r18<8}P*m0L1RZ#z5OSPMg4 z3d%z7OwYN|!gH+dbBTG5z<{>lU7dKL)jcFF{u}d5B(oYRD7K_$vl+v zMb2fRr#gLw_mUp0?&OKwy6(uPum`U>V=uHlJ1HOiSH#3!YG?4rmrEY<=5i}q37j(d zvHV)fMok%snYyR1y|m2rT0h;b$x_cc!f-e1iN{4PVJGi#bFRO^AM)#*YHNbj7p~Vy lA3XTBIIKL*KI461o5*A-v1)y34Y3kl9kHWQ!c#-Lv;nQwBV_;p diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_OS.pem.certspec new file mode 100644 index 00000000000..9e25214f999 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_OS.pem.certspec @@ -0,0 +1,4 @@ +issuer:int-EKU-EP_OS +subject:ee-EKU-NONE-int-EKU-EP_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_SA.der deleted file mode 100644 index 1159b3c04081b8778921ca6c581069e27b3fae35..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 728 zcmXqLV!C3`#JFbxGZP~d6AR;vj#UP{Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;)5Lx~U%#939O^nQ=#CeTCToWkQK*dnWKmnptGBp*f(a+z{ zRTtHiCPpP>D;ZfCn41{+8Gx?hVrpV!WH>PW?1V#GiYk=k&Fk;ajR{JB-?VYvTJtIT z-l>T7MQ1uw*kzOM^lRV*!wSR8#l;JwG;&2oinkL>WY2#DNm&i%T! zzx~9MZ?ARv9n&QYb9+-y>dgtBcdB@6b<}AU>$eVD`cJa*t0-{ISz10t)ND$BT#;(C zMvi0lr%hU_Ip;QCJdvTvwm*57+8e!7v-{3>{N#Z`8^7rMk6d)ce@b1u{R zC8f7>lDhJRlC<^lcT^c$4{i8i!oNT3a?#DWdx5+TI!4A!%!~|-i=_-C3^;*dDJ#sv zWWZp+4Px@MurM<*|3D5sV1xlfkCB1fN67!kbtZF(U7DM?jAn5JK1~U;OL8@oYrR^) zHMQiz&8-p-xI?brolyQ?XNwo(!+f1f*;AIMxW0G&G@&!G=tM-{f3a>!wP)tMzviD@ zef!L*=U=(x55+L6A3hWL>;5_S+^ZSx`}6I72wE-3OVhMjYxVZwFNToUz6!#pZYOX) zm~o-i>+Ac9>nR%>-uL;-{mf;*v;Dp2Rgr3U;eab#;j44~Vva9Aeewz8N6*47hKuH@ zEn2ii%9VSG*^L4Yv!D7AzZz!6PiVGCe(&&C;#9PwMo+H%+ymQkB>7lBeika*wp-!s l+~niT39Ww1wsKj_>TG+G`m7+~$5v0am3K~kYp$!B2mtx2CTaix diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_SA.pem.certspec new file mode 100644 index 00000000000..d6ab1604dff --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_SA.pem.certspec @@ -0,0 +1,4 @@ +issuer:int-EKU-EP_SA +subject:ee-EKU-NONE-int-EKU-EP_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_TS.der deleted file mode 100644 index 9bd8057f0419d51d930d4bc1a10ce032f49b07b6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 728 zcmXqLV!C3`#JFbxGZP~d6APpK>RAT7Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;zNQB~U%#939O^gkr#CeTCToWkQK*dnWKmnptGBp*f(a+z{ zRTtHiCPpP>D;ZfCn41{+8Gx?hVrpV!WVrgGnN389_q>Yzl?#cr*EHALx2?6?IZO1# zqM|3dk54Q#(jOg#5_E# zU;EvfiXy|^dzyN9XZ}BGe_bQG`6*=AHUb#glMbC1-#kR3YC zQ+CZhI;(8Tgq%~$&+VMLVE6VrlQ-A;yfUp9yTtKx!48&1{JMo}dxd3Izjgi_GRbpg zV~SbP&Z!phSt8=6BWjJN{5#cricy%*k&1?Hf1u>1wOp{BAsF z^Ws*$8Q-O{1P$))IV`GiV)Oo!*`HK}9&t;>7cQu{uDUzBl!=*TbYt&@3uWXr5r(kS=;5*$ljS_kVXBpSdcerw({;-Hq7Ex0{a}y*!;XP2sWpL-zSjhvhfsEtd4$wc(fP-SRH`Gtx~P)f8$P z-7J6BeB8e1S^f1?leo%&xLvn=p2$YO`YIurxQyrVj;Z@=-K)g@a6VAb^*`|D+tk2c nHpL&Fo~*bOcBL~YV2av}{`4@3hi2W$oG~v7&1O4Ju@(XVeKsrr diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_TS.pem.certspec new file mode 100644 index 00000000000..88bcf0e455c --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-EP_TS.pem.certspec @@ -0,0 +1,4 @@ +issuer:int-EKU-EP_TS +subject:ee-EKU-NONE-int-EKU-EP_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NONE.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NONE.der deleted file mode 100644 index a45857e8a643ec2a2f543a493828e356a873df98..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 726 zcmXqLV!C9|#JFn#GZP~d6APo9^Kk=SHcqWJkGAi;jEvl@3`;=G0?2F6C_Muw&)#wJnXyhb3d36yJ~Y^Z1;578)*nhMvai(*I< zqY|=(jI0dIO^o~uKsRwQH8C-h4VT>0Iy9YksL# zKYJsOM)bQK{IcW5_T=>Kd8H<6lIK+WKI+tw>5E-vm2-t|S*LVX>f1;56-(M| z&AE0&e=dDkalXpUEw+A(y2#-@edaC>b=`UfKhE4_@e1t975KC8hr9Vb&vVg{pM~^O z7?;aFaq#3nDHXl(@q4Ko>0dry)=zMiIM#ah$d*ZF)y)4Q+)l0j@pSS}F^k0u*f*_v z5F-8TXSV%1wzho>&rj)nv0h=-irG9TG?}ljbDtaAH)p2%g}|2@7b4#N{3iQlZ!>e# z@*f*lU!HWWG*a{as-Qa)f;IY+j;G!GcOz+GUS(b*6EhiYZ3bY+)ILl%$tsv99I-8nWjFDkjpxA5!T)5k1xg?7s>EqYzM*>K{Nk5#fu4*ina zcf0Cu{jQ&P^=2+wyh!VN+&TM$|EImm`@qq^Hp*FO^1Aykb5==y&@MS6&T_svq4!=( zd$ey>=Iv)J449~AJ&$Ky=vmWtt4u!#KW%Ms+Y_4Nywo70?PQnwQ^k|KrnlBDEfl`I&p_<>=PsX( zflHqhO~~pyCz{=qTfSwA=nSEC4-e;D-#z`t)BpTudml}=Tx0ARFiC&T3FpK+O%msJ z8yyaPw>UI1^d)P|$&}O4%XhfP-0S``dl!@Zjfx&;CT2zk#>G+w5(b>WfRq(xVKQJa z;07`ISy-5vn13LL9x$qap~uK@Gx*Gkeq*7_E8cX!`?4ot-4tVyCV_`r1XCMMNcn5} z-<#I^{Ic18k>F>SL{vpmE&9*({@rA^)zVMzOildLf~-@LdZN!yc9yxF5|QP)={RSj zRrjKqrJl=|rYiPYMHexf31z9gcrei}NT2WB36a3Fb#8Yvjb|3!+w!(EMK)>U6#0|q z6t2&8F@M^AV&{}^T0i$Kjn=Qbz3!!DCC^%hoT!WQ`zPQ3Dt|`K|7Yy6iv5$W=AD&_ zn$srh7JF~n+*dERb#=%ZnYQ^ocJP{Ypy})5`KvzIt@*fby{PlAf07wNE$bJ2+46B4 iPvofumWzCrHb+DT-2Y^^P}f|2M^9QmTaDC>=D7ed&@!C> diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NS.pem.certspec new file mode 100644 index 00000000000..381f8cf103e --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NS.pem.certspec @@ -0,0 +1,4 @@ +issuer:int-EKU-NS +subject:ee-EKU-NONE-int-EKU-NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NS_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NS_OS.der deleted file mode 100644 index 633c0b7f635c72aa457e4ff73593ceb7f19a806e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 728 zcmXqLV!C3`#JFbxGZP~d6ANRL)++;EHcqWJkGAi;jEvl@3d#^5Kk%!z>zOq`D zRZ?H}{0skkEOAo(vjf#ykMyjCa}7DIULM?c?$(0Zx&1HS?Kmae%dn0mf2Y6x4BhZ0 zcDfw1_cearVP^GNknwSV!v0IkjY>{(>uG;Kbj9P!x8&K%xX$ z-gSF2WK!ntZgRd5&N5%CJ9@*RscQVzQ#ZHiu4_vbO>3QBz5mx@J*74B7qZ$Ke74)! zO~3STy3)J0Mop6yn~QC<3@msL94iezHkoV2o_uMM{dW&o7*#!2+Lje(=r;9y-|K>9>GcqtPmNJkq-~@)HtS}3c z0fPZIh{?~w!py|{13C175e5uBMux-ZZN!uJdrbdR<{G%e@X6+lN*l|6GO2aX+aMU> zR=g~v_wn%?cl}RHZsNN)`)qzbM|9VD&#CcURmz`bH%{2eJ9~W(%Uo`rxyj3x-LyRP zu$n{q-~&s?M;!r&FBUn;E#4irTru{-vd=wIvhUX<+f3G-aYu{e?Je6{mkiN2Ukb$+ zUrG6#ee}ZiFORp~Sl8*W=JUxX4%rOn_II=KnBSbR=1S21FRT3-r>*HTQ0Gr>{1?Bx z$tv)t&wkmz&Y4Lrt~U%#939O-xLq#CeTCToWkQK*dnWKmnptGBp*V(cjNi z7uA#|MkQn`8Ce;an;7{SfUe?VYGPz$*doKZRc?#Ed7&fH%I|+7@QPvm>+Mw)m+YUKeic~%_R7Y1#%|dqtDa7lu$C(N z&cG5<#r4Z*YmwCSzSMQ=H+1y*Uzpg!`J&c!bC&&+%sdC4*1xq&;&(ADe*Ib9*yOup zWW<4DrwG@DPIF&`tvqzn@$<&uJAbk=&akDQX7Va(eC43>{_7SI{$+WWb@se0+7l)l zzFah`uCRaejN43gCcExF;nUG5(mMa|@HwsU%bA>Mdp4!j%uSjgJK zb4K&>&Hj4&ktsS>o$UV^AAi~Kxb4w-_3kBWO_hBgUv1oWXr|nIK6Mt!k85t2ExMrH zuXXdmncs__G5bFLJ%>vqC)W5#=!fr9{7w2acWqERee=S{KvA5QhR4- kd~7)0<7nOeId@esvvc?Q5|PNGM|gK^>nM%ujquI`0LVZjGynhq diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NS_SA.pem.certspec new file mode 100644 index 00000000000..0f0cb27db93 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NS_SA.pem.certspec @@ -0,0 +1,4 @@ +issuer:int-EKU-NS_SA +subject:ee-EKU-NONE-int-EKU-NS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NS_TS.der deleted file mode 100644 index 738d9c074d9a962abf0f9f1675f90c1bfcd21a6e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 728 zcmXqLV!C3`#JFbxGZP~d6AR;9-FyRHHcqWJkGAi;jEvl@3SGude86enK+sUdq+%-#=_= zn)Bhp&xFVtrqvxRb(OlA`~Ms{)_C;g)#S-;ER{P$Ca##u%EZjbz_?h-K*E3%7?!fa zEKCLr2HYSfKMM;p6Y~$`&;v#oF!UH1dQW|;c<%S0`^Zkw(|iXWZPJ*MnRV#JM*j=F zysyskrDeYUccb=O?D3e1ZYM=scK(lwGZN1fOO|*&yT2e`UFT03=bBxzQ$wSok_5v# zq*i6Mw7ZsjUrf1mu5+2@^Lz!tW!u=JTrX;sey=Wgs+_X zNKWiqMLMfOvCvobl~@0GvUu86o^F18&h8qwO?m#V*FTqi7yKr0_vA~FmlJo?zMIDw zyQ_4=2XzhwhFS&2W6KI>mrZ=CwLR{N=CuV&CTKgwt&r#bc)LN?W^cm1d&&l{Uez!! nw_JZweU~l2Tke%FJ6I)cH>982JoW6C;A=~}Hrbw&@>B-^#bq&e diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NS_TS.pem.certspec new file mode 100644 index 00000000000..95856eaf4d1 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-NS_TS.pem.certspec @@ -0,0 +1,4 @@ +issuer:int-EKU-NS_TS +subject:ee-EKU-NONE-int-EKU-NS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-OS.der deleted file mode 100644 index b955b83322832c219a9523f1518e31629ac5026a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 722 zcmXqLVmfEg#JFt%GZP~d6ANR+pNj^(Y@Awc9&O)w85y}*84N@Xg$)GRm_u2ZdAKt3 zN_1VlLv{Uw4dldm4NVM;jm(V~j)X}@(e zVp>D&oYPWoZ@DR$_1;lkKU@5NZSf`DQ(rzEYF*jBK2b~P?y7jhkE^$5hb%02csqNF(8h;b^j3B}>-D(w zYxU1vlL|N{loTesv&ejv>??F4ZuB~RBvN~>^@b-`KoC|h6AUx$ugR8xF%%U$!8g@tD;}b&t_s~WMEt@Wgua|2@FVCVHPF> z1_N#olb?l!nTh!aa_9l03K)8f3@smLe;1nYDAw(c{>qRC5&vScS)b_%DfluRh&j0Z z;R=aB3D)wHMfcZ*#cen<>o@-{g_CSkgvvdmE*RNguxe~g<)6RF_3NG#m36ZGpMKot z-zvND@!N-b?={({-7+&;buhIon)6KE$-2|iUx>Yb?AF=5VZ!R$nWfr~k1NJAwmXRb zw%faYZo%iE86vA!|72O%$o7Z#+eP!I%WF1FvEP4TvW?Qx0#A_%@tdd#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+kAv_+Uo^IdNV?69Z!-b0b4j6I0VDab6=3*96KnP%%_8P=M%^OicxA^z-*~ z)kQU>iBSpJN=8-&<|amd2B53Bn3@g zz~45N>HN#P*B(bM<H=Kz}tq$IiW>&the30aLFRr_T%Ej zef*j$B~M2$toZxtpsES`+y9pDY%fIlx1T;8x?@X>{ITPjdGn^P7cc)TzA+Uf~A124^4wr*ker!tLsa_>72H>W&`mSkdPWMEt@Wgua|2@FeF zVHPF>1_N#olb?l!nTh!aa_9jg3>bQh43=kiclOWp6+W?qIq%2vwM+`zx~1FlyH)Sb zn6&dAbI;c7DavgeQ9!ByEzbWBXxv z?E9*%HzsP{TAPug!TrQbitoHM*R?fq=k5P*zO<+;p(wL9*G7&zL{m-2KF_o$-}&*H zhO{dySo~NR7OdmYD6882VbkoHj+)l9v|NK1xEfxx>e39{(`$D1lklNQz3DTi{_!lj zweakA_u0Rtten@FFy5KxRucQ(Zryn=aSkcRgoN|wPKz$#H&s4v$C;I>XB(M+W2@!y nZyV(v9kxpHJi4^_nig-g1k2@&f0G$CH%Px|6x@IM;p}e!kc2MX diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-OS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-OS_SA.pem.certspec new file mode 100644 index 00000000000..d9ba67de348 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-OS_SA.pem.certspec @@ -0,0 +1,4 @@ +issuer:int-EKU-OS_SA +subject:ee-EKU-NONE-int-EKU-OS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-OS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-OS_TS.der deleted file mode 100644 index 5f3fbbaa54eb4637568545281e1ae00649520042..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 728 zcmXqLV!C3`#JFbxGZP~d6APpA_FMyAHcqWJkGAi;jEvl@3JZUTOQidePgXR2b_nFf%yf)8{0{fP%KG6Pa_XCv$Ah zGYLyv7O20WHB#@+qj2Y=Du<&ksAR4e-Te67Cy(He${4S=5r0-M;(yQ9EwBFL>d~Fo z_ustKWv{aT*Xgfo7MwpX85zN=tbOW68Plq$#EVs1bS-#W%aSSswa=cr?)2i2u=AL_(sl8Oz890rAutQZfjndTyS$yz?;^k zA?MEc`I>ndYCQC+>Sb`RvP}8X_Vi-hqpDR*{a=r6OV+bYeCw*S_^9QHg7ojDGj?t; zI{M^kf_+2oS)&C}73EKA_N^>ge6e6j7sC?;-LP-gdjGzk<%>&{`C{YbnEoc}SsGJ( m&V|(4!YR&7uXL|BC#Ut;3(btlwOz{dUGmO>8;ZArj{*RU6EtQ3 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-OS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-OS_TS.pem.certspec new file mode 100644 index 00000000000..e6972800ded --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-OS_TS.pem.certspec @@ -0,0 +1,4 @@ +issuer:int-EKU-OS_TS +subject:ee-EKU-NONE-int-EKU-OS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-SA.der deleted file mode 100644 index fa8b52a87719671b6bfe741a8b2f48f09302d6be..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 722 zcmXqLVmfEg#JFt%GZP~d6AR-D%e4l)Y@Awc9&O)w85y}*84N@Xg$)GRm_u2ZdAKt3 zN_1VlLv@244dldm4NVM;jm(Vss*<0*9=ttQhZeTz~*wR2MMYLEXq zI$;8O8C!i%E8bh~^5*N7>|1lAxfcA~&8}*icJZXt(l-ZI`JUb8V-wX?9Jt7Fx5dJR zd&SbenUQaNdQ1fv0FRuN9M^>*|@Rj+nwSCurgITLC=7kwg&d$#KtLs&{#ai~U zB(LVnN9y5^=Bse;=k@*gaK$!ROIeHM3--#l73Z!s>}FzSWMEt@Wgua|2@FVCVHPF> z1_N#olb?l!nTh!aa_9l03K)8f4654`w*3A7T&De<*`eMqO|Ozx%NlR^{OMoVgWm!| z@-;IwoHZtHXq2hpmwR_$!QrG?rJCXgd%g4=7d|Km=8!1v+cM?x`CChW&F{N&@SXlG z!7^WujLMh={tk9?^2A*OdIBdzR9Ysi?Jd}|@s#EFE3I$dob6fA?kz1T8QM}=_tfOO zm;Ir;6Vn3E*=yI$JTK(ZM7KPDkS+A=hse|XOXahd%O;UJc=SH5sm`fzPRN{Dp)%vb59Ryp#G jQO&ITuFH!QS#xFn+cT3PZ1#%|1)MWM|f$ z?Nzf&Lk;hr_qezxZu{&wk(!+nl9TtSNlZ|?tQ9&v|MwiT z7W>Vf@@0b%_w|j(eRemeYfkQzZVSEGqvN)`B7xcI@E)P2j4unm z{M-|hv%b{s>f53}pZR7=$Y(s?`Y^b9-cA<1U9%SKTK!=!b8LXg{p?e#k8w|#EvxtL z>AU&Qb;AmN7C0=sV$F5Ba=pz2>(ffRgQ}7;3wV3`<#I z7A6A*18xwLpM`~)iTMX|=m8@P7xQ! zaBK7RgcSarn-o5=FSD9&aL8HY#gmn_OLy$LqGS@H$(d)b^2YM(kKKU`GfE9_EOq%9 zS#VLHXP?3Q(;9vZrzb0~i%b6dC3~s!7WZ}6A}&;2sNnH@G*?0N&+qs3-#59c{W_(r z@&5d@_T}kmo{B|#3~&9IQgi2&><^9Q53GOgeEzLx_d`Xt9~O!C-JGX9%$sZy$QfCX ze{Oou@2B-S|J+whi7&Ir+`eSv@^xogPK7Ysk$lx+61pO&lKGi@u$N_fR&&%*b%7 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-SA_TS.pem.certspec new file mode 100644 index 00000000000..ecde037700f --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-SA_TS.pem.certspec @@ -0,0 +1,4 @@ +issuer:int-EKU-SA_TS +subject:ee-EKU-NONE-int-EKU-SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-TS.der deleted file mode 100644 index 6a510d01c4bb166d29eec0fc2333f2a962e73f64..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 722 zcmXqLVmfEg#JFt%GZP~d6ANR^j;RK`Y@Awc9&O)w85y}*84N@Xg$)GRm_u2ZdAKt3 zN_1VlLv=%f4dldm4NVM;jm(Vxs`tk6q1`2d{dpa?`t4-iN zvxRTfv7i4Qb(U*UKG83%(i1d|~{xkyATcL0>Ot@#6RE_0+=88YN5$`pV6x zDS9JHnspP$tQ(E5-aLBMuu#d_Pnd&c?mPYrv%avGOw5c7jEkiVBn&u#0VylY!eqc; zzzt&Zv#>BTG52J!6 zKYi?_>4yvxjBQTo+}LV$?~`?8u{e{=yPvZb-M34fYkh#}hQow;@=P&384tIvPo25e zApe$0vzPMT2G%7L?lf{w zE2m2;=(=5Bbt!8;Ya!bV&s2?FokABqp8itn<1(+7Tb1(g+?k4=GdG-)?ta|WerMIR zOUdh39yV|ny*_7Cx5lEPc?o8xs)EDCHoa#58$2mRjzMjT-wU0+0Z)>qL_L`-s^SvT h>0rFiR{clA{hBQc_B<{~Int)%o?OVSk+o<>7yzsC99jSX diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-TS.pem.certspec new file mode 100644 index 00000000000..a7c50ec2192 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NONE-int-EKU-TS.pem.certspec @@ -0,0 +1,4 @@ +issuer:int-EKU-TS +subject:ee-EKU-NONE-int-EKU-TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA.der deleted file mode 100644 index 0678584a44a9d6a78d6c32e6cb76309de8016ca0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 745 zcmXqLVtQ)O#CUcAGZP~d6AQz`@V^GUY@Awc9&O)w85y}*84N@Xg$)GRm_u2ZdAKt3 zN_1VlLv@`U4dldm4NVM;jm(VREl)$zw3fO zPv4#9|=ibn>`Qk_C z%@KbZ8Ft>Sie;`>dfZ*z$|fI4rmn5O)ems2H)EclyXWZz$yqz3uB2?7r}uGrtC6d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+e!oc-H^}IdNV?69Z!-b0b4jV^fPLab6=3*96KnP%>07kb~$HPfZ1D^b6KS zHKU193E4tMRtDxKMt%mMo4A;o7#SIszS=nBYwje4T$_!@g=DPdnS28#Jo$e~`;}|R zjg#Ad*-Gz}b?Y&^uHUloMVe>G49VQT*D7VMrm}x%c)n}yjtA2sxB?eAYPsJhbdO1~;+>~{-fZBT4~Q}v2v-?mo^*ZF>%f81pQ*Rv(N<%Ba9)G!sv zJZRk4x6;;K_(a-^iE4Qj`&a*7z0&thr|O5I7n@@Dmu?Almn*#XAokq-NCmG?iPzS2 zpG!Q~%yu?s!)qOj)#ttkM5MQrU+Um261#9`>uJa0N9>6^j1|saxGD2vN=V}Sn{WCq z71)2vJ~C~`LhYqDmRQ(7NQrfovNW7xDSgJ<+$qIbdpe_L)nS1GwfNI7cN-ljIIi)n z{Mb9!s~gWuaqVC7bKiv3Pr7$+>xfubGm G-_rpbmon}E diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_EP.pem.certspec new file mode 100644 index 00000000000..ea4185892e4 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP +subject:ee-EKU-NS-int-EKU-CA_EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS.der deleted file mode 100644 index a91f8a0c843d89220d13ae25d8496fabee3f7ed4..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 775 zcmXqLVrDjIVtl=TnTe5!iG|^hOpO6A8>d#AN85K^Mn-N{1_KpCB?ARE=1>-99?8tS z5?xpCP+e!oc-Mef=&IdNV?69Z!-b0b4j69a=Nab6=3*96Kn&@m}c&S8FmDEu3xF&S84VSbsmSWUe{}9 zD*l#nenyn+Y(;Io2aw#}JZXRhqS&)`>H{gcV?c;@;_U75R1TN5sRSX-`n zb!~!jiCMB~+<__w%XQcGmNTeNwHD6&Aa?T17Q;_geH~LQCQnP5nKbiuyY=5<&iRc0 zl3uyJoHa+uG^|fBH7h|n_Ce&!C#I+D4HrdRb5Y3Dm@+wT_D9~EUl%A_dMX`WkfC)` zfm55)yx%P?b&?`e7^m5;q~;0}dB|*Aw&~f!)}=Dn zzl7Z1e7!hwy=ab2|Hs*B_pdKFF-e4N>-#mS9X>~;_~nm&F}obYKKswxg|FSh?rT=h z-BtEqG3wc39#db9|KIb(Z``!IaQda=22H!S5f^Swz7+BKv8Hf!&noGkYBIkL@*WEk Rb2&b#IDqRS%lxeD^8nKlF~tA? diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec new file mode 100644 index 00000000000..8c69ca7ec4d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP_NS_OS_SA_TS +subject:ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_NS.der deleted file mode 100644 index 57cece4f3c313de91f1d8f59c19d4a4db30c41a2..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 751 zcmXqLVtQ@R#CUlDGZP~d6AQzvo4*Zs**LY@JlekVGBR?rG8jl0iW!KoF^94+^YCWo zmFT*9hw3^z#`^^u$cghBniv=xnHw3J0_iAmULz3K1j;o~GE^{-gXk1bO$BT83)V$7 zqlr-o*+NEE2IeM4eg>eMxR{z485zEBbK3AIT`IFWy^~+MlIzx@Ee#FpHFh&DzV?-Q zlF*k0w>>4e-kKVw%}QMBab{v_uR^xzP(^EbAqtjmLhSMuq&$lh1*3LH`WJ-6!Dey+*Nc;ORXrE zU0^%4qd?(#?yRG&!MA^=)W41FkMowv`unGS-ZnFp6@fmJ{XbsIVOx7-iNNAL8h7@5 z`gG(gr@8FTsRfbus^(ihoc(jh2Ljz7=NXiPcFc~ly zaD$lqEG*1S%s&joK^#>^#{Vq5Knc!-HV?+OA5JWc$iWJXM_{lrGHBfN4YaCZKYqK; zt8mozFaGYQmL{9PV3z+zQb=KwQfbqS-f2D=l0inPj*GMyFKPn- D^yVg@ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_NS.pem.certspec new file mode 100644 index 00000000000..2132111babc --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_NS +subject:ee-EKU-NS-int-EKU-CA_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_OS.der deleted file mode 100644 index 89efb7ce729cd367c8ca9d75b73bd3a62d489816..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 751 zcmXqLVtQ@R#CUlDGZP~d6AM#VqniOQ8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+e!oc>iDnIdNV?69Z!-b0b4j69e-oab6=3*96KnP%>07kb~$HPfZ1D^b6KS zHKU193E4tMRtDxKMt%mMo4A;o7#SHJcm97rueWPCh zt&}Ir+9cHn2mJhY<9zFDuOPEWo6A?l+RMLg-C0|}o@Na*SGW!`@!(+jQ*&FWG zf0`4nX!(E3d#8mjvv)5%x32z={!(@8oaND$a$b|(-uwK1qot_Tw-*15g?rZIb_gE0 z<#Xfi_N^gNCCUjEI_VYcQM_-h!!u7TK5=x#*&q8d=g)utM6JQ&-4II%Dy2P-fhfx*hi5G>?BA^xb` zg-@>QC)q@QTApdT>GNxT&;HGVJJv=RRXVsg75Ppm)Y&{sQt$JojoBe9*(UNl>?qij zTK4O>}?-O48vR~}kYXH2G@T%Mw%VeXru89X`R!}IdL?Oa7% z@8#3yH>5wBqIX*QVtNqg9j8-M+4nfDYB063`>{8gzf}0$mRVfuGgn`{+P36`>eFxM zt1E-9pD_EeG(W*dq*<}!qr-=5-Jkfc*@o^v(S2zad)>9(;`!WH=4P(9zx378q5h$J H#xzv`f^R!B diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_OS.pem.certspec new file mode 100644 index 00000000000..021f8cff6d0 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_OS +subject:ee-EKU-NS-int-EKU-CA_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_SA.der deleted file mode 100644 index 0facc4ba3c352b85d298c90917ac0dd80afd07aa..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 751 zcmXqLVtQ@R#CUlDGZP~d6AR;~%fSY`Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@`U~U%#939O$-g9#CeTCToWkQK*>zfn;>5D{c*)OtGO7$!tKBEQ4;Qts+P2@FYDVHPF> z1_N#olb?l!nTh#_fjEex%EEnnb79J*!IJTg%LSef$<0oRz?Qri^j)dyzXk0 z@aoBZXOlVP=gr z7hl!1x=ZD~CVFe-=8At7;<^%;?{GlEal_T?@6HN1&b-XJ)_30*``_I?l8d}JH-z{S+xWNKJRbTlCf(RU ztK{06w>ke6DrROXfBirGz4`m1m0?e=n6+IwDYM4Xu}H%9ZEB_4?G@ZkZ#>i9Ca&AD zEQ>M4X!`591ux7?!&@ylXW4sBS!4WC?zb@WQ{MIR&!QQVzduw|7hc^W*f@QM?6si9 E09S=51poj5 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_SA.pem.certspec new file mode 100644 index 00000000000..b12f363838a --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_SA +subject:ee-EKU-NS-int-EKU-CA_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_TS.der deleted file mode 100644 index 1f6c554e71fb6d4caffdefd49f42dbb7474c8aeb..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 751 zcmXqLVtQ@R#CUlDGZP~d6ANRZrMCeu8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+e!o_>f=&IdNV?69Z!-b0b4j6GP)Dab6=3*96KnP%>07kb~$HPfZ1D^b6KS zHKU193E4tMRtDxKMt%mMo4A;o7#SHJTEFl-pkS)&CA@y+^I2_YTogj*o&T)B?0kL0 zr!)2kQ(TwF>`jZR;_eB_@km$`)m#(k5@VcKDu3c;YUhqwm#V8RKb={mQYXe{?Y+`k zSclVS_PqTcIF)0%)2cLOJI+LJnD@^8r`bKzYwkPepU(<=d|~fvxk*x*bFV7T`#a-~ z|CT2v9vV4bU7SmvJk$wZv-XE4$85b5C%P;{MLnm@|Ncwq-hJ20Wv8+n-{yMB>~-5! z9=1t3)A5sajNq+Xx{Rv3raY8n%VYGH+s3(9_Q&o$JLh@(JytOGez=CC^uz5rwW*Ef z%-WZ>F42n5H@d&JXzP+DZb>BO^A zrRV87e!myd)|1|IUSLRGvE%CE*Sm`UeLDL4gyjA$m7h(Lf|+bpZ5VHJr84JNzTIH| z`@){Y&6~p(^YyCfY@OsO8gipgxuons^Mm+OjQ|$WEe1TFA~I}Z>V6e<-1=ymkmzEk zpYyiIqOMcH$AR~^c~-(Hzc&*s*Ug&IW6%@NFI*QqhvACcUdQsyY_n8!SeBj+nqm$B DY#Jn# diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_TS.pem.certspec new file mode 100644 index 00000000000..db906f52f06 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-CA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_TS +subject:ee-EKU-NS-int-EKU-CA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP.der deleted file mode 100644 index aad295c0d21b49e40ce038cebcdb83ed90029059..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 745 zcmXqLVtQ)O#CUcAGZP~d6AMGPm!1JH8>d#AN85K^Mn-N{1_Mz;VFN)n=1>-99+%cMMKYj? zQ3=^9Mpg#qCPsb+pli68niv@wF7)cSbG6s@Oi%xC*KTU0p8f;}{v~{|`fVyk5d!`< z)~s80&0WvuTGPDZ-><};Z@T)TbEVKMb}Oyx{f$dxcjrZ`9OBr?d3sy^ghLFsr@5c~ zQ1)ZP#RFBVW7bV)ZK~O{Q0V~kj%7=xrzQQrEp?XvyZ@}G|4jb##4X>OV%Ec+%*k?2 zKTGJBb!m22>$K^O?-{tRhZ1h<*^1HET7F0^QZ+tm zE!6bL`0B#@O^yL`CZuWvt$Lfk;^@qoJj{m6!yB2H85tNC8ygrJZ~}u-R+xp!fWd$p z#N=mTVP<0fVIU6Ts4_DCXW<1(a3-{QFt+`0VqruMR$vSQgO!nCop%qu<&z zG;I$1mEpN7uv5(H(YiGz9ebbUu*FRC5-hd3_u;Sjj2FjCXUeetUBPepw0lyQu{Ur3 z23GTlYnCY#8NEEGd`M8Lo7r^B!u1m}r?bmwhezL>`AH>Vso1qRz6-Z`+SyNCOV&9* zGcdaOetN?4$>$#~Xkro1Yvbeg(#U_`uW~un@9*3<6AhQ9chpz^JX@bvVUTLOdr__G zB*uCFr|4)T*sPk?=@A%b951tD`eVUI4*gH^xHM)zt_te2Pbh9WH|urItZj$CyfO4( z_qDozuhp%5N4CA|w9@}?IhJpoQqjDMJDhFu!GAfEd%7!{1acqT>uE~*?RB$ZB>+a} BBwzpl diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP.pem.certspec new file mode 100644 index 00000000000..eafe5097e84 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP +subject:ee-EKU-NS-int-EKU-EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_NS.der deleted file mode 100644 index ab8c63e85bb3f3cf45285d7a5b50ed069c9cc2e9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 751 zcmXqLVtQ@R#CUlDGZP~d6AR;}Yv&Dk**LY@JlekVGBR?rG8jl0iW!KoF^94+^YCWo zmFT*9hw8cp#QOys$cghBniv=xnHw3Jniv^GiSrtPxF%4pfs&zufgD7qcxozGqhGKt zsu@j;O2`&6vNA9?G4eA2-NePz#K_2SP%u5_`o=vmMa4|jwnB4$OlL8Y_LE5Hna1XA zvxVhGgUFRP&)xp)ILx^1mRRxp`i<_@oJGdxg;NS2_PCu}esJ5&i$BX>ESTZZTFJaI zDqu3xr2DVmGA;AsR`P1Tc}7(}X~nM6;80yni+R5;b>8*LyMOmq&4l2I&9Q0?(=22w zEhlnblzw&6@x3VfM(@n?e62j=GR1CQ$~oJwUnswPgnFSoqE^V4eI zm9cY{-@7cC@iZv@qT-u+VK45UTH(!-j_bG%<+RzEzPTr~dCx|d&;Cg>&F)q_cq?;e z&5q3*BzBqp=@oQmTE?BIv*Cn7^J$q)hfJq^N}815Rm;T8$iTSR*uc<$6Bv@R!YoV% z3Xm67p33olTDGoj6cvF(Qw3nOx{0^<=Ftc(nNpQpe2uFIiT z758#M^cqh#Caxpb=cOrFIN#YOojGsEE%PVQ8{GFDp5i>s?eDZ{R$mq;7G|>dFU}8{ z|2^Que;2B__!nfEwrwimJ-g|8 zaoiX8n-bR1t7`tPRocDctw`~K$&&Fl4q=~fP2`LCdc^(YjGEOG=M;!tPb@zvAoB0m z#uLjQKH+pryIXB2R42kvEw+_Wpwapbo4%jgz8~|LRNutP2fB9b4cYc#?z<vP;{AgS~U%#939O^i&U#CeTCToWkQK*>52$51SukVy#AaWG4uxGkJaWuawjbW{>0Ihx zrBJ@<+n83S9iOT+H|fBqWpmV4OaHibN90|JkpBD5nK!vJ_T0(fo!uRfZ{zN=`Bm?7 zL3>;C9nW`*d3hH6yDzhPqNDir<+f4__aABW+%0uu#i~*!W=00a#l{AP2Asf^ zYueP#?VnC_arg7uXTs)Yr$73?aha;Z2G>h@pMQK1zm~Rmw!Dy) ztk2S)AASWMnHuX@^W0+p$1b?^n)qxOn*W{jV=t zt16p>=UZ4C@b;8!a?+bodcn|l#|dxiE2pD=f2#camj9jjoKMHH#6zbVTKs3a6Kxy! z$B##HtJlA-eY`um0~2-sGkg>5UGeA8X90in*S^a;yMAtL6IQlgt-jOv_(Rdz57s9Y HEI0=Mi6k-} diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_OS.pem.certspec new file mode 100644 index 00000000000..518d0da3695 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_OS +subject:ee-EKU-NS-int-EKU-EP_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_SA.der deleted file mode 100644 index e74463981cfd567e87604cb32838ca1aff348f38..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6LXGrgaI!br&gOs+jm|@Ms8LH0|`Sh0}(dnP!?t$-psrb zU03f=UDts4U`GQvab80c17jm|BSTXYBl9S6ULz3K1j;o~GE^{-gXk1bO$BT83)V$7 zqlr-o*+NEE2IeM4eg>eExR{z485!QDu>Spf=$ZC3&GeJPsa!W>Btn8dNUdabGBmH5 zz&@+%)%2*hG0)Hb(SprJAAKI=Ez7?i?V7gMUpL+MqmSbrG?i7 zF}vc~X)aSb@`E2w@Y)>vHS@u@o~Nq+?e%Si=B-=H#LURRxY*dh(0~&dlCr`qOa=@F z+#n`D3kx$7^A7`Y5J#1f@jnYMP=Yg|&4aP+hZ74UaK3XwUyVdERpApkH2O4XVsS(ZT%%DL|A{XcyP|TsOj9nm-FW?Pnp~6 zaOv<$iJJ$d-zw|SF+kr{r{PSjLE$F`!Q;mSJ*-ZP3B7LPDEsl| z;H;wCZR>-+x#b)$x9gefeMhWy@!6H7Gi}|MA3g8Y(RS9LGNXXqJT>vs^A80V{EN5% DJbf&C diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_SA.pem.certspec new file mode 100644 index 00000000000..c3d5cea0f26 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_SA +subject:ee-EKU-NS-int-EKU-EP_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_TS.der deleted file mode 100644 index 13d747d07d0ad9e1f8ebb977d3af2973d00a021c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6SH!boB=Nzr&gOs+jm|@Ms8LH0|`Sh0}(dnP!?t$-psrb zU03f=UDts4kYEEjab80c17jm|BSTXYW5XzMULz3K1j;o~GE^{-gXk1bO$BT83)V$7 zqlr-o*+NEE2IeM4eg>eExR{z485y2eJzHD7?A_vL>d~{cE<2{lKaV^5Do;OpV&Mvj zb-#HI+64LM{9lvyqeNWz=#B$+u4{!VnDu`iN)^$&#Nt*f_a&>jX2tcS1aUh*#hm<= z`5$Z-gkQbOx%;}r710j=$A=yjX)RuNF?=!yo9gKcf!$Y@6qm;QZ`riCP|s*eNU}V4 z>Na)Hk_wZXyUh!js{e_no(c8;6B07x*~F&bB?T!a>(})^ZSQ%Zp;LR&S!Vym4!0+P zuYz49SH>K#FRPwV?$LYxN3BRv;#%?K1=pQyckXHK4EyuX-(P&yinOzdS{}_ti|v`5 zUpiQ5e7`iqj{Uh)`~&BChW@I_{*LVje@=k4Sb^~f3|2-4+rmk;6TZw7`@D}k zO0DnkrT|%s^(|%d16QuC=Bzya(RFv&Nj;B0-w$?XI!|hstIFCkC+Y%k;K$F!^DT0u zG(0{rF7UkKpurr=e(qwaU=yd<+Ri86q}?tqJ)7WgOCvDu!^PZM#rH942J?Q0xSzlK z*Rc2tdrxrl8xJ?dXZz+DMz4JouP&qn6=Pr7kjIVGQ$bQvh=n BCO!ZF diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_TS.pem.certspec new file mode 100644 index 00000000000..b24a6990bbe --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-EP_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_TS +subject:ee-EKU-NS-int-EKU-EP_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NONE.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NONE.der deleted file mode 100644 index 980ed9ba93bc40453db152e472256d4f237cff7b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 749 zcmXqLVtQ%N#CUN5GZP~d6AQz$=NAlk**LY@JlekVGBR?rG8l*(iW&&BF^94+^YCQm zmFT*9hwA$I`?(s(iSrto7#JIw8yT9K7@J0k^BRG;CQz<{qM^KjEJUMNYAQruur7)b zO^iy&)-kd&FgG#sGXP!0#ni;e$ndePc@N*8UpjiFmkd6=*{yIS`8(5w8PgMw?YUgz zwBq>jAM2OhU#H3^+PhCt?axPbg?G2b?&*K|5q;+M!Rw3?iS736tv|!AA5Z?Nbuz}G zi!C#2&##UhT20qP9^VtxNafmMzjD0_zwC>QbyFJTo-_*Ew6)8yR6VQPo1HDnIBWfm z1=rX7aZY`z$8qlB%pJzT=k#|qEPU|j*sxnMdg&1}N3UrDAy;0>z0|*V z-RHtR4W8X?j2Dm3PdP5rzE~w>h0dorm5t3j->VqDs%yB~*8BLHu}eO_vtqXL+3(>- z{6`p1t7fyNY)zhXZZ?y!kZaM~S;alRPj)AHy3RY4%*4#dz_{4hz|epb7?85UEKCLr z2HYSfKMM;p6Y~!PaS%t9k?}tZFHnLrq0NJ_?S~T!BXY0;V-Xmvj0~}oTeeOJE+~5a zb+=HDg2bOIj7=`DW{kOHwufx-=(j6HR z=U>b`bR@9B@^F&u{feX&mj&($-`*~nyscjO_S~exccmg4p6Ppq-46wQ-+uS=+ZUl{ FA^}{CHa7qO diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NONE.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NONE.pem.certspec new file mode 100644 index 00000000000..64f2960d646 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NONE.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NONE +subject:ee-EKU-NS-int-EKU-NONE +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS.der deleted file mode 100644 index 65934a94a608b8aeb5b00a1dcc7435edb41bc860..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 745 zcmXqLVtQ)O#CUcAGZP~d6AR<<;$;TBY@Awc9&O)w85y}*84N@Xg$)GRm_u2ZdAKt3 zN_1VlLv{Uv4dldm4NVM;jm(Vx4(~R;v7IPEzjvW7XEnw1eGP?jq4Vy>JlClfOx1LI<2149E&U@*!GvoIMj7;uA_ z{46ZYOw2zF#6cWYM#ldvyg&)ggfi?+GwRr^&J{ZKD>gVzH2!a*Zt_K{w+q6))$j+*z>L4vQ@w(Yg6oz zx9e+@^Ee}RZ)<;4a5?U6mTINTFPoa`lU5Pmc9~rD_^9Tseoas0;PR%s(mZib=JDR2 zJ8$!gG6kE9Kc6R>+r_=F)yibsZ(-xU*GT$8@bsOohx*rR_G|z8B4xqewqsw&3;+!G BFAx9# diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS.pem.certspec new file mode 100644 index 00000000000..1ec9059229d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS +subject:ee-EKU-NS-int-EKU-NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS_OS.der deleted file mode 100644 index 4d290448805d322fb5418340dc8b381953ea4984..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 751 zcmXqLVtQ@R#CUlDGZP~d6AL4A{3!!oHcqWJkGAi;jEvl@3fy!8s}@D{?%H3;#bFVo+n8Xx*ZeD-F}~bxaHL>|9N|S z4DFaj^nZ%~k~+oysZ_srw}16=&Mj#frR+<07|%PA%pIB@pzzD)-l5Y=h4-d1xK$)` zd%QSnfAnvi;*6?9$A=S2%Zjf%&-(P4L-}ve>YLVOSJy^s+{sn{x%y}A?b39KwFSp2 z%O9t0*c05G3H}X7y|FBDoC*vg{<=jSWJ7 zo{cbae*Hw~ROkVzO^2ObGB3;JTz>e>=GwDYw~Jo-N-cE#{dH+T(mIc~hZ?T`T2emi F6#xgyI7k2h diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS_OS.pem.certspec new file mode 100644 index 00000000000..183e13a29f8 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_OS +subject:ee-EKU-NS-int-EKU-NS_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS_SA.der deleted file mode 100644 index bbf0a41489b8d0bb18d3d111674048d664c47370..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 751 zcmXqLVtQ@R#CUlDGZP~d6ANQEOQiuX8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+h;^_+Uo^IdNV?69Z!-b0b4j6BE-Yab6=3*96KnP%>07kb~$HPfdkt)I~L; ziBSpJLPk~w<|amd2B4d`n3@Y+J#@{ z@1N%;x^MQuzYR0}s1%myiMv1K&OWhSSgPDtp=J@HC(LYqN!?^tY+Ai~s&N!LzOe^`Du3_IQqi zhrxq5kGs~#{u?f`nBvNEQN{A7%>S%e65CaGteQSc=zn!z(emOqdN-qXzDYjE|JTL; z<)kOMzRZH@dnPaMV4Rn$d$v+>;}6DNA(w-8F>}uN%*4#dz_{4hz|epb7?QHWEKCLr z2HYSfKMM;p6Y~!PaS%t9k?}tZFHnLrq0NJ_?S~T!BXY0;;}ICFj0}t7*sHi)HrfTo zey<7AUTI%-U!N=S(v}2H&lC5{W?VVnf3Wdk$pj}!CvAEfo+7fWX!hT2&Q=)?!3ieilNWMZyxKYI@?@7~Q|HR;&HWx9 za!&kF+W%uUBLj?Du3ce@rmrVQS(+ab+4EzdMDiNvz*uV^}8=^ZBNsD)wd(jH*&Fv z$*RyTcOo;|s}$CY{rF&3_O9!s5ivHdzlzBvOk#s-E4oWPKj6=q>FU@+hY zG5J|on3I*7s*H^PS$KgGoC$3njBP)hSQwFm6&R1eU}a?R5YxTB`F!@2OxAOs z_9->J5!x^LSNUwaK%c7Ri~B7TCb%1~5Z)}y*BPL`<-m?f&TFn6Y+AgaVT#*1E^+@G zr{rEuR$O8?adF$+^EnLbSekFBYAW!rmloreTX*`{zpQgB3Uq&P|1`S(G4u>?O2mfJ zV^?g8V#NMv&N{Z}>Q7^K)78rT{qMLZ_pe;!yzItDL%+qdgez9QTzqL3x09EQ@2pQ{ zjSh`fhWd>ws`;kcZg!h&eoWWo*w)z3GoDL4b=n<~(ptNrCOU{wE5Rb~*0mNVu|?UJ z+7{;;TmKAQDRz^)!IImLdFxlvm8##{>h-IRF(qF*aPe}2%9(x4TbsYKKiht~kQV?& C{v)UW diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS_TS.pem.certspec new file mode 100644 index 00000000000..2a7c5d895f8 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-NS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_TS +subject:ee-EKU-NS-int-EKU-NS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-OS.der deleted file mode 100644 index 227aacad494d7dd4d2080c8ca65c23eea293aaa6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 745 zcmXqLVtQ)O#CUcAGZP~d6AP1AS&acN8>d#AN85K^Mn-N{1_Mz;VFN)n=1>-99+%cMMKYj? zQ3=^9Mpg#qCPsb+pli68niv@wwhOUpKYmpEo;l^diP>FA#``{Z>?bHHvfjzdvhSAc zk3O(#7gx~n=@X(B&v(yczaM|$>-W4#hqgNI-;rp;cwVEnX&F$^3K}Sb${=MoM?EWX>2*mnz`loq*HD!Vn+-9z0!aB%zDa}8+X@L zuBt7+Q+nTcExz@g;pF_3pw0x_Km}cncSF zFD)(c z^Rx61uhb5xN_MLdX=Q&O{VLq);q46n`BCf3;p;X zWbJ$}>W9OT3{?-Kt>WDG1-S%+_>{D^22b9r&%RxyeU^a3qKR^TCgxMJRqxF>^B(~3 C7Afuk diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-OS.pem.certspec new file mode 100644 index 00000000000..8107c3ec660 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS +subject:ee-EKU-NS-int-EKU-OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-OS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-OS_SA.der deleted file mode 100644 index d5fa80887be8b6562c7eff40ce06ab145ce30001..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 751 zcmXqLVtQ@R#CUlDGZP~d6AMEZ3y%RW8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+kAv_+Uo^IdNV?69Z!-b0b4j6H~J&ab6=3*96KnP%>07kb~$HPfZ1D^b6KS zHKU193E4tMRtDxKMt%mMo4A;o7#SIM1ge+j7bv%O**xCSzvj4*L1XE?TgRS@ANj}m zE>~f}N5*cCl|sK~-pgIPZrv3>t*FbrI@yKnADRw)dzqHjwuN^T5fK!j)m?@i8rt9j(bY}t!X}4Q}Oav?4s%0 zZ^k(KGbXQX|Jn9y7BB0ko&VZA^wl#MPcl7vy-a#LclbQ>eZGRW|D8D+x6PQ^_*k4b zyX(uQ>9EuZY#+J%2qUHdKZ>%;ZMQHKl^x7ux()62xn$iTSR*uc<$6Bv@R!YoV% z3Xm67p33olTDGoj6cvF(Qw3nOx{0^<=Ftc(mf-hGa5tfs1- zR*QIWVAbX3g9~S0&fTnA5vP>!-9TGufg^+N-1g-)veqm{0V$bt9=`dLTmM`7?@qH_ zcm3L29j8rucTfDH#-IBEvm-yJy=^twe?#==u}hQ9#2cm*8=1EKVNba~N0pmb>Cv36 zdp4Oa+OGO7b5ob&pI63uZgzK4cO1#I?k=3asOVAZ|I!N|{Tgg%u*L{g#YMab6loKS znz`-ms{Cipxfc2BN<>8`JPDFIAHc%P%c;-%rajiUc+S)WUgygpRaUOLCaD`%?=#}E zSYxJmJ#E%U`SLlJ1ABy{^}oL`PYq$UH{NjgW^3sA>kO8e4!;b(|GM>*tHQA9mFn~@ E0GOC7^8f$< diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-OS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-OS_SA.pem.certspec new file mode 100644 index 00000000000..0d7a5763e0a --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-OS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_SA +subject:ee-EKU-NS-int-EKU-OS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-OS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-OS_TS.der deleted file mode 100644 index 229e7d69da001b562b4217a65f672d625fb59205..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6SMs41qQrqoLX%jZQpqr8M#>*3?vN23`E$NLs^)4cr)`# zbX~neb^U|mLxK(D#CZ)(42+G;jSNjqOf93td5u6^6DZd}$xy*S4x&>$H5IJUFIX4V zj3!1UWD6Nt8JL?G`5Ayt;$muIWMsH!#&C>V$8oLgk@DL*&U^~#i*`S{x%aJW)T)Zt zpLw4*{$SA0Ja)&}uVJd@PhGB)t+M}ZWWvKQ&w7y|y8b!WpZyQ6*0i~$^m+-hr=EMY z_}sS%yl=VQZ#RED;rE*t%uZ%A9sHV0_f_3ISi{#JV`a32#WLlyci_TPtqb&DZLv9Q z$#YixY1hd^OuLPq2}DIPr>x7~o}-kro8S7k^MbT0Pya0^I_$IDkH-I+w)79{sieu9 zWB$arZVz`f$d3;XoMCwK^<_;ZNG>+PJ)Rv9tY!KYf=v-!UlU zZ;ATlxM|yuH|CA&6;rztOV7QvE!w*NvBUAo&bLm5KkhH)c;6j+a<{z2Qs&B+<-AYb z^>?qG-kil>GgIT>$IF5;xpsLEQY*gP+b$+|qCmIg!0U9eKqH;*?fI(?oOGI<_0Q7% zFAq=eYoqXuMca5jX!R^pSU557-~BhtXC~Ba?{POhroZj|Y}v`LI1hZy^2|Ll#f!i8 zSLKce^WxnnT@uWx?EZf0Z#I+V#8vG-b5y6Dd6#IIwe>~3p!d#WI=z37DO-pL1l`X$ F4*;$uGw1*S diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-OS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-OS_TS.pem.certspec new file mode 100644 index 00000000000..7b7a6ae6c1d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-OS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_TS +subject:ee-EKU-NS-int-EKU-OS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-SA.der deleted file mode 100644 index 7ebca29135fbfe6b5a20d8178e92c6da33c20372..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 745 zcmXqLVtQ)O#CUcAGZP~d6AQzhcUKH}**LY@JlekVGBR?rG8l*&3L6NrF^94+^KfP6 zmFT*9hw2798pw(B8k!gw8<`s!nwlCIM~U+qfw(46u7SLvtbsH{n@DOZSeIY0E|LLF zj7rE>F|sl+H!<=v0A0hy)Wpcha7y^wqSbMIK94sk9XQZ0|0eErwzy*Ydb|I#RZVJw zIh-HcS1eV)dKUi|KW6OCi4S(>suAKgp#^T&Fe%W z_2z4?T625S#NXGs!c=zd)_!($zneFE`!ufeimwZ_H(ixrstUfbHr2MSjhFu?i>&6o z#B#nIwh-SXMsG@A<+ZKaaM`cgaMOeSMt-LWH!k?y-EX)cR?%7I^UR7VzFY^SKFM}< z%Z7NaE>?RI$)x`|Wbc{YB5QH4jIxr~4=3`OYBDi1GB7SSHZU~c1O}t5Fbk6bg8?^) z$X{w7V-R9#e7Ol%dPJU$DF3=Nq?4Y z^IgMz{zl<@k@K~I;RQuzH7|`gIfV^X19>D~olW1F;+`h=|3P1=G^_cNYkUQvp#UK) BCrJPR diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-SA.pem.certspec new file mode 100644 index 00000000000..659dba40885 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-SA +subject:ee-EKU-NS-int-EKU-SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-SA_TS.der deleted file mode 100644 index e6b85be7fd3d6487ce131a0080414c85dc6a7cf7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6LZA8n+CjWoLX%jZQpqr8M#>*3?vN23`E$NLs^)4cr)`# zbX~neb%Pz_LxK(D#CZ)(42+G;jSNjq4a}m%d5u6^6DZd}$xy*S4x&>$H5IJUFIX4V zj3!1UWD6Nt8JL?G`5Ayt;$muIWMnwPC6|;pSM+(=%;S@Ts>D3M-d;CdSATxQo;~{? zb~N4odyBc{;lf#oQ#5q1F+ZF5b6u89p@qD*)|DvJtm|2FKW4vWziKD6?$wm(r`&FK zi}}el+??{uI$h?xo?;o(hTMrSwgv3HEOf$bV(r+Gzir~N&pkz})?@JOVh28a&0tSl^xEifCx3Is`w(G|7mg7N7<{~!I|xX{ zPe?1cUlgWk!P@s!{1tc0+CJSau`}J*cTYC2SgK(3+#=50ntj`e`3`N5p51&<=C+gN z6>Hc32VoO^-d_2+VDFZ-4JR1u4g2l>bv=2q`O4;(3Tc|t9r~)~bY5vZ{5W}TjFSIh FZ2*{rEN}n- diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-SA_TS.pem.certspec new file mode 100644 index 00000000000..53cfd207c2e --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-SA_TS +subject:ee-EKU-NS-int-EKU-SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-TS.der deleted file mode 100644 index f5b964489ddd2414c0cfea089a7625c7f0be28ad..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 745 zcmXqLVtQ)O#CUcAGZP~d6AMG1Vut}Q8>d#AN85K^Mn-N{1_Mz;VFN)n=1>-99+%cMMKYj? zQ3=^9Mpg#qCPsb+pli68niv@w_L-bISeF#=XGwyIaPGZEW#@+8t)HgdF=CE7Jv08h zgXk z<&rt7+g29YZIgtS12T!biXyvLQX*%cF$IJEQ$4gtwyT5Wa-{kzbDQwZl z@VE27H8505*ei>N@7ev??fELV75la&@h|+K_JM=putoz@^rw{zLybNdgx%}v`t-1U zS;R&W*DG^>Zv7=W|Lg&V0~R80dmLr$xr{gHO)Y0)W@KPoY;0g?zzGaSSz#6?0|ok4Sb;GJ3|2-4YqfU=*W9T~j|%ex}D+oagAoVVz+U|r!|Qp`5Ko`J}cjm zGP~~h7P04*o6r5(BfLxSl&vf8v*@+Kaz_9p&|a=l8*h#q!)urSBtm*guiK z`6_wSYSGsBnMZ792kr>$tW!DeZnUS)xABi&gM}wcrvm4Jx^?%gQq2#Q8o%7KzqT9z DzrZe% diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-TS.pem.certspec new file mode 100644 index 00000000000..b5b08ed9b1e --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS-int-EKU-TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-TS +subject:ee-EKU-NS-int-EKU-TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA.der deleted file mode 100644 index 322c100f2be5724dcb9d76f4570b6c95c76dfd93..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 758 zcmXqLV)|sz#CU4~GZP~d6APp5EF}Y8HcqWJkGAi;jEvl@366R@DjksI%(=fYs z-*;Q5eR4N{Mll6ftV!fE63ch!`SAAKuH@WJLem7!GBGnUFfO(=ur}ZXhNP@83zGqZ z0XK-r&%(mY#QeiR5yVktWc<$}ZXn9Wnb79J*!IJTg^`Uzn~jl`m7SRrEjob#%*Y_d zn;qiIpDymqW-7JFuasN5u3$mI{v@+mi~7@2r=DTx_@1(Rp=6-`jtO($pH??`ttN5Z zCiMEc+P$J8tL0KUi%sGl_+1lEIDGn1&6=Y4l)7}M-V@@>J04q>-Sk`clPUH1s|VH} ze*e33ILrRbV&kysE_aO|mR4{Sp5)o`i>13$u+dez+AlqJ`HC&Bm%Rh-MD2_={gClD z@a!~=H=5Rhlf%xPJtA`>w76{Qf`2j>f?Ep;mCrl6mIbpeAGzuJ MXj7bE!q@c)0H?GqZ~y=R diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA.pem.certspec new file mode 100644 index 00000000000..2fc9ba1e96b --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA +subject:ee-EKU-NS_OS-int-EKU-CA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_EP.der deleted file mode 100644 index fb22d26114298c24a352cf76a1319fc3b0990a93..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AL4Q^Z^52HcqWJkGAi;jEvl@3|a^k#(CI-ev=0=95#-rVayG72}OZOYZ zPuV-=fcUHX_mlS=Ur|V@L-rFyTQO$m( zQJv6id*gh+>4bx?rkZYDWsxMb@yvsw2O52T>y%=8ej6XPz3%sAa?zY8&3&Z`-)jE_ z?PT@W(Vymb*+Bl&dYhC@7SA;lY;SN+S;o7{I6on{z#^p4W^Vkwd6j3p{nHvMmx-B?fpM{|fwciAFfe6> zS(pqM47fo|eijyHCgvaDK$cZyWc<$}ZXn9Wnb79J*!IJTg^`Uzn~jl`m7SRrIe>wY z3JhRI21$c^)6S-Md5BLr{Bix4_AN*L^i<1AL^=q3zE$vbzVOAS zFMXfgoyxO2Hx+wqU3Bn?`Hi<0TdWs*EVUX!>PBb;YK9 VyTG)h`^?a*Uoaff_CwVmd_Lr+>W`Yq-ju9AOjXzF`(<+uA@j4lS^ z3)Bn$Jlwngww#Ec-)rqSZUYgqiJDJ!7zc=YGMf!;yF8 zq?MjKC$;ad?3i}n{;0!)|LM*Kd-FJ&_)6K$UN+9XwazN0(&3Q4%$>zj(idi)+#UG+ z?6;{5Q?^HKZ|^vJ%_#D3pFCT`$$xc`i)D}eXiO31deqNt%Q!ntWclG8XPKB885kGa z8dw`}0s~f7n1#uJ!GIgYsDwUG8*e=L{!brg!Eh>ERDA^`#v9_-5zXUsGO3%r^COyr}WP z^q!vRiC>q)msR;ZN$}I(XY$B%bL_%|)he}9raN!D?ofQRQ0M27&dmwZKNsqjB*mWI z)g7$=c_MR*>iM|`|E`?BcWL^Kb@tvrbw#o?bDx|4sy5WFEOvX4H2Yvh`U1{Pv&`GV dkFf5!@g`8i@ctB?Njlm^ZdzBhrCXZj007TWI7_rA!_ zzUZm9nCE8c_w_*s-t&KXqCTCy;)SYg^3qz%v!U`^o;SW#e_kcDL-)a*y3p6JW3K0^ z3Hg|BUGi;#uy^>P!1k7-J9K!P;y)UecVD!7Bx=~cbMno3&-u2zIaK{&o#zyh+Yc;G zD88J0zO^9SE&7~Czqn`rhsX={PaZlSp7AQ8;6wNF`Ft-Y3+uey@9xO|<<#?IN8iZw zNb)jY{jv7(!7q9Dg2VLZ7T;lMIvu-m(tnfUsp(fO+Bfyw`>vq=kjJ{}^lK@V_YJ$f z3#Z3tZxC_Lj$LA>z2i)=(I2a#(5tm?P0s8y{?|G2@AS4vCT2zk#>KV<)&`uwz?2nc zVKQJa;07`ISy-5vn16r+Syq*i@jr{WfhZeiLYoI;+YcueMm7#@Hbz!fc4kiG00u@X zFn}2uR$bTA-Bs3WxN)}ji>LQmjyzan@m0WK{ja(!r+uHKWkm03UAH~hdeTY7g)d&l zoqr)z_tQ-`MOo&;q;;GVca_|%y>wjMPPx{8!-A-|Bb_hBR~@wcX|v9W`Q|m>^Izo6 zZ#{Q>|B_d(>c-4pGZP*~3q4SIB|H5$!j zJO1BPG0E7b8Wdi;UL|hb>^Gk#9BJ~I{X?WNc)!=a%dAIsZU0?$qIZ3afJnAY$DZIt z8&lR6@%)aOZn0Tu*7OVsJ(EX&t9Be-i06rl)nE(I) diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_NS.pem.certspec new file mode 100644 index 00000000000..a04b0228df7 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_NS +subject:ee-EKU-NS_OS-int-EKU-CA_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_OS.der deleted file mode 100644 index ffa852aed952653877c2e5038d5d580cd2556355..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AR<@c`poj**LY@JlekVGBR?rG8jl0iW!KoF^94+^YCWo zmFT*9hw3^z#`^~w$cghBniv=xnHw3Jni!ZziSrtPxF%4pfvTahfg(hwRB9?%qhByk zqb{m3O^iy&b~3UuFgG#sGXR~%#ni;e$S_HJ>A$Tv-NFl6?2I+fn!b7SXzKpnyF5E9 zKLs4H3VNC#uO%C#b)aHm^ketxpMk&II-^#0+Ibn9I);Z^g|*+W*wD7-^wgkK*_v&& z{)dzjF8+Jhao$#RMf|!2I*0cKRR}Mt;*4K*<6)e~k*8Z96==KE^Yrn!nRmZ1y&a(Z z?|5zFj(xJxZkOCbBD4|@`cHb7SJ?SlyZ=SciPnTJ_(t^97 zRQ2rU+bMO=-3^n!d2=w-pUK>?aN@PupXQZs6%u)n^W%@=Y*X#Die-zq?w{Jm$F@o7 zh^D~;N#_}-Rf8l>nOl^WUGRMEs3O~P?bC}Oq3QpRxi4p8W@KPoY-?a`zzGaYSz#6? z0|os zU7!19s^`pH?ZTt)XSGkh_S&`7^n{{X?`5{#?Z+7^(q_G?>kBaqN&fskz*j->h%Kc$owVL1csZ~t+Iq&3?EG|(Suh#51 zWAt8WecHDbMryYoE^^}o$>gqCnx(}mzVX=b|t=*sg-7R&H6$Pt`kdFE}C+HW82;2 zL%McT%Ct+KNv$>JFg&8^7C3iaV@krDh}UiG6A$&wD@Ztc(B*Ax7XPb7?QGU1R`Xv; zDJKXedp`(Ux%p?8z%zlYiwQ67Q`0M0JR{97-Lm_q%D8(nSMRq`X!Brf`{BgG$i|_~#>mRb&diA%z`#fa z1~4N-s881|*SV);r(KLa*{Ja3M$Y`#&%LzPz1_2fjmdb2t5JwUL!wx|&ENI9-y>6G z_4t&->$j)2O?h@ZTyN68njD`y`+93qo*Hj(-GBR{p2u9X=AwCzy*51BbN0ammX6$p zP2z>xMSWTS%yecoe%h_@&@0QW|A%^u?JM4!#!>fFbg$1{xP*zj$iHdn_j`=$;+}Q4 zH_v->EWy<9fwfxsKYpd^?8=#Q$3l+75cY)(SD{Z4FEFNCZYfU diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_SA.pem.certspec new file mode 100644 index 00000000000..40292289ab0 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_SA +subject:ee-EKU-NS_OS-int-EKU-CA_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-CA_TS.der deleted file mode 100644 index 0c1528a5961b198963e7b0954e14cc98f5b66b08..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AP31e0Kw0HcqWJkGAi;jEvl@3 zGNhpV-41~Q*-0km1;(joDg`@v#aLf^-92dje_G*H_Jj#_Yl{@NAJ3L%U$pYjB}eXm zb5>_wa#r(pHrL;^>KzwCNO zw0_QU%ikp*P6jWZu<)jW@QsTZ-qVyXN_)Al+hoL5V{W$p-#z1{`{Z1gbuQZ|w)X$L zD2c5ap0nMPpJ(?5Ozr=A|N6w~-Zy*>+;Unp>A?91#hM|#IS(v^w#Yo+lC)6Uvc6u2 zaSiVt{zRL9i zS(pqM47fo|eijyHCgvaDK$cZyWc<$}ZXn9Wnb79J*!IJTg^`Uzn~jl`m7SRrIe>wY z3JhRIhMZ}?j%B(%y%HKDmKl>&@Z9y_V!=BGD@<)#mg^n4r_8(gUhC4?TSBI-W9YZq zuw=9TAFVq-<^3lAz3?MRdgJpwoY{ZUS6dtkWr(=exID`5cVR!yu(hGT}IN7cmCedgp^b3j1qbN@|w^4D>OC1 z@`KjDDQgrDh^%P47&6;I|HQd#AN85K^Mn-N{1_Mz;VFN)n=1>-99+%bZ_Yc-Z zGNXx63E4JARtDxKMt%mMgSeQQ7#SI6C9Lj|JY=h}!6|rwr(@;BwQE<}S2EZ|zVj|A zwfsNzlA(uGC;qBLfH+|t+@e@9F0Fhg(D`e5W)LO-+A{@ zQDKL~9Y0b9UY#us??1UMtU_zojGg)lcQ`{QYf2X@u;y*w+v@8pr)Dd&^p%gt$?wHt zXTE+tTIy%}XJg1h^Tuc>t_a(tVA z$X#(kRpyFfHicsrb+aQc-O$Q4=X5`@XY)6ifQ>mT%$b-O85kGa8dw`}0z*<(n1#uJ z!GIgYnT6D4db>68OvpqLhTsM4T^}kmX{8UL+@yU{FddIFlFic$* zfA$(@_rtgA7G13@vwV2X&_(&hIfrXqyIZuZtGBLYXPastV38g5{@$C}*ZVb_+W8YYkD2d#l$(=$okZr zo}d4emM3dFZb@$UQ<~1T<<07nX=!cKLym`UW_$Z>cfsFdEpI}-WWBuqoPM`&U+eD$ zM~{B9egAQFo7A~~3Ndw}nUA%9oRH1gxlQ-!mW{%J>x$Q(v|GXL)50jQds|ES?ZCfg RM?X)@G)ehv11|n?Cp)AZiyqS3= zx~|@#x~>87e!&KE;=G0?2F6C_Muw&)Mg~#hyhb3d36yJ~YN%|W2+=8(nhMtF7aZ>& ztcz+)6QdHcos6su%uS5^3_w?LF*PwVGHfw;R$sR8XisB*-=UMw5Bx}FOnNERYLVf7 zC&Aa!@?A#iBHcYrb22vQR;?73WiZ>r73=Q|`JH@?y)3ne2ibkb}Yo2lPOcml*GCh5{sJ`&eUlqWk>pVAaUdNyMri7=HTa}JI`116ryQBJip`1mVex+P> zwP}9o{`!A@|5Szj{R^I$orq}{H;}RVVNm){eZMj96;?Knvt}!Ml4jbnZm}u9z4WSg zL}g^7Y`s$5-`lI+L{?c<$1IJiIjeBo{Qm)E!v|BZ6z^nWW@KPoY-?a`zzGaYSz#6? z0|oHDV=&a9qt$;qw?kJS$NS>$i&jX28VGWTTDrMYriN|Tob@)a&;`R#IoIYVmV zWu<9q{|gFd-#ol<#{ISiJ43eoyMm7+ZhkEAXjxySm_6^FmdkV7uLq9Qgyjgop2kyS z^|EN)lBXQOv-Y>{aOUp)BI;5fn|88rFZ+oSyZy4zeu!zx1OXP066U~0RR91 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_NS.pem.certspec new file mode 100644 index 00000000000..df01e7cc82d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_NS +subject:ee-EKU-NS_OS-int-EKU-EP_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_OS.der deleted file mode 100644 index 4e4258887032adee17a77c72470ffacc88d142b8..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AQyBMr{LLHcqWJkGAi;jEvl@3yOabL#GZ|DQ>)dtN3Zd znfT}IEQR%fK412Rud=_RJtt@KIrjJ__idlDrhos`xLU5j|LcMYGxjPU{?zTUrX|BT zDeITPrFrHew;fv7K2zGd>++?1$E(4vRZ-@;6TO$qWK?}SD)Dy4^c%`EPdgRelwYY@ zWS)|S>XYAav9`_!Oy!%5#YPDK;ow0ECgx!^^ z^S*R6w45ypOy8QIlh(D)|Cymh-pc%3$!Z?^stpGwdx@<78N2nmjLAH+l<@K&>=pZ+ z|8D+pTtuIZ`(oX~$MbJ~=hL)#cl4dnDbMMgAHNsa1#h#x@j;pG-|-20XBPWieKXTN z{e$?t(oluF3F|Y(D-|Z}d7h*ob+GIALf6JAd#@xlWEgrd9^E7GgWEXeuEqVp?5*wx z7uoV}jx1SkuKeyz_cuvV_V%j<{eIW)_Mfu)d365knF4>>t?vE#`{(Kc*{ug;iUT&5 UR-X9$E$l$Ta-*G6H^sgH0HoMDm;e9( diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_OS.pem.certspec new file mode 100644 index 00000000000..0a95874fe79 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_OS +subject:ee-EKU-NS_OS-int-EKU-EP_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_SA.der deleted file mode 100644 index 1c8976e72ed5a6d737186d96e49a5a5c63537af3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AQ!CUycU6Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;)5Lx~U%#939O^nQ=#CeTCToWkQK-Ey$KoO!-Dm4|X(JwgO zKUf#lm?lOgWIGvI8JL?G`5A!D;$muIWMnv{>w7at?Ma%lsHb|_^ckflcOoxYy^szF zEqL?ybIZw04_=lRJCC(2$$bClasL;?Uxr+U?^zlSU;B7rcA7}BPp!j@2(PM5YMqOI zHsnq^&YT@2GWjr5$ERca+TPg}WK?n8v9z4iXM2oie^OVIbAiP2#cw|9$xD7yGPZLs zyrzD5NtjlLhikZ?{?SYSsb`9KA-vP9f+6L@OrGsm1J!mJZ!TGJ%cJ=9StZWT z43eeZ=WbdDtvk)A@+vcMeHrfp1D)$DLd!iHB7>GIXZG@3Z83kc=gcXG)hvPeB|NFk z@==RLqoWqBl;2xt#!_Ql#v9OktbRiJgH?&|qxh61f3Y($GcqtPwl%Oe-~b0P;YFj9d5 z%*fE5qBG56!Q?jm?rWg8XU>UV@O7u|FcobzL=<($J)rhQe;&53v0$l)+Q^6viLS(i7)-?7fw zQ2L_g*oBkLK@qDyyi|Ijv!;IIW!?#20{3t^+8*}bdvDXmFPG1(TJz^-|BTpua-TlC z&;9%Lx6hrx*e5IM>~+qZzIw%J&TpM(wUVOqu5leYpu4*CjcC+2*0QQId3-;r7fpI^ z8&mzsCv@JgdAAD_l&4A6M6~<)1%V?rg}7g diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_SA.pem.certspec new file mode 100644 index 00000000000..7786a5d1589 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_SA +subject:ee-EKU-NS_OS-int-EKU-EP_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_TS.der deleted file mode 100644 index 39d38730b93b31fcc6d51352eec54b1decbdc350..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AR;;JU;_oHcqWJkGAi;jEvl@3q*<@nFFu}Fb%;fL zg0Xny=}j*>e11u8>wUOS;{2)qGq3pGn%}-kNzm!^vh5+deA~Pp|H`?vsb}$Jfk?H| zyzb5~o6Z#+v|DxT#;Y5Do~r7Id(YUm%3S2;*?R8thgP+ltv{x6NBi4{{3Q!dy->m4Pv%ZB*>QO11$TDgAccQVR-gO(m~jJp zTx+W2ywXMxe%!~|-i){_84LE^; zDJ#svWWZp+4Px@MurM<*{{RQFtSTepe-?2AQ8vzmHV?+OA5JWcY#iEbjI6Be%$&#p z42)D@05dYoi%zh z`@CBYy;pgpEZdQ(`(OtDX)iBJUSGS&)H4rn>#s_mc{_+xq4FS+33vSd@|#cy;cSP7NPS~5-9W42?eIlE!`>T!Y Wc4z*CACuvHxX0D!<5{Dd>h1uoZapag diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_TS.pem.certspec new file mode 100644 index 00000000000..4aba8e13afc --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-EP_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_TS +subject:ee-EKU-NS_OS-int-EKU-EP_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NONE.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NONE.der deleted file mode 100644 index 15290cf5841d2ca2e4f5939df1616f71efda3e22..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6APng%QORCHcqWJkGAi;jEvl@3`;=G0?2F6C_Muw&)#->r?yhb3d36yJ~VyI-G0MRI!nhMbu9Pb~j zi(*O>qY|=>jI0dIO^o~uKu2*gH8COb|U z3v;&Iue6%PXfd;x!?k4(=jQeLzuAO**H#|eo{@Uo+j8lWFD)+=w;Va|BtLWe`sc-e z;+vhVS&cy{2{TY*hqn*Er)IC8t+EOHa`TAP>Tabu>l>+H#K_1@1LI;_18W0LU|7luvoIMj z7;uA_{46ZYOw2zF6hRzSM#ldv;s&B@oC$3njBP)hSQyzjwAmP0S=pI6kpmbQrN97Y zWT^Qr>#P~yRoU}@)9h}Q>gO4X8E2Y*H+x-cydJ&i(O%Z~leTsL`@95Lr zXZNZ8tXejGx^j!d&V@xGHBtFaz2ym7Q@)fi%Wizr>Rf;6apr{!lXyKCqh`9kvAmzU zBEsMzQ|WE3b|Lk#Awpma`;n9@0E|XO+ z&$Uf@S=YJ1gE44YLD#i2KeE&_t~F*H-+xO@expNI)Xt2+%U z(kuD1Z^4ADwoc!wm78v}&0OSkGdJ}6{f?Y`F8P9G>t&0&&iOR6SS)xoYxP4hiTKbN z4f`?!|7%QX-oEqnwTpXOZskdQH-BQzDPGA5t zGA#6FTRG9j>`m&)3*x(8T)ZE1YWK>Z6P_G)m%0A1uRHWk_}CwTyiD1S)SDNRna&@- zrT6XcdsWWJ?hAFj$K+!KzaH1_3;ZnSpZQFff7yc2PdPRd4pmP5>^LLxi$m*ly|?>~^Ub+W9DNo_oindkeL+{0vnE{bPTi_`@7_9_tj=)i;=K}8 QX6@44buENz@9a5`08eH$l>h($ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS.pem.certspec new file mode 100644 index 00000000000..e2636cdd4c7 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS +subject:ee-EKU-NS_OS-int-EKU-NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS_OS.der deleted file mode 100644 index 38b35404d09f64627084ed0377fc5cf8ff8665ca..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AP2Iv#$X!8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+h;^c>iDnIdNV?69Z!-b0b4j6BDB-ab6=3*96KnP&HIGP=x4|N=-#*)I~L> ziBSpJPDWM+<|amd2B5RJn3@E-0rInm?y_P z-Iem@LAJW~JdTvU)8%am8|PkWlZnmWHCORNxn9q{<4tdFKl50$BmBbMbJCNNm(5MJ zc_CqD5G{05I4ki=;8K_AuDLbtvZ__@!x?{GK4S6y#}}!W3-_^}xN6;Qv6^qw{1wGr z%&p&y-Z5(=pRYc)KsC^`Zsy_Lj{5Qn0x^Fth$N{6**o0ScsuLomdcVd%E#HHj~aN* zv^X&#p6RS5|M$i%RaQru<(|w=Kh0x#b^+h!uX}jH-rn{13OadOZI@~2Gtnq#RoO#3 zb<<@gZao!}`6Hm8_1d%kiBTG5-JuvaBj2<9`-$15q~4gfcd|?980V0St^(U;r~R zu&8&fElpWly63=g-V3KDe>8i!x8RrCgDCCkXZD8_Uzob4eG1PyhqsD9Q?51KU$nq& zn$6YrKMagtcPUG_aNg+>aZO0|oDu$KW%=Uf&e;|FxfbQFu9iFDk&_~vw4!O}L0Rqx zxwXG0Qa58 z*InxP{QS=Cy}b6b;kK(2ytYjf`)srz`y|`DiEJBQESP=t$992)8lSlvKi%V<*Bm1i Qq)}y{zA0U4OMK=;0J4uWBLDyZ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS_OS.pem.certspec new file mode 100644 index 00000000000..18d8e848192 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_OS +subject:ee-EKU-NS_OS-int-EKU-NS_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS_SA.der deleted file mode 100644 index 2e75c3b2a705542f7cfcef1a028b6ba1ab7c0f31..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AKf|TP6cuHcqWJkGAi;jEvl@3gB$}+kR?(Uo&lD%<$<)#@E1Aoo@eNXP%mI-J7EEE>MG`s8N<`t}0cFzA|_5bO) z;69I6hkCONxcId0-}-Jd&1%QVZ@X_S2~jd~VioS)F}Jv{bIvNx6lKvbLLs47%~kwg%P)oWQ`86=q>F zU@+hYG5J|on3h0Cl*FF4sA9@R#tXqPUHXvMk+9X z85yR^tAAwWNS!URRM^fgNc69b*j}H4kS1p1+^-+Eip!Kj5i$rJk~mg zIBIRFl3VI?^z%)LFTS%2`?l}>r^~wIu4lCR$Bg%G4Yuu%mg(0;E7=w7n;{V5W9HE% z*_C+K@vXuy!`43!|G2Mec{O96fBh#eWj3DQcPw^l-Jhx<)VY?yZquvwzOR?3R_g3` zdb6CFW8NH=-c{LqDlTg$Y2UG|aJ5@iDZ8{ZF!>|f4ol1DDiXUtTTLxKKiSdd+j=AU z_i1SgUA8K%<+Wx@Bvk%RJRjU7>MMD)LclvSXdj=@`pl;f=eOj}c~>lUqQ6_prs3L( PUoDsSoiNy^99aMWY!NC6 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS_SA.pem.certspec new file mode 100644 index 00000000000..4f620e8ed36 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_SA +subject:ee-EKU-NS_OS-int-EKU-NS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS_TS.der deleted file mode 100644 index 20702de20b42b6c2c5da70671eab6d94eb878893..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6Ej0og8?rar&gOs+jm|@Ms8LH0|`Sh0}(dnP!?t$-psrb zU03f=UBBS?kYEEjab80c17jm|BSTXY6U!)ZULz3K1j;o~HB>fGgy@t?O@(Rn57tFB zrioDr*-l1Q2IeM4eg>ecxR{z485xdfzR0%>w78YH`KX?$zSQcrbe(kx!8bihxsC)p zT;1$cwX^y6v_sL6F11Yhjq7-fr{WA|tUfW%FrmDI1Tjfk9eoenw!rRxs=6d*CVShpBXYU_R7TVrooATD^=*vgHe!snv z%GUb#{$ZvA8$RC`oXGJ1>&cIfLc1#e+4xE8wtQQZXCUVCf_@{>hqTRd!5tSgahtv?cKM)B4&T~ zu8U8N^NN0-ceg2j`9u8wCZpu={4FdKbniZ@%UL(kp`D4Dk%4ist%0=xConK&g;|&k z7!0^UOnw#?W+vtz;6RpDWn}!%B5okc#+lIO!Pxf0iG`7kLz|6}m6e^D6FGo^kqQi8 zMuv^Xi|4kA%$1D!)&H)Qy>D5HmAg`nsLDUtMMj}ZJU+Kib)Wd_yXcaD==1--JdRDU zHZ|gG{r~@Rzyka22c>r{F5YxAp>co8{a*RC2fCKcTdF&Y=LW0IvGlDktAC4zmo!!= z_-dH6S{zIZQE+ZDHww`=e4MFuc}KAEg2w{O;=eoGxpLlpTXkK{zx!8~1d5t}S>It? z=`JbzdHa*K$6V(=4w!DHk+OnCcx(BRc}E)#?me+VV9`0TV9%@SQ$+RnF4Z@j*4P-V zn1H!p^IZjw@YKCOA~*yN QOG=oWk}Rouu3aqz0NP$L`~Uy| diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS_TS.pem.certspec new file mode 100644 index 00000000000..7ed0599c382 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-NS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_TS +subject:ee-EKU-NS_OS-int-EKU-NS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-OS.der deleted file mode 100644 index 11374e4d67be951a38addda527724d00d3828ef8..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 758 zcmXqLV)|sz#CU4~GZP~d6ANSih6e_`Y@Awc9&O)w85y}*84N@Xg$)GRm_u2ZdAKt3 zN_1VlLv{Uw4dldm4NVM;jm(Va3Qp>$g{@D2SKjV7W+OV~6 z^HWa!J9l|Od!Qi8%6{=o%R^PynT>^0dkQsEor6SU8(7WfJ?E3(zIESS#+{G(RS!N> zt~9l>U2(I~{k^`Ku;J%Onf*QTiK%@D^usC_#`52aHH_w{jQG9Y=jFBe-}B0N;!Q+~ zxD2@GIH zhIVaJjzf~J$_Jen+igz_7WgCSv6r!y?QPRe|H_*!=^T;Ux^8|KE7qI0 PaPyBhpBYyB39JGDB1R}R diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-OS.pem.certspec new file mode 100644 index 00000000000..bf468d842e3 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS +subject:ee-EKU-NS_OS-int-EKU-OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-OS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-OS_SA.der deleted file mode 100644 index 2f3ac9bac0f4b1b0968f5c54df6a75da12cbce78..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AKg9-$@3%Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv{Uw~U%#939O-#+A#CeTCToWkQK-Ey$KoO!-Dm4|X(JwgO zKUf#lm?lOgWIGvI8JL?G`5A!D;$muIWMnvUU&}0R9>+7=F4w7lHtK(S{l?n;mQl}* z5Pt)CX3?4dRtVY38!(pst~<5ABBjo9j_9G^`)ei_t+}zTxZ#b#opW7`zjkod3gw=b zShT-5YZZ5%ux>w(sA1kF*QG7ur*4@!w_f_QdUaX4yj0?iU~9EQC)LAWoLI49((bgL zmaCT@#jcEP_xW>CRENu;TgNod?cv=1xjQy!EauF&Y@D36V)iaC4V798uef;@mZ3-g z)JfYO`gJ&=;Mz-%+YJ$Om;a6umrp!U5Rt}i|Io=|-A@tqqe|(ir{!d0b;K6D(A*$6 zx$pFZt-ajeK5lYQSX=GRz98x0oz35BV$ZLa`(?Q0hpYc-CT2zk#>KV<)&`uwz?2nc zVKQJa;07`ISy-5vn16r+Syq*i@jr{WfhZeiLYoI;+YcueMm7#@Hbz!fc4kiG00u@X zFn}2uR8IMES$_MO{io-CR!_#db(x0&Yy65rmx!aALwy8En3H(!IJQ-fh zcrnf>l1FpqktY|0b2r}!?Y%aMcV+(J^V_(bZ$0MQx@m#bQniefB==9M%N88a@&9*$ zIVvG)m0o$kjnnPQ8_V-FALyEWzUG?{=+*LNj_JD>Q+zAlJ=n48_T$^fOIvriuG9@t zO=AgC`!TOH`eWU}9x>iYlT>A&&C}hvAT^BDM7N$X;#sBe?bp6Z^J@RG7)S?o_cgF5 z{tcEplbWF|*kF9%_Bja~p3)ybW!f3`t^J=7VQI5}o^DUM&n{;JUOhL@{?ETS?#ONF RxvW<%{zcW~kV59y7XT@6C`14N diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-OS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-OS_SA.pem.certspec new file mode 100644 index 00000000000..6f4f76f22ed --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-OS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_SA +subject:ee-EKU-NS_OS-int-EKU-OS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-OS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-OS_TS.der deleted file mode 100644 index 546bc68b60906b0e8e84cd164842ce31e6ca737a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6ARQ($T6U*T>HN08qc1J%> z|NNu)cQgL)*X!G8V7l{Qgz)v?8Q-^0nZ+nt^l@4_Q+eBy#=NXJ3$2CHd!Ac1XRQsA zDiu`bs_fFVT=n9##$rKX2fpmddnU)LYJd6ke%jh!{rkQ=ZQHXW^gLruLMKnp)_)=o zF0O65?zm8A9n;dZXp0kaIM1UyQFp=ShlW>A`n{BVbK@|7FcUK)1LI;_18W0LU|`A$ zvoIMj7;uA_{46ZYOw2#Pfh?=a$oQW{+(49#Goj6cvF(Qw3nLqcHX9==D?2kMasUG( z6&S#b4E(jC8*N!R_7$0E#%*T{@0D+|)H^iGL?dvCX$0TxxzD$LKYcWuTXXvx+jP@o zk^dC#+jA|j`8Sng%alI}X2*iGe=yz-*XsGMSsjzVfkWMmKA=IGp%0d!e7BkAm2mBQt|fYec;3Uu?Rjs=Q1$U7>jAbmxpK zb)WYd_i8&--o1Jej diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-OS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-OS_TS.pem.certspec new file mode 100644 index 00000000000..2c4b23408a8 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-OS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_TS +subject:ee-EKU-NS_OS-int-EKU-OS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-SA.der deleted file mode 100644 index d2f55d73916d6c1fea0516b9b83dcd43861626f0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 758 zcmXqLV)|sz#CU4~GZP~d6APm{pMn7|8>d#AN85K^Mn-N{1_Mz;VFN)n=1>-99+%bZ_Yc-Z zGNXx63E4JARtDxKMt%mMgSeQQ7#SJ%Ub?clHO1O2;v1hin^-jeOs&^{q3p){R) zm4c>fy_MMm$wZg`_E+CMZi%{9b;&u6ao(}T0zL<3aOE+~3C&-b`MRh6$>N)$#wC1n z)ce;xu0OP_Xz48_qm z1_N#olb?l!nTh#_fg*^b%Ex65Y)zEG3?_vz?A`KzJJt%Y1X zKVDpX+=)Hv>5cPhP7+JhbwpPEJT7~(I8LH7E<-~k{nLgSvrK=TR=*y5v&a1Qoc5jk zk-n~U%#939O%2SV#CeTCToWkQK-Ey$KoO!-Dm4|X(JwgO zKUf#lm?lOgWIGvI8JL?G`5A!D;$muIWMsJbr|QgQ?TQtaJnzL`x!2gYy((PZer;aT zvbh0of6RX{L+_-Ix5>Mn%R3$&QSO)Dvat7e)xF%Vj&}k}IXf=bEEj(!H--7&T6^UK zCc#F37EVqn{Kd?xxp;oEn*32#n|Qwz>B8qfRu#L{XX-S5$*Zn@+tBk@%q~N$G_mSO5QD)1QM=_apY53w=HLI&wIRG;@gzqbV|=px z+iAffmfwrso)Ix=c_ZX<;HlfvP}7Df4hz$#ANjpX{r&WpE;9vqE%v(U1YW9)-6yue z<<}v;%FbQawjD{^*lFxsy5;@n+{hg-`hFhNz2hkUjWhGaS0-jg2FAs<2G$0gz`&Fh zW??d5FyIC;`B_+)nV5fo16fv;k?}u^xPd4eXF{6?W7`iW7DhG>Z8k<$R(57ih{M@+du@d-yxkCxe`@3B^B#}9=ghFUw*8Lm zE{{DQ-T6Zry9161cTZdzmhfBhn*96pQ^lLinw$=9zT}~IJaw0d#K1_n3T zzRym*!+jxzGyJa9&RbWX2{`Ao&%dMKd)R-Gbe?#8Wz)8dd+%pVzTBA1ca%A2x|Y1d zvbYPTir=}kQ)A`r;}-3fK4S1F@X|-m^40&f=KcQqe8PDqvjS!=JEivqU$-kq1Uxab UIbivkYkiH zdE2=^r^jW@pNpZRvk_8(_=@={AX)2cYFtwzt951ANP|CgKp z_3)Dw^-=K~1XmS*+O2i=#gA71mzIqm+Bu6D?wNj4%v&LG`yt1JOGl$?eH#nt$e%XTE#bJo27+LLzpsFO3NtwaBzHBRP&CWVu4rf-li zD!CTCt;Bw5_36I0htrrJ9=A3q>;07$wR4whm{?_SJrgq{1LI;_18W0LU`WaevoIMj z7;uA_{46ZYOw2zF6hRzSM#ldv;s&B@oC$3njBP)hSQyzjwAmP0S=pI6kpmbQoxlKQ zWC;6x>qyP=^P!9WHh4JZ$|gdzRgpO4j0;; zmD3cS zEN5z*d;D3Xv$!SRw%sPAYhRjxv2#yCra}9?od(CO_vBi3e`fOv6L7mUeO;j1*Ad4f64OvvK2=@^pr~ON>}{*?r!>S`B3($PkE#?RQ9dcoz4Cwa(2JjdWi+M z7HUpW-QDOoS*?Edx~S~)DiS$+cU%5_tFmeW+pb2D&gZ$adSdF@Ey@qGKHqTq_PcV~ Qm~Mu*3mVN17JhjS0Hs_l8~^|S diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-TS.pem.certspec new file mode 100644 index 00000000000..2d7b317a4a2 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_OS-int-EKU-TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-TS +subject:ee-EKU-NS_OS-int-EKU-TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA.der deleted file mode 100644 index 958d6bec29cedb18e2ddf77d1bc3cbb40dfa817e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 758 zcmXqLV)|sz#CU4~GZP~d6AQz?Ln;QmY@Awc9&O)w85y}*84N@Xg$)GRm_u2ZdAKt3 zN_1VlLv@`U4dldm4NVM;jm(VV_d zemB(>dp;E=>a?F^s|Z>YV3xXTNoS|T(i2&8tJJb?J<{+raQ=O{KY2}xDZ`d*nRPr1 zs&{P8RXTTbn(ti+n`yQ2iU}6{p=`IKpZ`21XTLI^#qRN8<9yw`<$L=)G^Rc~*mnB& z={1oo(_XZ$NI$e@)6@UY-pG6JIQZh2Liw@aw!;E%yDLPwuWzyc$|LXiie3G6f5!fd zo<&MC`J}bpdg!