mirror of
https://gitlab.winehq.org/wine/wine-gecko.git
synced 2024-09-13 09:24:08 -07:00
4453811aee
--HG-- rename : security/nss/lib/freebl/sechash.h => security/nss/lib/cryptohi/sechash.h rename : security/nss/lib/softoken/secmodt.h => security/nss/lib/pk11wrap/secmodt.h rename : security/nss/lib/freebl/hasht.h => security/nss/lib/util/hasht.h extra : rebase_source : 7da6cd73ca2605a261085ad7fb3b90315e38ad6b
178 lines
3.0 KiB
INI
178 lines
3.0 KiB
INI
# This Source Code Form is subject to the terms of the Mozilla Public
|
|
# License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
scenario OCSP
|
|
|
|
check_ocsp OCSPEE11:x
|
|
|
|
db OCSPRoot
|
|
import OCSPRoot:x:CT,C,C
|
|
|
|
db OCSPCA1
|
|
import_key OCSPCA1
|
|
|
|
crl OCSPCA1
|
|
|
|
revoke OCSPCA1
|
|
serial 3
|
|
|
|
revoke OCSPCA1
|
|
serial 4
|
|
|
|
testdb OCSPRoot
|
|
|
|
#EE - OK, CA - OK
|
|
verify OCSPEE11:x
|
|
cert OCSPCA1:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_flags requireFreshInfo
|
|
rev_mtype ocsp
|
|
result pass
|
|
|
|
#EE - revoked, CA - OK
|
|
verify OCSPEE12:x
|
|
cert OCSPCA1:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_flags requireFreshInfo
|
|
rev_mtype ocsp
|
|
result fail
|
|
|
|
#EE - unknown
|
|
verify OCSPEE15:x
|
|
cert OCSPCA1:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_mtype ocsp
|
|
result pass
|
|
|
|
#EE - unknown, requireFreshInfo
|
|
verify OCSPEE15:x
|
|
cert OCSPCA1:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_flags requireFreshInfo
|
|
rev_mtype ocsp
|
|
result fail
|
|
|
|
#EE - OK, CA - revoked, leaf, no fresh info
|
|
verify OCSPEE21:x
|
|
cert OCSPCA2:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_mtype ocsp
|
|
result pass
|
|
|
|
#EE - OK, CA - revoked, leaf, requireFreshInfo
|
|
verify OCSPEE21:x
|
|
cert OCSPCA2:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_flags requireFreshInfo
|
|
rev_mtype ocsp
|
|
result fail
|
|
|
|
#EE - OK, CA - revoked, chain, requireFreshInfo
|
|
verify OCSPEE21:x
|
|
cert OCSPCA2:x
|
|
trust OCSPRoot
|
|
rev_type chain
|
|
rev_flags requireFreshInfo
|
|
rev_mtype ocsp
|
|
result fail
|
|
|
|
#EE - OK, CA - unknown
|
|
verify OCSPEE31:x
|
|
cert OCSPCA3:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_mtype ocsp
|
|
result pass
|
|
|
|
#EE - OK, CA - unknown, requireFreshInfo
|
|
verify OCSPEE31:x
|
|
cert OCSPCA3:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_flags requireFreshInfo
|
|
rev_mtype ocsp
|
|
result fail
|
|
|
|
#EE - revoked, doNotUse
|
|
verify OCSPEE12:x
|
|
cert OCSPCA1:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_mtype ocsp
|
|
rev_mflags doNotUse
|
|
result pass
|
|
|
|
#EE - revoked, forbidFetching
|
|
verify OCSPEE12:x
|
|
cert OCSPCA1:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_mtype ocsp
|
|
rev_mflags forbidFetching
|
|
result pass
|
|
|
|
#EE - unknown status, failIfNoInfo
|
|
verify OCSPEE15:x
|
|
cert OCSPCA1:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_mtype ocsp
|
|
rev_mflags failIfNoInfo
|
|
result fail
|
|
|
|
#EE - OK, CA - revoked, leaf, failIfNoInfo
|
|
verify OCSPEE21:x