@-ncS!?Xy?`YW0t!5tRrhJ-{{1tC9^EK=G=VX&u-p;U?%3}TeUvu z{95}m|Mt3M-;A}Te&GwRow#ye$nU57f;ib@2OO2A$TBfAGB7T-HLy0|1cs!nFbk6b zg8?^)$cD&7YUAJa;-b-}0#ne(9(GXZD4AmI7gK z-~L@%+p}WD?pYrTGC!5h;_fR7eUTiObG4Ltb9~#(m5&au6b%>N%5-J(Str9^eeJR8 zSNFAw7Y6)|*|X`OLWSI-OxK{)>GeVT+tR#tFWsB#;~4C?^i1dx<9Ca;RhcGDI_TQs z6wR~igp^O@&k*lvpDu-eH!?kb@7&}K`q6RMyV{e47O2l&7aeK&>zl;qefuxWd#>BK zCGzvzqPJ^`We=XK~U%#939jZH10#CeTCToWkQK-Ey$KoO!-Dm4|X(JweY z*ijeNm?lOgWIGvI8JL?G`5A!D;$muIWMtTKoGox4`|9n&OfB{5(>^!XgsE@R3{`#8 zTD>;S+j;RR+p?*TzI*>*{@tixcspc!^I^WnuFspjBW@_(e=XG}k}ewaf8Q4FcPy=+ z!tKQlS?;{3wOgU5@%YN!%hLA7zKOVb|Bc$ZU52&Wc(xlX3c1mv()=(%#jZD%t)Re# zd3xoAX|WS*_qnm!-@k2XwX)6lc;`FTGpq7**NWf2botj^n+Kn|1P-r_+=8+vZ$*U9I5M-CB~SHP=n$+8ElN{CecjkbB|Z+~C{M zM(NBMYbThxPjgn!UZTG6uafwkA9`X!Brf`{BgG$i|_~#>mRb&di7$z`#fa z1~4N-lkTKtJvH(Tra3=d#mYt77VVxI`Tb+I^A)$5ouvx4`=<)XJiRpc%hKL!lTQb% zKA&u))^%NO!{v`QrY{d^@o9WmyYe&3f@z-o%_^n0BOhJ5)3DcWi~EekRZm=M4cGMb zT;@?^dB^K|XNhg7M|0KRX5D?tiTm6=<(FhEcQUS>x|uKb+Qs{ozvV7(IKFH7UUh|6 zuR<-JEPH1+_e^jRCvU1)q`+K*uG*5sY3J@<2z`F(<8(3Z|7~9v%G!*L@4V=CHtDnlssSYkJvb#ODROQJF?0Zz* Ter(d0>59)D`Euyr-8}&S{ZlW8 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_EP.pem.certspec new file mode 100644 index 00000000000..68240b817fb --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP +subject:ee-EKU-NS_SA-int-EKU-CA_EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS.der deleted file mode 100644 index af807978d748ee485d2c51528ed2e4ececb2ca78..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 788 zcmXqLViquHV*IgynTe5!iG?YO=Y|0<8>d#AN85K^Mn-N{1_KpCB?ARE=1>-99?8tS z5?xpCP+e!oc-Mef=&IdNV?69Z!-b0b4j69dC2ab6=3*96KnFf`OR z(1nZl`k>O&F)cUNC${XjlMhQo5 z6#CI)7SYfB^i0y-(@V1)!ZvUVT{@<*K%wq)`rL-~XAbVZRWjFCCC+2fZ|5oNejmDF zy0NG>+QgXS;zEPyTf39jyQ>L@@x6bzSK^G3Uq&^j$f+H|Cl3ivE4gu)qxW+5|RU%(X*ndCe=JQ-e)FH-?K03t>>GWTA}*0Rxe3=d%!=_Zyvv7 z_MP%yZfQ1m&7a)2-=E}|;M!|9E#=KIk034SKYE9bR+sGLwUhPI5&6TvYF6w{CT2zk z#>KV<)&`uwfRzE6WTl&+kQB)FtTxI zvoW%=vNJOx2QV5YX+v6leP?lRK= diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec new file mode 100644 index 00000000000..608751e2d5d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP_NS_OS_SA_TS +subject:ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_NS.der deleted file mode 100644 index f163aa8eb373b331a08b1611314e43dada362f73..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AR;5wDw-!xQBkEpt{@wPt%?DLQf|;5f^wg-H`P9sPGngKMitnfW!P7~+Nt_WaiP+zfKUIKXA~Nqgn4ooc?B+ zE1Eyo@%ufo53D(O!FJ|Zh2FcZH~ba2_r(XFxHrLIZ^oime?`|#uy;+kV-TeiR66y= V!S74~U%#939O$^MV#CeTCToWkQK-Ey$KoO!-Dm4|X(JweY z*ijeNm?lOgWIGvI8JL?G`5A!D;$muIWMnwAZ_9+O^S*cY6#IVO?f<62)}68Nbie_# z<}*7rryV)+E_q8)*5fJ5V$5Wg%&YvB!ycI_qS7OzG}~(1S!=m@Ew7Bdn3wI~?qNL4 z9CQ5Oyq+{SEr}1clb-n;E?6SS{4jZr%QB4;~`>uTk_3%2}d20J^a#-Z8k<$R(57a)84Jic?ec?Fo&(2Sj!L@}^H!Q`?eS>|}UgNn!M=_8G1p T)SaS>BO~@t+`_$-Lx~jt5u7WO diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_OS.pem.certspec new file mode 100644 index 00000000000..0e9a98127fd --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_OS +subject:ee-EKU-NS_SA-int-EKU-CA_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_SA.der deleted file mode 100644 index b519e60a4c16958f5140e08bab2edf804034f38e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AQz}rCJ8OY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@`U~U%#939O$-g9#CeTCToWkQK-Ey$KoO!-Dm4|X(JvUN zQ5V&iCPpP>I~iFSn41{+8Gz2>VrpV!WZ1aJVMAFQ`%mQwrm1uKOda}fKCAn+*KWSM z@#9WuyH}5Oo}8KH==@0M%j@nhk=xcyuUkGr#MXOrVe7+1A{nWZFR%#Q`Z9IZvUiiV znlG{8bos2GG<|bN`t5YJ)p8%77ybDa*nRx!rMDg|-!*?|dRH$@+Gm#$w@hmH&+y0p zw+qQ^ZPB_^_4d;*@tc#6wVjGl6xK*spi=$rWn{*~lSRtnt;gJy|7m^Sl>0~a=4N&A zhuX)K!<9Gt8Ga0$711z%anHAovYt+#+sn_@Ml8}hr=ic-@@~72c6PmR;<7dE3&VWu zO`aUlTeE6ztnG6~hnCe$!4*;wrybT@F{@b_e(A=n57Fu;nV1o zzyM}sXuq}U@cg6x$;#d=(JVr{B3ZVwGhNhBUVT3B|NZHu$CP#7NG@)Az_e?Zjmamg zjk?jsOFw(Jw(NQHXZxyr=_Oi!?;qVU&FW_MRc0$zwe38u+ms4FPg_ymd+71@h<9sl z{p5XiphLfJQ{k#Vg;OJQ6ouC;FF*G-P>IDgPSfJ(qj+6C<=Vqb-`U4l&UcTiGHfBI|O S{_?QVw$$rkn{d}P*?$1FH85TP diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_SA.pem.certspec new file mode 100644 index 00000000000..0da9052c442 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_SA +subject:ee-EKU-NS_SA-int-EKU-CA_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_TS.der deleted file mode 100644 index 3435c7b0087afaf9935887355c6fa81fed71d8aa..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AQ!3HC_h1Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@`U<3oZC~U%#939O$<$<#CeTCToWkQK-Ey$KoO!-Dm4|X(JweY z*ijeNm?lOgWIGvI8JL?G`5A!D;$muIWMtU%_UyrF+=b^SbSX`ly}haDPqM)c|DC_= zmbzJ&?fnzr)}`GO!e72W`$TZ%hFEo-CEuOT@SpwpY<v4OdCCI<)nNsUjCh)=jCc2+3&FA`l7~iz4QjrISL!jSSe>m z%$Ynz`hD-oUnhSGf0uZwyZ61yokwn5EfdqD#3o85FUWYcujS9JyLU}L=dm&N&Jbi< zRK6;yNPG2-^V6-j^eay)-SaX1jJBCtasjv72fs#{lB0pD?EjJkHHFn4yZ;P7yi$DL zkK183n`VoiwKFJ?_>pw8XX=-~>v{HnE?j-w{BrKT@_pC$mNGFjGB7T-HLy0|1O}$8 zFbk6bg8?^)$p2bNiYMr~-OFE@>^V6h@y{&AJriOtM=|znV~Gh$^>k%d^H^cG=;*3r zRj-;S%UiFjdGRlgLC`|%aOM5W;&!X&vUGH;OFWnSWO{<%yo9f-vU9DRum3uFPISKF z=Bmj{_wsc-5z6~_cyheRU%qOm4|9DZ{RMO;>K^`(8_4x;5BG@`K4M-DFK;|w_&l>V z_dsIOF0f9~3N+(h6MARQQRB$dyOWw5DzZXNPQRVK*El~`V*8^x^MbbR*e3a8 UZqf03=`5$UKTHz58?nj}00D?Ec>n+a diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_TS.pem.certspec new file mode 100644 index 00000000000..3a8845a9f16 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-CA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_TS +subject:ee-EKU-NS_SA-int-EKU-CA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-EP.der deleted file mode 100644 index 043c47ca994191b62eb489a650b151a6aebacaf3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 758 zcmXqLV)|sz#CU4~GZP~d6ARN#<|lLG7hiQ{?9a(R zv{;Kvtk`+~Gi=^5Rj+x)@A#Cmz>f#4{61cGyKuQrzp8rkMtd!pgnnh?vuF)OUln2DK@fpM{|fwciAFeGJ#S(pqM z47fo|eijyHCgvXoiXe_EBjbM-aRX5{&V)7(#zDPGA5t zGAz1ib!|4&1M#e_%e(f7vvf+VKX@tovIIkCXOFe;pD%4)i&PhVJagpd^=dy2#>T); zRvJrlYb2Zup07Ck@%W=PYHgG1R!)uQv7dR0?Mw43sj4RnTwpoSV;plyTYrgNN$A{dwTwYYA zwrfsVn&7{K<*eTS^G+tu7B3e0Y8W_Oo#()wDN`TGMuZtGlz1v~NKkxLY2oFU2MgWO z3?h&HZF?Wv&n%L>saIEJTK<<~eiarxF^;SXvWHfsfGgy@t?O$BT83yu$V z)I~L>iBSpJPDWM+<|amd2B53Bn3@(kA8XC^Kadk;*Oho7syDu8^>%E0J zPB7FJ8@+Sj-*RzE_{05KVmrJ-GWR>GW$l$;-!Ez0sx2cJx6S|lN3%C!S6^L-^Zo3W zb)>{?DZerAn|m|di|zLA{xr`d+L22oDe-DvkM(V#wm<)~Vq!R1ogTjVl*3`N;{Az3 zF3Ja{%-$re96z5aIc6po^WhdN$Nf8=#7W$&Y%V@~zS=UioKxk0OXAGuW{bWnyPsRa zDl@I)jgdxL$Mty;BGL3 z|2y<7S!5}&YHMbIiSf$`yd?pw6S6c`M0N_;*R|L_KDsq|<*%gYp%X%M&i%}jto;48 zb!~;Yos@~P^w-IMWC~4g7oD@M`ehr$*Ha(u&D6_Pr68mGt5wOU_xNR=UZ!RI*S?>& z{(fp*%5vq`MMWz&?{)s}?Q^m7qwBSA4Pcs*(N%QMaFmpRRUMRyzOZ+GCd#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+ix6c>iDnIdNV?69Z!-b0b4j6C;x-ab6=3*96KnP&HIGP=x4|N=*f8^b3v; zcGN{RrioDr*-l1Q2IeM4eg>ekxR{z485z!J#Y+DwQt7FEUXjG~!0W;Mg4dIl&rvSi z@he;Oay)lIuO4&Lq8RcyLIeE!T zrinc9`}M-^=Pd237kAY}CC5HKP_nh+Z$Zr-wKP*p*|jwXnV1o zzyM}s*nNA4|DNNs(x-0R{P*bGc1w-$kIFHZwq~^~)iki2U-EbUghVf;uHgSKeOJ3= zvTrk2W|y&^k+)AMZHG?(uD6UEwWq31zdr4^dsgaQ{X6#O8sFcZkymj>i}Sbr#7Q>a zw#RB6Yn#XaI>^H<;H9QiU7y^m>6Uu^Yv(Dy_VKRWK5=s2rrU;hxA_;Bh@W8koEg3U z$%R8d^J;f<+!9$UxL0W2OY3?2URKYvfBACd)Z$|bh07JQm)Nx1w&tBTQqgsA+{pgo zMBCQHo}?I^;`J_9);*ei;JrEj*RKavP;)5Lx~U%#939O^nQ=#CeTCToWkQK-Ey$KoO!-Dm4|X(JvUN zQ5V&iCPpP>I~iFSn41{+8Gz2>VrpV!WH_-?qFLf(srvWdN6&`HEvXLCdVa3I(XUqM zQt*Q-lXMjReGyONOY6VJ|Mt0R(di|-PxvLiQO=F6@{3)sRO z?0wA6u4&o$Z3fqL_j7l$pCs(jl(&6;NA8IM+lsG-%bLYAPd%#axf9v@)Ua#$VPj{m zlj}W?NQN3!-&}n?KPcFDJ?GZ#n~H8eE{t@)F-ej!Ytm|OCT2zk#>KV<)&`uwz?2nc zVKQJa;07`ISy-5vn16r+Syq*i@jr{WfhZeiLYoI;+YcueMm7#@Hbz!fc4kK800u@X zFn}2u7MM4#)f;iAHx8H(#}UOdq`=fCk~J<-{U>t0Fg_}{Tu_SEoFs9#Fi%PXP` z)90Rc-o>!r^Us@$sfLe!C9;%Gzq#@EjJ&Wv3E`1T?&NnUw2Ob UQWZa|=vk9B$@*;*{bU~k0O2?^NdN!< diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-EP_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-EP_SA.pem.certspec new file mode 100644 index 00000000000..336f8e4a226 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-EP_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_SA +subject:ee-EKU-NS_SA-int-EKU-EP_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-EP_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-EP_TS.der deleted file mode 100644 index 1f8619d3367553e8e4f02ea2b8194e2bce52e067..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AQ!TpkD^OY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;zNQB~U%#939O^gkr#CeTCToWkQK-Ey$KoO!-Dm4|X(JweY z*ijeNm?lOgWIGvI8JL?G`5A!D;$muIWMtU1|D?$Gq}=Wr$0LjP^QDW(B(DE!>U+?0 zX}rd|>Yv<`#Xq=jbL*e>#clJ#N~a!o^U%*v0_+yY1+NYN@Az#(-f7pnZ;wvWe{P!b zNk~fJY-p<8v%67#KEEy`EwElK)-vVHQ>&9AX76JE@f!b647Ho}HZkOv*ooz*4^BR@ zy3G0xkCMt%5ALG#SN9h^(>}8H^u}W2Ne2b`u1bq zU3Hslv0ddR1|D-)y&EwZ+>1rzXSyzBX<(bVBk5K2m)nPWeDimwUJ_S*dcEmN;osPA z*8BghSXBReL6~&vCG(dtrQ8#hbTn!^JT5XD3zu(9zuNjen~9l`fpM{|fwciAFfe6> zS(pqM47fo|eijyHCgvaDK$cZyWc<$}ZXn9Wnb79J*!IJTg^`Uzn~jl`m7SRpIe>wY z3JhRI2BQ#})tB{V#CU(;W!E>KP_^}@p=&|QNofEsf$i4G_cnqd}{4Te2&$+M^g_}CwMhnswo?!dKdh}Op@}7AN_a6(5F8!IhH6wQx zgZaOmFX|@O`DIV5>%6`!d(W=G74N>ZRvl2$zh!L~w(abvx6S88@Azlz-Ev}HuV{cl TC!3AbJ9VBfb6PGh(zgZx+43(z diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-EP_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-EP_TS.pem.certspec new file mode 100644 index 00000000000..459b4010f5c --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-EP_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_TS +subject:ee-EKU-NS_SA-int-EKU-EP_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NONE.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NONE.der deleted file mode 100644 index d819c934185d7b8f680f6cee7f711bcdfa067642..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6ANSb<`4s3HcqWJkGAi;jEvl@3`;=G0?2F6C_Muw&)#->r?yhb3d36yJ~VyI-G0MRI!nhMbu93Skc zi(*O>qY|=>jI0dIO^o~uKu2*gH8C=B4~ z8?3AJ>e#oFfy&bu{O`}~pSZ=ui4jk5AdYyY}gI1F=aKSC1Z4EVqxFG{I!@{khdl%!~|-i){_84LE^eDJ#sv zWWZp+4Px@MurM<*|1eMlaa0)@|Fei2h_Z1ew0SVL{cvJoWaH3gV`ODzXJ$kWU|^I2 z1DKIPs<}$vL-O?u@g4S&N{{EXW$%NH`Hh0o+geBS!ZkyGm1IfD8AG9b?Q`u zpteaqtlo2fRLm?*vJa}s_X*|Sy?6g4?`iGJj(@HVmlh3iWmbRoKI{Pd`MoRsjfMKI zaLnzCZWd$hcz7;%*7Qa98Wq|v*X`Z*X7Q9`|2I$m`jG9rsjXye!YYjmZWIY@YQ!SNskg`E^-&uBqypMJG<2@a{64J@wbsU8{B< z+*8&0k7?=j;;Nu&F>5oM+l)N4+GR@)WFNU3c{*Em_SKF*?NRODx}PN(M!bnVY4&Jy S&rG{7J0>m)^6Ynp?zkTg$M){7= z&G{N^%M7h|rdpkK{{7FY?VHj8_xo1&>kXm=SYvG_x-#UgDeK)_-xT2Mv#7afVQjh5 zX4N+zdp3PsyVF=%BOqjo#D`PMn=Vh(kCoQ<4~;tDvZJV(chXwd*G`)=9~X-sD*N`I zpI6ZF$KGA_(tqqHe5kmjbAE~KnJuT#e9@=G)0;ctw{?2Amyj0}v6Z4ImqIDsK4E6l=Vz+k`) zV)C=FFf%d#Fi-?>R2donvxpmrvT-J~c`&y9aAIL(D;`R6J3=PeS@0+R*oOX3?j=g+z#$wH@ zhOap`Wbfix^kl*QIahw3W#zjWt8wwJ{G<7krcGWcGrw=GB#a73G3 zWmdsHYcU1ZYfmi1?;N=ci1%e_z6j!`^EQQ?{h~rhQIE6wssn2dgffTzWy>v+=gxK O!6_Oyw5s^4HUa>&i7DX# diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS.pem.certspec new file mode 100644 index 00000000000..c25155b7df8 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS +subject:ee-EKU-NS_SA-int-EKU-NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS_OS.der deleted file mode 100644 index d941f0e7e801e823651739585a3a56f03bf5f636..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6SGmZxdAU5r&gOs+jm|@Ms8LH0|`Sh0}(dnP!?t$-psrb zU03f=UBBRX|6l_-ab80c17jm|BSTXY6Qd|`ULz3K1j;o~HB>fGgy@t?O@(O;cGN{R zrioDr*-l1Q2IeM4eg>ecxR{z485tfgV!HTJK{>TaVi~*g&HQU`UWj|PhJMk$%2F>Q zqvb3b7C7N(Qidzz&Yy>k!j-OEwe~WXK4dZ3JISwOU#0c)yc9NJ<6RG}=N|YG`NNt` zDEo0w!tvetQ;S#X#!cXE>GEh`}@qs4(;nX5<zK9w%iG&7F-D5@n`Bj0Em$PS z|C8&veuU7%Bq*mtWX3)T6InV1ozyM}s z*#719B8FQtp7fkfFWul8;gn)ONi2ztsuQO!|SvjE!+~X+99{R*Bsl;8 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS_OS.pem.certspec new file mode 100644 index 00000000000..8e2ee21f543 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_OS +subject:ee-EKU-NS_SA-int-EKU-NS_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS_SA.der deleted file mode 100644 index 29a7cb2c0ca23a899c23fd1077f39c25f99f3a54..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6SKIIi2*Mgr&gOs+jm|@Ms8LH0|`Sh0}(dnP!?t$-psrb zU03f=UBBS?U`GQvab80c17jm|BSTXY6SF9BULz3K1j;o~HB>fGgy@t?O+{$bMKz|0 zQ3=^jMpg#qCPsb+psTo;niv@wF81txqx<9h;^vP#?nUzIeNT9PP$kW~Ej8`DJp+6D zIn!y&mqbf8%dPm=Re$hp^wv$6rknHRA7t6uc%}N`hJr6wZp_Gh=k7iG#MEPRFFcPn zxW3}pv@e4GV&bhQ=DlYtTsb}W=!7e;JB^EOJZ;RZb8wv@p&!^k*`WHK>eFKa#xh~7 zYAvES4kmv%_{c`;)wb2FQlX#!EZRBG{oFC7i9*L0F6Gp|^WW(5bH?H)9+Pf;3D#CE z&tqar3TK-hl{q)|{|wE;PJab*1l4w1&d&4d)&9I->;J>irQWi649B;8*07OV_&)n~ z+s!|lT3fAK-ezd{28;Na=Dm3HuRi~igzK|)!FK9Q%!~|-i){_84LE^;DJ#svWWZp+ z4Px@MurM<*{{RQFtSTepe-?2AQ8vzmHV?+OA5JWcY#iEbjI6Be%#6qZ42)D@05dY! z9|#M*o5`iX@!H>EmO+r*2G-eZiKlP+z4+_yzSiNeNc!CO>VISzwurl1hAOQ%!LlZO z_OZoTf;V@p?Dh%vigT8--)PvYkQ%I&R~_4S{n{4*=orEHMB8 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS_SA.pem.certspec new file mode 100644 index 00000000000..f4dd8fc496e --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_SA +subject:ee-EKU-NS_SA-int-EKU-NS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS_TS.der deleted file mode 100644 index a31cb652abe6b0c077aa5121b365d7dfbba07a45..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6SIl^a|2#BPOUbNw(q=*jNGgY1`>v11|n?Cp)AZiyqS3= zx~|@#x_-g&A;AW6;=G0?2F6C_Muw&)CYDj+yhb3d36yJ~YN%|W2+=8(nhMhx?5K-s zOcSFLvYm{q49rc8{0u->aWOS9GBT`MGdrtw!OT@pEsYrGyne=2x1aBWmq0LAB=5TP zcb_h1C-&{A?wzzi_f+E1*0Ob(u3j@v#Iuwi2wWkm7-{n**qQmkE*GMAYXRZTwHT>k0&GsVdXVx~L8wz1ziRQLT$?uJii6&ZZZ!xyq1 znDWN)baHc^*qZhViENhphIe+~pSEuI#PeOxXQXTwx!x?cH_iWJWO1#@w@J#T8duj& zl>74jq|M<%oxJR(g z(wcF9nc|vnL3^I&Y8w?@Gr!!YvFp;N@GmUCez`AFv=9ASbohJW<-Rr7ZRTtgYP!Fo zu6$-!>DsafXYIetpR)YLpXoOYJtO94tIj`L@lm~DZPyeVH6EU_KTUOwx?MgAk7Sl= Qt==$4w>oZLkKMX^08O+sy8r+H diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS_TS.pem.certspec new file mode 100644 index 00000000000..24074d709f0 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-NS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_TS +subject:ee-EKU-NS_SA-int-EKU-NS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-OS.der deleted file mode 100644 index 5247a93f1df9a522c33aff967a48dac745c8a7ca..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 758 zcmXqLV)|sz#CU4~GZP~d6AM$6O|}6q8>d#AN85K^Mn-N{1_Mz;VFN)n=1>-99+%bZ4|dc= zGNXx63E4JARtDxKMt%mMgSeQQ7#SJ%m&>kZVV*r-|MgnV%JcPAF~|H`Q;Y7Y7fIv= zDHl9_^ziR}=X;-S$Yf+Qs!e?H?*m89>ARXSK0Dohu^TCL_ZwS^Z2VzVdwI&#l!cRK zXi6u1e}DF6w9H2@$<8S|mikRP-gHuIt>tBb8L7?N4s8-$^L9l+(8*n$Z-4bVKR;%D z!KsYx%=C>@EN2v}nQ~6aQB^y#PlbDWj_&v0IbSQwp7YJlEqft;_nS7y8^MyAaFfTi z4q<{%U+lGbD7ejaMb&PREx|H6u5D%~TX<|avbA@V26F6CIcTm^|2wcDLHJv~#`bKh z!=@i5{kBtLQQMwqu)AHS=*LfSS^55NVSH!a#P9y5%f!scz_{4fz}kQl7?QHWEKCLr z2HYSfKMM;p6Y~!PMG!}ok?}u^xPd4eXF{6?W7`iW7DhG>Z8k<$R(57a=9rgKK&5(Ft;)EPL4=hkUlNaY#L(6_viWa{jz?=N|-f z&+0B_$~kSDe?R5k;wv(>D!2dg8HfCy$@4ei(T#4$DGw`NOPsr2y2mZ~;5PC78-p1( zJ!n*3?vN23`E$NLs^)4cr)`# zbX~neb^U|mgB=az#CZ)(42+G;jSNjqOwFRid5u6^6DZd})lk_$5u#HnH5IJU52R5S z)tDwmC1g7pSs9p{82K51uHs^9Vq|2vn=CeA`R4URpQq(3BOZqV;&et+QZyZ?Ew1HP}FaqLb~k^4E{tXI0n6y8g&dwb@BnbF?K zHMP4YnU^j=<76!C9P&OOC_$1eYT+mhmQ_)#vu71z&?dpc^Fm>C%u7uy7+G1_nHiA-7#OL* z0A^&ETiW^B@oqHmJp7JK^84@Ki|8b;^JpT-!j->{-TExlMV+ibh$QVkz-PVFOUvDe(4%Y>(1N=tZH zw$!KJ-gZEW?@|Zt`xX#?9mpDmWhVQ@8gnhPp zCI1#)*>={7!E@>*3?vN23`E$NLs^)4cr)`# zbX~neb^U|mLxK(D#CZ)(42+G;jSNjqOf93td5u6^6DZd})lk_$5u#HnH5IJUFE~Ef zQ5V&iCPpP>I~iFSn41{+8Gx?hVrpV!WH==*!XCYX>t2C+_3CTCb_wL`G;X!emE;zW zUt6eIf5xq((DIh&)b+QxY&)KWtTE93D`@jC;I{0|LXQo-)~B5uUkdN8TzOGt{>$Dz zAuqS@Z$Fy*mkVSao0`y-T*~?NnTqpkt%v2ebboocEt>n_&U~3f%OKHRmkl4jdnLCn zX!p9L*y&qci#B|^V$8a4qkYt7q2-Ib*si_H)_L~GQeppGZWHz^WtOMk+-_BBJbrL> z;p<(;>Tgv!v7Y~y@ZtU&vDk`??)_?Q4Cgn$E;{MB(Xw`Tuf`6u%~vu{9%i_| z!ne!NAbQiEm$}lb7evPMUpcToWP@0OV&au(!z=OfKD?*DzN(D-`!Qz!>*rd(4a%-g z@-JR;tBJ$LZT$k5B|WY@FSmrm&FtNk@gdvgnb>|N)meWh{W<)~hEbT0OCwAz{glHN zr|s_+B{4~yesFB#wybBF)t^Py_e9;aPU~+z%CWPwLhIJnuge}-#A(i86k8zwaPkNL z7YA!vnD=nrI@P(lzw=0-x$EAOvSHof#ZI?wJ>k52IVSy6)68oD-a8l`8>-IW5)*8e UioL$~#_e*ydpCMJkLG0n0I*3`7lu4FuVkLs^)4xH9uf zbX~neb%PxZ~U%#939O%05r#CeTCToWkQK*>x2 z*M3b(QR4Ba+ut-Rbv0|)$!U*DgTJiLuhZ#l`fxh;?~w$9Wq%yl;|l&6?l6>Nl=wB# z*yQvzPGP&lLj1w)>CZ2G3;%I#N}ardYs;F#u%C-w-KjO&eBsj@=WoZ_ey!nnH%DdW zUlofchU7#!zK$QO)Biha$2@78l6yIlN10<;-?LwGN}Ep~X9`Q(8+T*l+0=7dB?daj z73?qcURAgrQD^#3*6C2$E5`|Ar6?&(W4xv8)(^Yse1e$`U*GhrU5uenAGGchwVFfO(=ur}ZXhNP@83zGqZ z0XK-r&%(mY#QeiR5yVktWc<$}ZXn9Wnb79J*!IJTg^`Uzn~jl`m7SRpIe>xD2@GIH zhL$~-Pc0QO4%%z?i9=S_^WwhU^JXnk_iVT3n4h`elT-%#qv?m!AMgEnddZcUJx@3a zU)c8YUy{&LNnl>m|D^77tw5sjlCU!cu9;oVr5~&dKFacM(pI*8w(#z5Het(0@|Rfz zMNA~6>>smSHpsMSDKq>yp=s&v5C2_SR(x&BKF@RHW6GUnQBOQoEY|6}u|D!Nb8Zf~ z`_{B(pR|p$o_zo9ML&yMYm$_?kG|Az+AJyf5s1e#L6LoE5)PKA)PeZ{9AtPowvp~U%#939O%2SV#CeTCToWkQK-Ey$KoO!-Dm4|X(JweY z*ijeNm?lOgWIGvI8JL?G`5A!D;$muIWMnuPc6IGEog<=K+9MZ#i(SQ|GWYsRgXwy4 zda~2J=LxsZ-mkT*$R}fcV8hebr8Zx@HZsXnciws+e7P%I#B7@VJ{E1ePHx8qTlZ+K z>pZi3{`6;W3|m$(+;G3U@KE0Q1=8ogEAL#@<#j;z%KT@sjniEJ&hAvXygAY<^5Vq= zojDHs^X%nrKP+1pxmP~-;&c}V`sX63ZtLs$N`{o9%TyxCMu z_pIBE^~pT|JKM$YTHlV zn6dQJnd@!$`m6s(pC~UsQk%ATj^BxOUp6ZJ-q7T`o=;+t?cBpI`pqY0V?z||-mkve z`{eh-h__PV$2}tWo^q~uzwEQ>WYd#*Q^a^k#(CI-ev=0=95riKPl;=D#6t_hTDpk%0EAP3PVo|+2QpI}eCxZnStDVe;F}_v>_7=N99= zO2O|WZ~bCR-hS88eKE}>#4=f_onxiUHox< zd0D{3h$KU8^^M-Kv2PQN3m-;4_KxAdvon16=T(7Q&cqn6KKCNy?~~1Y>N-EkS{;fs z|M++I!oB(H+Oj8^6--RyZ!vf4KF;*F^utmnv6F0%OjfGxxhi^I?TqY#is0>QYO1Xl z2OHO0Hy^#Rz-rE2r&;$yv(L6kH*Q{+R2donvxpmrvT-J~c`&y9aAIL({{=eQ|u4$v74{`z3AXKv8_u#Y!aTl%SLWn@%7-%ru)9?9J2d1Q*hbICj#=P zkMuY1I>DNBp?v0y{5`kZw*URb5&Ziq(<>|gZq?U!Csr`sF?^|8Qt{#u%eg=fY*tX&XCB>y$07PHbMmZ^Cut#tEHAH&Sw5hOW@{m|B@5=(0tAZHscm3-4V8 z4==|S2(F4_Rlk2fUt{rkBeR{Q%H9u^B2s%8Wa49j`RcyUnU((E#L)KG%)r&@e}6t( z^yS})AH`oEyqFlhTgJL~`m2J^b1p5_+xg7=rD=}h^9L($9=r5f;o+5hL9QJ+Dd*}< U&xmh~{u_C6vPj9EgR{Q^0I6X=s{jB1 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-TS.pem.certspec new file mode 100644 index 00000000000..4c8aa75cd1d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_SA-int-EKU-TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-TS +subject:ee-EKU-NS_SA-int-EKU-TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA.der deleted file mode 100644 index 28e3a8ca8d01e2448e976d8265448b14f374851c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 758 zcmXqLV)|sz#CU4~GZP~d6ANQp!FmH;HcqWJkGAi;jEvl@3cLzwCh^1XT$2fy+LLrN7sLQa$a+v$+e@2&$s!d%{y>}pF3fHvgdA_Su1TmOfO9_ zv@(b;H@0F_n&EQsZo-|p4lgIhYfn7!PifjQ<)sbVUbOI=ef(~sx&2ki(jte=^KKow z`TTUiv0p)&_a~~qI{BnL_vFnShJ<8>W?zmOi^NY~Qg&f@@kg%c{iZLf%&ixlHcV(e za_z34w~R%!`G)fScAKBGDXv*6{BOmPP4l-%AI$##tT1?uiyhzRsa?t!(zq@<&G(i` ziB^80ZxC~=ZmU=Hhuz_a&+`QQ4{x01@ob;S=|gJ;lld+(F*7nSF19tWHsAz?q^vLt zlL3PPH;Bp4!otkN{KG&I#8G8r{Ldn8Aj-y>(B{F|_QQ#Vk&Q!}jggg=otXnUfPv8o z3}8kEQIAWHM11s#y0Bo|wu3GX?UsjqPYC>dCR8@BW%j~_ zGw(AiB>vCa!@<7$wg5Rue3!cqX?Jg;N61`EuEYq@D;GdM&w~{-P7MKUQ Rn1;mcpONPHa;{0;1_01&FP;DZ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA.pem.certspec new file mode 100644 index 00000000000..ce37430d634 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA +subject:ee-EKU-NS_TS-int-EKU-CA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_EP.der deleted file mode 100644 index a33605e90b33d7296cfac7c256b21fd99cf4290b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6APnn%R&QQHcqWJkGAi;jEvl@3|a^k#(CI-ev=0=95#-7#Kw69*7=3;klN`k?bZ71ek{BHeghQG|I^Ff9ey1vR3 z8oAH7`{0-B6js5Dx053setcbBQnzeIXUMYktk2x!Z!Xmr|GCDar)*JddIVdY_9kP6 z#@oBs{|MbJy?$27w~n*3yc><0Z=3z^V%VYH6J;89iKW;q{mVo1jJK?l8;cLm2)?hf z#>M;S;xiqF6VLQIMHm#nY*On{-f%BFeV)zi=MF1YyexcrB1VpP2WPoxwS8za%T~at2qDYW%JJ zx@-lREFTVSf7!U@g>hlUS^l~-)}w1ryw*;0d$v7N^xNG=#slwO%`jSNu`HD@lr18? zNY!kG;7e;C^?mO82B!HZA6$N}C7SiMH|9s{wWR{b5?F6OIqdl zBM|w)+r9RTKC@f*WZriipWp206@Rib?E0RIxkX8rqprL0d%N5|tEa*~=f%s50xmo^ z4$l(!bYt6oaUVJV;vZ5mk%Cjw=5xM&xX_Dbi~hyM?oGdIV)ppmx}LU6XL+yrE8|~I UxA#1JD!f7d-HJ&CUpVFf0F*y6E&u=k diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_EP.pem.certspec new file mode 100644 index 00000000000..05d0e1c5986 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP +subject:ee-EKU-NS_TS-int-EKU-CA_EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der deleted file mode 100644 index ad4ad3a389be438fed40f8770bf3158dc60f8610..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 787 zcmXqLV&*q!V*I{rqjRA&U*iS2fyLFTUz|{5J#1f@jr{WfhZeiLYoI;+YcueMm7#@ zHbz!fc4iLb00u@jFn}2umi*{*@^~64ZX%g)+P(LcxbEHMq3_Lh$#uQHS?WEhfVIVa z!Rm=jQ}k2Jsy`l8%$&RLSl;eEOODIDdlUHnd>&V4+3oaQvtM!dUJiVCXV%%vN6SQF z56G^FTXsw3$;x@VB`tGKCq=za&y1cX#9AxLm7D7|Q%mvAQkJL-U*n!AzF$Av!C#J9 z#?fh`NMSMGyb04cG_5#f{962F@weD$wXIn{i zzRq6P_?Bn(pVv>zy?$ fQ$u|^A6;!(#w;>#1&7Ludt!e!9pKpWao$=0dvH9~ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec new file mode 100644 index 00000000000..2a7ec25dbbf --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP_NS_OS_SA_TS +subject:ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_NS.der deleted file mode 100644 index 948d0bad5947221ea27ce09c09f80a1b9b59491d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6SMma0|Q<*POUbNw(q=*jNGgY1`>v11|n?Cp)AZiyqS3= zx~|@#y3UUAe!&KE;=G0?2F6C_Muw&)1}0JByhb3d36yJ~YN%|W2+=8(nhMtF7aSiF ztcz+)6QdHcos6su%uS5^3_w?LF*PwVGQ9KOE3~V>TRAe4(b|DsVyl|D{DL-?OUu2= zuPnHe@=|Eqp=`FAd(M^?X;r^D)|p&fqhBocZ$+JU9=B_U)vKr;!?eQ-j!s&iwEFeO zgEJCO3HzQa&Daw0&Zm~ivt>zTo??f>(iyY*Ut~>~9RHWIN9uq>quuQ^b2|y^&kwT_ zCbb=YdG7DC1#ix9hs#a=rNnmY$fBgb!nHjft6yg`PL^kl^m2}6E`1R8{-sroMOTTw zo9Z)mjX4$1ALbsAIhu8IZK(72r2LgG8?Slt?z%D8F-XZ!K}>!Y7G@^qAK*ZiRb^!S&mwLh%Ep<{=E2zZ!-<8FjYFG_k(HI5nFBe1fsqOf zU`B?c%HmDJ=_;(Xj$h}+tNON`|CT?0de^(}xf{>3@Ey2Qz4z$1JwHAr9r*oSbMdtc z5A@SsdRK7zJW0B_t46N-ujs)AJMKI=^3SXAMbM+kwp|eonv>_~uYJeYD<5}dTSLbQ zmS0DzJM6urDRymQi}*N&ylJ6ij1@m+dZXny@h S)9v11|n?Cp)AZiyqS3= zx~|@#y3UUA{=o)v;=G0?2F6C_Muw&)1{P7`yhb3d36yJ~YN%|W2+=8(nhMtF7aSiF ztcz+)6QdHcos6su%uS5^3_w?LF*PwVGF<=fSnU1BHR5Q(O4g;G*@7-h&HWYhs+K2R z|NYf)``mx~{vG_dq3hGm)VpEMr+)GA*#4P!JmkT*j{e{6%2%hZi|u(R@+UFyUUPYJ z=Q$m}KiUU$U+$kWnPtkmr8yd_riHWArUn1fl6dBSw&Z-)#$9L4jZXbIag=ZAm;Yir z)92~Jl$=T8TBtm$(%$muo~<2jwLu?ad+nQM zin{2!2Zg#Ve5)w9CFH_9w#ap%H~#bH>lN&kGE&R2ZJ#^C?!`Uz-|4Grwv^sq`!qB* z^B-G3@5yx4QYqV5xeqx$d)Kbaf2vz^L}|$>#ut3Lp)Ligt6obwiI_(AnSBhJczIEY zvrnhhtZJF|7f=1}{YjG8ckgKT$`~)tFB@8CZ`=N+;>y8gZuQaMXT+Ve36*i==v%96 z;bJaYawjILjna=MDFunQq-h~sZ3ijDJ_AOs8)T;knw!G1qT_|QE TyU*?^b00;UIxP?KJ6{9h{5**LY@JlekVGBR?rG8jl0iW!KoF^94+^YCWo zmFT*9hw3^z#s@nZ$cghBniv=xnHw3Jniv{HiSrtPxF%4pfvTahfg(hwRB9?%qhD}* zNU$!dF-?q0$aXTaGB7tW@-qOP#l_Ub$jGqqOzZuEJ<>mVjyBcq2>sj-B zeWcN}v?IpPtAn4Z&ss76@A<9Y`W`MXC=ZpMw2Cn~Qf$|DlaKOTWmmR5*G}OL;N%euw2H%tuHKv_+Wz$v`o=h`38*QiY zuTS^ZEca{sN-p@8yR4OU`CdP1+S_|V^EbS#Rasy=?^TPMsKt#fFZyC6-()TL@Hx7z z`rV$0EbqA+rZt)V?(mAdP|u{)cqz;G%O$0&QKgFK1ax((nV1o zzyM}ss0(lJ+hAza?0i9y0NJclw#!epP2T^wa9;TQj79giUg}x)qeZr~z}aVV(uJ>uyG1V? zUDMNYGikx@&ayLIK^3fkmuElGyC*j?Nu^0tF~hi`!;+1|GigZJ$Nmw zFYe-Q*H^c8X}&vDc)D(XMD3H64RZ`m1zoz|EFHEwaK#)!_WzUQe}}za Tr_9L0~U%#939O$<$<#CeTCToWkQK-Ey$KoO!-Dm4|X(JvUN zQ5V&iCPpP>I~iFSn41{+8Gz2>VrpV!WLQ?PMe;+;^etkmb=KA?zU4caz4Y7d9tr8W z2M=3uA9XsA@1898=9(>&+0i$tA3c?>{rmd+k#L|_m7O<}(Q@VUXJR|1v-Whq)PFW@ zxwrSV!uF5vV%O+i-L_-q`t_?11#OE8&8VKVxPpJ5h2Z;X^@TTuRuo*5c=Kb^ZBZ^= zv%XKOwb!seS$pEy?5#Hg|9Jmp|8(kIQ`VO4jxq_8st>(exnKBTUAM#)LDw%w-f}Er z?TTPJet-Qot34Xpe>;~QH}Pw@8uVFz;zqd#x`i4mxiU1S9$J^Ri}TBW;kMPQHn{Km z)cIytd)2H@d|P13vQ%Gb>8H+Me{-?h2?KwRbo4q1gRpA(9|Kjic9T~_Gb zA9B<0RV1f^rrD9{4No6Tw3Ci}yqRU?>s~>tr^07%OqZ(?+@F1;_=$<<(upFjI?ERQ VO8FkRe&Xb*{;oe*ezqm^0RV7-H@N@+ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_TS.pem.certspec new file mode 100644 index 00000000000..b942268ab76 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-CA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_TS +subject:ee-EKU-NS_TS-int-EKU-CA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP.der deleted file mode 100644 index 864761bccd3532c55190da57ef4279c2053bcd4c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6EoYwUk1EvoLX%jZQpqr8M#>*3`7lu4FuVkLs^)4xH9uf zbX~nebzK7t~U%#939O$^PW#CeTCToWkQK*>8 zj3!1UWZM{78JL?G`5A!j;bLlHWMtU0|D)mQ4K}{kJJNO~e(cU(bVg8d!uD4>e3$EQ zWiQBl%kS*0a=^lB%ZcyK4|f=rvUcZg^L=;Z^~G(wRz1;X;f-05ApOR4>j^`h=gq~g zqHhKB7%udgS!JKQo%_$f_5PDfW#Nf!kFV`;)=id33S}#ITVJ!2muvSoj;(i^CxuL# zIdwych`CTtfw|&>$5N;CZp+V5zV~9$*@%5pWq4=r+AV%=eVd2q;p}O8ySC4tl5?d^ zdb-%cDQlbBpP&54!WC|~U;nO_nsw9n=vgP96xu1B=cQ2bb;j)KcA`>$s1LI;_18W0LU`WaevoIMj z7;uA_{46ZYOw2zF6hRzSM#ldv;s&B@oC$3njBP)hSQyzjwAmP0S=pI6kOLSPoxlKQ zWJp~bw!B-oCGuiS%@g004Qq}HFbf|p2zZjzpz?Ue;k3*rA9E`&>|Iy9ziXej&Z=$B zyy6$?=PfjHe~@>3b@WGz%Qt^cSo}XUYH@8yhG&H&_m-3U*zfm?viPoRTszm)q+i;m z^-e1Rc8*i>VdV59oZL2ANTEmk9zq0BSuD`xHa_hydx_g5?0-lE?HWuHUee<`| z{vP$n0+je~yc*)FU=^tJ~ZOGXL4ROTW>i R@b8Cv*950J{PrtZ0|0!cG*AEl diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP.pem.certspec new file mode 100644 index 00000000000..3abbb564445 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP +subject:ee-EKU-NS_TS-int-EKU-EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_NS.der deleted file mode 100644 index b9f9579ed3a3f1a56f3be41bfc467ba3a957fd62..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AQzV57Gv_Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;{AdR~U%#939O^ghp#CeTCToWkQK-Ey$KoO!-Dm4|X(JweY zBv=>Km?lOgWIGvI8JL?G`5A!D;$muIWMnw`BB!FR=hroXGWJL9>+ZhXrtx@ZmrTu6 zpN>_m2iNTQUU&EP1NN0>dv0F1yL**q%qG)iY3J5@eOYRK)G7RMWJY|&`^RBkDRxr7 zKWDp~TeM7e@|r!~OYOG(IX)?6Qr_Yf?6cET9a~bXXC@pGWKs4q5fRupk2n8c&cbD; zk$&}Jir!1BPM*59>Q+I~;rh$j`JFsnNrE*TKUXlkjQMod$wPWosMMZ3IeWkDswH>$ zFDyCDTKg@&N$BT#!c3*LjUV}moBI7586E6%6ZiZHs^bG*KWma>ttePWMEuuYhZ1_2@FhG zVHPF>1_N#olb?l!nTh!aIFMyk85#exh#QEqaVE5RFt+`0Vqs+C&}L&~Wo2jPKn`GF zqyht&k)iJGysPRZzrz2^Z)2J;UYVcoFUhk5VUueor^we5!q-;!4C zXD)mv#MD}}OiLrbT{;=`&AoknNa??dQ&khaXUi_m+9O|TvvuN~5{9BPOBp}&mIOV! zq4v8ybC0&s`p-NoCw!ScpNmIss@QhbJ07uhjxCC_v_dA|TgsHO`0vKbQ(E^GdK~kQ zs_tGh<>G$v-LGCBw(_)mCvk1tLc_9S{Y)}U9RF)8{JPhywqC2Ep}+Tm>uR>^$4ySh9A7>qqN?j#>szshe`i-4 Uh3S9i6nv5(8ZUoZ=iaBQ0Isnz*#H0l diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_NS.pem.certspec new file mode 100644 index 00000000000..c921bd02118 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_NS +subject:ee-EKU-NS_TS-int-EKU-EP_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_OS.der deleted file mode 100644 index cbaabc895ae234d67d4434375036d610c8745aed..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6ANSS>(2(fY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;{AgS~U%#939O^i&U#CeTCToWkQK-Ey$KoO!-Dm4|X(JweY zBv=>Km?lOgWIGvI8JL?G`5A!D;$muIWMsI%{pw|Ap35P!t0r9E{DtGS!usNhQ|aOd z!jHL1?yBKAti3_#Tr7`<*9pGNn2Zum?{BWcyH0=ak~8!Fx#&_5`$PdYb|-O-+cU!x zDx88}_nH;R1l@jjb<@j<-3?jJjSDXCTvNKxth1K&1vw5b=qUX$4IhpTn zES)_6<*#ez8+#m%vF!GE)HmT4+p6DckrTEjpXOs%>TmeX#LURRxY*Xf+JF-nn6knw zOa=@F+#n`D3kx$7^AB(!%c?Rm{$~+45M|>`X!Brf`{BgG$i|_~#>mRb&dh-vz`#fa z1~4N-;g&T$X0s)4AR3{_4?QoD3m1 zYwyO*uDbuhwp}*N|H!_ezV73kt4m{;1=3Sy8cX~0mmcVA|D#p1m2pdrL)(#4LB-2! zIv0xN#Yb@+|5+v{U~S>mInm*c{#C`Y-P-T7JiTw`N3TB;mDkGh{C!O7XS;2YvP;)5Lx~U%#939O^hs}#CeTCToWkQK-Ey$KoO!-Dm4|X(JweY zBv=>Km?lOgWIGvI8JL?G`5A!D;$muIWMnv9dg#q;N2z1khOO@o?b3S{^Z(4=f{WLE ze{Xiaad+CUphk8w`;U^|n0H5q zWHc>G?|#nl^pw^~YeVjB_f{xb$Nb~G`DcYxM%=OP^Ar2`{N;B|(u>L5%d0rO!iPWf z^4nM6?`pq0rQ}!n^p7CpF0Z5mPMw}DYoxz^otM8bNTBmv+DzG#M?Ss3(AAc|{Ai(g z{{NqkV$EwtQ>?&z-ewV%S){PIR&tG3-@_a$${v!Li%bA!N85kGa8dw`}0s~W4 zn1#uJ!GIgYz8l2{ek6Oz}K_i=Bc+$NZoU7 zV(rrDK{9#DKHsLeJoPXut25c?Ae6CI!Ky>tb<1~?4eaWoPEXS8r>|G4Gx# z4rXq1Fy6l=;!m909Ji7P$;~$RX0x6=_WP9~&!WgntJZT@ocGzh@OEtb{pH^hP4DNj T2-I#i>UhXyedCpXmLd}X9&Iy{ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_SA.pem.certspec new file mode 100644 index 00000000000..cac0d3231e0 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_SA +subject:ee-EKU-NS_TS-int-EKU-EP_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_TS.der deleted file mode 100644 index 91a4b50713cd929cb9ef54a5eaad9a1f75cf7f53..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AM$+_izJVHcqWJkGAi;jEvl@3I21~ubXGHscZ{Y3qHEFwt?S% zqZj*!&Hex9G`H$+@i?|&UwYfWl~*Tyj##t zrkuMs2kg9STsP~Kv-lzR2eyeiiVENSFKPK+(0%O| z`)TivC%u7uy7+G1_nK_UH7#OL* z0A^$;>k*gc);g2IXeiy6k)$bTHfOQj89Te>d219CxF=6{YP@-HasT9C4uOl$=BD&- zU1t1})#&o!=EW0)(l~dB$Q$x#?@tR0@sRqee)w3&_hVWU!lhR_-Rq3uk1yAkbWojd z)pC4g^On~a=e@p?qT99d?UW}n|KoQj{nT1lk>|_Mi8nX=|PLyEQHUwS8gUyvA<7Hy0zsTf>-w!{%B3j)^<7>gWG^9lZ&hJx@#T zdQ5i>6WQj#lyd9-wBz%ut2fQzzO(#PWBTOO`_%_l@^56g$8T}b>D9YBes8N2QuYg; RIIu9Ou&nbh=KekPHvsbcEj9oE diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_TS.pem.certspec new file mode 100644 index 00000000000..5728c453b80 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-EP_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_TS +subject:ee-EKU-NS_TS-int-EKU-EP_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NONE.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NONE.der deleted file mode 100644 index fae32093c51a884f938e2579fe0cfecb6ce64bcc..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6ANS7%x(i-HcqWJkGAi;jEvl@3`;=G0?2F6C_Muw&)#->r?yhb3d36yJ~VyI-G0MRI!nhMbu93K*_ zi(*O>qY|=>jI0dIO^o~uKu2*gH8Cc1^u2^tl)-jHd+Pbne|0g*zG*~}0^i8{}qbYhzT2uSI&ks|L z6&YUES8n(0T`SDjxrhd0t~Xd-_E-TfMN7?b*(h_hxh6v{&zZ zBz8jXp{01>&KCKNUSD24^l_`bdzPd&U6agHZ|kPO1*?mbH^)<_NhGXhO4Ge`KD6;-qGYuSJocpk2P8cgL)s;9!qX7 zv#N>ljeH~ar|!v-wXGLE-(7Yor(UV~#Xj{SwOyMT!i3ivIK}(j57zonQu@Ve^Io@t z;(MNd(>$5$_rKgAzPU1N{^OYpU*=reYrOcsOS*Eo{!`K130B$XjX(Kl*m-*|%;l+F SBj502;_S)yw>4xf%>V#;+%^gT diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NONE.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NONE.pem.certspec new file mode 100644 index 00000000000..25657b0ba1c --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NONE.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NONE +subject:ee-EKU-NS_TS-int-EKU-NONE +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS.der deleted file mode 100644 index 38e595618bd70708297594ccbb128b2c62975255..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 758 zcmXqLV)|sz#CU4~GZP~d6APn?d6)q&8>d#AN85K^Mn-N{1_Mz;VFN)n=1>-99WU8u)ut=?>`;2?heL+y&vQ|cSvoQz^|Uh{tQ%}m#< zl^13R@btO_@0Qf4P0{Z)j&+)<^*+2cwuAF!G^@h~D@`S}%Ny66c{pAD-~RJUCd8iH z+r6OgxZcBxJG>PezsKD0E_3KT|3J#)?KA(5Sx55b?7gz5b7sHx@;Tzg3vV^YUcPFO zW_+yp^3l@gGqZR5o3z(-oVES?J>lNI8Hc9wE_-ofWBr@^RbRbA&d4=fwlm$cv#x#i zHT%mO5Bo3*FAVBTG5;`71aVXu8UM408;G)TCbW4lw*7EoVPxabW@BV!WoPC<4q#w(0t1+l zA$Ie822ItY%saWvR`0m&$aFsE%59fNv2QrOd&c^tv*gb|9(`)v*TjtY3i(IE;fwuC zt|vy>6n>ddA+`9%%u<&3aj{$DOL*^aPEI>NkLinOmsH6jr6$wT;I+G(PnYX>^X#qI zl{bHMk;&Ps&?|etW6ux6)9;Fvo+}?X&&OH1-`;%F+jSlZ zm+I;(1q^0>?rz`K`6=>5WX5H`m7Y9?Wi4L=XRUp$X}kPi&;}EkWwm1V?^E>72G7{J zDOcr<7N3Ktcb*B;XMU}HhZtVz^SG@#%5Z~U%#939O-ziV#CeTCToWkQK-Ey$KoO!-Dm4|RF(g&@i3Pg1K&o2w_7 zJeJ{J^kJ3$ANA{39mBTq9xe%aaf3&dO?uvuS?2GV_pfwLW?1{(^1;6cCpJ7eP@I|i z*n@>>QH%RR_oK(X7WW@cU4M+bee3y%7|y!SUZQtTb{4Acl$>wtZ6d#cuRQhVoCkGf z(;Aglw3~+p$46>RopSzJfY>pc7cVSM&;OIW`GW5xkz=neK1h7|>zbNuyR4^nz0dFe zhHI|vk9%WvJ$_fUTDowozOC#Qw`nZv`~`hhW!P_cKf(W#*v3b9N~cI<}X?Edv}{k)!q9X7nVQgdi)|nYBICfcAKi`pU;YT z&#BIS)z5TPFm}!NFAwUa=TugQtG{cIb-yJm?^D?;wdK;hdl%MT)_GL*GH(<6`58GM z!*0D2elTTu#015QMPEhUi#4i0Uaia^&n>a;O3If<%v>?;Gpe^RJ~ur1yeU&kRzPQe zC+ph(f4kZeZ!Ni^tKH|&7GU|J)296ECn3Jo)(@vIusg)h5&7q?pUkQD<6mt|XU@Mh T>z$8g`>fJE5!ZIj{PPk34<0$| diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS_OS.pem.certspec new file mode 100644 index 00000000000..eb84a3124da --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_OS +subject:ee-EKU-NS_TS-int-EKU-NS_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS_SA.der deleted file mode 100644 index 74a89d1b4b442b4e905184988a5db9083c4529af..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6LV$8TmxPv11|n?Cp)AZiyqS3= zx~|@#x_-g&!Hx!U;=G0?2F6C_Muw&)CT3CMyhb3d36yJ~YN%|W2+=8(nhMhx60D1A zOcSFLvYm{q49rc8{0u->aWOS9GBV8bIj}$I+^jQVGn@px4BB__|MPXfpw3uUayYmk z|AiK3b#>jFr+JlC1Rqd~NZBC%o~sf3?JV=B-&f zyZn1oM*h5YWBMOG zSG{_pujX+Z-(Dqy0N=dq=yz)vA3r<%XwT{#i+Z7~NRczeHK!-pH+xjw=$C$MHo3iA zxo@4=)#fKVe=8a#`Kem9UM-v<&&Ia>?)_}1v-U0-EjN~>8oxiWU}gO!OaFVeJGE<# znpRk(_Vr2pvesl-5aeLG@qtI-y=7@`HgXTo${R8b07yWFj9d5%*fDG zZg!m6O3!tZdK?SKz73PUa+_*?aPwL+@kjZy?3N4lcb{7*r%St^i&SUM(QnlI z!nGw*x~OhNS>|<@XQo*#eD{7x9+C83eD(0g*NInmT;{2G?rtd?U@O`AQ`6*xuG+0u NzuV1A4XPGR0RT#SEtUWP diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS_SA.pem.certspec new file mode 100644 index 00000000000..d989b1d8009 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_SA +subject:ee-EKU-NS_TS-int-EKU-NS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS_TS.der deleted file mode 100644 index c7ed661441098074af7346a8db0d074eea1b06f6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AL4s+I9n8HcqWJkGAi;jEvl@3^;|WR#io-nw0R+;vB8&(yyAP0DCli+IZ$wW zKeve2PQ9bKY@$AMlO`RiRd)HEbRtbY`(D{xU)#e=FR%9wXAKaLN&NZd^RKI0!j;#Y zm>GUe;WM}4-_w2nr)p%WrT91X^IY>@B-gU+%*J#Ty&b2*ez&d7U@bbWxn#xUFLN(m zi_qThpEh&p$)B+q_o822+rI9WU{3$@SH|lmauzRVVrFDuTx@G#ZNLc(Oj%(TCIbco zZV;27g@u`k`3E?VWmOp&|Fei2h_Z1ew0SVL{cvJoWaH3gV`ODzXXZc-U|^&I1DKH^ zWt*JPbJjK1O{N}`76@-X!~W~?C3)dJ_XVTlnfcQdFKzKxw{>`b?PA>0O+pc_3Au~& z#FCwp-(GyP{GHmhyC2U4vQOODc=O^U%T>EdC+%xJdukc``s|W@AL}|5svLh+OV9W- z;o(~0@2z=H_xv#0|LA?!j)K?Sn={VWnYdif^FG;IDD&s{ij`vA`3-C}|FhfX{X4mL z_3U3~1FmgbIDhE^xh-|_=RGbcbEX*S%=o!k&h>0`K+_AhDXSIc@B9^&`kni$qv0$= zv-j_>t$)&M*RXA;owzvffBC=XA{>rgsI_?W_j9{r>RmyP1^G9ocRjpYJ#CGtgq_!Y QYZqPi9jsG$Gyg3B00YQ0t^fc4 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS_TS.pem.certspec new file mode 100644 index 00000000000..c2fdd246345 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-NS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_TS +subject:ee-EKU-NS_TS-int-EKU-NS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-OS.der deleted file mode 100644 index b3d8a71d0a3a5ed235cfc0da2b24a40b9fdadae1..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 758 zcmXqLV)|sz#CU4~GZP~d6ANQ}jH>}J8>d#AN85K^Mn-N{1_Mz;VFN)n=1>-99+%bZ4++*q zGNXx63E4JARtDxKMt%mMgSeQQ7#SJ%7>CBZ*?+S|mfcl&?xab5p()#VcEp+==YD#k zchV`jP;a60UVqohXC2;AsQF-mywWqVn{sb1ye+wD8y5dj^!NP4!{5Kj+~j=LaR2;_ zQ19|!W4^TQm%XD{_%wbQX4>DGFS5LQmqz$@4cob~+Z+cPOMm#tlwijb_k%;? z=GRT~m9u9ou>Q4metlQ?m(X*;%Uou4=?JcD{mXAPmw!q{u8e$^=jofVhfXd~aIIZ? z_e_NPY}S+KDn5C!^(mb)y_r#!H|eZq$i{U(%*=}>ZSp<&n|bm4-MQOrkNeEpyrnBg+|A^{eMr^ALUyV{*sBAk%4ist%0=xCom*sg;|&k z7!0^UOnw#?W+vtz28tk#DkI~67I6bnHqL}L55~41PArUU9NKJ*tgP(J9LNC-j80$x zGcxS@pnI;FqdCooZ_`ULlWiGsN7TEVKWW*njefl(qV(&LPo-ySc<1I%Zm{raU$VbF z=S}}IM~?RH4;#4_Sa$IojlNp zF6vBfTWorq)@;dW%2JrLwC%mVp9e>n0^9V!+j^ZxUM6iQ3i_~p?{2P{qU$ex+SIQb z%3CF~!tSB3dqmmSMN`k5yy>BBFJf~1waAi&P4@A3xAgDX&T{(W`<_P|Ct5u6NOz1s z7+>LsiAKDLm1OpS+?$YCBx!Y_5M<^na7``DvlQY7H^k5O~$G93UW$JurG1Oaq=;?l+ zI*YfJ9s4RR$`10s$e*WM?4Z8;=e`;1Wi<24oX!QU3K8m9x|8dp;K%7a7dqzTGKF3= zTJ(62%xCdkTB_mIoUzaLHKio@CfaY^?|OSZkG#%p!#iEom7D_W4wi4xytBF?bVB0I z_|~J={tlP=GT$#UadXSaU3=n}Wf14$MV?np4}FmTwO{G)-oy>sFFttxGjKREgCp`X!Brf`{BgG$i|_~#>mRb&dh-vz`#fa z1~4PTn$J@OVkX@@(#I5i?4ZZ5V_a$TPddu9AGx~ap$z+;-|IL}`z7dKZ*08x{@H`e zsr%eg4}K_>dF`~=cW&gbQwx=zh6@}GGC05S?K|GCPcJtp>Xfv9PknG_`<-yUuo>x( zw>Fz?GpSLrp2qjhFHyza&-FLol~=cC?=;D247!!dmlT?J+IYuPJ6U7s?@;URLoyiZij95lXL&s TzV|-jGdP{u^sV|${(Dsb5_U3* diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-OS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-OS_SA.pem.certspec new file mode 100644 index 00000000000..10d3f283252 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-OS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_SA +subject:ee-EKU-NS_TS-int-EKU-OS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-OS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-OS_TS.der deleted file mode 100644 index aa427768ec4017f44bc07d83293230ff01387aa1..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AP0|;06O;HcqWJkGAi;jEvl@36jI0dIO^o~uKxc6=H8C1Q z0%tLWaUHzZwUhNpPVC>;&Oa8YPSoL9x@hBZp2F?Vw)*ap54+JU{%S>v-HKB)H-}xg z{a#&Cnxp(yZ-uz@bc3xolQv{-4^TBz|Lp%nwCDesh@VsMrX@%PaZHqY|FYn+O4Z73 z{Lb@rr?;QKTK4C2SPM^*N5_FkHf6yF65><86kVF)JU4WX-p9{5ferf`oZ6GJzxakK z{Lg)-qN1*J{n0gRC;MlcJJ@!dh*o%V=WT;taOA~M_0C!Dq7w46y_fo#SC-uG3TpTh zvizQz^MyxoXJv8@8hh_xxEybL>EyHJBHQ{W?RcUR`B9RInUR5Uv8{o%0VgmpWrbOo z3>XZ!K}>!Y7G@^qAK*ZiRb^!S&mwLh%Ep<{=E2zZ!-<8FjYFG_k(HI5nFBe1fsqOf zU`7U!>oQw6R_H%8n%&U4XnymAdH+wj{E^zUNXjX;JnadqA(Iuq_zH{tcP7qkW!-f9 zxcGvFdl#uc)1X|d0mYD8T-jF*LMUVZ%FO3Tl= z7k|&$r2DjI?9L?{KSJ;0fwsd0p#mYI!%g z&QJ5=eC00Rsi)K*zWupQb%VS6((sC(-GxuKf0#V|j`i%H%nz^fIp?2k+!>y9*7blz z;~z)Y48`*YB6yz!IV_1T{rbE{IYdrI!1o0!`+nx`a=xl=*N({!E5%uF@0%C#D%bLs SY-fRz(6LAJ*u1Oevj6}tjxSpP diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-OS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-OS_TS.pem.certspec new file mode 100644 index 00000000000..4f6f3fe34c1 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-OS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_TS +subject:ee-EKU-NS_TS-int-EKU-OS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-SA.der deleted file mode 100644 index b5dd3246fd19ef13d7e2352c0c3f1284efa573ea..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6SG!HhygDfr&gOs+jm|@Ms8LH15ra^13@5Dab6=3*96KnP%>07kb`IwPfZ2u@(Yd+3D!k2 zqlr-o*)~R22IeM4eg>d>xR{z485z!o1gzHY=8S9T*|>6{<>Mmd0{QZJhxG3(3i{<7 z*}^xu@$i<*KX_xLY}y{KV%X$6&v*KnrI%J+sY+Lfz5ZO3(P!yv={2V3q)Iw@LL(oU zy^PyuE1>GEF?U<8Ut3Ol>FUWmiod=~JMFER_u!w1Y54X3&69*r2rRs$Wq&~Kxa++W zy7r|ktl^hstM^8<9k&QJS>bxJ<3alR2OiyC`G@!q2^uVU7sht)(R@MO%||u%9Eehy zf9>R^D-KNW0`_lab@h>v`QKO}f2q&!Z$xS4y<5LTbXSRr{%%%@DZTPTOY27w*QdCs{n#r&H&e>gN{RNRhbVrFDuTx@G#ZNLc(Nm*eQCIbco zZV;27g@u`k`GI!FzSd)0wV(d7$((``+JW%nvwN%cO2^vbn755T3cd$)4M zryuO?vVSD0&UwX^`14RgL_|R3vM-4a?8|Ci9aLx5&9Q&H-C@>>EqXU{CD{}j)vnDe z@%wDNPEEDu(aKZoSGo>vedsiaN#N*lo;QAb%}+~MJes+cx5N9&qvT})`-3FcsdKbH zbF7Lve$G(MaQ?mZPcFSY$9AIY%ob67bvL$EACew9Kis`SH2U1Ue{Vg%-E6svNYWm)~8{_rAAi>k|%%Olw(veWk{)Z)`gS%bn^4-uRrD;Kn;K-MDeu O6^6!`Hm!gihwK4uAt#vt diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-SA.pem.certspec new file mode 100644 index 00000000000..c0cd45c1df4 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-SA +subject:ee-EKU-NS_TS-int-EKU-SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-SA_TS.der deleted file mode 100644 index a7a53fd4006ef160ce916c6df07c2abea52c02fb..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 764 zcmXqLV)|jw#Q0zVGZP~d6AQzwjAR2|HcqWJkGAi;jEvl@3_&zDs;}= zDc|a)kZ z=WFH{f7ldqg&{gP{z*)$oppz(X*);G%JW-84^3{_oZ<4I?d0wU3X6By>U+-eE&3hB zv*UFAtL9HHg6?cD_^-Wd$+}AC?u$z;;asUG( z6&S#b3|s+Ig?AjE{m<~uzx4`#FWz`1pkBS~d(f)+8Vx77dUZA1pUOFBUB4@@7op~N zeepM$>?;TM+I$dV*&EiJo~!vN+U0g!%seHnV6LFeJNQ@>eSfgMXE=NAtIFvE#}8`t zy>ZrS@iI>HyFIIa+vIMk4DSHp?zckH$RiTWoobbVSa||=o TN^aSF5B%qJQZ=CIMVSBqQXMpx diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-SA_TS.pem.certspec new file mode 100644 index 00000000000..93f90eed1f9 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-SA_TS +subject:ee-EKU-NS_TS-int-EKU-SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-TS.der deleted file mode 100644 index ea24c6b10eb22773d78ff31e26c73353dca3e5c2..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 758 zcmXqLV)|sz#CU4~GZP~d6AQz8_e=v`HcqWJkGAi;jEvl@3MXt_;EZ8Q~(5y~`Ri z_MW@M%eilrmq4M7;o`}s*RyTC`r!E`?t8Buho64_M5-$@W%t6>jBDqu-O;n!y3Fw2 zYeCB%wVCOHY}b;nmaDV*S)|3j#n@9bT>i{*Y*YcLLn-Zt*pZmAK<7rM;rZ|QHN3(`!?_?ygJl$ zzmVbJ%iRaHyp#fi3JZ3=nk8cM_i)4(*6>Pk{qiWy43Yh>>rdr1@m61~yq}VN*;!|o zgix{bsy<7xNwx)^XAZu9xZUL6-J{Qz{l9p$>Yer{-@bV?&-9@ PlEo+J|DL`t-JTNwV-F?Y diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-TS.pem.certspec new file mode 100644 index 00000000000..fa27d836f15 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-NS_TS-int-EKU-TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-TS +subject:ee-EKU-NS_TS-int-EKU-TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:nsSGC,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA.der deleted file mode 100644 index ca92db913b7ce7b35fc33c17fc37e5fb7312ab01..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 744 zcmXqLVtQiG#CT=_GZP~d6AP1lC$j-B8>d#AN85K^Mn-N{1_Mz;VFN)n=1>-99+%oQMKYj? zQ3=^9Mpg#qCPsb+pli68niv@wmatv^|E=itJCnm#&vmXjFDWV$RruiGv*;O(iZ3f$ z&5BDrWh?aFyu7Oaa$Tn2u60HghtKBl*G#ZF{$rt$lI+yeTLTwgTel;uFjwdB=B@X( zPTDo6Su4Up)m_+@)8J%Y@3xgGRzD0>yOdJ=3qGF8*|v=DMpnq$UYjTXzAruB*ZXrr zeFcMnBJ)l|r9UF|(LEM3+C!BStkn2Enf}^tJSnT~T+_DmUbmJxo;Ti-Hm|(?p~1dK z-lZI$YJ(V^a}#s-JIrse)i6jToRbNmaFRj2HXkO=+u&ofuwaVl2a z|J_^em;LSPK(SXJrscNZ+T8Rp{Ho`@Tb)Ptyo+C$yxR6a=OV>(OOg&=z5e%N%Z$a} zKl||dFJ{lU#k0un8|S>UH>Z2qHS~YBGjUCN>cl?DRej;Q4Xz7*njA8}Wf)(3H}qlt zmw7SMcv22NGdlXsM|)P@tZn>rUcU%GqnFM3`?c%sj@uFooi?w?o4_Ew_gYx5pweFe D7yvMA diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA.pem.certspec new file mode 100644 index 00000000000..c15529690e7 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA +subject:ee-EKU-OS-int-EKU-CA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_EP.der deleted file mode 100644 index 6ca3f51e84ac79bfa64567be7586267052ccece9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AQzR+MNcxY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@`U<6Q#`~U%#939jZH10#CeTCToWkQK*>3n=`Y7(zoa=WODY4v^M0QE7~*tU$;)?jQe-*h}F)0-4&dB(>GHhcDJd$v#8Cq zkMDx4C9fT^Fk|~8Dx!F4$D<8vr3_6RFMajByKhSD*2l-bhG)IL^v-4Rt>e3%uH8D* zROoZ|JFA3Nam=|P`KW?#f_25W&FAW()&IF2 zT_IR+IHfuGvKrI=MI2szn^O*7IB@IYj6cn@HD>pRi1;%xGcqtPHZm|U-~@)GtS}3c z0fPZIh{?~w!py|{!$1tgQDtQO&%$HC#m1q{#>mRb&diA%s=#OjhAJb29hAAG7zJU*j@=VhSM^vTDqgZ)(&fUufzpSTEYBC@~5e{MD$<&W)7Bc?Z9(SRxbXil9g@X&Ckjh{An8i D7w;X} diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_EP.pem.certspec new file mode 100644 index 00000000000..5498724ee08 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP +subject:ee-EKU-OS-int-EKU-CA_EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS.der deleted file mode 100644 index 62d17e6cbfad9280313aeabc9712e5f723629b04..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 774 zcmXqLVrDXEVtloLnTe5!iG@ktRM&u)jZ>@5qwPB{BO^B}gMo^nl7Rvnb0`Zlk7Q85nJk6P`#$e^7O-~d zwBy0$&&(HGmYJFB`7*M3<~{LgDT00So|?R(SLP~r?c=RqCmD0*hxAQ;=KH)yqJpQy zO<-Kebj#c7u*sb5g173*_u5u?SViCHka~9`PHGdY0_$^I=JR>8<}Tv4|F@_`LzegU zi|GQ1+b1$c9Vy>8J$3hvDV^&Qc^9+FIkK%_;j7rQ{MRn^A7WSkuL(}zu?OVjYYd(H* ze)5;nuz>c|gGKUBcx=_S);W~@l#bmuNBWAPbn4SBJAnPkbZxH)kNy-95Gh5OE-IDyN^!0 z%(0a1jqRcDu}nwqHtxz@HtEH}gp}H_oa4Rro!iSVrz(d&_T)96=xzI5K*qhqrrgXx R;71XY@FVvfOVrM~0|3)aCOZHC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec new file mode 100644 index 00000000000..ee5a7c54dff --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP_NS_OS_SA_TS +subject:ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_NS.der deleted file mode 100644 index 3f8e70f076ce3ce06a1a1c981ec91f1fb172366f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AR-h<_!kCY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@`U~U%#939O$klh@ z|KVsUTRqX??xt;B8{6U+*9ab;+_5jouT|^ZJl_OkyWY8>vJ2ss287hUxR=uN1f1eqVX!XXEy1 zA4}q=74gJLCLXvVVfuQR+UM_|eotBJ(eV7!{JpmwB!9)2IxNb*vUUDn57Cyi%k$5@ z(^rU;=Q-vv)wCjJ`yuncKiL%LedM^wn)e`6`TM~wuV4A^W@2V!U|eiuU|_%r3`tpG z7A6A*18xwLpM`~)iTQ_t7>J|F$oQXy$AF8CLz|6}m6e^D6FF3Y(FhDxMuy|5i!3(m z`z6+U?;tn(;c4Y*4<4UTntAe_!STi*_fu@W?kUw3t}olum)!XG{&PCNV6EM?n`tkc z=0t69D{|a(XtSjM+rZ+doX=MpHwG>ApSN4KDWHPcLa^L6EGg!%eDmK$8}_zO+RS>N zTYFlwK&#d1304w`Vch>M-?rVeYccFSWZ}tiknMWo$$K^Xt0sQBYcFcLR?qbD&Z^t{ zI%Z!njAWlBG&4Pu-NBcI#oB83+s`L8IR9STmp5&O&GPL^t6z#{+TOq5dwiQ}(2@Jy zCL2;Sts70|94ntwk^N_8$jz+qbGf@_2d_vvF6QhO5z3P8-Ljvt>$lUknzNoAKbI>U Ibd}u+0R1yIasU7T diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_NS.pem.certspec new file mode 100644 index 00000000000..ea6b577318d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_NS +subject:ee-EKU-OS-int-EKU-CA_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_OS.der deleted file mode 100644 index 239af50dfa78662fc55b4541b4c9f309d4154b08..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 749 zcmXqLVtQ%N#CUN5GZP~d6SKtKiw3-GoLX%jZQpqr8M#>*3?vN23`E$NLs^)4cr)`# zbX~neb)6mK{eunU#CZ)(42+G;jSNjq3@oC=d5u6^6DZd}$xy*S4x&>$H5IJUKUf#l zj3!1UWD6Nt8JL?G`5Ayt;$muIWMp`AfXBrpHFlEhB|k1cZRfY^k~XeBAmLeUW_H}Z zkZDtfrvpR$Jf^2pWO7W|UOAU8xtEm9DarC^joh!)X_NPO|Ck>6R^Zo~8G_hvWU_`P$PWzngdzs|kb#I&d3KjVJx^3RNiyM49=c&*$2cSCpBzJd?) zKQw7(p32wpZ54>rno*U>d8sa*SjkB z#b>+dj$KFI^Ts{uJ^Qavz<=k@4TW3*__uF5Y_fi0ac^Zt4% z`tDrZnd-OMO#Z-~rr(PbP8UwTC#3M*Zo=YSg?}BkC^mYu9c?!Ikw5b*Kl7t`B59f5 z<905Q(_5o;?1s}@%j>2SwkCS*KF?yKcr!lAFXLIpjZLwO#5|Y$lDv6G_}Y@?o4=G^ znt9x%wTnULXu_2LU(Ncv71X}|TqT(E&OL1Bfy1|bi@4^Q#VLJ!_AX+!ME$a3F-P|) F0RV@&EVuvw diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_OS.pem.certspec new file mode 100644 index 00000000000..7bb486adf91 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_OS +subject:ee-EKU-OS-int-EKU-CA_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_SA.der deleted file mode 100644 index 8ce0fbecd09478e57830510ba543b04de6cbcc38..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AP0dcd`L58>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+e!o_+Uo^IdNV?69Z!-b0b4j6GMY2ab6=3*96KnP%>07kb~$HPfZ1D^bgiW zHKU193E4tMRtDxKMt%mMo4A;o7#SHRH3(%%U2}}P;@|f$^4y=&^K%!8AGv04UelOU z+WGG4?Ueud#dQQlm7UM4` z4Ilg{+AyPe@rSiPBNIO6&i?KO^t!TMJoET-~$Ze486z;*B^r)!RaB+m~s!tz=?mWMEuuWME*x2@FYDVHPF> z1_N#olb?l!nTh#_ff$IR%Ep}r&gOs+jm|@Ms8LH0|`Sh0}(dnP!?t$-psrb zU03f=U1!JmkYEEjab80c17jm|BSTXYLz5_RULz3K1j;o~GE^{-gXk1bO$BT857tFB zqlr-o*+NEE2IeM4eg>eExR{z485!1B7k_&db>qRq_1gB@bJtE>+OHZrX)br@gQ*PW zJj`VZU-b_6U-bI=XyFaky?Gm37THdp^>@mTbEbxGr?5YN9e3^6uHrk34wTLL5EJoa zUwK9E!{{y7_daa$Z(*Bj&cpY`JFo9SmZOx}&yx;p(_CeCuFY!-Ik4%e+LeSZsctM$d_w!>j)Lzjpq-E2rC9yrIUn=hC$p zwW1}n_$&Ik4rbr}b#uXug-@pyski@E+n(2Zg|FOTd;&-CP^rC|4i&EZQW{ zt8+eWaiQdy>g6H|8XCzvBa}-Ip8fu4&h|~Lk#n9@oMmEWWMEuuWME*x2@FYDVHPF> z1_N#olb?l!nTh#_ff$IR%Er#pq4n?jqhb$f`DhmZD=&Z1OnRf1WuKV53Jh7|4{&biqe^Br7@`=$8 z+ZDE7>NA}BUC3l;J^{N{7;>fR}8JD)Kyef#MuI4yt4oN3RuuJsDz*7}(7 zCP-qto4);t>4r+F>sT}vKj|=9$7Z~9A(K`~$d>~z?~CgO#?B8C73?f4d{N_iM?xg) FF8~K+Esg*H diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_TS.pem.certspec new file mode 100644 index 00000000000..54ef5394e10 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-CA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_TS +subject:ee-EKU-OS-int-EKU-CA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP.der deleted file mode 100644 index 96c52bc3c9b49780d86358e12249757ee459a43a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 744 zcmXqLVtQiG#CT=_GZP~d6AKfQKa&A38>d#AN85K^Mn-N{1_Mz;VFN)n=1>-99+%oQMKYj? zQ3=^9Mpg#qCPsb+pli68niv@wCaixUCUp70uFs)%MS&+SiChrgy!Mi9X~O$m;VRW{ zVwUJ!TgsfoB(Su>RDQnnZSU)nAO5VB{jBr5$@X7KXX3`=p*Ln~?f!I5+`Zt#tjuTO zhyOfEInQw4Ty5LgO+n`r->B7HlK4FHz=Ern8FOBVTJKqs8!q`&N^f2B#m%dXXBA%i zmDw|M%IY(^E*EU{m|yOBy6B)|*Q@urMQMS#mp;dPUGtu^r`%Zh-0|#ZjF*}n_g{J; zXui z^f-0vkz9)VR)y+==X5@>b$Rv`t=-C=HS68A1@BzV1y_jm)_i?^u{+yt6=R_4tMoY= zi=_)}H!>?GhNnmgnzXS>Z(LWD8mu+{p>?9c-fjO+@cP)rZBAvJ)%JGwCdJ*{JTD$^ zYECNj+bY`-zBe(u_N;YY?y3x3_tmS!c#fN0ZVfD)`fJX$MGd=NuAhBQea@4Ncu{)* D|EVh* diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP.pem.certspec new file mode 100644 index 00000000000..544dd8a799d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP +subject:ee-EKU-OS-int-EKU-EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_NS.der deleted file mode 100644 index ea9c3df11f5f1413e5247479108042ab0fabe967..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 749 zcmXqLVtQ%N#CUN5GZP~d6LacCB?DeIPOUbNw(q=*jNGgY1`>v11|n?Cp)AZiyqS3= zx~|@#x~>87e!&KE;=G0?2F6C_Muw&)Mg~#hyhb3d36yJ~WT;>u2hk~>nhMtFAFPXN zMiV27g^a8W%uS5^3_vGwF*PwVGHehz_QqOetM;@*d-m@>nYZc7itv?3lvDQ~6W{bu ze8P{KrIsZtRfFyx)Vy@0_8-SOJ+n6qA2dIf75N67RO;BXTx0LysqwEQzsj;ryuLUp z{n#zncbO?%W%6rJy`FaW<_0JIkk~B|U#uhy)IM#BU%hnV=lje1U-F8S#CNxdG5T!# zyRYwmt_}b8f?J<0B+eXWU3}zXzSWFW!&Il&dyGGxH=Uw zy|^Tvdww-|-)@=|reE7~bbsCilivEdmKP(eqW64Ryeo70wW}@5JUjO)7*4Qy)p+#f z%jjwOG3TYO1;(FjEfnWnt@SI*CnV+dkw+8cE>CcMep>(Qi(6_^?FSl|tk~yxN@xK9 DIGi(d diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_NS.pem.certspec new file mode 100644 index 00000000000..04b90836542 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_NS +subject:ee-EKU-OS-int-EKU-EP_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_OS.der deleted file mode 100644 index 99c153369b3c96301a40134691e86f67920d6379..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AP2_7Igz&HcqWJkGAi;jEvl@3I60(JitPIRejQk8hH*qmFF)}h7P}{D>o+6#6!V<^oduiu-l~>$~*E5zH^eHzg zoE9ie>3doANL^Q9@6t_ma<`W5x*jZ*Rd{^>&5dn z+9WPqZK+@7#&*rwW%Yd#4%MY8$dV?YQonX|#{BKN6F=W-ULo@}PnwCDk%4isk%55$Com*sg;|&k z7!0^UOnw#?W+vtz24WzNDkI~679ImGHV$nzMpjmKW=`Z#1x6ziha z=|q0qvy``6PnP_a{}*4kJ?Vp%OyDB!Wo0L}J$}h(N diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_OS.pem.certspec new file mode 100644 index 00000000000..1baf3003604 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_OS +subject:ee-EKU-OS-int-EKU-EP_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_SA.der deleted file mode 100644 index a08e5b45160bf26b4a4e6480a7bd8cebc958674e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AP2vP;)5Lx~U%#939O^hs}#CeTCToWkQK*>9yXzTlr z^Jo3rzJG;S=Y1>VMrQdftLq|*v+Fyq32u#goOW$$kJ8sO$9QiPo1WWtTW*b6`qNyW zVvz^CSNzx#CNg_lh<4M(JuLe;Kg{{Zd9$PFZGYd-X8}G-b?z;VU9o@mf1iTf*;X;^ zpVmLKwy?`9n%ETEu`pBokM6Fc`hnqQOd+#G&l>FSQSb`;A^G{+oOul%tU{%C-lx7y zzM(WP=9i%LsTUO~$JQQwc80h6!J$v)CZ{^1ncYuL)ry}VReRv%KB=3=zcqexKQ2?= zx;^hAx9jDlM?|~7hFx42u}PDUwOO|Ge(IVZv%0@?1{pIkGcqtPHZm|U-~@)GtS}3c z0fPZIh{?~w!py|{!$1tgQDtQO&%$HC#m1q{#>mRb&diA%s=#OjhAJb2!;H-`n}w?t zkM0Ve&DSixI9bT$S#IfC`Ibn7{#WaMUc1s?vfz`9DmMe4VzYs@<=U<H%adMRxNnh!Twb8!OeLNYwGNd^3AAX_Nk1D%3zcHFmu+b Hdyba?UMVvN diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_SA.pem.certspec new file mode 100644 index 00000000000..b3fe6e105b0 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_SA +subject:ee-EKU-OS-int-EKU-EP_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-EP_TS.der deleted file mode 100644 index 20381c552f8ee489c20f3298f065e76b78bdd258..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AR-{b2$TEHcqWJkGAi;jEvl@3I60(JitPIRejQk8hH*qmFF)}i2bkxgZIaF@0qqp+y14e41CN=g39dSD(9+wX3fe9T$D8w}W>|rGlbQ4d1WQz{T>bD?aLM zD7}_xQ2jnM=Z@~mnr-)1z1U;crPH2uOLLYlUm<5n@4d^$?{*)xXx*aB)Os*uK~P>t zL2AkV&>3@lZe7ey{ZQp~>;CS8bw8)aZeX3iS&&QaVEI3m&MzFll+5?t37yH2KVSW~ zaB|(}r1n&x z3*LPGwdNR4k2k+g8oT4WfHVFa&EL)knHNr2_bNR_viQ>SUskL;p0`H47dwAqgKnmW z(4yE)7dx}}YQ5mwFLr)w-4)ikI*z%ftMA`u=3q2^&QJGEneZfJ_m=6+0!pmE&ux0cHr*w$ z{epMa4~<7RnqL}S%*o}XmL`2WRuxgF0n?pl7!R(U8Xy&`;=G0?2F6C_Muw&)#->r?yhb3d36yJ~Xee(W3(+W+nhMtEAFPXF zL=&SDvUQBC49rc8{0u-BaWOS9GBTW%RKh-_P}NCkU-nk-E5R##xs2 zC+2DBFU^qoyx#GZj!R+f)>wsDx#*QYizPnHPc=HdWO|JNk8o1hpV-Ye{Jpb`-W#+q zD==Pg)y!KpKiT>IBgORHbC;&%r9XbA*L|~gm(GVpcOwf;XCw-nH>63eNbf!0dW5Ig z^4u9C=CpVN-nEZU@8$TqSR;F>qrt)%P0yeEPT0_X!1~yo=NpQ@)u>ipyVx8hFHpN+ zeL8dGzxy}O{!`rE!)hCR`poP#b17xk zUWL0-S4~uZ$8OjiRa6l1b;%aayfULHM1LI;N0|Nt2U_i4f4(*CLtPVlul!@lMgAW`q#aEYpNY#IU#{>yZFx_;kKNN-8$QG_ zA9MI*#`LJ_>b9xdQ+5X%9WXT7l@gRQ+qgF3>3<&AsAUV!9rD(yx%lIIwvm2o#QIIM z8FFm3B$8`m|A>B=5)dNF$T#()d-Cj?zSgVnM03d+pH=3*(P(lq z+U#h^KBYY>M}8$~a4tV7am3hhN#oSl3s(HwyyKT`?e4wTKEC~3+|s7*QdB)@b(QP_ E07$edk^lez diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NONE.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NONE.pem.certspec new file mode 100644 index 00000000000..6a47e198803 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NONE.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NONE +subject:ee-EKU-OS-int-EKU-NONE +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NS.der deleted file mode 100644 index 32212c7687387c22d67a2db9699b0af57b5b2bcc..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 744 zcmXqLVtQiG#CT=_GZP~d6AKe-&@lsEHcqWJkGAi;jEvl@3q`i3w*2^U zTcz+a?HKE5ckd;EqNg^Nu6@1ic6GG)Pqwo*Y4h_I9!%dY{Zmk%adXYtZ_^|j4f(Db z{x7(9%EmSOPgL)+8s}40%+Flc?!S}#DDEDc!gHZlbtic2>grfBa@!TRf4if^C@aw| z$6oO@rup(_!H)Kt#=CtVFRN@ZoG@4NZ?sCxsts{`m!EpPU+Au6{?7H6IBLmy-Ni}aJr=NT9bdsyl zjO$FNJ%9RIrT>W79lYCpzK!jQ`y0IuA5lHo`TQ%VqrCD2jbGxj^D`&j)HlhJuX-@! z^NFR$xu!4lnH$)(_+@7}ugls}dAZfL8S6c)JB{yX9^ig+A|u1>@)33I%QLpf*@$YN zJfVB8d-?gh7P(oz5`jrmr$}|!t8{cTsm)^e6}`r2LmA8acc)d@<@K8WYL^{g-Zbsq zHu;h-EA37-Uyl9q%y2?p|3lU}dR$M~ulPTHcxl1z!VHC!Hs)y`-M+m&|2T9;q~@xV zv(mjSr<%@CmXBtX{v^ev{*$+H#a7Q=D>s{>aF)4~BX=gU?YP)<_{y}LMd>Bq01v$& APXGV_ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NS.pem.certspec new file mode 100644 index 00000000000..b2fa840c8bf --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS +subject:ee-EKU-OS-int-EKU-NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NS_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NS_OS.der deleted file mode 100644 index 04dbe57235f21bbe0a6038eabd5e430068007d77..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6ANSUhF}9;HcqWJkGAi;jEvl@3I60(JitPIRejQk8hH*qmFF)}h7`g`!@`Ax;_>Fs8DN0rt+nRwJ{(eA51?s$D# zExAbk;Iq`@y-RNK`B@$n{4uv`)h%Fg? zn~UYS*U#Ez>*O(E>9(rnXW#9Q*3mRRqNmpoe~cmPUEju&JQ+``w>*w@VrWQ8dZ^GPyBQ#%92mWnsJJwb&mnJ8?VU@^UH4eN9WG>v%f4E=NMqP%PfSmXxog5 zF|9T3=gMYmcG)s&nEp#UWA?XDxtEEVk%4isk%55$Com*sg;|&k z7!0^UOnw#?W+vtz24WzNDkI~679ImGHV$nzMpjmKW=`Z#1x6zf{pKRiD^7l84Dh>UwJS*NrEGZCo~5tPO+M#Z&A_yo=f(B67s@{#<-A)y z_i)AU1HQNO^F4oQ7-`<|zgF(m!D61|W<(qeExR{z485wS^_%g%%;KQ#RQyrDN1xg-7Y@Np8o@N^5+}U8x z7;W>Me|h+Jzo4*5TvyXJ)!e;Za%{J&fWOVgWpRZ*3q>aduJC?lG9`uec;1fVy=9fl z{>3R9+$=J5oU_JAZuT+XQ_4KAV-VRA!U zUe2?r=dOpvdI)H*YV*6MeN5s1??tnvK3!K^y65_p()IIiq)S>#-cCHVZu7!7w@&OY z4LTy~#3|3dc3(M9*6}Ebn2$vgUb0{{d5h_bwb4u1K3RI-BqEiKy9b%f!scz_{4Rz`%eL7?QHWEKCLr z2HYSfKMM;p6Y~!PF%UHZ(2mMnbs@U7(6wi8P=rm%~(t|%$=eYf3!4{uExS-SLe739Sr-gaID;=cg)m7C1sQ9vHb3{ zssbmPp5;V2tZsVknB_d>PxAb;KiV%x*?ia)bl66Yce4!h&Z^WcDl?7+nFYqY`%|F| E0B*u4zW@LL diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NS_SA.pem.certspec new file mode 100644 index 00000000000..7215f6a1e19 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_SA +subject:ee-EKU-OS-int-EKU-NS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-NS_TS.der deleted file mode 100644 index a85f4a4a3bec06529e68c13bc170e635175bebf3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AP1w%mD*lHcqWJkGAi;jEvl@3I60(JitPIRejQk8hH*qmFF)}i&{N>DQK0*5R{GKy;3ss+*9-qB^>1*Trr7w*a zn)!A|&+^}_nBp`4^sQfyBMMG_^Jj}TIMS;w!mJ@um}Td};dD;$L!9tix34059}Cp& zoXEMXT>tsj4CND!4(cKqCI>UliwiB_JZ+I>UvzaL$G+uxEw>*omD^B$k-?&L_51a$ zv%m0GPIJBf@3Q$vUj5Be^(rePPwe)skW0RHh~vw92e-bhPv7Wu9iGc}ZKl{x|AV={ zJ&$%WB`(@5kh^83RZ*(p)MIV`%2YmUIeqncQqio@zW&sGrFUz*>*rZ*zZd=dM!Hjv z+}wpMt`{Ek?)iCTtLeAgz8aT}#T`r96zZNyztvc@{XY{kBLm}NBLf2iPGCsN3bQa7 zFc@%ynEWg(%uLKb48%YjRYu1DEIbBWY#iEbjI6Be%$&%f3XDczs4_AvFqmGsN4?q9 zQu)^}j(|Nsy^3;{+wCr?-1qcY*VRQ1^}m`X@CcbMuJ=73`TCWtXe_JgMg8~LdrTki z;nQ9mTkFj9YVYlpuNrFk<+L}+cjguMrsWsZIchBsIQDS!%2=a|OXr$I_%e4jJ<_ri zlKwhlvCQH(Q*MbLT;Rkab9SPIoJB@e-S4GLzt`F(zj&}<%49rc8{0u=&L+H)%}r7m7FfIw$m3Oqs%0TerJHZ=EgcX7As9;8m;;_Xa8ZJ(aU~I}JXZJ$~iJ zwY6Is=PW<9LVxjog$a+Aly?E^#+=eR(x=*_F=^ z`eLnPCmNOA-1T#=-CVW24FTJp2Yr})GW716-|N)x<%G9{PIF{7`O(W~A5~Eo_@r#7 zSbyfb^mF;5&r^F;>X&KpcxT$_iFsy~e&Kulnu(c_fpM{sfq?-hFc@WpS(pqM47fo| zeijyHCgvXoVjzwxBjbM-9s@2m4sA9@R#tXqPUKJpMj$X$85wLJd@4C|Hal?l!=sju z;}m5rUOArP)B8C=W9~gpxre`ak7w(!M2I`PsB}G=uUDNoS1!yb@KkZb!YU?~+P{(+ zFONw$vLyODdMZz{HorFY^^4ls>WIEw@c-YfsLNBGUYn(T5>Y~9xtJB&IlZ#9>fo@%OopdEiW^u{!idlMX0 zF1R&37x208t;*7c++Jjg!hsdvRCoBKekJt^;dZk6F)?skZv_ajn3j*>&&R9cvzT%b&eI?eg+_ zDV1k07#*7+qpNCja7n z7WYn`pO@Kbd+%eDg1E6xzqs_<>cw-69#4DZzvYXAKac;0w#UD2u!O7FD%jh+ z{c768(sk_cg8m(|OO6D4lsTN4ywRvWe5!5K-D<^ON+qWz7Jtsoa69ea^L*LQ$ZG(d CBr8P# diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-OS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-OS_SA.pem.certspec new file mode 100644 index 00000000000..895bcfcee57 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-OS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_SA +subject:ee-EKU-OS-int-EKU-OS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-OS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-OS_TS.der deleted file mode 100644 index 85084188cfaa3f92b45cda31cf12198757346bf1..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 749 zcmXqLVtQ%N#CUN5GZP~d6LX~9V*_3`POUbNw(q=*jNGgY1`>v11|n?Cp)AZiyqS3= zx~|@#y8glOA;AW6;=G0?2F6C_Muw)Q1_n{$yhb3d36yJ~WT;>u2hk~>nhMpZi)uy_ zqY|=(jI0dIO^o~uKqqlAH8CP-qqvUM)O7c!?d=%YWco*QOTu0Rj&>f5fVGw*svXWMp-<*ycsU0ax}CGFvQ$drRu zY;oz=?E9=obWWHV&zG$GypH8^E=!cxERW#XM}FTs5_{q9y~5q0Z>~3pJPA}t@ygL% zA;ToKAocya!`5eG?UqYV&{$;HRG&P{%YLv zy{q#wk22Q2-Whyd)LB12dt=D&O&9kaKE|+Lh?kd%nUR5Uv5|p+0VgmdWrbOo3>XZ! zK}>!Y7G@^q9|mF|jw&PLe-<7CE;bHrHbz!fc4kiGPz6RKFjN^CmP9et2LG~$ocfpkpW<34Jl(v=s5iTIKATd^_IF1sigUhyZVs5_ zm%82Zwc$Pm-FKoKyd`Wm&Ay&VE2@~fK-%l#gvX+Rv#kW04+u%lYmj&lqG|NU+QxVO zdFjN_f8@p19Y*3BDeJu&1J!cM$^&|2k9|H6Sp0eAr7bd6^FAs2E{?fqe|ynKi+KP_ Cpei~5 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-OS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-OS_TS.pem.certspec new file mode 100644 index 00000000000..9816c8998d3 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-OS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_TS +subject:ee-EKU-OS-int-EKU-OS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-SA.der deleted file mode 100644 index 5357440f8c2a7cfc9e330266c8b8864098741db8..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 744 zcmXqLVtQiG#CT=_GZP~d6APomIwu2OHcqWJkGAi;jEvl@3)nCyE&j6}%TKS=KDr@kY5VJ$>?M6_zE}13Mt*zM zVyYWIWuxz;lpt>5*vF55ZL?Y_sCah$qeGTPa##0Os_*}t>+{-2x_Q~o-o-OjwjVv4 zU(6IEJduCC;yN=+*ZVJXKCL_}cO-M0+EsOx%?n=5yg6x8@s8ZMyNGBuzId&~nuvoNLcfV!fY;~u!a;MYp&Rn#OVTs?t z_$g$;8RH8L5rVtyA5ZUHZfoN&{dg(MO(Q>-+Lw7pnV1-?(2Et7f0LAkT*@ zO`7YhXUx@uX+04-Yr=L(sqYS*t0TF?>S6*<+0+Ng-z4hHC(m|nY|0Aw{!&Lp{NbwP zS<}@IXRj&ov|`{=-mB>(y!YYBcZs{}uIQMbJFqin&Yjb1^wq)}XU|{eU+~I60(JitPIRejQk8hH*qmFF)}h-iq3y4o6V8<(n?^jYRiI`($}Z|`j+T^VLrcJ zphoeub%(pyRW1d|2I%DR)St+c{v5nA`oS``O)UW_-{$_Vd=VlQmvQ-F4&&|gr4oO` zvW+yZhuv9mXp83C^LciA7}noS=MH6b-FmM#dSUhI+bX_w5Cckw7fh*O zFW&k2$xX$nA~y_-E4ULa&h~e$vZ*s`)$w(zar=<9;nc17lTCkB{$0QC^xd-1Ye)Yq zd-C}2-h}O8X6?re$s1LI;N0|Nt2U`WaevoIMj z7;uA_{46ZYOw2zF#6TQXM#ldvJO*5B9NKJ*tgP(JoXDXHj7DInGBW6Ie|D~Uvmf)7 z-s=DBr$=fYUdt<>5)vODcKeO=W5<=c{)y)+LpE$o=GbcW{?i`O^*cjm*>#9+vni9g zWbu2s;(X@!K89So_R8PBU&-m|aPkD#k;eQFdv=~kbPm=(DsTL4i=*SNpBu{Den{PV z-W&3Dw$lY&?oKP?L!qZ$h_S3luUWcq{;zGbrtg>EqrC0>KGWq@6KJ8iYS zHE(nE%K1;H_=xXVyqS5U>Bohv6v7*q3YWPC3B(;N_#T0?Aog zE1Q%mGS1v`zb!9%?X=3TJIDPNL}%A;sx{cDa?Y(wZ~jfs^Iba=+@s&COSmjBYc}4k G9|`~xBQS&j diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-SA_TS.pem.certspec new file mode 100644 index 00000000000..709177e6c8e --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-SA_TS +subject:ee-EKU-OS-int-EKU-SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-TS.der deleted file mode 100644 index 0a3731a7b663490b2f49b39e99fcb58b5157d0b4..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 744 zcmXqLVtQiG#CT=_GZP~d6AR)PQ0uZw7Da6$)+Go zGiWFGd#s+++hVdvl8IO5>d8ck#Vykc)Ld(TA39$KCUvHNR=UU{L#eUd8h*3CF_} z1ud`0T%FMx8lh}&n!HF;&&%jh%Dpu|ukZYQL@{w<>y-EB*W~igSa#r_%e<1Z$uY}} z|4P<;&b@7HUN+fSG{NnL!>K1NMPF`TH9I5UE8KikGd}9FZE1&;q3Py$o``>K(%}Hr C!YyF{ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-TS.pem.certspec new file mode 100644 index 00000000000..1e91f0de639 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS-int-EKU-TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-TS +subject:ee-EKU-OS-int-EKU-TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA.der deleted file mode 100644 index d826d03547815fb1100674ba0e06ac35034e348b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6ANR#nZE%q8>d#AN85K^Mn-N{1_Mz;VFN)n=1>-99+%nd4|dc= zGNXx63E4JARtDxKMt%mMgSeQQ7#SJP3h&xyv@B*_bze-?o6Z%dj#_N_=godb>66!C zwd-b=MC!L@FXq#ZP22S@K9v1eRz1JqzZ&C6_p3h7MB|=@tlrh)_~F8zqraE`_i5gD zviq;~43BT~(@f?3-0zF&HeHJM@(Q$J`cZbZuWw?yJHMpnkE1i z=NuS6^--Vl`lpA_Z46YgeCzu)xaG%&&#wfFN?0Kskry!vCp0>+gmmkZ}!o1T;Q;s^~@^x&7;w z)UY}KKbv2ke5PaS4^tohV<&vS`3SAMWUu>h-|~i{oOze09GHB50$=XwiWrU+LB%H} zmcQ$Hy`yoy+|CR7(dhzi{OycqLM|=LtlDn7$Ks9S1;%Sy)21BNo8?j7m6H-;#*=&5 Hq~{L+qWC7H diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA.pem.certspec new file mode 100644 index 00000000000..972fbf0460d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA +subject:ee-EKU-OS_SA-int-EKU-CA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_EP.der deleted file mode 100644 index b63f8d5b14abacf73b7515f1a987870e92c1e256..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AP2w>Kz8WY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@`U<6Q#`~U%#939jZH10#CeTCToWkQK-Ey$KoO!-Dm4|X(LXpo z*ijeNm?lOgWIGvI8JL?G`5A!D;$muIWMtUoEtmdLl8M*E?EUG;9XFozG&(s?_`o_j z=F>8_iMJ)+A3B(pz3Zlhjrf$v0}2&KKEGw2{EjWc=lA?&5~<$G2a;cXf7iz#dg4HG zp>^V+*3i zJG01gSI&yF)^`GSPo9(g$mE=M!|X!G@CCI<{I~Yxym&6@3Zb3P10CfxS^o#SEKHgdo!>6TH9@-z4)U4^zSjVFFj8&oTcD! z|K!o=itfe}KkqWu3Y+{=(`UGDZaqa|b7T~={5!wjwceq^9+9!N18l{4dSkxfuI?_7vR3^2gud`}s>- zzg#@!hO3WQ-?Eg(I>U$eUVC6O_x+H+M1qu&HcUe&7>&t;~dXrJ+t*Ie=dF4 zBKN-1`HJkL>nA?*eB@(WaN+5jeH%r8H0;#-x4-1xed8rr6H7L}le84fFlAz9WMEuu zV_;>#2@F_SVHPF>1_N#olb?l!nTh!aIND@Y85#exh#82macHwKva+%>bHZ7S$l(i& zYhd^?GSo+YoN>vJ*YLfy%9C|0(YEIQ?jEsRZkD}nYtX8`85{jKs*CTf*d5`-@J(+I z$7`SFdWNU2Kc8v6oUQcqV(ahefqmVP*De3I>BiZ+ThCCN)W7VviPguafu)X4i(kKe zH2blqhX%jR)YdJ(^w)jiT5hvnG*Gy%ZvNtw-eVDm&6#iJ)jG(@u!*uoUA{Q&7Gul0 zdzozqBsLl?Hk|M;DskEafl8+tZ@nGP&A2qfa9)w`dX9g8g_>2GkLslqU%q;@=SQTj z{Ovr!;YL+99f6d{L2{`j)_2CvB$AF4WEz=F%R@^?n?|N#<%uNRz8uuRK Vw!NwOtxqw0@5{Su()ygf0RW~U%#939O$F<$M z*LJcLx%qqQJl){fS?e2>*S)>BX&uY=*NxFEs&|fL{;0orPvdHirT$w^&zI>= z`BRsuyc6t*=AJEWe*Bbx&w;fZG2KS7LLVNS5DH$zuqSJN)`10PNz5N2W#Kh?6 zGL5F+8->I7{*q-}>&;)=bGBZ%>gDU~noV2pn4JxbPug>B(`+VYMh3>kHU?G(oWQ`8 z6=q>FU@+hYG5J|on3#bB?KA$syjmc}@xjlk$6x)dWsU4LKQ3^1sv+m?qCdHxL(WOoWQ~$c zVM=m<3-6y*tfwrhE56)oP5Jqu?b^g>!T(zivP=fSxuvn`?m{%y@|V|$|?rYUmBv!jsPic9vLk)(2erAC3UmP@2;aA=_= z`>)qqr*Iu!koJ4~YE*Q(tPO-kv(w-!N*G zRq`TVzbiQ_6}n~bIemHiyOd|i_0Cx5ectDo%0HJztbY40drp>8$(`_N>i5sBju3mZ JKkV;PM*tcEEEfO( diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_NS.pem.certspec new file mode 100644 index 00000000000..6bc4a958356 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_NS +subject:ee-EKU-OS_SA-int-EKU-CA_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_OS.der deleted file mode 100644 index ad1b05a489d8ccc84268947054af2b2649c3645b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AR<}cfkg{Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@`U~U%#939O$;oe#CeTCToWkQK-Ey$KoO!-Dm4|X(LXpo z*ijeNm?lOgWIGvI8JL?G`5A!D;$muIWMsHCPv2|R6Zv(H`_FMR?5Ikpo?L6X!s5S1 z#GIYS6r1a=ioOWv%$;3QA}ORhms7=RgV-v|v^h!vD$5mIe}*4#PngB1D0Jxjhq*T@ zn;J7e?CKLN=q&4A%j>l%@6Z;188>d>R0f&w*XtfLmEPvQ%GP&&@gjGB@s;nDHkK+` z)!ta7cUM^D|Ay58r{3?|eSOWUFZ_;*Ggvn-J9OVxMBd;p_FjH`ZmV14#>GF*7W~s# z-&^`+*@72djqj6eST;|1wc}j#;e8_iKZFT|Y&oMhrCFus>u=7Nzm#u3iu3JlMU;a91OHI@`=dy_&vfw? zns({NPn~%gFYV_X-e~t{ K-TB~+siy()#w{}d diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_OS.pem.certspec new file mode 100644 index 00000000000..1f36ac2ef0a --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_OS +subject:ee-EKU-OS_SA-int-EKU-CA_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_SA.der deleted file mode 100644 index dd7e5a0e9e4cd4e4efbaf488a51636417435614c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AL5HG;;%9HcqWJkGAi;jEvl@3T^>sc>*D%LF8#{1IXxgGEFV*44oGG)B2 zPx>#pd#yGMza@Wb$=ddH$4vJuo|^nfc60uwy*;b}x5_l)mrFir34Hi}`WdZMCyf(f z{_1x&3LaAZv@5@>Iq~`wqoX`;cTbL<%eO=G(b>k@nQX6KzT8th#bx0$Ypc>LDoZ9` zUdYo0T`r59r zo*u6xt<>$t&-reL$e&vHs#EUylKnxy=e|Dr;{ekMan0=OOw5c7jEijytPD7TfhjA@ z!eqc;zzt&Zv#>BTG5;`70C7|q8UM3@qKZSCjggg=otYEPVnhyKV4MQOmyyANYr-q8 z=i2Ljwd>w{vT5zh{Uwa6Grh0LoMd#Yxa)UTFQMo~Ps3ZGbqa}F_!h4_WW4I@c5SY! z$JS~_IL;7U(BBz*B)hBBp;y*NW@gun%=4@-wN2)|Tk_=TqQC2I%ZF8X@x>$@^QkTg z=HF#?Q6@z+cf;+3ErsWvP1k$=^9NV#!RF2XnGc+8cHeGllhlyST(mjm+s1nFy>nc% zezTf*=kRtc*}}X-a8!>o60|J4fjbNnK97O71UB~$E}t^|Hh{MMFsY~|mXESFAcm9%f+`NF@D I@zpC&0Cv+Wx&QzG diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_SA.pem.certspec new file mode 100644 index 00000000000..0f47ffdf21e --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_SA +subject:ee-EKU-OS_SA-int-EKU-CA_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_TS.der deleted file mode 100644 index 03d0166a858462d3c3385d6a191aeeaae169ac47..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AQ!52z3KqHcqWJkGAi;jEvl@3&qs!5o-@u_bxSGMbGBJ*7ST}s)LmBCx}!zJM|zT`h08|A0FeW# z(_Sj>eraCmqo$#)8@F;wx^YEq>9fm0K1;tIIJ-Df?tPyAY@_bb?Nh$rnf+2gzi>*= z*Tg%8Nij3|9)#*xKPcFA;b#2QQ&JpEUq97f4L;hRc-h6S=*PDWS`584Y^i#Bzm7(j zeX*Lc<3UjCnLGd1?!NLOzMT7Bo_CFVsoRVSWsxg-TSH}Y*QThS47neAC|Y0a?9~*V zYt0HVOZZ>ie0l1cb%6K$AeqMaau_S38tEnXuGb01zVjBZ115RLI$_leE z888@dgP8m*EX+*IKMWK=992ff|16-W;?QPeWMyS%=7h5tk;4}lr@-)KWY{SXA9CQ$ ztEbG0uh{o#-MIaQ@s0f?ty`5$hkx#0({<48&W;(?bFQz?nt%Afv*j)NzrL3>A6Rfb zR!PjxNj~=2j_G#~=}heCmsocAnm)xpe)inS8CHKX4CgJ`PIg4zxCcZpU`b5&f_*#yZ I*uB1=0F3o6^#A|> diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_TS.pem.certspec new file mode 100644 index 00000000000..f854391ad7d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-CA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_TS +subject:ee-EKU-OS_SA-int-EKU-CA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP.der deleted file mode 100644 index 4cd4562c7c9e75a2f19430aea548c243395154c0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6APoqs#ylSY@Awc9&O)w85y}*84N@Xg$)GRm_u2ZdAKt3 zN_1VlLv>vP4CKUl4NVM;jm(V*zhotxZ0=SJ5bT&u;zJ zl}ev^eJg8?8=l>CkhGh>K+oh}P4+(FZTk~)jMu#|Vx3qTW9Ba9EV{U?;ac(`&BlM- z;l^L$l$rN@mb{hy&GMS;x7AzvA6OXwQ@r#v=Z(O>zb7s@#kyI4YD@ofc<;~R$Ii|V zuEt92V}A7a`joqKbSonEG6{0dRKD0h|GJivPsQ&frjMt-c-NQ~Y+>oN&szE@@ym2Q z_sYN<5)Tt^tP%OXBlzLz)jtl3`MmRb&ddpCF(QXAFgAhV%gC^4ZK_3} z!2X$EuKwzc2&sOY>=J7w)oCJh?i~XUtIOkp$Cr{hZ{1I@IAoU8QD^07k**xSXNKDa z1Dg#dzI>czW(#(&+j=}hB*uJtN_W_Pm4YVXlW4TuK{&j_BtPK)9U02-v zTEqo9(mPpgW^=9+Uh*(M%I|qVbHTFu7ipH|`g!}`Wp(Ej?$CGh_f6SRbi()nt6f&K zVdbTLRrb!ar2GqBPLVN@ZhhvcH?!yhZ`PE*3?vN23`E$NLs^)4cr)`# zbX~nebzKAE{elhT#CZ)(42+G;jSNjqj0~d0d5u6^6DZd})lk_$5u#HnH5IJUKR7I~iFSn41{+8Gx?hVrpV!WH>J{`Kz^*NK3TWm&5lYGnEfI@ypyiYsryq zeyJ%oD>P5UGRizN+rr%C6qn?F50&dRwT;ag6D}U836W3IH#VNVui(Hd_h~^{Z$zi9 zWi31TGdIq}>ss5S;~n`O8_ZwjKkZ)oYG!U-kJIsWT~6=QT(-}gw!_@|rOooXbF(S~ z-=C|D`0_f*^|s3X)PRcZ6$kkbuK%do7q;)sZsC2?#l3!C?eLY9doQGR$# zzyiBoaaG%sRx2i!tn;YsT{F>&Np_A9Pw_uDrxhD??rkc&eVO~?B(+oFhXm!fhSgVUyY3dmoy}!pW@KPoY-3<$zzGaYSz#6? z0|o;gFl% zu~!y_OZvs1-U>f4we8=Dx|#WzB`Ok`cSNOhRy2n{y;8C$+$!b5%)&dd(gupvA(i(t zew9xYYE(+JS#;YVEz4_h7az+cfjM1QCfwxme#Pu_^tiY6hQ-@`rk>jxv*m9#>-JwS z@0Y7CejRWieDlGBq9XbxZ56LSi+9iBThe&v$CtR``@MHg%UbU@f0#8z{lo?9hsO@A z%)G@J(EBy`s}OrtU)is@f9^#&s@`575wLsi)?=yblesdEPy9T!;p`KGjX%E2vL;!a JD7RcP4FC&4FWdkC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP_NS.pem.certspec new file mode 100644 index 00000000000..090ffdb0b3d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_NS +subject:ee-EKU-OS_SA-int-EKU-EP_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP_OS.der deleted file mode 100644 index f2ce8dd518aaa6ebfdbb2a20b1e35ea29db0972a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AR!t?0Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;{AgS~U%#939O^i&U#CeTCToWkQK-Ey$KoO!-Dm4|X(LXpo z*ijeNm?lOgWIGvI8JL?G`5A!D;$muIWMnuQ^pIJg*m)NJ)Xm$Yuf!<)dRulg;?mg; z$p8b!pd!ihwoz<(#t*-Jov$38p&V?#B6sqh_BS^-TADL=*8kX+`2WDv`}Yf{9+929 zAkoKeVt#@4{2vEQRy+7Kijf+ZQZyGMza<$d{nw)kiGV}o$s*XG+~d~%e<&uVq=aTf6URoYtT{>{?>ea^69)DxAOF;Wgj~B{QJK!@wmQCz^`Am@^gI}FYOX?ba%Hq_|Sg+q9Er` zn~e{7j{I;wIhp71nU8b7EZudJJ-h$QLyxz)o_zNYxlNU@%+y>Fl{w{HoqMN>e8Gpd z{fSbuSWgzKKepK2b-#_1`>vAvY**_wRjjgdPfv#4GF|DHd1ysd?us+ET_+Wl@A%72 zuw_@9t({cBRy>(c?vRmQ`}4d9@p7@{((gh~^BzuLd7^Vl{4MRwveldoKRc%6{h7I= IFJt2k0LdvSH~;_u diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP_OS.pem.certspec new file mode 100644 index 00000000000..2a3d5fdeb0e --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_OS +subject:ee-EKU-OS_SA-int-EKU-EP_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP_SA.der deleted file mode 100644 index 1667617f18c527fa8503f8b29567d45914a7d85c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6APoLRFMHM8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+ix6_+Uo^IdNV?69Z!-b0b4j6C;Z#ab6=3*96KnP&HIGP=x4|N=*f8^bZDV z)I~L>iBSpJPDWM+<|amd2B5RJn3@i=Qnq3yEryq3f}vJ zWy{L>O){q9H~mU%-cRj0-T3mM=bTwZN2}~ja}QK-PG7V8%k_yWnPGE3%Ptj@yZoAq zOXZE#qh&Jo9ouaGin*c_!lx~pI1yPeum>v(G01k05@yK|?{^GlY!o6ffDDHAgz1LI;F11kegU|`A$ zvoIMj7;uA_{46ZYOw2zF6hItRM#ldvps3=|W@BV!WoPDuvlx-X7Z|6&@MUDk-E^&C z+XK$0LC=>+M=f~N?s0Fo{pB z<@%JYv>MjHfA<3&FKBHkX`3i<=xQCGR#=Px%M6hOP`qLFZ*RZeZh-cIn`UWZ) z^94@#&#X%f`C;evK6TQAn(zNLFXvsJmx7k&$cllXmyF)KI+~zwU$Sl0jC5GMqRga&;5?jyN zxAyjYy19LEaMJCl&nNRzpF1U{^?ZxX{kAv!$X5;}UZdO7F3!K$b^Xj)^^}ag+V|$T zA1P^*JEk@F{kNiY*8Sm$X|>gYtbL2$2^|sGu0H1-@9DszvrNp442+9y46F<|fq^M2 z%)(^AV89Jx^0TloGco@#PylgM85#exfTD^+n~jl`m7SRr&SFFkUtpX9!2<&CTo|7w)q7G;uVFTQVLju!zpTDjd}oD^+>1p!_4B(K z1%tCzX4^eY6w5bWFjLLszpGB^)T(CzU)(R38gfehw!0lGI4e|rmy^lv5Wo8ksmD(` J`LN1K0{{cbDr^7% diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP_TS.pem.certspec new file mode 100644 index 00000000000..52dfac9d205 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-EP_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_TS +subject:ee-EKU-OS_SA-int-EKU-EP_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NONE.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NONE.der deleted file mode 100644 index 875c2f5643b295f81134d52d447ba00b7449f800..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 760 zcmXqLV)|mx#CT@`GZP~d6SE?Jm;o;vr&gOs+jm|@Ms8LH193x917SAiP!?t$p3J-w zU03f=T|a+6R|7e5UPBWDVS>WK^TOTVvL zEnRiMbkXx4<{2#yUZ!4K*TCDL`RuP#?7#lgH(yT4miT`A-+lhH7J;hvhb8w}5tUB!*BCq2I!eQEB?4<^U{w#Ce3VrFDuTx?@tWxxpxOIcwS zCIbcoZV;27g@u`k`3E?RWmOp&|Fei0h_G>JvoW%=vNLnSS&Ycx3ye`<_%bpm76e{p z(l~Va)wKCb!YoVlH0>htI}%xbzI@DZtHj?kWnwgY_}X*f+Y}gFUv!5|y=?mN1K%3y z?HrT03eN64E+MMF()?1aJxjk+MtX#>y7n@ydk;^Z*ziBSIHM*P9rx$)EvcrPXZGg#ANM-_n2$kgit_Zr z%B52Gq9_m}7wxb=BIePLJsR?nfd$xO3 zoS#?j_QO}c{(Pu$qpCFJ`jP8`H*L;Zh27IvbGZ61^vWr{z}9nJl{deiVaiT;=f1Iz JH6xji3jmL#G8q5> diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NONE.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NONE.pem.certspec new file mode 100644 index 00000000000..a08303de261 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NONE.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NONE +subject:ee-EKU-OS_SA-int-EKU-NONE +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NS.der deleted file mode 100644 index e75c3fbe2480a301a5b7b1f30723a26a39124386..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6APnm$u6vL?cJ9*x37UU+bbnCi2 zVfDpD1-m}{T(;p*blDN!Tle3TmH3J3D%Q39a$7$;TI0+dLmvHI7ZNY7dAGS}@9Tt^ z;=?C)C4Tc;*nZ$}`>btdhwT1D)y&VcyCk4#XtgPHQk9DOC%@|W=0k6ltS%(=b2qK# ze80ZZM0ny0K8>dt-wf;Cwyovk`Z%d_n(y0xS;=$rl1}{!ddjz8_Lt*6XTGT3s|%j` z{AgTLpyTv#fw?kXbI+D7-MUif>g--);r}^|-va_=?Q_4bc6ZD3^mDb6u4TKsY~Pxn zM`DiM@_3Y@`q1b@(Y&xljn=1*K6CYBTvWZdv+{crw;&TUBLm}N8v`o?PGCsN3bQa7 zFc@%ynEWg(%uLKb3=}{dRYu1DEMf*CY#iEbjI6Be%$#r*BXalxV-py@j10P!4}`v) zKiyMP{oyt5H!g|b*|LQ#Oihm0uPQw7P4u`b`soGhn;WnDH-9ksQa@o~@IDd7)x&HLBZtsG z>z#5`>}sPHzhS}Iq$&MNmKHPIp3`+FddV!!Jx?A~%bCwVV*YZ*UVo!6GcVoN-^b(E z&im&0BeuodzwgQZF|Dxo+#1}c^A3U7B#xXQBQv8m{ymuhQHSAKE6 z^ysPH_lV_lk8Cngo@(~;#m2?A<9d1WS~Kq|yx#0%G|QL4wr537b7A-U=qn-he~v7F Ky1ifGgy@t?O$BT84~`FZ z)I~L>iBSpJPDWM+<|amd2B53Bn3@I8FipMT3=LKghGIZ@^WMXDyU|eitU}eAw3`|*J z7A6A*18xwLpM`~)iTQ_t0*Ir^$oQWH6jdDBY>cd|?97~S79(=_0^<}IzKje@${35( zf8K7By5?K3#7I&(_0ekkkY9_sAFoN+{I%-;tLq+J2i|tEZTz|GchBFiHMTouJ$*iVN`Pl#k8#+D! diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NS_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NS_OS.pem.certspec new file mode 100644 index 00000000000..d231a3cd7f2 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NS_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_OS +subject:ee-EKU-OS_SA-int-EKU-NS_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NS_SA.der deleted file mode 100644 index 0ec8284471f7972311345c59a641929665c0eeba..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6EolQCIenJPOUbNw(q=*jNGgY1`>v11|n?Cp)AZiyqS3= zx~|@#x_-g&!Hx!U;=G0?2F6C_Muw&)CT3CMyhb3d36yJ~YN%|W2+=8(nhMtF57MZM zYD^QO60)6)tPIRejQk8hS8*{lF)}hNUl@K_c~#654`cgep{p?(j-Fn{9evK+>Sq;< zEx)n8t=P4r=|!bB^UsxC^E_j#zf}Fv`Xj*DywCXY?6wm&n!0NqN*4x?{(JekO6pWDsGr1NdSa^2b8g?L1q{;sZl_H#4*3Nsk@Pf;%ZOIQN|NZDMO&&15gz_{4Pz{-FV7?`rcEKCLr z2HYSfKMM;p6Y~!P1rSG-k?}tZD5^NL*%(<_*_k=vEJoz;1;!~bd>I*L&63LrXl}|2 zRQlSP^1pM@M^@RFLNA@II!(hqa0MKZYdN`c?y^e)^EQ6Io6L7t6S)xz?^xf7UaWhQG)AL_K;%Ul{e?{}A} z_^z@E_gxiB0D_I5UX7x~U%#939O-v1<#CeTCToWkQK-Ey$KoO!-Dm4|X(LXpo z*ijeNm?lOgWIGvI8JL?G`5A!D;$muIWMp`0wM*A>Tl}r^aF#VcI=4jrXf{${^7*z$ zCxrJH|M8ZZ#YQjI9}TX`zxi_J#iMhMTzcU3IdPNbB?I-->mF=>;H}2AHmD*zygzwq zW75`(H4np1PG{xX>$0f!hUc4K7Ii6WlM;To%{UlRyDc=}S7h#v&I2-v>$sx7&%2$n z9=B&*M3PKcweh{h3=`i=I5-cE}Obcz?}o^1X~()=pN* zHA(-<*Tma1bX>l;c=GGhcDn!gQ(fP#tlG=&rLkY+;^l8SbD5YK85kGa7+4u_0s~W4 zn1#uJ!GIgYOjX%5`RszNj5_@*x9@P~7STv` zxUt3lO3d@iu@3^augR3>oHqUQx?krOW=+|y?-1Lcyo)1lh0*3a*IDJAjs*xln%=Wf z>}KfkspnRi>)-ltlx5zxJ8^9rzwP|;L;W$wkLn|bR4*1xD>>3}NW7>$#fazn?C{1M zjZHUo`{mkBFo(MSywt^ZA#&Th#i9pJ3o3ViUU!JigTv>?iOqZls_L)5XvDXiwSBZY z!E56FndT20tG4IO$eC|e;M>uzzfsc9+S6v%B1|3-~*pPhPf KzrzO2Typ?Smo6Rv diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NS_TS.pem.certspec new file mode 100644 index 00000000000..2ddbb8d0adf --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-NS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_TS +subject:ee-EKU-OS_SA-int-EKU-NS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-OS.der deleted file mode 100644 index 07a43f3ede2ec0410f4fc87f02edc408c8b29ed8..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6AP1~)=>jqHcqWJkGAi;jEvl@3b27l)*o3vo}70#QRmP36yrN3;`PzroHuozzPEd0)sL6&PKf3R zZQYR4Qs~HNJt5-m|Es^XQ{GMWdU?d^LFhKsimSW1-(*X(D%?AKY@Y^Wx?$x~8IG7q z(oKu&a+N19>Rz6Z9rl&k&hC%3wSD*M%qy;m$5@vxj2B&gRyXAr+f|mwj?;t|FJ7J* zxp)5OPkSw13cKtP=DXC|-gczLg5|JQS_X5|J!zrMOw5c7jEijytPD7TAt@`&!eqc; zzzt&Zv#>BTG5;`70C7|q8UM408HliPXtOc0va&OC!dZ;S;R}pSVE8gJI8KNcdKRdk z7;oyqxhm;{BH;{=m)@D@9iiB!xvMSi+MlJITybstr#dWP z_}6V4qO?xvyV=x>6B2kUMe89I!t^Mb+QaB{OsP)I4KH>jU`$8T_Zg^~JcklHHHTKX; GwHE;nOfX;o diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-OS.pem.certspec new file mode 100644 index 00000000000..cee653dd0e5 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS +subject:ee-EKU-OS_SA-int-EKU-OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-OS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-OS_SA.der deleted file mode 100644 index 79c5263924c9858f67046ddb9e5670c205eff1ac..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AR;gTXzFqHcqWJkGAi;jEvl@3*o7>ljT-1lQ5iJpmSmw z?;HL19*#1Tjm`G_44p6J5q*f!)7WoqS@LV&TVb_3MQ7xBIQ?RrA0wwWL+WP4sm{M& z^MyZ7%zBW1IBVBLzB>CFxf%xEKufkOhW8V9e3-CIW;WZaHZ!XY^L_^3(|G@}VRNBt zR?Wl5z8}O)IZ_vDM{3I7UlB4ZKCjw#zHc_`v$AK^x|v=XD+&{>m28FjW5?7*91+e zbZfX}T^YLIT6?s<#g4nB{k5M`Q;e>72j=pIGchwVFfO(+urlBT2Bxeq3zGqZ0XK-r z&%(mY#QeiR0mM;dWc<$piYg9mHbz!fc4kgEixD||fpH29Uq*(~o%bu58(G<(O)Y)$ zhdpoYl1rf(tNSt^PndMU@>iF?xQVR!K`)yK*}v0W1w1+)i@ZB_-u#lN$mH(_e($bH zb#}-&VW%crdiI%B%FdEWhu8iNd#-k^`MqFJSoFiG8~Uv8Oz^X1kgnR15%v!u zFFQ-lTfF$!>jJI)EWv*gzUSO~=Ajm4xFmo_ez9NkD(juzVk+A%>O8V3p3f(A{_g*SsKA9!k9i1f_xLXG zxajnfW|Nnme`0GMteg~oCRg{NlJ^do3XxT7G#{8;-aOS_{(F1C#=RA~3%@lRH30y( CULl46 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-OS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-OS_SA.pem.certspec new file mode 100644 index 00000000000..0a2e96e2433 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-OS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_SA +subject:ee-EKU-OS_SA-int-EKU-OS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-OS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-OS_TS.der deleted file mode 100644 index d332de0c95eb44df8f898b4aeeeea54a45fa980d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AQya*MA1QY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv{Uw<3oZC~U%#939O$`j9#CeTCToWkQK-Ey$KoO!-Dm4|RG1yTT z)tDwmC1g7pSs9p{82K51&f;QfVq|1Edsb!F?rTzgJ$u>3S!DF2mJ3{uyng83Ex!L{ z&fk1|`7KVH#eII-q0jp6)#Xn`FND4wF79`=F}o*Ot+xE(@*6c>|0YPPHJpqxxAy$} zDk0r(&m)T!>A{sLUo69pr{^qRzjL;wY`~1yPkNK9TVp0&KdZtWJ?mq4d&u8=9wO(s zcn``SJ!mJ>&X)46(633*ed*!pu2F}aACzfKjemQZS1M$MQ?3rf;KYZ3TTULQ3_d=YozS!JOLjn%)0AAL*S+xx6|=IEl3sJHjAN9VQ@V-sO_d^F z$UfZ(S7)BIWn6MZwMx0`U)AF&o8)FP8O*S(pqM z47fo|eijyHCgvXo3LuUuBjbM-P*ibfvoW%=vNLnSS&Ycx3yf1>_%brAbZ-&X^3~n6 z?vKHlHqGaYgoD(l{Ni1=X8Y5v`neyqXV0Fac4hi?C71l-a^<;3OcDKDCFlK)e+Ze~ zs?eouIiK}>^1mg`qC4X6EZy-~Q>biaK}v#@@ddeq3p_Fp8vStGA{?`Qak&HAfxZW; z+&cDVuX3Jx{W(iX+lrGvgC+YP%;VuK@V@_E`SSCdj~#_=bEfM3Ir;mJwqb_S$A+Zf zQ&$~k{k^dExYRbIQwMjS{QL3Sg;ln}6C(smR^46du25o-wNUg{uZ7<-{{8#Ea5f%Z z=5zM#PbQz#l?Rl5?a?xyyLEf~XBk`ONZay<{B>_dNJm6z?Q8GSX&KhB<3pgfT;rs{%Y5MS{w`*}x;wxqqxv3zp8)N*w*O8{F;^YKa2 zxx1E{vS#j8v&-dF$U5ub8*ws2@N`k^>)Vfi2(C}Y}w?TT>K$9buI{FL-9{SjjJ9s?J-{-t8x}U9F&EbB|fL?1?!oo_EugCaX-&+n~1V zDE~%hG57Z@PKQq9nWft(P3&76mA$y0`@X4J&)!|UR|+QnVLdp1<IR&AX z-E2~;om`FkYu>LAZL9m7T-NbCU39JTeeqQXw4c2`HF4?%rEa0g7k8K4)!nYqJ-zbl z!dr%Ob$SCB*L`oxS)Vn%(m7A~)uwY_0~Q*6%MT7e_r~T`y|7?WKRe&uLqc{QT8r0J zJy$)pVS{B!(V4~fo!cJ;3Me1)bpAO@Dzs~&cd|?97~S79(=_0^<}IzKjf$x1F6C zyzWYDYuCJ8ng^@*UY(}t;S_bllT%xL7V9JL1z|e!dkzNdElTKmb@=Ae@cP?VU2O%} zr+OZm=;B=yzh_oXVPh*plZu?<1@|?+$&=M~FAq&O+M#^o<12Y@i=#zi?wNNO1dIdNV?69Z!-b0b4jQ$vF&ab6=3*96KnP%>07kb`IwPfZ2u@(+#=cGN{O zqlr-o*)~R22IeM4eg>d>xR{z485zFCM28z>*(pCe6Ow9HwJgpjX>(_B`yS7ejPeU_ zu^skX&+K`2+1AA~W2YG2lxUQ2eAB3JX1DXN=)TW)K6RY8yLKVb6RUX&+*qD@iHB|~A8U)K|5+?mc!oSTvMefF^((_e4@ zzCOy1tG!X%%rZmef*N15zo4>qvq0Fn#wcJ(ZVC%!~|-i){?73^;)yDJ#svWWZp+ z4Px@MurM<*|1eMhaa0)@|Fei0h_G>JvoW%=vNLnSS&Ycx3ye)*_%bqhUn^W+!*!lj zJa&U^V9ck#x$9n=JnQ3ZmbCtA^FHPF!-*SiUyIlq(aJUdM#$HRR=c#KZ32Z?>Xw|% zt(dUyK;^@vl{rF2LeHHW11{(l95MgqHFLfG^)pv0p7LE&S9RM`dg9UF*gi|cXY<*M zT?@9^Wn6E(#HDT`>Yyn7qda)x&dDpv)3!Wt)t;-pSFX{~>zc$>ZVsL!3QMoPUdCh0 zRJC$5Z(O4A*2svh^W=1HNlv@|{mAvu^#8M;ZCQ}xX?3G~Qstx_%M}&3PMNVG;_LSk z*UfLIa-WUyOx1sMhl{oREn|AYVzKpcscYYHg~YweX?!8M@@DPp3#Kvee{H+q9(?Pl GQv(3~Sthyw diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-TS.pem.certspec new file mode 100644 index 00000000000..cdbd3e79f2d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_SA-int-EKU-TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-TS +subject:ee-EKU-OS_SA-int-EKU-TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA.der deleted file mode 100644 index 026a402e9042fb7c4242ce81039147e644bdbb41..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6AP1a{a*uKHcqWJkGAi;jEvl@39)|L@-&rvF%MGWXi*=e%DYU&-R^xOu9)(fwuelw05YIIOiQf6HsP z>jhY!{IzrW*|l%uSl|EHk-cHFuy$jUTh+IRP8o~BPDL#AU7^47=N*@W|9AYUY5Q=S zW6|mfI@wb#vR?jid!PCL9&bmV=erFDl#lAHFbj|o%~{OE%*epF*v7!hfD;&!vcfD( z1`Gz=ASOQx3o{e*4+8}dN0pKBKZ}@w2pfks8zU<#J2NMo#ep2Yz}N(aFC#;;%5SZQ zTpZ^)-bL>_p}4xG^88hH`{MALI3tK zd$%MmPr7h8?UwYlv?E(|B+uQs{^x4I*(VLr-`JO(7kU(174o?^=3AB{&*khU*`-rt z^3NKrJkF3=AY9aba8=1%Q{6fB4}YAv{kK%*j)C2*oV4^bRyJ`r1;>8Nqg5Gu&Su;^ zq1Cwac&+uLDZ!QPZ;Z8jyH|CvMntWD@?ov5ccXF0%RMYd#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+e!oc-H^}IdNV?69Z!-b0b4jV^fPLab6=3*96KnP&HIGP=x4|N=*f8^bd{? z3D!k5rioDr*-l1Q2IeM4eg>ekxR{z485zzS)CxL_JWm$o`!+pplFX0apGTxH-vF}TRR<@=6T?GZU%dh>ie$DZ9Y1Y+pql6KbNHSD=eev#V1$!8BsT!J$37Y z!cSOxUCCtemArpYul36U(Jv0?nvbX(?z_qIvqCqpj%(FP>%NzKD^56ipN!Qpy~lo5 zQ0v=+UDsugOU&AE_3T{@sbsC_B|U%UZ?}p{YuQ`D(9lrws?N!1nQHV7P5H0Fd&Iu) z@($)caF$hW?ZZp6&Kj4nIFQ2^7^lGSWn^#-Rt%S@h#})DkmR{M!^(-yrE}hXwe(yNE(d)-_ztuG&*D|+7iEI&d zb?_|}V*6TBwC-m>O5)0thaN>Ay4n&$XRSNFu4x z*cJOm=GlRri{(WR$ThRfbg47USN-C_!|2lSXr;}Mmy?>8ulV=-;idGSZ4Kvz)-=~i H$aDb!j5H!m diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_EP.pem.certspec new file mode 100644 index 00000000000..75f25d9792b --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP +subject:ee-EKU-OS_TS-int-EKU-CA_EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.der deleted file mode 100644 index cd221a7645b3ff91afa399f2841a4dd913d7179c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 787 zcmXqLV&*q!V*I{@5qwPB{BO^B}gMo^nl7Rvnb0`Zlk7Qw=l9YFgG#sGXR~-#ni;e$gtzd4)v{y58M|k_Njl{ zIP2`2U8*ZM>N6M)Bs0bsy!xRf=T(oOY-)`HrfaD-fE9i7CWTkur!}bd*=*k zr>h^>p7>w$)z)5X?!pnfWcwA-rmm>=T{@gz$~9$$Y#)3I8DDp&UR%j0pnmsg8Z)X>ocG_kZ zTf)4GN6p?*mTEOVg6~$QR;g@@icwf}g?WukO}^kIhmMt#^>lV{y_P&FsLjO8$iTSR z#=y#e6Bw|v!YoV%3)WT^jAZk$$8f2!N?UjnPyL-yZX=L0hNl4AV~ewdl%F!dx&bz$jCIda-ma$Db> z>mem}-{$aK+OcDZa)H>2}5} znzO5mnjDP|zK=1~$oqD}((fB*{_OsOt~Igm3>Rs3sn22l*fH7mOyS1QTE5rkoY$ULPyY64Ony!1s=De7BcB+Er$rZD`u1}jeXZD-uoiS%p*)~0YH|b}(+gI@? zHRpavhJ810k25t}|2FpW)eJ7y{U6_yFS~2AwC-@!9Jb$5dOKF!kv=s~G2e1l&W+ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec new file mode 100644 index 00000000000..f9e172aa8c4 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP_NS_OS_SA_TS +subject:ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_NS.der deleted file mode 100644 index 5190ccd4967716545e48669c34d35a518f5a276b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AQ!BD0u^3HcqWJkGAi;jEvl@393uF8@|!Ch}YE}fG&>so)F z&)j5Vt<|TuZ=7kw!p|6VWv_nkocgamy3VWn|GeYgCw=BWTOnIiuVVSD7#S7jl&9~$ zo7CFc>EFG7t@&Khsd)h+OLR`n*X^4=_v(_Je`lOntP{K|{Jy|6&3)@i5BAi3{_CuD zsUxqqv;9}7LtgBJ@Ht@-x7VmI`{?oa!zHJ44-I3EiSqk={#c>=>W_!M@|^D%uE=dm zdNg@r*KPOrW(Nb$+yBq+Z?mZR@SD=KS8_lb%9Fzb%(utPo1~QZ1PfH^qDKz(sK8Tty*R?BxYTDb7;Lv-lK~U%#939O$;oe#CeTCToWkQK-Ey$KoO!-Dm4|X(LXpo zBv=>Km?lOgWIGvI8JL?G`5A!D;$muIWMtTGUzWKoZ;pLf(dB#bSt|N(7X(e}kJ8WG z>99kpd&dutNvoHxDBKp$@G`LUqe}7RNe+CQXH1)wILps5F{k9s#ofDJ$nww9aXmjR z#Pt5;CE>=EeVf(p&RYNCTgUHH$7faZEdPA_Kyl`s*NGq1QZv8AzCHW9SXfIrf2%LsJmyJ8UFs?xJ6lcVs+Q!ikR8&;x?~Osj=s+dA#Vs#y19L zOp~QsqRt-=xoWeuQphwy)BevxH)iW6i;p}FEnYFTb86grS0-jg2FArU237`~z`&Fh zW??d5FyIC;`B_+)nV5eVD1bPsjEw(TKvBh^&Bn;e%FfIQXK^5hFECDl;mgP%b>-$K zf2L10fyb*>t?V-BtFUfUoMKvK)iOIbY?7sd@2`!nU0zI2zn^5C)ZTOL)A^o1`+_{T zXSkmTJk$JL!})V-n&O_)R)gwGkMHeP4Sm0@CR#^+{&d?D&ab5Q=RZ|F+1>ge{AY+g zqyOu}pJq#D+ZukI^=bR_B2NFZxi^)T8Ve-&(P9$}`P)pZi0MW5!+1Oc0L%D<+`CwCQA+$=oPJ@4(e LB*RPJHZlMJso^sr diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_OS.pem.certspec new file mode 100644 index 00000000000..2a331a338f2 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_OS +subject:ee-EKU-OS_TS-int-EKU-CA_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_SA.der deleted file mode 100644 index 7554f0b246821c10ad4b8825349a0e326b59c483..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6APo%qp1eGY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@`U~U%#939O$-gA#CeTCToWkQK-Ey$KoO!-Dm4|X(LXpo zBv=>Km?lOgWIGvI8JL?G`5A!D;$muIWMnv=a-dXo@z03|n7X6S+URgDj=k*5Jt>|) z|6l40|1HaF+N5@AmH*nV60xE9-7)2jT;2iltIz-Zv}bbvx&Ox}rEL54#n5WP5=&>V zLr;Ub^sIv3o0v>5?U@|kw8zo$kLk)itR`{7CK59D+5WZ`{!w97O%OV&{7L2C4E`L| zD)szL-`=H{o#A0H*Zi~DuvmF=)23s(G8GGAk2NePbh~w}u3+B%D>Lm+9M0-8_f0#t zDDrLkm0rs~2D`7CiyWS{=3}Ym@{bbR*FW7P;4p2mq-^dv&FlvO$uEP`|2IF~ChgT` zq>{yGoTFL9>+Q^RurgV*b-Kffw^e)6AK9m^nfy~)p?lV6CT2zk#>F-URtB8Fz?2nc zVKQJa;07`ISy-5vn12{3fHmRb&ddpCaUh2;FiwHt%g7L?pexgt z#@h6b{qXc-2{$uVpV@h9(cGC^H9ha^pYH5`e&ETB68A~Y^P=5qZuPUtSjsKm8+|YK zulZ)Rsuvpfg{&^|o?N8ta4@Bi&%|a>DOxt9Ls1ah0zU zFyL&CJ3OQGN`=!$LB&r?L@NEZ)!m-yAS#-;Q|f~6)Ff54>UgGB34L>uI~oevXHQsf zb(_Z2UbQ7+_PSgJ_12(&lC$=mtaDe8Vp})=idXBBS*IVGPg*Hp{^PS#r1&DI%uUPh zy(;o@l@D`Ot2B7CKli@=jayaH1)eV-&OOY2|JWASnq^0sq?~q@rcOV#jBl;e1FiKu JHlJSw0syBABq{&^ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_SA.pem.certspec new file mode 100644 index 00000000000..f79aa4efaee --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_SA +subject:ee-EKU-OS_TS-int-EKU-CA_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_TS.der deleted file mode 100644 index e3ebe6a5bd9b0b620a00bbb3e8c49663fb9ad892..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AR-JrD+DdY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@`U<3oZC~U%#939O$<$<#CeTCToWkQK-Ey$KoO!-Dm4|X(LWfd zQ5V&iCPpP>I~iFSn41{+8Gz2>VrpV!WVqBV+5FGo=F7Sh&4;>wGftZGk}dOri|MN! z51rq;TeW=NP`@X8@nhfJB^l>aSF*>?j{Wu2Wj#~;1Bi z+#$<7gX=oxz31QY#n~dd^=nMzte|Cq_Z#*G`b-FmJ14c1$^6P`ug3U;!TVxQtbQbP zq%x~3D&%wb1e0EkMN^#2o=D90TBm+*lE}TrJ?^S+lmD!9xvgzlptP)t(`ZM<#fJ-7 z_e3gf2s`+O=hY^+4RfW6UY}euXZfYrH2t?batw<8Z(+P-`+|Ab_9=m#w@%F#Q+yjE z_y2pB{l0De!kOH@qTd!wl3P80{i`>N7V69|*O?mQDl0fio{5=}fpM{oft3L#Ffe6> zS(pqM47fo|eijyHCgvXo3LuUuBjbM-P*ibfvoW%=vNLnSSscjW3yf1>_%bro?fE5s zY}&P`$;uDSq-HwpJdi2=%$N6RhfyRnO=9kg>3CrZQu;ky^#`hnEThj(p{q z$;_;CL^*%`0{6I^c9tCn3f@TS#r$5j_P%I{K2x^Gqo+?!>Mj)T`S7EYdHzg?tnE*& zOWX@rT{y2NyC`k9-}|hTrX8XiKeuiQJ6U|{%zCp|yDZM`E%-lq%SpA|^J)zZ=9_NL zan#N^w4^}$wv=H-N1pGLx9N%hUL9T=ZhvsG4g1@?#r~@79##nnNvpjiPnxku7qL$I K%y(I0wlDy$Kr;FO diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_TS.pem.certspec new file mode 100644 index 00000000000..09eecfc94bf --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-CA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_TS +subject:ee-EKU-OS_TS-int-EKU-CA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP.der deleted file mode 100644 index e5ffb7f2fc286e9e1e109584249e70290ee6f1d6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6ANSaE?)y)HcqWJkGAi;jEvl@3U&DMGI>%#YcZ%1p#MQZP?QeGYS{jRn9 zoP70tqHL-;<(^Y^YD8=i*EzM*YQoX<9c$`qD@#6v9rV8zIO*fHh}AP^+@JUFW09!l zneTV3WKNYVtiK{(x~?@~J^zi5TN%unw@9=v3}>p%N#4$3zCC`;@hkV=p4R_q=&nB_ zJ!6LRe;vKF+9Qz{u9vLZaoXkP=R>9DYFBjiO#U8Xy{h7VXG7qwDYXY#cL!xgEYH?F z7AfzMxl~!O>VfGLwlnY5ny1-{+L}#y*zo>$(zo4DBDGGgTWRd%ptya_+p5*I(O(); zTVE}n)4Kf0`9Pu0){h?L7jqt*=RC_Un##7plWqP5j)hFjj0}v6Z49goIDsK4E6l=V zz+k`)V)C=FFf%d#Fi-$-R2donvxpgpuyJU!F|x9Zf#FY4lVNL^>H+(@n;{As7tT?i9Y diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP.pem.certspec new file mode 100644 index 00000000000..7e61ca81d5b --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP +subject:ee-EKU-OS_TS-int-EKU-EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP_NS.der deleted file mode 100644 index 57351e7936fa917ec244977c6865f3cddafb3903..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6LZ~@Nd~-ZoLX%jZQpqr8M#>*3?vN23`E$NLs^)4cr)`# zbX~nebzKAE{elhT#CZ)(42+G;jSNjqj0~g1d5u6^AQQ|rP&HIGP=x4|N=*f8^bd{? z3D!k5rioDr*-l1Q2IeM4eg>ecxR{z485xcF=G!&E*wuHeGyut0O#|QG3yk z1eH4bbSAXU{ePQMMjuorR+|+)~Ieu;Xr_vqY#GQ2t zQ<#^nlDTjyD9VK`I6|~pWKZVuj`F-URtB8Fz?2nc zVKQJa;07`ISy-5vn12{3fHmRb&ddpCaUh2;FiwHt%gEqS;58-o zlXlcv;iYQ>UU=FRX9_Pp_WFJk^L?MFI+s;~pOu45w|<$mRaQB9!h^_vB~I$j+TklE z`f+__X8UfhZj-y%DPW23i&dIj#%wEVHZbI;*t3TxzBc`6^qNb5-D{g!A76&2e|cK5 zVom*XUhg0d!^qo!Ji4~R?&WAc*T^f+jJlp?dv%1%5lbIjwIk$fb zJKT2AbK_;EM>kePY!<0yEW5q(b;dbPj_!9JEyc5y87?1{%}()6dGKtShj~J4)H#jz zrTnEEH@GamaN7S%#-2}_0UmQM{c$v$*R^}j+|}M3&1-+H*gtnV*G}2IIj7H9BrK>_ JZ?HWz9{`UzDD?mU diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP_NS.pem.certspec new file mode 100644 index 00000000000..8f9f9becf69 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_NS +subject:ee-EKU-OS_TS-int-EKU-EP_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP_OS.der deleted file mode 100644 index b70123d17a3e25b6df6e936acce865685f7f4f96..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AP15)l~ytHcqWJkGAi;jEvl@3L4_->XGPj4%FD`=l4yH?{N>qk+z9Xs^xCXdVPEPrrNEZXD|FcnK@T3^uDRz$GLxsV{T8? zzh&o^9dO}Jqn+uj32S#0?poR2mpR2M*}^$xso1GpP4V@&nV10}N(8>x9DR!MYwX@i*;o1fJ zuxB&=IZ81cV7x9W6aACn?RpLOy8I;qL5{`hd?nkejka?yb`HECcT3J=kK59D+>@5E z2expn&4{v)`7>>Cfl)e_q)MZQWcS9)i+&!xGFLB)<)g~=k~fpTUOczb_2TQrYvP;)5Lx~U%#939O^hs}#CeTCToWkQK-Ey$KoO!-Dm4|X(LXpo zBv=>Km?lOgWIGvI8JL?G`5A!D;$muIWMtTOQy~9L+Hwxdt=(^5FI_0`V7Zr0?Z?>> zarMGKqVFs?bvn209RvTvXNRH}6dM;wHBH_*^~~ytDyGCuv!M#c^I{z)( z8(&zpPxiEv9_!K>BGpYREJAlCI&7+QkIb9#kHU?G(oWQ`8 z6=q>FU@+hYG5J|on3u-u zEzbL$TMmAI=M_*ofob)WrZiBf1S74Xt zuVo#APYVOTO_+E!+1K0StX3L-DqH05@7uzTv11|n?Cp)AZiyqS3= zx~|@#x~>87A;AW6;=G0?2F6C_Muw&)#zs-%yhb3d36yJ~YN%|W2+=8(nhMtF9}Lu} zi)u_0qY|>6jI0dIO^o~uKv!`wH8C)u$#ONpU(j+twaOAu;Ui>BU>tS^n&FV8tm<8Ow&p9w{nd;9uECR`mntIRgUokvB zw`tmM75jqRvlBRq>|fPycx-*gctgdVN3|)dUG7I6xR}0Q-%9Fg?%PdOljRz{F6t)XXp{N%I9u+Q1N}wwD;}b6#^aF=fv2k zDDZ7?J-AuA=1kHU?G(oWQ`86=q>F zU@+hYG5J|on3J|w* zJ$>is1?tVSUnZ%tc&@a%yu{E{?T7QTO_x-ned_+qyja}v{Gi0_^L&51mV553f3k*g z+LS`ev@IviJtur_41RIO@=V5@_~0KJ{xu&f%8Gf;eE%+&aN{D6+zywGFU)4WJdi5w z^D*Xz%!#1d&s=_tXXLtkpTE|wu}A0co4?P+L{7~4 HEY%JG94#rE diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP_TS.pem.certspec new file mode 100644 index 00000000000..a967698dd38 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-EP_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_TS +subject:ee-EKU-OS_TS-int-EKU-EP_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-NONE.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-NONE.der deleted file mode 100644 index de83423991fcc0c1917cbf0ac0154e2acba1449f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 761 zcmXqLV)|;(#CUfBGZP~d6AQzgRqY16Y@Awc9&O)w85y}*84Sb?MGb`6m_u2Zd3ZAO zN_1VlLv{W9{ag*?#CZ)(42+G;jSNjqjLo9Nd5u6^6DZd}#ZbvW0isbdH5IJSKR7-l zSQo{VCPpP>8yQ&{n41{+8Gw%BVrpV!WZ0y3{e4rsqQ^Ie;J{VkAwsu#>klL^{PkhW zr|CZ1VkU%Zw{B|D=%2y-Tl0OpX7yd4b>CauVl=)=$n{oF&sjOAO1>cDn|WpHiwP;= zswU;FF>|$Ms>|Czs>R79j^}F9*C>c&TlBg1pHm zkI9SHe`=3B<~^yR=Y~?k1}T2=-?nX@(ee#!-!|I`l^P!W<7r^NX8X;%Z#DfJ&ifox zxxd-da>m6#eW;9&rnrGA*yejB|BLkyfx_+$4l!EO1lI-pFGr^ zo3-VxUMtI?O~>Un7G&L!uW~$esy5`W+;6`{`VTq7%d1}9ns~75+ov;v3!08jQ*+YM z@otU@&RM$Px4|0mn!T;tZi+wLGWl11fZq9e3-l&md;g`oaPd^$88fHt@BM!0a&h&> z=(m9j7w_9#(YEYrfzitozQRl~J2Ed+`(Al@L&fj9@-r8;r&?Fj691TsZJc^cYPtK$ LLw711ZyW&tSA8>B diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-NONE.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-NONE.pem.certspec new file mode 100644 index 00000000000..d0d1a4ca430 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-NONE.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NONE +subject:ee-EKU-OS_TS-int-EKU-NONE +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-NS.der deleted file mode 100644 index c3da95ae2a40467d8b56ea0077c5dc5c179ee598..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6AM$4%@YG&HcqWJkGAi;jEvl@3*KB--p5Y4o3b8eTb>JdxKqu$=UkJ`@@4BBPrCE&y=DC1k%!kDq0RqZ2L>=6En7Tg zhLGlypP>=9>9*yXKJ#lW!ECEDvEd2!~PUzMZirhU7kuCrIG?mDpT`!Z>t;L7Nfgv;0GvrE5X2o|kzkZ z`W|cdYn7L)Zce}dN_M&r^Vw4mbOjG;`ZVV}otWLIAG#_(z-NwhuF_WS?tN2UT{{_H z{_5Zt?H#NdEf1e~c4~y(_`Gng^{bR^Yc=bht>sVM^>jHCGb01zVjBZ115RK_$_leE z888@dgP8m*EX+*IKMWK=992ff|14q#B5WMmY>cd|?97~S76)?p0%H>xzKjf28hKya z+JBs8&r23JnBvhs+t50zd8(t9Kuc29H%U!>;k=|C=3t*=46e)XOw>GTby?|hqDK3k zU2}7P)h`o|P52v|ksYRGn^DxOB)|N`mZw$f@AfV}HQn;q{QQ0CVbcN+%{rUhT^|!2 zw$38*n)EFRmFS<}YWK_W&A-d=c-?mC(BCU~>k`=HGFC4NzW!sulhRghJ1B;R)yxo>`8k0oh+VB zv#vTQe3UBwd_~UEPls@4B^HEWSCl zePu@y$E;7gZg8m@&NX@~%@uysfI~WLvU77|6_b5Hp=xi4p4*yw?w=L;>9HbLr$w^Q zdcn;)@mA5!nHM&`;pux-oilZ-jL7eMl_xBwmR0wE5BR_;^6PS(;L#oP_9!qjUEbXM zv}^Uty$z3kMLd49%BZzjHt_nkHCnRq)9&+s;B`p6#<=mF^7ILvg+(pf=ewP@P<*-S zgL#T)_sr_n+8SKfiH#^t4CU9dy$A^(US;;+C0tXR>MFvTGj7r*|v~wX5Y0 zJs`HXyjb~)fT(4z%ho58OFCMd&o4-BT%jJwosr|wf3(4viJ6gsaj}hol>sL(FlB{V zm<$*UxIs*Q78YhE<{t(MAdV^{<9`-VRB>ptF|x9|E(m@=BVdZZv&Z_3ro^nw_W@*O`v(UnQFec;q%I(BbOek+&Hb+Gn*+u>FU)@ znso)+N?k=5RdU5d_#At0G5ik8GHL8GE^`)BPoAlE$w=!{yu*VByN|C~cC!Co_c`t} zA5YDHkk+;-qE}@9hud8n-dz8Aq2B9q*HrbAV;N`HPb^(_zI9Fd9VcI5zp6)S^Jm=I z)qC^z=L-`riu~+Y@@`39ZS|yysT0o2esgb-HM&t{!=@~U%#939O-#(A#CeTCToWkQK-Ey$KoO!-Dm4|X(LXpo zBv=>Km?lOgWIGvI8JL?G`5A!D;$muIWMtT|M&Mbk5Yx1WGg39@zq8PcH+DPIYq>8v zCovje=ee2`w`&y0jbY8E}{nvUXgzunio-g+EUIilb_dDF{_ z>Z>gCT&>>-uq0+Luld(^^<<6HyJJVUF~uD+G`XlKlFQM(E9riJ+JTiXW^ni%J=S$c zrext|iCO(-=b9BSzDbTN*5Wh@0gOq znYg29vzn~o+NAYwrJgXGr>|-KcjL3dL!~2qm+$Ay>i^r$t5PQRjOEqiigl9BJ^>Bt zk<71Hrrx;vA~f%id9s9??K$J~U%#939O-v1<#CeTCToWkQK-Ey$KoO!-Dm4|X(I2Ey z7uA?1MkQoB8Ce;an;7{SfX?D#YGPz$*p{5YvU^p@L8~W54$X}b+?yw!%evUOu3B5c zD81oS$g>I~=W}Mice6}Tx9d!O@^?X_#=4%>tW%C}zSy2+;d@+*Z_9;N>FmQ1Gi^>B zSJo}?us-F=Ca0@@Lh0bSpFiW}e6KmY5aVyWUAUmiw}yM45N zazAQ0{c(1#-e!9j=D3p5J)g>VGH!Z!O)ARe+=1R578{Q`Xc{j$TDr~s8NV7|&d12r zahc(nR+qW^)dOnoe`tuAdT;%~PkAoCE`Ly5cJgmyvVPK^f=jEnI!QV@8%D0Gn*1>S z(z8RG0(R%KOQuKu+_9WPUCL^YO=`fRYbz9-<%8Bdc*(@f$iTSR#=y#e6BwAX!YoV% z3?$a#vv3sxfzie5%vkZGaWvzH*F=67v^n2UCO~s8 zn6;{>w@aj6+_*XYtDxc0z{|V#m$W?!bBkycJW*mPa8Z^q)#Lx`f7diub1oE+y|eS} z0uO1=naut(WcS&yRwgMo?&{H&f0|^tPI!G)@%Kd>f;*-wTVa#8+m{sn%`j<_y&fwB?y| z^E}V2xoSSkzx}|=tBXRmCG|Ws*yJKovaC^u{ciXFwO{yzGE*0epLKkFZ~8iq)8@x) HYo`MM8tNzM diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-NS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-NS_TS.pem.certspec new file mode 100644 index 00000000000..61b92fe332f --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-NS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_TS +subject:ee-EKU-OS_TS-int-EKU-NS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-OS.der deleted file mode 100644 index 16cfe348d6eee4ebed12467c90572a3510419dcc..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6AMGjj9Ui0Y@Awc9&O)w85y}*84N@Xg$)GRm_u2ZdAKt3 zN_1VlLv{Uw4dldm4NVM;jm(V+Zb6Hn41{+8GsJrVrpV!WH^+(tzLWkgRe90l}H_6-Szt1CyBa!DLw`c*F+We zJmEf?;+Sp1dYQl5t4l>@_D|RIN7e>~sTDA$?9_O?=vv$U1zYwdwY0iB9c?+WIP98` zl}<%MBXiOFOa)^Gqc@SyjN~_(oCuwx`aorMs>cyczH>TjYL8~bF@LkSc>RXI`1}{K z4KYuO*uE#f^25-@ci+upvlh$@?Nbwx`(vQpqs6Yl!=rk44vT*H*M0h{ZfkWXSt?1~O`m1- zj`xQd$3DKFd^%6oe%$q)=lLp?^}U}Dd6h)iOB_~ZVrFDuTx?@tWxxpxNm*eQCIbco zZV;27g@u`k`GY_<(^m= zslM%zU}%_^{`d0#(%7rQYfo~|+oT-GS8I3m376EZfYQ#+>x$dkbr^qW?aot`+$#Su zDkpf)bN}mgdQ!^0Q?eQBk8~em+WtjsCdcX1zvl%h>20;RKbillhD@p^~s*$X;H3x6D0_wM7ZBM+vAPQCHx!SX&?VY#x?vo`h| Gm;(R|Q6aei diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-OS.pem.certspec new file mode 100644 index 00000000000..15109678599 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS +subject:ee-EKU-OS_TS-int-EKU-OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-OS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-OS_SA.der deleted file mode 100644 index b4acf5a191a01c99c9d87fc21678e38de44e828c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AR<4Clv;~Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv{Uw~U%#939O-#+A#CeTCToWkQK-Ey$KoO!-Dm4|RF(g92^U-NAitjk^a)XLU! ze$4uSqYOsTH;$aFP&MJkCz*v`g4i@-M@3n=}(MBLm}N8v`o?PGDfl3bQa7 zFc@%ynEWg(%uLKb3=}{dRYu1DETE|3&}L&~Wo2jPgtIu1!xtE*!0=^c;C@;xwCzH; z@|vkD9=Y)0I5uMWw*+8?zrReAVo2yJSw&!jI3}KEHn%(E01*u6=sN znITt`PfpFz*z=ud0k7b;ru}CEUpu-fx_*Ccudco#N4i>;zdpo#%}mB0_iy~{5Rvz zcYk=>cCYImH4AC;MfG>(Z&|#pINJPdf$XvEobM(k|7`lSCqe(^rXrz-xp`G@j$PHC z|MuaAy+``Xcbw3g{*UA4k@?pS=*hP&_$H!oY|n$1?r;3u&cX+N1g#KhnJ6^PY02XW zsR=VDi&b1G{1hKCr#WI{+9j*$pTk!^XY6!0?TsxhWMXDyU|eitU}eAw3`|*J7A6A* z18xwLpM`~)iTQ_t0*Ir^$oQWH6jdDBY>cd|?97~S76)?p0^<}IzKjfsFHUUoS-i*lap=i^IhwqO){WWp=Vg{){+Sej#Uij`x zzAy74OfRM;)!i*fz^HA>Rne8TpI-KO|K4`f9&=fn?^G6`Of)OBQKpe G@eu&&)ij>~ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-OS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-OS_TS.pem.certspec new file mode 100644 index 00000000000..8ab8a887770 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-OS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_TS +subject:ee-EKU-OS_TS-int-EKU-OS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-SA.der deleted file mode 100644 index 4b3ed9a21a5c12040e809b55153ea0a6318ece1c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 756 zcmXqLV)|gv#CT%?GZP~d6LW;#egj@MPOUbNw(q=*jNGgY2BL<-27+wNp)AZiT$y<# zx~|@#y1|YHa^k#(CI-ev=0=95rUoWa;=D#6t_hTDpk%0EAP3PVo|+2Q^$~ANJbo>0jPsIeXRpH#g5-%6q=M%x&sC3FEtO=lNCNu>A7B zBzfA4Ia*5d6YZTP)J~oZ)R?WZZR4ScmTBw}Qx)&@@vNzse<$u%$C=G?DSL0$^u1fl z<+pp|1#Lr@)H&MkFTUM4G4S>$Uf!gCQ!mYA{9qIoQU5G1WOr*{iNlhtS9!Y^I~HZD zZFi6|4wYE3_Q3u#4mT?J)4eZz^ZCQdS}r)aezt37Zbw*8 z*L^Bt{LOP{a^#=>_c{y?n#*HYR@Q!bp>s%Oio&YJr8sl76laF-LEgH-w&#>SX2cqLNgbau z^W6mb-(Qbue4o4WGK*-m>HfBuwnfb^;%|p9u;0|vWydY1)vY{f9rK!Bek}T5mRVj{ zCZhj#^_vgEpY!>B6b-!&oPBI@z4XA6(x{g<9`5Un+9!uBauKax{dj)t!Ebz0r^CMd zo$OQb&@TFR!L0zj#S4DsEcH9kIj>&+t5(rtTa~p5OK&hN`Ljyc=*~j+eR?MzNr+DO zzGmli!T9_f-3F6=5BQV+$}Kt1cWGnab{X*{x0hs|{ms6+$@?thlhAW63wbIgoccB` z#q8v=)AjSbQf{c#SwEFJBcJn5 zS(pqM47fo|eijyHCgvXo3LuUuBjbM-P*ibfvoW%=vNLnSSscjW3yf1>_%br^EI4<= zeAU0hTLZRnhA4=yEN^4(SM}E3!r(to^o|}|?d4D5sYVtL_IRp4esccJMS0tQ+0jB* zuGT*C+4`sRnc@n*%i@J{wkIwo<;jQ2MD}qn@H^eb%^?t)))%Pe^A*z`9lv9Qj(^mG!Q|lcrDb%NnR7Q&?`Rnpqo${Mre6HEieCc{V8$Kq7 Hi<8O$S{)-= diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-SA_TS.pem.certspec new file mode 100644 index 00000000000..d80ceb4b4fa --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-SA_TS +subject:ee-EKU-OS_TS-int-EKU-SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-TS.der deleted file mode 100644 index 0076eafb0bcfce8271c5876be0f05fb37da29a2b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6ARUINOHcqWJkGAi;jEvl@3wVdk;l2-hKBXBIEV_ zE3UQcH77T&d20FOy`jdOzJ2ck65bTqhuqLv?wy%;%(MK+fvt8QPwo1+a;MCS>34UP z9=Kgo{Lo;7zpb9rl53{lHVGBHIov<-_772Y14~`rk4=+Ym`ocEUQdrHdDw1m=J7Hn zZ&Jsm>kqj8xZPiJsAo1q^r1!l?ZOS$tY7ZZP+D7;x6i`f#3S$FBMy%zqW_-TW%V5v zev+ibg)8j~>)uQ_TyCA|Xx6%H%d=!# zweG`9Yzxb+6_qyTc5?jhQ{$buax-hr9fKn0l?#?NKU}I%RJYyN@OrbP_Xio>eRY>C z<<7nRcVJ1lv|Zbin7t>qUEMDF_{-Cy$|aRW8!zd^s#Hfc^%PE+5~Zhp%UqzjI=<_Z I#o5Rp0Q+JtHvj+t diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-TS.pem.certspec new file mode 100644 index 00000000000..cd6dac231ac --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-OS_TS-int-EKU-TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-TS +subject:ee-EKU-OS_TS-int-EKU-TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:OCSPSigning,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA.der deleted file mode 100644 index 8b32ba11efddc672a722cd4b643eb12c3e34a21d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 744 zcmXqLVtQiG#CT=_GZP~d6ARO)DwB5TN~5* zPB!0_FKIjdx%J4Fw^j1z&)?yj#G+BNw<%A4ns>_oXsfM4ydfsnE?$_wb8nTl?eV^g zC3;i+`SN#syKHz@`Co!~)e@(cDE72Jx2>o9&WsjHUG=ZRZCbm|jx^WKvIoi)l{ zZgWbWUR>9+J8WI^eaS`ob8^C@Ca>t3Z>Moeezn`P&&IrY4aUGAV2tE`%yYl0@4)l8 zhOc`Lr-@2@uDw)@9&W;Ic;U)i8rT?C|=(1q5 zRnZ}~Z@L<<>%PgHjPzZaGADmtvoKeJ-V%lMlT6Hv42+A73=9l7fx##%%)(^AV89Jx z^0TloGco@#5Cd^k85#ex@ECBhacHwKva+%>Ga`p7Fam+0%E;ik>auI=%Gm#(YnIIY zuyewDbCVyNB}Aj=t4`sPm~6`Jx4Gi|FR7WH!gpdh&n;J#sI0qNBIp)1m*aro+vAt7 zFl;|}{`gbnh|^`;*rd$wt=t}esC)CxNL7<5B{f`j;aWGHvuB*Ssq#WVlFMJ`|J9Z6 zRp*|w9jy;nbjqFVwU0^rJ0a zebFhb=JB^+aoF7)Al{qrym`WegHP^D2rTB|a^k#(CI-ev=0=95#-I60(JitPIRejQk8hH*qmFF)}hNYOud|TR4>eT*|p+`*iu{&8l3qaZ^6qY5Nb; z4B{%fy|bqm)IE1jng3vxC(FCPAGY~T`g(tNLCHa0)n})y7wr$o;!hEuf9zqsoz4C; zYYs+6ZB4qSe@!ee%PL84fxF3_TYJ}DW4ruPu&YsUif-}?rWqGpxF)i4niN}Soyf5| zXKFT|>Gh@`S%<5pzP9J(;9GS~Bk11ZPksKDZ_Zp^z~QGkKf3mtmGoXNv&qZf)lU>o zc%W!m9$@kBW821trv`Z@x^4gG-M=0ztXCqQ(3vAES0DEH+OOKn9UFZ%H8o_ZuKMug z>m=zCk!^eAbho=3CfKsttq7cAut9`fUgY)+o3q=iS28g(GB7SSGB7aU1cs!nFbk6b zg8?^)$`5HZ_eiJNlVb5 zEq|lbw^w0zd0^nrBC}l4kn}yvCO3QuTWW5>v{9z6=dk&QemlV@;%8-8&S%Q{F3WX0 zGEZH+VdI&jrQCV#oB?F-?uV$Dc{H1+1IQUA}7X@ky(VZ?D-lCD?A6 ze$BBZi!|~$Tw5|fJmX+Hl|Ea+bdt>U8cU@YR@dtea!gpws@It`C2(*3Lx*Pz3iT!f E01&Sq>i_@% diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_EP.pem.certspec new file mode 100644 index 00000000000..83249cf43f3 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP +subject:ee-EKU-SA-int-EKU-CA_EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.der deleted file mode 100644 index ea688f6f18866a752ee93a6db70140520c575b1d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 773 zcmXqLVrDdGVtl!PnTe5!i8(@RsR1t=r&gOs+jm|@Ms8LH0~JFh0|hqbP!?t$$;`YG zU03f=U1!I5*MNAx;CTPw_+ZEQkYEEjab80c17jm|BSTXY1H&kBULz3K1j;qgGt@EA zf|#P5nhG`~*ijd^c}#@oI$xx+?BpYTmuj{PD{`DM-Vky`V9&3W9#0njR^1#| zzCW!``2Sjk`13!M6Z@XBsgzFM)Nkj1#((YMdhR0aRd3$GzzV}<<`bj=%)}7EAfxm0o@9Wl4CA>DwR4 z?W%Znbiv`I#wWYq?D_KMT5rW;+eKSeeY8}2*CF!eLMWHavfWo-#obhQ-aT~(R|AiJ zxT};{yvN0}2j0Ft^Hp6Vf5r4;(dV>Mq4Q9 zkX!nW-`?z(-wJd!z5lSpAvxOaXK9tt#OqI(?;rcO$z$2VJQ?8|&XKh~Xlv*zbcp?lf0*L8O8 Q+ubw!+V0m?ZEyYo0M}DCE&u=k diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec new file mode 100644 index 00000000000..c3e48ee5ebc --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP_NS_OS_SA_TS +subject:ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_NS.der deleted file mode 100644 index 26e86fc057741e8bbaeda688d858dd7a02ce31f5..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AP1lSe5}V8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+e!oc)wr+IdNV?69Z!-b0b4j69dyIab6=3*96KnP%>07kb~$HPfZ1D40hB- zHKU193E4tMRtDxKMt%mMo4A;o7#SH>UOF~4Vz>0sHC*zOG^ZbUaiEX+@5!4jDhA8X zebO#kS?bid?TAhNCOOe@O7F$o_OXF_+OSJ>%XY+s&61|2wg7Gi7@FF>F@I%!*leKZd#rEIT+!MQ{C4M)lpA z5uNuxZB9+Ry5bDyQ_UH9t>%#{FYsSGo$obYymYP#PZAQ;X!B=cW@KPoY-C_yzzGaVSz#6? z0|onUWp$Agq|X?UTRad6E5w+P4I|Cda;(QaQyQ)ADS`Bb8I%cmq=SKRl}Yu_{5N F8UUDaDs%t< diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_NS.pem.certspec new file mode 100644 index 00000000000..76fec7c8b98 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_NS +subject:ee-EKU-SA-int-EKU-CA_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_OS.der deleted file mode 100644 index edcaa7c3544a130a56454ee31f3b2023a5bee6ed..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 749 zcmXqLVtQ%N#CUN5GZP~d6SJjXmH{str&gOs+jm|@Ms8LH0|`Sh0}(dnP!?t$-psrb zU03f=U1!I5|6l_-ab80c17jm|BSTXY1B)neULz3K1j;o~GE^{-gXk1bO$BQVcGN{R zqlr-o*+NEE2IeM4eg>eExR{z485#Dn@~vEzS#yu!qVe|w$$MScoNk8g4fNAr`+WAj z#!Rp5j%D(5Ju`T%R~|2Raa|d}wmkdrJH5a?uX5j-Gk(Z9(6v~=Vh*!@$Gyu}&(zq+ zx{F?5;5icaEceK>t&=nJ3u8Wb?46vtXYNiNl|Iu0@rUHrOc3Eew@&oCB4=p9@lSih zJPwv@o*7%!&h9YHVxHWGCk7?5hwh8<|6wqgAe9wccWeI{qo(cKm0q8EIO}v?qgAg_ z+SUfPyn{Py_I>8;%zdV%ab?kJnYrBlfA}l~9%{SKoVWXW{QU4LrvBY|@8x7>YyE$* za9P9ejsVvaOW$nWzU$(n2Q5nM?vc}MBUaz>Vm&vtor#%|fpM{sfq?-hFeGJ#S(pqM z47fo|eijyHCgvXoVjzwxBjbM-9s@2m4sA9@R#tXqM&wWhMk6p(85xYrrmbG&wfYjv zw4>&Y2d+JwJ6BKk{gL{__1uXJEon)!1BHVdMRHHwIbrZ|hdTex%^S1d9r2= zf6kQqub5|wDVxsz%pfL_ztVht`BUrJTVHJz<(*L8EIdnN^*zhg(?3d=mB#OgX$+No zJ;Tsr3D?PkAxV$xpu7Bg2hRoRhm(z0SWkPy|ES`~m+MOW^4D#qi=3#6S};qd@h@;1Cx F5CB!GBzyn> diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_OS.pem.certspec new file mode 100644 index 00000000000..dd137afb1c6 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_OS +subject:ee-EKU-SA-int-EKU-CA_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_SA.der deleted file mode 100644 index a798610e764b78c6f9de02b848e1433ff08e5729..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AR<##jXatY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@`U~U%#939O$-gA#CeTCToWkQK*>em) zWdz%H&A*&EtF-i5K>Ot$(XTI-&ks5yb@JxLY08JYkLXP}@_lB89`hZhM!lnT50v(W z-nqrCyv6FN<&TK4If@(f%D#Nu!Dniv_hQNCWLYI&4TpWYt3}rw`gt*IEw9C%m1S<4 z`&alWYW?{-)7Zx@QcHlzbq(P4^$X@P|;dG_e#>%RU&h=McXBIoqMHw|0WYNBLm}NBLf2iPGCsN3bQa7 zFc@%ynEWg(%uLKb48%YjRYu1DEIbBWY#iEbjI6Be%#6sP3XDczs4_BW&)>Nv@ch-Y zbrll}Q&vw=GW3l(yl~#K5GnT`2g4?*cLWIcFMqM?#)vFZ)AN|VBzyORxzlQnGpx>LO@1!J&2dvG)$)A*^CFoOO(D6P zrf)wWz`Z`oJ@ot$#;r?YpFPmMc5Jri+BfeHyw^LXz|>1nmQ-+!KO_P={gZQG*DH7&39O|O}K#HL-sD#<6} H%cjQwkpVAb diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_SA.pem.certspec new file mode 100644 index 00000000000..e950251153e --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_SA +subject:ee-EKU-SA-int-EKU-CA_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_TS.der deleted file mode 100644 index c50009172cb952c96252ea39e0eff29f46d58641..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6ANRYDU$&&8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+e!o_>f=&IdNV?69Z!-b0b4j6GM|Iab6=3*96KnP%>07kb~$HPfZ1D40hB- zHKU193E4tMRtDxKMt%mMo4A;o7#SJ1uMRyOeAM88jFsS%4-T^CpUwV?B`)(ww2QYi zz9gP}mLsElr}Bb{H)hn%_xmbrTkt$+{w>=FCiYH}g(~8Wt?I^AwpG$6zI{3VU|DJL zxq?T3mHz4f*zXLZ zf53~>ZO`t0Ki^t@Lb@m;K=R+yvWb!Y9}-V){^-dw!T;3di?c4AO)Ogbv^7`M=#1MJ zQ-S`UjV3#0K6+d#u6*0hf4RM*^yIIWO_L&pT~;S=;QV+(FiRrXqV>PktX!|NSxYVz zPd;F{I=PQC^Yd?Qj=Sl1*T4E%y6Cc_;PyyPDgT1!zD&%F42+A73=9l7fgvd?%)(^A zV89Jx^0TloGco@#5Cd^k85#ex@ECBhacHwKva+%>Ga`p7FdBiO%E+MeR{Dy2T>8|& zooi;QU&`(>l4uRt(ov`$lC@TfN5h3(AbYh*SxWbjnpnHo3m^C8+`Hq+XD<2wfx3yu z9XD^TTD}7c5tlcK6r4Ez@92kW+XJuu{`~rEpHkZOIXyF%?{KcUz2U%*BKw~UMa#Y( zV@Npp(_qTG2!`N}O^F`0@64PG6PZHn4{k16@AO;3>F!_4Nf(rU%oF3S`Fj3(WcsZx zPQUr9%*!}AKJM%{xMb?=AY9ABJ87FscwzbRbEZ5ug6mjsT?@YHnXR!d__OQRL*jG3 ze$m<2IpuB4oW>i=Ll^An^x^QXTVYwjQzod~eyuxg{(-BNvfJl%&X|32x>9ae<&n1< E0Q1Qz&j0`b diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_TS.pem.certspec new file mode 100644 index 00000000000..36163e015a1 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-CA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_TS +subject:ee-EKU-SA-int-EKU-CA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-EP.der deleted file mode 100644 index d97a14581ce034b015f6aca3813560cd6175e723..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 744 zcmXqLVtQiG#CT=_GZP~d6AMHCiCP0*HcqWJkGAi;jEvl@3~pMMH2-^e#OIB6HX5OEg z^6l#Un_ikRoIl^g)ZtyVxdf7NvJK8gIi-pSpp?`Na2ya;U za_Y?G;u_vd4+?ELy=6--HBQ19@CzWNs)TX9yfnnTC`AR#e*e* zs(F&jou_B+IkD)#rKqcS&T}4}aXn1p{pOZw!CCQ4%!~|-i;WBn3^;+oC@ajuWWZp+ z4Px@MurM<*|1b~(aa0)@|FiHIaItY{voW%=vNJOxhbk}vfuYLCu=2&>{<&;7lfPOB zT73>ssC&tC^V<%YxzR-?p)c;`eu!s3SezUGbK8dn{)ZhD)#mPe)F5`_bnoQ($F-L~ z%HcYA{J^hfTYH|hCSK92{@GjRzL%WtIl=H{>!mxaOqPe@id;9c&HzQcAi4D?DZ$b;#(d6kEF4TFOo6 z+z0DxoA0fi^4w8ym+3yY1KiH94te!T9<1H;{EiN5M)5k^ij1>A?)_c2Bd#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+ix6c)wr+IdNV?69Z!-b0b4j6C=YYab6=37sv#24U`NO4CEj>#Zyzk8iO5m zQO#&#R6@3pk(GhDiIJZH=q4_vCPqevMeV7%;x?=D4t;KFwKC`U(Inq%Rk(K}@0;HV zv;N*+qubG8y|wCPrQ@v>D_xF>>PMY-9o*1T-RPX>#yI)#N;O$qR>n6s{WX28<%?!8 zE;f#c%KG|jbKKJ<oK!hge${*OHRDUyo0r2Wk^XmF5j}c z^x#d0TPhYyG^Z4uTlTWN@BI$t6MNQ3&e(WhN^^))h1wgd{<-&e7d<^RLo4Crv7~vO zq5?+mUcYPL$hdRkW8Jfc-+XUo{g5k<&%d2{?wUgU^yN&p~}c0IJHWIf7Ke+ zsAS&55s@bPw>R7Sa!(iExb$nN%(p8)-#Q;lUgw!RcaQ((-LCu&-SX|HG=h2mXiIN% zU=UN@8~n}W)wMgdA;*?BMXRrhnrP3=zMxI#)*Ej{i3F3j<>!*#iJcRF`#}8%^K`K< zrOSSuY+P39rm^y8M%U|4SN1r?U*Va!)?kj=Jr{YF-qb}Cb5lc7vP;{AgS~U%#939O^i&U#CeTCToWkQK*>>Ib{+~M2# zYm#t=hC_J$@mATZi_`a1v%D&+GI$x4uy~#w*M`CXNA}o`qg<2b^nGeh;>&8&{d6Tl zh|7`v)}?s&H~XjAXfquu65EvfI-2`by0vWa%Xt6F#~$0*vM2Q%Wt!@*V8<=8!#lsG%{jD5OW6=eCDm>C%u7aJKE7;pkZQdXFS$$-It z8^q*iVPR%s{$U^n;;1q*{%7Ga;9}#@W@BV!WoKqY4pm?@0z;LNp=sOG--*p!m48l% zhJHLB^yE}{af5V)S=!fRjrqIfjjwi_Et{vT^YYiSD}V3auwHrHNO(nhP9bB}ZN*ND zUICW#6CeHY-*9>|hnH(ybz_flfUk9!``;-qpV%(iaCUV_i|^kDmmO8#N=LAkF51q~ zo4S*8^2J-9=1e>J<9}-``7du|5|5X}`a@y8Q8R=K9Zj zSo1pSZSRP0@qQU`m{-ewUydSA)u&}|eQKPoD$iH%{B}FE;aR54-Ip&iB;?~~e{?JW E0FJpMUH||9 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-EP_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-EP_OS.pem.certspec new file mode 100644 index 00000000000..608e685bf80 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-EP_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_OS +subject:ee-EKU-SA-int-EKU-EP_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-EP_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-EP_SA.der deleted file mode 100644 index 73bdcd6bd514043a64d98b1c148a632fc4e1b20e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 749 zcmXqLVtQ%N#CUN5GZP~d6SK|nJ_BAhPOUbNw(q=*jNGgY1`>v11|n?Cp)AZiyqS3= zx~|@#x~>87!Hx!U;=G0?2F6C_Muw&)Mix=xyhb3d36yJ~WT;>u2hk~>nhMq!?5K-s zMiZkFvW1MS49rc8{0u-RaWOS9GBTXF-&^gT^y0iclX|3_SN)&Z*UIK=cAd0 zORJ&k%aTmzt((7yBysHStLoe}x1D>>#_9Dz*KJ%g@=V!`Psu;>UDbcKD(AcUBGJDZ zKgFZJ>fQ+ZBC2{iQu8lU)ppJoJZrY3o^ko~jD4>4$)ayPo4ypW9C-A$t>1cE;ps-J zq&!DH_pc7$1*bKClq%iDZyf$+M`fo(;M(?jk6#t7VWC3K+Z8jbg%oiDv{L-%T~U*V44r<)#~ zv*-PMg714(#>wS7D&7YDWzRVslk&lS>bwP}&Yj&%%!~|-i;WBn3^;)yDJ#svWWZp+ z4Px@MurM<*|1b~(aa0)@|FiHIaItY{voW%=vNJOxhbk}{fuYLC5TB#nnene@^Qwv` zT5?Pi@9W&OEHH7Mo1S>!*ZuSp;XZ0Bt-h6?3w?cegUHMk6aRgkbM|48rEI9oCoQF^ z{^e8tEp6kwedq5}wTDL)N@urKtFGVVy83MS#zk8gVc`3BbxK2zb7Y7_IZlWRv%s83}yS?yYjyUyl;R1^1YEGV3wi%N{{&g zz1Fwi?2p|M7I`FNyWfZIIESZmM8!To-Y{j>PO*^c6AyHzmzg-vS~*i|Ys~eW**>p- z%bA_=JRtpdgPM1roX*E$^H1m47VdS|V)m19s(o^=_51wNsnH&7DXre@(i`-@x|_Ac zaUOsF)nsbcyj6~KBeXUhF5R|%a{9|18h;jh&KCU;X|a3OOw&IMS>I|LV_kTP%%@Fx z5n*>FQhG*JqT8lp*I3WzeSg2v*Ku0$cm&Gls{!+W@KPoY-C_yzzGaVSz#6? z0|o$ z>}v48_6m0I*0xu>?$?96nlF5=jlNsGv!*VIaSWt7a#RL=1J)ZHhsyq;ce+U?Vy&snqc Hr#%k<3LP?6 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-EP_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-EP_TS.pem.certspec new file mode 100644 index 00000000000..efb16343431 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-EP_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_TS +subject:ee-EKU-SA-int-EKU-EP_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NONE.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NONE.der deleted file mode 100644 index 0216a9e07a035a6958dae1745ba615d3bd9601df..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 748 zcmXqLVtQfF#CTx=GZP~d6AKe3vylNW8>d#AN85K^Mn-N{1_N-99-hp+ z5?xpCP+dQNKUV`eab80c17jm|BSTXYW3wo6ULz3K1j;o~G?X`xg=iE@O$F-e6xR{z485vHj_g=ZG(7Y^Y&cWw~J(DEzRte8#`*|RSf2*6) zE~W<+$&!JSKc<(iv%6mQbI-M`Yui*MUtdd~wQHgD@leV7B;gIpq8EJ*`$jyuXtH^I zQdZ9Cn6O`|{?F%pRGVNQ=9gevSLG<3nz{YVg{8a}YjpO1`E==S*@L5h%eCh2dHnRo z;{1=Xo>qsR_s-KSnJ=gIc{azqU;qD#@8a7wPj!Cc_JH-zE^0r&_|4i&m5ae?SL4y# z*aLSWmBm+ofBr6cCEuaUeLTx%p4=+zwX3o{_|{w(TX%EqqZQ{q9z43Np69Lu_s64i zo}awE^H=KQ(!W|aYj$^+ED7d*tMgYWw(*hLbKBZ2yL*|K85tNC8yOfFZ~_BTR+xp! zfWd$p#N=mTVP<0fVIT(Ls4_DCXW=p6V&l+eV`ODzXJ$kWRbV6nLzR)iwq3DnWkSeC z-l@eCBU@g*RhT9j7WedV?6jzWgQ=U^vywF)+nj$qaku@N4NnAQoHGt5+;8P``}+Hd z`HC0mvN~$Zy-Yal*WTQl-Y0yJ`P6&=;^912%2bx<-SIRlR z*g3c8cl;bayOmqk?x<9dGTS-PY=xD{l}&k-C8tVG`=)cTzJEKtT)pPZBe^!^rgGu0 zmMKg&!mBISdkA+PV*0UvVWp0f;*qm&@A3(BSIgX5`)Endhuh1-9cC%~cqTSS&Tx{7 z&n1Rc@vYkz`S;(x5Fc4~_#C5qU6%9o0J)3lhuq&Q%P}h~DL;Jpl*Ocm-QO$iHhy&u GmjnPLq%S1^ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NONE.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NONE.pem.certspec new file mode 100644 index 00000000000..f0c98f4b54a --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NONE.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NONE +subject:ee-EKU-SA-int-EKU-NONE +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS.der deleted file mode 100644 index a8033660d310f5f9e7ca60d26f39ebbacff6771d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 743 zcmXqLVtQ=Q#CUoEGZP~d6LWo%l>sjsr&gOs+jm|@Ms8LH15ra^13@YvS*>rIrWJwv8{JRh&3^6v*;`|LotG(KN8VCrn}mbi+fz1#N4p#S zb!@-Q9-T5}oBXT=Zk@)@uiWFW^hv#*vu*X=NG4`R2FArk1_lP4z+jXWW??d5FyIC; z`B_+)nV5eVh=Dk&jEw(TcnrAMIJDUqSy|bc8IeO37=gf0Wn_qJc>AzYJfwRU$2T*D zplHUEM`o?iy!!Tt{Fn5uTk`C|A=&qu`z(~Arz_2pJ$<;E>xS>LBNrc@znb~=8{cF5 znTz=6Ha(f5q&vesCGqP%Q`Sxk#A7ObqAQ|R^X@qeGQ zk51okwO-6~-#mO#f<*sjSs|vnYSCAzb+-y5eyzJPbH4C9$>gSe*~!10-6j<7n7Kst zyuvE`RUTz>7d)zs-*J{kE-~7LDEwvbI!T*Zd?y?^ zPksnHHuK8#MvGN^2hv}uOP%d9Pcd7dSE>7+!Kq_cHUKII BB?15d diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS.pem.certspec new file mode 100644 index 00000000000..13a6fe235a6 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS +subject:ee-EKU-SA-int-EKU-NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS_OS.der deleted file mode 100644 index 7907f742ed128b29e81686085052722e81fd7c1d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6APnRvWEdL8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+h;^c>iDnIdNV?69Z!-b0b4j6BFYoab6=3*96KnP%>07kb~$HPfZ1D40hB- zHKU193E4tMRtDxKMt%mMo4A;o7#SIkPxBRbak8|JakmU!`Q~J1^x1_+)TcU1oS(HP z^>=G_^^OnwJQp(G@{Cz}_QL0U-e1frAGm`26q6ra_Bk!Ea?bL3nI2CbM9pn54>m|i z{4JL9eEr?~V#_uA%%uJP%t^dI&GeH(#*0jiaKjt>I_BBV;nqFsYb3(@c31t(Z{^dj zUI{OA-7I3FAAE88T%M=TW^-0o%2YK9Wd{fcygDPkNN4t*Spi!ZrrUX5l#J2{ELtBH z=W|UO58E>fu9eZy(>UmRvdC;RLH~@VQr4uLmmVoSc8?$l{=|t@EF6+_j9+@s9i39kE&M z$E{;Or-_wSOilhjiTBf6Q5&}d?9GQ}^30#}E`8qoxXrV==ely~f1cJMetK(_Uq$pe zMGxyE?`A6}m)G83-q)rj==waS@c)EQv5)^85AeS}KQ$ngzjW)j{q_H~zH@I_`|;?T za}DdbzP>hD$B-1Y)!Uw7mskHS7ug^!W7lIFy!Y8%cU`=`NbSMp?;W@1{?LD%QW6sD zd#PSPR-vV{e7WHAjL)}MH>KXU_Kllp!M9O6xxd7xA-=$;dW*5*nn=AFy9BirlYVI5 F0swHvB=`UT diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS_OS.pem.certspec new file mode 100644 index 00000000000..59d4b5bc7fe --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_OS +subject:ee-EKU-SA-int-EKU-NS_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS_SA.der deleted file mode 100644 index 7d33924a740424f43e2187f3816902f9a733e838..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 749 zcmXqLVtQ%N#CUN5GZP~d6SKlXPXk^yPOUbNw(q=*jNGgY1`>v11|n?Cp)AZiyqS3= zx~|@#x_-g&!Hx!U;=G0?2F6C_Muw&)CgxG%yhb3d36yJ~WT;>u2hk~>nhMq!?5K-s zMiZkFvW1MS49rc8{0u-RaWOS9GBVs3-51*Op7*r(`uDTN9ZwWWyl+~1G%5dOU&EJY|e5yd7AU5@8p;4%3<`}XW*785_&=D0;~724v+VL_gDV< z6MN^!l*dzcukR?C{BnBZfv}0f1@RL6_S?^;=$Tr~IlubUzPEJ@Oe;6+`fyXq`RuaC zcUufExldT|cyHh->FygT*=iR{B9-<|4=DdX3H^C8@<~(6 zW-ecGBl&yv_IEdy?=99o`(02^xsW?-`|V&x24fb3bS7p-2FArk1_lP4z>t&`W??d5 zFyIC;`B_+)nV5eVh=Dk&jEw(TcnrAMIJDUqSy|bc8IeO37>&SCWn^f))GWXIzQ^ug ztJX75Y2tnH_{oH6O9Mh4&h(oUx9Zp*u~){GHSg!0nAO8E^PT@j-hZ|o+0VteT4Hi_ zg_!K$Tq(c3&Ygpk$m&NbzqXubL8-=nTF z_8om4zZY&eePXdW_nXQa`DH<`U(HN-yg%wf+lvLemcB{Sv(!y-_}X7wxZ;)Lg}c|f F^Z*AFFE9WA diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS_SA.pem.certspec new file mode 100644 index 00000000000..02b1780029c --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_SA +subject:ee-EKU-SA-int-EKU-NS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-NS_TS.der deleted file mode 100644 index eb5e6d50c76be1c9739fdfc917c70b1741edadc6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AL4=l7#^;8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+h;^_>f=&IdNV?69Z!-b0b4j6H|jIab6=3*96KnP%>07kb~$HPfZ1D40hB- zHKU193E4tMRtDxKMt%mMo4A;o7#SJPCk3b_tu{^%X#W1rs>(*iY{TrxcP4=WP`ZlQizH)x)N4+I^F<-5h?X6g%y_WlP4ExQh zEj%k({tJ6wHG1R!E9#ZN_oJ14$^ST>y|rAsIAM`h@5aq+bN@FyRJphP#DdnTj4dgxhE|WLM z`O~(83JO~*H6-#4*cRPcmLP6mpzQUn$AfG6lD3QP1}c;HiElo=Y2gvUkLR=eP8-@a z_HsQ;x!f*3d#-I^LcnfU!Ga`p7FdBiO%E++QPt?ofbohR` z6Ae@6>)G{G&y)RqljlLG^^2?FjF-Ist*fj!DA#y(KaXvB`_FCeOszWR^EibcyS|=Z zzvYdB@zq4;T?(gocg8K6yDVV6Hrwk(l1+yh?Kke7zjK}L|1~eZ=PQ3ZylwfC+`d;G zb2e(e)O>Tb;P8=7)%K}Z4==UtTat0Wj-#u{`1X&K)m}P}A|GX>3I4vD^vmVuU8iq< zpS$U6aZHbi*pxpju4ZP`>yRRyKR;wX1YN)FboxW$jNRtxd`kp-d!JuFmF2~CPb0o7 zHNH-I^84ktCLZ6S*ZJuB&Y6>Z`FA&H%ueTHmBAe!bn@>SfsYeeK@;(w_nz^Qokm zIVRn_p>pdZYr+*9LH{LQ>w=b-od3RWDckYCCgM_+K36vP1?a5bqVn;1|6%EvpyGK; z{L{ZGpELFF@A1`SiP~~5VbxUCOQLgF?&$x$`t8j+i!8PIulDP6`)Jh}$dt+0>1hk! z{26A|;*vUvEqg(Wnbx)bcGbGwL5x`vF1Du+D2v^meuG1&#>Qt^?ui+9J*VD!=Mpk; zdDgSSwOrh6>tuJ9a6On=f6eCMfoTN~@6CMM87lPZ-|cUuVO0XNr#9@3%2eQ(Q)zuj z_3Sd+886+Za|g0+{TlH%=HkVi1Jkm%b$!>p7iY}G%*epF*vP=ZfD;&uvcfD(1`Gz= zASOQx3o{e*4+Aj}N0pKBKMRim7aNB*8zU<#J2QF&0z;LNq1u1R?gy!J-p=*o;{35q z@H3bD3Ra%E7qzd?_2j*_i$Ugv+l zw0_o9Yk%{d-Kg)URxyB}g zxmtfNc1cCV#=T)Y(rRtc`|oz}Kc{o@yG(4Njvid2lE%}zMDFIzJS*J|mt_{cb69oV z{7?Nui?a)TmI$ADcdBroM%3OEeWRO|d-YhB^6*i;s12ur{R%%iU__F17L)RR!Xf@~KSKscn%Q*@F{ADEs diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-OS.pem.certspec new file mode 100644 index 00000000000..70f46e95139 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS +subject:ee-EKU-SA-int-EKU-OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-OS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-OS_SA.der deleted file mode 100644 index 36cd63dbec6ea6f81c5038ae92ef111d4a535ec0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AQ!RKdA=1Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv{Uw~U%#939O-#+B#CeTCToWkQK*>cZMJ8rT`{XIf;fx!Vb#zjDmg=R? zYqFZ2S*HE3bfsMNbFo7_ZQZXY&kJJS>#||u3@;{OH{}B>^Ip#J{Ql0e&^EfQs+*JL zSo4mxm*@9(T&-B-{5P*)Uii#qnjI|9{IXg>7)-mOZ@HTl<5hVnnCi4fVSA`hbef&%`xh+pXB|uhSJszN@rx_NnYW z3$F+-r85kEE85kIF0z*<(n1#uJ z!GIgY?bGrD&kY+C81 zxAVPndE*`)9X|FCvJQ?%HtVGPS@3;=$`-f%k4$mSv zI9)aERqB)u$;PVaeVrZ}U%P)jhxlqwlxy8Hd3YbzR@_#w+RU*R{xpeYF|0Y3QkNX-f(sJ*1 z-`4Uj_mt)1u;SlqFEq>UQP@hC;-kj5yIvJDX@$Q_)^FyWe*E~PyiKPzY_+Q>JoHN# E02fOlCIA2c diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-OS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-OS_SA.pem.certspec new file mode 100644 index 00000000000..011a1343c02 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-OS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_SA +subject:ee-EKU-SA-int-EKU-OS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-OS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-OS_TS.der deleted file mode 100644 index 62070243e119d309cadd617efdec4d1d12172dad..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6APm^`y>NiHcqWJkGAi;jEvl@3I60(JitPIRejQk8hH*qmFF)}hN+V;||XyvhtH!-!oo6hD)9k5l6mUvUN(No~` zoXVCJb*B^WXgtq&U8%S)Sm9`zjnI#$$2a_UZDJQx%+;^s{P|J5&g6B`i*2?O4>sC= zF`2M8CSsDCl@8krxu?Pki&u)s<==fjEB_kXPY($$junrev^--Dnfh?q^-J78${lt* z+aS!F&vB_qEJ0RY{=TSM$EQ^O;x>h2mrlL5tUK%X{^-j-iy3#X*ZmW=cGO)TIelrA zORIlnoxR}I=X;+`u=c(mSvvpFx8Kg4zV!#C7M`>4+avqM@qgEqM-%_anw^cg%{KMg zp*y0?ADBu*R%^-6a29_hb*6S**5qqp+b+xc2WtlPu`)3;GB7SSGB7aU1cs!nFbk6b zg8?^)$AT)p;w!x%yX^Tmz%R@!u=0(udkoryq0@bhAz_Svqe~NBkEf?SxtE z2`@r*R&xv8TVT2MW~HC;Wft9VVeaI>fX4P&JxBZ}EIJd@V7XJI_0MM4U9V*(S_=ur z*RHz#D{I5v;+qQ@1&)3d7hBVAQkAB9Jn-(p=QrG^uWh;NkhwW(ThF=Kdlp6CFN$tn F3IGu_DcS%4 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-OS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-OS_TS.pem.certspec new file mode 100644 index 00000000000..8e133c35284 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-OS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_TS +subject:ee-EKU-SA-int-EKU-OS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-SA.der deleted file mode 100644 index 1b9b8fb36ccfda1833e00d171da7bf98585fd693..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 744 zcmXqLVtQiG#CT=_GZP~d6AR<)XT=7*Y@Awc9&O)w85y}*84N@Xg$)GRm_u2ZdAKt3 zN_1VlLv@244dldm4NVM;jm(V2~UlO~mPsy~dMn7%8=twO=)FZ0Sz!S|9Fxx53mPYI}=xZ>C} zwL1bUgxLi5@0G6Y+3i& z_=xrXbqo`3H58mHRpuyW-{<~ss_0USb(hy36POcpZYjs(U-cJHC};lbkja{t^XcUt zhviYld8zkaZ@S87xctqXMg?cl#;|Rtwj{_+Ri8GqYtupDUd4(|`;a%2U%PoH>T}8^ za+svvJ0@$dnyXRuJ|F$oQXy$AF8CLz|6}m6e^D5jj+W5eN)bMutd5k-`9FuEu-L@5+Tk z^uB#JS#&@>>QS1&zij)r%dd3`bw2<3Nr~B|peI7{{%^|-6N8Q(d}P(L<5jg&$Ar6Y zbHaEc?qqW5*6`j_O-y4low}rpyYXzCxa>XMU&|ciT=qN=U8Vni`>T%gHykWV1dkiL z9y8>xh^SiSDSjik_p5x+F}GC`O>w8sUz)z=Vw(HM{dcKVow2n(kMN_&Z*4AM}m+`q_8Kxre%J5gpx+v{*8?USRmY z|Jb*?XMaSkk&WCtef{MPp)t<8 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-SA.pem.certspec new file mode 100644 index 00000000000..a38fa4705df --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-SA +subject:ee-EKU-SA-int-EKU-SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-SA_TS.der deleted file mode 100644 index 61fe89ee66c5dee2a0708ae2f5d54fd6dbf5c2fd..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6APp6?RN&eY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@24<3oZC~U%#939O%2SW#CeTCToWkQK*>3mI7%n41{+8Gvr$VrpV!WH|LO^t(t(>ILmaMcI9Fmw$@{wft&*GD%4Fm~q+s z|7&)9o+sDYbkL^Zx~joa`8ttZQRxa@^Nky(IXtuwDYx5eV7h0?$LllXU2dDZ_+|C* zF3WwJrSxWPrNqj%*56W0b;T5Jan=}))sV?Z$+OXi+ zto_dQJJV((ib$%C}Ccy(77uQ?`8N?Heg-Yc{$*{xc=)@O`nf zv+uGkY+*B9dxC4i)B{x<(QS=C`+qG~pXZagChB%P6Eh`llnHQ^H&wJvtWB&=2?9?2GzjFctS9mWJXm<80zM7Ua*QU#VDev^V zT9sj!t{m7a7*ol+dP9Ey(qAR~-`WqiJ-IgZ*B(Aa;axM2dmVlMe3E&w!{qfhdsylg zch)#Y9g&)rztT)zP<4y+^}?npZlcduEMD5J_G!|^Sq(1i2fBWL{eR?z>B~ckx6dpo zTYcn%`q*p_wv8sjuN?NMW=&7^k$n3s zV*Puq;8{||C5sqS=gc_BGX3_YMFXCjRHOe`+yp=hEfp z%#hyNw1 z}pIC%B0X+yw^pF9lh5&9p6H<*Xst!ZUqW@KPoY-C_yzzGaSSz#6?0|oW1RL-tuXi2%rrN*X$NlSV$wN0ydvA*Wy0``QmVVV<40N-m%I4)o>Vi58$#dy_Btnv{ap54?Oy7>Yvv3Az1RMwZWiZEp2_pz zTJ=YXE6&^Bd??&C>u+_`)896W6B3Q zvT|Ld%Ld_nPZwQ#^seW<=a)t=>jUO%)uqzzs~)|xVP)#&lRutqV0;l9wqVW+e^CIm CKrC_q diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-TS.pem.certspec new file mode 100644 index 00000000000..ed539190ff5 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA-int-EKU-TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-TS +subject:ee-EKU-SA-int-EKU-TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA.der deleted file mode 100644 index d72a5916b14a521474b01919e383a4ca103e8c82..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 756 zcmXqLV)|gv#CT%?GZP~d6SLN?S_57-POUbNw(q=*jNGgY2BL<-27+wNp)AZiT$y<# zx~|@#y3URUa^k#(CI-ev=0=95#-?Ub;=D#6t_hTDpk%0EAP3PVo|+2Q73>%v60D14 zMiZkFvTcm449rc8{0u<%a4|J8GBO-|w(!&Rv}niR645khC+0quX zy4^N)OPxHSzwCrvX7exk<4pQql0Q}|{r&MWV5O4f%D458{LTnUiTH+ete$P^RoD4! z+N*by3pOoPS>VdGCjP8l&sDMgYzG-zFR(Uke<0HNdE2cioF_Tz=SlGVQHWu-agH*0 zGF$9u%r1%j^6o+Ta{^r^DXGoce2_n}^5dT5d&%pRmK*bIiCka4`KF?PaC2=zbk^Ec zr;aXnjt<>yUwHg{WU29cyER-+pSpJMK4`av|6q*B5}V`7-y~fHmWdlb+}?Bj&p-WI z0gv{;!}D~_PjH>=NLxHfPx6;+@e{`zf_^eOuTKAqW@2V!U|eitU}eAw3`tpG7A6A* z18xwLpM`~)iTQ_t0*Ir^$oQW{%s_;VLz|6}m6e^D5zgX34qsqw0>hV);p9|N;Rn-Q z->)?fE7S~aRa5<+ro8_11glKv{&?oBi2?dsbdMF!=icH`&T;thj9ZGIbuE}rY~T3g z7MGGy=xI}yYRAyr$^W>Hd{fzcHtgDlGr=P2XC#;HS~Yw1S&xhF(+uxQuX8)~?gT@= z0YiL%;+2w|Ge3@s@Y(t%2EEx^eRs9_8u95>%cdk|m`EGET4Jf!A!u^x@VfU4x;r5~p4-_M3T?|rhiEYeU)ddfx)*}86_+iN|(Z*urH@4_91>9?=d z<~{zYv}y4g`LF9v11|n?Cp)AZiyqS3= zx~|@#y3UUAt^o#e;=G0?2F6C_Muw)wrj}9Syhb3d36yJ~YN%|W2+=8(nhMq!>=+*s ztcz+)6QdHcos6su%uS5^3_w?LF*PwVGVEBgxGqbwE!=4Gzv8LYdThNv?cqN?f6L(XFJTfFWHNc2s;CST5}u+mI8IHB$YO9|=8);Nf@)T=Bl17loP8~wHx!7TTk8EL^!}#1 zoN@s(zJ5?iXO7>S_pu|$KI`YMDZP6{5Ai-*;`1OXsP|XE{$t_$3-&zbu)B4IwP1h7 zc5|Qe^M6FluV!H1S^s~dk_PK)8CPzz)sIfpM@%^~Z-FBdGb01zVjBZ115RLI$_leE z888@dgP8m*EX+*IKMWK=992ff|16-W;?QPeWMyS%W`wgiki!=kr@-)KWSDUOW&H>Qh+cQez)@ zUaxe_J*s?yF;)JY>T!qOgRcIntjENT^}L=kPnAO|kL9k`PuVAFGXCbqEB3z>lJ!_{CzTaiK?IRzQ1q6iXvC@-v6Ecp3h<0z2Nn~ zl~Z0noO)VGTq~qSgmdQ8ce3-9tD@$MaYr$n_j(i`V&Xp~@Zy5mFAsjW9r*Vu3p?*Z zg>)t+-UCOrSj6whzVOwmDeY)M`R+$OVL3aTpUA(Q6Z7D`Wt_ilr4DO7@>U!O H(Ebbn&uJq) diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_EP.pem.certspec new file mode 100644 index 00000000000..bbbb5c0b12b --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP +subject:ee-EKU-SA_TS-int-EKU-CA_EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.der deleted file mode 100644 index b5cbba3274025b6a48b1e0b85cea3668987259c3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 787 zcmXqLV&*q!V*I{;}{&oVo;{A69U zigZP;rh?;n&H}f)2`)`VODIKve!F*{hOg_yX=6sdjSm{*h9s7H7J~ z#KJ(hzgj}oV*dHu5J`?%^NyvQGCZ)jr8UhdXyzgl%Xg1pj@J<-VQSVkyo!yelQ`7e#ou89tBaO8!5qk=Nl6_y0ikXC|lHOjHk7#aZ-bXs8hj3|3u$qw^Sdg`TYFf z?v8G)SJk`>pWnwji=E&6VgBae%@*GonC@NDy*A}u^Cw6B^?b@t!VlN5>E@`MiRsq3 zo0GpI+?wk(pId!6mod-#&I>nkUTzaqx?eNnGt*J-Z4cG7&o{Pk-gdwFIB~@Q#JKa SSVG19?dj5M0;~PBT4MpL%QBw; diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec new file mode 100644 index 00000000000..9b73c5b2f2c --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP_NS_OS_SA_TS +subject:ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_NS.der deleted file mode 100644 index fda39e85a2784895bd50b7d7b2afbddc84456e87..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6SGq1X#-w1POUbNw(q=*jNGgY1`>v11|n?Cp)AZiyqS3= zx~|@#y3UUAe!&KE;=G0?2F6C_Muw&)2BuNsyhb3d36yJ~YN%|W2+=8(nhMq!>=+*s ztcz+)6QdHcos6su%uS5^3_w?LF*PwVGVE{slbdnb{i0{s6@iZ|Kj(FN>3&=n^Q2?z zy{&Z_4d*u4Ylt3}zZJCU-J(qn#h-WHmStQ1eow)NB)>dk$w_;jbjdEA6{^L@YIJ^* z@`>PIswK?b8$;`Z)!JUqOWkc-*Y^AbUryH7Q#$S%4~5EXXKokuIb`>u`Q>Wq1Zi;@ z*GR60lf0@K3wA_1KmVQf+~dq`O6t}IIYU%AOS zUdiKc&1)OW@>#di@~RWyAv;+z22SA#LURRxY)+P%77CXn6knw zOa=@F+#n`D3kx$7^A7_B5J#1f@jnYFsyMXS7+G1_nHk|M4&?9!#wjp-85!nJioADV z*4Jybw*;5SF_eTXt*YLCc!BsjjHcLMy`S)DhO+U3Cwt|umCc;Y|H+^#m?y$w0>>rJus7Cz zw{9Cxe|bA-H`~^8pZ<5N1{C{l-tBptGp0%?*8aZGz~b?B>#Ko4?Flv)pCFh26Xgzk8i$F?~vW!>qb(vh$85 z=UP<79~NC(Sg?D&nyf)aRro;4W8NY)5KktsrP8W}S J5`9xC6#!8hFUtS` diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_NS.pem.certspec new file mode 100644 index 00000000000..3b9ef1c3e24 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_NS +subject:ee-EKU-SA_TS-int-EKU-CA_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_OS.der deleted file mode 100644 index ff4733135c63a2183e595c9c706993dc17a96f02..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AQx==}!i{Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@`U~U%#939O$;oe#CeTCToWkQK-Ey$KoO!-Dm4|XG1xIa zBv=>Km?lOgWIGvI8JL?G`5A!D;$muIWMtU$slfdEw*Ol9uWYc64)FNBz4nXdw&S;p z8m8F%SbU6O`~7G0_Wi%rFyZj(MN>5MJNx|_@;Ku6R#ms%Awv@jeOn8a3AD)`8oN#cp2qr>!%k7~B4Sa+=9DN1qu@K*1C zO2U;LB~3}+%%y*=-kxr4v@-BVME@o4LVYb=p2!m^x99l!u&PEQ+cA`JuTg!oueRS^TF1)a`|*B>U`xgJN~1Z^7bPmW&1Nq?esNXh-7=3R zyR)Ba_lEyv4QRdQbmBup!3>Vtf1w8gSLRwCRm#}*FMIoMLot*5nZIVu@Yv#eZp|s> zXET>7b*3?vN23`E$NLs^)4cr)`# zbX~neb)6mKgB=az#CZ)(42+G;jSNjq3=N~id5u6^6DZd})lk_$5u#HnH5IHe*fBmN zSQpipCPpP>I~iFSn41{+8Gx?hVrpV!WH{IQY*w3l*i!8|pBKd)>F3T5_WJS5;`@|o zL0x;r*;wCl&zPnx-Mjcw_4AGIJZ|!yYhi9!u5I$<<1h8O*A(wEr!h*M3gfbq&JdVU z;8y;OPv5|x%IWmyQb~#L(pO~v79HIDsx>k@FY`{;;i6Ds&htIz7mGf(iPrkCIUzY< z-{W6u&UY9kI@f%SskIUj7hICYRaC3!#t~hi`8AJO(y~tzH7+QfX^i+9c|KXj;_KYjvZ^0hh2fjO@Pyv* z=eRrb(!1ErEr(XEnJ)S5-BiOT+`2Jevi=|5*HwDI+O3+2nUR5Uv5kS10VgmpWrbOo z3>XZ!K}>!Y7G@^q9|j5_jw&PLe-=Gs0OM$l(i&Q(*WqGPvJRo86?_ z#Paq@y1$=u-!!S7SRW2H=gN?`4{t0^I3&j8IOkvGqBi$ao}TCYHJ=$R47s!_>C9)J ztJea|r*fz`UOEvh*mCbh*iYqsGB3LqoZqZn`zrmNMEQ+Vy)9?{_OB>@{hcW;wRG;o z#mt+1eP7N|{hME!BGg+U&Ub=ax+U*TrvF-IrX#Np9sF@s+-jeVmGkoWB#)}_4gB>F zrm4obc76L55*qqJY|Ha23npIMF?nNa>B74EQEoe$c&}}9@7(xXb>SJesz$GsE1Q_^ ztgt)garwZZhg1EFU)pW((of7$NiOzMpIvuov!-KShrI8R#4t-GhlFf1|A&qWZOi)G GixdD$sVa&9 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_SA.pem.certspec new file mode 100644 index 00000000000..61d29546ee1 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_SA +subject:ee-EKU-SA_TS-int-EKU-CA_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-CA_TS.der deleted file mode 100644 index 2abfcae07920be25ad50e1566b84a6219cb02aae..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6ANPlzn%dv8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+e!o_>f=&IdNV?69Z!-b0b4j6GM|Iab6=3*96KnP&HIGP=x4|N=*f83(>->_y1P~{T@6dOKVm)_DE~mY)4p-L&ncf`^#@&NW`4WWle;=)+wW`3=k{FW zOIdegPFVlUlNE|v1kTr|?Yn+WG^uBo`lj`5l5;;Ew(UDuvSi-H!*jD0TBO(W9*a5h zsN?miDX!@7{lO)TE;W9GlwwQND| zon5@cd|?97aC76)?p0^<}IzKjemQw}YA zdE_0F!=+#qiAP&syqz4;*R-|Q?O%xG43?-_)4VQDRQxWw(k}E~TJQ8&mds-+&;5^0 zU);as^~QrPW+n#|dE~pR7gVvSPgV}#`S?nB;ftt$T3t7{|66i=WlC%d)2=g3(|e~j zr#)Wy>`(L5smCf-?Yit$H1UmGs$s&WbnBh!iW?^1J?3`6Fkiguj8?Ai?L*JPULD9< zU?NdwoOe^&c==B!NfD-Jm*)p?|2-pKxF=ss|4ifJuQU2=+P7r2Yv|m1{{I^5Yw_1| zQ#<0~>J!ULxv%v)94)t9$C)LsK#HcqWJkGAi;jEvl@3Xb#r35j zKaZM!>-%*|wt-PMM8j*QUWu{z*}49WTFTE^F12`k+a~ZKLHd#BWxs;j>9;-NyR`lt z=L(uXIXbs^_iOH_oli6rGFa1A@koDbdXUT(Z_7uUFsxud3O|ZT|ex^`raG8<}wF z<_9gWFr@?OAnQ^!M~{OOKNxM|~ z0;fGxJ5}mpKVja}oahFB-YJR;#cwQX_%CMj;NaEW$?Uo-RrXKXDR!=9u5x*7tIT}P zhL^WyXf(-vyjSzW^s>GBeL<659yi}ikn@>3yJCm@WQk0U%k`{oOD#VtG8vORUJ5)o#Jt6gls1xD+6;ABR>PsSzJs_jEoFdH_i)w-CK5}b5$tUx4Ki_t@|~NukJbY z`+@$g^Nm|FMeHr6pX&?u;t7cRyWC-qj!AEv=2Lf>t$;Y);xcwmdgi4%@=E)??qy zl>1AS4b6Q^cIhqFGyQeLN=|0tGQP4vnUyAUnf~0B{}UAtu=o`h(yv-@Khe^#sM>q&=Z@P8 z@~2I9Q{QDE(D^&zlhZ$W!8PmVzBYd=a(+(c;b-Mf_VwOsURun=%*epF*v7!hfD;&) zvcfD(1`Gz=ASOQx3o{e*4+8}dN0pKBKMN?TIJDUqSy|bc8R0Ar2mf5?h_7^0S;4iew@fSk>i)RW;>A&uKFJzo$-I24 z*{zrqE^s+uz11qS1ofPkAs241Q&_HLv#ajZ%@57jqt-YOu&%2X~qPq~|? K_w2>|>)Qa_TP)Q8 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-EP_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-EP_NS.pem.certspec new file mode 100644 index 00000000000..bfaaf0a1234 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-EP_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_NS +subject:ee-EKU-SA_TS-int-EKU-EP_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-EP_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-EP_OS.der deleted file mode 100644 index 298581087740c766066db98e17f4dd7d46426226..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AP0;fs6q!8>d#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+ix6c>iDnIdNV?69Z!-b0b4j6C=|oab6=3*96KnP&HIGP=x4|N=*f840enU z3D!k5rioDr*-l1Q2IeM4eg>ekxR{z485uT*M{8=Gu5WrJotD#lV0HAqo}D|+%uirp zvTd`<-dqqjbM6z@34b?lJvQmv5t#&`%6Q{veFs~4^wfIKD|JoP5^QG9-T&i1=Tgyq zf8Xa=<-O`_Kd0z>C0~q}SKj2|J-ypTt+fSKXJ(tf{M#2~)MnK(f8#&#@Iv2%uR8@9 z%0ADZee$d4(bdabW*<`EKh*9x`{u0R!}4ySFAVDgpUlj9sh_L3zwun)40cn4%D0EaiWV9u|4Ck`9sk_PDdKx* zt>fg5eMfaI^H;@OGj-Dw{uHtOtDac2OVaA~v*${exx6vjvS8IokJMh?xNms|kKC7S zs{PT&aCg#+NUljnzcw_#HDjFcYN}$2^gWH$&&>pku2nB}d^azIJGkdkaR7y{$I#N>NQr`+t6qPBL^mt*K#^Be?U*>ZOd9$J|am(75u_ zszrAW!z;sR6CV8yH5+Gto7>{>KSlEJA;noQKiC+QNl#o-$i&RZz_{4Pz{-FV7?`rc zEKCLr2HYSfKMM;p6Y~!P1rSG-k?}tZD5^NL*%(<_*_j#PEDq%G1;!~bd>I)y-_Lla zJaNL;K9xUGI~Q{NI@q0Q==XuMaF+D3-pg9CJ`z65Uat^|`Y8ReWd2>VqNZcNX1$A5 z`tA1Z>3>z9ex^qLS9yv&DIx5BpM+C*mafnZ`MvI#<%!9iS3)KJ{H*!ZVR&b8m`q%^ zo8&9@NcUC6^5zFwvlJECoTWY`y6IiN^=T@qW+s$Lj8y zzUs}9(K$c%L`Hu1b8ZwqwN!KaQyu@pt~tv!G=A4Rm5Cb4vESI=lpWU+8S=DanrXO6 I_j2=90BCS4Pyhe` diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-EP_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-EP_SA.pem.certspec new file mode 100644 index 00000000000..162c2cace1c --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-EP_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_SA +subject:ee-EKU-SA_TS-int-EKU-EP_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-EP_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-EP_TS.der deleted file mode 100644 index 1e0e8e50578ab5668990b2ca69ee0bb29d1654f2..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AL5jf$0XkY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;zNQB~U%#939O^l7A#CeTCToWkQK-Ey$KoO!-Dm4|XG1w8P zQ5V&iCPpP>I~iFSn41{+8Gz2>VrpV!WLSUw_kW%2`$pL;Z~L(DrZyAg`O_%k=p+&exZ}XelrWRna-Nb0XL33)b?=aRsDWx z_V2`diAjx4j0|dzwHL;o+0qz&$@1{86t|0NUrt=y^+e#l=V#u?pZ7a2@#}vu5S-ww zU@G}!Mbd0_e+~WLvtR0YzyB~JS?fNh#;qmxEcLt%N=HvlN$Q@(H+#bD33hUCbUfs5 zvgSK(UG%j4sK@+ni=qsfi_R)H!}S-13WhP8K6+LeXLVDr_vxNzi=_0j+i$e2-FG_T z&t16}!LwH8`_KMUa6$1y@~0xN^xYCOC(cY#u78~EnPfVdiJ6gsaj}hol>sL(FlB{V zm<$*UxIs*Q78YhE<{t(MAdV^{<9`-VRB>ptF|x9HZ!bn>+VzX;{*AEdP3H-p1yo{*Ouxe>pZxZ#vHt zr0^|%SM%51zJjc=3%|^qIPHx6r#%6Z9f~V0H^&G#exAXRw)?9^PwN%GrlY6#e0AOW zD)NBEwtutt*(rTBInSNO>8E-4(ScY8<9)Ri&6+B0wp_xMj#usru>UD`s?2D1Tv2@D z^)BTp3bspLonOEh{zPX(YJkN)71hAE=j$H3HdNnTP|Xpg{rl@(1t!+DKQ@_aefneF zWIeg!$2F~YF~#mDuKe40cVpy@4eyTd*G`-MTw5kAJfY!9XM$`nYiaz`;=G0?2F6C_Muw&)#%59Cyhb3d36yJ~VyI-G0MRI!nhMqz>=+*s ztczkw6QdHcjf|`e%uS5^3_wS5F*PwVGVH6>GATvTH86?7x+tsk6@BqL?kT-1cPWUDxGHZ_6i#Tn(>kn0fQd0I*BOT`F*fM-)*YUPW$z&ZcIy}6YP5aoY{1_a>)tq z4%ZI%djS*IpM9Fu8lvRr&+9hD;vmb1vx{HlzPsh4vv~QE34Lt+LDBR1RX7+zFT9MD zDG%Kd%*PxeUH-}K<_WzQLi4!WPS>R!K6vj#t?fUZ8=TuGDlOWxb<1;|C-Udteo<(C z{_TnRqWXQT3+{zDS5|#qv+Ja9{q;G*6Sru^@uZ3`J9R-LW?NLrge&qX#v7+^3A-VC KW_{lUr5^zA;V*sw diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NONE.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NONE.pem.certspec new file mode 100644 index 00000000000..d7d76584dfb --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NONE.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NONE +subject:ee-EKU-SA_TS-int-EKU-NONE +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NS.der deleted file mode 100644 index 5401afbaafc7bce6e7cd2eacae483e862b7bd04e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6AQyXw-^InHcqWJkGAi;jEvl@3^^JJ+0Z&X;AJt6jtEvE;Q(TbrQtbBRFSJ+WH*@7eA0sK2yivxYj zuNR*Q4|&IS{mHvsE55NvRI^oG`I+j%^5*vK*pn62&ra_?EiJ8&wgLqn2S)z37sbB5jfzueO7U&8okavS5DJ&%j`UT6!P>XNN3xc#6|PZnSI&YqoH zUs>(_u#WrcJ-azI-&y%mA3QKQBK1@0+T7QBW4%fWR$OYE{>nL1>-?ODj~<40UAVjW z-0zNSkJjA3cgaY;!=i18mekpDzLmS97aw~0e_d$3c4WSv)x%kRtG~~EowQ`$wceu1 z6PEE9mKSxL6-=9NDx+Q$8?td#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+h;^c>iDnIdNV?69Z!-b0b4j6BFYoab6=3*96KnP&HIGP=x4|N=*f840enU z3D!k5rioDr*-l1Q2IeM4eg>ekxR{z485!0KE(nZjaEur^}LxrGzzeONVSuM$t0 zx!LM*wT9JF&FBkWYZh2=q^2H!=)TU$^Gt5oOVzIlPHc199ST_^&xb|H@~hp*-)zn< ztMqGHXiwNX-l^vDyTc}xX2(5a`?UH)Vza~~$IaKAQlk_;88o_vrTWh9ee5RduNAb3 zf1e+-wdw1A#VybB-GEk9Y`n@Ax%TDpA9N#i=I{)R%3A;Xd#9vP`J~@B> zqN11PCtfX0J)LW;(^fZO_0w68&lE^4n(=YU=}YVN%5NQSVmGRZ`LuVQ+2vFYH3`eD zncau9X3bh(`2W^{JyTAtQ8heVUh98C`U8irKepSCkM z6pUsvz1*FmT=#BMf7b$MUKgp1W8G_>+)Dmj_3z%>8-iJ0o)M?7PB^U>^X3GTC~M8f zW##HjSGLVu*P6@x&v{)tHZ5R11k(PHNRpou>4Vm84+CG=2pZLBybJD&mtG#j$ z9^L%=_Yt?aE}2W#`JXI!H!pJdb3yZ??>q_CkWa>6dcScwr_S6L|Nr=3`%m`OcT`W$ LapX+N3w8tmOb0O* diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NS_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NS_OS.pem.certspec new file mode 100644 index 00000000000..242bbef414e --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NS_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_OS +subject:ee-EKU-SA_TS-int-EKU-NS_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NS_SA.der deleted file mode 100644 index 7d96204eae7ccfa3ef0d5917de0c9aab2d2e46c5..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AQx&#_tBaY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv{Uv~U%#939O-#(A#CeTCToWkQK-Ey$KoO!-Dm4|XG1xIa zBv=>Km?lOgWIGvI8JL?G`5A!D;$muIWMo)dxyUCrCUfN+;caFiw_gUH?q@o`+BAJz z+`Znrsm>3Ugg&#;WjYtNBHry&e8S&=+=u^vA9=4cNwP6gHG7HD$};JXbDs;gdZx`nKi3_uRlXr?_FWI}{f{vZnT8X1f%!~|-i){?73^;*-DJ#sv zWWZp+4Px@MurM<*|1eMhaa0)@|FeLiibI=?k(HI5nGw$7Kn`DEoC3p_k)dXX-KM%5 zlk6653_o-+R>xX#Ay40*C!yKyW@7OhbS#c59K5&afQz+cL9OPG`^JaPuRXJK%Y`E^ zH5Bt#xE9>M^}N)JRrR>|i7B22=Q1_Btr>VM?;Ka^w(NbZ#iuo6y40E1;qmK4ZEfy~ z@|AwR@O8@7v$JyR4T2qSbz~YP6lSxzE!Vg3o3}D#aeda_&|Lv-8taYEUB0@O)wphI zzVZySdn&g+%@CTBZnX7jU+A&i9TLv**Tc>l*mT_H)L>3x^SZD~D_!;Rb2G7CUFM`^ zl2eRIUpUWR>e{i)=$Glc`_b>cH*QV{`1HhA@ioJg2?cfnw?gXH IH~(D)0HdWO^8f$< diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NS_SA.pem.certspec new file mode 100644 index 00000000000..7c780f2ea4b --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_SA +subject:ee-EKU-SA_TS-int-EKU-NS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-NS_TS.der deleted file mode 100644 index e6d1a0f4537ace7de780eed24b33b175eb8fc185..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 763 zcmXqLV)|~-#CU%JGZP~d6AR<{x#|YIY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv{Uv<3oZC~U%#939O-v1<#CeTCToWkQK-Ey$KoO!-Dm4|XG1w8P zQ5V&iCPpP>I~iFSn41{+8Gz2>VrpV!WLVDeDEsxr=2aUE7?jU7+h3DDT71@Q#{?|198@-CT!i8^skRiuclEcb!wmt7BgO>chlCMu3?cKNOt~83s6_*u#zLINiWX3H?i?iLv zo8~t-UR$}hyFQ@PHd4LtRZvH;u;oLe=3~&U{{uUiQkdj$Ljw& zwVJ-XkV|~Gt?a&X&tHGeK>e#}>c2F$F4=Y5C0i+ppNW}~fpM{oft3L#FeGJ#S(pqM z47fo|eijyHCgvXo3LuUuBjbM-F#{1c4sA9@R#tXqMmUQDIedY!2@GFGhN5T63QN|t zuU;5e;o)PmV&k#; z$|x-wSQOY zUEr{hoBuk8wfdrk;fkJCsUNCUC(rL)@a(Cq)veOcEBEtG+jaRw(&_Jc0eiNJeLucm z@4{EzM`zg!y}BRW;A;CfGk@dWbqk%AOwm52^Xf&YAKSjj4M!UPhG^Y0dHwnn>t&&< zAI>L!HEue1F23uv7Jo?eIgy>$mbe+5NvvACYnFSp#FP&=uPd4{uhRed$@J~Pn>R0V JsQ*4;2ml7FE`9(2 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-OS.pem.certspec new file mode 100644 index 00000000000..5d7c2d4925f --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS +subject:ee-EKU-SA_TS-int-EKU-OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-OS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-OS_SA.der deleted file mode 100644 index 287de557dab2bc8e9abf14286148bfc512049b8a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 762 zcmXqLV)|y##CUH3GZP~d6LZ#)U;|z@POUbNw(q=*jNGgY1`>v11|n?Cp)AZiyqS3= zx~|@#y8glO!Hx!U;=G0?2F6C_Muw&)rsh%Nyhb3d36yJ~YN%|W2+=8(nhMq!>=+*s ztcz+)6QdHcos6su%uS5^3_w?LF*PwVGF*GRl2!EbUaq}7iOg&DLypg5@mF8%6~N@U z{rk!G(rBHP@>f0tv}w8=Y395g^33Fk@wXS;DgD)jFSLzjcM8m?{`K_NmtuboexpQ|O7HDM%YjZ!#X;L=VGs;md$_mp6Q+Ccj#e7s;FtjdAmHk@+H^FhG~@!Q@7v0xIb>OWHA#nBLm}N8v`o?PGDfl3bQa7 zFc@%ynEWg(%uLKb3=}{dRYu1DETE|3&}L&~Wo2h(gtIu1!xtE*!0=^c5X$+=$;J3? zM(oYKI_Yy|c|D~cY5K5zZocdNz1VMabBdYDsl~nXp9q*pTlz(Got*M_Ws6jrY}Uy| zju)FR>^R@4Yisep{=k-%Iu`|+ZcKH{QE%Ba-$U1ZP5+e1rknX+O<4RXU>)cE$Rd%) z{#@r8lAHs~5>AQ=i0zc^E}>f?uXKJrqqB# zSGDx}yu%`xC(IO{QnNGr>=X;tgDpJ&uAQCP|2Aj;Zq)@_d>>8nU%#XIpG*JGDUWuA zEnMkqdN0x3TI`93z)R+jcUt4$7bIS_NSWYu-}>2($z}!Nx_fSao^>_(SZdk29>IO_ GxvK$$49Gw->hPX`R05_jZ%i@{0Pc z6aEQ(`oqDSJ0*0p$GgLO>uS^wZMS}<##kySCct)S$wyyLe;rRq*wP^R z+3s2Rn|E!WRgY<053UiKC&_f6uUCKJ*%hVRA4ryDKH2*Cz9f@C_x^_gDbo%V?NfCu8#m%d} zR=L?L=FhXd=lR}f-P-E5md92N24Qlg=A8S3uNp1+EqF<8&2#T4#&tiwi^p^xtJt-k z@j}eEHLG+cYB<&TtAX*e~H2&gWCm4H>)^p!<#*42X4P8R2$2kX?&W0ui9fNC4Ch^p*HVXuWtLQ Hu+;(pP;w-i diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-OS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-OS_TS.pem.certspec new file mode 100644 index 00000000000..a6022ba7dcc --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-OS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_TS +subject:ee-EKU-SA_TS-int-EKU-OS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-SA.der deleted file mode 100644 index d2222b41a35a1fbad4a0fd1448fc38534cd9f2bf..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 757 zcmXqLV)|&%#CUT7GZP~d6AQ!Rh`9#5Y@Awc9&O)w85y}*84N@Xg$)GRm_u2ZdAKt3 zN_1VlLv@244dldm4NVM;jm(V+Zb6Hn41{+8GsJrVrpV!WSF`w?pPU{{^K^GgVUF*W>47Dq8U}+d?mYV5#wV{ zu3*0tvbh(G_ikU)CvEe^cC~B$;!?o{K{i#=cURom>3FuNwyIi4Nw#uZnzXNP&-E3e z@%PPKOWi6bPnEsd7pV5G-o;uqJ?pdaURIZPsne^9*ZFMy zc`<8;VV!A{(f-wX0p_dUPTM!>VYm7Ou|sC7SIbOPnw+Y0fA!Nn?F!L5?rr(C%u7uy(E8E^taQdXFS$$-It z8^q*iVPR%s{$Zd1;;1q*{$~+05MkrcW@BV!WoKrDvpA5$7Z{ts@MUD^6?42QleTz4 z?7mG>@|=r|!l#Pxdr4oayco%0ZkhGf+(h(+WY}Wv))0NG+$|06PKRHf&HiV!>fE2x z`#$VDcyNJxvhowF?5h#A)gLm?Pt4?Pe4WO7? zdigfRSNo*zF~^x@nwkjrzWBX}Bj6+Bg>1jv*cYGk=Dt6&^BD6DSxw~=4j0yj-MucA zI$wsrFXPxF-l7fS%o|T-DLl)NY?al^c~ujT{AAM#`QoF@J|=}*?A9#kGj-axSmW*3?vN23`E$NLs^)4cr)`# zbX~neb%Pz_LxK(D#CZ)(42+G;jSNjq4a}p&d5u6^6DZd})lk_$5u#HnH5H*z7uA?1 zMkQoB8Ce;an;7{SfUe?VYGPz$IJDqb$@%A{W)IX}9JH9vId{@;PGf<**pqiI7Fg%m ziSC}}>wS3F9DT)`%qna9c3!LK3;EagTC?D{$}{cB-{0~ZdW)w&nWSa&W_b(S6N95o zDR<0{w7#3{a(%^#%;(RGWB1PeP<_}c>lJ=~>epF?DNm z#+IWp!GEv0?l~>i@`>qB>GvHb6-#@voOUJjoVU=M^te-R@)wyMo-T7(4o9ch^-NiK zV>j1t&(t{Q?dG%R9gV(V_w?cPg85wZ~t2lxAd;Iydw3w8v8w_U@hJ9V4}e zvG{|5t)*4d(o*Z0KZ2Cm#1?n_Hg(@$e0N6vw+Y!y%!~|-i){?73^;*-DJ#svWWZp+ z4Px@MurM<*|1eMhaa0)@|FeLiibI=?k(HI5nGw$7Kn`DEoC3p_ks;#f!FN%`+jp08 zs>V)lx^LPp5F7w^pEg$pSJ4r#>?B1j|FOp8w zu1KkCKW@rAFYD$u2Sd521ADHOEi++p$a*8ty(^aYN6&kui4rb<{G)bop9osTbIi@m zxX*Wjgn{p-)9F{&%{!-hU-7EF-=w4<^?5(sH@vobJlmbOmM_F}QTqFmm=ejocpEilmC07&fL2})g1mWuO>t<&vvd? zn>C|jrq|Ic&$YB7njh^c@(C4b)$&(THfRZ*!@BNLrfL4;M~o$p9G%j>w=w32OcBsH z&NZD$+hvvg%FkbFEcUoINgMx^H)ULXc;@Zoly^FL$874JI^CF4=4kVzE!Dx|*lD&8 zwi(|Jys4XJxU2S>2ZK`Vu9as_Ik%U5{bSAlRmgefR)tU@{>mk>PiAa=DY5naeD!;~ zxwZWA=N@Fxl$AZ$;Pke!wd5DmnP4wQtD{^Z2JhD!GchwVFfO(+urlBThNP@83zGqZ z0XK-r&%(mY#QeiR0mM;dWc<$}W+1}Gq0Pp~%F52n2xoC1hc7TTf#J)@u(QWC7-UAb3grTMpChie-3uRl6h6)KjHc>Ai^ z<%gHno}SdVtnrVv%-x$y8uP;3O?V70=FdLCQDQLRkL$5xZxpA_oVjMLp9*Kc-y4nK zDvcZUg>N^t6~)Hs2Y20-RX-J(CYQDJfanKlC*GtIExDAn9tZpcmX?9y;VGGOwBqxwEL%N$f~2hB(M>$NuE+h}xm}CN zSbjx~JyY`zj>osMSl*SD9+27Yyi(+TSqR@hUoFXLe5Fzc`ELB4WY4nfiRkUfjJJi3 Hr{@9y{G1^P diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-TS.pem.certspec new file mode 100644 index 00000000000..35adb4854d4 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-SA_TS-int-EKU-TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-TS +subject:ee-EKU-SA_TS-int-EKU-TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA.der deleted file mode 100644 index 601dff642ab5f118e16b930f1f8dd62ac887de3c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 744 zcmXqLVtQiG#CT=_GZP~d6AQzfBb)}jY@Awc9&O)w85y}*84N@Xg$)GRm_u2ZdAKt3 zN_1VlLv@`U4dldm4NVM;jm(V>qQrTPKwJ|j*FfG-)<7DfO(ZoHtScl~7s-Go zMkQpc7+D#Zn;7{SfUevv8fwv*OX=6QWw^gCb9PwthWcxqu~z*mM{ZCkEpznb$>sxUV7iiY+y1@)hw zjJWj^qvoXO2ehWR3CZZxF6Rwlwg|E6jnO*uuPjCQ)viucC5KLhGm$rYKOB0$Xs7&5 zUU!MzylK40dCIAzjBHxNZ9F;e`~hvZEI+{S^1^hX_jsLbtYy;2FArk1_lP4z+jXWW??d5FyIC; z`B_+)nV5eVh=Dk&jEw(TcnrAMIJDUqSy|bcIgmpY7=gf0Wn^gen^YApY!G|7AX)YO zx(eZI^HvD!XHT|G`l|KStNqNI@=}B3ZT+*i$7i=K@wme!@6wxP)cr74HQm_odc0qp zxWVqyrwZo(_N(n@oqwtDSIJ`O4SmMTwq{?PXu`9{qwJ#co%8$l?@E;9dw(NHm;2I; z$m5C&&*jO#V_WTWnlf6J6d_F&XHr{T&~}aobhjY z%33WeBYNTggCFT1ZI-LXytFPkZu={w?;G2zfN7##D;_2!{>%)#xBFnFUeoe?T`$(F z%6%r1)4yev2PDsMGm@Kh|a^k#(CI-ev=0=95#-^50;=D#6t_hTDpk%0EAP3PYo|+2Q7!s_D zYDN>I60(JitPIRejQk8hH*qmFF)}hNmrRyk^ho!{wtUybWx7qXyd}jK+Ud_Uyl6*Oz7RXysolP?+Z7ajvaYGTdHWs?qXlk%yS_y$de`SSFf< zJFj`$X4J&JmuVz@999vEqIAAe1&UA)-rgy)N&FQ+pxGcqtPHZm|U-~@)GtS}3c z0fPZIh{?~w!py|{!$1tgQDtQO&%$HC#m1q{#>mRb&dh-vs=#OjhAJb2LdBm%V@+8w(*sMFZSQw$Z>DYpG|erTSXbPeY4zi_yiuO zURcm}Z)3!RJLi~IM*H_kFa0u|Igt6-mpA6~WOGd}axS(FJYkx2bb9%g@48AE>z_tt zwoShm!6n+WU&qK?smgwbh}{BKhvg=HCzi|JTA%V*cbX-qN{PG3%q!nD!e-@{^T`!E z^lnqLa^D##V8*jYRdhwt?O#<#jBh>AP$_?Ue6M%);eRC>b4x{He6)|}1v)I97wbPy F4gdy#C@BB{ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_EP.pem.certspec new file mode 100644 index 00000000000..b1ea4dcbb7d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP +subject:ee-EKU-TS-int-EKU-CA_EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS.der deleted file mode 100644 index f542e25fb51e91dc14a34d61d3a33b58d89b6c6f..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 774 zcmXqLVrDXEVtloLnTe5!iG}e8`zixoHcqWJkGAi;jEvl@3svXXb^>v8+~1MJ>N(YX(o}#JrgyOPmt=oYH3KpR}E~R##skBs1)& z!Uer4VI_^C^F}Ar$vyw> zZ5Fqd-MOM-!<<9WtyQ{54Vw2JknCia_&)t7|1In4+G{&LboQ&~t)7wgR`IL<6<*)v z(@upfu`=EB&iFgu7S+8U++%K}xz*}+*?o$9-;-3bD$4qf^pAj}%;zUXZ!K}>!Y7G@^q9|mF|jw&PLe-<7CE;bHrHbz!fc4iLbPz6RW zFjN^CygttTXZLBwW6p1HE!OMwfyNWjW_RH+nf)q^XU!x{?5VnWAB** zd9!BPw;0MT{FTnJ$#Cmr&%1zp|#xIsRrr-pqBe T^K|PE+f8!}={?j~9dZEx-DEdV diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec new file mode 100644 index 00000000000..13c3c17ee80 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_EP_NS_OS_SA_TS +subject:ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_NS.der deleted file mode 100644 index 52174691b8ffd1d837dfb23d0065c9e3842c2b7c..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AL5fJbeRRHcqWJkGAi;jEvl@3I60(JitPIRejQk8hH*qmFF)}jjwq43+(-GkbIF+jpn!qm=7B@|#T$E4EEKa&KBuKz;4w z=le}cP9GMWb6I1_k&MJcZ-1WQ{k-^bp|XNhzj6B4+K*z=YZd<;RMcc!d7?>q?~2*A z)pA0qFaEP%d((Kh-v8X!Y9*e)%WF?&s)aBMN!(?5u2&xEb5SwzOm$DdoA|r)e@PsA zP{d-;W)iN)aNxdDw#Jj&ar+hmRb&dh-vs=#OjhAJaN@zj#owPlqy zoLfRPb^d!WzqZ_V<9LOs&Bxm(POe?-s{Fr;vwOpW?xoz1+^4?n_$t?Q?zQQA$IRBI z+kZ4dH){PB6WMJO_2_zq-@F>RKbP0bUAHomJNKuTXV0ef5vSIy*F9aSZQfdOF#C{h zx%GjWuXq0FE_Bw3cGa>ekZz H4WSbN_$4?Q diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_NS.pem.certspec new file mode 100644 index 00000000000..dbb552c644f --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_NS +subject:ee-EKU-TS-int-EKU-CA_NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_OS.der deleted file mode 100644 index e8b387f3f29e287121129775502b1190898644e4..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AQzSwrvKyY@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv@`U~U%#939O$;oe#CeTCToWkQK*>BAJm(<^47H-`|I;$ss}I2#$eVP z+de;Qm>Ky-R-n`2tWmw-Hr*#DR%mY6p4**!Rhegj!OsfaLoF*_nHlW4E?`o0^RC(! zKJ&=w6XQ8wJ(fHkR@j~6SRd^aAysudR8jtu#Ko60{{4vRc)s)clBJ?Trv#2&JT72Y z>)E|HfH7cop_BLCWZMTy_Nkv*}X$DT#$`~Ar+xMLl$teJ_Kk%4isk%55$Com*sg;|&k z7!0^UOnw#?W+vtz24WzNDkI~679ImGHV$nzMpjmKW)9>~1x6zu5&nb=!dc}@T_&_ zY}7p3;!r7mi-q^aA+V=g+?z?-6GZItXr&-i5OPc;yb!|f4%cz#- zYa-(7(~BN4YX38B<$b<3qix#Ond#AN85K^Mn-N{1_KF0F#{1c=1>-99^TBn z5?xpCP+e!o_+Uo^IdNV?69Z!-b0b4j6GOu&ab6=3*96KnP%>07kb~$HPfZ1D3<=gn zHKU193E4tMRtDxKMt%mMo4A;o7#SJXAGcd#dP~^h)QQh;`=rnH%ltCreeh_@&z#k+ z><9Kb^(uQ>*9Ko`#Nx8`fa zjbm?JnXR&ob)AYLQ_f1Z|8?bk7f#-q7id4{$h@0#RPW7tI>p}I{DRh_2l)>dUTM6u zxVGIq-s-m2+D%K>o)3#tE9Kbi*>HbuF54sV)a8wr^k;D%e!lZZqhpxc-c9|>v-w<| zdOkGY=}TSCcC6&l5_jc`$1f&-db#CM_YD1MKW{21q};mrG4SO_LD^R|rG?V97cPqj zx$)g`+8e4bIXA^5Co_&~nJ~AJ{7%vI_t!;k8?MT?-0jQ6%*epF*vP=ZfD;&!vcfD( z1`Gz=ASOQx3o{e*4+Aj}N0pKBKMRim7aNB*8zU<#J2MAzr~;!A7^;j65uccUKFU30 zmGiRiiPfAp$2O}rJ&Q}pKYh>HCt^X=V?~RW(;^yH@BhnOlDKRnSYIV1a6IGOgFM4S zLM2PH+doy`;;v0Bvwv}-aqo7ioqsm(d2f*Q=VBFW+=&N|WY8Qd7DA_5I+*zUtRr_j2E^%W`IwS+!1q*=42l z$COVNe}84|5xC1Ed+6Pfztebk%;Z@RJ|)5Q*15LD($!oHpMS1C^E656@`u(-bNtVJ z4>*5o-%R&=qMBxL+RuM%*d1sfak(z@)vl}q-f|azc71NT_1VOsAY^xT-4FkS2UF*F I-_*GS0E-7XzyJUM diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_SA.pem.certspec new file mode 100644 index 00000000000..5682fe3c213 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_SA +subject:ee-EKU-TS-int-EKU-CA_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_TS.der deleted file mode 100644 index 7c94ac3e5dc151fc5e329337e7057f7ac24f5654..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6APo+lmG)>HcqWJkGAi;jEvl@3I60(JitPIRejQk8hH*qmFF)}jjyqC3A=KAsJZ5>Bbt!B!nWw^1IN>5et43g15 z?J;$$%5Uh`}=_j$vedbwsrYJ224QaLs!Dy{gqkl~^7;~hEft;g0+ zUz6Iga@%y}E4lYS7;ZQ_Pwk%Qr>I-^c{-{V+s@DZX!+*Vu06Z2e(wCc$3gUrME>{w zEs-fK+PvR&Gbi6!oIU58=8ZL<{4DA=$>*F|XJeBmzS-)Qp3V6)Gw*2KQ1G_B9KS-5 z-zdiM_~z;>-#;8!dEc3d8yns}>u^1? z>P9KM@Kdw?)BideiteuRI^ALWhVw{e*DGz$86~GXf~GPtGcqtPHZm|U-~@)GtS}3c z0fPZIh{?~w!py|{!$1tgQDtQO&%$HC#m1q{#>mRb&dh-vs=#OjhAJZizY)_Ne#R;Z zZ zES&x}l?Gv`H>ET+x G(FXuDX(z@2 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_TS.pem.certspec new file mode 100644 index 00000000000..2410f7d4278 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-CA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-CA_TS +subject:ee-EKU-TS-int-EKU-CA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP.der deleted file mode 100644 index 3dc0138f9e5f5541398b590a315eb44937646ba9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 744 zcmXqLVtQiG#CT=_GZP~d6AQzwNm~qf**LY@JlekVGBR?rG8l*&3L6NrF^94+^KfP6 zmFT*9hw8cp7|4n98k!gw8<`s!nwl6|M2Yhnfw(46u7SLvtbsH{n@DOZSXW4}E|LLF zj7rE>F|sl+H!<=v0A0hy)Wpcha98E#Z8Hmzyu5hBg3?m+0~-@-ZZqld7M-~oo;kHe z?(ie!qO5<+jn^K^1)HuG-}re${JD^5Uk6T=E4~gVcPgIqsP*XltbR?(cv7*8s7b89 z+?$)5wKqH4ue*G`v*{@RnM+e#Pbs)6f5=faQ(Y}}O775Zg^dED!mnMpzBYTa>4h^E zS?#K-messn{%^{%|1v#W6McNO{)H-QwVmLwtUD{QX4|vy zl`ia-p)Cz+`?r=iyG?e!oK{imC|>!zLH+;wn3YO9*{^Nz&AKzMw&~kMrQYIoF`enj zeg;c+Wgo85a&3*g(m!n@ck*}F4~H5>r5E~VGBGnUFfKMSFfiZ*2BWMn3zGqZ0XK-r z&%(mY#QeiR48&1oWc<&IBZJ7-`(~{-7gWaV-LDra zoTs$%XvSOlclwO>J57J^Z(FF|HL=Qc4sZ7<)mVOxcsJ=ZbA3*CuNh{i-R8W>E6)Eo zee)FePjCHtd39S>ZjCx|ditx44?kGm(tY%8W1-WI8RGJfr@1)%Iw-l|$vmrR%Qf!t z6mh@*c0~J*R_UI---0JDYwQp!tC>~D_m#ahc*ZJC34=_V`rU00{yP?S21&2jbU)l# zIqb@Qo%J<8p5EOh5va%R{UrAeBlDHH8{STwp?=c;V6ec2Th0o88P$K7?4EReSuFM_ zcJ}^vbpp=Uv$MSpt?#axpB*@dyK=4XqkIAHk~MR`-)ym3rMx62G3VN+=?|8v0su?% BAus>{ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP.pem.certspec new file mode 100644 index 00000000000..75f755461a5 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP +subject:ee-EKU-TS-int-EKU-EP +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP_NS.der deleted file mode 100644 index 69000d80684474dc1bcd10f835afdf873beabdb0..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 749 zcmXqLVtQ%N#CUN5GZP~d6SHMev;i+0r&gOs+jm|@Ms8LH0|`Sh0}(dnP!?t$-psrb zU03f=UDtqkzhDD7ab80c17jm|BSTXYBf}_hULz0}$OLl@lnfONC*fEhRvxqq1f*7Sz4E(XP-Qyd3A4L z(7n8j6khA3Ka+O7-E9yno3s4)Vf6)ii;@iHs=qBr+vDLL=J|c{qklEUXT+8q->AIk zT~^nRlszpLUy9z`sDCwS`g5nPr4zO+n0~y*T5HQCzub+1^L?LX1~#QMKgx)bymz=_ zY2cFBidQYq_>M%)DlI>GOJ#GVRK}YFmGY?@E=?@twZAXMIrV^6@HFH9XPA%4bS=@J zUA{^2gjA)Pd*YYyZOUawi!4-lr(64cw0Il9V#~jv*z@RuhBG-1=P#yB+r33x+IL~; zg#V9=J70PC8np4g@IDv+_#(5(_51xtd{48yXuB4}CCu+6~$*7^b zbe{Fn$lo+9+@J8|<-NGFL*koG zwD4~eTx;{9a&_b5V5gh^D>HA(bR?QuKArse*U|4jI~p~E-+X%CyXaKnUIX13KJTYq ztEf}opn5~&=1Gps$=lLef6fWsp&fhhugLB1sf%`(bGF)u78t~}2=EHbuIN>CIi+f7 zBlUy%S?AGQ1A(dHAKO-iaz{=KYH#@0(0e9t*O4aCYOk~hiuUhJWp`>nlwQ#M=xDS= ziQj)K<=}Z*f6C36`NZyshh9^wy{Vp_=)W`2I)%SE!}k}Dnd`E1svP;{AgS~U%#939O^i&V#CeTCToWkQK*>Oe#{`oS53)>ADt*|6+b9idFNN@%H6qzzpD8! zzEx{*NVJ=Ejm^z#_Kok$_N`%fJ;mHAQ|%+m)Xe*li$s6^e4O~8v@1F*=l41D$EQWi zL)%Z;p5OH;plf69O_>PR`#%os{m$_C;1{0F50+;+GchwVFfKMSFfiZ*hNP@83zGqZ z0XK-r&%(mY#QeiR48&1oWc<&&WAenJaU_Q+R< z?3X!Qt6@<4Lr!B;q}XrK`gsqY%qn+W(EO!?<)6$>kBc(N%I&}B8lHSQ#q8ZBW!vJ` z!^It2O^ozD-MQ2wU+;A_-z$eHZ=&Uk%ICM19!uYST>eju(>p8q=hCd@wS0@RHD@k~ zuDQaxBE_}7c5$dqD5pgB^hI`G;xFB0%e{a4ulW1Dn)cadek*Uz`pA|lrM&e&ztHE; zc6Yr_J4$Hx%KOjzc>HtO&kw53daoji+kf;Y_8gkz$i&RZz_{4Rz`%eL7?QHWEKCLr z2HYSfKMM;p6Y~!PF%UKj*!0yMLn33SUNjdiiYC{aZ;gy_1!B)^VH1TIoFg!Yu#wsQIM)8yb;O^Y&;? zirv$dlX&<&uLb|7yyEJq+sl`QCz&n!Rn)lT-L8lAVP0#xl&gi0p3=$P&vUgw^V%%{ D=prY& diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP_SA.pem.certspec new file mode 100644 index 00000000000..ef35255f346 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_SA +subject:ee-EKU-TS-int-EKU-EP_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP_TS.der deleted file mode 100644 index 590adfbb81b88d07006d69934b2f30e924e543f3..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6APpKfvpC-Y@Awc9&O)w85y}*84M&0#SBE)m_u2Zd3ZDP zN_1VlLv>vP;zNQB~U%#939O^l7A#CeTCToWkQK*>^e|?F1MdcQZ3GO;xvUx zM{-jqiz+c)XPNwB;y?Qzvaiz~{(V;3GkH(;Re@J;AIdLZC|7cbqo@4-LV-}-=hb@L z30aZTCYfZ$sYNShB%XJ?ToPONV&k(_v$cQE+G|_IUa`_gG(}&a`K{)%*>9Nt{;2GB zJ?;Ff%k%oIS+0AV&hLLJ&|tFW%r>D@XJegPzps4d@+JA=goOL`(GveAs4l%CRyy~y z-kw7$YBe_Jiu&Dl{u#ox#4KTi5q?P8E5?Ej3vv z{+HKuo}DQZm-6nf?zM_?iu0+y7hp$areZ_U2yy+=e> z?g`?pSTtY9yK&Eir@VR0TNK*A7v<*c;VJ$8ldV?w+39}AdbxCiNiUCSm6iQul~7aE z`EHZ;Rj6KL%K?Wy_b!wsocS&g8oje^?&^h;XR-wGoV4H6!hURyk-&;Jvtrf+2HEUT z)6yT$Jb6!=Pv3raqx8&ZNnN#sIW_^`#9PQc zn!0_T(vwqZdau1Lx2`+pJEdxse@x}AclrOGt328-8f#@)Ww}t`qP<|^>$L|q%`MH? zeMM`{S+UhjS`Bl10%K&D`jj8JtP|g(-o_J?S@rxZ!!g%G4EIk}J$YH1Z>-gQPgZ<3 E0RN{Y@Bjb+ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP_TS.pem.certspec new file mode 100644 index 00000000000..0c403f1fec0 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-EP_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-EP_TS +subject:ee-EKU-TS-int-EKU-EP_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NONE.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NONE.der deleted file mode 100644 index 934340a1d8d2c5100bf085684e3396e265429cdb..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 748 zcmXqLVtQfF#CTx=GZP~d6AR4 zh$coQWa}7N8JL?G`5AyN;$muIWMo)3$JIsb@wp<)meW~HS)NuunwCuMQ}&IS;`nZ* z-t4cU{F)pEoLXy>r<^!bSlqmYS^JM%{Mrm*Oz`z>%bnV2o%GwtkIFEDf*z3x~%*epF*vP=ZfD;&yvcfD(1`Gz= zASOQx3o{e*4+Aj}N0pKBKMRim7aNB*8zU<#J2MAzr~)Gq7^;j67F)_x)FxhOGE#T; z&3>xN7O(eP>CYUohl{eN$RFR4+5Xdgi`I)B4a|wZmXBq`ArYDdhE_U)d_qMJlI&)1Q8J)45^Uia&OYeR@s|{YC{x)Sz|1|w$YQ0hB%STTtY&KoJ zUi9NyL%K_!{U@eAq1pACDl6KbReMW>#NYJe`?Gqd;$<_P)!xTWIu!4GwEUOC)|ro` zv?m+ie`CGGlS|jK@zlkwzn!0R_R0uq{5oR!S0-(CdCi`Z?Kj%CHOyJoz0P(;-1P26 zH(x$GUiWQs{#~tH;}sU>dyY-6kGuUd`Nztaa&~(d*Ca0fv-E26={s`--KNDCo2Ksq E002%W#{d8T diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NONE.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NONE.pem.certspec new file mode 100644 index 00000000000..a5236476c60 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NONE.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NONE +subject:ee-EKU-TS-int-EKU-NONE +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS.der deleted file mode 100644 index 2d0bf4c545a2e5038539347a17754c8968fb53d9..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 744 zcmXqLVtQiG#CT=_GZP~d6ARF|sl+H!<=v0A0hy)Wpch@FQoAa%EbH%O{C$@0>Hzj6EVrpUtEj z7a?z@=S^#p))o0+{V%jkXS?$CPn+46Eqd}`+V(SP;$1t`rwTAWz7Qh+E2;mw>y?w? zx;M?X7v;09iks+kK;z;Jxv-Nl_xMiT^j>?`cK(~F_W@CDa$jeQrN3q{d-}3^tFVJs z=E7H9zI|ayR}Q$V$j9ilbg|UNG4J{*Bv^cgYl72VgZ|j<0?A9RI5cIsTs`T3XX2sh zo3+0dEh!cX^7!HO=(f_Ip2;!C^XxC}i}7OYuV!LqWMEuuWME*x2@FPAVHPF>1_N#o zlb?l!nTh#_ff$IR%EAGhoYMiez{NdU6`i0<(^ZlDt&h?y|EG`h~TvZl*@5z7G#+&n|TU~y>Lu_~5 zl*8L^?2>2JXkW6ZX5GeU*OSY=Zv`t)>g(ZlnHu-&+|Sz$Va%Uem91+#Dw$69@6D3k z{ln~t8{4{RvOI4hrYuamp)AV0Ekc8F!%RtA_lf6rP3@iDwdK9^8M(OgDYI4fBsV^2 z|NKe7WJPF~OK024^IvupChhlFx?^T)eebIs$$5NA8Vkyt=4|$kLSXV!45oZ7ub{HRevQtXRRhehw6@>K7=Roph0ZJ~kdc_odrZQ5zp!2l=P BC2Rly diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS.pem.certspec new file mode 100644 index 00000000000..d57c2301091 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS +subject:ee-EKU-TS-int-EKU-NS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS_OS.der deleted file mode 100644 index 36ff6377b8371e9ec8a2c2dfd0d8d981211ffce2..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AMG*rHcl~U%#939O-ziV#CeTCToWkQK*>00}Q`_9~uUhx8cP==w z#$sQI;DrA(vgXXLE{nOjZeqr}RT3V5boqB~Q@`YOY5A4fyjM4Jxz+ETTf?|(g0#DrCa=d>v~$F8o_$`s;)4^^C8_#P&IV{LjS9$iTSR$iTpW6Bv@R!YoV% z38&CBmB>wb}dn5a6&+VT78|~B%FLh%-|8K*2UfBz5 zTJ~Q;W4w~L@|`qsi$5aSG={m!T@;pm}qi??;s`Rptc?yzqPd*-wLI6UFP9{cpXe>!pFZ_);ELGkcNpXL F0RZX`EbRaQ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS_OS.pem.certspec new file mode 100644 index 00000000000..88aa4894316 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_OS +subject:ee-EKU-TS-int-EKU-NS_OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS_SA.der deleted file mode 100644 index 22ed46120155c9d3457ce886461774f56397023b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AQ!HQU(KFHcqWJkGAi;jEvl@3I60(JitPIRejQk8hH*qmFF)}h7+%Bt7x@?tn&4AI)~AE*)d(uL!4(c?u7hX_T1S|bj~f^%@OY&zxMdF@~h|} zvv;$9W!o?=kKDKB?-hIfg35O5UGlv39Dx>_4FUs{%mR|b&R)LU5gE?AVc(j<#!`X*DM6U3z&H9%b>Am*hSC-4Q|DWEnd@jQDsl(!;t(S&=cEllL<_&Et zbG|-UkR_CHZhoFx(KEv{PVen=wcZ}uDRf)!%ke{#b}}(DGB7SSGB7aU1cs!nFbk6b zg8?^)$sZs8xG&94zAE^P+nLU#bqPoK7Ju42(cxHx&&0Ji-tB%h zLxlU9z1aQ6J8Z8{$IrgGm0`i6)w>KLDwZ9-t;n~ab$Z|WRP}p>Ywny5w`<>dU0z{| zSYr!gtlteOzvpK+v0C0^VD0#9b9M0|ocUz$(P{Bkbmh|Y_G&TcH19Fv}YeVC^G(JplEW51SJLaB!JPHz&AWj1NA znB?Z|eL^v_MaG@|jNu{s`xVkA9Mit0wEntzN1rv-uX>^A#L|I60(JitPIRejQk8hH*qmFF)}i|j4x@Qw3pHO<{Y-##ot~=_VK^syuV`Qq?+mH zUkD^TiTb#u@O@u>^D(J?)(?)luXJt;OA*)6vro9cC(v(k{K``cZ{7(LuA8xqGyT0~ zuS~k*#OXzscAe7?b;|9Klj|&0Ir#VYk%q4|Npb&I_z0QbeAdc+ROZJumHrQs55&FK z=%3tL=FoK{x%d9Q*SqIiq%wTeJ7f~5(p@`AINfJse5%I*)7#yiwR`una%k-JRdM@Z z@MXq()%asd@kbs`d}(|{c&!X`!K#x<)58C~J9(~mQhF}4(aA2O4Gh({qF;NldoP>u zjFD|o($5^3hT=RYxp9Amm4GkfZ;3E_UGJg1)~HZn0YGB7SSGB7aU1cs!nFbk6b zg8?^)$L2ACaOkQ7lNIb&PsPu>|X+O<>otL$eht?NH?pWo6phli=jtbWc1pLtvljQkHh zwA9)Dc%jO&NBV95Cak!~WPDF|iZlz?{FGxdp0nOQ?_4u0=2eLKJQY*wt4TlBtj+t>0I HY?=lDZ&WX= diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS_TS.pem.certspec new file mode 100644 index 00000000000..e894f993e00 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-NS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-NS_TS +subject:ee-EKU-TS-int-EKU-NS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-OS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-OS.der deleted file mode 100644 index de27ad2a5554c75540b1441880dbc2cf6773e27a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 744 zcmXqLVtQiG#CT=_GZP~d6AQz$@~H;AY@Awc9&O)w85y}*84N@Xg$)GRm_u2ZdAKt3 zN_1VlLv{Uw4dldm4NVM;jm(V~bw`_N>a{3#{nZ~KEn7T7aXUfVSD&1P2wCyzu<2)!%*c!mh4nmgBVeV_2fKwkqe&^(`{J8C5R-8fWf#Fy;H)^IRJ)F+BZH zKj-l7ifwNy{5eZXiaLJ(7f+dFysoV9m~VdEpI_^<XZ! zK}>!Y7G@^q9|mF|jw&PLe-<7CE;bHrHbz!fc4iLbPz6RHFjN^CxKlTM&-v4!cw<57 zy!ojb!uwYIi82pO`SsVaWB0sS(ZBpW&x`(OW&F%>#;Awyz$vr5WeyQFVuhQgPJU|c zUbbL)SCM(-6_%|s<)N>O9KzQ-cXoB}3XP0PzGgHv-MwYSo7y&3SE28Rw(glf{lKi{ zFOPRW%qxiuW`AZD@auPD?Mbf>3)ejU3H{gp{FiRkIwd6J zHt%6nJriT`zGze3U6+}U*v!g{-R;A0*s-u`%3h{7pW1eWiB4%&TiI4`EaCU5aLJlE zit>+I1Lv$b-Ie_*XyIRx0%QHMxLRS}zlY1EpLq$#GBY3K_SRXwl3$Obm diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-OS.pem.certspec new file mode 100644 index 00000000000..6ff27c82a96 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS +subject:ee-EKU-TS-int-EKU-OS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-OS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-OS_SA.der deleted file mode 100644 index dcc46008c4bd4be05a7d3369aaa52a9a46d1376d..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AP2od?o{4HcqWJkGAi;jEvl@3I60(JitPIRejQk8hH*qmFF)}i&{Pn%)*7J5i-T`5y%xxMOHRN#yqSH)g1M z{_X52INxn9zxUY3 z1_N#olb?l!nTh#_ff$IR%E?gi=g9M&*|YbAoXoYybq(+O zrk*^Kd~ELX3+|N`H(xl^Tc??(*xjyU`BBv}cjo$aH#4SYv$4ib^IvK0|ElfXo~C!N zjfDO(raaRAn7EX;H^-~RhX41nnTy%HulqRHZxFn=?9V0s1{Z$mrq`$Uyo@hYFH-#1 zAe-|{GDzPi`Hdd<_|U$tUFd0fd-xxO@ev+r(CT^Y2WhSiHOmFnAkJnUe` zwYEK2HBse!$J4_u`#26New6H*Fk?5%xpOxroILeq)BQI$w|w&J+`7xW+s=LEQR%xc Gb^`!`3o-iu diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-OS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-OS_SA.pem.certspec new file mode 100644 index 00000000000..2c75547b345 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-OS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_SA +subject:ee-EKU-TS-int-EKU-OS_SA +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-OS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-OS_TS.der deleted file mode 100644 index 7b6e2fc9c8eab7bde256fdfe423d5eb0d8af07b6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 750 zcmXqLVtQrJ#CT}|GZP~d6AQ!gum22q**LY@JlekVGBR?rG8jl0iW!KoF^94+^YCWo zmFT*9hwAzV$A<(P$cghBniv=xnHw3Jni?2HiSrtPxF%4pfs&zufgD7qcxozGV@R+r zsu@j;O2`&6vNA9?G4eA2-NePz#K_2SV5`zRhFtrMx=mWA_K3xuaOtr6WD|e+3+L)3 zOL+xN&g^MuHqxkdur_`mx>fNC^Xc6i0>#@|wJ-9%U-aL-$w-*lvUs+Ak3~c4tK19w z_I!WLvY1W2XnO42m&dbqImcYTnfpSW&pzzJ&SopCWx6}d%HnvZ?OvKE6{g*BdGU&h zI_BeQS42ggN6&P>#h*2<0eyKn^Jy`@s}nW6FT4#An_6%FZktIX!;-I) zXC&-yQaRlD+@LV+#@8+U&2op_d^JD2>Wz; zYQ=)rHVj=yS(mS}=ijyN&gRb!8yubECI;OUwLAE)$fjIOG5Yy7p?~@8rzW=d@S9&~ zQA|`3U&$2k=v~3N_gn9O%-^_(MQHB-ulacg{ZBtpwXmBof5F3ywC=uOmEQQR`(CKZ z{hpn+cG;}Cs&9X%yfpWDCK(v{qO3c6zj#$lXtR6mj-Onor;96=KVDrHa(aP3_YR&# z&2F>OR!GdA{mwT;Y#rC+-;du+zH)Dg^ZYxjb$|a=)PI`KpZ)U64aI2bf5)s28*cNm z{`qo8sj_;ql%?Aa@n(VZ<!#C!zoV diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-OS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-OS_TS.pem.certspec new file mode 100644 index 00000000000..1714918c7e3 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-OS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-OS_TS +subject:ee-EKU-TS-int-EKU-OS_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-SA.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-SA.der deleted file mode 100644 index 314baf327c91655800d0a98f813f835cd40d6e2a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 744 zcmXqLVtQiG#CT=_GZP~d6APnC(gy=xHcqWJkGAi;jEvl@3T-|YFY{7*UtXzdInSBDb%tQ!?@9` z25!6=+4!y7!#d&cj59RLy!|eqDB>`m)?|Ly?KH&%Wte zTo9c7yen)&mRb&dh-vs=x>YhAJaN!MvqW58JWDIz(`t&VEkjACoAyS*VR|LDyrN3UMKd#Fp|7n8@-Ephw#8j^o^ zNgquyZ&@V5I{CrjDWQRvcDWmTKUBL(`^8F=&8vl$Hho#JbO|5VCjR?A2a*bm9|tU1 z?R&tE>4}5v=@|hNt9nhoHD<@}4Xe%MI97jhdT4y~I#r&hml*YmcXXSZ8Oo=d9(pKb zQLGswTYE?U+Eymj=IV7^HD_mCC{mvg@Pota<&M=`{il3eExR{z485u4+%5`%cT-UKg+EvHOx%5Uzi65&_cY}dmg3aRM({ouqb={gB)?RsmRbattt-A%!~|-i;WBn3^;)yDJ#svWWZp+ z4Px@MurM<*|1b~(aa0)@|FiHIaItY{voW%=vNLlahbk}{fuYLCu-WrMO1I_uU&UOzvP+7Jg;fCl{Z@2t8*^we4wG!q~xJh5nBJ^&)I@(hplaA+42%ZFFpF~ zVDo3kd~=Q^(~}~nuTQ)rVO|&dbzkb;f1cXb@%JoOZ@2iFqMfl}u7R3K;Fbbi^O6Z0 z6s|w+m{HMCf8#}ukLJ{M-*03viY<3lj%nX0;_yxUXuR>pv#%{K9E)0)_bTntll9s% zS>E3n^ex|Hg|)Es&GM;unA;h|;5GT&T^30>VVjpK3&Uf|4sx*uZ8C{5*~}lFAqoJy CXd!X{ diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-SA_TS.pem.certspec new file mode 100644 index 00000000000..a31d1d715a4 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:int-EKU-SA_TS +subject:ee-EKU-TS-int-EKU-SA_TS +extension:basicConstraints:, +extension:keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement +extension:extKeyUsage:timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-TS.der b/security/manager/ssl/tests/unit/test_cert_eku/ee-EKU-TS-int-EKU-TS.der deleted file mode 100644 index d285b2304469653f6a9ed9392c45302a8b6a4171..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 744 zcmXqLVtQiG#CT=_GZP~d6AP17xs(Af8>d#AN85K^Mn-N{1_Mz;VFN)n=1>-99e59rpovil z*(yd>2IeM4eg>dxxR{z485s`VEMG6=))*!2JFlsyt-G$ry8Ezi#7aJmavSN#>=MrF zBPX`-&-pp!wF2YZKi(~$kKbA9Go{@|A$X(TG|MB^+ts$;Wz^rz)y|P(w;qydD=Uk=sUR=-mYU`SGz@#kK?6H$K||Vmh~1KGeYMC2np|rU$sj6 z)w<35PB0cv`C8s>#9Z)IfqUwnUow|9*mmz*nCZRjqvg7~uN~Vm=H{q#T)*qhDs;oQ zy3tx%O)L4~CujfHCeca#bL@9roOk```oEL!GchwVFfKMSFfiZ*2BWMn3zGqZ0XK-r z&%(mY#QeiR48&1oWc<&IBg6hE`}jl7=kf}wAHUEI zVe2rwz*uqehkC?o*R%?Cu|IR)-SeCQ zsuKi_CoGV8zxKPEM6|Q|bPb#R|8KageRko>pWKLx0uK+r+weQUxxKM@XUU{lrzTn! z&Cn{?{^;MN{JiVgv;HLp9FjQK(kXCa&iB5Lwfs8gKY09YmQ0z}ddYV7F3Xbp4veP^ z*=sM$zo^si_#-&ca>EU^-3yajb%Gdn>|1u(L$FWkd-+V!Glt>~8GW&= 1.0.0 - -import tempfile, os, sys, random -libpath = os.path.abspath('../psm_common_py') - -sys.path.append(libpath) - -import CertUtils - -srcdir = os.getcwd() -db = tempfile.mkdtemp() - -CA_basic_constraints = "basicConstraints = critical, CA:TRUE\n" -EE_basic_constraints = "basicConstraints = CA:FALSE\n" - -CA_full_ku = "keyUsage = keyCertSign, digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment, keyAgreement, cRLSign\n" -EE_full_ku = "keyUsage = digitalSignature, nonRepudiation, keyEncipherment, dataEncipherment, keyAgreement\n" - -key_type = 'rsa' - # codesigning differs significantly between mozilla::pkix and # classic NSS that actual testing on it is not very useful eku_values = { 'SA': "serverAuth", @@ -32,7 +12,7 @@ eku_values = { 'SA': "serverAuth", 'EP': "emailProtection", 'TS': "timeStamping", 'NS': "nsSGC", # Netscape Server Gated Crypto. - 'OS': "1.3.6.1.5.5.7.3.9" + 'OS': "OCSPSigning" } cert_usages = [ "certificateUsageSSLClient", @@ -57,14 +37,12 @@ const certdb = Cc["@mozilla.org/security/x509certdb;1"] .getService(Ci.nsIX509CertDB); function cert_from_file(filename) { - let der = readFile(do_get_file("test_cert_eku/" + filename, false)); - return certdb.constructX509(der, der.length); + return constructCertFromFile(`test_cert_eku/${filename}.pem`); } function load_cert(cert_name, trust_string) { - let cert_filename = cert_name + ".der"; - addCertFromFile(certdb, "test_cert_eku/" + cert_filename, trust_string); - return cert_from_file(cert_filename); + addCertFromFile(certdb, `test_cert_eku/${cert_name}.pem`, trust_string); + return cert_from_file(cert_name); } function run_test() { @@ -87,7 +65,7 @@ def gen_int_js_output(int_string): def single_test_output(ee_name, cert_usage, error): return (" checkCertErrorGeneric(certdb, cert_from_file('" + ee_name + - ".der'), " + error + ", " + cert_usage + ");\n") + "'), " + error + ", " + cert_usage + ");\n") def usage_to_abbreviation(usage): if usage is "certificateUsageStatusResponder": @@ -169,17 +147,21 @@ def generate_test_eku(): all_values = eku_values[eku_names[0]] for i in range (1, len(eku_names)): all_names = all_names + "_" + eku_names[i] - all_values = all_values + ", " + eku_values[eku_names[i]] + all_values = all_values + "," + eku_values[eku_names[i]] outmap[all_names] = all_values return outmap -def generate_certs(do_cert_generation): - ca_name = "ca" - if do_cert_generation: - [ca_key, ca_cert] = CertUtils.generate_cert_generic( - db, srcdir, 1, key_type, ca_name, - CA_basic_constraints) - ee_ext_text = EE_basic_constraints + EE_full_ku +def generate_certspec_file(issuer_name, name, extensions_list): + filename = name + ".pem.certspec" + with open(filename, "w") as f: + f.write("issuer:%s\n" % issuer_name) + f.write("subject:%s\n" % name) + for extension in extensions_list: + f.write("extension:%s\n" % extension) + +def generate_certs(): + generate_certspec_file("ca", "ca", ["basicConstraints:cA,"]) + cert_list = ["ca.pem"] # now we do it again for valid basic constraints but strange eku/ku at the # intermediate layer @@ -192,30 +174,32 @@ def generate_certs(do_cert_generation): # generate int int_name = "int-EKU-" + eku_name - int_serial = random.randint(100, 40000000) - eku_text = "extendedKeyUsage = " + eku_dict[eku_name] - if (eku_name == "NONE"): - eku_text = "" - int_ext_text = CA_basic_constraints + CA_full_ku + eku_text - if do_cert_generation: - [int_key, int_cert] = CertUtils.generate_cert_generic( - db, srcdir, int_serial, key_type, int_name, - int_ext_text, ca_key, ca_cert) + int_eku = "extKeyUsage:" + eku_dict[eku_name] + int_extensions_list = [ + "basicConstraints:cA,", + "keyUsage:keyCertSign,digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement,cRLSign" + ] + if eku_name != "NONE": + int_extensions_list.append(int_eku) + generate_certspec_file("ca", int_name, int_extensions_list) + cert_list.append(int_name + ".pem") + js_outfile.write("\n") js_outfile.write(gen_int_js_output(int_name)) for ee_eku_name in (sorted(eku_dict.keys())): ee_base_name = "ee-EKU-" + ee_eku_name ee_name = ee_base_name + "-" + int_name - ee_serial = random.randint(100, 40000000) - ee_eku = "extendedKeyUsage = critical," + eku_dict[ee_eku_name] - if (ee_eku_name == "NONE"): - ee_eku = "" - ee_ext_text = EE_basic_constraints + EE_full_ku + ee_eku - if do_cert_generation: - [ee_key, ee_cert] = CertUtils.generate_cert_generic( - db, srcdir, ee_serial, key_type, ee_name, - ee_ext_text, int_key, int_cert) + ee_eku = "extKeyUsage:" + eku_dict[ee_eku_name] + ee_extensions_list = [ + "basicConstraints:,", + "keyUsage:digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement" + ] + if ee_eku_name != "NONE": + ee_extensions_list.append(ee_eku) + generate_certspec_file(int_name, ee_name, ee_extensions_list) + cert_list.append(ee_name + ".pem") + for cert_usage in (cert_usages): js_outfile.write(gen_ee_js_output(int_name, ee_base_name, cert_usage, ee_name)) @@ -223,7 +207,35 @@ def generate_certs(do_cert_generation): js_outfile.write(js_file_footer) js_outfile.close() -# By default, re-generate the certificates. Anything can be passed as a -# command-line option to prevent this. -do_cert_generation = len(sys.argv) < 2 -generate_certs(do_cert_generation) + return cert_list + +def generate_mozbuild_file(generated_cert_filenames): + MOZ_BUILD_HEADER = """# AUTOGENERATED FILE, DO NOT EDIT +# -*- Mode: python; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +test_certificates = ( +""" + + MOZ_BUILD_FOOTER = """) + +for test_certificate in test_certificates: + input_file = test_certificate + '.certspec' + GENERATED_FILES += [test_certificate] + props = GENERATED_FILES[test_certificate] + props.script = '../pycert.py' + props.inputs = [input_file, '!/config/buildid'] + TEST_HARNESS_FILES.xpcshell.security.manager.ssl.tests.unit.test_cert_eku += ['!%s' % test_certificate] +""" + + with open("moz.build", "w") as f: + f.write(MOZ_BUILD_HEADER) + for cert_filename in sorted(generated_cert_filenames): + f.write(" '%s',\n" % cert_filename) + f.write(MOZ_BUILD_FOOTER) + +generated_cert_filenames = generate_certs() +generate_mozbuild_file(generated_cert_filenames) diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA.der b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA.der deleted file mode 100644 index 882ed63fcb6b9c915a9736d3ebed20d1e0639840..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 728 zcmXqLV!C3`#JFbxGZP~d6LS^+69Zm0POUbNw(q=*jNGgY2E2yc2Apinp)AZiOv#A` za^k#(CI-ev=0=95#->J5;=D#6t_hTDAZjRVAP7;;m6=zf>*^h<>+A@$LJ8SmMpg#q zCPsb+pg0#(6C)$T)6b>s8?W(e|7OqhEuOq`;mJ2=T4y@Nf0<_fPH#G+<=#ea-~Vfy z>a^o+-ZU@&xO{=;%w-b={{%O!SXww?Vg`Sz`c|d&InNp7%Z-;b%-j$-Q%8Dn`SR;b zm*2D=Y&$>K)4(x{u{*>6^XyAYWRAIYA68^q8B%}ykoS@avhIJvCTf55b_t)jaPpQn z!HExrC;a+wudd|2i!+-%*Vm0Ze*Roiug7e8=}@-!gAcZY9(s?Z_|Ga1U8gNSe%)Nzs zex0-A(|!G0^O}0kWbvL{h2KY?^q!7pVrFDuTx@D!Y`_l;JXv8z#{Vp=2FyUpfEy&h z&%y$Xp??O#AdV^vj{z4Ohc+7{D=RxQ6LP=;V+S*!&k|WnNF`>JGB&fNLU|GU-id0-uh5UiF&f_(YHd|CbyR> zpGxlQUjBk-rs%wwmgUaJ8G6#Yu5PzXPx*dWfd443z;gH5kM-vNxxg`FN3htJ_@%K@ zEhh`Igs&9;Q(6`+Y$zzZw%BFn9PM94_iu@Gu>qQrTPKwJ|j*FeHh%s>R9oHsMCMAy|jRM*)t-ZcPdjS{li zjI0dIO^o~uKyfanCPqevvnOi)A6xszpLNDVt2To-g0Zs6f_A(gKa?KJQj9lGTXN&i zdG0L_%)UQk-FKYrg16C67B~Ls8e)6;V!Rh@=&olFe|n<2dv4MD`C&dCSrsoWCiHCh z@1eGE+T8Yi+O9LJ`s3?4=I`6^;`ou8nKB(~=5+6EYPd7)?v>o9k8k(42)OFLbNl*d zujDMg99u!o`UXz+yBbPSX|a6lJc)Zf2c->XCRf85tNC+Z)&#@B_n7R+y3TKMSh?GmtXi z1_|)9umEG}pMflhqsjsbW)5vOMpjmKW+pg`1v!X;(FY7-MuuPkfeD-LeO&Cf;#2X@ zF8!bS-#Y$zA3uIFR&w|EHNQ8%E7P^eDhfEm!Tj#`jmkyM_1rnf+b^$h@A~z*P)Yk~ z@r3hx)C&TwOMVm`{${=WowDlwvP;*d)%3Nnuv|~GW;e-pSlf0&V|$#$hKl&rYk0V% zwu;qnwCZhC*sf=P(AY`7`Ifj{@8r^x2YS{r@JqRD5jyT?l)}hcYSyK+E}1!%p~Lmp z>uWl7r>YlzVeAV1R$Ca6aqo}X2~n#|OQFnj=eLCAeO8Q{-{4d#_u;_dV&SsHD>Z_x z4{A&G+F-j&sQ(j_jL#d9l{iQx9`+v9Z=n@A2B9tc* diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_EP.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_EP.pem.certspec new file mode 100644 index 00000000000..e2742750e45 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_EP.pem.certspec @@ -0,0 +1,5 @@ +issuer:ca +subject:int-EKU-CA_EP +extension:basicConstraints:cA, +extension:keyUsage:keyCertSign,digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement,cRLSign +extension:extKeyUsage:clientAuth,emailProtection diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_EP_NS_OS_SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_EP_NS_OS_SA_TS.der deleted file mode 100644 index f7f02d12449fa7e13895fbecd65fad96abce17f4..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 795 zcmXqLViq@OV*I~=nTe5!iG^YN& z93Si$9}*0-QVH1}Mpg#qCPsb+pg0#(6C)$T=H=6_#Z3SCIdaaWB2AX)ptk!-;jNar zC-+@UNH~46;^~{|`3#fl<4caa`>%{?dm4S8xpH&R7ai}W?XlC80-~i~S?ulld5iDx zj+GXAs%Ij6-bp^pIG=oaw~xR{C-sRX2ezcm*FMm9XVsBsCzj<&S$OtLUTGeYdgr-p z(NUBA6LQ50zMil*wENaIuf#jXXVN#tl6~7&JGRx?_cT`YUQi6Wb2i}fJ0H%4wL(T( zkLJ%cb!~H1*IT2sSM?5Ssg~9?iNo0+`!=sRA?z>GrE2q6_|hiTj5L*PUo3by?d#uL z+!SL@Vu=y`x-#fh9FGF$yPa39Si{ukcI`;|ku6u%;CTPgY$j$#2FAr125AQTz_64R zW@P-&!fL<_qzt%00{kp2z!>{y;0EHTve+BgvT?p~E9z$F!{;bLuR%Dnlull9g~nvR`SYmW4; zGx}_GS7p-7mX_5)N$mRW0<3{@hah^LPtPwQR|D(8K|F`Fxwa(s}zI~DDk&|5e zHWk*MIREyC&nl;zIWvxT9d)_2<&)}{T^)Lw-JT2P{ogzDdj12y`93QQwb-n#?0o+H z@lHl>t(r-5K5gGBlCZL%bN7Mclf2!Jt!bXR!+1i>j*gCXhy1@J*ELzb;R{xo>?E=E hMahhcxl^|X%FpzD@X*ubkq*23eEvHpw#hf11ppp?E`9(2 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec new file mode 100644 index 00000000000..81acc32d79c --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_EP_NS_OS_SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:ca +subject:int-EKU-CA_EP_NS_OS_SA_TS +extension:basicConstraints:cA, +extension:keyUsage:keyCertSign,digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement,cRLSign +extension:extKeyUsage:clientAuth,emailProtection,nsSGC,OCSPSigning,serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_NS.der b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_NS.der deleted file mode 100644 index 78c3fc348c13951603d00dc28f1e8c4dec3605b6..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 743 zcmXqLVtQ=Q#CUoEGZP~d6AR;tq%Z?sHcqWJkGAi;jEvl@3 zr~5wSP3pRn!G4{AHy0Y4%-uafl3|fi=8aXKKIv4hW9FI1opk5P3SrfvTcyG|w)$Q@ zi~TO<_~xHajXOV~O*8Tq``i2aej*1?B$_V~J9zGQqM$O9#7DbRyPKc3*bG-jAoZubJsGF*7nSE_N`mGvEh?pR6z=<9`-b17;v) zzzq`MXJG-x(mw+^5J#0o+(49#Lz|6}m6e^DiH$R%&4aP+hZ74Uau@^S4;aRb3>~r0 zPJI5m_rTt2dH21QY3uT1Ynjf<7IMYhe)OX8-PKm+lmlU{bI$la`F}wtPQty(_*B(C zf62K;8Mj(qaY`inO?euYTiaRweP90@ec6;3vqa*4HTs@^SLBfUvQpxnd;+fbK~t*}3Qs-dc#vqmfTh9s?|+>UY_UA9GZPSM08+DwN<*`^)y@K!PH z`t>_ynXy?5|B^Fbgt7}w_b+`QddS|dT*dSVCrjz4X=O@lP1deqs(I3WzVq!9{`;3- zUD#-PFXZ5aQVFA5nOCPR2y6BHUEF&*NkO5+_!iTRR=lbDxvBKRq@!=Ah?i z>t<=`yd}F7xz*hLKs1=EbMFp0&@!uQD++GB7T-H?TF}2Zo=lFeBrC7FGjhAZ5S} z65wZH0mjll16dG9l?4>c9NKJ*tgP(JOmG$_au5Tf4;aLZ3^qHQMBZnuzGA)qzv97} zHSgrt*#3#Sa&yst*`I~HA&1NCN#-r^{^aKo82)-P+f&a#{u_M+(?cflFm z=}Ai^_L_IipY0f@ddO!>_f*yiS6kBO?d{;pJ^3M?fw7v6`Nzs#+h%BWh;NGp0O^q; AkpKVy diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_OS.pem.certspec new file mode 100644 index 00000000000..c33e47136d8 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:ca +subject:int-EKU-CA_OS +extension:basicConstraints:cA, +extension:keyUsage:keyCertSign,digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement,cRLSign +extension:extKeyUsage:clientAuth,OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_SA.der deleted file mode 100644 index c855df0fc8836b881ee43241447b368df6751b3e..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 742 zcmXqLVtQoI#CU1}GZP~d6AMGDn3Mr88>d#AN85K^Mn-N{1_NG0ZUas>=1>-99;W0( z137VCLlXmIBXc7|QxgM=C~;mR5Z46CHIOhAGZ29&=grJ3(RK9>)pd4^4|W7vql9cW zBP#=Q6C*zZP@IdYiII_E1$&KF=d`;_+G^93T^=$kO!;YRrRVvAYt7+YOIhV*JGgQa za+T+HOgLSv`dvt4dGwcs+%o8p+I@cnpC!$iTSR-oVy?9~geJ!iGr?Jm$UzK@K41_tGSnupPLVY%cHh0Ga_99) zzqs}kX3qXTaYax)?~l?jjWsKTA1JJzoh&%#CR5>AX^siyCsL*!-~J%Q@n!IH%PVVx zK1biv&v_jfy5M#~LTIJfgUgKpcQiw{b^q$FTX}eC?)PQEX*L`jv6pw1Ezhjqa;9}s zCf}#rbN=@}R$I1s2d$E``}%d+++3ct{hy0>-Ajsb`1D$7^K9m*`D;`E1-1!QS9H9w z{uG~}=(IE;@l#XQx$|MWwxnGBdHvp3UtbZwZ%%>UlU=sxRP*2XEnDgS$MvYLSa-LU z{@!B~bXQK2aVnRcw%DL$|8Iwz%XlN&E9?%OS)EvPWB0e-pR-zOwkA7Qw5o3a01`qY Aa{vGU diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_SA.pem.certspec new file mode 100644 index 00000000000..6fa6280f3b4 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:ca +subject:int-EKU-CA_SA +extension:basicConstraints:cA, +extension:keyUsage:keyCertSign,digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement,cRLSign +extension:extKeyUsage:clientAuth,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-CA_TS.der deleted file mode 100644 index e805d9f47bfb56f119b62a16492c969a331dda19..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 742 zcmXqLVtQoI#CU1}GZP~d6APp8?ZXDVY@Awc9&O)w85y}*84P$0xeYkkm_u2Zd6<$D z4dldm4NVM;jm(VR9oHsMCMAy|jRM*)tJ|q}ujS{li zjI0dIO^o~uKyfanCPqevYhs0~*4*CW5Ky=v{)e1oqr0xhrmM+}wG-cV<@__X{{Hg< z%gK4MJz{5G{XfgR>I*0PvC!K643ECIn8xa($^c~G#JvS!$*2I_YJh!-wf5X0Q ztv9xwt^e%rrfZP7SYm$af~U8n;?-1CS(=1%ZlC2d*|wMYLXMn+non`{6Tj-s{vMhu zOb%U?G8R%W(rA}E{DE(|n!=@)l1X}-Vwsp385kGa8`v7~1H(^Nn33^63#$P$kTT!~ z3GlP90AuN&fh>rl$^r^z4sA9@R#tXqCOC@&If#ML2Ml6H2IeDCfkw8~)?W_)skw6S z*qqfmZBHdWuYBA7*gO3tM@9OdlRs{~FxbX4LC8sPpNz~?kEj)<$GkT4_^3^;bZ)7s zdTl3WIQuG7eSNpfwavG=pB(l1_}BKtD+|Y%U&2DuPh>4SXpp|;QSsPoJ(h<(98H=^*0<`B%?B-~V96sNKEY<$wRVZTj>7$QY;# z``JDF@&8RgzT@Fn_nQ@(cJXkCzVfL(aGZP~d6AP1g$Q%P+HcqWJkGAi;jEvl@3QxhX2!#}%6`*vUW`CWO^#;dYd=4Q3{$858-j##~7?xNqUEBvGyHVt$E3R=T)us2}%|2+hCiUoB_f5SDSY zQn*P*)$?%gLupUBLw6r)zEYkq_G;aeyZjd0F2#y2_sLDawej_ojO3Tu3}5elnI#_l zbK9-T{<_-%Rcj(YD3xCOnC`~C-|RjUGb01zVp9WS1AbuO$qF+v{%2t|U{WA~-aa37&47k`hwAmP0S=pIckOLMNW59rAWU%{gUb?*0%*_6uyp?Ef$H%<= zTsm_X^WWi&XI>}6QhSLZdhhNRQu2bAK7>jXe7oFTZtt5=92%}=wRFjaV%b&g?Rlb; zJKi)}$@(l_)_df$$HlS>r&D8pyP0lppHRjq{qnLv*C(M6u78%hEn6nr&YG;Eo|e9a zIZSj@dCDZ;uP2rqJNWyCLFD(K3$N#GoiSJY$59UD*ZFMO8`gU_RBYWg=fmqqhYxCc zF&qp1%cM{kXjgY$<{QsKqi=7$l$=kfS&4)jh-!Cc{9d#AN85K^Mn-N{1_NG0ZUas>=1>-99;W0( z137VCLlXmIBXc7|QxijrC~;mR5Z46CHIOhAGZ29&=grJ3(RK9>)pZSs_X`GEql9cW zBP#=Q6C*zZP@IdYiII_E{*tLlPXEm%G!?$x%b51Cpw_wY>qPCojt5nHUOZ&+@IMzX zqj1Gt+5gSD?!&u2ooMd*>X>&S&*sW?yA@pi{)L|xdcAnJ$0FdwrzPwPr|vJ@7_P^> z|K)CmO>erLYRY--Qf{}$dRy|%=t@6+?1gz}TI?40drP-#t>JJvQ2+Awvgs@_GnYsR z?K}72amJr8m2)5C`d&Hnv6mg;QZd`1DPA4SQgqU-?EBIviJ6K*7bm&#`LI8(+ZZg% z6jHTUh0~AIV8ZOT%u}As+k3g=&<4NW%$CTgp4oHmw4OLKrHB19tI!pR@L=bRMhj9*uJ+kWnje|;tUmf5iiji~Q3F^7`N1&l1eIQE^` z-_Bq6@0hX7leXY4;Uy)UI%}?U`eseK`PnOO$9><_H^i>WGVikK(&?|s>qx}RI=JbQZiN7>#jx>s%|J*YX;s+lh8m4Bwh*lMM1^TB@i zOV diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP_NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP_NS.pem.certspec new file mode 100644 index 00000000000..3805cfb05ad --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP_NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:ca +subject:int-EKU-EP_NS +extension:basicConstraints:cA, +extension:keyUsage:keyCertSign,digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement,cRLSign +extension:extKeyUsage:emailProtection,nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP_OS.der deleted file mode 100644 index 081376961d8c6042a72462455bf5ed7c8e21dd04..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 742 zcmXqLVtQoI#CU1}GZP~d6AR$>qLhpo&&HHWRWrO+Nas6|<>B#Gw&f8*j{6L|>hWCd#-A-QW z+w;cqpsnXi4uu1yOa5Ih{dvAgKEplK6Kig+jOzNqIH&pc?e3U$Ul#l_ z>+meux-j?Vq64l$ag*=%Ow-?^bX8sC80ShRW=00a#r6ia2K>PAlNDxU{LjK_zzn1e zxIqH^EG)oS`ez^u;;6EKf|)~`jggg=otXvB;zSN&VDtfln316_f0g6|**VO$^UZ@D z)o%V#uwLhS>gxMB7Fui4vp9F!OZTeWnQ5_?HDw1&U+-Ltw{p@RbFR%hvTWzv)b;xO zAKykimJQWDkbCg7;uNEa-R;#r(}FhdpCU9x;7x06n#Z$}{Lg12ZydaPv*n5T>IC-v z4o52gOj@roN&LF=6*u$F5T?tVRqvD^wLOqMdS7qL?&y~%x)+L_yJFM%F*(3_`eFS& zwPl^|qE|Ur>32DOp1;u}>U5Ix(}=w;jUPllG0wSsY?sTzA0KO0o_V+9&!!khM}6<) z3Clgmn@o0D?e&QG`Bx~}Jli4sfklQ2`w zWAbB^WJO3(5zA2imck)U1xn^hP=Iq+Dl0g|~4SD=-YaUTp zvv*eg!Nk3pJAJ>ao0)OOT#2e#81y5mVqW6XT@sTQer2-w$GakmS@-`d-Ax~U?2_ud zIK9Z5&nJBS?}v}|o}YERQM^i-mxp`C!9{yIi&MIckO>UaGCQB$NdLHK&6_KC2 zt=-vmOw|_56tj3G8Qb#W$>ru3tr6U-Sf>7aop#(ca!G&g(Mv2MXKey2U(T|<)FAnG zxk|vgFIyLxWN*rS_j{VJsdy<*Vp-hYGl@*hj0}v6?G0=V_<`XkE6m9FpM}+c8Aus$ zg9P|lSb(wg&p;N$QDp%IGlw=CBP%OAGYg!>h#bVg=mQ2ZBZJMJto{Y_4nC~8JVWr_ z(rc;Wd_jlhzguvp89w0lG=DzjgY$u(5#>L59i`5>&t}gz575Z=Jrgg~vSi~0;VY*+ zj+;+C@cZ1_lE)MC+@>s^&zsN5)cSIV;`I2~_V(`Yb1l!FkdNNH(PZ(vXQH8%3@@8g z{JtI#+4|q=^wdm|{5Spw6c~5Uf1~k{{YLZ41MV6JRc#B+Pv71!Y0(E=`5%I=lBYw? zN9eMI=1i@5nz<_3+~LxXd8fWls%R1XP@~grx!68DYp(Bw>2>89k;&x-6SKQiw;HTu zoiEZfcM`{$TO~OTORXnO(?31GY}Qd_KUKA>Tdpd`_8YXWPYE_$`pY)e{O@ZW08ry1 A#Q*>R diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP_SA.pem.certspec new file mode 100644 index 00000000000..478a3fa0b45 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:ca +subject:int-EKU-EP_SA +extension:basicConstraints:cA, +extension:keyUsage:keyCertSign,digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement,cRLSign +extension:extKeyUsage:emailProtection,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP_TS.der deleted file mode 100644 index 13a6f4b02a73c33f4f7f5919d5881db517a8c078..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 741 zcmXqLVtQ!M#CUQ6GZP~d6Em;=9|K-CPOUbNw(q=*jNGgY2E2yc2Apinp)AZiOv#A` za^k#(CI-ev=0=95CPtP~;=D#6t_hTDAYmwGAOca&o0(Ul>*^h<>lzRr5)8CO3E6B$ zRtDxKMt%mMI2ThBBO}A6_m^X=&EnSnF`aB(={&unBao%{ZOzoolP{94-zg8TTl{mpz=Pi$kiWZ~l zw4JJ_816I$_rE=pxpJ+NoTcVrBBlGdc_L>Bz z+d0;4bCp;;mA6(02TWWr>A&TLRM+F(SGL_}o7_5S`q%Yr$6{6&#$T*{;Qyds!tCt< z{%I?0W=r)2Z4fy7U1V*(Se!tIm6~WNbGCo!H%*QwUd!Gwhn`ZYYF@9JxcwXe^kpTg diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP_TS.pem.certspec new file mode 100644 index 00000000000..bfc08098f92 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-EP_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:ca +subject:int-EKU-EP_TS +extension:basicConstraints:cA, +extension:keyUsage:keyCertSign,digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement,cRLSign +extension:extKeyUsage:emailProtection,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NONE.der b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NONE.der deleted file mode 100644 index 0b95d9665db004f699366f44c17d724ec51e1d0b..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 710 zcmXqLVmf5d#JFk!GZP~d6AQz(zzYVvY@Awc9&O)w85y}*84P$0xeYkkm_u2Zd6<$D z4dldm4NVM;jm(V2iSA#>svt~C1kwLpUVqjT9YotfL8eY>=!^xu}r zLFVt60-6r0ERtt>-sAMpL-~$oUfQ4fb1P)G8?w8m&hA%`VLVtoy}#pQtVM)ok+N}A zRNJ9rIn&<1H9KP6d_=*|#<^2x)}y?u`wf{p7fsfD75Ys#b;8kA{~uUaW?YH!GK!oV z@~X&r@wY;;dz|N%IQ+SDNqD0e^Pa@1%X;S>c-nsLabo))Jr$J&3aLBpT9zz%K7C8Q zq3*GHpSpfXz4__H`b6ne)>gK~7A&fNk1{bcGB7SyFpx9g2L_+4FeBrC7FGjhAZ5S} z65wZH0Y=h4jfx+rnLMJcvo2z`4|HRsCGqm^EwcEM1N8NcvO0tEoM*g~xR{hw#y2$q7*4cAbuROPvWPhlw%hE= z^|nlG;WS_9*voJI;BV>wy5EyHq#W)P%%}{Sc|}5(`&Nk8`}Na}e#o47(i~{4r>HOC z&)O3qB>gR%N%!6MM`0K3I>NO~CvKX%#J)@Ia_7uzNy$~bN*dg2*e~+W%;DIXul+~) eo`uIx_s4;@D;HVXvF!=4TDWgc_wBMZzcc_xv>hD) diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NONE.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NONE.pem.certspec new file mode 100644 index 00000000000..5ee971ce0d8 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NONE.pem.certspec @@ -0,0 +1,4 @@ +issuer:ca +subject:int-EKU-NONE +extension:basicConstraints:cA, +extension:keyUsage:keyCertSign,digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement,cRLSign diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NS.der b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NS.der deleted file mode 100644 index 86cfae8bf497e26439f6dd9ec4ae439cb169a403..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 730 zcmXqLV!CF~#JFz(GZP~d6AR;uuPg?LnAz>Z3K%l{p7EpXvME@4eetS>L}iDmfteWjBXu%JJO`A4SZ6Tqu}Yf82im{3Qj8 z_9u%@tGMNvlX&08J=EMX^q`t?{|Ysc+n0(;MP7?f(*7eIG2=nO<%Pz3;?&qCCLLvX ze0}TVppy+ci@9ubTf^Kem^++{d{qyu+Vg#vI**cZ~81+mwe9gS>{{OkhNC+ zJ7xx`B|q?fHTlQQ#mz_7eEarZkU5%(nUR5Uv6+F10Y5PCWQ7?S|Ff_fFas$AZjb;! z3kxuc{uzjXII1kXKvB+wHV?+OA5JWc$RP`iGGNFuGE6JkZqvr%7qR~6pH>-_IX_o3 zt@n@jKJedA)Xq2l+I&%Y*_YqCvga;+Fmc(5Nk^p?OkwDGt*p%bUF7bYPb*5Nh_Y3B z8%GE!$h&<%75>WD#GyQMW6B?fUp@v~8G3(gpPlY|?y1}=Cy|n}XZH@)cIaCc#%$t! zBfNh>i!@hD)a#E5b}P=*Xq99HwzzG0S{-ZT*auuPf@afxq96*0qfU*I-5%X;0`AX diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NS.pem.certspec new file mode 100644 index 00000000000..cff8f37ddf7 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NS.pem.certspec @@ -0,0 +1,5 @@ +issuer:ca +subject:int-EKU-NS +extension:basicConstraints:cA, +extension:keyUsage:keyCertSign,digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement,cRLSign +extension:extKeyUsage:nsSGC diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NS_OS.der b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NS_OS.der deleted file mode 100644 index 6f699a0997e8ff619cfa6cf345f569683319c338..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 743 zcmXqLVtQ=Q#CUoEGZP~d6AR-*7j^?)HcqWJkGAi;jEvl@3~}=>oSyjopvTG5OIE*q z?UA!Y?DL(9(#Q=JPuFsUF#8loz3be%c5m@J#+Mtfny61&W!G-Ayj5Yjhl|mfDQ`@7 zTw5_ssh|6-)r#8M#-IoC5^HsQXY629RI_{Fo4%(Z+&-YkdH246T@`t+zn!@LJ)Grt zRE$kUX2~aWiQCrh7VF!k6q0ZKEK?UwUAnI+y+zdE_f0=Xtu<*Ke95W{kEYG%%$j(W z{r@4&X`+G-Y=v@}WbcG_|7VvqB>q9d@NYDev(B|J)8pYAMiXz%QJ6njwOf=2HN zhx&OrZ<>W)2~9g-dbhvB_ne@{oo()wOw5c7jEfx%>H~CH?Dp`-GdjYu${+#*J4P3SJm~-OBa-l!g5N z{+P(r)UbD@v!(oMt4{sj8GECTmAkCj``*cux(`^Zn2k-Eqg;MfHgR&<-d!>Gh?+mg zmyoHyWEj_7x^QhVdy3nl*(N0zJ=KAy%Gc*hjG1hmlx4B#WJg;b7NC2Ph zze`IUmvrv4)7y67&Mm2CPPKE%B}F3qf|rj!Jy6i95O%1HJ2WPYcay_{`7fkp|7INS zo@JD`=YwsN=l<@CGLqbRf&xYgI)2X;wPNS?INmP%Ghb|JmHYA|3;$?{dDJYo`;pX^ zWuLt@&g<71(|;W6-zk1u{m1j~b_cf^?=!o*?`@w__`|LPdu|JyX&|>k z|A@`P1qpJJ?y-+VjAS>q8R;7{eBt=`Z`QRC;gp&7fBA&xpW1l5PMvT4*$J1v)&n+Idt4<{BzHV$nzMpjmKW=7;N2F4#Sj2Ri6ZX_?S z7u9z9_9nEW|CH&3nDrM6uM`}SnSSI`Dx;>{%_(;uZj0NSa`utVFBQ#|6?U6ei21&- zXYL7?zjjjQ{K699sqvhyNx-#7wy3}3Sn@DpXJKcZ z(DII>V$S=Pd8n!^vRE0u{(n=@bblq4xG&yITPo~sal070)#NqCF`na{^I)&!G%pQ9 z;oqr`#2(0L@7#X2_rqjSuf=;9zpwriF!@j|XYvDy6yAT0#tN(MnK2zYBK_FSHGb#Q zQ+8e-4+yX1u0Go9FQ{_;!4ki%B~=FxKmV`KGB51y*OxlXYE4J(Dt>ONIF=%DM?&CDy&b@dL_^$U&<2?pAtglsk= zD+6;ABR>OBoQtW6k&)rZS3BRM{^qj3Z4$H(J+KVA5j|mQiqik5e8P{__ylD53UWVs zc_ckq@n7`DbY8pGutOQ`manJ&m9YM`_O-ukPSb>tSFI5i~|CVW)BwfEm^{4 z?DVL#ph8Vg?7z@Kj;^m&e%nq(M%}!<@Mti@F2O_b6PI0oT+7*NcxMUU)B^wBH2e8x z2g(;3EZx6o-i>x|-f-nbeb07Hp0U!iDb=e&AZDlfvyg*HE1fqrI?2x7J*8(`>kNI4 z5Jl%@_Z2TKv+O*kxa0Qo4Kp@79aC!$WMXDyU|j5AU}wM&3_n?6M#ldvtOm?L%77ar zz|X=0jHG`Cav+W>i@1R(8)rhB2V>h0Cl*FF4sA9@R#tXq4&*Qf#vd?@85yb`9MxkM zoV&>9j=_dmS9>3Qd%I+Lnv9l3i2ije-^=%IB%j+hjV;5Cxw~uWLo;isRkN6UCdV#a zk>R-|=JPzI+duw&HaVkv)c!)|lW#WjoDYBXQ=0x*gGcgu>xT)s^6OqP@1G%b>iusi zu0(nNyob@vNxKfU3W^-HsEs~qQM8A-_*`CY@sG1i8J@* zuig53F3$b(Ed KtGzGZzzzVqnkvNr diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NS_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NS_TS.pem.certspec new file mode 100644 index 00000000000..9e54a7b39f3 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-NS_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:ca +subject:int-EKU-NS_TS +extension:basicConstraints:cA, +extension:keyUsage:keyCertSign,digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement,cRLSign +extension:extKeyUsage:nsSGC,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-OS.der b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-OS.der deleted file mode 100644 index d8af76c38eaea39ef067d751f5f812489b18b877..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 729 zcmXqLV!CS3#JG0>GZP~d6AQzQt*r*UY@Awc9&O)w85y}*84P$0xeYkkm_u2Zd6<$D z4dldm4NVM;jm(V}=G?VC@ZM?D zs3rN+m&*QcGx%-E{7gA(@;TA0cd37ml>K?``ZrFcVPovHYpYXdy*+!V>7LW66)yvQ zr?h&NoYk0m!XWYcBGJxuQ)gUj;nZQ%xF)-{;*9D8)p>spZY!8B%Kc81?c#+=i~al~ z)=B29Kh!Hxcy57L(Oc0Asu%iR9E)}ezw1>oHDtoQ{JopQzHnLI-&|HIv;5++yX>p( z8JLQ!SoGQ@bc$+@2W#$|R&Uwd(GB7SSH83{d2L_(3FeBrC7FGjhAZ5S} z65wZH0Y=e317Q$Hm4(NEi;Y8@jggg=otYCkV1Y3P3|K~nwgd(Hhr6oJo%N88{*WIL zu~sPDd)2A@h~>5H*Jki(B&4zz{ht4O@vF`cJQ*j_d5l*bHn_RqX^uOidZB1~VsLWh z|KjfNs%O~>3XgW``{)U#*n~H}{#q%&IFxrmJWI8Vva!8lFiX&um%nZq%u0#)wz^1D z^8Y0r&*m3*%xuE<8d<6ZA4p!tEHgPvrFp{q@VhVScb_>AGCk_HFODl(#m^v`bR@#> x!SOArsY2Ivi;mrEo3n9!%FW=;B`2r8y8Gq8`6lZ>Ya$;k`dF48SzCGfJphb6EiwQA diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-OS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-OS.pem.certspec new file mode 100644 index 00000000000..b0657e9e661 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-OS.pem.certspec @@ -0,0 +1,5 @@ +issuer:ca +subject:int-EKU-OS +extension:basicConstraints:cA, +extension:keyUsage:keyCertSign,digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement,cRLSign +extension:extKeyUsage:OCSPSigning diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-OS_SA.der b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-OS_SA.der deleted file mode 100644 index d5c101f9bfc5b590b9b2a91e7d126ca5bbb37384..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 741 zcmXqLVtQ!M#CUQ6GZP~d6LWcgmjN#ur&gOs+jm|@Ms8LH171UJ15P&PP!?t$rsPBe zIdNV?69Z!-b0b4j6I0_Tab6=3*96KnkT4W85P>M?&CDy&b@dL_^$(5@b_Cj@glsk= zD+6;ABR>OBoQtW6k&)r>&veoB_nkA+)}Gws^GF~v>XEBp&vmbWbJ|I@@k(1$EqVOr zh&cy^Ud*-7xyX9vz(3tp_A=-ESs$9EKjK%&iMA53WVABa%I08R?Je`r>m;ApjKBFg z^LsY++tk^x2D=#qH+P)PDpWkp8G2yvp=j^ra_i4B36Rju3xtrK0Pl-M#<9d6WR9aY14eQA(mUD!=*QMV6*vgi(>z$@a zicCvz*L2siEI(z__Om6K2hSIz9=Fw8vuusBPQBKF-yOWohwOFMWW-$cU8Ppm(40H> z!cN<@KI`6RPrD;*(#L$DeA|aBRUg`!m>C%u7uy@y8t?7Rith@;8^3T6&%Hbz!fc4kgEixD}9fzbyHVnznvuXh-C-kS2pc>4WB8{Nq2 zTa|gvWs1@nTNgBV>in)>|0PX%YT@;xD|oaGp6_ga%PM3Z~`w|Z4lUq&i)ki+5F=1P> zt#bLs6_;B#t7;g9+&go$?hg?=DNETP#LcZv^V?_-0L8l-g8%>k diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-OS_SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-OS_SA.pem.certspec new file mode 100644 index 00000000000..bccaa93186d --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-OS_SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:ca +subject:int-EKU-OS_SA +extension:basicConstraints:cA, +extension:keyUsage:keyCertSign,digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement,cRLSign +extension:extKeyUsage:OCSPSigning,serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-OS_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-OS_TS.der deleted file mode 100644 index 39374b68e00a8841f052e7d310c032355ab26220..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 742 zcmXqLVtQoI#CU1}GZP~d6AQy`!D$A(Y@Awc9&O)w85y}*84P$0xeYkkm_u2Zd6<$D z4dldm4NVM;jm(VR9oHsMCMAy|jRM$T^J|q}ujS{li zjI0dIO^o~uKyfanCPqev3zuH%Fl+2Qs!_CErdLXBN(Hyj&(Ow?4o%W()7DoN)J?Z_%mGWF% zRC^)DT4B3ZBzHsO{JFbbY`%Ok-Xr`q|3Q_|`*<5EmTkLl2o;*?egC>PGs)+VMq;Jq z!92EiVS$`eCTrXVT?&^2d(6pLza|m6mg3t=qy>IpeK?hCveDZuc=2O0fmiLxN*J{?TFFj=?5aa4R z{krQB;}Es_x37=>$%x9h__ykZbjT0MM{e#O0!i^QOm4p_)ffurT+Z1y!D|GZP~d6AP2Z=LQ2_HcqWJkGAi;jEvl@3QxhX2!;-pf3=dplC+8elbWi8{#)HMDEgC<^?VQE%=KsnY_6jC@rT=&> zT59;R{O$d)ecNWQG3J`T*?v;~6^3xtsgX`LPYX4yV?@2?J*xUFP}!Gtz3p&^jDgil zq1r7!0%Ys$KAcHvSXck)-?Ph)d^w7`!!zprZ);9f*;8x%|A^;o6>&z^z3VbO_Pw4U zIlU(_vD!HIGt0U^?3*V((<(c2F>CIW?~+0Dt)`~mx+<5TJKIe_K*{8*dG4WSEh`@+ zPAGc&sqf^8g9`BupPuRzGX7^_HDCr(2HYS4 zeijyB6#X+0260qbcnrAMIJDUqSy|bc8Ic1P7-PVIWn@_OYV+yT$}*n=U-)_t&F5@8 z+JEGnh)?SE9U>)5-pcs3r7V%`^;3zB>Av;v#*;VCAANB=b9%$3jel+(fAr8I?z*x{ zT7^JdX4?X;H*1>n*8OE#wm@9=+wb|Ia~P~&URpViCGYo5uAgR2T;|QclMkz%&NcP? z-?wYS7RRu#8I~EZe9j(wx#z^*hJ&BJ_y9AXY;;E3 ygfmYwU5nSo)3zv=K%mZxGr)4 diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-SA.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-SA.pem.certspec new file mode 100644 index 00000000000..dd11189f780 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-SA.pem.certspec @@ -0,0 +1,5 @@ +issuer:ca +subject:int-EKU-SA +extension:basicConstraints:cA, +extension:keyUsage:keyCertSign,digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement,cRLSign +extension:extKeyUsage:serverAuth diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-SA_TS.der b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-SA_TS.der deleted file mode 100644 index 06d66330f1c3956a0ad273a06f074658f7729846..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 742 zcmXqLVtQoI#CU1}GZP~d6ARR9oHsMCMAy|jR5#c$J|q}ujS{li zjI0dIO^o~uKyfanCPqevt%?l^+1G9oOXDm}sfk*$ z>YhmY?5fid`Ep)=OcSQf6kICfaIRtf<`2$d;dB3SbNuf1I-)6~=vMf>@>-JSN~29r zN*10pso65;Sn6j!RmE@JY2tk~eLGwFlVdjS(MjRiZ!KbMo&W;fTX8P8-JXTkaZfdx2yHk2*(&h-W=UM%y&CeZb zJ<)S}qD#%+#oRiA%cn)0J6#^6w48ZIBNHQdFljNC?ugO*2k~J_+ViY+kzu8wX|6Goa+JjAuXXW%=m#<3~%Iyx=9ncZ3 zBG{|%aKkiJd#R=Pqmza^?(pmtyY|^2*uBXu<9x%TZ~>=}Dn`}rrrPPdKhB%G-neS> yA+PwGQuES%m)HkRj++Cal%gBPM3%yyEZHpUjzVCjvUqi diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-SA_TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-SA_TS.pem.certspec new file mode 100644 index 00000000000..e2dd293e96f --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-SA_TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:ca +subject:int-EKU-SA_TS +extension:basicConstraints:cA, +extension:keyUsage:keyCertSign,digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement,cRLSign +extension:extKeyUsage:serverAuth,timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-TS.der b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-TS.der deleted file mode 100644 index 993b5829f57c16ea0efc8c8af54ed79d1283a786..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 728 zcmXqLV!C3`#JFbxGZP~d6SI7PodGW!r&gOs+jm|@Ms8LH171UJ15P&PP!?t$rsPBe zIdNV?69Z!-b0b4jQv-`Aab6=3*96Kn5H%Dw5QHe_%FHX#b@dL_4G9KXp@eKOBP#=Q z6C*zZP@IdYiII_E|DihJ=#L!xfB#$&`!zBBjf}dMRawH^Sm`wr9DX#LD3(=xk2Xw| z>TnO7rnl*PPPFD_DQ+!A8>EkKCpP7g~&d7h0aCqazFFSXMsx?~l@`;;=OMDfL zpL^J$xwrcM!aEI$CEd67cX_?YKOj2sQ`yyb6FFsNv-y-K=)P+^@{Va=-#(3>dJC3?ZELVz-2NaP5K&~PR-3%Hg(;2w!t#(RO_2Sg#*`3(q{a6xvyiX zpNsn;<289Zrd@a`wz;P?%q-=N@sA?ei%)*8W&FQTv@Dj3*|*~vmlV4KRJiL(;t98fsM+NQ*`dy3S9pAYPhUJ)_BvUlRqyyG{&<;=_ceVut* wonAxo)r+rn_k}Z?Wq)?%ljCGvE$+85G+N9@gZ<{A+gj}{5i&E)uJ&&N09KPFg8%>k diff --git a/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-TS.pem.certspec b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-TS.pem.certspec new file mode 100644 index 00000000000..e190cd07091 --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/int-EKU-TS.pem.certspec @@ -0,0 +1,5 @@ +issuer:ca +subject:int-EKU-TS +extension:basicConstraints:cA, +extension:keyUsage:keyCertSign,digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement,cRLSign +extension:extKeyUsage:timeStamping diff --git a/security/manager/ssl/tests/unit/test_cert_eku/moz.build b/security/manager/ssl/tests/unit/test_cert_eku/moz.build new file mode 100644 index 00000000000..e15c9beddde --- /dev/null +++ b/security/manager/ssl/tests/unit/test_cert_eku/moz.build @@ -0,0 +1,570 @@ +# AUTOGENERATED FILE, DO NOT EDIT +# -*- Mode: python; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +test_certificates = ( + 'ca.pem', + 'ee-EKU-CA-int-EKU-CA.pem', + 'ee-EKU-CA-int-EKU-CA_EP.pem', + 'ee-EKU-CA-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-CA-int-EKU-CA_NS.pem', + 'ee-EKU-CA-int-EKU-CA_OS.pem', + 'ee-EKU-CA-int-EKU-CA_SA.pem', + 'ee-EKU-CA-int-EKU-CA_TS.pem', + 'ee-EKU-CA-int-EKU-EP.pem', + 'ee-EKU-CA-int-EKU-EP_NS.pem', + 'ee-EKU-CA-int-EKU-EP_OS.pem', + 'ee-EKU-CA-int-EKU-EP_SA.pem', + 'ee-EKU-CA-int-EKU-EP_TS.pem', + 'ee-EKU-CA-int-EKU-NONE.pem', + 'ee-EKU-CA-int-EKU-NS.pem', + 'ee-EKU-CA-int-EKU-NS_OS.pem', + 'ee-EKU-CA-int-EKU-NS_SA.pem', + 'ee-EKU-CA-int-EKU-NS_TS.pem', + 'ee-EKU-CA-int-EKU-OS.pem', + 'ee-EKU-CA-int-EKU-OS_SA.pem', + 'ee-EKU-CA-int-EKU-OS_TS.pem', + 'ee-EKU-CA-int-EKU-SA.pem', + 'ee-EKU-CA-int-EKU-SA_TS.pem', + 'ee-EKU-CA-int-EKU-TS.pem', + 'ee-EKU-CA_EP-int-EKU-CA.pem', + 'ee-EKU-CA_EP-int-EKU-CA_EP.pem', + 'ee-EKU-CA_EP-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-CA_EP-int-EKU-CA_NS.pem', + 'ee-EKU-CA_EP-int-EKU-CA_OS.pem', + 'ee-EKU-CA_EP-int-EKU-CA_SA.pem', + 'ee-EKU-CA_EP-int-EKU-CA_TS.pem', + 'ee-EKU-CA_EP-int-EKU-EP.pem', + 'ee-EKU-CA_EP-int-EKU-EP_NS.pem', + 'ee-EKU-CA_EP-int-EKU-EP_OS.pem', + 'ee-EKU-CA_EP-int-EKU-EP_SA.pem', + 'ee-EKU-CA_EP-int-EKU-EP_TS.pem', + 'ee-EKU-CA_EP-int-EKU-NONE.pem', + 'ee-EKU-CA_EP-int-EKU-NS.pem', + 'ee-EKU-CA_EP-int-EKU-NS_OS.pem', + 'ee-EKU-CA_EP-int-EKU-NS_SA.pem', + 'ee-EKU-CA_EP-int-EKU-NS_TS.pem', + 'ee-EKU-CA_EP-int-EKU-OS.pem', + 'ee-EKU-CA_EP-int-EKU-OS_SA.pem', + 'ee-EKU-CA_EP-int-EKU-OS_TS.pem', + 'ee-EKU-CA_EP-int-EKU-SA.pem', + 'ee-EKU-CA_EP-int-EKU-SA_TS.pem', + 'ee-EKU-CA_EP-int-EKU-TS.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_NS.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_OS.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_SA.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-CA_TS.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_NS.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_OS.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_SA.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-EP_TS.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NONE.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_OS.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_SA.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-NS_TS.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_SA.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-OS_TS.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-SA_TS.pem', + 'ee-EKU-CA_EP_NS_OS_SA_TS-int-EKU-TS.pem', + 'ee-EKU-CA_NS-int-EKU-CA.pem', + 'ee-EKU-CA_NS-int-EKU-CA_EP.pem', + 'ee-EKU-CA_NS-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-CA_NS-int-EKU-CA_NS.pem', + 'ee-EKU-CA_NS-int-EKU-CA_OS.pem', + 'ee-EKU-CA_NS-int-EKU-CA_SA.pem', + 'ee-EKU-CA_NS-int-EKU-CA_TS.pem', + 'ee-EKU-CA_NS-int-EKU-EP.pem', + 'ee-EKU-CA_NS-int-EKU-EP_NS.pem', + 'ee-EKU-CA_NS-int-EKU-EP_OS.pem', + 'ee-EKU-CA_NS-int-EKU-EP_SA.pem', + 'ee-EKU-CA_NS-int-EKU-EP_TS.pem', + 'ee-EKU-CA_NS-int-EKU-NONE.pem', + 'ee-EKU-CA_NS-int-EKU-NS.pem', + 'ee-EKU-CA_NS-int-EKU-NS_OS.pem', + 'ee-EKU-CA_NS-int-EKU-NS_SA.pem', + 'ee-EKU-CA_NS-int-EKU-NS_TS.pem', + 'ee-EKU-CA_NS-int-EKU-OS.pem', + 'ee-EKU-CA_NS-int-EKU-OS_SA.pem', + 'ee-EKU-CA_NS-int-EKU-OS_TS.pem', + 'ee-EKU-CA_NS-int-EKU-SA.pem', + 'ee-EKU-CA_NS-int-EKU-SA_TS.pem', + 'ee-EKU-CA_NS-int-EKU-TS.pem', + 'ee-EKU-CA_OS-int-EKU-CA.pem', + 'ee-EKU-CA_OS-int-EKU-CA_EP.pem', + 'ee-EKU-CA_OS-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-CA_OS-int-EKU-CA_NS.pem', + 'ee-EKU-CA_OS-int-EKU-CA_OS.pem', + 'ee-EKU-CA_OS-int-EKU-CA_SA.pem', + 'ee-EKU-CA_OS-int-EKU-CA_TS.pem', + 'ee-EKU-CA_OS-int-EKU-EP.pem', + 'ee-EKU-CA_OS-int-EKU-EP_NS.pem', + 'ee-EKU-CA_OS-int-EKU-EP_OS.pem', + 'ee-EKU-CA_OS-int-EKU-EP_SA.pem', + 'ee-EKU-CA_OS-int-EKU-EP_TS.pem', + 'ee-EKU-CA_OS-int-EKU-NONE.pem', + 'ee-EKU-CA_OS-int-EKU-NS.pem', + 'ee-EKU-CA_OS-int-EKU-NS_OS.pem', + 'ee-EKU-CA_OS-int-EKU-NS_SA.pem', + 'ee-EKU-CA_OS-int-EKU-NS_TS.pem', + 'ee-EKU-CA_OS-int-EKU-OS.pem', + 'ee-EKU-CA_OS-int-EKU-OS_SA.pem', + 'ee-EKU-CA_OS-int-EKU-OS_TS.pem', + 'ee-EKU-CA_OS-int-EKU-SA.pem', + 'ee-EKU-CA_OS-int-EKU-SA_TS.pem', + 'ee-EKU-CA_OS-int-EKU-TS.pem', + 'ee-EKU-CA_SA-int-EKU-CA.pem', + 'ee-EKU-CA_SA-int-EKU-CA_EP.pem', + 'ee-EKU-CA_SA-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-CA_SA-int-EKU-CA_NS.pem', + 'ee-EKU-CA_SA-int-EKU-CA_OS.pem', + 'ee-EKU-CA_SA-int-EKU-CA_SA.pem', + 'ee-EKU-CA_SA-int-EKU-CA_TS.pem', + 'ee-EKU-CA_SA-int-EKU-EP.pem', + 'ee-EKU-CA_SA-int-EKU-EP_NS.pem', + 'ee-EKU-CA_SA-int-EKU-EP_OS.pem', + 'ee-EKU-CA_SA-int-EKU-EP_SA.pem', + 'ee-EKU-CA_SA-int-EKU-EP_TS.pem', + 'ee-EKU-CA_SA-int-EKU-NONE.pem', + 'ee-EKU-CA_SA-int-EKU-NS.pem', + 'ee-EKU-CA_SA-int-EKU-NS_OS.pem', + 'ee-EKU-CA_SA-int-EKU-NS_SA.pem', + 'ee-EKU-CA_SA-int-EKU-NS_TS.pem', + 'ee-EKU-CA_SA-int-EKU-OS.pem', + 'ee-EKU-CA_SA-int-EKU-OS_SA.pem', + 'ee-EKU-CA_SA-int-EKU-OS_TS.pem', + 'ee-EKU-CA_SA-int-EKU-SA.pem', + 'ee-EKU-CA_SA-int-EKU-SA_TS.pem', + 'ee-EKU-CA_SA-int-EKU-TS.pem', + 'ee-EKU-CA_TS-int-EKU-CA.pem', + 'ee-EKU-CA_TS-int-EKU-CA_EP.pem', + 'ee-EKU-CA_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-CA_TS-int-EKU-CA_NS.pem', + 'ee-EKU-CA_TS-int-EKU-CA_OS.pem', + 'ee-EKU-CA_TS-int-EKU-CA_SA.pem', + 'ee-EKU-CA_TS-int-EKU-CA_TS.pem', + 'ee-EKU-CA_TS-int-EKU-EP.pem', + 'ee-EKU-CA_TS-int-EKU-EP_NS.pem', + 'ee-EKU-CA_TS-int-EKU-EP_OS.pem', + 'ee-EKU-CA_TS-int-EKU-EP_SA.pem', + 'ee-EKU-CA_TS-int-EKU-EP_TS.pem', + 'ee-EKU-CA_TS-int-EKU-NONE.pem', + 'ee-EKU-CA_TS-int-EKU-NS.pem', + 'ee-EKU-CA_TS-int-EKU-NS_OS.pem', + 'ee-EKU-CA_TS-int-EKU-NS_SA.pem', + 'ee-EKU-CA_TS-int-EKU-NS_TS.pem', + 'ee-EKU-CA_TS-int-EKU-OS.pem', + 'ee-EKU-CA_TS-int-EKU-OS_SA.pem', + 'ee-EKU-CA_TS-int-EKU-OS_TS.pem', + 'ee-EKU-CA_TS-int-EKU-SA.pem', + 'ee-EKU-CA_TS-int-EKU-SA_TS.pem', + 'ee-EKU-CA_TS-int-EKU-TS.pem', + 'ee-EKU-EP-int-EKU-CA.pem', + 'ee-EKU-EP-int-EKU-CA_EP.pem', + 'ee-EKU-EP-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-EP-int-EKU-CA_NS.pem', + 'ee-EKU-EP-int-EKU-CA_OS.pem', + 'ee-EKU-EP-int-EKU-CA_SA.pem', + 'ee-EKU-EP-int-EKU-CA_TS.pem', + 'ee-EKU-EP-int-EKU-EP.pem', + 'ee-EKU-EP-int-EKU-EP_NS.pem', + 'ee-EKU-EP-int-EKU-EP_OS.pem', + 'ee-EKU-EP-int-EKU-EP_SA.pem', + 'ee-EKU-EP-int-EKU-EP_TS.pem', + 'ee-EKU-EP-int-EKU-NONE.pem', + 'ee-EKU-EP-int-EKU-NS.pem', + 'ee-EKU-EP-int-EKU-NS_OS.pem', + 'ee-EKU-EP-int-EKU-NS_SA.pem', + 'ee-EKU-EP-int-EKU-NS_TS.pem', + 'ee-EKU-EP-int-EKU-OS.pem', + 'ee-EKU-EP-int-EKU-OS_SA.pem', + 'ee-EKU-EP-int-EKU-OS_TS.pem', + 'ee-EKU-EP-int-EKU-SA.pem', + 'ee-EKU-EP-int-EKU-SA_TS.pem', + 'ee-EKU-EP-int-EKU-TS.pem', + 'ee-EKU-EP_NS-int-EKU-CA.pem', + 'ee-EKU-EP_NS-int-EKU-CA_EP.pem', + 'ee-EKU-EP_NS-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-EP_NS-int-EKU-CA_NS.pem', + 'ee-EKU-EP_NS-int-EKU-CA_OS.pem', + 'ee-EKU-EP_NS-int-EKU-CA_SA.pem', + 'ee-EKU-EP_NS-int-EKU-CA_TS.pem', + 'ee-EKU-EP_NS-int-EKU-EP.pem', + 'ee-EKU-EP_NS-int-EKU-EP_NS.pem', + 'ee-EKU-EP_NS-int-EKU-EP_OS.pem', + 'ee-EKU-EP_NS-int-EKU-EP_SA.pem', + 'ee-EKU-EP_NS-int-EKU-EP_TS.pem', + 'ee-EKU-EP_NS-int-EKU-NONE.pem', + 'ee-EKU-EP_NS-int-EKU-NS.pem', + 'ee-EKU-EP_NS-int-EKU-NS_OS.pem', + 'ee-EKU-EP_NS-int-EKU-NS_SA.pem', + 'ee-EKU-EP_NS-int-EKU-NS_TS.pem', + 'ee-EKU-EP_NS-int-EKU-OS.pem', + 'ee-EKU-EP_NS-int-EKU-OS_SA.pem', + 'ee-EKU-EP_NS-int-EKU-OS_TS.pem', + 'ee-EKU-EP_NS-int-EKU-SA.pem', + 'ee-EKU-EP_NS-int-EKU-SA_TS.pem', + 'ee-EKU-EP_NS-int-EKU-TS.pem', + 'ee-EKU-EP_OS-int-EKU-CA.pem', + 'ee-EKU-EP_OS-int-EKU-CA_EP.pem', + 'ee-EKU-EP_OS-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-EP_OS-int-EKU-CA_NS.pem', + 'ee-EKU-EP_OS-int-EKU-CA_OS.pem', + 'ee-EKU-EP_OS-int-EKU-CA_SA.pem', + 'ee-EKU-EP_OS-int-EKU-CA_TS.pem', + 'ee-EKU-EP_OS-int-EKU-EP.pem', + 'ee-EKU-EP_OS-int-EKU-EP_NS.pem', + 'ee-EKU-EP_OS-int-EKU-EP_OS.pem', + 'ee-EKU-EP_OS-int-EKU-EP_SA.pem', + 'ee-EKU-EP_OS-int-EKU-EP_TS.pem', + 'ee-EKU-EP_OS-int-EKU-NONE.pem', + 'ee-EKU-EP_OS-int-EKU-NS.pem', + 'ee-EKU-EP_OS-int-EKU-NS_OS.pem', + 'ee-EKU-EP_OS-int-EKU-NS_SA.pem', + 'ee-EKU-EP_OS-int-EKU-NS_TS.pem', + 'ee-EKU-EP_OS-int-EKU-OS.pem', + 'ee-EKU-EP_OS-int-EKU-OS_SA.pem', + 'ee-EKU-EP_OS-int-EKU-OS_TS.pem', + 'ee-EKU-EP_OS-int-EKU-SA.pem', + 'ee-EKU-EP_OS-int-EKU-SA_TS.pem', + 'ee-EKU-EP_OS-int-EKU-TS.pem', + 'ee-EKU-EP_SA-int-EKU-CA.pem', + 'ee-EKU-EP_SA-int-EKU-CA_EP.pem', + 'ee-EKU-EP_SA-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-EP_SA-int-EKU-CA_NS.pem', + 'ee-EKU-EP_SA-int-EKU-CA_OS.pem', + 'ee-EKU-EP_SA-int-EKU-CA_SA.pem', + 'ee-EKU-EP_SA-int-EKU-CA_TS.pem', + 'ee-EKU-EP_SA-int-EKU-EP.pem', + 'ee-EKU-EP_SA-int-EKU-EP_NS.pem', + 'ee-EKU-EP_SA-int-EKU-EP_OS.pem', + 'ee-EKU-EP_SA-int-EKU-EP_SA.pem', + 'ee-EKU-EP_SA-int-EKU-EP_TS.pem', + 'ee-EKU-EP_SA-int-EKU-NONE.pem', + 'ee-EKU-EP_SA-int-EKU-NS.pem', + 'ee-EKU-EP_SA-int-EKU-NS_OS.pem', + 'ee-EKU-EP_SA-int-EKU-NS_SA.pem', + 'ee-EKU-EP_SA-int-EKU-NS_TS.pem', + 'ee-EKU-EP_SA-int-EKU-OS.pem', + 'ee-EKU-EP_SA-int-EKU-OS_SA.pem', + 'ee-EKU-EP_SA-int-EKU-OS_TS.pem', + 'ee-EKU-EP_SA-int-EKU-SA.pem', + 'ee-EKU-EP_SA-int-EKU-SA_TS.pem', + 'ee-EKU-EP_SA-int-EKU-TS.pem', + 'ee-EKU-EP_TS-int-EKU-CA.pem', + 'ee-EKU-EP_TS-int-EKU-CA_EP.pem', + 'ee-EKU-EP_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-EP_TS-int-EKU-CA_NS.pem', + 'ee-EKU-EP_TS-int-EKU-CA_OS.pem', + 'ee-EKU-EP_TS-int-EKU-CA_SA.pem', + 'ee-EKU-EP_TS-int-EKU-CA_TS.pem', + 'ee-EKU-EP_TS-int-EKU-EP.pem', + 'ee-EKU-EP_TS-int-EKU-EP_NS.pem', + 'ee-EKU-EP_TS-int-EKU-EP_OS.pem', + 'ee-EKU-EP_TS-int-EKU-EP_SA.pem', + 'ee-EKU-EP_TS-int-EKU-EP_TS.pem', + 'ee-EKU-EP_TS-int-EKU-NONE.pem', + 'ee-EKU-EP_TS-int-EKU-NS.pem', + 'ee-EKU-EP_TS-int-EKU-NS_OS.pem', + 'ee-EKU-EP_TS-int-EKU-NS_SA.pem', + 'ee-EKU-EP_TS-int-EKU-NS_TS.pem', + 'ee-EKU-EP_TS-int-EKU-OS.pem', + 'ee-EKU-EP_TS-int-EKU-OS_SA.pem', + 'ee-EKU-EP_TS-int-EKU-OS_TS.pem', + 'ee-EKU-EP_TS-int-EKU-SA.pem', + 'ee-EKU-EP_TS-int-EKU-SA_TS.pem', + 'ee-EKU-EP_TS-int-EKU-TS.pem', + 'ee-EKU-NONE-int-EKU-CA.pem', + 'ee-EKU-NONE-int-EKU-CA_EP.pem', + 'ee-EKU-NONE-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-NONE-int-EKU-CA_NS.pem', + 'ee-EKU-NONE-int-EKU-CA_OS.pem', + 'ee-EKU-NONE-int-EKU-CA_SA.pem', + 'ee-EKU-NONE-int-EKU-CA_TS.pem', + 'ee-EKU-NONE-int-EKU-EP.pem', + 'ee-EKU-NONE-int-EKU-EP_NS.pem', + 'ee-EKU-NONE-int-EKU-EP_OS.pem', + 'ee-EKU-NONE-int-EKU-EP_SA.pem', + 'ee-EKU-NONE-int-EKU-EP_TS.pem', + 'ee-EKU-NONE-int-EKU-NONE.pem', + 'ee-EKU-NONE-int-EKU-NS.pem', + 'ee-EKU-NONE-int-EKU-NS_OS.pem', + 'ee-EKU-NONE-int-EKU-NS_SA.pem', + 'ee-EKU-NONE-int-EKU-NS_TS.pem', + 'ee-EKU-NONE-int-EKU-OS.pem', + 'ee-EKU-NONE-int-EKU-OS_SA.pem', + 'ee-EKU-NONE-int-EKU-OS_TS.pem', + 'ee-EKU-NONE-int-EKU-SA.pem', + 'ee-EKU-NONE-int-EKU-SA_TS.pem', + 'ee-EKU-NONE-int-EKU-TS.pem', + 'ee-EKU-NS-int-EKU-CA.pem', + 'ee-EKU-NS-int-EKU-CA_EP.pem', + 'ee-EKU-NS-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-NS-int-EKU-CA_NS.pem', + 'ee-EKU-NS-int-EKU-CA_OS.pem', + 'ee-EKU-NS-int-EKU-CA_SA.pem', + 'ee-EKU-NS-int-EKU-CA_TS.pem', + 'ee-EKU-NS-int-EKU-EP.pem', + 'ee-EKU-NS-int-EKU-EP_NS.pem', + 'ee-EKU-NS-int-EKU-EP_OS.pem', + 'ee-EKU-NS-int-EKU-EP_SA.pem', + 'ee-EKU-NS-int-EKU-EP_TS.pem', + 'ee-EKU-NS-int-EKU-NONE.pem', + 'ee-EKU-NS-int-EKU-NS.pem', + 'ee-EKU-NS-int-EKU-NS_OS.pem', + 'ee-EKU-NS-int-EKU-NS_SA.pem', + 'ee-EKU-NS-int-EKU-NS_TS.pem', + 'ee-EKU-NS-int-EKU-OS.pem', + 'ee-EKU-NS-int-EKU-OS_SA.pem', + 'ee-EKU-NS-int-EKU-OS_TS.pem', + 'ee-EKU-NS-int-EKU-SA.pem', + 'ee-EKU-NS-int-EKU-SA_TS.pem', + 'ee-EKU-NS-int-EKU-TS.pem', + 'ee-EKU-NS_OS-int-EKU-CA.pem', + 'ee-EKU-NS_OS-int-EKU-CA_EP.pem', + 'ee-EKU-NS_OS-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-NS_OS-int-EKU-CA_NS.pem', + 'ee-EKU-NS_OS-int-EKU-CA_OS.pem', + 'ee-EKU-NS_OS-int-EKU-CA_SA.pem', + 'ee-EKU-NS_OS-int-EKU-CA_TS.pem', + 'ee-EKU-NS_OS-int-EKU-EP.pem', + 'ee-EKU-NS_OS-int-EKU-EP_NS.pem', + 'ee-EKU-NS_OS-int-EKU-EP_OS.pem', + 'ee-EKU-NS_OS-int-EKU-EP_SA.pem', + 'ee-EKU-NS_OS-int-EKU-EP_TS.pem', + 'ee-EKU-NS_OS-int-EKU-NONE.pem', + 'ee-EKU-NS_OS-int-EKU-NS.pem', + 'ee-EKU-NS_OS-int-EKU-NS_OS.pem', + 'ee-EKU-NS_OS-int-EKU-NS_SA.pem', + 'ee-EKU-NS_OS-int-EKU-NS_TS.pem', + 'ee-EKU-NS_OS-int-EKU-OS.pem', + 'ee-EKU-NS_OS-int-EKU-OS_SA.pem', + 'ee-EKU-NS_OS-int-EKU-OS_TS.pem', + 'ee-EKU-NS_OS-int-EKU-SA.pem', + 'ee-EKU-NS_OS-int-EKU-SA_TS.pem', + 'ee-EKU-NS_OS-int-EKU-TS.pem', + 'ee-EKU-NS_SA-int-EKU-CA.pem', + 'ee-EKU-NS_SA-int-EKU-CA_EP.pem', + 'ee-EKU-NS_SA-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-NS_SA-int-EKU-CA_NS.pem', + 'ee-EKU-NS_SA-int-EKU-CA_OS.pem', + 'ee-EKU-NS_SA-int-EKU-CA_SA.pem', + 'ee-EKU-NS_SA-int-EKU-CA_TS.pem', + 'ee-EKU-NS_SA-int-EKU-EP.pem', + 'ee-EKU-NS_SA-int-EKU-EP_NS.pem', + 'ee-EKU-NS_SA-int-EKU-EP_OS.pem', + 'ee-EKU-NS_SA-int-EKU-EP_SA.pem', + 'ee-EKU-NS_SA-int-EKU-EP_TS.pem', + 'ee-EKU-NS_SA-int-EKU-NONE.pem', + 'ee-EKU-NS_SA-int-EKU-NS.pem', + 'ee-EKU-NS_SA-int-EKU-NS_OS.pem', + 'ee-EKU-NS_SA-int-EKU-NS_SA.pem', + 'ee-EKU-NS_SA-int-EKU-NS_TS.pem', + 'ee-EKU-NS_SA-int-EKU-OS.pem', + 'ee-EKU-NS_SA-int-EKU-OS_SA.pem', + 'ee-EKU-NS_SA-int-EKU-OS_TS.pem', + 'ee-EKU-NS_SA-int-EKU-SA.pem', + 'ee-EKU-NS_SA-int-EKU-SA_TS.pem', + 'ee-EKU-NS_SA-int-EKU-TS.pem', + 'ee-EKU-NS_TS-int-EKU-CA.pem', + 'ee-EKU-NS_TS-int-EKU-CA_EP.pem', + 'ee-EKU-NS_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-NS_TS-int-EKU-CA_NS.pem', + 'ee-EKU-NS_TS-int-EKU-CA_OS.pem', + 'ee-EKU-NS_TS-int-EKU-CA_SA.pem', + 'ee-EKU-NS_TS-int-EKU-CA_TS.pem', + 'ee-EKU-NS_TS-int-EKU-EP.pem', + 'ee-EKU-NS_TS-int-EKU-EP_NS.pem', + 'ee-EKU-NS_TS-int-EKU-EP_OS.pem', + 'ee-EKU-NS_TS-int-EKU-EP_SA.pem', + 'ee-EKU-NS_TS-int-EKU-EP_TS.pem', + 'ee-EKU-NS_TS-int-EKU-NONE.pem', + 'ee-EKU-NS_TS-int-EKU-NS.pem', + 'ee-EKU-NS_TS-int-EKU-NS_OS.pem', + 'ee-EKU-NS_TS-int-EKU-NS_SA.pem', + 'ee-EKU-NS_TS-int-EKU-NS_TS.pem', + 'ee-EKU-NS_TS-int-EKU-OS.pem', + 'ee-EKU-NS_TS-int-EKU-OS_SA.pem', + 'ee-EKU-NS_TS-int-EKU-OS_TS.pem', + 'ee-EKU-NS_TS-int-EKU-SA.pem', + 'ee-EKU-NS_TS-int-EKU-SA_TS.pem', + 'ee-EKU-NS_TS-int-EKU-TS.pem', + 'ee-EKU-OS-int-EKU-CA.pem', + 'ee-EKU-OS-int-EKU-CA_EP.pem', + 'ee-EKU-OS-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-OS-int-EKU-CA_NS.pem', + 'ee-EKU-OS-int-EKU-CA_OS.pem', + 'ee-EKU-OS-int-EKU-CA_SA.pem', + 'ee-EKU-OS-int-EKU-CA_TS.pem', + 'ee-EKU-OS-int-EKU-EP.pem', + 'ee-EKU-OS-int-EKU-EP_NS.pem', + 'ee-EKU-OS-int-EKU-EP_OS.pem', + 'ee-EKU-OS-int-EKU-EP_SA.pem', + 'ee-EKU-OS-int-EKU-EP_TS.pem', + 'ee-EKU-OS-int-EKU-NONE.pem', + 'ee-EKU-OS-int-EKU-NS.pem', + 'ee-EKU-OS-int-EKU-NS_OS.pem', + 'ee-EKU-OS-int-EKU-NS_SA.pem', + 'ee-EKU-OS-int-EKU-NS_TS.pem', + 'ee-EKU-OS-int-EKU-OS.pem', + 'ee-EKU-OS-int-EKU-OS_SA.pem', + 'ee-EKU-OS-int-EKU-OS_TS.pem', + 'ee-EKU-OS-int-EKU-SA.pem', + 'ee-EKU-OS-int-EKU-SA_TS.pem', + 'ee-EKU-OS-int-EKU-TS.pem', + 'ee-EKU-OS_SA-int-EKU-CA.pem', + 'ee-EKU-OS_SA-int-EKU-CA_EP.pem', + 'ee-EKU-OS_SA-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-OS_SA-int-EKU-CA_NS.pem', + 'ee-EKU-OS_SA-int-EKU-CA_OS.pem', + 'ee-EKU-OS_SA-int-EKU-CA_SA.pem', + 'ee-EKU-OS_SA-int-EKU-CA_TS.pem', + 'ee-EKU-OS_SA-int-EKU-EP.pem', + 'ee-EKU-OS_SA-int-EKU-EP_NS.pem', + 'ee-EKU-OS_SA-int-EKU-EP_OS.pem', + 'ee-EKU-OS_SA-int-EKU-EP_SA.pem', + 'ee-EKU-OS_SA-int-EKU-EP_TS.pem', + 'ee-EKU-OS_SA-int-EKU-NONE.pem', + 'ee-EKU-OS_SA-int-EKU-NS.pem', + 'ee-EKU-OS_SA-int-EKU-NS_OS.pem', + 'ee-EKU-OS_SA-int-EKU-NS_SA.pem', + 'ee-EKU-OS_SA-int-EKU-NS_TS.pem', + 'ee-EKU-OS_SA-int-EKU-OS.pem', + 'ee-EKU-OS_SA-int-EKU-OS_SA.pem', + 'ee-EKU-OS_SA-int-EKU-OS_TS.pem', + 'ee-EKU-OS_SA-int-EKU-SA.pem', + 'ee-EKU-OS_SA-int-EKU-SA_TS.pem', + 'ee-EKU-OS_SA-int-EKU-TS.pem', + 'ee-EKU-OS_TS-int-EKU-CA.pem', + 'ee-EKU-OS_TS-int-EKU-CA_EP.pem', + 'ee-EKU-OS_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-OS_TS-int-EKU-CA_NS.pem', + 'ee-EKU-OS_TS-int-EKU-CA_OS.pem', + 'ee-EKU-OS_TS-int-EKU-CA_SA.pem', + 'ee-EKU-OS_TS-int-EKU-CA_TS.pem', + 'ee-EKU-OS_TS-int-EKU-EP.pem', + 'ee-EKU-OS_TS-int-EKU-EP_NS.pem', + 'ee-EKU-OS_TS-int-EKU-EP_OS.pem', + 'ee-EKU-OS_TS-int-EKU-EP_SA.pem', + 'ee-EKU-OS_TS-int-EKU-EP_TS.pem', + 'ee-EKU-OS_TS-int-EKU-NONE.pem', + 'ee-EKU-OS_TS-int-EKU-NS.pem', + 'ee-EKU-OS_TS-int-EKU-NS_OS.pem', + 'ee-EKU-OS_TS-int-EKU-NS_SA.pem', + 'ee-EKU-OS_TS-int-EKU-NS_TS.pem', + 'ee-EKU-OS_TS-int-EKU-OS.pem', + 'ee-EKU-OS_TS-int-EKU-OS_SA.pem', + 'ee-EKU-OS_TS-int-EKU-OS_TS.pem', + 'ee-EKU-OS_TS-int-EKU-SA.pem', + 'ee-EKU-OS_TS-int-EKU-SA_TS.pem', + 'ee-EKU-OS_TS-int-EKU-TS.pem', + 'ee-EKU-SA-int-EKU-CA.pem', + 'ee-EKU-SA-int-EKU-CA_EP.pem', + 'ee-EKU-SA-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-SA-int-EKU-CA_NS.pem', + 'ee-EKU-SA-int-EKU-CA_OS.pem', + 'ee-EKU-SA-int-EKU-CA_SA.pem', + 'ee-EKU-SA-int-EKU-CA_TS.pem', + 'ee-EKU-SA-int-EKU-EP.pem', + 'ee-EKU-SA-int-EKU-EP_NS.pem', + 'ee-EKU-SA-int-EKU-EP_OS.pem', + 'ee-EKU-SA-int-EKU-EP_SA.pem', + 'ee-EKU-SA-int-EKU-EP_TS.pem', + 'ee-EKU-SA-int-EKU-NONE.pem', + 'ee-EKU-SA-int-EKU-NS.pem', + 'ee-EKU-SA-int-EKU-NS_OS.pem', + 'ee-EKU-SA-int-EKU-NS_SA.pem', + 'ee-EKU-SA-int-EKU-NS_TS.pem', + 'ee-EKU-SA-int-EKU-OS.pem', + 'ee-EKU-SA-int-EKU-OS_SA.pem', + 'ee-EKU-SA-int-EKU-OS_TS.pem', + 'ee-EKU-SA-int-EKU-SA.pem', + 'ee-EKU-SA-int-EKU-SA_TS.pem', + 'ee-EKU-SA-int-EKU-TS.pem', + 'ee-EKU-SA_TS-int-EKU-CA.pem', + 'ee-EKU-SA_TS-int-EKU-CA_EP.pem', + 'ee-EKU-SA_TS-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-SA_TS-int-EKU-CA_NS.pem', + 'ee-EKU-SA_TS-int-EKU-CA_OS.pem', + 'ee-EKU-SA_TS-int-EKU-CA_SA.pem', + 'ee-EKU-SA_TS-int-EKU-CA_TS.pem', + 'ee-EKU-SA_TS-int-EKU-EP.pem', + 'ee-EKU-SA_TS-int-EKU-EP_NS.pem', + 'ee-EKU-SA_TS-int-EKU-EP_OS.pem', + 'ee-EKU-SA_TS-int-EKU-EP_SA.pem', + 'ee-EKU-SA_TS-int-EKU-EP_TS.pem', + 'ee-EKU-SA_TS-int-EKU-NONE.pem', + 'ee-EKU-SA_TS-int-EKU-NS.pem', + 'ee-EKU-SA_TS-int-EKU-NS_OS.pem', + 'ee-EKU-SA_TS-int-EKU-NS_SA.pem', + 'ee-EKU-SA_TS-int-EKU-NS_TS.pem', + 'ee-EKU-SA_TS-int-EKU-OS.pem', + 'ee-EKU-SA_TS-int-EKU-OS_SA.pem', + 'ee-EKU-SA_TS-int-EKU-OS_TS.pem', + 'ee-EKU-SA_TS-int-EKU-SA.pem', + 'ee-EKU-SA_TS-int-EKU-SA_TS.pem', + 'ee-EKU-SA_TS-int-EKU-TS.pem', + 'ee-EKU-TS-int-EKU-CA.pem', + 'ee-EKU-TS-int-EKU-CA_EP.pem', + 'ee-EKU-TS-int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'ee-EKU-TS-int-EKU-CA_NS.pem', + 'ee-EKU-TS-int-EKU-CA_OS.pem', + 'ee-EKU-TS-int-EKU-CA_SA.pem', + 'ee-EKU-TS-int-EKU-CA_TS.pem', + 'ee-EKU-TS-int-EKU-EP.pem', + 'ee-EKU-TS-int-EKU-EP_NS.pem', + 'ee-EKU-TS-int-EKU-EP_OS.pem', + 'ee-EKU-TS-int-EKU-EP_SA.pem', + 'ee-EKU-TS-int-EKU-EP_TS.pem', + 'ee-EKU-TS-int-EKU-NONE.pem', + 'ee-EKU-TS-int-EKU-NS.pem', + 'ee-EKU-TS-int-EKU-NS_OS.pem', + 'ee-EKU-TS-int-EKU-NS_SA.pem', + 'ee-EKU-TS-int-EKU-NS_TS.pem', + 'ee-EKU-TS-int-EKU-OS.pem', + 'ee-EKU-TS-int-EKU-OS_SA.pem', + 'ee-EKU-TS-int-EKU-OS_TS.pem', + 'ee-EKU-TS-int-EKU-SA.pem', + 'ee-EKU-TS-int-EKU-SA_TS.pem', + 'ee-EKU-TS-int-EKU-TS.pem', + 'int-EKU-CA.pem', + 'int-EKU-CA_EP.pem', + 'int-EKU-CA_EP_NS_OS_SA_TS.pem', + 'int-EKU-CA_NS.pem', + 'int-EKU-CA_OS.pem', + 'int-EKU-CA_SA.pem', + 'int-EKU-CA_TS.pem', + 'int-EKU-EP.pem', + 'int-EKU-EP_NS.pem', + 'int-EKU-EP_OS.pem', + 'int-EKU-EP_SA.pem', + 'int-EKU-EP_TS.pem', + 'int-EKU-NONE.pem', + 'int-EKU-NS.pem', + 'int-EKU-NS_OS.pem', + 'int-EKU-NS_SA.pem', + 'int-EKU-NS_TS.pem', + 'int-EKU-OS.pem', + 'int-EKU-OS_SA.pem', + 'int-EKU-OS_TS.pem', + 'int-EKU-SA.pem', + 'int-EKU-SA_TS.pem', + 'int-EKU-TS.pem', +) + +for test_certificate in test_certificates: + input_file = test_certificate + '.certspec' + GENERATED_FILES += [test_certificate] + props = GENERATED_FILES[test_certificate] + props.script = '../pycert.py' + props.inputs = [input_file, '!/config/buildid'] + TEST_HARNESS_FILES.xpcshell.security.manager.ssl.tests.unit.test_cert_eku += ['!%s' % test_certificate] From 60278540c0a5b325a6d919843040b78db9463458 Mon Sep 17 00:00:00 2001 From: JerryShih Date: Fri, 5 Jun 2015 00:30:00 +0200 Subject: [PATCH 172/297] Bug 1165161 - stop bootAnim with "browser-ui-startup-complete" event. r=mwu --- widget/gonk/nsAppShell.cpp | 5 +++++ widget/gonk/nsScreenManagerGonk.cpp | 3 --- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/widget/gonk/nsAppShell.cpp b/widget/gonk/nsAppShell.cpp index 7e274401ccb..19ef7f8adf5 100644 --- a/widget/gonk/nsAppShell.cpp +++ b/widget/gonk/nsAppShell.cpp @@ -34,6 +34,7 @@ #include "base/basictypes.h" #include "GonkPermission.h" +#include "libdisplay/BootAnimation.h" #include "nscore.h" #ifdef MOZ_OMX_DECODER #include "MediaResourceManagerService.h" @@ -936,6 +937,10 @@ nsAppShell::Observe(nsISupports* aSubject, updateHeadphoneSwitch(); } mEnableDraw = true; + + // System is almost booting up. Stop the bootAnim now. + StopBootAnimation(); + NotifyEvent(); return NS_OK; } diff --git a/widget/gonk/nsScreenManagerGonk.cpp b/widget/gonk/nsScreenManagerGonk.cpp index e86e1efbdf8..7723d445450 100644 --- a/widget/gonk/nsScreenManagerGonk.cpp +++ b/widget/gonk/nsScreenManagerGonk.cpp @@ -227,9 +227,6 @@ nsScreenGonk::GetSurfaceFormat() ANativeWindow* nsScreenGonk::GetNativeWindow() { - if (IsPrimaryScreen()) { - StopBootAnimation(); - } return mNativeWindow.get(); } From 69ea4a00f4ed3c8c875202b9884e1db37bb69949 Mon Sep 17 00:00:00 2001 From: Jose Antonio Olivera Ortega Date: Wed, 10 Jun 2015 10:17:00 +0200 Subject: [PATCH 173/297] Bug 1168226 - ServiceWorkerRegistrar only use the scope when registering a service worker. r=baku --- dom/workers/ServiceWorkerRegistrar.cpp | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/dom/workers/ServiceWorkerRegistrar.cpp b/dom/workers/ServiceWorkerRegistrar.cpp index c914633278a..24b8d36dfc6 100644 --- a/dom/workers/ServiceWorkerRegistrar.cpp +++ b/dom/workers/ServiceWorkerRegistrar.cpp @@ -149,12 +149,26 @@ ServiceWorkerRegistrar::RegisterServiceWorker( MonitorAutoLock lock(mMonitor); MOZ_ASSERT(mDataLoaded); + const mozilla::ipc::PrincipalInfo& newPrincipalInfo = aData.principal(); + MOZ_ASSERT(newPrincipalInfo.type() == + mozilla::ipc::PrincipalInfo::TContentPrincipalInfo); + + const mozilla::ipc::ContentPrincipalInfo& newContentPrincipalInfo = + newPrincipalInfo.get_ContentPrincipalInfo(); + bool found = false; for (uint32_t i = 0, len = mData.Length(); i < len; ++i) { if (mData[i].scope() == aData.scope()) { - mData[i] = aData; - found = true; - break; + const mozilla::ipc::PrincipalInfo& existingPrincipalInfo = + mData[i].principal(); + const mozilla::ipc::ContentPrincipalInfo& existingContentPrincipalInfo = + existingPrincipalInfo.get_ContentPrincipalInfo(); + + if (newContentPrincipalInfo == existingContentPrincipalInfo) { + mData[i] = aData; + found = true; + break; + } } } From 300764e414acf468063d731de2be36c874151b95 Mon Sep 17 00:00:00 2001 From: Kershaw Chang Date: Wed, 10 Jun 2015 19:08:00 +0200 Subject: [PATCH 174/297] Bug 1170939 - Close PBontentBridge when receving shut dwon message, r=khuey --- dom/ipc/ContentBridgeChild.cpp | 26 +++++++++++++++++++++++++- dom/ipc/ContentBridgeChild.h | 3 +++ dom/ipc/ContentParent.cpp | 2 +- 3 files changed, 29 insertions(+), 2 deletions(-) diff --git a/dom/ipc/ContentBridgeChild.cpp b/dom/ipc/ContentBridgeChild.cpp index 9dbbcc35dea..0c8dce8614f 100644 --- a/dom/ipc/ContentBridgeChild.cpp +++ b/dom/ipc/ContentBridgeChild.cpp @@ -12,6 +12,7 @@ #include "mozilla/dom/ipc/BlobChild.h" #include "mozilla/jsipc/CrossProcessObjectWrappers.h" #include "mozilla/ipc/InputStreamUtils.h" +#include "nsIObserverService.h" using namespace mozilla::ipc; using namespace mozilla::jsipc; @@ -19,7 +20,9 @@ using namespace mozilla::jsipc; namespace mozilla { namespace dom { -NS_IMPL_ISUPPORTS(ContentBridgeChild, nsIContentChild) +NS_IMPL_ISUPPORTS(ContentBridgeChild, + nsIContentChild, + nsIObserver) ContentBridgeChild::ContentBridgeChild(Transport* aTransport) : mTransport(aTransport) @@ -33,6 +36,10 @@ ContentBridgeChild::~ContentBridgeChild() void ContentBridgeChild::ActorDestroy(ActorDestroyReason aWhy) { + nsCOMPtr os = mozilla::services::GetObserverService(); + if (os) { + os->RemoveObserver(this, "content-child-shutdown"); + } MessageLoop::current()->PostTask( FROM_HERE, NewRunnableMethod(this, &ContentBridgeChild::DeferredDestroy)); @@ -47,6 +54,12 @@ ContentBridgeChild::Create(Transport* aTransport, ProcessId aOtherPid) DebugOnly ok = bridge->Open(aTransport, aOtherPid, XRE_GetIOMessageLoop()); MOZ_ASSERT(ok); + + nsCOMPtr os = mozilla::services::GetObserverService(); + if (os) { + os->AddObserver(bridge, "content-child-shutdown", false); + } + return bridge; } @@ -167,5 +180,16 @@ ContentBridgeChild::DeallocPBlobChild(PBlobChild* aActor) return nsIContentChild::DeallocPBlobChild(aActor); } +NS_IMETHODIMP +ContentBridgeChild::Observe(nsISupports* aSubject, + const char* aTopic, + const char16_t* aData) +{ + if (!strcmp(aTopic, "content-child-shutdown")) { + Close(); + } + return NS_OK; +} + } // namespace dom } // namespace mozilla diff --git a/dom/ipc/ContentBridgeChild.h b/dom/ipc/ContentBridgeChild.h index 1170232ae9f..7c3122360a9 100644 --- a/dom/ipc/ContentBridgeChild.h +++ b/dom/ipc/ContentBridgeChild.h @@ -9,17 +9,20 @@ #include "mozilla/dom/PContentBridgeChild.h" #include "mozilla/dom/nsIContentChild.h" +#include "nsIObserver.h" namespace mozilla { namespace dom { class ContentBridgeChild final : public PContentBridgeChild , public nsIContentChild + , public nsIObserver { public: explicit ContentBridgeChild(Transport* aTransport); NS_DECL_ISUPPORTS + NS_DECL_NSIOBSERVER static ContentBridgeChild* Create(Transport* aTransport, ProcessId aOtherProcess); diff --git a/dom/ipc/ContentParent.cpp b/dom/ipc/ContentParent.cpp index c92c661a836..121dccf64df 100755 --- a/dom/ipc/ContentParent.cpp +++ b/dom/ipc/ContentParent.cpp @@ -2065,7 +2065,7 @@ ContentParent::ActorDestroy(ActorDestroyReason why) MessageLoop::current()->PostTask( FROM_HERE, NewRunnableMethod(cp, &ContentParent::ShutDownProcess, - CLOSE_CHANNEL)); + SEND_SHUTDOWN_MESSAGE)); } cpm->RemoveContentProcess(this->ChildID()); } From 3dc7579e8b0a34c3a3f39e2b8b7ff3ee081d9340 Mon Sep 17 00:00:00 2001 From: Jed Davis Date: Wed, 10 Jun 2015 18:33:00 +0200 Subject: [PATCH 175/297] Bug 1170334 - Re-escape entities in nsWebBrowserPersist XML stylesheet handling. r=hsivonen --- .../webbrowserpersist/nsWebBrowserPersist.cpp | 44 ++++++++-- embedding/test/bug1170334_iframe.xml | 3 + embedding/test/bug1170334_style.css | 1 + embedding/test/chrome.ini | 3 + .../test/test_bug1170334_wbp_xmlstyle.html | 80 +++++++++++++++++++ 5 files changed, 123 insertions(+), 8 deletions(-) create mode 100644 embedding/test/bug1170334_iframe.xml create mode 100644 embedding/test/bug1170334_style.css create mode 100644 embedding/test/test_bug1170334_wbp_xmlstyle.html diff --git a/embedding/components/webbrowserpersist/nsWebBrowserPersist.cpp b/embedding/components/webbrowserpersist/nsWebBrowserPersist.cpp index b5f3cbf8686..208f41469b8 100644 --- a/embedding/components/webbrowserpersist/nsWebBrowserPersist.cpp +++ b/embedding/components/webbrowserpersist/nsWebBrowserPersist.cpp @@ -2529,6 +2529,36 @@ nsWebBrowserPersist::EnumCleanupUploadList(nsISupports *aKey, UploadData *aData, return PL_DHASH_NEXT; } +static void +AppendXMLAttr(const nsAString& key, const nsAString& aValue, nsAString& aBuffer) +{ + if (!aBuffer.IsEmpty()) { + aBuffer.Append(' '); + } + aBuffer.Append(key); + aBuffer.AppendLiteral("=\""); + for (size_t i = 0; i < aValue.Length(); ++i) { + switch (aValue[i]) { + case '&': + aBuffer.AppendLiteral("&"); + break; + case '<': + aBuffer.AppendLiteral("<"); + break; + case '>': + aBuffer.AppendLiteral(">"); + break; + case '"': + aBuffer.AppendLiteral("""); + break; + default: + aBuffer.Append(aValue[i]); + break; + } + } + aBuffer.Append('"'); +} + nsresult nsWebBrowserPersist::FixupXMLStyleSheetLink(nsIDOMProcessingInstruction *aPI, const nsAString &aHref) { NS_ENSURE_ARG_POINTER(aPI); @@ -2568,30 +2598,28 @@ nsresult nsWebBrowserPersist::FixupXMLStyleSheetLink(nsIDOMProcessingInstruction nsGkAtoms::media, media); - NS_NAMED_LITERAL_STRING(kCloseAttr, "\" "); nsAutoString newData; - newData += NS_LITERAL_STRING("href=\"") + aHref + kCloseAttr; + AppendXMLAttr(NS_LITERAL_STRING("href"), aHref, newData); if (!title.IsEmpty()) { - newData += NS_LITERAL_STRING("title=\"") + title + kCloseAttr; + AppendXMLAttr(NS_LITERAL_STRING("title"), title, newData); } if (!media.IsEmpty()) { - newData += NS_LITERAL_STRING("media=\"") + media + kCloseAttr; + AppendXMLAttr(NS_LITERAL_STRING("media"), media, newData); } if (!type.IsEmpty()) { - newData += NS_LITERAL_STRING("type=\"") + type + kCloseAttr; + AppendXMLAttr(NS_LITERAL_STRING("type"), type, newData); } if (!charset.IsEmpty()) { - newData += NS_LITERAL_STRING("charset=\"") + charset + kCloseAttr; + AppendXMLAttr(NS_LITERAL_STRING("charset"), charset, newData); } if (!alternate.IsEmpty()) { - newData += NS_LITERAL_STRING("alternate=\"") + alternate + kCloseAttr; + AppendXMLAttr(NS_LITERAL_STRING("alternate"), alternate, newData); } - newData.Truncate(newData.Length() - 1); // Remove the extra space on the end. aPI->SetData(newData); } diff --git a/embedding/test/bug1170334_iframe.xml b/embedding/test/bug1170334_iframe.xml new file mode 100644 index 00000000000..1821e07f967 --- /dev/null +++ b/embedding/test/bug1170334_iframe.xml @@ -0,0 +1,3 @@ + + + diff --git a/embedding/test/bug1170334_style.css b/embedding/test/bug1170334_style.css new file mode 100644 index 00000000000..476c22b695c --- /dev/null +++ b/embedding/test/bug1170334_style.css @@ -0,0 +1 @@ +/* This stylesheet intentionally left blank. */ diff --git a/embedding/test/chrome.ini b/embedding/test/chrome.ini index 14dccff247a..4684b761293 100644 --- a/embedding/test/chrome.ini +++ b/embedding/test/chrome.ini @@ -3,6 +3,9 @@ skip-if = buildapp == 'b2g' support-files = 320x240.ogv bug449141_page.html + bug1170334_iframe.xml + bug1170334_style.css [test_bug449141.html] skip-if = toolkit == 'android' +[test_bug1170334_wbp_xmlstyle.html] diff --git a/embedding/test/test_bug1170334_wbp_xmlstyle.html b/embedding/test/test_bug1170334_wbp_xmlstyle.html new file mode 100644 index 00000000000..4dee9a6ba73 --- /dev/null +++ b/embedding/test/test_bug1170334_wbp_xmlstyle.html @@ -0,0 +1,80 @@ + + + + + Test for Bug 1170334 (nsWebBrowserPersist vs. XML stylesheets) + + + + +Mozilla Bug 1170334 +

+

+

+  
+

+
+
+

+
+

From 8dfcce7bbb4aaa285c10913311ad3700f23e46c5 Mon Sep 17 00:00:00 2001
From: "Nicolas B. Pierron" 
Date: Thu, 11 Jun 2015 13:19:32 +0200
Subject: [PATCH 176/297] Bug 1170750 - Replace %f by %.16g in js/src. r=jandem

---
 js/src/jit/MIR.cpp                               | 4 ++--
 js/src/jit/arm/Simulator-arm.cpp                 | 6 +++---
 js/src/jit/x86-shared/BaseAssembler-x86-shared.h | 6 +++---
 3 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/js/src/jit/MIR.cpp b/js/src/jit/MIR.cpp
index dd3ca8d9b8d..d7d914b84fc 100644
--- a/js/src/jit/MIR.cpp
+++ b/js/src/jit/MIR.cpp
@@ -775,12 +775,12 @@ MConstant::printOpcode(GenericPrinter& out) const
         out.printf("0x%x", value().toInt32());
         break;
       case MIRType_Double:
-        out.printf("%f", value().toDouble());
+        out.printf("%.16g", value().toDouble());
         break;
       case MIRType_Float32:
       {
         float val = value().toDouble();
-        out.printf("%f", val);
+        out.printf("%.16g", val);
         break;
       }
       case MIRType_Object:
diff --git a/js/src/jit/arm/Simulator-arm.cpp b/js/src/jit/arm/Simulator-arm.cpp
index 1f2ffdf0493..e26c5b005e7 100644
--- a/js/src/jit/arm/Simulator-arm.cpp
+++ b/js/src/jit/arm/Simulator-arm.cpp
@@ -692,7 +692,7 @@ ArmDebugger::debug()
                                 i < 8 &&
                                 (i % 2) == 0) {
                                 dvalue = getRegisterPairDoubleValue(i);
-                                printf(" (%f)\n", dvalue);
+                                printf(" (%.16g)\n", dvalue);
                             } else {
                                 printf("\n");
                             }
@@ -700,7 +700,7 @@ ArmDebugger::debug()
                         for (uint32_t i = 0; i < FloatRegisters::TotalPhys; i++) {
                             dvalue = getVFPDoubleRegisterValue(i);
                             uint64_t as_words = mozilla::BitwiseCast(dvalue);
-                            printf("%3s: %f 0x%08x %08x\n",
+                            printf("%3s: %.16g 0x%08x %08x\n",
                                    FloatRegister::FromCode(i).name(),
                                    dvalue,
                                    static_cast(as_words >> 32),
@@ -711,7 +711,7 @@ ArmDebugger::debug()
                             printf("%s: 0x%08x %d \n", arg1, value, value);
                         } else if (getVFPDoubleValue(arg1, &dvalue)) {
                             uint64_t as_words = mozilla::BitwiseCast(dvalue);
-                            printf("%s: %f 0x%08x %08x\n",
+                            printf("%s: %.16g 0x%08x %08x\n",
                                    arg1,
                                    dvalue,
                                    static_cast(as_words >> 32),
diff --git a/js/src/jit/x86-shared/BaseAssembler-x86-shared.h b/js/src/jit/x86-shared/BaseAssembler-x86-shared.h
index 9b3ce213623..8e883be6f69 100644
--- a/js/src/jit/x86-shared/BaseAssembler-x86-shared.h
+++ b/js/src/jit/x86-shared/BaseAssembler-x86-shared.h
@@ -3744,12 +3744,12 @@ threeByteOpImmSimd("vblendps", VEX_PD, OP3_BLENDPS_VpsWpsIb, ESCAPE_3A, imm, off
 
     void doubleConstant(double d)
     {
-        spew(".double %.20f", d);
+        spew(".double %.16g", d);
         m_formatter.doubleConstant(d);
     }
     void floatConstant(float f)
     {
-        spew(".float %.20f", f);
+        spew(".float %.16g", f);
         m_formatter.floatConstant(f);
     }
 
@@ -3761,7 +3761,7 @@ threeByteOpImmSimd("vblendps", VEX_PD, OP3_BLENDPS_VpsWpsIb, ESCAPE_3A, imm, off
     }
     void float32x4Constant(const float f[4])
     {
-        spew(".float %f,%f,%f,%f", f[0], f[1], f[2], f[3]);
+        spew(".float %g,%g,%g,%g", f[0], f[1], f[2], f[3]);
         MOZ_ASSERT(m_formatter.isAligned(16));
         m_formatter.float32x4Constant(f);
     }

From 1aefd08d3dddbddb1de396d806f44d9ab46d9674 Mon Sep 17 00:00:00 2001
From: Kelly Davis 
Date: Tue, 9 Jun 2015 22:42:00 +0200
Subject: [PATCH 177/297] Bug 1172925 - Part 1 of 1:  Patch re-enables
 pocketsphinx, sphinxbase, and models on Windows B2G builds. r=gps

---
 b2g/confvars.sh | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/b2g/confvars.sh b/b2g/confvars.sh
index ef92554460e..50e2347a294 100644
--- a/b2g/confvars.sh
+++ b/b2g/confvars.sh
@@ -29,13 +29,10 @@ NSS_DISABLE_DBM=1
 MOZ_NO_EV_CERTS=1
 MOZ_DISABLE_EXPORT_JS=1
 
-# Bug 1171082 - Broken on Windows B2G Desktop
-if test "$OS_TARGET" != "WINNT"; then
 MOZ_WEBSPEECH=1
 MOZ_WEBSPEECH_MODELS=1
 MOZ_WEBSPEECH_POCKETSPHINX=1
 MOZ_WEBSPEECH_TEST_BACKEND=1
-fi # !WINNT
 
 if test "$OS_TARGET" = "Android"; then
 MOZ_CAPTURE=1

From 620311730942f60a93ce447b5074342e63f26898 Mon Sep 17 00:00:00 2001
From: Nick Fitzgerald 
Date: Wed, 10 Jun 2015 15:59:00 +0200
Subject: [PATCH 178/297] Bug 1173513 - Point to SavedFrame.md docs from JSAPI
 comments; r=fitzgen

---
 js/src/jsapi.h | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/js/src/jsapi.h b/js/src/jsapi.h
index 7e6566f5302..2036beced9b 100644
--- a/js/src/jsapi.h
+++ b/js/src/jsapi.h
@@ -4018,6 +4018,9 @@ namespace JS {
  *
  * The provided chain of SavedFrame objects can live in any compartment,
  * although it will be copied to the compartment where the stack is captured.
+ *
+ * See also `js/src/doc/SavedFrame/SavedFrame.md` for documentation on async
+ * stack frames.
  */
 class MOZ_STACK_CLASS JS_PUBLIC_API(AutoSetAsyncStackForNewCalls)
 {
@@ -5301,6 +5304,8 @@ CaptureCurrentStack(JSContext* cx, MutableHandleObject stackp, unsigned maxFrame
  * caller's principals do not subsume any of the chained SavedFrame object's
  * principals, `SavedFrameResult::AccessDenied` is returned and a (hopefully)
  * sane default value is chosen for the out param.
+ *
+ * See also `js/src/doc/SavedFrame/SavedFrame.md`.
  */
 
 enum class SavedFrameResult {

From 1ef5caf4ec9e3d5557e6a949befe5c1a47784426 Mon Sep 17 00:00:00 2001
From: "Nicolas B. Pierron" 
Date: Thu, 11 Jun 2015 13:32:23 +0200
Subject: [PATCH 179/297] Bug 1168500 - Replace the operator, by variadic
 templates. r=Waldo

---
 js/src/jit/CodeGenerator.cpp             | 94 ++++++++++++------------
 js/src/jit/shared/CodeGenerator-shared.h | 87 ++++++++++------------
 2 files changed, 84 insertions(+), 97 deletions(-)

diff --git a/js/src/jit/CodeGenerator.cpp b/js/src/jit/CodeGenerator.cpp
index 7cf1f090a9d..231f54b47ec 100644
--- a/js/src/jit/CodeGenerator.cpp
+++ b/js/src/jit/CodeGenerator.cpp
@@ -189,7 +189,7 @@ CodeGenerator::visitValueToInt32(LValueToInt32* lir)
         Register stringReg;
         if (input->mightBeType(MIRType_String)) {
             stringReg = ToRegister(lir->temp());
-            OutOfLineCode* oolString = oolCallVM(StringToNumberInfo, lir, (ArgList(), stringReg),
+            OutOfLineCode* oolString = oolCallVM(StringToNumberInfo, lir, ArgList(stringReg),
                                                  StoreFloatRegisterTo(temp));
             stringEntry = oolString->entry();
             stringRejoin = oolString->rejoin();
@@ -850,7 +850,7 @@ CodeGenerator::visitIntToString(LIntToString* lir)
     Register input = ToRegister(lir->input());
     Register output = ToRegister(lir->output());
 
-    OutOfLineCode* ool = oolCallVM(IntToStringInfo, lir, (ArgList(), input),
+    OutOfLineCode* ool = oolCallVM(IntToStringInfo, lir, ArgList(input),
                                    StoreRegisterTo(output));
 
     emitIntToString(input, output, ool->entry());
@@ -868,7 +868,7 @@ CodeGenerator::visitDoubleToString(LDoubleToString* lir)
     Register temp = ToRegister(lir->tempInt());
     Register output = ToRegister(lir->output());
 
-    OutOfLineCode* ool = oolCallVM(DoubleToStringInfo, lir, (ArgList(), input),
+    OutOfLineCode* ool = oolCallVM(DoubleToStringInfo, lir, ArgList(input),
                                    StoreRegisterTo(output));
 
     // Try double to integer conversion and run integer to string code.
@@ -887,7 +887,7 @@ CodeGenerator::visitValueToString(LValueToString* lir)
     ValueOperand input = ToValue(lir, LValueToString::Input);
     Register output = ToRegister(lir->output());
 
-    OutOfLineCode* ool = oolCallVM(PrimitiveToStringInfo, lir, (ArgList(), input),
+    OutOfLineCode* ool = oolCallVM(PrimitiveToStringInfo, lir, ArgList(input),
                                    StoreRegisterTo(output));
 
     Label done;
@@ -982,7 +982,7 @@ CodeGenerator::visitValueToObjectOrNull(LValueToObjectOrNull* lir)
     ValueOperand input = ToValue(lir, LValueToObjectOrNull::Input);
     Register output = ToRegister(lir->output());
 
-    OutOfLineCode* ool = oolCallVM(ToObjectInfo, lir, (ArgList(), input, Imm32(0)),
+    OutOfLineCode* ool = oolCallVM(ToObjectInfo, lir, ArgList(input, Imm32(0)),
                                    StoreRegisterTo(output));
 
     Label done;
@@ -1701,7 +1701,7 @@ CodeGenerator::visitLambda(LLambda* lir)
     Register tempReg = ToRegister(lir->temp());
     const LambdaFunctionInfo& info = lir->mir()->info();
 
-    OutOfLineCode* ool = oolCallVM(LambdaInfo, lir, (ArgList(), ImmGCPtr(info.fun), scopeChain),
+    OutOfLineCode* ool = oolCallVM(LambdaInfo, lir, ArgList(ImmGCPtr(info.fun), scopeChain),
                                    StoreRegisterTo(output));
 
     MOZ_ASSERT(!info.singletonType);
@@ -2515,7 +2515,7 @@ CodeGenerator::visitConvertElementsToDoubles(LConvertElementsToDoubles* lir)
     Register elements = ToRegister(lir->elements());
 
     OutOfLineCode* ool = oolCallVM(ConvertElementsToDoublesInfo, lir,
-                                   (ArgList(), elements), StoreNothing());
+                                   ArgList(elements), StoreNothing());
 
     Address convertedAddress(elements, ObjectElements::offsetOfFlags());
     Imm32 bit(ObjectElements::CONVERT_DOUBLE_ELEMENTS);
@@ -2561,7 +2561,7 @@ CodeGenerator::visitMaybeCopyElementsForWrite(LMaybeCopyElementsForWrite* lir)
     Register temp = ToRegister(lir->temp());
 
     OutOfLineCode* ool = oolCallVM(CopyElementsForWriteInfo, lir,
-                                   (ArgList(), object), StoreNothing());
+                                   ArgList(object), StoreNothing());
 
     if (lir->mir()->checkNative()) {
         masm.loadObjClass(object, temp);
@@ -4299,7 +4299,7 @@ CodeGenerator::visitNewArrayCopyOnWrite(LNewArrayCopyOnWrite* lir)
 
     // If we have a template object, we can inline call object creation.
     OutOfLineCode* ool = oolCallVM(NewArrayCopyOnWriteInfo, lir,
-                                   (ArgList(), ImmGCPtr(templateObject), Imm32(initialHeap)),
+                                   ArgList(ImmGCPtr(templateObject), Imm32(initialHeap)),
                                    StoreRegisterTo(objReg));
 
     masm.createGCObject(objReg, tempReg, templateObject, initialHeap, ool->entry());
@@ -4322,7 +4322,7 @@ CodeGenerator::visitNewArrayDynamicLength(LNewArrayDynamicLength* lir)
     gc::InitialHeap initialHeap = lir->mir()->initialHeap();
 
     OutOfLineCode* ool = oolCallVM(ArrayConstructorOneArgInfo, lir,
-                                   (ArgList(), ImmGCPtr(templateObject->group()), lengthReg),
+                                   ArgList(ImmGCPtr(templateObject->group()), lengthReg),
                                    StoreRegisterTo(objReg));
 
     bool canInline = true;
@@ -4559,7 +4559,7 @@ CodeGenerator::visitNewTypedObject(LNewTypedObject* lir)
     gc::InitialHeap initialHeap = lir->mir()->initialHeap();
 
     OutOfLineCode* ool = oolCallVM(NewTypedObjectInfo, lir,
-                                   (ArgList(), ImmGCPtr(templateObject), Imm32(initialHeap)),
+                                   ArgList(ImmGCPtr(templateObject), Imm32(initialHeap)),
                                    StoreRegisterTo(object));
 
     masm.createGCObject(object, temp, templateObject, initialHeap, ool->entry());
@@ -4581,7 +4581,7 @@ CodeGenerator::visitSimdBox(LSimdBox* lir)
     MOZ_ASSERT(lir->safepoint()->liveRegs().has(in),
                "Save the input register across the oolCallVM");
     OutOfLineCode* ool = oolCallVM(NewTypedObjectInfo, lir,
-                                   (ArgList(), ImmGCPtr(templateObject), Imm32(initialHeap)),
+                                   ArgList(ImmGCPtr(templateObject), Imm32(initialHeap)),
                                    StoreRegisterTo(object));
 
     masm.createGCObject(object, temp, templateObject, initialHeap, ool->entry());
@@ -4705,8 +4705,7 @@ CodeGenerator::visitNewDeclEnvObject(LNewDeclEnvObject* lir)
 
     // If we have a template object, we can inline call object creation.
     OutOfLineCode* ool = oolCallVM(NewDeclEnvObjectInfo, lir,
-                                   (ArgList(), ImmGCPtr(info.funMaybeLazy()),
-                                    Imm32(gc::DefaultHeap)),
+                                   ArgList(ImmGCPtr(info.funMaybeLazy()), Imm32(gc::DefaultHeap)),
                                    StoreRegisterTo(objReg));
 
     bool initContents = ShouldInitFixedSlots(lir, templateObj);
@@ -4731,9 +4730,9 @@ CodeGenerator::visitNewCallObject(LNewCallObject* lir)
     JSScript* script = lir->mir()->block()->info().script();
     uint32_t lexicalBegin = script->bindings.aliasedBodyLevelLexicalBegin();
     OutOfLineCode* ool = oolCallVM(NewCallObjectInfo, lir,
-                                   (ArgList(), ImmGCPtr(templateObj->lastProperty()),
-                                               ImmGCPtr(templateObj->group()),
-                                               Imm32(lexicalBegin)),
+                                   ArgList(ImmGCPtr(templateObj->lastProperty()),
+                                           ImmGCPtr(templateObj->group()),
+                                           Imm32(lexicalBegin)),
                                    StoreRegisterTo(objReg));
 
     // Inline call object creation, using the OOL path only for tricky cases.
@@ -4759,8 +4758,8 @@ CodeGenerator::visitNewSingletonCallObject(LNewSingletonCallObject* lir)
     uint32_t lexicalBegin = script->bindings.aliasedBodyLevelLexicalBegin();
     OutOfLineCode* ool;
     ool = oolCallVM(NewSingletonCallObjectInfo, lir,
-                    (ArgList(), ImmGCPtr(templateObj->as().lastProperty()),
-                                Imm32(lexicalBegin)),
+                    ArgList(ImmGCPtr(templateObj->as().lastProperty()),
+                            Imm32(lexicalBegin)),
                     StoreRegisterTo(objReg));
 
     // Objects can only be given singleton types in VM calls.  We make the call
@@ -4782,7 +4781,7 @@ CodeGenerator::visitNewStringObject(LNewStringObject* lir)
 
     StringObject* templateObj = lir->mir()->templateObj();
 
-    OutOfLineCode* ool = oolCallVM(NewStringObjectInfo, lir, (ArgList(), input),
+    OutOfLineCode* ool = oolCallVM(NewStringObjectInfo, lir, ArgList(input),
                                    StoreRegisterTo(output));
 
     masm.createGCObject(output, temp, templateObj, gc::DefaultHeap, ool->entry());
@@ -4934,7 +4933,7 @@ CodeGenerator::visitCreateThisWithTemplate(LCreateThisWithTemplate* lir)
     Register tempReg = ToRegister(lir->temp());
 
     OutOfLineCode* ool = oolCallVM(NewInitObjectWithTemplateInfo, lir,
-                                   (ArgList(), ImmGCPtr(templateObject)),
+                                   ArgList(ImmGCPtr(templateObject)),
                                    StoreRegisterTo(objReg));
 
     // Allocate. If the FreeList is empty, call to VM, which may GC.
@@ -5037,7 +5036,7 @@ CodeGenerator::visitComputeThis(LComputeThis* lir)
     ValueOperand value = ToValue(lir, LComputeThis::ValueIndex);
     Register output = ToRegister(lir->output());
 
-    OutOfLineCode* ool = oolCallVM(BoxNonStrictThisInfo, lir, (ArgList(), value),
+    OutOfLineCode* ool = oolCallVM(BoxNonStrictThisInfo, lir, ArgList(value),
                                    StoreRegisterTo(output));
 
     masm.branchTestObject(Assembler::NotEqual, value, ool->entry());
@@ -5465,10 +5464,10 @@ CodeGenerator::emitCompareS(LInstruction* lir, JSOp op, Register left, Register
     OutOfLineCode* ool = nullptr;
 
     if (op == JSOP_EQ || op == JSOP_STRICTEQ) {
-        ool = oolCallVM(StringsEqualInfo, lir, (ArgList(), left, right),  StoreRegisterTo(output));
+        ool = oolCallVM(StringsEqualInfo, lir, ArgList(left, right),  StoreRegisterTo(output));
     } else {
         MOZ_ASSERT(op == JSOP_NE || op == JSOP_STRICTNE);
-        ool = oolCallVM(StringsNotEqualInfo, lir, (ArgList(), left, right), StoreRegisterTo(output));
+        ool = oolCallVM(StringsNotEqualInfo, lir, ArgList(left, right), StoreRegisterTo(output));
     }
 
     masm.compareStrings(op, left, right, output, ool->entry());
@@ -5819,7 +5818,7 @@ static const VMFunction ConcatStringsInfo = FunctionInfo(Concat
 void
 CodeGenerator::emitConcat(LInstruction* lir, Register lhs, Register rhs, Register output)
 {
-    OutOfLineCode* ool = oolCallVM(ConcatStringsInfo, lir, (ArgList(), lhs, rhs),
+    OutOfLineCode* ool = oolCallVM(ConcatStringsInfo, lir, ArgList(lhs, rhs),
                                    StoreRegisterTo(output));
 
     JitCode* stringConcatStub = gen->compartment->jitCompartment()->stringConcatStubNoBarrier();
@@ -6009,8 +6008,8 @@ CodeGenerator::visitSubstr(LSubstr* lir)
     // can be handled by allocate in ool code and returning to jit code to fill
     // in all data.
     OutOfLineCode* ool = oolCallVM(SubstringKernelInfo, lir,
-                                   (ArgList(), string, begin, length),
-                                    StoreRegisterTo(output));
+                                   ArgList(string, begin, length),
+                                   StoreRegisterTo(output));
     Label* slowPath = ool->entry();
     Label* done = ool->rejoin();
 
@@ -6338,7 +6337,7 @@ CodeGenerator::visitCharCodeAt(LCharCodeAt* lir)
     Register index = ToRegister(lir->index());
     Register output = ToRegister(lir->output());
 
-    OutOfLineCode* ool = oolCallVM(CharCodeAtInfo, lir, (ArgList(), str, index), StoreRegisterTo(output));
+    OutOfLineCode* ool = oolCallVM(CharCodeAtInfo, lir, ArgList(str, index), StoreRegisterTo(output));
 
     masm.branchIfRope(str, ool->entry());
     masm.loadStringChar(str, index, output);
@@ -6355,7 +6354,7 @@ CodeGenerator::visitFromCharCode(LFromCharCode* lir)
     Register code = ToRegister(lir->code());
     Register output = ToRegister(lir->output());
 
-    OutOfLineCode* ool = oolCallVM(StringFromCharCodeInfo, lir, (ArgList(), code), StoreRegisterTo(output));
+    OutOfLineCode* ool = oolCallVM(StringFromCharCodeInfo, lir, ArgList(code), StoreRegisterTo(output));
 
     // OOL path if code >= UNIT_STATIC_LIMIT.
     masm.branch32(Assembler::AboveOrEqual, code, Imm32(StaticStrings::UNIT_STATIC_LIMIT),
@@ -6996,7 +6995,7 @@ CodeGenerator::visitConvertUnboxedObjectToNative(LConvertUnboxedObjectToNative*
     OutOfLineCode* ool = oolCallVM(lir->mir()->group()->unboxedLayoutDontCheckGeneration().isArray()
                                    ? ConvertUnboxedArrayObjectToNativeInfo
                                    : ConvertUnboxedPlainObjectToNativeInfo,
-                                   lir, (ArgList(), object), StoreNothing());
+                                   lir, ArgList(object), StoreNothing());
 
     masm.branchPtr(Assembler::Equal, Address(object, JSObject::offsetOfGroup()),
                    ImmGCPtr(lir->mir()->group()), ool->entry());
@@ -7014,10 +7013,10 @@ CodeGenerator::emitArrayPopShift(LInstruction* lir, const MArrayPopShift* mir, R
     OutOfLineCode* ool;
 
     if (mir->mode() == MArrayPopShift::Pop) {
-        ool = oolCallVM(ArrayPopDenseInfo, lir, (ArgList(), obj), StoreValueTo(out));
+        ool = oolCallVM(ArrayPopDenseInfo, lir, ArgList(obj), StoreValueTo(out));
     } else {
         MOZ_ASSERT(mir->mode() == MArrayPopShift::Shift);
-        ool = oolCallVM(ArrayShiftDenseInfo, lir, (ArgList(), obj), StoreValueTo(out));
+        ool = oolCallVM(ArrayShiftDenseInfo, lir, ArgList(obj), StoreValueTo(out));
     }
 
     // VM call if a write barrier is necessary.
@@ -7138,7 +7137,7 @@ void
 CodeGenerator::emitArrayPush(LInstruction* lir, const MArrayPush* mir, Register obj,
                              ConstantOrRegister value, Register elementsTemp, Register length)
 {
-    OutOfLineCode* ool = oolCallVM(ArrayPushDenseInfo, lir, (ArgList(), obj, value), StoreRegisterTo(length));
+    OutOfLineCode* ool = oolCallVM(ArrayPushDenseInfo, lir, ArgList(obj, value), StoreRegisterTo(length));
 
     Int32Key key = Int32Key(length);
     if (mir->unboxedType() == JSVAL_TYPE_MAGIC) {
@@ -7328,7 +7327,7 @@ CodeGenerator::visitIteratorStart(LIteratorStart* lir)
     uint32_t flags = lir->mir()->flags();
 
     OutOfLineCode* ool = oolCallVM(GetIteratorObjectInfo, lir,
-                                   (ArgList(), obj, Imm32(flags)), StoreRegisterTo(output));
+                                   ArgList(obj, Imm32(flags)), StoreRegisterTo(output));
 
     const Register temp1 = ToRegister(lir->temp1());
     const Register temp2 = ToRegister(lir->temp2());
@@ -7457,7 +7456,7 @@ CodeGenerator::visitIteratorMore(LIteratorMore* lir)
     const ValueOperand output = ToOutValue(lir);
     const Register temp = ToRegister(lir->temp());
 
-    OutOfLineCode* ool = oolCallVM(IteratorMoreInfo, lir, (ArgList(), obj), StoreValueTo(output));
+    OutOfLineCode* ool = oolCallVM(IteratorMoreInfo, lir, ArgList(obj), StoreValueTo(output));
 
     Register outputScratch = output.scratchReg();
     LoadNativeIterator(masm, obj, outputScratch, ool->entry());
@@ -7512,7 +7511,7 @@ CodeGenerator::visitIteratorEnd(LIteratorEnd* lir)
     const Register temp2 = ToRegister(lir->temp2());
     const Register temp3 = ToRegister(lir->temp3());
 
-    OutOfLineCode* ool = oolCallVM(CloseIteratorInfo, lir, (ArgList(), obj), StoreNothing());
+    OutOfLineCode* ool = oolCallVM(CloseIteratorInfo, lir, ArgList(obj), StoreNothing());
 
     LoadNativeIterator(masm, obj, temp1, ool->entry());
 
@@ -8869,11 +8868,10 @@ CodeGenerator::visitToIdV(LToIdV* lir)
     ValueOperand index = ToValue(lir, LToIdV::Index);
 
     OutOfLineCode* ool = oolCallVM(ToIdInfo, lir,
-                                   (ArgList(),
-                                   ImmGCPtr(current->mir()->info().script()),
-                                   ImmPtr(lir->mir()->resumePoint()->pc()),
-                                   ToValue(lir, LToIdV::Object),
-                                   ToValue(lir, LToIdV::Index)),
+                                   ArgList(ImmGCPtr(current->mir()->info().script()),
+                                           ImmPtr(lir->mir()->resumePoint()->pc()),
+                                           ToValue(lir, LToIdV::Object),
+                                           ToValue(lir, LToIdV::Index)),
                                    StoreValueTo(out));
 
     Register tag = masm.splitTagForTest(index);
@@ -9346,7 +9344,7 @@ CodeGenerator::visitClampVToUint8(LClampVToUint8* lir)
     Label* stringEntry;
     Label* stringRejoin;
     if (input->mightBeType(MIRType_String)) {
-        OutOfLineCode* oolString = oolCallVM(StringToNumberInfo, lir, (ArgList(), output),
+        OutOfLineCode* oolString = oolCallVM(StringToNumberInfo, lir, ArgList(output),
                                              StoreFloatRegisterTo(tempFloat));
         stringEntry = oolString->entry();
         stringRejoin = oolString->rejoin();
@@ -9398,7 +9396,7 @@ CodeGenerator::visitInArray(LInArray* lir)
         MOZ_ASSERT_IF(index < 0, mir->needsNegativeIntCheck());
         if (mir->needsNegativeIntCheck()) {
             ool = oolCallVM(OperatorInIInfo, lir,
-                            (ArgList(), Imm32(index), ToRegister(lir->object())),
+                            ArgList(Imm32(index), ToRegister(lir->object())),
                             StoreRegisterTo(output));
             failedInitLength = ool->entry();
         }
@@ -9426,7 +9424,7 @@ CodeGenerator::visitInArray(LInArray* lir)
         if (mir->needsNegativeIntCheck()) {
             masm.bind(&negativeIntCheck);
             ool = oolCallVM(OperatorInIInfo, lir,
-                            (ArgList(), index, ToRegister(lir->object())),
+                            ArgList(index, ToRegister(lir->object())),
                             StoreRegisterTo(output));
 
             masm.branch32(Assembler::LessThan, index, Imm32(0), ool->entry());
@@ -9528,7 +9526,7 @@ CodeGenerator::emitInstanceOf(LInstruction* ins, JSObject* prototypeObject)
     // register is already correct.
 
     OutOfLineCode* ool = oolCallVM(IsDelegateObjectInfo, ins,
-                                   (ArgList(), ImmGCPtr(prototypeObject), objReg),
+                                   ArgList(ImmGCPtr(prototypeObject), objReg),
                                    StoreRegisterTo(output));
 
     // Regenerate the original lhs object for the VM call.
@@ -10060,7 +10058,7 @@ CodeGenerator::visitAssertRangeV(LAssertRangeV* ins)
 void
 CodeGenerator::visitInterruptCheck(LInterruptCheck* lir)
 {
-    OutOfLineCode* ool = oolCallVM(InterruptCheckInfo, lir, (ArgList()), StoreNothing());
+    OutOfLineCode* ool = oolCallVM(InterruptCheckInfo, lir, ArgList(), StoreNothing());
 
     AbsoluteAddress interruptAddr(GetJitContext()->runtime->addressOfInterruptUint32());
     masm.branch32(Assembler::NotEqual, interruptAddr, Imm32(0), ool->entry());
@@ -10096,9 +10094,9 @@ CodeGenerator::visitRecompileCheck(LRecompileCheck* ins)
     Register tmp = ToRegister(ins->scratch());
     OutOfLineCode* ool;
     if (ins->mir()->forceRecompilation())
-        ool = oolCallVM(ForcedRecompileFnInfo, ins, (ArgList()), StoreRegisterTo(tmp));
+        ool = oolCallVM(ForcedRecompileFnInfo, ins, ArgList(), StoreRegisterTo(tmp));
     else
-        ool = oolCallVM(RecompileFnInfo, ins, (ArgList()), StoreRegisterTo(tmp));
+        ool = oolCallVM(RecompileFnInfo, ins, ArgList(), StoreRegisterTo(tmp));
 
     // Check if warm-up counter is high enough.
     AbsoluteAddress warmUpCount = AbsoluteAddress(ins->mir()->script()->addressOfWarmUpCounter());
diff --git a/js/src/jit/shared/CodeGenerator-shared.h b/js/src/jit/shared/CodeGenerator-shared.h
index 0caef861aed..e3c8ad75bbf 100644
--- a/js/src/jit/shared/CodeGenerator-shared.h
+++ b/js/src/jit/shared/CodeGenerator-shared.h
@@ -8,6 +8,7 @@
 #define jit_shared_CodeGenerator_shared_h
 
 #include "mozilla/Alignment.h"
+#include "mozilla/Move.h"
 
 #include "jit/JitFrames.h"
 #include "jit/LIR.h"
@@ -578,69 +579,57 @@ class OutOfLineCodeBase : public OutOfLineCode
 // ArgSeq store arguments for OutOfLineCallVM.
 //
 // OutOfLineCallVM are created with "oolCallVM" function. The third argument of
-// this function is an instance of a class which provides a "generate" function
-// to call the "pushArg" needed by the VMFunction call.  The list of argument
-// can be created by using the ArgList function which create an empty list of
-// arguments.  Arguments are added to this list by using the comma operator.
-// The type of the argument list is returned by the comma operator, and due to
-// templates arguments, it is quite painful to write by hand.  It is recommended
-// to use it directly as argument of a template function which would get its
-// arguments infered by the compiler (such as oolCallVM).  The list of arguments
-// must be written in the same order as if you were calling the function in C++.
+// this function is an instance of a class which provides a "generate" in charge
+// of pushing the argument, with "pushArg", for a VMFunction.
+//
+// Such list of arguments can be created by using the "ArgList" function which
+// creates one instance of "ArgSeq", where the type of the arguments are inferred
+// from the type of the arguments.
+//
+// The list of arguments must be written in the same order as if you were
+// calling the function in C++.
 //
 // Example:
-//   (ArgList(), ToRegister(lir->lhs()), ToRegister(lir->rhs()))
+//   ArgList(ToRegister(lir->lhs()), ToRegister(lir->rhs()))
 
-template 
-class ArgSeq : public SeqType
-{
-  private:
-    typedef ArgSeq ThisType;
-    LastType last_;
+template 
+class ArgSeq;
 
-  public:
-    ArgSeq(const SeqType& seq, const LastType& last)
-      : SeqType(seq),
-        last_(last)
-    { }
-
-    template 
-    inline ArgSeq
-    operator, (const NextType& last) const {
-        return ArgSeq(*this, last);
-    }
-
-    inline void generate(CodeGeneratorShared* codegen) const {
-        codegen->pushArg(last_);
-        this->SeqType::generate(codegen);
-    }
-};
-
-// Mark the end of an argument list.
 template <>
-class ArgSeq
+class ArgSeq<>
 {
-  private:
-    typedef ArgSeq ThisType;
-
   public:
     ArgSeq() { }
-    ArgSeq(const ThisType&) { }
-
-    template 
-    inline ArgSeq
-    operator, (const NextType& last) const {
-        return ArgSeq(*this, last);
-    }
 
     inline void generate(CodeGeneratorShared* codegen) const {
     }
 };
 
-inline ArgSeq
-ArgList()
+template 
+class ArgSeq : public ArgSeq
 {
-    return ArgSeq();
+  private:
+    HeadType head_;
+
+  public:
+    explicit ArgSeq(HeadType&& head, TailTypes&&... tail)
+      : ArgSeq(mozilla::Move(tail)...),
+        head_(mozilla::Move(head))
+    { }
+
+    // Arguments are pushed in reverse order, from last argument to first
+    // argument.
+    inline void generate(CodeGeneratorShared* codegen) const {
+        this->ArgSeq::generate(codegen);
+        codegen->pushArg(head_);
+    }
+};
+
+template 
+inline ArgSeq
+ArgList(ArgTypes... args)
+{
+    return ArgSeq(mozilla::Move(args)...);
 }
 
 // Store wrappers, to generate the right move of data after the VM call.

From dbc33a4b2f0a34e9abdde3ca5a115e5cb3109c9e Mon Sep 17 00:00:00 2001
From: "Nicolas B. Pierron" 
Date: Thu, 11 Jun 2015 13:32:24 +0200
Subject: [PATCH 180/297] Bug 1125481 - Replace FunctionInfo macros by variadic
 templates. r=Waldo

---
 js/src/jit/VMFunctions.h | 226 ++++++++++++++-------------------------
 1 file changed, 83 insertions(+), 143 deletions(-)

diff --git a/js/src/jit/VMFunctions.h b/js/src/jit/VMFunctions.h
index 74bb7ab615e..c0e83a2589a 100644
--- a/js/src/jit/VMFunctions.h
+++ b/js/src/jit/VMFunctions.h
@@ -7,6 +7,8 @@
 #ifndef jit_VMFunctions_h
 #define jit_VMFunctions_h
 
+#include "mozilla/Attributes.h"
+
 #include "jspubtd.h"
 
 #include "jit/CompileInfo.h"
@@ -440,176 +442,114 @@ template <> struct MatchContext {
     static const bool valid = true;
 };
 
-#define FOR_EACH_ARGS_1(Macro, Sep, Last) Macro(1) Last(1)
-#define FOR_EACH_ARGS_2(Macro, Sep, Last) FOR_EACH_ARGS_1(Macro, Sep, Sep) Macro(2) Last(2)
-#define FOR_EACH_ARGS_3(Macro, Sep, Last) FOR_EACH_ARGS_2(Macro, Sep, Sep) Macro(3) Last(3)
-#define FOR_EACH_ARGS_4(Macro, Sep, Last) FOR_EACH_ARGS_3(Macro, Sep, Sep) Macro(4) Last(4)
-#define FOR_EACH_ARGS_5(Macro, Sep, Last) FOR_EACH_ARGS_4(Macro, Sep, Sep) Macro(5) Last(5)
-#define FOR_EACH_ARGS_6(Macro, Sep, Last) FOR_EACH_ARGS_5(Macro, Sep, Sep) Macro(6) Last(6)
-#define FOR_EACH_ARGS_7(Macro, Sep, Last) FOR_EACH_ARGS_6(Macro, Sep, Sep) Macro(7) Last(7)
+// Extract the last element of a list of types.
+template 
+struct LastArg;
 
-#define COMPUTE_INDEX(NbArg) NbArg
-#define COMPUTE_OUTPARAM_RESULT(NbArg) OutParamToDataType::result
-#define COMPUTE_OUTPARAM_ROOT(NbArg) OutParamToRootType::result
-#define COMPUTE_ARG_PROP(NbArg) (TypeToArgProperties::result << (2 * (NbArg - 1)))
-#define COMPUTE_ARG_ROOT(NbArg) (uint64_t(TypeToRootType::result) << (3 * (NbArg - 1)))
-#define COMPUTE_ARG_FLOAT(NbArg) (TypeToPassInFloatReg::result) << (NbArg - 1)
-#define SEP_OR(_) |
-#define NOTHING(_)
-
-#define FUNCTION_INFO_STRUCT_BODY(ForEachNb)                                            \
-    static inline DataType returnType() {                                               \
-        return TypeToDataType::result;                                               \
-    }                                                                                   \
-    static inline DataType outParam() {                                                 \
-        return ForEachNb(NOTHING, NOTHING, COMPUTE_OUTPARAM_RESULT);                    \
-    }                                                                                   \
-    static inline RootType outParamRootType() {                                         \
-        return ForEachNb(NOTHING, NOTHING, COMPUTE_OUTPARAM_ROOT);                      \
-    }                                                                                   \
-    static inline size_t NbArgs() {                                                     \
-        return ForEachNb(NOTHING, NOTHING, COMPUTE_INDEX);                              \
-    }                                                                                   \
-    static inline size_t explicitArgs() {                                               \
-        return NbArgs() - (outParam() != Type_Void ? 1 : 0);                            \
-    }                                                                                   \
-    static inline uint32_t argumentProperties() {                                       \
-        return ForEachNb(COMPUTE_ARG_PROP, SEP_OR, NOTHING);                            \
-    }                                                                                   \
-    static inline uint32_t argumentPassedInFloatRegs() {                                \
-        return ForEachNb(COMPUTE_ARG_FLOAT, SEP_OR, NOTHING);                           \
-    }                                                                                   \
-    static inline uint64_t argumentRootTypes() {                                        \
-        return ForEachNb(COMPUTE_ARG_ROOT, SEP_OR, NOTHING);                            \
-    }                                                                                   \
-    explicit FunctionInfo(pf fun, MaybeTailCall expectTailCall,                         \
-                          PopValues extraValuesToPop = PopValues(0))                    \
-        : VMFunction(JS_FUNC_TO_DATA_PTR(void*, fun), explicitArgs(),                  \
-                     argumentProperties(), argumentPassedInFloatRegs(),                 \
-                     argumentRootTypes(), outParam(), outParamRootType(),               \
-                     returnType(), extraValuesToPop.numValues, expectTailCall)          \
-    {                                                                                   \
-        static_assert(MatchContext::valid, "Invalid cx type in VMFunction");   \
-    }                                                                                   \
-    explicit FunctionInfo(pf fun, PopValues extraValuesToPop = PopValues(0))            \
-        : VMFunction(JS_FUNC_TO_DATA_PTR(void*, fun), explicitArgs(),                  \
-                     argumentProperties(), argumentPassedInFloatRegs(),                 \
-                     argumentRootTypes(), outParam(), outParamRootType(),               \
-                     returnType(), extraValuesToPop.numValues, NonTailCall)             \
-    {                                                                                   \
-        static_assert(MatchContext::valid, "Invalid cx type in VMFunction");   \
-    }
-
-template 
-struct FunctionInfo {
+template <>
+struct LastArg<>
+{
+    typedef void Type;
+    static MOZ_CONSTEXPR_VAR size_t nbArgs = 0;
 };
 
-// VMFunction wrapper with no explicit arguments.
-template 
-struct FunctionInfo : public VMFunction {
-    typedef R (*pf)(Context);
+template 
+struct LastArg
+{
+    typedef HeadType Type;
+    static MOZ_CONSTEXPR_VAR size_t nbArgs = 1;
+};
+
+template 
+struct LastArg
+{
+    typedef typename LastArg::Type Type;
+    static MOZ_CONSTEXPR_VAR size_t nbArgs = LastArg::nbArgs + 1;
+};
+
+// Construct a bit mask from a list of types.  The mask is constructed as an OR
+// of the mask produced for each argument. The result of each argument is
+// shifted by its index, such that the result of the first argument is on the
+// low bits of the mask, and the result of the last argument in part of the
+// high bits of the mask.
+template  class Each, typename ResultType, size_t Shift,
+          typename... Args>
+struct BitMask;
+
+template  class Each, typename ResultType, size_t Shift>
+struct BitMask
+{
+    static MOZ_CONSTEXPR_VAR ResultType result = ResultType();
+};
+
+template  class Each, typename ResultType, size_t Shift,
+          typename HeadType, typename... TailTypes>
+struct BitMask
+{
+    static_assert(ResultType(Each::result) < (1 << Shift),
+                  "not enough bits reserved by the shift for individual results");
+    static_assert(LastArg::nbArgs < (8 * sizeof(ResultType) / Shift),
+                  "not enough bits in the result type to store all bit masks");
+
+    static MOZ_CONSTEXPR_VAR ResultType result =
+        ResultType(Each::result) |
+        (BitMask::result << Shift);
+};
+
+// Extract VMFunction properties based on the signature of the function. The
+// properties are used to generate the logic for calling the VM function, and
+// also for marking the stack during GCs.
+template 
+struct FunctionInfo;
+
+template 
+struct FunctionInfo : public VMFunction
+{
+    typedef R (*pf)(Context, Args...);
 
     static inline DataType returnType() {
         return TypeToDataType::result;
     }
     static inline DataType outParam() {
-        return Type_Void;
+        return OutParamToDataType::Type>::result;
     }
     static inline RootType outParamRootType() {
-        return RootNone;
+        return OutParamToRootType::Type>::result;
+    }
+    static inline size_t NbArgs() {
+        return LastArg::nbArgs;
     }
     static inline size_t explicitArgs() {
-        return 0;
+        return NbArgs() - (outParam() != Type_Void ? 1 : 0);
     }
     static inline uint32_t argumentProperties() {
-        return 0;
+        return BitMask::result;
     }
     static inline uint32_t argumentPassedInFloatRegs() {
-        return 0;
+        return BitMask::result;
     }
     static inline uint64_t argumentRootTypes() {
-        return 0;
+        return BitMask::result;
     }
-    explicit FunctionInfo(pf fun)
-      : VMFunction(JS_FUNC_TO_DATA_PTR(void*, fun), explicitArgs(),
-                   argumentProperties(), argumentPassedInFloatRegs(),
-                   argumentRootTypes(), outParam(), outParamRootType(),
-                   returnType(), 0, NonTailCall)
+    explicit FunctionInfo(pf fun, PopValues extraValuesToPop = PopValues(0))
+        : VMFunction(JS_FUNC_TO_DATA_PTR(void*, fun), explicitArgs(),
+                     argumentProperties(), argumentPassedInFloatRegs(),
+                     argumentRootTypes(), outParam(), outParamRootType(),
+                     returnType(), extraValuesToPop.numValues, NonTailCall)
     {
         static_assert(MatchContext::valid, "Invalid cx type in VMFunction");
     }
-    explicit FunctionInfo(pf fun, MaybeTailCall expectTailCall)
-      : VMFunction(JS_FUNC_TO_DATA_PTR(void*, fun), explicitArgs(),
-                   argumentProperties(), argumentPassedInFloatRegs(),
-                   argumentRootTypes(), outParam(), outParamRootType(),
-                   returnType(), expectTailCall)
+    explicit FunctionInfo(pf fun, MaybeTailCall expectTailCall,
+                          PopValues extraValuesToPop = PopValues(0))
+        : VMFunction(JS_FUNC_TO_DATA_PTR(void*, fun), explicitArgs(),
+                     argumentProperties(), argumentPassedInFloatRegs(),
+                     argumentRootTypes(), outParam(), outParamRootType(),
+                     returnType(), extraValuesToPop.numValues, expectTailCall)
     {
         static_assert(MatchContext::valid, "Invalid cx type in VMFunction");
     }
 };
 
-// Specialize the class for each number of argument used by VMFunction.
-// Keep it verbose unless you find a readable macro for it.
-template 
-struct FunctionInfo : public VMFunction {
-    typedef R (*pf)(Context, A1);
-    FUNCTION_INFO_STRUCT_BODY(FOR_EACH_ARGS_1)
-};
-
-template 
-struct FunctionInfo : public VMFunction {
-    typedef R (*pf)(Context, A1, A2);
-    FUNCTION_INFO_STRUCT_BODY(FOR_EACH_ARGS_2)
-};
-
-template 
-struct FunctionInfo : public VMFunction {
-    typedef R (*pf)(Context, A1, A2, A3);
-    FUNCTION_INFO_STRUCT_BODY(FOR_EACH_ARGS_3)
-};
-
-template 
-struct FunctionInfo : public VMFunction {
-    typedef R (*pf)(Context, A1, A2, A3, A4);
-    FUNCTION_INFO_STRUCT_BODY(FOR_EACH_ARGS_4)
-};
-
-template 
-    struct FunctionInfo : public VMFunction {
-    typedef R (*pf)(Context, A1, A2, A3, A4, A5);
-    FUNCTION_INFO_STRUCT_BODY(FOR_EACH_ARGS_5)
-};
-
-template 
-    struct FunctionInfo : public VMFunction {
-    typedef R (*pf)(Context, A1, A2, A3, A4, A5, A6);
-    FUNCTION_INFO_STRUCT_BODY(FOR_EACH_ARGS_6)
-};
-
-template 
-    struct FunctionInfo : public VMFunction {
-    typedef R (*pf)(Context, A1, A2, A3, A4, A5, A6, A7);
-    FUNCTION_INFO_STRUCT_BODY(FOR_EACH_ARGS_7)
-};
-
-#undef FUNCTION_INFO_STRUCT_BODY
-
-#undef FOR_EACH_ARGS_7
-#undef FOR_EACH_ARGS_6
-#undef FOR_EACH_ARGS_5
-#undef FOR_EACH_ARGS_4
-#undef FOR_EACH_ARGS_3
-#undef FOR_EACH_ARGS_2
-#undef FOR_EACH_ARGS_1
-
-#undef COMPUTE_INDEX
-#undef COMPUTE_OUTPARAM_RESULT
-#undef COMPUTE_OUTPARAM_ROOT
-#undef COMPUTE_ARG_PROP
-#undef COMPUTE_ARG_FLOAT
-#undef SEP_OR
-#undef NOTHING
-
 class AutoDetectInvalidation
 {
     JSContext* cx_;

From 7e0bf1e61b1ff343bbc63e7a9bbea4730a3ec517 Mon Sep 17 00:00:00 2001
From: "Nicolas B. Pierron" 
Date: Thu, 11 Jun 2015 13:32:24 +0200
Subject: [PATCH 181/297] Bug 1125481 - FunctionInfo: Remove useless inline
 keywords. r=Waldo

---
 js/src/jit/VMFunctions.h | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/js/src/jit/VMFunctions.h b/js/src/jit/VMFunctions.h
index c0e83a2589a..0fee01d4fd7 100644
--- a/js/src/jit/VMFunctions.h
+++ b/js/src/jit/VMFunctions.h
@@ -507,28 +507,28 @@ struct FunctionInfo : public VMFunction
 {
     typedef R (*pf)(Context, Args...);
 
-    static inline DataType returnType() {
+    static DataType returnType() {
         return TypeToDataType::result;
     }
-    static inline DataType outParam() {
+    static DataType outParam() {
         return OutParamToDataType::Type>::result;
     }
-    static inline RootType outParamRootType() {
+    static RootType outParamRootType() {
         return OutParamToRootType::Type>::result;
     }
-    static inline size_t NbArgs() {
+    static size_t NbArgs() {
         return LastArg::nbArgs;
     }
-    static inline size_t explicitArgs() {
+    static size_t explicitArgs() {
         return NbArgs() - (outParam() != Type_Void ? 1 : 0);
     }
-    static inline uint32_t argumentProperties() {
+    static uint32_t argumentProperties() {
         return BitMask::result;
     }
-    static inline uint32_t argumentPassedInFloatRegs() {
+    static uint32_t argumentPassedInFloatRegs() {
         return BitMask::result;
     }
-    static inline uint64_t argumentRootTypes() {
+    static uint64_t argumentRootTypes() {
         return BitMask::result;
     }
     explicit FunctionInfo(pf fun, PopValues extraValuesToPop = PopValues(0))

From 3c3f5ca6ea95773a949dada0d0461c9ea1f30ff6 Mon Sep 17 00:00:00 2001
From: "Nicolas B. Pierron" 
Date: Thu, 11 Jun 2015 14:30:29 +0200
Subject: [PATCH 182/297] Bug 1165348 - Move Scalar Replacement after GVN.
 r=jandem

---
 .../tests/ion/recover-iterator-next.js        | 33 +++++++++++++++
 js/src/jit-test/tests/ion/recover-objects.js  | 12 +++---
 js/src/jit/Ion.cpp                            | 40 +++++++++++++------
 js/src/jit/ScalarReplacement.cpp              |  5 ++-
 js/src/jit/ScalarReplacement.h                |  2 +-
 5 files changed, 71 insertions(+), 21 deletions(-)
 create mode 100644 js/src/jit-test/tests/ion/recover-iterator-next.js

diff --git a/js/src/jit-test/tests/ion/recover-iterator-next.js b/js/src/jit-test/tests/ion/recover-iterator-next.js
new file mode 100644
index 00000000000..93674af3629
--- /dev/null
+++ b/js/src/jit-test/tests/ion/recover-iterator-next.js
@@ -0,0 +1,33 @@
+// Ion eager fails the test below because we have not yet created any
+// template object in baseline before running the content of the top-level
+// function.
+if (getJitCompilerOptions()["ion.warmup.trigger"] <= 90)
+    setJitCompilerOption("ion.warmup.trigger", 90);
+
+// This test checks that we are able to remove the getprop & setprop with scalar
+// replacement, so we should not force inline caches, as this would skip the
+// generation of getprop & setprop instructions.
+if (getJitCompilerOptions()["ion.forceinlineCaches"])
+    setJitCompilerOption("ion.forceinlineCaches", 0);
+
+var arr = new Array();
+var max = 2000;
+for (var i=0; i < max; i++)
+    arr[i] = i;
+
+function f() {
+    var res = 0;
+    var nextObj;
+    var itr = arr[Symbol.iterator]();
+    do {
+        nextObj = itr.next();
+        if (nextObj.done)
+          break;
+        res += nextObj.value;
+        assertRecoveredOnBailout(nextObj, true);
+    } while (true);
+    return res;
+}
+
+for (var j = 0; j < 10; j++)
+  assertEq(f(), max * (max - 1) / 2);
diff --git a/js/src/jit-test/tests/ion/recover-objects.js b/js/src/jit-test/tests/ion/recover-objects.js
index c2cbf50af4c..10838ef1cd4 100644
--- a/js/src/jit-test/tests/ion/recover-objects.js
+++ b/js/src/jit-test/tests/ion/recover-objects.js
@@ -42,9 +42,9 @@ function notSoEmpty1() {
     assertRecoveredOnBailout(c, true);
     assertRecoveredOnBailout(d, true);
     assertRecoveredOnBailout(unused, true);
-    // Scalar Replacement is coming after the branch removal made by GVN, and
-    // the ucefault branch is not taken yet.
-    assertRecoveredOnBailout(res, false);
+    // The ucefault branch is not taken yet, and GVN removes it. Scalar
+    // Replacement thus removes the creation of the object.
+    assertRecoveredOnBailout(res, true);
 }
 
 // Check that we can recover objects with their content.
@@ -67,9 +67,9 @@ function notSoEmpty2(i) {
     assertRecoveredOnBailout(c, true);
     assertRecoveredOnBailout(d, true);
     assertRecoveredOnBailout(unused, true);
-    // Scalar Replacement is coming after the branch removal made by GVN, and
-    // the ucefault branch is not taken yet.
-    assertRecoveredOnBailout(res, false);
+    // The ucefault branch is not taken yet, and GVN removes it. Scalar
+    // Replacement thus removes the creation of the object.
+    assertRecoveredOnBailout(res, true);
 }
 
 // Check that we can recover objects with their content.
diff --git a/js/src/jit/Ion.cpp b/js/src/jit/Ion.cpp
index 1c9599881fe..8cb866c8189 100644
--- a/js/src/jit/Ion.cpp
+++ b/js/src/jit/Ion.cpp
@@ -1350,16 +1350,14 @@ OptimizeMIR(MIRGenerator* mir)
             return false;
     }
 
-    if (mir->optimizationInfo().scalarReplacementEnabled()) {
-        AutoTraceLog log(logger, TraceLogger_ScalarReplacement);
-        if (!ScalarReplacement(mir, graph))
-            return false;
-        gs.spewPass("Scalar Replacement");
-        AssertGraphCoherency(graph);
+    ValueNumberer gvn(mir, graph);
+    if (!gvn.init())
+        return false;
 
-        if (mir->shouldCancel("Scalar Replacement"))
-            return false;
-    }
+    size_t doRepeatOptimizations = 0;
+  repeatOptimizations:
+    doRepeatOptimizations++;
+    MOZ_ASSERT(doRepeatOptimizations <= 2);
 
     if (!mir->compilingAsmJS()) {
         AutoTraceLog log(logger, TraceLogger_ApplyTypes);
@@ -1395,10 +1393,6 @@ OptimizeMIR(MIRGenerator* mir)
             return false;
     }
 
-    ValueNumberer gvn(mir, graph);
-    if (!gvn.init())
-        return false;
-
     // Alias analysis is required for LICM and GVN so that we don't move
     // loads across stores.
     if (mir->optimizationInfo().licmEnabled() ||
@@ -1454,6 +1448,26 @@ OptimizeMIR(MIRGenerator* mir)
         }
     }
 
+    if (mir->optimizationInfo().scalarReplacementEnabled() && doRepeatOptimizations <= 1) {
+        AutoTraceLog log(logger, TraceLogger_ScalarReplacement);
+        bool success = false;
+        if (!ScalarReplacement(mir, graph, &success))
+            return false;
+        gs.spewPass("Scalar Replacement");
+        AssertGraphCoherency(graph);
+
+        if (mir->shouldCancel("Scalar Replacement"))
+            return false;
+
+        // We got some success at removing objects allocation and removing the
+        // loads and stores, unfortunately, this phase is terrible at keeping
+        // the type consistency, so we re-run the Apply Type phase.  As this
+        // optimization folds loads and stores, it might also introduce new
+        // opportunities for GVN and LICM, so re-run them as well.
+        if (success)
+            goto repeatOptimizations;
+    }
+
     if (mir->optimizationInfo().rangeAnalysisEnabled()) {
         AutoTraceLog log(logger, TraceLogger_RangeAnalysis);
         RangeAnalysis r(mir, graph);
diff --git a/js/src/jit/ScalarReplacement.cpp b/js/src/jit/ScalarReplacement.cpp
index 915b9ad6876..37c0225b1d8 100644
--- a/js/src/jit/ScalarReplacement.cpp
+++ b/js/src/jit/ScalarReplacement.cpp
@@ -1067,11 +1067,12 @@ ArrayMemoryView::visitArrayLength(MArrayLength* ins)
 }
 
 bool
-ScalarReplacement(MIRGenerator* mir, MIRGraph& graph)
+ScalarReplacement(MIRGenerator* mir, MIRGraph& graph, bool* success)
 {
     EmulateStateOf replaceObject(mir, graph);
     EmulateStateOf replaceArray(mir, graph);
     bool addedPhi = false;
+    *success = false;
 
     for (ReversePostorderIterator block = graph.rpoBegin(); block != graph.rpoEnd(); block++) {
         if (mir->shouldCancel("Scalar Replacement (main loop)"))
@@ -1085,6 +1086,7 @@ ScalarReplacement(MIRGenerator* mir, MIRGraph& graph)
                 if (!replaceObject.run(view))
                     return false;
                 view.assertSuccess();
+                *success = true;
                 addedPhi = true;
                 continue;
             }
@@ -1094,6 +1096,7 @@ ScalarReplacement(MIRGenerator* mir, MIRGraph& graph)
                 if (!replaceArray.run(view))
                     return false;
                 view.assertSuccess();
+                *success = true;
                 addedPhi = true;
                 continue;
             }
diff --git a/js/src/jit/ScalarReplacement.h b/js/src/jit/ScalarReplacement.h
index 836367f0f0f..1869471a314 100644
--- a/js/src/jit/ScalarReplacement.h
+++ b/js/src/jit/ScalarReplacement.h
@@ -15,7 +15,7 @@ class MIRGenerator;
 class MIRGraph;
 
 bool
-ScalarReplacement(MIRGenerator* mir, MIRGraph& graph);
+ScalarReplacement(MIRGenerator* mir, MIRGraph& graph, bool* success);
 
 } // namespace jit
 } // namespace js

From 3ab3d370c28161a5807e35265a6b70d2faf07ea0 Mon Sep 17 00:00:00 2001
From: "Nicolas B. Pierron" 
Date: Thu, 11 Jun 2015 14:30:30 +0200
Subject: [PATCH 183/297] Bug 1166711 part 0.1 - Use JitSpewPrinter instead of
 stderr. r=bhackett

---
 js/src/jit/JitSpewer.cpp | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/js/src/jit/JitSpewer.cpp b/js/src/jit/JitSpewer.cpp
index 08fccf6ad71..600a6f9c3df 100644
--- a/js/src/jit/JitSpewer.cpp
+++ b/js/src/jit/JitSpewer.cpp
@@ -508,7 +508,8 @@ jit::JitSpewStartVA(JitSpewChannel channel, const char* fmt, va_list ap)
         return;
 
     JitSpewHeader(channel);
-    vfprintf(stderr, fmt, ap);
+    Fprinter& out = JitSpewPrinter();
+    out.vprintf(fmt, ap);
 }
 
 void
@@ -517,7 +518,8 @@ jit::JitSpewContVA(JitSpewChannel channel, const char* fmt, va_list ap)
     if (!JitSpewEnabled(channel))
         return;
 
-    vfprintf(stderr, fmt, ap);
+    Fprinter& out = JitSpewPrinter();
+    out.vprintf(fmt, ap);
 }
 
 void
@@ -526,7 +528,8 @@ jit::JitSpewFin(JitSpewChannel channel)
     if (!JitSpewEnabled(channel))
         return;
 
-    fprintf(stderr, "\n");
+    Fprinter& out = JitSpewPrinter();
+    out.put("\n");
 }
 
 void
@@ -581,7 +584,8 @@ jit::JitSpewHeader(JitSpewChannel channel)
     if (!JitSpewEnabled(channel))
         return;
 
-    fprintf(stderr, "[%s] ", ChannelNames[channel]);
+    Fprinter& out = JitSpewPrinter();
+    out.printf("[%s] ", ChannelNames[channel]);
 }
 
 bool

From c7494e85deee28a77ca1b41da1a156fa8c8bbb60 Mon Sep 17 00:00:00 2001
From: "Nicolas B. Pierron" 
Date: Thu, 11 Jun 2015 14:30:30 +0200
Subject: [PATCH 184/297] Bug 1166711 part 0.2 - JitSpew add scope-base
 indentation level. r=bhackett

---
 js/src/jit/JitSpewer.cpp | 20 ++++++++++++++++++++
 js/src/jit/JitSpewer.h   | 18 ++++++++++++++++++
 2 files changed, 38 insertions(+)

diff --git a/js/src/jit/JitSpewer.cpp b/js/src/jit/JitSpewer.cpp
index 600a6f9c3df..4b064bf2be3 100644
--- a/js/src/jit/JitSpewer.cpp
+++ b/js/src/jit/JitSpewer.cpp
@@ -97,6 +97,13 @@ static const char * const ChannelNames[] =
 #undef JITSPEW_CHANNEL
 };
 
+static size_t ChannelIndentLevel[] =
+{
+#define JITSPEW_CHANNEL(name) 0,
+    JITSPEW_CHANNEL_LIST(JITSPEW_CHANNEL)
+#undef JITSPEW_CHANNEL
+};
+
 static bool
 FilterContainsLocation(JSScript* function)
 {
@@ -501,6 +508,17 @@ jit::CheckLogging()
     JitSpewPrinter().init(stderr);
 }
 
+JitSpewIndent::JitSpewIndent(JitSpewChannel channel)
+  : channel_(channel)
+{
+    ChannelIndentLevel[channel]++;
+}
+
+JitSpewIndent::~JitSpewIndent()
+{
+    ChannelIndentLevel[channel_]--;
+}
+
 void
 jit::JitSpewStartVA(JitSpewChannel channel, const char* fmt, va_list ap)
 {
@@ -586,6 +604,8 @@ jit::JitSpewHeader(JitSpewChannel channel)
 
     Fprinter& out = JitSpewPrinter();
     out.printf("[%s] ", ChannelNames[channel]);
+    for (size_t i = ChannelIndentLevel[channel]; i != 0; i--)
+        out.put("  ");
 }
 
 bool
diff --git a/js/src/jit/JitSpewer.h b/js/src/jit/JitSpewer.h
index 261392f0601..b46e3caa70b 100644
--- a/js/src/jit/JitSpewer.h
+++ b/js/src/jit/JitSpewer.h
@@ -150,6 +150,16 @@ class AutoSpewEndFunction
 
 void CheckLogging();
 Fprinter& JitSpewPrinter();
+
+class JitSpewIndent
+{
+    JitSpewChannel channel_;
+
+  public:
+    explicit JitSpewIndent(JitSpewChannel channel);
+    ~JitSpewIndent();
+};
+
 void JitSpew(JitSpewChannel channel, const char* fmt, ...);
 void JitSpewStart(JitSpewChannel channel, const char* fmt, ...);
 void JitSpewCont(JitSpewChannel channel, const char* fmt, ...);
@@ -199,6 +209,14 @@ static inline Fprinter& JitSpewPrinter()
 {
     MOZ_CRASH("No empty backend for JitSpewPrinter");
 }
+
+class JitSpewIndent
+{
+  public:
+    explicit JitSpewIndent(JitSpewChannel channel) {}
+    ~JitSpewIndent() {}
+};
+
 static inline void JitSpew(JitSpewChannel, const char* fmt, ...)
 { }
 static inline void JitSpewStart(JitSpewChannel channel, const char* fmt, ...)

From 0c66e12baaf2f510de7f4472a24a2f4939a96caf Mon Sep 17 00:00:00 2001
From: "Nicolas B. Pierron" 
Date: Thu, 11 Jun 2015 14:30:30 +0200
Subject: [PATCH 185/297] Bug 1166711 part 0.3 - Scalar Replacement split
 functions and improve the spew. r=bhackett

---
 js/src/jit/ScalarReplacement.cpp | 312 ++++++++++++++++++-------------
 1 file changed, 179 insertions(+), 133 deletions(-)

diff --git a/js/src/jit/ScalarReplacement.cpp b/js/src/jit/ScalarReplacement.cpp
index 37c0225b1d8..78524fdcc89 100644
--- a/js/src/jit/ScalarReplacement.cpp
+++ b/js/src/jit/ScalarReplacement.cpp
@@ -91,18 +91,60 @@ EmulateStateOf::run(MemoryView& view)
     return true;
 }
 
+static bool
+IsObjectEscaped(MInstruction* ins, JSObject* objDefault = nullptr);
+
+// Returns False if the lambda is not escaped and if it is optimizable by
+// ScalarReplacementOfObject.
+static bool
+IsLambdaEscaped(MLambda* lambda, JSObject* obj)
+{
+    JitSpewDef(JitSpew_Escape, "Check lambda\n", lambda);
+    JitSpewIndent spewIndent(JitSpew_Escape);
+
+    // The scope chain is not escaped if none of the Lambdas which are
+    // capturing it are escaped.
+    for (MUseIterator i(lambda->usesBegin()); i != lambda->usesEnd(); i++) {
+        MNode* consumer = (*i)->consumer();
+        if (!consumer->isDefinition()) {
+            // Cannot optimize if it is observable from fun.arguments or others.
+            if (!consumer->toResumePoint()->isRecoverableOperand(*i)) {
+                JitSpew(JitSpew_Escape, "Observable lambda cannot be recovered");
+                return true;
+            }
+            continue;
+        }
+
+        MDefinition* def = consumer->toDefinition();
+        if (!def->isFunctionEnvironment()) {
+            JitSpewDef(JitSpew_Escape, "is escaped by\n", def);
+            return true;
+        }
+
+        if (IsObjectEscaped(def->toInstruction(), obj)) {
+            JitSpewDef(JitSpew_Escape, "is indirectly escaped by\n", def);
+            return true;
+        }
+    }
+    JitSpew(JitSpew_Escape, "Lambda is not escaped");
+    return false;
+}
+
 // Returns False if the object is not escaped and if it is optimizable by
 // ScalarReplacementOfObject.
 //
 // For the moment, this code is dumb as it only supports objects which are not
 // changing shape, and which are known by TI at the object creation.
 static bool
-IsObjectEscaped(MInstruction* ins, JSObject* objDefault = nullptr)
+IsObjectEscaped(MInstruction* ins, JSObject* objDefault)
 {
     MOZ_ASSERT(ins->type() == MIRType_Object);
     MOZ_ASSERT(ins->isNewObject() || ins->isGuardShape() || ins->isCreateThisWithTemplate() ||
                ins->isNewCallObject() || ins->isFunctionEnvironment());
 
+    JitSpewDef(JitSpew_Escape, "Check object\n", ins);
+    JitSpewIndent spewIndent(JitSpew_Escape);
+
     JSObject* obj = nullptr;
     if (ins->isNewObject())
         obj = ins->toNewObject()->templateObject();
@@ -113,12 +155,16 @@ IsObjectEscaped(MInstruction* ins, JSObject* objDefault = nullptr)
     else
         obj = objDefault;
 
-    if (!obj)
+    if (!obj) {
+        JitSpew(JitSpew_Escape, "No template object defined.");
         return true;
+    }
 
     // Don't optimize unboxed objects, which aren't handled by MObjectState.
-    if (obj->is())
+    if (obj->is()) {
+        JitSpew(JitSpew_Escape, "Template object is an unboxed plain object.");
         return true;
+    }
 
     // Check if the object is escaped. If the object is not the first argument
     // of either a known Store / Load, then we consider it as escaped. This is a
@@ -128,7 +174,7 @@ IsObjectEscaped(MInstruction* ins, JSObject* objDefault = nullptr)
         if (!consumer->isDefinition()) {
             // Cannot optimize if it is observable from fun.arguments or others.
             if (!consumer->toResumePoint()->isRecoverableOperand(*i)) {
-                JitSpewDef(JitSpew_Escape, "Observable object cannot be recovered\n", ins);
+                JitSpew(JitSpew_Escape, "Observable object cannot be recovered");
                 return true;
             }
             continue;
@@ -142,8 +188,7 @@ IsObjectEscaped(MInstruction* ins, JSObject* objDefault = nullptr)
             if (def->indexOf(*i) == 0)
                 break;
 
-            JitSpewDef(JitSpew_Escape, "Object ", ins);
-            JitSpewDef(JitSpew_Escape, "  is escaped by\n", def);
+            JitSpewDef(JitSpew_Escape, "is escaped by\n", def);
             return true;
 
           case MDefinition::Op_PostWriteBarrier:
@@ -169,38 +214,22 @@ IsObjectEscaped(MInstruction* ins, JSObject* objDefault = nullptr)
             MGuardShape* guard = def->toGuardShape();
             MOZ_ASSERT(!ins->isGuardShape());
             if (obj->as().lastProperty() != guard->shape()) {
-                JitSpewDef(JitSpew_Escape, "Object ", ins);
-                JitSpewDef(JitSpew_Escape, "  has a non-matching guard shape\n", guard);
+                JitSpewDef(JitSpew_Escape, "has a non-matching guard shape\n", guard);
                 return true;
             }
-            if (IsObjectEscaped(def->toInstruction(), obj))
+            if (IsObjectEscaped(def->toInstruction(), obj)) {
+                JitSpewDef(JitSpew_Escape, "is indirectly escaped by\n", def);
                 return true;
+            }
             break;
           }
 
           case MDefinition::Op_Lambda: {
             MLambda* lambda = def->toLambda();
-            // The scope chain is not escaped if none of the Lambdas which are
-            // capturing it are escaped.
-            for (MUseIterator i(lambda->usesBegin()); i != lambda->usesEnd(); i++) {
-                MNode* consumer = (*i)->consumer();
-                if (!consumer->isDefinition()) {
-                    // Cannot optimize if it is observable from fun.arguments or others.
-                    if (!consumer->toResumePoint()->isRecoverableOperand(*i)) {
-                        JitSpewDef(JitSpew_Escape, "Observable object cannot be recovered\n", ins);
-                        return true;
-                    }
-                    continue;
-                }
-
-                MDefinition* def = consumer->toDefinition();
-                if (!def->isFunctionEnvironment() || IsObjectEscaped(def->toInstruction(), obj)) {
-                    JitSpewDef(JitSpew_Escape, "Object ", ins);
-                    JitSpewDef(JitSpew_Escape, "  is escaped through a lambda by\n", def);
-                    return true;
-                }
+            if (IsLambdaEscaped(lambda, obj)) {
+                JitSpewDef(JitSpew_Escape, "is indirectly escaped by\n", lambda);
+                return true;
             }
-
             break;
           }
 
@@ -210,13 +239,12 @@ IsObjectEscaped(MInstruction* ins, JSObject* objDefault = nullptr)
             break;
 
           default:
-            JitSpewDef(JitSpew_Escape, "Object ", ins);
-            JitSpewDef(JitSpew_Escape, "  is escaped by\n", def);
+            JitSpewDef(JitSpew_Escape, "is escaped by\n", def);
             return true;
         }
     }
 
-    JitSpewDef(JitSpew_Escape, "Object is not escaped\n", ins);
+    JitSpew(JitSpew_Escape, "Object is not escaped");
     return false;
 }
 
@@ -593,6 +621,105 @@ IndexOf(MDefinition* ins, int32_t* res)
     return true;
 }
 
+// Returns False if the elements is not escaped and if it is optimizable by
+// ScalarReplacementOfArray.
+static bool
+IsElementEscaped(MElements* def, uint32_t arraySize)
+{
+    JitSpewDef(JitSpew_Escape, "Check elements\n", def);
+    JitSpewIndent spewIndent(JitSpew_Escape);
+
+    for (MUseIterator i(def->usesBegin()); i != def->usesEnd(); i++) {
+        // The MIRType_Elements cannot be captured in a resume point as
+        // it does not represent a value allocation.
+        MDefinition* access = (*i)->consumer()->toDefinition();
+
+        switch (access->op()) {
+          case MDefinition::Op_LoadElement: {
+            MOZ_ASSERT(access->toLoadElement()->elements() == def);
+
+            // If we need hole checks, then the array cannot be escaped
+            // as the array might refer to the prototype chain to look
+            // for properties, thus it might do additional side-effects
+            // which are not reflected by the alias set, is we are
+            // bailing on holes.
+            if (access->toLoadElement()->needsHoleCheck()) {
+                JitSpewDef(JitSpew_Escape,
+                           "has a load element with a hole check\n", access);
+                return true;
+            }
+
+            // If the index is not a constant then this index can alias
+            // all others. We do not handle this case.
+            int32_t index;
+            if (!IndexOf(access, &index)) {
+                JitSpewDef(JitSpew_Escape,
+                           "has a load element with a non-trivial index\n", access);
+                return true;
+            }
+            if (index < 0 || arraySize <= uint32_t(index)) {
+                JitSpewDef(JitSpew_Escape,
+                           "has a load element with an out-of-bound index\n", access);
+                return true;
+            }
+            break;
+          }
+
+          case MDefinition::Op_StoreElement: {
+            MOZ_ASSERT(access->toStoreElement()->elements() == def);
+
+            // If we need hole checks, then the array cannot be escaped
+            // as the array might refer to the prototype chain to look
+            // for properties, thus it might do additional side-effects
+            // which are not reflected by the alias set, is we are
+            // bailing on holes.
+            if (access->toStoreElement()->needsHoleCheck()) {
+                JitSpewDef(JitSpew_Escape,
+                           "has a store element with a hole check\n", access);
+                return true;
+            }
+
+            // If the index is not a constant then this index can alias
+            // all others. We do not handle this case.
+            int32_t index;
+            if (!IndexOf(access, &index)) {
+                JitSpewDef(JitSpew_Escape, "has a store element with a non-trivial index\n", access);
+                return true;
+            }
+            if (index < 0 || arraySize <= uint32_t(index)) {
+                JitSpewDef(JitSpew_Escape, "has a store element with an out-of-bound index\n", access);
+                return true;
+            }
+
+            // We are not yet encoding magic hole constants in resume points.
+            if (access->toStoreElement()->value()->type() == MIRType_MagicHole) {
+                JitSpewDef(JitSpew_Escape, "has a store element with an magic-hole constant\n", access);
+                return true;
+            }
+            break;
+          }
+
+          case MDefinition::Op_SetInitializedLength:
+            MOZ_ASSERT(access->toSetInitializedLength()->elements() == def);
+            break;
+
+          case MDefinition::Op_InitializedLength:
+            MOZ_ASSERT(access->toInitializedLength()->elements() == def);
+            break;
+
+          case MDefinition::Op_ArrayLength:
+            MOZ_ASSERT(access->toArrayLength()->elements() == def);
+            break;
+
+          default:
+            JitSpewDef(JitSpew_Escape, "is escaped by\n", access);
+            return true;
+        }
+    }
+    JitSpew(JitSpew_Escape, "Elements is not escaped");
+    return false;
+}
+
 // Returns False if the array is not escaped and if it is optimizable by
 // ScalarReplacementOfArray.
 //
@@ -605,12 +732,22 @@ IsArrayEscaped(MInstruction* ins)
     MOZ_ASSERT(ins->isNewArray());
     uint32_t count = ins->toNewArray()->count();
 
+    JitSpewDef(JitSpew_Escape, "Check array\n", ins);
+    JitSpewIndent spewIndent(JitSpew_Escape);
+
     JSObject* obj = ins->toNewArray()->templateObject();
-    if (!obj || obj->is())
+    if (!obj) {
+        JitSpew(JitSpew_Escape, "No template object defined.");
         return true;
+    }
+
+    if (obj->is()) {
+        JitSpew(JitSpew_Escape, "Template object is an unboxed plain object.");
+        return true;
+    }
 
     if (count >= 16) {
-        JitSpewDef(JitSpew_Escape, "Array has too many elements\n", ins);
+        JitSpew(JitSpew_Escape, "Array has too many elements");
         return true;
     }
 
@@ -622,7 +759,7 @@ IsArrayEscaped(MInstruction* ins)
         if (!consumer->isDefinition()) {
             // Cannot optimize if it is observable from fun.arguments or others.
             if (!consumer->toResumePoint()->isRecoverableOperand(*i)) {
-                JitSpewDef(JitSpew_Escape, "Observable array cannot be recovered\n", ins);
+                JitSpew(JitSpew_Escape, "Observable array cannot be recovered");
                 return true;
             }
             continue;
@@ -631,101 +768,11 @@ IsArrayEscaped(MInstruction* ins)
         MDefinition* def = consumer->toDefinition();
         switch (def->op()) {
           case MDefinition::Op_Elements: {
-            MOZ_ASSERT(def->toElements()->object() == ins);
-            for (MUseIterator i(def->usesBegin()); i != def->usesEnd(); i++) {
-                // The MIRType_Elements cannot be captured in a resume point as
-                // it does not represent a value allocation.
-                MDefinition* access = (*i)->consumer()->toDefinition();
-
-                switch (access->op()) {
-                  case MDefinition::Op_LoadElement: {
-                    MOZ_ASSERT(access->toLoadElement()->elements() == def);
-
-                    // If we need hole checks, then the array cannot be escaped
-                    // as the array might refer to the prototype chain to look
-                    // for properties, thus it might do additional side-effects
-                    // which are not reflected by the alias set, is we are
-                    // bailing on holes.
-                    if (access->toLoadElement()->needsHoleCheck()) {
-                        JitSpewDef(JitSpew_Escape, "Array ", ins);
-                        JitSpewDef(JitSpew_Escape,
-                                   "  has a load element with a hole check\n", access);
-                        return true;
-                    }
-
-                    // If the index is not a constant then this index can alias
-                    // all others. We do not handle this case.
-                    int32_t index;
-                    if (!IndexOf(access, &index)) {
-                        JitSpewDef(JitSpew_Escape, "Array ", ins);
-                        JitSpewDef(JitSpew_Escape,
-                                   "  has a load element with a non-trivial index\n", access);
-                        return true;
-                    }
-                    if (index < 0 || count <= uint32_t(index)) {
-                        JitSpewDef(JitSpew_Escape, "Array ", ins);
-                        JitSpewDef(JitSpew_Escape,
-                                   "  has a load element with an out-of-bound index\n", access);
-                        return true;
-                    }
-                    break;
-                  }
-
-                  case MDefinition::Op_StoreElement: {
-                    MOZ_ASSERT(access->toStoreElement()->elements() == def);
-
-                    // If we need hole checks, then the array cannot be escaped
-                    // as the array might refer to the prototype chain to look
-                    // for properties, thus it might do additional side-effects
-                    // which are not reflected by the alias set, is we are
-                    // bailing on holes.
-                    if (access->toStoreElement()->needsHoleCheck()) {
-                        JitSpewDef(JitSpew_Escape, "Array ", ins);
-                        JitSpewDef(JitSpew_Escape,
-                                   "  has a store element with a hole check\n", access);
-                        return true;
-                    }
-
-                    // If the index is not a constant then this index can alias
-                    // all others. We do not handle this case.
-                    int32_t index;
-                    if (!IndexOf(access, &index)) {
-                        JitSpewDef(JitSpew_Escape, "Array ", ins);
-                        JitSpewDef(JitSpew_Escape, "  has a store element with a non-trivial index\n", access);
-                        return true;
-                    }
-                    if (index < 0 || count <= uint32_t(index)) {
-                        JitSpewDef(JitSpew_Escape, "Array ", ins);
-                        JitSpewDef(JitSpew_Escape, "  has a store element with an out-of-bound index\n", access);
-                        return true;
-                    }
-
-                    // We are not yet encoding magic hole constants in resume points.
-                    if (access->toStoreElement()->value()->type() == MIRType_MagicHole) {
-                        JitSpewDef(JitSpew_Escape, "Array ", ins);
-                        JitSpewDef(JitSpew_Escape, "  has a store element with an magic-hole constant\n", access);
-                        return true;
-                    }
-                    break;
-                  }
-
-                  case MDefinition::Op_SetInitializedLength:
-                    MOZ_ASSERT(access->toSetInitializedLength()->elements() == def);
-                    break;
-
-                  case MDefinition::Op_InitializedLength:
-                    MOZ_ASSERT(access->toInitializedLength()->elements() == def);
-                    break;
-
-                  case MDefinition::Op_ArrayLength:
-                    MOZ_ASSERT(access->toArrayLength()->elements() == def);
-                    break;
-
-                  default:
-                    JitSpewDef(JitSpew_Escape, "Array's element ", ins);
-                    JitSpewDef(JitSpew_Escape, "  is escaped by\n", def);
-                    return true;
-                }
+            MElements *elem = def->toElements();
+            MOZ_ASSERT(elem->object() == ins);
+            if (IsElementEscaped(elem, count)) {
+                JitSpewDef(JitSpew_Escape, "is indirectly escaped by\n", elem);
+                return true;
             }
 
             break;
@@ -737,13 +784,12 @@ IsArrayEscaped(MInstruction* ins)
             break;
 
           default:
-            JitSpewDef(JitSpew_Escape, "Array ", ins);
-            JitSpewDef(JitSpew_Escape, "  is escaped by\n", def);
+            JitSpewDef(JitSpew_Escape, "is escaped by\n", def);
             return true;
         }
     }
 
-    JitSpewDef(JitSpew_Escape, "Array is not escaped\n", ins);
+    JitSpew(JitSpew_Escape, "Array is not escaped");
     return false;
 }
 

From ac5002a5a3ecaf8e1331e802cc48e72ce626f0a0 Mon Sep 17 00:00:00 2001
From: "Nicolas B. Pierron" 
Date: Thu, 11 Jun 2015 14:30:31 +0200
Subject: [PATCH 186/297] Bug 1166711 part 0.5 - Add a big comment to explain
 Recover instructions. r=bhackett

---
 js/src/jit/Recover.h | 37 +++++++++++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)

diff --git a/js/src/jit/Recover.h b/js/src/jit/Recover.h
index 84e82fe63cc..cc81b1a22b1 100644
--- a/js/src/jit/Recover.h
+++ b/js/src/jit/Recover.h
@@ -19,6 +19,43 @@ struct JSContext;
 namespace js {
 namespace jit {
 
+// This file contains all recover instructions.
+//
+// A recover instruction is an equivalent of a MIR instruction which is executed
+// before the reconstruction of a baseline frame. Recover instructions are used
+// by resume points to fill the value which are not produced by the code
+// compiled by IonMonkey. For example, if a value is optimized away by
+// IonMonkey, but required by Baseline, then we should have a recover
+// instruction to fill the missing baseline frame slot.
+//
+// Recover instructions are executed either during a bailout, or under a call
+// when the stack frame is introspected. If the stack is introspected, then any
+// use of recover instruction must lead to an invalidation of the code.
+//
+// For each MIR instruction where |canRecoverOnBailout| might return true, we
+// have a RInstruction of the same name.
+//
+// Recover instructions are encoded by code generator into a compact buffer
+// (RecoverWriter). The MIR instruction method |writeRecoverData| should write a
+// tag in the |CompactBufferWriter| which is used by
+// |RInstruction::readRecoverData| to dispatch to the right Recover
+// instruction. Then |writeRecoverData| writes any local fields which are
+// necessary for the execution of the |recover| method. These fields are decoded
+// by the Recover instruction constructor which has a |CompactBufferReader| as
+// argument. The constructor of the Recover instruction should follow the same
+// sequence as the |writeRecoverData| method of the MIR instruction.
+//
+// Recover instructions are decoded by the |SnapshotIterator| (RecoverReader),
+// which is given as argument of the |recover| methods, in order to read the
+// operands.  The number of operands read should be the same as the result of
+// |numOperands|, which corresponds to the number of operands of the MIR
+// instruction.  Operands should be decoded in the same order as the operands of
+// the MIR instruction.
+//
+// The result of the |recover| method should either be a failure, or a value
+// stored on the |SnapshotIterator|, by using the |storeInstructionResult|
+// method.
+
 #define RECOVER_OPCODE_LIST(_)                  \
     _(ResumePoint)                              \
     _(BitNot)                                   \

From 7c5807dbb75fe9c09607a2fb305b9fc2f6b21c16 Mon Sep 17 00:00:00 2001
From: "Nicolas B. Pierron" 
Date: Thu, 11 Jun 2015 14:30:31 +0200
Subject: [PATCH 187/297] Bug 1166711 part 1.1 - Recover CreateThisWithTemplate
 with unboxed objects. r=bhackett

---
 js/src/jit/Recover.cpp | 8 ++------
 js/src/jit/Recover.h   | 3 ---
 2 files changed, 2 insertions(+), 9 deletions(-)

diff --git a/js/src/jit/Recover.cpp b/js/src/jit/Recover.cpp
index 1c315946fd6..8bb3d7ab52d 100644
--- a/js/src/jit/Recover.cpp
+++ b/js/src/jit/Recover.cpp
@@ -1253,24 +1253,20 @@ MCreateThisWithTemplate::writeRecoverData(CompactBufferWriter& writer) const
 {
     MOZ_ASSERT(canRecoverOnBailout());
     writer.writeUnsigned(uint32_t(RInstruction::Recover_CreateThisWithTemplate));
-    writer.writeByte(bool(initialHeap() == gc::TenuredHeap));
     return true;
 }
 
 RCreateThisWithTemplate::RCreateThisWithTemplate(CompactBufferReader& reader)
 {
-    tenuredHeap_ = reader.readByte();
 }
 
 bool
 RCreateThisWithTemplate::recover(JSContext* cx, SnapshotIterator& iter) const
 {
-    RootedPlainObject templateObject(cx, &iter.read().toObject().as());
+    RootedObject templateObject(cx, &iter.read().toObject());
 
     // See CodeGenerator::visitCreateThisWithTemplate
-    gc::AllocKind allocKind = templateObject->asTenured().getAllocKind();
-    gc::InitialHeap initialHeap = tenuredHeap_ ? gc::TenuredHeap : gc::DefaultHeap;
-    JSObject* resultObject = NativeObject::copy(cx, allocKind, initialHeap, templateObject);
+    JSObject* resultObject = NewObjectOperationWithTemplate(cx, templateObject);
     if (!resultObject)
         return false;
 
diff --git a/js/src/jit/Recover.h b/js/src/jit/Recover.h
index cc81b1a22b1..81473c07dba 100644
--- a/js/src/jit/Recover.h
+++ b/js/src/jit/Recover.h
@@ -697,9 +697,6 @@ class RNewDerivedTypedObject final : public RInstruction
 
 class RCreateThisWithTemplate final : public RInstruction
 {
-  private:
-    bool tenuredHeap_;
-
   public:
     RINSTRUCTION_HEADER_(CreateThisWithTemplate)
 

From 5406e6f1a7b86ca06533449d1f485d98a2b8f7ac Mon Sep 17 00:00:00 2001
From: "Nicolas B. Pierron" 
Date: Thu, 11 Jun 2015 14:30:31 +0200
Subject: [PATCH 188/297] Bug 1166711 part 2.1 - Check Scalar Replacement with
 both unboxed object and without. r=bhackett

---
 .../tests/ion/recover-empty-new-object.js     |  8 ++++
 .../tests/ion/recover-iterator-next.js        |  6 +++
 js/src/jit-test/tests/ion/recover-objects.js  | 48 ++++++++++---------
 js/src/tests/lib/jittests.py                  | 25 +++++++---
 4 files changed, 58 insertions(+), 29 deletions(-)

diff --git a/js/src/jit-test/tests/ion/recover-empty-new-object.js b/js/src/jit-test/tests/ion/recover-empty-new-object.js
index 459f11f3b74..a34f0d36fb4 100644
--- a/js/src/jit-test/tests/ion/recover-empty-new-object.js
+++ b/js/src/jit-test/tests/ion/recover-empty-new-object.js
@@ -1,3 +1,8 @@
+// |jit-test| test-join=--no-unboxed-objects
+//
+// Unboxed object optimization might not trigger in all cases, thus we ensure
+// that Sink optimization is working well independently of the
+// object representation.
 
 // Ion eager fails the test below because we have not yet created any
 // template object in baseline before running the content of the top-level
@@ -5,6 +10,9 @@
 if (getJitCompilerOptions()["ion.warmup.trigger"] <= 20)
     setJitCompilerOption("ion.warmup.trigger", 20);
 
+// These arguments have to be computed by baseline, and thus captured in a
+// resume point. The next function checks that we can remove the computation of
+// these arguments.
 function f(a, b, c, d) { }
 
 function topLevel() {
diff --git a/js/src/jit-test/tests/ion/recover-iterator-next.js b/js/src/jit-test/tests/ion/recover-iterator-next.js
index 93674af3629..ca51fb16815 100644
--- a/js/src/jit-test/tests/ion/recover-iterator-next.js
+++ b/js/src/jit-test/tests/ion/recover-iterator-next.js
@@ -1,3 +1,9 @@
+// |jit-test| test-join=--no-unboxed-objects
+//
+// Unboxed object optimization might not trigger in all cases, thus we ensure
+// that Scalar Replacement optimization is working well independently of the
+// object representation.
+
 // Ion eager fails the test below because we have not yet created any
 // template object in baseline before running the content of the top-level
 // function.
diff --git a/js/src/jit-test/tests/ion/recover-objects.js b/js/src/jit-test/tests/ion/recover-objects.js
index 10838ef1cd4..30274f7efa6 100644
--- a/js/src/jit-test/tests/ion/recover-objects.js
+++ b/js/src/jit-test/tests/ion/recover-objects.js
@@ -1,3 +1,9 @@
+// |jit-test| test-join=--no-unboxed-objects
+//
+// Unboxed object optimization might not trigger in all cases, thus we ensure
+// that Scalar Replacement optimization is working well independently of the
+// object representation.
+
 // Ion eager fails the test below because we have not yet created any
 // template object in baseline before running the content of the top-level
 // function.
@@ -10,12 +16,14 @@ if (getJitCompilerOptions()["ion.warmup.trigger"] <= 90)
 if (getJitCompilerOptions()["ion.forceinlineCaches"])
     setJitCompilerOption("ion.forceinlineCaches", 0);
 
+function resumeHere() {}
 var uceFault = function (i) {
     if (i > 98)
         uceFault = function (i) { return true; };
     return false;
 };
 
+
 // Without "use script" in the inner function, the arguments might be
 // obersvable.
 function inline_notSoEmpty1(a, b, c, d) {
@@ -25,11 +33,11 @@ function inline_notSoEmpty1(a, b, c, d) {
 }
 var uceFault_notSoEmpty1 = eval(uneval(uceFault).replace('uceFault', 'uceFault_notSoEmpty1'));
 function notSoEmpty1() {
-    var a = { v: i, notunboxed: undefined };
-    var b = { v: 1 + a.v, notunboxed: undefined };
-    var c = { v: 2 + b.v, notunboxed: undefined };
-    var d = { v: 3 + c.v, notunboxed: undefined };
-    var unused = { v: 4 + d.v, notunboxed: undefined };
+    var a = { v: i };
+    var b = { v: 1 + a.v };
+    var c = { v: 2 + b.v };
+    var d = { v: 3 + c.v };
+    var unused = { v: 4 + d.v };
     var res = inline_notSoEmpty1(a, b, c, d);
     if (uceFault_notSoEmpty1(i) || uceFault_notSoEmpty1(i))
         assertEq(i, res.v);
@@ -50,15 +58,15 @@ function notSoEmpty1() {
 // Check that we can recover objects with their content.
 function inline_notSoEmpty2(a, b, c, d) {
     "use strict";
-    return { v: (a.v + b.v + c.v + d.v - 10) / 4, notunboxed: undefined };
+    return { v: (a.v + b.v + c.v + d.v - 10) / 4 };
 }
 var uceFault_notSoEmpty2 = eval(uneval(uceFault).replace('uceFault', 'uceFault_notSoEmpty2'));
 function notSoEmpty2(i) {
-    var a = { v: i, notunboxed: undefined };
-    var b = { v: 1 + a.v, notunboxed: undefined };
-    var c = { v: 2 + b.v, notunboxed: undefined };
-    var d = { v: 3 + c.v, notunboxed: undefined };
-    var unused = { v: 4 + d.v, notunboxed: undefined };
+    var a = { v: i };
+    var b = { v: 1 + a.v };
+    var c = { v: 2 + b.v };
+    var d = { v: 3 + c.v };
+    var unused = { v: 4 + d.v };
     var res = inline_notSoEmpty2(a, b, c, d);
     if (uceFault_notSoEmpty2(i) || uceFault_notSoEmpty2(i))
         assertEq(i, res.v);
@@ -76,13 +84,13 @@ function notSoEmpty2(i) {
 var argFault_observeArg = function (i) {
     if (i > 98)
         return inline_observeArg.arguments[0];
-    return { test : i, notunboxed: undefined };
+    return { test : i };
 };
 function inline_observeArg(obj, i) {
     return argFault_observeArg(i);
 }
 function observeArg(i) {
-    var obj = { test: i, notunboxed: undefined };
+    var obj = { test: i };
     var res = inline_observeArg(obj, i);
     assertEq(res.test, i);
     assertRecoveredOnBailout(obj, true);
@@ -90,7 +98,7 @@ function observeArg(i) {
 
 // Check case where one successor can have multiple times the same predecessor.
 function complexPhi(i) {
-    var obj = { test: i, notunboxed: undefined };
+    var obj = { test: i };
     switch (i) { // TableSwitch
         case 0: obj.test = 0; break;
         case 1: obj.test = 1; break;
@@ -109,12 +117,12 @@ function complexPhi(i) {
 function withinIf(i) {
     var x = undefined;
     if (i % 2 == 0) {
-        let obj = { foo: i, notunboxed: undefined };
+        let obj = { foo: i };
         x = obj.foo;
         assertRecoveredOnBailout(obj, true);
         obj = undefined;
     } else {
-        let obj = { bar: i, notunboxed: undefined };
+        let obj = { bar: i };
         x = obj.bar;
         assertRecoveredOnBailout(obj, true);
         obj = undefined;
@@ -124,22 +132,20 @@ function withinIf(i) {
 
 // Check case where one successor can have multiple times the same predecessor.
 function unknownLoad(i) {
-    var obj = { foo: i, notunboxed: undefined };
+    var obj = { foo: i };
     assertEq(obj.bar, undefined);
     // Unknown properties are using GetPropertyCache.
     assertRecoveredOnBailout(obj, false);
 }
 
 // Check with dynamic slots.
-function resumeHere() {}
 function dynamicSlots(i) {
     var obj = {
         p0: i + 0, p1: i + 1, p2: i + 2, p3: i + 3, p4: i + 4, p5: i + 5, p6: i + 6, p7: i + 7, p8: i + 8, p9: i + 9, p10: i + 10,
         p11: i + 11, p12: i + 12, p13: i + 13, p14: i + 14, p15: i + 15, p16: i + 16, p17: i + 17, p18: i + 18, p19: i + 19, p20: i + 20,
         p21: i + 21, p22: i + 22, p23: i + 23, p24: i + 24, p25: i + 25, p26: i + 26, p27: i + 27, p28: i + 28, p29: i + 29, p30: i + 30,
         p31: i + 31, p32: i + 32, p33: i + 33, p34: i + 34, p35: i + 35, p36: i + 36, p37: i + 37, p38: i + 38, p39: i + 39, p40: i + 40,
-        p41: i + 41, p42: i + 42, p43: i + 43, p44: i + 44, p45: i + 45, p46: i + 46, p47: i + 47, p48: i + 48, p49: i + 49, p50: i + 50,
-        notunboxed: undefined
+        p41: i + 41, p42: i + 42, p43: i + 43, p44: i + 44, p45: i + 45, p46: i + 46, p47: i + 47, p48: i + 48, p49: i + 49, p50: i + 50
     };
     // Add a function call to capture a resumepoint at the end of the call or
     // inside the inlined block, such as the bailout does not rewind to the
@@ -154,7 +160,6 @@ function Point(x, y)
 {
     this.x = x;
     this.y = y;
-    this.notUnboxed = undefined;
 }
 
 function createThisWithTemplate(i)
@@ -165,7 +170,6 @@ function createThisWithTemplate(i)
     assertRecoveredOnBailout(p, true);
 }
 
-
 for (var i = 0; i < 100; i++) {
     notSoEmpty1(i);
     notSoEmpty2(i);
diff --git a/js/src/tests/lib/jittests.py b/js/src/tests/lib/jittests.py
index 7fb9dce3cfe..180234153cb 100755
--- a/js/src/tests/lib/jittests.py
+++ b/js/src/tests/lib/jittests.py
@@ -116,6 +116,8 @@ class Test:
         self.tz_pacific = False # True means force Pacific time for the test
         self.test_also_noasmjs = False # True means run with and without asm.js
                                        # enabled.
+        self.test_also = [] # List of other configurations to test with.
+        self.test_join = [] # List of other configurations to test with all existing variants.
         self.expect_error = '' # Errors to expect and consider passing
         self.expect_status = 0 # Exit status to expect from shell
 
@@ -129,6 +131,8 @@ class Test:
         t.valgrind = self.valgrind
         t.tz_pacific = self.tz_pacific
         t.test_also_noasmjs = self.test_also_noasmjs
+        t.test_also = self.test_also
+        t.test_join = self.test_join
         t.expect_error = self.expect_error
         t.expect_status = self.expect_status
         return t
@@ -139,12 +143,14 @@ class Test:
         return t
 
     def copy_variants(self, variants):
-        # If the tests are flagged with the |jit-test| test-also-noasmjs flags,
-        # then we duplicate the variants such that the test can be used both
-        # with the interpreter and asmjs.  This is a simple way to check for
-        # differential behaviour.
-        if self.test_also_noasmjs:
-            variants = variants + [['--no-asmjs']]
+        # Append variants to be tested in addition to the current set of tests.
+        variants = variants + self.test_also
+
+        # For each existing variant, duplicates it for each list of options in
+        # test_join.  This will multiply the number of variants by 2 for set of
+        # options.
+        for join_opts in self.test_join:
+            variants = variants + [ opts + join_opts for opts in variants ];
 
         # For each list of jit flags, make a copy of the test.
         return [self.copy_and_extend_jitflags(v) for v in variants]
@@ -201,7 +207,12 @@ class Test:
                     elif name == 'tz-pacific':
                         test.tz_pacific = True
                     elif name == 'test-also-noasmjs':
-                        test.test_also_noasmjs = options.can_test_also_noasmjs
+                        if options.can_test_also_noasmjs:
+                            test.test_also.append(['--no-asmjs'])
+                    elif name.startswith('test-also='):
+                        test.test_also.append([name[len('test-also='):]])
+                    elif name.startswith('test-join='):
+                        test.test_join.append([name[len('test-join='):]])
                     elif name == 'ion-eager':
                         test.jitflags.append('--ion-eager')
                     elif name == 'dump-bytecode':

From da6a07679d2b6c8e5e20b869e910477452ccefc0 Mon Sep 17 00:00:00 2001
From: "Nicolas B. Pierron" 
Date: Thu, 11 Jun 2015 14:30:32 +0200
Subject: [PATCH 189/297] Bug 1166711 part 2.2 -
 IonBuilder::loadUnboxedProperty: Rename scaledOffset to index. r=bhackett

---
 js/src/jit/IonBuilder.cpp | 24 +++++++++++++-----------
 1 file changed, 13 insertions(+), 11 deletions(-)

diff --git a/js/src/jit/IonBuilder.cpp b/js/src/jit/IonBuilder.cpp
index 068884a7064..509fde16217 100644
--- a/js/src/jit/IonBuilder.cpp
+++ b/js/src/jit/IonBuilder.cpp
@@ -10612,43 +10612,45 @@ MInstruction*
 IonBuilder::loadUnboxedProperty(MDefinition* obj, size_t offset, JSValueType unboxedType,
                                 BarrierKind barrier, TemporaryTypeSet* types)
 {
-    size_t scaledOffsetConstant = offset / UnboxedTypeSize(unboxedType);
-    MInstruction* scaledOffset = MConstant::New(alloc(), Int32Value(scaledOffsetConstant));
-    current->add(scaledOffset);
+    // loadUnboxedValue is designed to load any value as if it were contained in
+    // an array. Thus a property offset is converted to an index, when the
+    // object is reinterpreted as an array of properties of the same size.
+    size_t index = offset / UnboxedTypeSize(unboxedType);
+    MInstruction* indexConstant = MConstant::New(alloc(), Int32Value(index));
+    current->add(indexConstant);
 
     return loadUnboxedValue(obj, UnboxedPlainObject::offsetOfData(),
-                            scaledOffset, unboxedType, barrier, types);
+                            indexConstant, unboxedType, barrier, types);
 }
 
 MInstruction*
 IonBuilder::loadUnboxedValue(MDefinition* elements, size_t elementsOffset,
-                             MDefinition* scaledOffset, JSValueType unboxedType,
+                             MDefinition* index, JSValueType unboxedType,
                              BarrierKind barrier, TemporaryTypeSet* types)
 {
-
     MInstruction* load;
     switch (unboxedType) {
       case JSVAL_TYPE_BOOLEAN:
-        load = MLoadUnboxedScalar::New(alloc(), elements, scaledOffset, Scalar::Uint8,
+        load = MLoadUnboxedScalar::New(alloc(), elements, index, Scalar::Uint8,
                                        DoesNotRequireMemoryBarrier, elementsOffset);
         load->setResultType(MIRType_Boolean);
         break;
 
       case JSVAL_TYPE_INT32:
-        load = MLoadUnboxedScalar::New(alloc(), elements, scaledOffset, Scalar::Int32,
+        load = MLoadUnboxedScalar::New(alloc(), elements, index, Scalar::Int32,
                                        DoesNotRequireMemoryBarrier, elementsOffset);
         load->setResultType(MIRType_Int32);
         break;
 
       case JSVAL_TYPE_DOUBLE:
-        load = MLoadUnboxedScalar::New(alloc(), elements, scaledOffset, Scalar::Float64,
+        load = MLoadUnboxedScalar::New(alloc(), elements, index, Scalar::Float64,
                                        DoesNotRequireMemoryBarrier, elementsOffset,
                                        /* canonicalizeDoubles = */ false);
         load->setResultType(MIRType_Double);
         break;
 
       case JSVAL_TYPE_STRING:
-        load = MLoadUnboxedString::New(alloc(), elements, scaledOffset, elementsOffset);
+        load = MLoadUnboxedString::New(alloc(), elements, index, elementsOffset);
         break;
 
       case JSVAL_TYPE_OBJECT: {
@@ -10657,7 +10659,7 @@ IonBuilder::loadUnboxedValue(MDefinition* elements, size_t elementsOffset,
             nullBehavior = MLoadUnboxedObjectOrNull::HandleNull;
         else
             nullBehavior = MLoadUnboxedObjectOrNull::NullNotPossible;
-        load = MLoadUnboxedObjectOrNull::New(alloc(), elements, scaledOffset, nullBehavior,
+        load = MLoadUnboxedObjectOrNull::New(alloc(), elements, index, nullBehavior,
                                              elementsOffset);
         break;
       }

From b0668b3ba632435ebb5f1e6686a61689f2f08f6b Mon Sep 17 00:00:00 2001
From: "Nicolas B. Pierron" 
Date: Thu, 11 Jun 2015 14:30:32 +0200
Subject: [PATCH 190/297] Bug 1166711 part 2.3 - M{Load,Store}UnboxedScalar:
 Rename indexType to storageType. r=bbouvier

---
 js/src/jit/CodeGenerator.cpp |  4 ++--
 js/src/jit/MIR.cpp           |  2 +-
 js/src/jit/MIR.h             | 40 ++++++++++++++++++------------------
 3 files changed, 23 insertions(+), 23 deletions(-)

diff --git a/js/src/jit/CodeGenerator.cpp b/js/src/jit/CodeGenerator.cpp
index 231f54b47ec..765eed07d6e 100644
--- a/js/src/jit/CodeGenerator.cpp
+++ b/js/src/jit/CodeGenerator.cpp
@@ -9090,7 +9090,7 @@ CodeGenerator::visitLoadUnboxedScalar(LLoadUnboxedScalar* lir)
     Scalar::Type readType = mir->readType();
     unsigned numElems = mir->numElems();
 
-    int width = Scalar::byteSize(mir->indexType());
+    int width = Scalar::byteSize(mir->storageType());
     bool canonicalizeDouble = mir->canonicalizeDoubles();
 
     Label fail;
@@ -9177,7 +9177,7 @@ CodeGenerator::visitStoreUnboxedScalar(LStoreUnboxedScalar* lir)
     Scalar::Type writeType = mir->writeType();
     unsigned numElems = mir->numElems();
 
-    int width = Scalar::byteSize(mir->indexType());
+    int width = Scalar::byteSize(mir->storageType());
 
     if (lir->index()->isConstant()) {
         Address dest(elements, ToInt32(lir->index()) * width + mir->offsetAdjustment());
diff --git a/js/src/jit/MIR.cpp b/js/src/jit/MIR.cpp
index d7d914b84fc..fdb739a5512 100644
--- a/js/src/jit/MIR.cpp
+++ b/js/src/jit/MIR.cpp
@@ -1076,7 +1076,7 @@ void
 MLoadUnboxedScalar::printOpcode(GenericPrinter& out) const
 {
     MDefinition::printOpcode(out);
-    out.printf(" %s", ScalarTypeDescr::typeName(indexType()));
+    out.printf(" %s", ScalarTypeDescr::typeName(storageType()));
 }
 
 void
diff --git a/js/src/jit/MIR.h b/js/src/jit/MIR.h
index a2cff67290a..a90321fc45f 100644
--- a/js/src/jit/MIR.h
+++ b/js/src/jit/MIR.h
@@ -9323,7 +9323,7 @@ class MLoadUnboxedScalar
   : public MBinaryInstruction,
     public SingleObjectPolicy::Data
 {
-    Scalar::Type indexType_;
+    Scalar::Type storageType_;
     Scalar::Type readType_;
     unsigned numElems_; // used only for SIMD
     bool requiresBarrier_;
@@ -9331,11 +9331,11 @@ class MLoadUnboxedScalar
     bool canonicalizeDoubles_;
 
     MLoadUnboxedScalar(MDefinition* elements, MDefinition* index,
-                       Scalar::Type indexType, MemoryBarrierRequirement requiresBarrier,
+                       Scalar::Type storageType, MemoryBarrierRequirement requiresBarrier,
                        int32_t offsetAdjustment, bool canonicalizeDoubles)
       : MBinaryInstruction(elements, index),
-        indexType_(indexType),
-        readType_(indexType),
+        storageType_(storageType),
+        readType_(storageType),
         numElems_(1),
         requiresBarrier_(requiresBarrier == DoesRequireMemoryBarrier),
         offsetAdjustment_(offsetAdjustment),
@@ -9348,20 +9348,20 @@ class MLoadUnboxedScalar
             setMovable();
         MOZ_ASSERT(IsValidElementsType(elements, offsetAdjustment));
         MOZ_ASSERT(index->type() == MIRType_Int32);
-        MOZ_ASSERT(indexType >= 0 && indexType < Scalar::MaxTypedArrayViewType);
+        MOZ_ASSERT(storageType >= 0 && storageType < Scalar::MaxTypedArrayViewType);
     }
 
   public:
     INSTRUCTION_HEADER(LoadUnboxedScalar)
 
     static MLoadUnboxedScalar* New(TempAllocator& alloc, MDefinition* elements, MDefinition* index,
-                                   Scalar::Type indexType,
+                                   Scalar::Type storageType,
                                    MemoryBarrierRequirement requiresBarrier
                                        = DoesNotRequireMemoryBarrier,
                                    int32_t offsetAdjustment = 0,
                                    bool canonicalizeDoubles = true)
     {
-        return new(alloc) MLoadUnboxedScalar(elements, index, indexType,
+        return new(alloc) MLoadUnboxedScalar(elements, index, storageType,
                                              requiresBarrier, offsetAdjustment,
                                              canonicalizeDoubles);
     }
@@ -9377,8 +9377,8 @@ class MLoadUnboxedScalar
         return readType_;
     }
 
-    Scalar::Type indexType() const {
-        return indexType_;
+    Scalar::Type storageType() const {
+        return storageType_;
     }
     bool fallible() const {
         // Bailout if the result does not fit in an int32.
@@ -9413,7 +9413,7 @@ class MLoadUnboxedScalar
         if (!ins->isLoadUnboxedScalar())
             return false;
         const MLoadUnboxedScalar* other = ins->toLoadUnboxedScalar();
-        if (indexType_ != other->indexType_)
+        if (storageType_ != other->storageType_)
             return false;
         if (readType_ != other->readType_)
             return false;
@@ -9430,7 +9430,7 @@ class MLoadUnboxedScalar
 
     void computeRange(TempAllocator& alloc) override;
 
-    bool canProduceFloat32() const override { return indexType_ == Scalar::Float32; }
+    bool canProduceFloat32() const override { return storageType_ == Scalar::Float32; }
 
     ALLOW_CLONE(MLoadUnboxedScalar)
 };
@@ -9609,17 +9609,17 @@ class MStoreUnboxedScalar
     public StoreUnboxedScalarBase,
     public StoreUnboxedScalarPolicy::Data
 {
-    Scalar::Type indexType_;
+    Scalar::Type storageType_;
     bool requiresBarrier_;
     int32_t offsetAdjustment_;
     unsigned numElems_; // used only for SIMD
 
     MStoreUnboxedScalar(MDefinition* elements, MDefinition* index, MDefinition* value,
-                        Scalar::Type indexType, MemoryBarrierRequirement requiresBarrier,
+                        Scalar::Type storageType, MemoryBarrierRequirement requiresBarrier,
                         int32_t offsetAdjustment)
       : MTernaryInstruction(elements, index, value),
-        StoreUnboxedScalarBase(indexType),
-        indexType_(indexType),
+        StoreUnboxedScalarBase(storageType),
+        storageType_(storageType),
         requiresBarrier_(requiresBarrier == DoesRequireMemoryBarrier),
         offsetAdjustment_(offsetAdjustment),
         numElems_(1)
@@ -9630,7 +9630,7 @@ class MStoreUnboxedScalar
             setMovable();
         MOZ_ASSERT(IsValidElementsType(elements, offsetAdjustment));
         MOZ_ASSERT(index->type() == MIRType_Int32);
-        MOZ_ASSERT(indexType >= 0 && indexType < Scalar::MaxTypedArrayViewType);
+        MOZ_ASSERT(storageType >= 0 && storageType < Scalar::MaxTypedArrayViewType);
     }
 
   public:
@@ -9638,12 +9638,12 @@ class MStoreUnboxedScalar
 
     static MStoreUnboxedScalar* New(TempAllocator& alloc,
                                     MDefinition* elements, MDefinition* index,
-                                    MDefinition* value, Scalar::Type indexType,
+                                    MDefinition* value, Scalar::Type storageType,
                                     MemoryBarrierRequirement requiresBarrier =
                                         DoesNotRequireMemoryBarrier,
                                     int32_t offsetAdjustment = 0)
     {
-        return new(alloc) MStoreUnboxedScalar(elements, index, value, indexType,
+        return new(alloc) MStoreUnboxedScalar(elements, index, value, storageType,
                                               requiresBarrier, offsetAdjustment);
     }
 
@@ -9655,8 +9655,8 @@ class MStoreUnboxedScalar
     unsigned numElems() const {
         return numElems_;
     }
-    Scalar::Type indexType() const {
-        return indexType_;
+    Scalar::Type storageType() const {
+        return storageType_;
     }
     MDefinition* elements() const {
         return getOperand(0);

From 23ff8e52c87f515d587766ddb2000ef165b0e1fa Mon Sep 17 00:00:00 2001
From: "Nicolas B. Pierron" 
Date: Thu, 11 Jun 2015 14:30:33 +0200
Subject: [PATCH 191/297] Bug 1166711 part 2.4 - MObjectState: Add support for
 encoding unboxed objects. r=bhackett

---
 js/src/jit/MIR.cpp               | 86 ++++++++++++++++++++++++++++----
 js/src/jit/MIR.h                 | 39 ++++++++++++++-
 js/src/jit/Recover.cpp           | 29 ++++++++---
 js/src/jit/ScalarReplacement.cpp | 18 ++-----
 4 files changed, 138 insertions(+), 34 deletions(-)

diff --git a/js/src/jit/MIR.cpp b/js/src/jit/MIR.cpp
index fdb739a5512..adbcd2fb945 100644
--- a/js/src/jit/MIR.cpp
+++ b/js/src/jit/MIR.cpp
@@ -3929,20 +3929,75 @@ MCreateThisWithTemplate::canRecoverOnBailout() const
     return true;
 }
 
-MObjectState::MObjectState(MDefinition* obj)
+bool
+OperandIndexMap::init(TempAllocator& alloc, JSObject* templateObject)
+{
+    const UnboxedLayout& layout =
+        templateObject->as().layoutDontCheckGeneration();
+
+    // 0 is used as an error code.
+    const UnboxedLayout::PropertyVector& properties = layout.properties();
+    MOZ_ASSERT(properties.length() < 255);
+
+    // Allocate an array of indexes, where the top of each field correspond to
+    // the index of the operand in the MObjectState instance.
+    if (!map.init(alloc, layout.size()))
+        return false;
+
+    // Reset all indexes to 0, which is an error code.
+    for (size_t i = 0; i < map.length(); i++)
+        map[i] = 0;
+
+    // Map the property offsets to the indexes of MObjectState operands.
+    uint8_t index = 1;
+    for (size_t i = 0; i < properties.length(); i++, index++)
+        map[properties[i].offset] = index;
+
+    return true;
+}
+
+MObjectState::MObjectState(MObjectState* state)
+  : numSlots_(state->numSlots_),
+    numFixedSlots_(state->numFixedSlots_),
+    operandIndex_(state->operandIndex_)
 {
     // This instruction is only used as a summary for bailout paths.
     setResultType(MIRType_Object);
     setRecoveredOnBailout();
-    NativeObject* templateObject = nullptr;
+}
+
+MObjectState::MObjectState(JSObject *templateObject, OperandIndexMap* operandIndex)
+{
+    // This instruction is only used as a summary for bailout paths.
+    setResultType(MIRType_Object);
+    setRecoveredOnBailout();
+
+    if (templateObject->is()) {
+        NativeObject* nativeObject = &templateObject->as();
+        numSlots_ = nativeObject->slotSpan();
+        numFixedSlots_ = nativeObject->numFixedSlots();
+    } else {
+        const UnboxedLayout& layout =
+            templateObject->as().layoutDontCheckGeneration();
+        // Same as UnboxedLayout::makeNativeGroup
+        numSlots_ = layout.properties().length();
+        numFixedSlots_ = gc::GetGCKindSlots(layout.getAllocKind());
+    }
+
+    operandIndex_ = operandIndex;
+}
+
+JSObject*
+MObjectState::templateObjectOf(MDefinition* obj)
+{
     if (obj->isNewObject())
-        templateObject = &obj->toNewObject()->templateObject()->as();
+        return obj->toNewObject()->templateObject();
     else if (obj->isCreateThisWithTemplate())
-        templateObject = &obj->toCreateThisWithTemplate()->templateObject()->as();
+        return obj->toCreateThisWithTemplate()->templateObject();
     else
-        templateObject = obj->toNewCallObject()->templateObject();
-    numSlots_ = templateObject->slotSpan();
-    numFixedSlots_ = templateObject->numFixedSlots();
+        return obj->toNewCallObject()->templateObject();
+
+    return nullptr;
 }
 
 bool
@@ -3958,7 +4013,17 @@ MObjectState::init(TempAllocator& alloc, MDefinition* obj)
 MObjectState*
 MObjectState::New(TempAllocator& alloc, MDefinition* obj, MDefinition* undefinedVal)
 {
-    MObjectState* res = new(alloc) MObjectState(obj);
+    JSObject* templateObject = templateObjectOf(obj);
+    MOZ_ASSERT(templateObject, "Unexpected object creation.");
+
+    OperandIndexMap* operandIndex = nullptr;
+    if (templateObject->is()) {
+        operandIndex = new(alloc) OperandIndexMap;
+        if (!operandIndex || !operandIndex->init(alloc, templateObject))
+            return nullptr;
+    }
+
+    MObjectState* res = new(alloc) MObjectState(templateObject, operandIndex);
     if (!res || !res->init(alloc, obj))
         return nullptr;
     for (size_t i = 0; i < res->numSlots(); i++)
@@ -3969,9 +4034,8 @@ MObjectState::New(TempAllocator& alloc, MDefinition* obj, MDefinition* undefined
 MObjectState*
 MObjectState::Copy(TempAllocator& alloc, MObjectState* state)
 {
-    MDefinition* obj = state->object();
-    MObjectState* res = new(alloc) MObjectState(obj);
-    if (!res || !res->init(alloc, obj))
+    MObjectState* res = new(alloc) MObjectState(state);
+    if (!res || !res->init(alloc, state->object()))
         return nullptr;
     for (size_t i = 0; i < res->numSlots(); i++)
         res->initSlot(i, state->getSlot(i));
diff --git a/js/src/jit/MIR.h b/js/src/jit/MIR.h
index a90321fc45f..f5040e628e0 100644
--- a/js/src/jit/MIR.h
+++ b/js/src/jit/MIR.h
@@ -3359,6 +3359,18 @@ class MNewDerivedTypedObject
     }
 };
 
+// This vector is used when the recovered object is kept unboxed. We map the
+// offset of each property to the index of the corresponding operands in the
+// object state.
+struct OperandIndexMap : public TempObject
+{
+    // The number of properties is limited by scalar replacement. Thus we cannot
+    // have any large number of properties.
+    FixedList map;
+
+    bool init(TempAllocator& alloc, JSObject* templateObject);
+};
+
 // Represent the content of all slots of an object.  This instruction is not
 // lowered and is not used to generate code.
 class MObjectState
@@ -3367,9 +3379,15 @@ class MObjectState
 {
   private:
     uint32_t numSlots_;
-    uint32_t numFixedSlots_;
+    uint32_t numFixedSlots_;        // valid if isUnboxed() == false.
+    OperandIndexMap* operandIndex_; // valid if isUnboxed() == true.
 
-    explicit MObjectState(MDefinition* obj);
+    bool isUnboxed() const {
+        return operandIndex_ != nullptr;
+    }
+
+    MObjectState(JSObject *templateObject, OperandIndexMap* operandIndex);
+    explicit MObjectState(MObjectState* state);
 
     bool init(TempAllocator& alloc, MDefinition* obj);
 
@@ -3380,6 +3398,10 @@ class MObjectState
   public:
     INSTRUCTION_HEADER(ObjectState)
 
+    // Return the template object of any object creation which can be recovered
+    // on bailout.
+    static JSObject* templateObjectOf(MDefinition* obj);
+
     static MObjectState* New(TempAllocator& alloc, MDefinition* obj, MDefinition* undefinedVal);
     static MObjectState* Copy(TempAllocator& alloc, MObjectState* state);
 
@@ -3388,6 +3410,7 @@ class MObjectState
     }
 
     size_t numFixedSlots() const {
+        MOZ_ASSERT(!isUnboxed());
         return numFixedSlots_;
     }
     size_t numSlots() const {
@@ -3423,6 +3446,18 @@ class MObjectState
         setSlot(slot + numFixedSlots(), def);
     }
 
+    // Interface reserved for unboxed objects.
+    bool hasOffset(uint32_t offset) const {
+        MOZ_ASSERT(isUnboxed());
+        return offset < operandIndex_->map.length() && operandIndex_->map[offset] != 0;
+    }
+    MDefinition* getOffset(uint32_t offset) const {
+        return getOperand(operandIndex_->map[offset]);
+    }
+    void setOffset(uint32_t offset, MDefinition* def) {
+        replaceOperand(operandIndex_->map[offset], def);
+    }
+
     bool writeRecoverData(CompactBufferWriter& writer) const override;
     bool canRecoverOnBailout() const override {
         return true;
diff --git a/js/src/jit/Recover.cpp b/js/src/jit/Recover.cpp
index 8bb3d7ab52d..51e441ad7bb 100644
--- a/js/src/jit/Recover.cpp
+++ b/js/src/jit/Recover.cpp
@@ -1369,13 +1369,30 @@ RObjectState::RObjectState(CompactBufferReader& reader)
 bool
 RObjectState::recover(JSContext* cx, SnapshotIterator& iter) const
 {
-    RootedNativeObject object(cx, &iter.read().toObject().as());
-    MOZ_ASSERT(object->slotSpan() == numSlots());
-
+    RootedObject object(cx, &iter.read().toObject());
     RootedValue val(cx);
-    for (size_t i = 0; i < numSlots(); i++) {
-        val = iter.read();
-        object->setSlot(i, val);
+
+    if (object->is()) {
+        const UnboxedLayout& layout = object->as().layout();
+
+        const UnboxedLayout::PropertyVector& properties = layout.properties();
+        for (size_t i = 0; i < properties.length(); i++) {
+            val = iter.read();
+            // This is the default placeholder value of MObjectState, when no
+            // properties are defined yet.
+            if (val.isUndefined())
+                continue;
+
+            MOZ_ALWAYS_TRUE(object->as().setValue(cx, properties[i], val));
+        }
+    } else {
+        RootedNativeObject nativeObject(cx, &object->as());
+        MOZ_ASSERT(nativeObject->slotSpan() == numSlots());
+
+        for (size_t i = 0; i < numSlots(); i++) {
+            val = iter.read();
+            nativeObject->setSlot(i, val);
+        }
     }
 
     val.setObject(*object);
diff --git a/js/src/jit/ScalarReplacement.cpp b/js/src/jit/ScalarReplacement.cpp
index 78524fdcc89..a0e5a6268a8 100644
--- a/js/src/jit/ScalarReplacement.cpp
+++ b/js/src/jit/ScalarReplacement.cpp
@@ -145,27 +145,15 @@ IsObjectEscaped(MInstruction* ins, JSObject* objDefault)
     JitSpewDef(JitSpew_Escape, "Check object\n", ins);
     JitSpewIndent spewIndent(JitSpew_Escape);
 
-    JSObject* obj = nullptr;
-    if (ins->isNewObject())
-        obj = ins->toNewObject()->templateObject();
-    else if (ins->isCreateThisWithTemplate())
-        obj = ins->toCreateThisWithTemplate()->templateObject();
-    else if (ins->isNewCallObject())
-        obj = ins->toNewCallObject()->templateObject();
-    else
-        obj = objDefault;
+    JSObject* obj = objDefault;
+    if (!obj)
+        obj = MObjectState::templateObjectOf(ins);
 
     if (!obj) {
         JitSpew(JitSpew_Escape, "No template object defined.");
         return true;
     }
 
-    // Don't optimize unboxed objects, which aren't handled by MObjectState.
-    if (obj->is()) {
-        JitSpew(JitSpew_Escape, "Template object is an unboxed plain object.");
-        return true;
-    }
-
     // Check if the object is escaped. If the object is not the first argument
     // of either a known Store / Load, then we consider it as escaped. This is a
     // cheap and conservative escape analysis.

From 89743d66b8445b821f5a20e74620072f619cf90f Mon Sep 17 00:00:00 2001
From: "Nicolas B. Pierron" 
Date: Thu, 11 Jun 2015 14:30:33 +0200
Subject: [PATCH 192/297] Bug 1166711 part 2.5 - ScalarReplacement: Replace
 M{Store,Load}UnboxedScalar by an offset on the MObjectState. r=bhackett

---
 js/src/jit/ScalarReplacement.cpp | 61 ++++++++++++++++++++++++++++++++
 1 file changed, 61 insertions(+)

diff --git a/js/src/jit/ScalarReplacement.cpp b/js/src/jit/ScalarReplacement.cpp
index a0e5a6268a8..753e7c31fb2 100644
--- a/js/src/jit/ScalarReplacement.cpp
+++ b/js/src/jit/ScalarReplacement.cpp
@@ -179,6 +179,21 @@ IsObjectEscaped(MInstruction* ins, JSObject* objDefault)
             JitSpewDef(JitSpew_Escape, "is escaped by\n", def);
             return true;
 
+          case MDefinition::Op_LoadUnboxedScalar:
+          case MDefinition::Op_StoreUnboxedScalar:
+            // Not escaped if it is the first argument.
+            if (def->indexOf(*i) != 0) {
+                JitSpewDef(JitSpew_Escape, "is escaped by\n", def);
+                return true;
+            }
+
+            if (!def->getOperand(1)->isConstant()) {
+                JitSpewDef(JitSpew_Escape, "is addressed with unknown index\n", def);
+                return true;
+            }
+
+            break;
+
           case MDefinition::Op_PostWriteBarrier:
             break;
 
@@ -278,6 +293,8 @@ class ObjectMemoryView : public MDefinitionVisitorDefaultNoop
     void visitGuardShape(MGuardShape* ins);
     void visitFunctionEnvironment(MFunctionEnvironment* ins);
     void visitLambda(MLambda* ins);
+    void visitStoreUnboxedScalar(MStoreUnboxedScalar* ins);
+    void visitLoadUnboxedScalar(MLoadUnboxedScalar* ins);
 };
 
 const char* ObjectMemoryView::phaseName = "Scalar Replacement of Object";
@@ -590,6 +607,50 @@ ObjectMemoryView::visitLambda(MLambda* ins)
     ins->setIncompleteObject();
 }
 
+size_t
+GetOffsetOf(MDefinition* index, Scalar::Type type, int32_t baseOffset)
+{
+    int32_t idx = index->toConstant()->value().toInt32();
+    size_t width = Scalar::byteSize(type);
+    MOZ_ASSERT(idx >= 0);
+    MOZ_ASSERT(baseOffset >= 0 && size_t(baseOffset) >= UnboxedPlainObject::offsetOfData());
+    return idx * width + baseOffset - UnboxedPlainObject::offsetOfData();
+}
+
+void
+ObjectMemoryView::visitStoreUnboxedScalar(MStoreUnboxedScalar* ins)
+{
+    // Skip stores made on other objects.
+    if (ins->elements() != obj_)
+        return;
+
+    // Clone the state and update the slot value.
+    size_t offset = GetOffsetOf(ins->index(), ins->storageType(), ins->offsetAdjustment());
+    MOZ_ASSERT(state_->hasOffset(offset));
+    state_ = BlockState::Copy(alloc_, state_);
+    state_->setOffset(offset, ins->value());
+    ins->block()->insertBefore(ins->toInstruction(), state_);
+
+    // Remove original instruction.
+    ins->block()->discard(ins);
+}
+
+void
+ObjectMemoryView::visitLoadUnboxedScalar(MLoadUnboxedScalar* ins)
+{
+    // Skip loads made on other objects.
+    if (ins->elements() != obj_)
+        return;
+
+    // Replace load by the slot value.
+    size_t offset = GetOffsetOf(ins->index(), ins->storageType(), ins->offsetAdjustment());
+    MOZ_ASSERT(state_->hasOffset(offset));
+    ins->replaceAllUsesWith(state_->getOffset(offset));
+
+    // Remove original instruction.
+    ins->block()->discard(ins);
+}
+
 static bool
 IndexOf(MDefinition* ins, int32_t* res)
 {

From 7c83b7cce95d16c9f091a8f72555accc8583aaff Mon Sep 17 00:00:00 2001
From: "Nicolas B. Pierron" 
Date: Thu, 11 Jun 2015 14:30:34 +0200
Subject: [PATCH 193/297] Bug 1166711 part 2.6 - ScalarReplacement: Replace
 M{Store,Load}UnboxedObjectOrNull by an offset on the MObjectState. r=bhackett

---
 js/src/jit/ScalarReplacement.cpp | 49 ++++++++++++++++++++++++++++++--
 1 file changed, 46 insertions(+), 3 deletions(-)

diff --git a/js/src/jit/ScalarReplacement.cpp b/js/src/jit/ScalarReplacement.cpp
index 753e7c31fb2..3dd929b88c5 100644
--- a/js/src/jit/ScalarReplacement.cpp
+++ b/js/src/jit/ScalarReplacement.cpp
@@ -181,6 +181,8 @@ IsObjectEscaped(MInstruction* ins, JSObject* objDefault)
 
           case MDefinition::Op_LoadUnboxedScalar:
           case MDefinition::Op_StoreUnboxedScalar:
+          case MDefinition::Op_LoadUnboxedObjectOrNull:
+          case MDefinition::Op_StoreUnboxedObjectOrNull:
             // Not escaped if it is the first argument.
             if (def->indexOf(*i) != 0) {
                 JitSpewDef(JitSpew_Escape, "is escaped by\n", def);
@@ -295,6 +297,8 @@ class ObjectMemoryView : public MDefinitionVisitorDefaultNoop
     void visitLambda(MLambda* ins);
     void visitStoreUnboxedScalar(MStoreUnboxedScalar* ins);
     void visitLoadUnboxedScalar(MLoadUnboxedScalar* ins);
+    void visitStoreUnboxedObjectOrNull(MStoreUnboxedObjectOrNull* ins);
+    void visitLoadUnboxedObjectOrNull(MLoadUnboxedObjectOrNull* ins);
 };
 
 const char* ObjectMemoryView::phaseName = "Scalar Replacement of Object";
@@ -607,16 +611,21 @@ ObjectMemoryView::visitLambda(MLambda* ins)
     ins->setIncompleteObject();
 }
 
-size_t
-GetOffsetOf(MDefinition* index, Scalar::Type type, int32_t baseOffset)
+static size_t
+GetOffsetOf(MDefinition* index, size_t width, int32_t baseOffset)
 {
     int32_t idx = index->toConstant()->value().toInt32();
-    size_t width = Scalar::byteSize(type);
     MOZ_ASSERT(idx >= 0);
     MOZ_ASSERT(baseOffset >= 0 && size_t(baseOffset) >= UnboxedPlainObject::offsetOfData());
     return idx * width + baseOffset - UnboxedPlainObject::offsetOfData();
 }
 
+static size_t
+GetOffsetOf(MDefinition* index, Scalar::Type type, int32_t baseOffset)
+{
+    return GetOffsetOf(index, Scalar::byteSize(type), baseOffset);
+}
+
 void
 ObjectMemoryView::visitStoreUnboxedScalar(MStoreUnboxedScalar* ins)
 {
@@ -651,6 +660,40 @@ ObjectMemoryView::visitLoadUnboxedScalar(MLoadUnboxedScalar* ins)
     ins->block()->discard(ins);
 }
 
+void
+ObjectMemoryView::visitStoreUnboxedObjectOrNull(MStoreUnboxedObjectOrNull* ins)
+{
+    // Skip stores made on other objects.
+    if (ins->elements() != obj_)
+        return;
+
+    // Clone the state and update the slot value.
+    size_t offset = GetOffsetOf(ins->index(), sizeof(uintptr_t), ins->offsetAdjustment());
+    MOZ_ASSERT(state_->hasOffset(offset));
+    state_ = BlockState::Copy(alloc_, state_);
+    state_->setOffset(offset, ins->value());
+    ins->block()->insertBefore(ins->toInstruction(), state_);
+
+    // Remove original instruction.
+    ins->block()->discard(ins);
+}
+
+void
+ObjectMemoryView::visitLoadUnboxedObjectOrNull(MLoadUnboxedObjectOrNull* ins)
+{
+    // Skip loads made on other objects.
+    if (ins->elements() != obj_)
+        return;
+
+    // Replace load by the slot value.
+    size_t offset = GetOffsetOf(ins->index(), sizeof(uintptr_t), ins->offsetAdjustment());
+    MOZ_ASSERT(state_->hasOffset(offset));
+    ins->replaceAllUsesWith(state_->getOffset(offset));
+
+    // Remove original instruction.
+    ins->block()->discard(ins);
+}
+
 static bool
 IndexOf(MDefinition* ins, int32_t* res)
 {

From b273f076c9a08f961a49b837da77fc66e55c08c4 Mon Sep 17 00:00:00 2001
From: "Nicolas B. Pierron" 
Date: Thu, 11 Jun 2015 14:30:34 +0200
Subject: [PATCH 194/297] Bug 1166711 part 2.7 - ScalarReplacement: Replace
 M{Store,Load}UnboxedString by an offset on the MObjectState. r=bhackett

---
 js/src/jit/ScalarReplacement.cpp | 83 +++++++++++++++++++++++---------
 1 file changed, 59 insertions(+), 24 deletions(-)

diff --git a/js/src/jit/ScalarReplacement.cpp b/js/src/jit/ScalarReplacement.cpp
index 3dd929b88c5..d708e7a028d 100644
--- a/js/src/jit/ScalarReplacement.cpp
+++ b/js/src/jit/ScalarReplacement.cpp
@@ -183,6 +183,8 @@ IsObjectEscaped(MInstruction* ins, JSObject* objDefault)
           case MDefinition::Op_StoreUnboxedScalar:
           case MDefinition::Op_LoadUnboxedObjectOrNull:
           case MDefinition::Op_StoreUnboxedObjectOrNull:
+          case MDefinition::Op_LoadUnboxedString:
+          case MDefinition::Op_StoreUnboxedString:
             // Not escaped if it is the first argument.
             if (def->indexOf(*i) != 0) {
                 JitSpewDef(JitSpew_Escape, "is escaped by\n", def);
@@ -299,6 +301,12 @@ class ObjectMemoryView : public MDefinitionVisitorDefaultNoop
     void visitLoadUnboxedScalar(MLoadUnboxedScalar* ins);
     void visitStoreUnboxedObjectOrNull(MStoreUnboxedObjectOrNull* ins);
     void visitLoadUnboxedObjectOrNull(MLoadUnboxedObjectOrNull* ins);
+    void visitStoreUnboxedString(MStoreUnboxedString* ins);
+    void visitLoadUnboxedString(MLoadUnboxedString* ins);
+
+  private:
+    void storeOffset(MInstruction* ins, size_t offset, MDefinition* value);
+    void loadOffset(MInstruction* ins, size_t offset);
 };
 
 const char* ObjectMemoryView::phaseName = "Scalar Replacement of Object";
@@ -626,6 +634,30 @@ GetOffsetOf(MDefinition* index, Scalar::Type type, int32_t baseOffset)
     return GetOffsetOf(index, Scalar::byteSize(type), baseOffset);
 }
 
+void
+ObjectMemoryView::storeOffset(MInstruction* ins, size_t offset, MDefinition* value)
+{
+    // Clone the state and update the slot value.
+    MOZ_ASSERT(state_->hasOffset(offset));
+    state_ = BlockState::Copy(alloc_, state_);
+    state_->setOffset(offset, value);
+    ins->block()->insertBefore(ins, state_);
+
+    // Remove original instruction.
+    ins->block()->discard(ins);
+}
+
+void
+ObjectMemoryView::loadOffset(MInstruction* ins, size_t offset)
+{
+    // Replace load by the slot value.
+    MOZ_ASSERT(state_->hasOffset(offset));
+    ins->replaceAllUsesWith(state_->getOffset(offset));
+
+    // Remove original instruction.
+    ins->block()->discard(ins);
+}
+
 void
 ObjectMemoryView::visitStoreUnboxedScalar(MStoreUnboxedScalar* ins)
 {
@@ -633,15 +665,8 @@ ObjectMemoryView::visitStoreUnboxedScalar(MStoreUnboxedScalar* ins)
     if (ins->elements() != obj_)
         return;
 
-    // Clone the state and update the slot value.
     size_t offset = GetOffsetOf(ins->index(), ins->storageType(), ins->offsetAdjustment());
-    MOZ_ASSERT(state_->hasOffset(offset));
-    state_ = BlockState::Copy(alloc_, state_);
-    state_->setOffset(offset, ins->value());
-    ins->block()->insertBefore(ins->toInstruction(), state_);
-
-    // Remove original instruction.
-    ins->block()->discard(ins);
+    storeOffset(ins, offset, ins->value());
 }
 
 void
@@ -653,11 +678,7 @@ ObjectMemoryView::visitLoadUnboxedScalar(MLoadUnboxedScalar* ins)
 
     // Replace load by the slot value.
     size_t offset = GetOffsetOf(ins->index(), ins->storageType(), ins->offsetAdjustment());
-    MOZ_ASSERT(state_->hasOffset(offset));
-    ins->replaceAllUsesWith(state_->getOffset(offset));
-
-    // Remove original instruction.
-    ins->block()->discard(ins);
+    loadOffset(ins, offset);
 }
 
 void
@@ -669,13 +690,7 @@ ObjectMemoryView::visitStoreUnboxedObjectOrNull(MStoreUnboxedObjectOrNull* ins)
 
     // Clone the state and update the slot value.
     size_t offset = GetOffsetOf(ins->index(), sizeof(uintptr_t), ins->offsetAdjustment());
-    MOZ_ASSERT(state_->hasOffset(offset));
-    state_ = BlockState::Copy(alloc_, state_);
-    state_->setOffset(offset, ins->value());
-    ins->block()->insertBefore(ins->toInstruction(), state_);
-
-    // Remove original instruction.
-    ins->block()->discard(ins);
+    storeOffset(ins, offset, ins->value());
 }
 
 void
@@ -687,11 +702,31 @@ ObjectMemoryView::visitLoadUnboxedObjectOrNull(MLoadUnboxedObjectOrNull* ins)
 
     // Replace load by the slot value.
     size_t offset = GetOffsetOf(ins->index(), sizeof(uintptr_t), ins->offsetAdjustment());
-    MOZ_ASSERT(state_->hasOffset(offset));
-    ins->replaceAllUsesWith(state_->getOffset(offset));
+    loadOffset(ins, offset);
+}
 
-    // Remove original instruction.
-    ins->block()->discard(ins);
+void
+ObjectMemoryView::visitStoreUnboxedString(MStoreUnboxedString* ins)
+{
+    // Skip stores made on other objects.
+    if (ins->elements() != obj_)
+        return;
+
+    // Clone the state and update the slot value.
+    size_t offset = GetOffsetOf(ins->index(), sizeof(uintptr_t), ins->offsetAdjustment());
+    storeOffset(ins, offset, ins->value());
+}
+
+void
+ObjectMemoryView::visitLoadUnboxedString(MLoadUnboxedString* ins)
+{
+    // Skip loads made on other objects.
+    if (ins->elements() != obj_)
+        return;
+
+    // Replace load by the slot value.
+    size_t offset = GetOffsetOf(ins->index(), sizeof(uintptr_t), ins->offsetAdjustment());
+    loadOffset(ins, offset);
 }
 
 static bool

From 5eafba455708a4d0ea642a51b5d9fba76fdea002 Mon Sep 17 00:00:00 2001
From: Benjamin Bouvier 
Date: Tue, 9 Jun 2015 23:09:37 +0200
Subject: [PATCH 195/297] Bug 1172895: Raise the stack size limit for JS helper
 threads; r=bhackett

---
 js/src/vm/HelperThreads.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/js/src/vm/HelperThreads.cpp b/js/src/vm/HelperThreads.cpp
index 7974ca49d50..0a6eea154d6 100644
--- a/js/src/vm/HelperThreads.cpp
+++ b/js/src/vm/HelperThreads.cpp
@@ -434,8 +434,8 @@ js::EnqueuePendingParseTasksAfterGC(JSRuntime* rt)
     HelperThreadState().notifyAll(GlobalHelperThreadState::PRODUCER);
 }
 
-static const uint32_t kDefaultHelperStackSize = 512 * 1024;
-static const uint32_t kDefaultHelperStackQuota = 450 * 1024;
+static const uint32_t kDefaultHelperStackSize = 2048 * 1024;
+static const uint32_t kDefaultHelperStackQuota = 1800 * 1024;
 
 // TSan enforces a minimum stack size that's just slightly larger than our
 // default helper stack size.  It does this to store blobs of TSan-specific

From 60419caa2ecb60b36b434cf4f594a67bf56b6bed Mon Sep 17 00:00:00 2001
From: Fernando Jimenez 
Date: Thu, 11 Jun 2015 15:32:54 +0200
Subject: [PATCH 196/297] Bug 1152899 - Disallow the interception of
 third-party iframes using service workers when the third-party cookie
 preference is set. r=smaug,baku

---
 docshell/base/nsDocShell.cpp                  |  32 ++++
 dom/workers/test/serviceworkers/mochitest.ini |   6 +
 .../test_third_party_iframes.html             | 174 ++++++++++++++++++
 .../serviceworkers/thirdparty/iframe1.html    |  30 +++
 .../serviceworkers/thirdparty/iframe2.html    |   7 +
 .../serviceworkers/thirdparty/register.html   |  27 +++
 .../test/serviceworkers/thirdparty/sw.js      |  14 ++
 .../serviceworkers/thirdparty/unregister.html |  12 ++
 8 files changed, 302 insertions(+)
 create mode 100644 dom/workers/test/serviceworkers/test_third_party_iframes.html
 create mode 100644 dom/workers/test/serviceworkers/thirdparty/iframe1.html
 create mode 100644 dom/workers/test/serviceworkers/thirdparty/iframe2.html
 create mode 100644 dom/workers/test/serviceworkers/thirdparty/register.html
 create mode 100644 dom/workers/test/serviceworkers/thirdparty/sw.js
 create mode 100644 dom/workers/test/serviceworkers/thirdparty/unregister.html

diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp
index f5bcd8cdd69..5b331a43931 100644
--- a/docshell/base/nsDocShell.cpp
+++ b/docshell/base/nsDocShell.cpp
@@ -200,6 +200,12 @@
 #include "nsIBrowserSearchService.h"
 #endif
 
+#include "mozIThirdPartyUtil.h"
+// Values for the network.cookie.cookieBehavior pref are documented in
+// nsCookieService.cpp
+#define COOKIE_BEHAVIOR_ACCEPT 0 // Allow all cookies.
+#define COOKIE_BEHAVIOR_REJECT_FOREIGN 1 // Reject all third-party cookies.
+
 static NS_DEFINE_CID(kAppShellCID, NS_APPSHELL_CID);
 
 #if defined(DEBUG_bryner) || defined(DEBUG_chb)
@@ -14051,6 +14057,32 @@ nsDocShell::ShouldPrepareForIntercept(nsIURI* aURI, bool aIsNavigate,
     return NS_OK;
   }
 
+  nsresult result;
+  nsCOMPtr thirdPartyUtil =
+    do_GetService(THIRDPARTYUTIL_CONTRACTID, &result);
+  NS_ENSURE_SUCCESS(result, result);
+
+  if (mCurrentURI) {
+    nsAutoCString uriSpec;
+    mCurrentURI->GetSpec(uriSpec);
+    if (!(uriSpec.EqualsLiteral("about:blank"))) {
+      // Reject the interception of third-party iframes if the cookie behaviour
+      // is set to reject all third-party cookies (1). In case that this pref
+      // is not set or can't be read, we default to allow all cookies (0) as
+      // this is the default value in all.js.
+      bool isThirdPartyURI = true;
+      result = thirdPartyUtil->IsThirdPartyURI(mCurrentURI, aURI,
+                                               &isThirdPartyURI);
+      NS_ENSURE_SUCCESS(result, result);
+      if (isThirdPartyURI &&
+          (Preferences::GetInt("network.cookie.cookieBehavior",
+                               COOKIE_BEHAVIOR_ACCEPT) ==
+                               COOKIE_BEHAVIOR_REJECT_FOREIGN)) {
+        return NS_OK;
+      }
+    }
+  }
+
   if (aIsNavigate) {
     OriginAttributes attrs(GetAppId(), GetIsInBrowserElement());
     *aShouldIntercept = swm->IsAvailable(attrs, aURI);
diff --git a/dom/workers/test/serviceworkers/mochitest.ini b/dom/workers/test/serviceworkers/mochitest.ini
index a0ff08418f4..f185085142d 100644
--- a/dom/workers/test/serviceworkers/mochitest.ini
+++ b/dom/workers/test/serviceworkers/mochitest.ini
@@ -129,6 +129,11 @@ support-files =
   strict_mode_error.js
   skip_waiting_installed_worker.js
   skip_waiting_scope/index.html
+  thirdparty/iframe1.html
+  thirdparty/iframe2.html
+  thirdparty/register.html
+  thirdparty/unregister.html
+  thirdparty/sw.js
 
 [test_unregister.html]
 [test_installation_simple.html]
@@ -167,6 +172,7 @@ support-files =
 [test_sanitize_domain.html]
 [test_service_worker_allowed.html]
 [test_app_protocol.html]
+[test_third_party_iframes.html]
 [test_claim_fetch.html]
 [test_force_refresh.html]
 [test_skip_waiting.html]
diff --git a/dom/workers/test/serviceworkers/test_third_party_iframes.html b/dom/workers/test/serviceworkers/test_third_party_iframes.html
new file mode 100644
index 00000000000..ebea682accb
--- /dev/null
+++ b/dom/workers/test/serviceworkers/test_third_party_iframes.html
@@ -0,0 +1,174 @@
+
+
+
+
+  
+  Bug 1152899 - Disallow the interception of third-party iframes using service workers when the third-party cookie preference is set
+  
+  
+
+
+

+
+

+
+
+
+
diff --git a/dom/workers/test/serviceworkers/thirdparty/iframe1.html b/dom/workers/test/serviceworkers/thirdparty/iframe1.html
new file mode 100644
index 00000000000..43fe8c5729b
--- /dev/null
+++ b/dom/workers/test/serviceworkers/thirdparty/iframe1.html
@@ -0,0 +1,30 @@
+
+
+
+  
+  SW third party iframe test
+
+  
+
+
+
+
+  
+
+
+
diff --git a/dom/workers/test/serviceworkers/thirdparty/iframe2.html b/dom/workers/test/serviceworkers/thirdparty/iframe2.html
new file mode 100644
index 00000000000..fac6a9395de
--- /dev/null
+++ b/dom/workers/test/serviceworkers/thirdparty/iframe2.html
@@ -0,0 +1,7 @@
+
+
diff --git a/dom/workers/test/serviceworkers/thirdparty/register.html b/dom/workers/test/serviceworkers/thirdparty/register.html
new file mode 100644
index 00000000000..59b8c5c41ad
--- /dev/null
+++ b/dom/workers/test/serviceworkers/thirdparty/register.html
@@ -0,0 +1,27 @@
+
+
diff --git a/dom/workers/test/serviceworkers/thirdparty/sw.js b/dom/workers/test/serviceworkers/thirdparty/sw.js
new file mode 100644
index 00000000000..ca45698c837
--- /dev/null
+++ b/dom/workers/test/serviceworkers/thirdparty/sw.js
@@ -0,0 +1,14 @@
+self.addEventListener("fetch", function(event) {
+  dump("fetch " + event.request.url + "\n");
+  if (event.request.url.indexOf("iframe2.html") >= 0) {
+    var body =
+      "";
+    event.respondWith(new Response(body, {
+      headers: {'Content-Type': 'text/html'}
+    }));
+  }
+});
diff --git a/dom/workers/test/serviceworkers/thirdparty/unregister.html b/dom/workers/test/serviceworkers/thirdparty/unregister.html
new file mode 100644
index 00000000000..a054f3bd2c0
--- /dev/null
+++ b/dom/workers/test/serviceworkers/thirdparty/unregister.html
@@ -0,0 +1,12 @@
+
+

From fd45d8da7cb7a806e5bb54b5f02c4844c1281850 Mon Sep 17 00:00:00 2001
From: Fernando Jimenez 
Date: Thu, 11 Jun 2015 15:32:54 +0200
Subject: [PATCH 197/297] Bug 1137245 - ServiceWorkerManager should set
 WorkerPrivate::LoadInfo::mIndexedDBAllowed correctly. r=bent, bkelly

---
 dom/indexedDB/IDBFactory.cpp                  | 43 +++++++++--
 dom/indexedDB/IDBFactory.h                    |  4 ++
 dom/indexedDB/test/mochitest.ini              |  4 ++
 dom/indexedDB/test/service_worker.js          | 10 +++
 dom/indexedDB/test/service_worker_client.html | 28 ++++++++
 dom/indexedDB/test/test_serviceworker.html    | 71 +++++++++++++++++++
 dom/workers/ServiceWorkerManager.cpp          |  4 ++
 7 files changed, 157 insertions(+), 7 deletions(-)
 create mode 100644 dom/indexedDB/test/service_worker.js
 create mode 100644 dom/indexedDB/test/service_worker_client.html
 create mode 100644 dom/indexedDB/test/test_serviceworker.html

diff --git a/dom/indexedDB/IDBFactory.cpp b/dom/indexedDB/IDBFactory.cpp
index 722666cbd4b..6d757dbc24d 100644
--- a/dom/indexedDB/IDBFactory.cpp
+++ b/dom/indexedDB/IDBFactory.cpp
@@ -367,15 +367,14 @@ IDBFactory::AllowedForWindowInternal(nsPIDOMWindow* aWindow,
     return NS_ERROR_DOM_INDEXEDDB_UNKNOWN_ERR;
   }
 
-  if (nsContentUtils::IsSystemPrincipal(principal)) {
-    principal.forget(aPrincipal);
-    return NS_OK;
+  bool isSystemPrincipal;
+  if (!AllowedForPrincipal(principal, &isSystemPrincipal)) {
+    return NS_ERROR_DOM_INDEXEDDB_UNKNOWN_ERR;
   }
 
-  bool isNullPrincipal;
-  if (NS_WARN_IF(NS_FAILED(principal->GetIsNullPrincipal(&isNullPrincipal))) ||
-      isNullPrincipal) {
-    return NS_ERROR_DOM_INDEXEDDB_UNKNOWN_ERR;
+  if (isSystemPrincipal) {
+    principal.forget(aPrincipal);
+    return NS_OK;
   }
 
   // Whitelist about:home, since it doesn't have a base domain it would not
@@ -424,6 +423,36 @@ IDBFactory::AllowedForWindowInternal(nsPIDOMWindow* aWindow,
   return NS_OK;
 }
 
+// static
+bool
+IDBFactory::AllowedForPrincipal(nsIPrincipal* aPrincipal,
+                                bool* aIsSystemPrincipal)
+{
+  MOZ_ASSERT(NS_IsMainThread());
+  MOZ_ASSERT(aPrincipal);
+
+  if (NS_WARN_IF(!IndexedDatabaseManager::GetOrCreate())) {
+    return false;
+  }
+
+  if (nsContentUtils::IsSystemPrincipal(aPrincipal)) {
+    if (aIsSystemPrincipal) {
+      *aIsSystemPrincipal = true;
+    }
+    return true;
+  } else if (aIsSystemPrincipal) {
+    *aIsSystemPrincipal = false;
+  }
+
+  bool isNullPrincipal;
+  if (NS_WARN_IF(NS_FAILED(aPrincipal->GetIsNullPrincipal(&isNullPrincipal))) ||
+      isNullPrincipal) {
+    return false;
+  }
+
+  return true;
+}
+
 #ifdef DEBUG
 
 void
diff --git a/dom/indexedDB/IDBFactory.h b/dom/indexedDB/IDBFactory.h
index deab1a976f6..bebd4da9c3b 100644
--- a/dom/indexedDB/IDBFactory.h
+++ b/dom/indexedDB/IDBFactory.h
@@ -105,6 +105,10 @@ public:
   static bool
   AllowedForWindow(nsPIDOMWindow* aWindow);
 
+  static bool
+  AllowedForPrincipal(nsIPrincipal* aPrincipal,
+                      bool* aIsSystemPrincipal = nullptr);
+
   void
   AssertIsOnOwningThread() const
 #ifdef DEBUG
diff --git a/dom/indexedDB/test/mochitest.ini b/dom/indexedDB/test/mochitest.ini
index 1ee7325bdf4..c5f154bb336 100644
--- a/dom/indexedDB/test/mochitest.ini
+++ b/dom/indexedDB/test/mochitest.ini
@@ -12,6 +12,8 @@ support-files =
   file_app_isolation.js
   helpers.js
   leaving_page_iframe.html
+  service_worker.js
+  service_worker_client.html
   third_party_iframe1.html
   third_party_iframe2.html
   unit/test_add_put.js
@@ -377,3 +379,5 @@ skip-if = buildapp == 'b2g' || buildapp == 'mulet' || e10s || toolkit == 'androi
 # The clearBrowserData tests are only supposed to run in the main process.
 # They currently time out on android.
 skip-if = buildapp == 'b2g' || buildapp == 'mulet' || e10s || toolkit == 'android'
+[test_serviceworker.html]
+skip-if = buildapp == 'b2g'
diff --git a/dom/indexedDB/test/service_worker.js b/dom/indexedDB/test/service_worker.js
new file mode 100644
index 00000000000..eb8fd7f6637
--- /dev/null
+++ b/dom/indexedDB/test/service_worker.js
@@ -0,0 +1,10 @@
+onmessage = function(e) {
+  self.clients.matchAll().then(function(res) {
+    if (!res.length) {
+      dump("Error: no clients are currently controlled.\n");
+      return;
+    }
+    res[0].postMessage(indexedDB ? { available: true } :
+                                   { available: false });
+  });
+};
diff --git a/dom/indexedDB/test/service_worker_client.html b/dom/indexedDB/test/service_worker_client.html
new file mode 100644
index 00000000000..c1c98eaabbd
--- /dev/null
+++ b/dom/indexedDB/test/service_worker_client.html
@@ -0,0 +1,28 @@
+
+
+
+
+controlled page
+
+
+
+
+
+
diff --git a/dom/indexedDB/test/test_serviceworker.html b/dom/indexedDB/test/test_serviceworker.html
new file mode 100644
index 00000000000..505743802ae
--- /dev/null
+++ b/dom/indexedDB/test/test_serviceworker.html
@@ -0,0 +1,71 @@
+
+
+
+
+  Bug 1137245 - Allow IndexedDB usage in ServiceWorkers
+  
+  
+
+
+

+
+

+
+
+
+
diff --git a/dom/workers/ServiceWorkerManager.cpp b/dom/workers/ServiceWorkerManager.cpp
index 4346c6d0f8d..9346484eb7f 100644
--- a/dom/workers/ServiceWorkerManager.cpp
+++ b/dom/workers/ServiceWorkerManager.cpp
@@ -34,6 +34,7 @@
 #include "mozilla/dom/DOMError.h"
 #include "mozilla/dom/ErrorEvent.h"
 #include "mozilla/dom/Headers.h"
+#include "mozilla/dom/indexedDB/IDBFactory.h"
 #include "mozilla/dom/InternalHeaders.h"
 #include "mozilla/dom/Navigator.h"
 #include "mozilla/dom/PromiseNativeHandler.h"
@@ -3540,6 +3541,9 @@ ServiceWorkerManager::CreateServiceWorker(nsIPrincipal* aPrincipal,
 
   info.mPrincipal = aPrincipal;
 
+  info.mIndexedDBAllowed =
+    indexedDB::IDBFactory::AllowedForPrincipal(aPrincipal);
+
   // NOTE: this defaults the SW load context to:
   //  - private browsing = false
   //  - content = true

From 5499480aae12e57f32ee31b7847621515cff4e56 Mon Sep 17 00:00:00 2001
From: "Carsten \"Tomcat\" Book" 
Date: Thu, 11 Jun 2015 16:35:09 +0200
Subject: [PATCH 198/297] Backed out changeset bf800c62eeba (bug 1172641)

---
 .../basic/syntax-error-illegal-character.js   | 63 +++++++++---------
 .../tests/modules/export-declaration.js       | 65 +++++++++----------
 js/src/tests/ecma_6/Class/newTargetMethods.js |  5 --
 .../ecma_6/Class/superPropEvalInsideArrow.js  |  6 --
 .../ecma_6/Class/superPropHeavyweightArrow.js |  6 --
 5 files changed, 59 insertions(+), 86 deletions(-)

diff --git a/js/src/jit-test/tests/basic/syntax-error-illegal-character.js b/js/src/jit-test/tests/basic/syntax-error-illegal-character.js
index 0205bbcdd45..1a8551bafa7 100644
--- a/js/src/jit-test/tests/basic/syntax-error-illegal-character.js
+++ b/js/src/jit-test/tests/basic/syntax-error-illegal-character.js
@@ -1,5 +1,3 @@
-load(libdir + "class.js");
-
 var JSMSG_ILLEGAL_CHARACTER = "illegal character";
 var JSMSG_UNTERMINATED_STRING = "unterminated string literal";
 
@@ -27,6 +25,7 @@ function test_eval(code) {
   assertEq(caught, true);
 }
 
+
 function test(code) {
   test_reflect(code);
   test_reflect("'use strict'; " + code);
@@ -469,18 +468,16 @@ test_no_fun_no_eval("export const a = 1, b = @");
 test_no_fun_no_eval("export const a = 1, b = 2 @");
 test_no_fun_no_eval("export const a = 1, b = 2; @");
 
-if (classesEnabled()) {
-    test_no_fun_no_eval("export class @");
-    test_no_fun_no_eval("export class Foo @");
-    test_no_fun_no_eval("export class Foo {  @");
-    test_no_fun_no_eval("export class Foo { constructor @");
-    test_no_fun_no_eval("export class Foo { constructor( @");
-    test_no_fun_no_eval("export class Foo { constructor() @");
-    test_no_fun_no_eval("export class Foo { constructor() { @");
-    test_no_fun_no_eval("export class Foo { constructor() {} @");
-    test_no_fun_no_eval("export class Foo { constructor() {} } @");
-    test_no_fun_no_eval("export class Foo { constructor() {} }; @");
-}
+test_no_fun_no_eval("export class @");
+test_no_fun_no_eval("export class Foo @");
+test_no_fun_no_eval("export class Foo {  @");
+test_no_fun_no_eval("export class Foo { constructor @");
+test_no_fun_no_eval("export class Foo { constructor( @");
+test_no_fun_no_eval("export class Foo { constructor() @");
+test_no_fun_no_eval("export class Foo { constructor() { @");
+test_no_fun_no_eval("export class Foo { constructor() {} @");
+test_no_fun_no_eval("export class Foo { constructor() {} } @");
+test_no_fun_no_eval("export class Foo { constructor() {} }; @");
 
 test_no_fun_no_eval("export default @");
 test_no_fun_no_eval("export default 1 @");
@@ -499,27 +496,25 @@ test_no_fun_no_eval("export default function foo() { @");
 test_no_fun_no_eval("export default function foo() {} @");
 test_no_fun_no_eval("export default function foo() {}; @");
 
-if (classesEnabled()) {
-    test_no_fun_no_eval("export default class @");
-    test_no_fun_no_eval("export default class { @");
-    test_no_fun_no_eval("export default class { constructor @");
-    test_no_fun_no_eval("export default class { constructor( @");
-    test_no_fun_no_eval("export default class { constructor() @");
-    test_no_fun_no_eval("export default class { constructor() { @");
-    test_no_fun_no_eval("export default class { constructor() {} @");
-    test_no_fun_no_eval("export default class { constructor() {} } @");
-    test_no_fun_no_eval("export default class { constructor() {} }; @");
+test_no_fun_no_eval("export default class @");
+test_no_fun_no_eval("export default class { @");
+test_no_fun_no_eval("export default class { constructor @");
+test_no_fun_no_eval("export default class { constructor( @");
+test_no_fun_no_eval("export default class { constructor() @");
+test_no_fun_no_eval("export default class { constructor() { @");
+test_no_fun_no_eval("export default class { constructor() {} @");
+test_no_fun_no_eval("export default class { constructor() {} } @");
+test_no_fun_no_eval("export default class { constructor() {} }; @");
 
-    test_no_fun_no_eval("export default class Foo @");
-    test_no_fun_no_eval("export default class Foo { @");
-    test_no_fun_no_eval("export default class Foo { constructor @");
-    test_no_fun_no_eval("export default class Foo { constructor( @");
-    test_no_fun_no_eval("export default class Foo { constructor() @");
-    test_no_fun_no_eval("export default class Foo { constructor() { @");
-    test_no_fun_no_eval("export default class Foo { constructor() {} @");
-    test_no_fun_no_eval("export default class Foo { constructor() {} } @");
-    test_no_fun_no_eval("export default class Foo { constructor() {} }; @");
-}
+test_no_fun_no_eval("export default class Foo @");
+test_no_fun_no_eval("export default class Foo { @");
+test_no_fun_no_eval("export default class Foo { constructor @");
+test_no_fun_no_eval("export default class Foo { constructor( @");
+test_no_fun_no_eval("export default class Foo { constructor() @");
+test_no_fun_no_eval("export default class Foo { constructor() { @");
+test_no_fun_no_eval("export default class Foo { constructor() {} @");
+test_no_fun_no_eval("export default class Foo { constructor() {} } @");
+test_no_fun_no_eval("export default class Foo { constructor() {} }; @");
 
 // import
 
diff --git a/js/src/jit-test/tests/modules/export-declaration.js b/js/src/jit-test/tests/modules/export-declaration.js
index 4036a748852..3dc2869b2b3 100644
--- a/js/src/jit-test/tests/modules/export-declaration.js
+++ b/js/src/jit-test/tests/modules/export-declaration.js
@@ -1,6 +1,5 @@
 load(libdir + "match.js");
 load(libdir + "asserts.js");
-load(libdir + "class.js");
 
 var { Pattern, MatchError } = Match;
 
@@ -203,18 +202,16 @@ program([
     )
 ]).assert(Reflect.parse("export function f() {}"));
 
-if (classesEnabled()) {
-    program([
-        exportDeclaration(
-            classDeclaration(
-                ident("Foo")
-            ),
-            null,
-            null,
-            false
-        )
-    ]).assert(Reflect.parse("export class Foo { constructor() {} }"));
-}
+program([
+    exportDeclaration(
+        classDeclaration(
+            ident("Foo")
+        ),
+        null,
+        null,
+        false
+    )
+]).assert(Reflect.parse("export class Foo { constructor() {} }"));
 
 program([
     exportDeclaration(
@@ -295,29 +292,27 @@ program([
     )
 ]).assert(Reflect.parse("export default function foo() {}"));
 
-if (classesEnabled()) {
-    program([
-        exportDeclaration(
-            classDeclaration(
-                ident("*default*")
-            ),
-            null,
-            null,
-            true
-        )
-    ]).assert(Reflect.parse("export default class { constructor() {} }"));
+program([
+    exportDeclaration(
+        classDeclaration(
+            ident("*default*")
+        ),
+        null,
+        null,
+        true
+    )
+]).assert(Reflect.parse("export default class { constructor() {} }"));
 
-    program([
-        exportDeclaration(
-            classDeclaration(
-                ident("Foo")
-            ),
-            null,
-            null,
-            true
-        )
-    ]).assert(Reflect.parse("export default class Foo { constructor() {} }"));
-}
+program([
+    exportDeclaration(
+        classDeclaration(
+            ident("Foo")
+        ),
+        null,
+        null,
+        true
+    )
+]).assert(Reflect.parse("export default class Foo { constructor() {} }"));
 
 program([
     exportDeclaration(
diff --git a/js/src/tests/ecma_6/Class/newTargetMethods.js b/js/src/tests/ecma_6/Class/newTargetMethods.js
index 055ec0bf198..84dba1cec72 100644
--- a/js/src/tests/ecma_6/Class/newTargetMethods.js
+++ b/js/src/tests/ecma_6/Class/newTargetMethods.js
@@ -1,5 +1,3 @@
-var test = `
-
 // Just like newTargetDirectInvoke, except to prove it works in functions
 // defined with method syntax as well. Note that methods, getters, and setters
 // are not constructible.
@@ -48,10 +46,7 @@ for (let i = 0; i < TEST_ITERATIONS; i++)
     clInst.cl;
 for (let i = 0; i < TEST_ITERATIONS; i++)
     clInst.cl = 4;
-`;
 
-if (classesEnabled())
-    eval(test);
 
 if (typeof reportCompare === "function")
     reportCompare(0,0,"OK");
diff --git a/js/src/tests/ecma_6/Class/superPropEvalInsideArrow.js b/js/src/tests/ecma_6/Class/superPropEvalInsideArrow.js
index c81d86c3dc0..882f93ba0ac 100644
--- a/js/src/tests/ecma_6/Class/superPropEvalInsideArrow.js
+++ b/js/src/tests/ecma_6/Class/superPropEvalInsideArrow.js
@@ -1,5 +1,3 @@
-var test = `
-
 class foo {
     constructor() { }
 
@@ -8,10 +6,6 @@ class foo {
     }
 }
 assertEq(new foo().method()(), Object.prototype.toString);
-`;
-
-if (classesEnabled())
-    eval(test);
 
 if (typeof reportCompare === "function")
     reportCompare(0,0,"OK");
diff --git a/js/src/tests/ecma_6/Class/superPropHeavyweightArrow.js b/js/src/tests/ecma_6/Class/superPropHeavyweightArrow.js
index dda69edc0c7..ce30690d539 100644
--- a/js/src/tests/ecma_6/Class/superPropHeavyweightArrow.js
+++ b/js/src/tests/ecma_6/Class/superPropHeavyweightArrow.js
@@ -1,5 +1,3 @@
-var test = `
-
 class foo {
     constructor() { }
 
@@ -9,10 +7,6 @@ class foo {
 }
 
 assertEq(new foo().method()(), Object.prototype.toString);
-`;
-
-if (classesEnabled())
-    eval(test);
 
 if (typeof reportCompare === "function")
     reportCompare(0,0,"OK");

From 21d9685ebfdf8eea9937f6737b9b7e2a83743254 Mon Sep 17 00:00:00 2001
From: "Carsten \"Tomcat\" Book" 
Date: Thu, 11 Jun 2015 16:35:44 +0200
Subject: [PATCH 199/297] Backed out changeset 136d0f3fe47c (bug 1172193) for
 causing bc3 leaks in browser_notifications.js on a CLOSED TREE

---
 js/src/gc/GCRuntime.h     |  1 -
 js/src/gc/RootMarking.cpp |  7 ------
 js/src/jsgc.cpp           | 45 ---------------------------------------
 3 files changed, 53 deletions(-)

diff --git a/js/src/gc/GCRuntime.h b/js/src/gc/GCRuntime.h
index 890fe100b2d..51013b99e5c 100644
--- a/js/src/gc/GCRuntime.h
+++ b/js/src/gc/GCRuntime.h
@@ -893,7 +893,6 @@ class GCRuntime
     SliceBudget defaultBudget(JS::gcreason::Reason reason, int64_t millis);
     void collect(bool incremental, SliceBudget budget, JS::gcreason::Reason reason);
     bool gcCycle(bool incremental, SliceBudget& budget, JS::gcreason::Reason reason);
-    void scheduleZonesWithIncomingCCWs();
     gcstats::ZoneGCStats scanZonesBeforeGC();
     void budgetIncrementalGC(SliceBudget& budget);
     void resetIncrementalGC(const char* reason);
diff --git a/js/src/gc/RootMarking.cpp b/js/src/gc/RootMarking.cpp
index e32373a5f87..bb0681fc402 100644
--- a/js/src/gc/RootMarking.cpp
+++ b/js/src/gc/RootMarking.cpp
@@ -418,17 +418,10 @@ js::gc::GCRuntime::markRuntime(JSTracer* trc,
     if (traceOrMark == MarkRuntime) {
         gcstats::AutoPhase ap(stats, gcstats::PHASE_MARK_CCWS);
 
-        /*
-         * For the first collection that happens in GCRuntime::collect() there
-         * should be no incoming edges from CCWs in uncollected zones, but for
-         * subsequent collections (e.g. caused by resets) this may no longer be
-         * true so we need to mark them here.
-         */
         for (CompartmentsIter c(rt, SkipAtoms); !c.done(); c.next()) {
             if (!c->zone()->isCollecting())
                 c->markCrossCompartmentWrappers(trc);
         }
-
         Debugger::markIncomingCrossCompartmentEdges(trc);
     }
 
diff --git a/js/src/jsgc.cpp b/js/src/jsgc.cpp
index 25389cfef2b..eafd362940f 100644
--- a/js/src/jsgc.cpp
+++ b/js/src/jsgc.cpp
@@ -6091,49 +6091,6 @@ IsDeterministicGCReason(JS::gcreason::Reason reason)
 }
 #endif
 
-void
-GCRuntime::scheduleZonesWithIncomingCCWs()
-{
-    bool scheduledZones;
-    do {
-        scheduledZones = false;
-        for (ZonesIter zone(rt, SkipAtoms); !zone.done(); zone.next()) {
-            if (zone->isGCScheduled())
-                continue;
-            for (CompartmentsInZoneIter comp(zone); !comp.done(); comp.next()) {
-                for (JSCompartment::WrapperEnum e(comp); !e.empty(); e.popFront()) {
-                    const CrossCompartmentKey& key = e.front().key();
-                    if (key.kind == CrossCompartmentKey::ObjectWrapper) {
-                        Zone* dest = static_cast(key.wrapped)->zone();
-                        if (dest->isGCScheduled()) {
-                            zone->scheduleGC();
-                            scheduledZones = true;
-                            goto nextZone;
-                        }
-                    }
-                }
-            }
-          nextZone:;
-        }
-    } while (scheduledZones);
-
-#ifdef DEBUG
-    for (ZonesIter zone(rt, SkipAtoms); !zone.done(); zone.next()) {
-        if (zone->isGCScheduled())
-            continue;
-        for (CompartmentsInZoneIter comp(zone); !comp.done(); comp.next()) {
-            for (JSCompartment::WrapperEnum e(comp); !e.empty(); e.popFront()) {
-                const CrossCompartmentKey& key = e.front().key();
-                if (key.kind == CrossCompartmentKey::ObjectWrapper) {
-                    Zone* dest = static_cast(key.wrapped)->zone();
-                    MOZ_ASSERT(!dest->isGCScheduled());
-                }
-            }
-        }
-    }
-#endif
-}
-
 gcstats::ZoneGCStats
 GCRuntime::scanZonesBeforeGC()
 {
@@ -6188,8 +6145,6 @@ GCRuntime::collect(bool incremental, SliceBudget budget, JS::gcreason::Reason re
     AutoStopVerifyingBarriers av(rt, reason == JS::gcreason::SHUTDOWN_CC ||
                                      reason == JS::gcreason::DESTROY_RUNTIME);
 
-    scheduleZonesWithIncomingCCWs();
-
     gcstats::AutoGCSlice agc(stats, scanZonesBeforeGC(), invocationKind, budget, reason);
 
     bool repeat = false;

From d7db84a53635f70a57303ce8bfc9b50de63886ef Mon Sep 17 00:00:00 2001
From: Jon Coppeard 
Date: Tue, 9 Jun 2015 07:20:00 +0200
Subject: [PATCH 200/297] Bug 1172641 -  Fix class tests to not fail on builds
 where classes are not enabled. r=shu

---
 .../basic/syntax-error-illegal-character.js   | 63 +++++++++---------
 .../tests/modules/export-declaration.js       | 65 ++++++++++---------
 js/src/tests/ecma_6/Class/newTargetMethods.js |  5 ++
 .../ecma_6/Class/superPropEvalInsideArrow.js  |  6 ++
 .../ecma_6/Class/superPropHeavyweightArrow.js |  6 ++
 5 files changed, 86 insertions(+), 59 deletions(-)

diff --git a/js/src/jit-test/tests/basic/syntax-error-illegal-character.js b/js/src/jit-test/tests/basic/syntax-error-illegal-character.js
index 1a8551bafa7..0205bbcdd45 100644
--- a/js/src/jit-test/tests/basic/syntax-error-illegal-character.js
+++ b/js/src/jit-test/tests/basic/syntax-error-illegal-character.js
@@ -1,3 +1,5 @@
+load(libdir + "class.js");
+
 var JSMSG_ILLEGAL_CHARACTER = "illegal character";
 var JSMSG_UNTERMINATED_STRING = "unterminated string literal";
 
@@ -25,7 +27,6 @@ function test_eval(code) {
   assertEq(caught, true);
 }
 
-
 function test(code) {
   test_reflect(code);
   test_reflect("'use strict'; " + code);
@@ -468,16 +469,18 @@ test_no_fun_no_eval("export const a = 1, b = @");
 test_no_fun_no_eval("export const a = 1, b = 2 @");
 test_no_fun_no_eval("export const a = 1, b = 2; @");
 
-test_no_fun_no_eval("export class @");
-test_no_fun_no_eval("export class Foo @");
-test_no_fun_no_eval("export class Foo {  @");
-test_no_fun_no_eval("export class Foo { constructor @");
-test_no_fun_no_eval("export class Foo { constructor( @");
-test_no_fun_no_eval("export class Foo { constructor() @");
-test_no_fun_no_eval("export class Foo { constructor() { @");
-test_no_fun_no_eval("export class Foo { constructor() {} @");
-test_no_fun_no_eval("export class Foo { constructor() {} } @");
-test_no_fun_no_eval("export class Foo { constructor() {} }; @");
+if (classesEnabled()) {
+    test_no_fun_no_eval("export class @");
+    test_no_fun_no_eval("export class Foo @");
+    test_no_fun_no_eval("export class Foo {  @");
+    test_no_fun_no_eval("export class Foo { constructor @");
+    test_no_fun_no_eval("export class Foo { constructor( @");
+    test_no_fun_no_eval("export class Foo { constructor() @");
+    test_no_fun_no_eval("export class Foo { constructor() { @");
+    test_no_fun_no_eval("export class Foo { constructor() {} @");
+    test_no_fun_no_eval("export class Foo { constructor() {} } @");
+    test_no_fun_no_eval("export class Foo { constructor() {} }; @");
+}
 
 test_no_fun_no_eval("export default @");
 test_no_fun_no_eval("export default 1 @");
@@ -496,25 +499,27 @@ test_no_fun_no_eval("export default function foo() { @");
 test_no_fun_no_eval("export default function foo() {} @");
 test_no_fun_no_eval("export default function foo() {}; @");
 
-test_no_fun_no_eval("export default class @");
-test_no_fun_no_eval("export default class { @");
-test_no_fun_no_eval("export default class { constructor @");
-test_no_fun_no_eval("export default class { constructor( @");
-test_no_fun_no_eval("export default class { constructor() @");
-test_no_fun_no_eval("export default class { constructor() { @");
-test_no_fun_no_eval("export default class { constructor() {} @");
-test_no_fun_no_eval("export default class { constructor() {} } @");
-test_no_fun_no_eval("export default class { constructor() {} }; @");
+if (classesEnabled()) {
+    test_no_fun_no_eval("export default class @");
+    test_no_fun_no_eval("export default class { @");
+    test_no_fun_no_eval("export default class { constructor @");
+    test_no_fun_no_eval("export default class { constructor( @");
+    test_no_fun_no_eval("export default class { constructor() @");
+    test_no_fun_no_eval("export default class { constructor() { @");
+    test_no_fun_no_eval("export default class { constructor() {} @");
+    test_no_fun_no_eval("export default class { constructor() {} } @");
+    test_no_fun_no_eval("export default class { constructor() {} }; @");
 
-test_no_fun_no_eval("export default class Foo @");
-test_no_fun_no_eval("export default class Foo { @");
-test_no_fun_no_eval("export default class Foo { constructor @");
-test_no_fun_no_eval("export default class Foo { constructor( @");
-test_no_fun_no_eval("export default class Foo { constructor() @");
-test_no_fun_no_eval("export default class Foo { constructor() { @");
-test_no_fun_no_eval("export default class Foo { constructor() {} @");
-test_no_fun_no_eval("export default class Foo { constructor() {} } @");
-test_no_fun_no_eval("export default class Foo { constructor() {} }; @");
+    test_no_fun_no_eval("export default class Foo @");
+    test_no_fun_no_eval("export default class Foo { @");
+    test_no_fun_no_eval("export default class Foo { constructor @");
+    test_no_fun_no_eval("export default class Foo { constructor( @");
+    test_no_fun_no_eval("export default class Foo { constructor() @");
+    test_no_fun_no_eval("export default class Foo { constructor() { @");
+    test_no_fun_no_eval("export default class Foo { constructor() {} @");
+    test_no_fun_no_eval("export default class Foo { constructor() {} } @");
+    test_no_fun_no_eval("export default class Foo { constructor() {} }; @");
+}
 
 // import
 
diff --git a/js/src/jit-test/tests/modules/export-declaration.js b/js/src/jit-test/tests/modules/export-declaration.js
index 3dc2869b2b3..4036a748852 100644
--- a/js/src/jit-test/tests/modules/export-declaration.js
+++ b/js/src/jit-test/tests/modules/export-declaration.js
@@ -1,5 +1,6 @@
 load(libdir + "match.js");
 load(libdir + "asserts.js");
+load(libdir + "class.js");
 
 var { Pattern, MatchError } = Match;
 
@@ -202,16 +203,18 @@ program([
     )
 ]).assert(Reflect.parse("export function f() {}"));
 
-program([
-    exportDeclaration(
-        classDeclaration(
-            ident("Foo")
-        ),
-        null,
-        null,
-        false
-    )
-]).assert(Reflect.parse("export class Foo { constructor() {} }"));
+if (classesEnabled()) {
+    program([
+        exportDeclaration(
+            classDeclaration(
+                ident("Foo")
+            ),
+            null,
+            null,
+            false
+        )
+    ]).assert(Reflect.parse("export class Foo { constructor() {} }"));
+}
 
 program([
     exportDeclaration(
@@ -292,27 +295,29 @@ program([
     )
 ]).assert(Reflect.parse("export default function foo() {}"));
 
-program([
-    exportDeclaration(
-        classDeclaration(
-            ident("*default*")
-        ),
-        null,
-        null,
-        true
-    )
-]).assert(Reflect.parse("export default class { constructor() {} }"));
+if (classesEnabled()) {
+    program([
+        exportDeclaration(
+            classDeclaration(
+                ident("*default*")
+            ),
+            null,
+            null,
+            true
+        )
+    ]).assert(Reflect.parse("export default class { constructor() {} }"));
 
-program([
-    exportDeclaration(
-        classDeclaration(
-            ident("Foo")
-        ),
-        null,
-        null,
-        true
-    )
-]).assert(Reflect.parse("export default class Foo { constructor() {} }"));
+    program([
+        exportDeclaration(
+            classDeclaration(
+                ident("Foo")
+            ),
+            null,
+            null,
+            true
+        )
+    ]).assert(Reflect.parse("export default class Foo { constructor() {} }"));
+}
 
 program([
     exportDeclaration(
diff --git a/js/src/tests/ecma_6/Class/newTargetMethods.js b/js/src/tests/ecma_6/Class/newTargetMethods.js
index 84dba1cec72..055ec0bf198 100644
--- a/js/src/tests/ecma_6/Class/newTargetMethods.js
+++ b/js/src/tests/ecma_6/Class/newTargetMethods.js
@@ -1,3 +1,5 @@
+var test = `
+
 // Just like newTargetDirectInvoke, except to prove it works in functions
 // defined with method syntax as well. Note that methods, getters, and setters
 // are not constructible.
@@ -46,7 +48,10 @@ for (let i = 0; i < TEST_ITERATIONS; i++)
     clInst.cl;
 for (let i = 0; i < TEST_ITERATIONS; i++)
     clInst.cl = 4;
+`;
 
+if (classesEnabled())
+    eval(test);
 
 if (typeof reportCompare === "function")
     reportCompare(0,0,"OK");
diff --git a/js/src/tests/ecma_6/Class/superPropEvalInsideArrow.js b/js/src/tests/ecma_6/Class/superPropEvalInsideArrow.js
index 882f93ba0ac..c81d86c3dc0 100644
--- a/js/src/tests/ecma_6/Class/superPropEvalInsideArrow.js
+++ b/js/src/tests/ecma_6/Class/superPropEvalInsideArrow.js
@@ -1,3 +1,5 @@
+var test = `
+
 class foo {
     constructor() { }
 
@@ -6,6 +8,10 @@ class foo {
     }
 }
 assertEq(new foo().method()(), Object.prototype.toString);
+`;
+
+if (classesEnabled())
+    eval(test);
 
 if (typeof reportCompare === "function")
     reportCompare(0,0,"OK");
diff --git a/js/src/tests/ecma_6/Class/superPropHeavyweightArrow.js b/js/src/tests/ecma_6/Class/superPropHeavyweightArrow.js
index ce30690d539..dda69edc0c7 100644
--- a/js/src/tests/ecma_6/Class/superPropHeavyweightArrow.js
+++ b/js/src/tests/ecma_6/Class/superPropHeavyweightArrow.js
@@ -1,3 +1,5 @@
+var test = `
+
 class foo {
     constructor() { }
 
@@ -7,6 +9,10 @@ class foo {
 }
 
 assertEq(new foo().method()(), Object.prototype.toString);
+`;
+
+if (classesEnabled())
+    eval(test);
 
 if (typeof reportCompare === "function")
     reportCompare(0,0,"OK");

From e644e622d995cf13ed42bfc6462b1e74cacdde40 Mon Sep 17 00:00:00 2001
From: Karl Tomlinson 
Date: Wed, 10 Jun 2015 13:31:29 +0200
Subject: [PATCH 201/297] Bug 974089 - Destroy WebAudio MediaStream when a
 source finishes. r=padenot

---
 dom/media/webaudio/AudioBufferSourceNode.cpp | 14 +++++++++++++-
 dom/media/webaudio/AudioNode.cpp             |  8 +++++---
 dom/media/webaudio/AudioNode.h               |  2 +-
 dom/media/webaudio/OscillatorNode.cpp        | 12 ++++++++++++
 4 files changed, 31 insertions(+), 5 deletions(-)

diff --git a/dom/media/webaudio/AudioBufferSourceNode.cpp b/dom/media/webaudio/AudioBufferSourceNode.cpp
index 82ad61eda58..ce73905ae0f 100644
--- a/dom/media/webaudio/AudioBufferSourceNode.cpp
+++ b/dom/media/webaudio/AudioBufferSourceNode.cpp
@@ -643,7 +643,9 @@ void
 AudioBufferSourceNode::SendBufferParameterToStream(JSContext* aCx)
 {
   AudioNodeStream* ns = static_cast(mStream.get());
-  MOZ_ASSERT(ns, "Why don't we have a stream here?");
+  if (!mStream) {
+    return;
+  }
 
   if (mBuffer) {
     float rate = mBuffer->SampleRate();
@@ -734,6 +736,9 @@ AudioBufferSourceNode::NotifyMainThreadStreamFinished()
   };
 
   NS_DispatchToMainThread(new EndedEventDispatcher(this));
+  // Release stream resources.
+  // DestroyMediaStream() will remove this stream listener.
+  DestroyMediaStream();
 
   // Drop the playing reference
   // Warning: The below line might delete this.
@@ -744,6 +749,9 @@ void
 AudioBufferSourceNode::SendPlaybackRateToStream(AudioNode* aNode)
 {
   AudioBufferSourceNode* This = static_cast(aNode);
+  if (!This->mStream) {
+    return;
+  }
   SendTimelineParameterToStream(This, PLAYBACKRATE, *This->mPlaybackRate);
 }
 
@@ -757,12 +765,16 @@ AudioBufferSourceNode::SendDetuneToStream(AudioNode* aNode)
 void
 AudioBufferSourceNode::SendDopplerShiftToStream(double aDopplerShift)
 {
+  MOZ_ASSERT(mStream, "Should have disconnected panner if no stream");
   SendDoubleParameterToStream(DOPPLERSHIFT, aDopplerShift);
 }
 
 void
 AudioBufferSourceNode::SendLoopParametersToStream()
 {
+  if (!mStream) {
+    return;
+  }
   // Don't compute and set the loop parameters unnecessarily
   if (mLoop && mBuffer) {
     float rate = mBuffer->SampleRate();
diff --git a/dom/media/webaudio/AudioNode.cpp b/dom/media/webaudio/AudioNode.cpp
index a602d386f92..3f0d7747bca 100644
--- a/dom/media/webaudio/AudioNode.cpp
+++ b/dom/media/webaudio/AudioNode.cpp
@@ -352,10 +352,12 @@ AudioNode::Disconnect(uint32_t aOutput, ErrorResult& aRv)
         // Remove one instance of 'dest' from mOutputNodes. There could be
         // others, and it's not correct to remove them all since some of them
         // could be for different output ports.
-        nsCOMPtr runnable =
-          new RunnableRelease(mOutputNodes[i].forget());
+        nsRefPtr output = mOutputNodes[i].forget();
         mOutputNodes.RemoveElementAt(i);
-        mStream->RunAfterPendingUpdates(runnable.forget());
+        if (mStream) {
+          nsRefPtr runnable = new RunnableRelease(output.forget());
+          mStream->RunAfterPendingUpdates(runnable.forget());
+        }
         break;
       }
     }
diff --git a/dom/media/webaudio/AudioNode.h b/dom/media/webaudio/AudioNode.h
index 0a35975d737..f3b2bfcaae8 100644
--- a/dom/media/webaudio/AudioNode.h
+++ b/dom/media/webaudio/AudioNode.h
@@ -220,7 +220,7 @@ private:
   nsRefPtr mContext;
 
 protected:
-  // Must be set in the constructor. Must not be null.
+  // Must be set in the constructor. Must not be null unless finished.
   // If MaxNumberOfInputs() is > 0, then mStream must be a ProcessedMediaStream.
   nsRefPtr mStream;
 
diff --git a/dom/media/webaudio/OscillatorNode.cpp b/dom/media/webaudio/OscillatorNode.cpp
index dc2a664c28e..382e436ac9d 100644
--- a/dom/media/webaudio/OscillatorNode.cpp
+++ b/dom/media/webaudio/OscillatorNode.cpp
@@ -425,6 +425,9 @@ void
 OscillatorNode::SendFrequencyToStream(AudioNode* aNode)
 {
   OscillatorNode* This = static_cast(aNode);
+  if (!This->mStream) {
+    return;
+  }
   SendTimelineParameterToStream(This, OscillatorNodeEngine::FREQUENCY, *This->mFrequency);
 }
 
@@ -432,12 +435,18 @@ void
 OscillatorNode::SendDetuneToStream(AudioNode* aNode)
 {
   OscillatorNode* This = static_cast(aNode);
+  if (!This->mStream) {
+    return;
+  }
   SendTimelineParameterToStream(This, OscillatorNodeEngine::DETUNE, *This->mDetune);
 }
 
 void
 OscillatorNode::SendTypeToStream()
 {
+  if (!mStream) {
+    return;
+  }
   if (mType == OscillatorType::Custom) {
     // The engine assumes we'll send the custom data before updating the type.
     SendPeriodicWaveToStream();
@@ -536,6 +545,9 @@ OscillatorNode::NotifyMainThreadStreamFinished()
   };
 
   NS_DispatchToMainThread(new EndedEventDispatcher(this));
+  // Release stream resources.
+  // DestroyMediaStream() will remove this stream listener.
+  DestroyMediaStream();
 
   // Drop the playing reference
   // Warning: The below line might delete this.

From c86904e4cb3f2b75c85ef97314792df63af30076 Mon Sep 17 00:00:00 2001
From: Paul Adenot 
Date: Wed, 10 Jun 2015 19:31:12 +0200
Subject: [PATCH 202/297] Bug 974089 - Handle the fact that a MediaStream can
 now be destroyed from the graph thread. r=jesup,padenot

Part of the patch from jesup.
---
 dom/media/MediaStreamGraph.cpp   | 25 ++++++++++++++++++++-----
 dom/media/MediaStreamGraphImpl.h |  2 +-
 2 files changed, 21 insertions(+), 6 deletions(-)

diff --git a/dom/media/MediaStreamGraph.cpp b/dom/media/MediaStreamGraph.cpp
index 8e6cedab4a7..5f71b07cf6f 100644
--- a/dom/media/MediaStreamGraph.cpp
+++ b/dom/media/MediaStreamGraph.cpp
@@ -127,18 +127,24 @@ MediaStreamGraphImpl::AddStream(MediaStream* aStream)
 }
 
 void
-MediaStreamGraphImpl::RemoveStream(MediaStream* aStream)
+MediaStreamGraphImpl::RemoveStream(MediaStream* aStream, bool aLocked)
 {
   // Remove references in mStreamUpdates before we allow aStream to die.
   // Pending updates are not needed (since the main thread has already given
   // up the stream) so we will just drop them.
-  {
+  if (aLocked) {
     MonitorAutoLock lock(mMonitor);
     for (uint32_t i = 0; i < mStreamUpdates.Length(); ++i) {
       if (mStreamUpdates[i].mStream == aStream) {
         mStreamUpdates[i].mStream = nullptr;
       }
     }
+  } else {
+    for (uint32_t i = 0; i < mStreamUpdates.Length(); ++i) {
+      if (mStreamUpdates[i].mStream == aStream) {
+        mStreamUpdates[i].mStream = nullptr;
+      }
+    }
   }
 
   // Ensure that mFirstCycleBreaker and mMixer are updated when necessary.
@@ -1272,7 +1278,8 @@ MediaStreamGraphImpl::PrepareUpdatesToMainThreadState(bool aFinalUpdate)
     mStreamUpdates.SetCapacity(mStreamUpdates.Length() + mStreams.Length());
     for (uint32_t i = 0; i < mStreams.Length(); ++i) {
       MediaStream* stream = mStreams[i];
-      if (!stream->MainThreadNeedsUpdates()) {
+      if (!stream->MainThreadNeedsUpdates() ||
+          !stream->mGraph) { // destroyed on mainthread
         continue;
       }
       StreamUpdate* update = mStreamUpdates.AppendElement();
@@ -1542,8 +1549,9 @@ MediaStreamGraphImpl::ApplyStreamUpdate(StreamUpdate* aUpdate)
   mMonitor.AssertCurrentThreadOwns();
 
   MediaStream* stream = aUpdate->mStream;
-  if (!stream)
+  if (!stream || stream->IsDestroyed()) {
     return;
+  }
   stream->mMainThreadCurrentTime = aUpdate->mNextMainThreadCurrentTime;
   stream->mMainThreadFinished = aUpdate->mNextMainThreadFinished;
 
@@ -2087,7 +2095,14 @@ MediaStream::Destroy()
       graph->RemoveStream(mStream);
     }
     virtual void RunDuringShutdown()
-    { Run(); }
+    {
+      MOZ_ASSERT(NS_IsMainThread());
+      mStream->RemoveAllListenersImpl();
+      auto graph = mStream->GraphImpl();
+      mStream->DestroyImpl();
+      // Don't acquire the lock, this is during shutdown
+      graph->RemoveStream(mStream, false);
+    }
   };
   mWrapper = nullptr;
   GraphImpl()->AppendMessage(new Message(this));
diff --git a/dom/media/MediaStreamGraphImpl.h b/dom/media/MediaStreamGraphImpl.h
index 4bafb1aa791..3366e5686ab 100644
--- a/dom/media/MediaStreamGraphImpl.h
+++ b/dom/media/MediaStreamGraphImpl.h
@@ -441,7 +441,7 @@ public:
    * Remove aStream from the graph. Ensures that pending messages about the
    * stream back to the main thread are flushed.
    */
-  void RemoveStream(MediaStream* aStream);
+  void RemoveStream(MediaStream* aStream, bool aLocked = true);
   /**
    * Remove aPort from the graph and release it.
    */

From ac364f0efa796328bbe3b962642bec4caee7eb48 Mon Sep 17 00:00:00 2001
From: Markus Stange 
Date: Wed, 10 Jun 2015 19:02:30 -0400
Subject: [PATCH 203/297] Bug 1119106 - Stop double-drawing focus rings for
 checkboxes and radio buttons on 10.10. r=smichaud

---
 widget/cocoa/nsNativeThemeCocoa.mm | 40 ++++++++++++++++++++++++------
 1 file changed, 32 insertions(+), 8 deletions(-)

diff --git a/widget/cocoa/nsNativeThemeCocoa.mm b/widget/cocoa/nsNativeThemeCocoa.mm
index ad4df3659e3..adf7f33f738 100644
--- a/widget/cocoa/nsNativeThemeCocoa.mm
+++ b/widget/cocoa/nsNativeThemeCocoa.mm
@@ -90,6 +90,20 @@ extern "C" {
 
 @end
 
+// These two classes don't actually add any behavior over NSButtonCell. Their
+// purpose is to make it easy to distinguish NSCell objects that are used for
+// drawing radio buttons / checkboxes from other cell types.
+// The class names are made up, there are no classes with these names in AppKit.
+// The reason we need them is that calling [cell setButtonType:NSRadioButton]
+// doesn't leave an easy-to-check "marker" on the cell object - there is no
+// -[NSButtonCell buttonType] method.
+@interface RadioButtonCell : NSButtonCell
+@end;
+@implementation RadioButtonCell @end;
+@interface CheckboxCell : NSButtonCell
+@end;
+@implementation CheckboxCell @end;
+
 static void
 DrawFocusRingForCellIfNeeded(NSCell* aCell, NSRect aWithFrame, NSView* aInView)
 {
@@ -120,7 +134,7 @@ DrawFocusRingForCellIfNeeded(NSCell* aCell, NSRect aWithFrame, NSView* aInView)
 }
 
 static bool
-FocusIsDrawnByDrawWithFrame()
+FocusIsDrawnByDrawWithFrame(NSCell* aCell)
 {
 #if defined(MAC_OS_X_VERSION_10_8) && MAC_OS_X_VERSION_MAX_ALLOWED >= MAC_OS_X_VERSION_10_8
   // When building with the 10.8 SDK or higher, focus rings don't draw as part
@@ -130,9 +144,19 @@ FocusIsDrawnByDrawWithFrame()
   // https://developer.apple.com/library/mac/releasenotes/AppKit/RN-AppKitOlderNotes/#X10_8Notes
   return false;
 #else
-  // On 10.10 and up, this is the case even when building against the 10.7 SDK
-  // or lower.
-  return !nsCocoaFeatures::OnYosemiteOrLater();
+  if (!nsCocoaFeatures::OnYosemiteOrLater()) {
+    // When building with the 10.7 SDK or lower, focus rings always draw as
+    // part of -[NSCell drawWithFrame:inView:] if the build is run on 10.9 or
+    // lower.
+    return true;
+  }
+
+  // On 10.10, whether the focus ring is drawn as part of
+  // -[NSCell drawWithFrame:inView:] depends on the cell type.
+  // Radio buttons and checkboxes draw their own focus rings, other cell
+  // types need -[NSCell drawFocusRingMaskWithFrame:inView:].
+  return [aCell isKindOfClass:[RadioButtonCell class]] ||
+         [aCell isKindOfClass:[CheckboxCell class]];
 #endif
 }
 
@@ -141,7 +165,7 @@ DrawCellIncludingFocusRing(NSCell* aCell, NSRect aWithFrame, NSView* aInView)
 {
   [aCell drawWithFrame:aWithFrame inView:aInView];
 
-  if (!FocusIsDrawnByDrawWithFrame()) {
+  if (!FocusIsDrawnByDrawWithFrame(aCell)) {
     DrawFocusRingForCellIfNeeded(aCell, aWithFrame, aInView);
   }
 }
@@ -322,7 +346,7 @@ static BOOL IsToolbarStyleContainer(nsIFrame* aFrame)
 {
   [super drawWithFrame:rect inView:controlView];
 
-  if (FocusIsDrawnByDrawWithFrame()) {
+  if (FocusIsDrawnByDrawWithFrame(self)) {
     DrawFocusRingForCellIfNeeded(self, rect, controlView);
   }
 }
@@ -508,10 +532,10 @@ nsNativeThemeCocoa::nsNativeThemeCocoa()
   [mPushButtonCell setButtonType:NSMomentaryPushInButton];
   [mPushButtonCell setHighlightsBy:NSPushInCellMask];
 
-  mRadioButtonCell = [[NSButtonCell alloc] initTextCell:nil];
+  mRadioButtonCell = [[RadioButtonCell alloc] initTextCell:nil];
   [mRadioButtonCell setButtonType:NSRadioButton];
 
-  mCheckboxCell = [[NSButtonCell alloc] initTextCell:nil];
+  mCheckboxCell = [[CheckboxCell alloc] initTextCell:nil];
   [mCheckboxCell setButtonType:NSSwitchButton];
   [mCheckboxCell setAllowsMixedState:YES];
 

From df7afab285b4f57ff1b79ca9bcd71587d63fd3a6 Mon Sep 17 00:00:00 2001
From: Markus Stange 
Date: Tue, 2 Jun 2015 18:05:17 -0400
Subject: [PATCH 204/297] Bug 1119106 - Increase the maximum focus ring width
 on 10.10 to 7 pixels. r=smichaud

---
 widget/cocoa/nsNativeThemeCocoa.mm | 35 ++++++++++++++++--------------
 1 file changed, 19 insertions(+), 16 deletions(-)

diff --git a/widget/cocoa/nsNativeThemeCocoa.mm b/widget/cocoa/nsNativeThemeCocoa.mm
index adf7f33f738..b96d2433ded 100644
--- a/widget/cocoa/nsNativeThemeCocoa.mm
+++ b/widget/cocoa/nsNativeThemeCocoa.mm
@@ -364,7 +364,8 @@ static BOOL IsToolbarStyleContainer(nsIFrame* aFrame)
 #endif
 
 #define HITHEME_ORIENTATION kHIThemeOrientationNormal
-#define MAX_FOCUS_RING_WIDTH 4
+
+static CGFloat kMaxFocusRingWidth = 0; // initialized by the nsNativeThemeCocoa constructor
 
 // These enums are for indexing into the margin array.
 enum {
@@ -514,6 +515,8 @@ nsNativeThemeCocoa::nsNativeThemeCocoa()
 {
   NS_OBJC_BEGIN_TRY_ABORT_BLOCK;
 
+  kMaxFocusRingWidth = nsCocoaFeatures::OnYosemiteOrLater() ? 7 : 4;
+
   // provide a local autorelease pool, as this is called during startup
   // before the main event-loop pool is in place
   nsAutoreleasePool pool;
@@ -679,14 +682,14 @@ static void DrawCellWithScaling(NSCell *cell,
   else {
     float w = ceil(drawRect.size.width);
     float h = ceil(drawRect.size.height);
-    NSRect tmpRect = NSMakeRect(MAX_FOCUS_RING_WIDTH, MAX_FOCUS_RING_WIDTH, w, h);
+    NSRect tmpRect = NSMakeRect(kMaxFocusRingWidth, kMaxFocusRingWidth, w, h);
 
     // inflate to figure out the frame we need to tell NSCell to draw in, to get something that's 0,0,w,h
     InflateControlRect(&tmpRect, controlSize, marginSet);
 
-    // and then, expand by MAX_FOCUS_RING_WIDTH size to make sure we can capture any focus ring
-    w += MAX_FOCUS_RING_WIDTH * 2.0;
-    h += MAX_FOCUS_RING_WIDTH * 2.0;
+    // and then, expand by kMaxFocusRingWidth size to make sure we can capture any focus ring
+    w += kMaxFocusRingWidth * 2.0;
+    h += kMaxFocusRingWidth * 2.0;
 
     int backingScaleFactor = GetBackingScaleFactorForRendering(cgContext);
     CGColorSpaceRef rgb = CGColorSpaceCreateDeviceRGB();
@@ -724,12 +727,12 @@ static void DrawCellWithScaling(NSCell *cell,
     CGImageRef img = CGBitmapContextCreateImage(ctx);
 
     // Drop the image into the original destination rectangle, scaling to fit
-    // Only scale MAX_FOCUS_RING_WIDTH by xscale/yscale when the resulting rect
+    // Only scale kMaxFocusRingWidth by xscale/yscale when the resulting rect
     // doesn't extend beyond the overflow rect
     float xscale = destRect.size.width / drawRect.size.width;
     float yscale = destRect.size.height / drawRect.size.height;
-    float scaledFocusRingX = xscale < 1.0f ? MAX_FOCUS_RING_WIDTH * xscale : MAX_FOCUS_RING_WIDTH;
-    float scaledFocusRingY = yscale < 1.0f ? MAX_FOCUS_RING_WIDTH * yscale : MAX_FOCUS_RING_WIDTH;
+    float scaledFocusRingX = xscale < 1.0f ? kMaxFocusRingWidth * xscale : kMaxFocusRingWidth;
+    float scaledFocusRingY = yscale < 1.0f ? kMaxFocusRingWidth * yscale : kMaxFocusRingWidth;
     CGContextDrawImage(cgContext, CGRectMake(destRect.origin.x - scaledFocusRingX,
                                              destRect.origin.y - scaledFocusRingY,
                                              destRect.size.width + scaledFocusRingX * 2,
@@ -1282,8 +1285,8 @@ RenderTransformedHIThemeControl(CGContextRef aCGContext, const HIRect& aRect,
     aFunc(aCGContext, drawRect, aData);
   } else {
     // Inflate the buffer to capture focus rings.
-    int w = ceil(drawRect.size.width) + 2 * MAX_FOCUS_RING_WIDTH;
-    int h = ceil(drawRect.size.height) + 2 * MAX_FOCUS_RING_WIDTH;
+    int w = ceil(drawRect.size.width) + 2 * kMaxFocusRingWidth;
+    int h = ceil(drawRect.size.height) + 2 * kMaxFocusRingWidth;
 
     int backingScaleFactor = GetBackingScaleFactorForRendering(aCGContext);
     CGColorSpaceRef colorSpace = CGColorSpaceCreateDeviceRGB();
@@ -1297,7 +1300,7 @@ RenderTransformedHIThemeControl(CGContextRef aCGContext, const HIRect& aRect,
     CGColorSpaceRelease(colorSpace);
 
     CGContextScaleCTM(bitmapctx, backingScaleFactor, backingScaleFactor);
-    CGContextTranslateCTM(bitmapctx, MAX_FOCUS_RING_WIDTH, MAX_FOCUS_RING_WIDTH);
+    CGContextTranslateCTM(bitmapctx, kMaxFocusRingWidth, kMaxFocusRingWidth);
 
     // Set the context's "base transform" to in order to get correctly-sized focus rings.
     CGContextSetBaseCTM(bitmapctx, CGAffineTransformMakeScale(backingScaleFactor, backingScaleFactor));
@@ -1322,7 +1325,7 @@ RenderTransformedHIThemeControl(CGContextRef aCGContext, const HIRect& aRect,
       CGContextScaleCTM(aCGContext, -1.0f, 1.0f);
     }
 
-    HIRect inflatedDrawRect = CGRectMake(-MAX_FOCUS_RING_WIDTH, -MAX_FOCUS_RING_WIDTH, w, h);
+    HIRect inflatedDrawRect = CGRectMake(-kMaxFocusRingWidth, -kMaxFocusRingWidth, w, h);
     CGContextDrawImage(aCGContext, inflatedDrawRect, bitmap);
 
     CGContextSetCTM(aCGContext, ctm);
@@ -3163,10 +3166,10 @@ nsNativeThemeCocoa::GetWidgetOverflow(nsDeviceContext* aContext, nsIFrame* aFram
     {
       // We assume that the above widgets can draw a focus ring that will be less than
       // or equal to 4 pixels thick.
-      nsIntMargin extraSize = nsIntMargin(MAX_FOCUS_RING_WIDTH,
-                                          MAX_FOCUS_RING_WIDTH,
-                                          MAX_FOCUS_RING_WIDTH,
-                                          MAX_FOCUS_RING_WIDTH);
+      nsIntMargin extraSize = nsIntMargin(kMaxFocusRingWidth,
+                                          kMaxFocusRingWidth,
+                                          kMaxFocusRingWidth,
+                                          kMaxFocusRingWidth);
       nsMargin m(NSIntPixelsToAppUnits(extraSize.top, p2a),
                  NSIntPixelsToAppUnits(extraSize.right, p2a),
                  NSIntPixelsToAppUnits(extraSize.bottom, p2a),

From bed9b412523f0ae419569342f96d7fe7360c3014 Mon Sep 17 00:00:00 2001
From: Markus Stange 
Date: Tue, 2 Jun 2015 17:49:57 -0400
Subject: [PATCH 205/297] Bug 1119106 - Increase the radio button rendering
 bottom margin on 10.10 so that the button hits its frame more accurately.
 r=smichaud

---
 widget/cocoa/nsNativeThemeCocoa.mm | 64 ++++++++++++++++++++++++++++--
 1 file changed, 60 insertions(+), 4 deletions(-)

diff --git a/widget/cocoa/nsNativeThemeCocoa.mm b/widget/cocoa/nsNativeThemeCocoa.mm
index b96d2433ded..edb5dfca088 100644
--- a/widget/cocoa/nsNativeThemeCocoa.mm
+++ b/widget/cocoa/nsNativeThemeCocoa.mm
@@ -369,7 +369,8 @@ static CGFloat kMaxFocusRingWidth = 0; // initialized by the nsNativeThemeCocoa
 
 // These enums are for indexing into the margin array.
 enum {
-  leopardOS = 0
+  leopardOS = 0,
+  yosemiteOS = 1
 };
 
 enum {
@@ -418,7 +419,7 @@ static void InflateControlRect(NSRect* rect, NSControlSize cocoaControlSize, con
   if (!marginSet)
     return;
 
-  static int osIndex = leopardOS;
+  static int osIndex = nsCocoaFeatures::OnYosemiteOrLater() ? yosemiteOS : leopardOS;
   size_t controlSize = EnumSizeForCocoaSize(cocoaControlSize);
   const float* buttonMargins = marginSet[osIndex][controlSize];
   rect->origin.x -= buttonMargins[leftMargin];
@@ -763,10 +764,10 @@ struct CellRenderSettings {
   NSSize minimumSizes[3];
 
   // A three-dimensional array,
-  // with the first dimension being the OS version (only Leopard for the moment),
+  // with the first dimension being the OS version ([0] 10.6-10.9, [1] 10.10 and above),
   // the second being the control size (mini, small, regular), and the third
   // being the 4 margin values (left, top, right, bottom).
-  float margins[1][3][4];
+  float margins[2][3][4];
 };
 
 /*
@@ -992,6 +993,11 @@ static const CellRenderSettings radioSettings = {
       {0, 0, 0, 0},     // mini
       {0, 1, 1, 1},     // small
       {0, 0, 0, 0}      // regular
+    },
+    { // Yosemite
+      {0, 0, 0, 0},     // mini
+      {1, 1, 1, 2},     // small
+      {0, 0, 0, 0}      // regular
     }
   }
 };
@@ -1010,6 +1016,11 @@ static const CellRenderSettings checkboxSettings = {
       {0, 1, 0, 0},     // mini
       {0, 1, 0, 1},     // small
       {0, 1, 0, 1}      // regular
+    },
+    { // Yosemite
+      {0, 1, 0, 0},     // mini
+      {0, 1, 0, 1},     // small
+      {0, 1, 0, 1}      // regular
     }
   }
 };
@@ -1063,6 +1074,11 @@ static const CellRenderSettings searchFieldSettings = {
       {0, 0, 0, 0},     // mini
       {0, 0, 0, 0},     // small
       {0, 0, 0, 0}      // regular
+    },
+    { // Yosemite
+      {0, 0, 0, 0},     // mini
+      {0, 0, 0, 0},     // small
+      {0, 0, 0, 0}      // regular
     }
   }
 };
@@ -1173,6 +1189,11 @@ static const CellRenderSettings pushButtonSettings = {
       {0, 0, 0, 0},    // mini
       {4, 0, 4, 1},    // small
       {5, 0, 5, 2}     // regular
+    },
+    { // Yosemite
+      {0, 0, 0, 0},    // mini
+      {4, 0, 4, 1},    // small
+      {5, 0, 5, 2}     // regular
     }
   }
 };
@@ -1441,6 +1462,11 @@ static const CellRenderSettings dropdownSettings = {
       {1, 1, 2, 1},    // mini
       {3, 0, 3, 1},    // small
       {3, 0, 3, 0}     // regular
+    },
+    { // Yosemite
+      {1, 1, 2, 1},    // mini
+      {3, 0, 3, 1},    // small
+      {3, 0, 3, 0}     // regular
     }
   }
 };
@@ -1461,6 +1487,11 @@ static const CellRenderSettings editableMenulistSettings = {
       {0, 0, 2, 2},    // mini
       {0, 0, 3, 2},    // small
       {0, 1, 3, 3}     // regular
+    },
+    { // Yosemite
+      {0, 0, 2, 2},    // mini
+      {0, 0, 3, 2},    // small
+      {0, 1, 3, 3}     // regular
     }
   }
 };
@@ -1505,6 +1536,11 @@ static const CellRenderSettings spinnerSettings = {
       {0, 0, 0, 0},    // mini
       {0, 0, 0, 0},    // small
       {0, 0, 0, 0}     // regular
+    },
+    { // Yosemite
+      {0, 0, 0, 0},    // mini
+      {0, 0, 0, 0},    // small
+      {0, 0, 0, 0}     // regular
     }
   }
 };
@@ -1671,6 +1707,11 @@ static const CellRenderSettings progressSettings[2][2] = {
           {0, 0, 0, 0},     // mini
           {1, 1, 1, 1},     // small
           {1, 0, 1, 0}      // regular
+        },
+        { // Yosemite
+          {0, 0, 0, 0},     // mini
+          {1, 1, 1, 1},     // small
+          {1, 0, 1, 0}      // regular
         }
       }
     }
@@ -1692,6 +1733,11 @@ static const CellRenderSettings progressSettings[2][2] = {
           {0, 0, 0, 0},     // mini
           {1, 1, 1, 1},     // small
           {1, 1, 1, 1}      // regular
+        },
+        { // Yosemite
+          {0, 0, 0, 0},     // mini
+          {1, 1, 1, 1},     // small
+          {1, 1, 1, 1}      // regular
         }
       }
     },
@@ -1710,6 +1756,11 @@ static const CellRenderSettings progressSettings[2][2] = {
           {0, 0, 0, 0},     // mini
           {1, 1, 1, 1},     // small
           {0, 1, 0, 1}      // regular
+        },
+        { // Yosemite
+          {0, 0, 0, 0},     // mini
+          {1, 1, 1, 1},     // small
+          {0, 1, 0, 1}      // regular
         }
       }
     }
@@ -1755,6 +1806,11 @@ static const CellRenderSettings meterSetting = {
       {1, 1, 1, 1},     // mini
       {1, 1, 1, 1},     // small
       {1, 1, 1, 1}      // regular
+    },
+    { // Yosemite
+      {1, 1, 1, 1},     // mini
+      {1, 1, 1, 1},     // small
+      {1, 1, 1, 1}      // regular
     }
   }
 };

From d6bb01d500aeaf92621e2612793f6b8df2d39ae1 Mon Sep 17 00:00:00 2001
From: Markus Stange 
Date: Mon, 8 Jun 2015 16:17:41 -0400
Subject: [PATCH 206/297] Bug 1119106 - Add an explanatory comment. r=smichaud

---
 widget/cocoa/nsNativeThemeCocoa.mm | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/widget/cocoa/nsNativeThemeCocoa.mm b/widget/cocoa/nsNativeThemeCocoa.mm
index edb5dfca088..2698b557b93 100644
--- a/widget/cocoa/nsNativeThemeCocoa.mm
+++ b/widget/cocoa/nsNativeThemeCocoa.mm
@@ -347,6 +347,10 @@ static BOOL IsToolbarStyleContainer(nsIFrame* aFrame)
   [super drawWithFrame:rect inView:controlView];
 
   if (FocusIsDrawnByDrawWithFrame(self)) {
+    // For some reason, -[NSSearchFieldCell drawWithFrame:inView] doesn't draw a
+    // focus ring in 64 bit mode, no matter what SDK is used or what OS X version
+    // we're running on. But if FocusIsDrawnByDrawWithFrame(self), then our
+    // caller expects us to draw a focus ring. So we just do that here.
     DrawFocusRingForCellIfNeeded(self, rect, controlView);
   }
 }

From 199e0c09918c80a95ae39d7af2a5efee78c17bfb Mon Sep 17 00:00:00 2001
From: Markus Stange 
Date: Mon, 8 Jun 2015 16:19:47 -0400
Subject: [PATCH 207/297] Bug 1119106 - Give these enums better names.
 r=smichaud

---
 widget/cocoa/nsNativeThemeCocoa.mm | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/widget/cocoa/nsNativeThemeCocoa.mm b/widget/cocoa/nsNativeThemeCocoa.mm
index 2698b557b93..69e7a02ed08 100644
--- a/widget/cocoa/nsNativeThemeCocoa.mm
+++ b/widget/cocoa/nsNativeThemeCocoa.mm
@@ -373,8 +373,8 @@ static CGFloat kMaxFocusRingWidth = 0; // initialized by the nsNativeThemeCocoa
 
 // These enums are for indexing into the margin array.
 enum {
-  leopardOS = 0,
-  yosemiteOS = 1
+  leopardOSorlater = 0, // 10.6 - 10.9
+  yosemiteOSorlater = 1 // 10.10+
 };
 
 enum {
@@ -423,7 +423,8 @@ static void InflateControlRect(NSRect* rect, NSControlSize cocoaControlSize, con
   if (!marginSet)
     return;
 
-  static int osIndex = nsCocoaFeatures::OnYosemiteOrLater() ? yosemiteOS : leopardOS;
+  static int osIndex = nsCocoaFeatures::OnYosemiteOrLater() ?
+                         yosemiteOSorlater : leopardOSorlater;
   size_t controlSize = EnumSizeForCocoaSize(cocoaControlSize);
   const float* buttonMargins = marginSet[osIndex][controlSize];
   rect->origin.x -= buttonMargins[leftMargin];

From c8056f28c1d36a24725c07b799f8237a1e906fa9 Mon Sep 17 00:00:00 2001
From: Markus Stange 
Date: Wed, 10 Jun 2015 12:54:52 -0400
Subject: [PATCH 208/297] Bug 971811 - Don't prepend an empty existing
 DYLD_INSERT_LIBRARIES path when launching the plugin. r=smichaud

---
 ipc/glue/GeckoChildProcessHost.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ipc/glue/GeckoChildProcessHost.cpp b/ipc/glue/GeckoChildProcessHost.cpp
index f37616bbdf9..00efc418fdc 100644
--- a/ipc/glue/GeckoChildProcessHost.cpp
+++ b/ipc/glue/GeckoChildProcessHost.cpp
@@ -636,7 +636,7 @@ GeckoChildProcessHost::PerformAsyncLaunchInternal(std::vector& aExt
     // been set up by whatever may have launched the browser.
     const char* prevInterpose = PR_GetEnv("DYLD_INSERT_LIBRARIES");
     nsCString interpose;
-    if (prevInterpose) {
+    if (prevInterpose && strlen(prevInterpose) > 0) {
       interpose.Assign(prevInterpose);
       interpose.Append(':');
     }

From a1602b0b0d85a80e2273d2e9b56efee698ad3a7f Mon Sep 17 00:00:00 2001
From: Markus Stange 
Date: Fri, 5 Jun 2015 13:34:54 -0400
Subject: [PATCH 209/297] Bug 1169331 - Always clip rotated buffer quadrant
 drawing to the fill rect. r=jrmuizel

---
 gfx/layers/RotatedBuffer.cpp            | 18 ++++-----
 layout/reftests/bugs/1169331-1-ref.html | 46 +++++++++++++++++++++
 layout/reftests/bugs/1169331-1.html     | 54 +++++++++++++++++++++++++
 layout/reftests/bugs/reftest.list       |  1 +
 4 files changed, 109 insertions(+), 10 deletions(-)
 create mode 100644 layout/reftests/bugs/1169331-1-ref.html
 create mode 100644 layout/reftests/bugs/1169331-1.html

diff --git a/gfx/layers/RotatedBuffer.cpp b/gfx/layers/RotatedBuffer.cpp
index d480f0f9e36..21aadffd49d 100644
--- a/gfx/layers/RotatedBuffer.cpp
+++ b/gfx/layers/RotatedBuffer.cpp
@@ -113,13 +113,13 @@ RotatedBuffer::DrawBufferQuadrant(gfx::DrawTarget* aTarget,
     }
   }
 
-  if (aOperator == CompositionOp::OP_SOURCE) {
-    // OP_SOURCE is unbounded in Azure, and we really don't want that behaviour here.
-    // We also can't do a ClearRect+FillRect since we need the drawing to happen
-    // as an atomic operation (to prevent flickering).
-    aTarget->PushClipRect(gfx::Rect(fillRect.x, fillRect.y,
-                                    fillRect.width, fillRect.height));
-  }
+  // OP_SOURCE is unbounded in Azure, and we really don't want that behaviour here.
+  // We also can't do a ClearRect+FillRect since we need the drawing to happen
+  // as an atomic operation (to prevent flickering).
+  // We also need this clip in the case where we have a mask, since the mask surface
+  // might cover more than fillRect, but we only want to touch the pixels inside
+  // fillRect.
+  aTarget->PushClipRect(gfx::ToRect(fillRect));
 
   if (aMask) {
     Matrix oldTransform = aTarget->GetTransform();
@@ -155,9 +155,7 @@ RotatedBuffer::DrawBufferQuadrant(gfx::DrawTarget* aTarget,
                          DrawOptions(aOpacity, aOperator));
   }
 
-  if (aOperator == CompositionOp::OP_SOURCE) {
-    aTarget->PopClip();
-  }
+  aTarget->PopClip();
 }
 
 void
diff --git a/layout/reftests/bugs/1169331-1-ref.html b/layout/reftests/bugs/1169331-1-ref.html
new file mode 100644
index 00000000000..dce4740c608
--- /dev/null
+++ b/layout/reftests/bugs/1169331-1-ref.html
@@ -0,0 +1,46 @@
+
+
+
+Rotated buffer with mask
+
+
+
+

+
+  

+    

+    

+  

+
+

+
+
+
diff --git a/layout/reftests/bugs/1169331-1.html b/layout/reftests/bugs/1169331-1.html
new file mode 100644
index 00000000000..319091ffbb4
--- /dev/null
+++ b/layout/reftests/bugs/1169331-1.html
@@ -0,0 +1,54 @@
+
+
+
+Rotated buffer with mask
+
+
+
+

+
+  

+    

+    

+  

+
+

+
+
+
diff --git a/layout/reftests/bugs/reftest.list b/layout/reftests/bugs/reftest.list
index 66b104508da..ed3c65f38f3 100644
--- a/layout/reftests/bugs/reftest.list
+++ b/layout/reftests/bugs/reftest.list
@@ -1925,3 +1925,4 @@ skip-if(B2G||Mulet) == 1150021-1.xul 1150021-1-ref.xul
 == 1151306-1.html 1151306-1-ref.html
 == 1153845-1.html 1153845-1-ref.html
 == 1156129-1.html 1156129-1-ref.html
+== 1169331-1.html 1169331-1-ref.html

From f26567f80ebef7ca8167a86d9cd1165eb1f0374f Mon Sep 17 00:00:00 2001
From: Markus Stange 
Date: Thu, 28 May 2015 16:59:00 -0400
Subject: [PATCH 210/297] Bug 1163105 - Make nsReferencedElement work with
 referencing elements that are not in their document's DOM tree. r=roc

---
 dom/base/nsReferencedElement.cpp | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/dom/base/nsReferencedElement.cpp b/dom/base/nsReferencedElement.cpp
index 3cb9fc0150d..f19abb76de2 100644
--- a/dom/base/nsReferencedElement.cpp
+++ b/dom/base/nsReferencedElement.cpp
@@ -47,7 +47,7 @@ nsReferencedElement::Reset(nsIContent* aFromContent, nsIURI* aURI,
     return;
 
   // Get the current document
-  nsIDocument *doc = aFromContent->GetComposedDoc();
+  nsIDocument *doc = aFromContent->OwnerDoc();
   if (!doc)
     return;
 
@@ -124,7 +124,7 @@ void
 nsReferencedElement::ResetWithID(nsIContent* aFromContent, const nsString& aID,
                                  bool aWatch)
 {
-  nsIDocument *doc = aFromContent->GetComposedDoc();
+  nsIDocument *doc = aFromContent->OwnerDoc();
   if (!doc)
     return;
 

From 1585b41398907d5ba7863bf4c5581c27638024f7 Mon Sep 17 00:00:00 2001
From: Markus Stange 
Date: Tue, 9 Jun 2015 18:49:17 -0400
Subject: [PATCH 211/297] Bug 1163105 - Flush frames before building the
 filter. r=roc

---
 dom/canvas/CanvasRenderingContext2D.cpp | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/dom/canvas/CanvasRenderingContext2D.cpp b/dom/canvas/CanvasRenderingContext2D.cpp
index 2ba104e12f4..d5b5c6b1068 100644
--- a/dom/canvas/CanvasRenderingContext2D.cpp
+++ b/dom/canvas/CanvasRenderingContext2D.cpp
@@ -2352,11 +2352,16 @@ private:
 void
 CanvasRenderingContext2D::UpdateFilter()
 {
-  nsIPresShell* presShell = GetPresShell();
+  nsCOMPtr presShell = GetPresShell();
   if (!presShell || presShell->IsDestroying()) {
     return;
   }
 
+  // The filter might reference an SVG filter that is declared inside this
+  // document. Flush frames so that we'll have an nsSVGFilterFrame to work
+  // with.
+  presShell->FlushPendingNotifications(Flush_Frames);
+
   CurrentState().filter =
     nsFilterInstance::GetFilterDescription(mCanvasElement,
       CurrentState().filterChain,

From e079b8ae43a3d1dc6db3b615b97efede0062e4c2 Mon Sep 17 00:00:00 2001
From: Markus Stange 
Date: Thu, 28 May 2015 17:08:13 -0400
Subject: [PATCH 212/297] Bug 1163124 - The initial value of the canvas filter
 property should be "none". r=roc

---
 dom/canvas/CanvasRenderingContext2D.h | 1 +
 1 file changed, 1 insertion(+)

diff --git a/dom/canvas/CanvasRenderingContext2D.h b/dom/canvas/CanvasRenderingContext2D.h
index 41db0c7c195..136addccf0d 100644
--- a/dom/canvas/CanvasRenderingContext2D.h
+++ b/dom/canvas/CanvasRenderingContext2D.h
@@ -884,6 +884,7 @@ protected:
                      fillRule(mozilla::gfx::FillRule::FILL_WINDING),
                      lineCap(mozilla::gfx::CapStyle::BUTT),
                      lineJoin(mozilla::gfx::JoinStyle::MITER_OR_BEVEL),
+                     filterString(MOZ_UTF16("none")),
                      imageSmoothingEnabled(true),
                      fontExplicitLanguage(false)
     { }

From 4701ecfa88db85a6169952eab6ee1a5f9c6af85f Mon Sep 17 00:00:00 2001
From: Tobias Schneider 
Date: Fri, 8 May 2015 12:22:18 -0700
Subject: [PATCH 213/297] Bug 1173544 - Add tests for Canvas CSS/SVG Filters.
 r=mstange

---
 dom/canvas/test/mochitest.ini                 |  1 +
 .../test/reftest/filters/default-color.html   | 16 +++++
 .../filters/drop-shadow-transformed.html      | 17 +++++
 .../test/reftest/filters/drop-shadow.html     | 16 +++++
 .../reftest/filters/global-alpha-ref.html     | 18 ++++++
 .../test/reftest/filters/global-alpha.html    | 17 +++++
 .../global-composite-operation-ref.html       | 26 ++++++++
 .../filters/global-composite-operation.html   | 21 ++++++
 dom/canvas/test/reftest/filters/liveness.html | 18 ++++++
 .../filters/multiple-drop-shadows.html        | 16 +++++
 dom/canvas/test/reftest/filters/ref.html      | 17 +++++
 dom/canvas/test/reftest/filters/reftest.list  | 20 ++++++
 .../test/reftest/filters/shadow-ref.html      | 19 ++++++
 dom/canvas/test/reftest/filters/shadow.html   | 18 ++++++
 .../reftest/filters/subregion-fill-paint.html | 27 ++++++++
 .../test/reftest/filters/subregion-ref.html   | 15 +++++
 .../filters/subregion-stroke-paint.html       | 27 ++++++++
 .../test/reftest/filters/svg-bbox-ref.html    | 15 +++++
 dom/canvas/test/reftest/filters/svg-bbox.html | 27 ++++++++
 .../test/reftest/filters/svg-inline.html      | 30 +++++++++
 .../test/reftest/filters/svg-liveness.html    | 64 +++++++++++++++++++
 .../test/reftest/filters/svg-off-screen.html  | 33 ++++++++++
 dom/canvas/test/reftest/filters/units-em.html | 17 +++++
 dom/canvas/test/reftest/filters/units-ex.html | 17 +++++
 .../reftest/filters/units-off-screen.html     | 21 ++++++
 dom/canvas/test/reftest/filters/units-pt.html | 16 +++++
 dom/canvas/test/reftest/filters/units.html    | 16 +++++
 dom/canvas/test/test_filter.html              | 45 +++++++++++++
 28 files changed, 610 insertions(+)
 create mode 100644 dom/canvas/test/reftest/filters/default-color.html
 create mode 100644 dom/canvas/test/reftest/filters/drop-shadow-transformed.html
 create mode 100644 dom/canvas/test/reftest/filters/drop-shadow.html
 create mode 100644 dom/canvas/test/reftest/filters/global-alpha-ref.html
 create mode 100644 dom/canvas/test/reftest/filters/global-alpha.html
 create mode 100644 dom/canvas/test/reftest/filters/global-composite-operation-ref.html
 create mode 100644 dom/canvas/test/reftest/filters/global-composite-operation.html
 create mode 100644 dom/canvas/test/reftest/filters/liveness.html
 create mode 100644 dom/canvas/test/reftest/filters/multiple-drop-shadows.html
 create mode 100644 dom/canvas/test/reftest/filters/ref.html
 create mode 100644 dom/canvas/test/reftest/filters/reftest.list
 create mode 100644 dom/canvas/test/reftest/filters/shadow-ref.html
 create mode 100644 dom/canvas/test/reftest/filters/shadow.html
 create mode 100644 dom/canvas/test/reftest/filters/subregion-fill-paint.html
 create mode 100644 dom/canvas/test/reftest/filters/subregion-ref.html
 create mode 100644 dom/canvas/test/reftest/filters/subregion-stroke-paint.html
 create mode 100644 dom/canvas/test/reftest/filters/svg-bbox-ref.html
 create mode 100644 dom/canvas/test/reftest/filters/svg-bbox.html
 create mode 100644 dom/canvas/test/reftest/filters/svg-inline.html
 create mode 100644 dom/canvas/test/reftest/filters/svg-liveness.html
 create mode 100644 dom/canvas/test/reftest/filters/svg-off-screen.html
 create mode 100644 dom/canvas/test/reftest/filters/units-em.html
 create mode 100644 dom/canvas/test/reftest/filters/units-ex.html
 create mode 100644 dom/canvas/test/reftest/filters/units-off-screen.html
 create mode 100644 dom/canvas/test/reftest/filters/units-pt.html
 create mode 100644 dom/canvas/test/reftest/filters/units.html
 create mode 100644 dom/canvas/test/test_filter.html

diff --git a/dom/canvas/test/mochitest.ini b/dom/canvas/test/mochitest.ini
index f6e370d5d50..6be7e59f67d 100644
--- a/dom/canvas/test/mochitest.ini
+++ b/dom/canvas/test/mochitest.ini
@@ -249,3 +249,4 @@ skip-if = (buildapp == 'b2g' && toolkit != 'gonk') # bug 1040965
 [test_2d_composite_canvaspattern_setTransform.html]
 [test_createPattern_broken.html]
 [test_setlinedash.html]
+[test_filter.html]
diff --git a/dom/canvas/test/reftest/filters/default-color.html b/dom/canvas/test/reftest/filters/default-color.html
new file mode 100644
index 00000000000..82fb5eda384
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/default-color.html
@@ -0,0 +1,16 @@
+
+
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/drop-shadow-transformed.html b/dom/canvas/test/reftest/filters/drop-shadow-transformed.html
new file mode 100644
index 00000000000..0cf33deea82
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/drop-shadow-transformed.html
@@ -0,0 +1,17 @@
+
+
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/drop-shadow.html b/dom/canvas/test/reftest/filters/drop-shadow.html
new file mode 100644
index 00000000000..6977b7d5e03
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/drop-shadow.html
@@ -0,0 +1,16 @@
+
+
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/global-alpha-ref.html b/dom/canvas/test/reftest/filters/global-alpha-ref.html
new file mode 100644
index 00000000000..2577581401f
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/global-alpha-ref.html
@@ -0,0 +1,18 @@
+
+
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/global-alpha.html b/dom/canvas/test/reftest/filters/global-alpha.html
new file mode 100644
index 00000000000..4676e00605e
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/global-alpha.html
@@ -0,0 +1,17 @@
+
+
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/global-composite-operation-ref.html b/dom/canvas/test/reftest/filters/global-composite-operation-ref.html
new file mode 100644
index 00000000000..cad90893544
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/global-composite-operation-ref.html
@@ -0,0 +1,26 @@
+
+
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/global-composite-operation.html b/dom/canvas/test/reftest/filters/global-composite-operation.html
new file mode 100644
index 00000000000..61a6f206a30
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/global-composite-operation.html
@@ -0,0 +1,21 @@
+
+
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/liveness.html b/dom/canvas/test/reftest/filters/liveness.html
new file mode 100644
index 00000000000..38950517969
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/liveness.html
@@ -0,0 +1,18 @@
+
+
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/multiple-drop-shadows.html b/dom/canvas/test/reftest/filters/multiple-drop-shadows.html
new file mode 100644
index 00000000000..f8d9261c65f
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/multiple-drop-shadows.html
@@ -0,0 +1,16 @@
+
+
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/ref.html b/dom/canvas/test/reftest/filters/ref.html
new file mode 100644
index 00000000000..bb634fe66d4
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/ref.html
@@ -0,0 +1,17 @@
+
+
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/reftest.list b/dom/canvas/test/reftest/filters/reftest.list
new file mode 100644
index 00000000000..9dd1d8c4760
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/reftest.list
@@ -0,0 +1,20 @@
+default-preferences pref(canvas.filters.enabled,true)
+
+== default-color.html ref.html
+== drop-shadow.html ref.html
+== drop-shadow-transformed.html ref.html
+== global-alpha.html global-alpha-ref.html
+== global-composite-operation.html global-composite-operation-ref.html
+== liveness.html ref.html
+== multiple-drop-shadows.html shadow-ref.html
+== shadow.html shadow-ref.html
+== subregion-fill-paint.html subregion-ref.html
+== subregion-stroke-paint.html subregion-ref.html
+== svg-bbox.html svg-bbox-ref.html
+== svg-inline.html ref.html
+== svg-liveness.html ref.html
+== svg-off-screen.html ref.html
+== units.html ref.html
+== units-em.html ref.html
+== units-ex.html ref.html
+== units-off-screen.html ref.html
diff --git a/dom/canvas/test/reftest/filters/shadow-ref.html b/dom/canvas/test/reftest/filters/shadow-ref.html
new file mode 100644
index 00000000000..736c5f94dd8
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/shadow-ref.html
@@ -0,0 +1,19 @@
+
+
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/shadow.html b/dom/canvas/test/reftest/filters/shadow.html
new file mode 100644
index 00000000000..61de33bdc2b
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/shadow.html
@@ -0,0 +1,18 @@
+
+
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/subregion-fill-paint.html b/dom/canvas/test/reftest/filters/subregion-fill-paint.html
new file mode 100644
index 00000000000..854190359f2
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/subregion-fill-paint.html
@@ -0,0 +1,27 @@
+
+
+
+
+  
+    
+      
+        
+        
+      
+    
+  
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/subregion-ref.html b/dom/canvas/test/reftest/filters/subregion-ref.html
new file mode 100644
index 00000000000..97b231b9465
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/subregion-ref.html
@@ -0,0 +1,15 @@
+
+
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/subregion-stroke-paint.html b/dom/canvas/test/reftest/filters/subregion-stroke-paint.html
new file mode 100644
index 00000000000..24ed92a9be1
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/subregion-stroke-paint.html
@@ -0,0 +1,27 @@
+
+
+
+
+  
+    
+      
+        
+        
+      
+    
+  
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/svg-bbox-ref.html b/dom/canvas/test/reftest/filters/svg-bbox-ref.html
new file mode 100644
index 00000000000..323cea948aa
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/svg-bbox-ref.html
@@ -0,0 +1,15 @@
+
+
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/svg-bbox.html b/dom/canvas/test/reftest/filters/svg-bbox.html
new file mode 100644
index 00000000000..f25e26355d8
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/svg-bbox.html
@@ -0,0 +1,27 @@
+
+
+
+
+  
+    
+      
+    
+  
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/svg-inline.html b/dom/canvas/test/reftest/filters/svg-inline.html
new file mode 100644
index 00000000000..f9be99800a3
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/svg-inline.html
@@ -0,0 +1,30 @@
+
+
+
+
+  
+    
+      
+      
+      
+      
+      
+        
+        
+      
+    
+  
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/svg-liveness.html b/dom/canvas/test/reftest/filters/svg-liveness.html
new file mode 100644
index 00000000000..732fe7562f9
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/svg-liveness.html
@@ -0,0 +1,64 @@
+
+
+
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/svg-off-screen.html b/dom/canvas/test/reftest/filters/svg-off-screen.html
new file mode 100644
index 00000000000..1aa22cd9905
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/svg-off-screen.html
@@ -0,0 +1,33 @@
+
+
+
+
+  
+    
+    
+    
+    
+    
+      
+        
+        
+      
+    
+  
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/units-em.html b/dom/canvas/test/reftest/filters/units-em.html
new file mode 100644
index 00000000000..1f280c1b5b8
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/units-em.html
@@ -0,0 +1,17 @@
+
+
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/units-off-screen.html b/dom/canvas/test/reftest/filters/units-off-screen.html
new file mode 100644
index 00000000000..879e575c108
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/units-off-screen.html
@@ -0,0 +1,21 @@
+
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/units-pt.html b/dom/canvas/test/reftest/filters/units-pt.html
new file mode 100644
index 00000000000..74fecb3d818
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/units-pt.html
@@ -0,0 +1,16 @@
+
+
+
+
+
+
+
diff --git a/dom/canvas/test/reftest/filters/units.html b/dom/canvas/test/reftest/filters/units.html
new file mode 100644
index 00000000000..d12abdeb139
--- /dev/null
+++ b/dom/canvas/test/reftest/filters/units.html
@@ -0,0 +1,16 @@
+
+
+
+
+
+
+
diff --git a/dom/canvas/test/test_filter.html b/dom/canvas/test/test_filter.html
new file mode 100644
index 00000000000..f4cac00a4bb
--- /dev/null
+++ b/dom/canvas/test/test_filter.html
@@ -0,0 +1,45 @@
+
+
+
+
+

From cc037549bef7e4f706481cfe36351929adbd897b Mon Sep 17 00:00:00 2001
From: Geoff Brown 
Date: Thu, 11 Jun 2015 09:22:47 -0600
Subject: [PATCH 214/297] Bug 1173180 - Guard against null selectedTab handling
 Viewport:FixedMarginsChanged; r=kats

---
 mobile/android/chrome/content/browser.js | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/mobile/android/chrome/content/browser.js b/mobile/android/chrome/content/browser.js
index 9a3865b9bd4..b7a3bdf6d67 100644
--- a/mobile/android/chrome/content/browser.js
+++ b/mobile/android/chrome/content/browser.js
@@ -1856,7 +1856,9 @@ var BrowserApp = {
 
       case "Viewport:FixedMarginsChanged":
         gViewportMargins = JSON.parse(aData);
-        this.selectedTab.updateViewportSize(gScreenWidth);
+        if (this.selectedTab) {
+          this.selectedTab.updateViewportSize(gScreenWidth);
+        }
         break;
 
       case "nsPref:changed":

From 80854ba6640f9f786a7f1cd6b915f770136df63d Mon Sep 17 00:00:00 2001
From: Geoff Brown 
Date: Thu, 11 Jun 2015 09:22:48 -0600
Subject: [PATCH 215/297] Bug 1173120 - Add timeout parameter to
 devicemanagerADB._runCmd; r=armenzg

---
 .../mozbase/mozdevice/mozdevice/devicemanagerADB.py | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/testing/mozbase/mozdevice/mozdevice/devicemanagerADB.py b/testing/mozbase/mozdevice/mozdevice/devicemanagerADB.py
index dd6fd4037eb..f2f92676fe6 100644
--- a/testing/mozbase/mozdevice/mozdevice/devicemanagerADB.py
+++ b/testing/mozbase/mozdevice/mozdevice/devicemanagerADB.py
@@ -539,9 +539,10 @@ class DeviceManagerADB(DeviceManager):
         self.uninstallApp(appName)
         self.reboot()
 
-    def _runCmd(self, args, retryLimit=None):
+    def _runCmd(self, args, timeout=None, retryLimit=None):
         """
         Runs a command using adb
+        If timeout is specified, the process is killed after  seconds.
 
         returns: instance of ProcessHandler
         """
@@ -555,11 +556,17 @@ class DeviceManagerADB(DeviceManager):
             finalArgs.extend(['-s', self._deviceSerial])
         finalArgs.extend(args)
         self._logger.debug("_runCmd - command: %s" % ' '.join(finalArgs))
+        if not timeout:
+            timeout = self.default_timeout
+
+        def _timeout():
+            self._logger.error("Timeout exceeded for _runCmd call '%s'" % ' '.join(finalArgs))
+
         retries = 0
         while retries < retryLimit:
             proc = ProcessHandler(finalArgs, storeOutput=True,
-                    processOutputLine=self._log)
-            proc.run()
+                    processOutputLine=self._log, onTimeout=_timeout)
+            proc.run(timeout=timeout)
             proc.returncode = proc.wait()
             if proc.returncode == None:
                 proc.kill()

From 0ab322a7fe42241d4181fa98a35030f85d65dc0a Mon Sep 17 00:00:00 2001
From: Gregory Szorc 
Date: Thu, 11 Jun 2015 08:32:02 -0700
Subject: [PATCH 216/297] Bug 1173633 - Print docstrings of mach command
 handlers in help output; r=ahal

`mach help ` currently only displays a brief description of the
command along with its arguments. Sometimes more detailed help text is
needed.

With this commit, the docstrings of mach command handlers will appear in
the output of `mach help ` if they are defined.

I've implemented basic docstrings for the three flavors of mach commands
(normal command, main subcommand, subcommand) to demonstate things work.

My hope is others will start to fill in docstrings once this feature
lands so the output for `mach help` can serve as a better learning guide
for new contributors.
---
 python/mach/mach/base.py                      |  6 ++-
 python/mach/mach/decorators.py                |  4 +-
 python/mach/mach/dispatcher.py                | 49 +++++++++++++++++--
 .../mozbuild/frontend/mach_commands.py        | 11 ++++-
 testing/mach_commands.py                      | 18 +++++++
 5 files changed, 81 insertions(+), 7 deletions(-)

diff --git a/python/mach/mach/base.py b/python/mach/mach/base.py
index b391427f11d..d6c8472c848 100644
--- a/python/mach/mach/base.py
+++ b/python/mach/mach/base.py
@@ -77,6 +77,9 @@ class MethodHandler(object):
         # Description of the purpose of this command.
         'description',
 
+        # Docstring associated with command.
+        'docstring',
+
         # Functions used to 'skip' commands if they don't meet the conditions
         # in a given context.
         'conditions',
@@ -99,7 +102,7 @@ class MethodHandler(object):
     )
 
     def __init__(self, cls, method, name, category=None, description=None,
-        conditions=None, parser=None, arguments=None,
+        docstring=None, conditions=None, parser=None, arguments=None,
         argument_group_names=None, pass_context=False,
         subcommand_handlers=None):
 
@@ -108,6 +111,7 @@ class MethodHandler(object):
         self.name = name
         self.category = category
         self.description = description
+        self.docstring = docstring
         self.conditions = conditions or []
         self.arguments = arguments or []
         self.argument_group_names = argument_group_names or []
diff --git a/python/mach/mach/decorators.py b/python/mach/mach/decorators.py
index c04a4564b26..f94c8074ac0 100644
--- a/python/mach/mach/decorators.py
+++ b/python/mach/mach/decorators.py
@@ -89,7 +89,8 @@ def CommandProvider(cls):
         argument_group_names = getattr(value, '_mach_command_arg_group_names', None)
 
         handler = MethodHandler(cls, attr, command_name, category=category,
-            description=description, conditions=conditions, parser=parser,
+            description=description, docstring=value.__doc__,
+            conditions=conditions, parser=parser,
             arguments=arguments, argument_group_names=argument_group_names,
             pass_context=pass_context)
 
@@ -121,6 +122,7 @@ def CommandProvider(cls):
         argument_group_names = getattr(value, '_mach_command_arg_group_names', None)
 
         handler = MethodHandler(cls, attr, subcommand, description=description,
+            docstring=value.__doc__,
             arguments=arguments, argument_group_names=argument_group_names,
             pass_context=pass_context)
         parent = Registrar.command_handlers[command]
diff --git a/python/mach/mach/dispatcher.py b/python/mach/mach/dispatcher.py
index 03206ea58a9..d5b9bc09458 100644
--- a/python/mach/mach/dispatcher.py
+++ b/python/mach/mach/dispatcher.py
@@ -351,13 +351,19 @@ class CommandAction(argparse.Action):
 
         self._populate_command_group(c_parser, handler, group)
 
-        # This will print the description of the command below the usage.
-        description = handler.description
-        if description:
-            parser.description = description
+        # Set the long help of the command to the docstring (if present) or
+        # the command decorator description argument (if present).
+        if handler.docstring:
+            parser.description = format_docstring(handler.docstring)
+        elif handler.description:
+            parser.description = handler.description
 
         parser.usage = '%(prog)s [global arguments] ' + command + \
             ' [command arguments]'
+
+        # This is needed to preserve line endings in the description field,
+        # which may be populated from a docstring.
+        parser.formatter_class = argparse.RawDescriptionHelpFormatter
         parser.print_help()
         print('')
         c_parser.print_help()
@@ -371,6 +377,11 @@ class CommandAction(argparse.Action):
             group.add_argument(subcommand, help=subhandler.description,
                 action='store_true')
 
+        if handler.docstring:
+            parser.description = format_docstring(handler.docstring)
+
+        parser.formatter_class = argparse.RawDescriptionHelpFormatter
+
         parser.print_help()
 
     def _handle_subcommand_help(self, parser, command, subcommand, handler):
@@ -382,10 +393,40 @@ class CommandAction(argparse.Action):
         group = c_parser.add_argument_group('Sub Command Arguments')
         self._populate_command_group(c_parser, handler, group)
 
+        if handler.docstring:
+            parser.description = format_docstring(handler.docstring)
+
+        parser.formatter_class = argparse.RawDescriptionHelpFormatter
+
         parser.print_help()
         print('')
         c_parser.print_help()
 
+
 class NoUsageFormatter(argparse.HelpFormatter):
     def _format_usage(self, *args, **kwargs):
         return ""
+
+
+def format_docstring(docstring):
+    """Format a raw docstring into something suitable for presentation.
+
+    This function is based on the example function in PEP-0257.
+    """
+    if not docstring:
+        return ''
+    lines = docstring.expandtabs().splitlines()
+    indent = sys.maxint
+    for line in lines[1:]:
+        stripped = line.lstrip()
+        if stripped:
+            indent = min(indent, len(line) - len(stripped))
+    trimmed = [lines[0].strip()]
+    if indent < sys.maxint:
+        for line in lines[1:]:
+            trimmed.append(line[indent:].rstrip())
+    while trimmed and not trimmed[-1]:
+        trimmed.pop()
+    while trimmed and not trimmed[0]:
+        trimmed.pop(0)
+    return '\n'.join(trimmed)
diff --git a/python/mozbuild/mozbuild/frontend/mach_commands.py b/python/mozbuild/mozbuild/frontend/mach_commands.py
index ff498c76c2d..0c5131c1ef4 100644
--- a/python/mozbuild/mozbuild/frontend/mach_commands.py
+++ b/python/mozbuild/mozbuild/frontend/mach_commands.py
@@ -85,7 +85,11 @@ class MozbuildFileCommands(MachCommandBase):
     @Command('file-info', category='build-dev',
              description='Query for metadata about files.')
     def file_info(self):
-        pass
+        """Show files metadata derived from moz.build files.
+
+        moz.build files contain "Files" sub-contexts for declaring metadata
+        against file patterns. This command suite is used to query that data.
+        """
 
     @SubCommand('file-info', 'bugzilla-component',
                 'Show Bugzilla component info for files listed.')
@@ -94,6 +98,11 @@ class MozbuildFileCommands(MachCommandBase):
     @CommandArgument('paths', nargs='+',
                      help='Paths whose data to query')
     def file_info_bugzilla(self, paths, rev=None):
+        """Show Bugzilla component for a set of files.
+
+        Given a requested set of files (which can be specified using
+        wildcards), print the Bugzilla component for each file.
+        """
         components = defaultdict(set)
         try:
             for p, m in self._get_files_info(paths, rev=rev).items():
diff --git a/testing/mach_commands.py b/testing/mach_commands.py
index 1a13f1a5843..3e1bf7ca9f2 100644
--- a/testing/mach_commands.py
+++ b/testing/mach_commands.py
@@ -184,6 +184,24 @@ class Test(MachCommandBase):
     @Command('test', category='testing', description='Run tests (detects the kind of test and runs it).')
     @CommandArgument('what', default=None, nargs='*', help=TEST_HELP)
     def test(self, what):
+        """Run tests from names or paths.
+
+        mach test accepts arguments specifying which tests to run. Each argument
+        can be:
+
+        * The path to a test file
+        * A directory containing tests
+        * A test suite name
+        * An alias to a test suite name (codes used on TreeHerder)
+
+        When paths or directories are given, they are first resolved to test
+        files known to the build system.
+
+        If resolved tests belong to more than one test type/flavor/harness,
+        the harness for each relevant type/flavor will be invoked. e.g. if
+        you specify a directory with xpcshell and browser chrome mochitests,
+        both harnesses will be invoked.
+        """
         from mozbuild.testing import TestResolver
 
         # Parse arguments and assemble a test "plan."

From 0c57a2bf4adca037daba5baca12f3d83ce48c233 Mon Sep 17 00:00:00 2001
From: Brian Hackett 
Date: Thu, 11 Jun 2015 08:38:59 -0700
Subject: [PATCH 217/297] Bug 1172545 - Recover from OOM if Ion compilation is
 skipped due to not being able to allocate a 'this' object, r=jandem.

---
 js/src/jit/Ion.cpp | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/js/src/jit/Ion.cpp b/js/src/jit/Ion.cpp
index 8cb866c8189..93bdab24501 100644
--- a/js/src/jit/Ion.cpp
+++ b/js/src/jit/Ion.cpp
@@ -2429,8 +2429,10 @@ jit::CanEnter(JSContext* cx, RunState& state)
             return Method_CantCompile;
         }
 
-        if (!state.maybeCreateThisForConstructor(cx))
+        if (!state.maybeCreateThisForConstructor(cx)) {
+            cx->recoverFromOutOfMemory();
             return Method_Skipped;
+        }
     }
 
     // If --ion-eager is used, compile with Baseline first, so that we

From 49c7254fe8f4665713aecbc7d82c638b7fb4b189 Mon Sep 17 00:00:00 2001
From: Trevor Saunders 
Date: Tue, 2 Jun 2015 16:30:28 -0400
Subject: [PATCH 218/297] bug 1107337 - support downcasting Accessible to
 OuterDocAccessible r=lsocks, davidb

---
 accessible/generic/Accessible.h           | 4 ++++
 accessible/generic/OuterDocAccessible.cpp | 1 +
 accessible/generic/OuterDocAccessible.h   | 5 +++++
 3 files changed, 10 insertions(+)

diff --git a/accessible/generic/Accessible.h b/accessible/generic/Accessible.h
index 6d9a9cc271a..03e9e7c03de 100644
--- a/accessible/generic/Accessible.h
+++ b/accessible/generic/Accessible.h
@@ -38,6 +38,7 @@ class HTMLLIAccessible;
 class HyperTextAccessible;
 class ImageAccessible;
 class KeyBinding;
+class OuterDocAccessible;
 class ProxyAccessible;
 class Relation;
 class RootAccessible;
@@ -619,6 +620,9 @@ public:
     return mBits.proxy;
   }
 
+  bool IsOuterDoc() const { return mType == eOuterDocType; }
+  OuterDocAccessible* AsOuterDoc();
+
   bool IsProgress() const { return mType == eProgressType; }
 
   bool IsRoot() const { return mType == eRootType; }
diff --git a/accessible/generic/OuterDocAccessible.cpp b/accessible/generic/OuterDocAccessible.cpp
index 3fbbc38e411..f939627bc53 100644
--- a/accessible/generic/OuterDocAccessible.cpp
+++ b/accessible/generic/OuterDocAccessible.cpp
@@ -26,6 +26,7 @@ OuterDocAccessible::
   OuterDocAccessible(nsIContent* aContent, DocAccessible* aDoc) :
   AccessibleWrap(aContent, aDoc)
 {
+  mType = eOuterDocType;
 }
 
 OuterDocAccessible::~OuterDocAccessible()
diff --git a/accessible/generic/OuterDocAccessible.h b/accessible/generic/OuterDocAccessible.h
index 9b07f29f234..972cb681df5 100644
--- a/accessible/generic/OuterDocAccessible.h
+++ b/accessible/generic/OuterDocAccessible.h
@@ -44,6 +44,11 @@ protected:
   virtual void CacheChildren() override;
 };
 
+inline OuterDocAccessible*
+Accessible::AsOuterDoc()
+{
+  return IsOuterDoc() ? static_cast(this) : nullptr;
+}
 } // namespace a11y
 } // namespace mozilla
 

From c2a79478872cd25b2ff7274cf220b1d3509f119c Mon Sep 17 00:00:00 2001
From: Trevor Saunders 
Date: Wed, 3 Jun 2015 13:41:08 -0400
Subject: [PATCH 219/297] bug 1107337 - Add
 OuterDocAccessible::RemoteChildDoc() r=lsocks, davidb

OuterDocAccessibles can be the container for a remote top level document.  We
  sometimes need to get the child for these OuterDocAccessible's which means
  the child is a proxy while the original object was an actual Accessible.
  This means we need to add a different function instead of making ChildAt() do
  the right thing.
---
 accessible/generic/OuterDocAccessible.cpp | 23 +++++++++++++++++++++++
 accessible/generic/OuterDocAccessible.h   |  3 +++
 2 files changed, 26 insertions(+)

diff --git a/accessible/generic/OuterDocAccessible.cpp b/accessible/generic/OuterDocAccessible.cpp
index f939627bc53..a780b96a39f 100644
--- a/accessible/generic/OuterDocAccessible.cpp
+++ b/accessible/generic/OuterDocAccessible.cpp
@@ -8,6 +8,8 @@
 #include "Accessible-inl.h"
 #include "nsAccUtils.h"
 #include "DocAccessible-inl.h"
+#include "mozilla/a11y/DocAccessibleParent.h"
+#include "mozilla/dom/TabParent.h"
 #include "Role.h"
 #include "States.h"
 
@@ -182,3 +184,24 @@ OuterDocAccessible::CacheChildren()
       GetAccService()->GetDocAccessible(innerDoc);
   }
 }
+
+ProxyAccessible*
+OuterDocAccessible::RemoteChildDoc() const
+{
+  dom::TabParent* tab = dom::TabParent::GetFrom(GetContent());
+  if (!tab)
+    return nullptr;
+
+  // XXX Consider managing non top level remote documents with there parent
+  // document.
+  const nsTArray& docs = tab->ManagedPDocAccessibleParent();
+  size_t docCount = docs.Length();
+  for (size_t i = 0; i < docCount; i++) {
+    auto doc = static_cast(docs[i]);
+    if (!doc->ParentDoc())
+      return doc;
+  }
+
+  MOZ_ASSERT(false, "no top level tab document?");
+  return nullptr;
+}
diff --git a/accessible/generic/OuterDocAccessible.h b/accessible/generic/OuterDocAccessible.h
index 972cb681df5..02b45594137 100644
--- a/accessible/generic/OuterDocAccessible.h
+++ b/accessible/generic/OuterDocAccessible.h
@@ -10,6 +10,7 @@
 
 namespace mozilla {
 namespace a11y {
+class ProxyAccessible;
 
 /**
  * Used for , ,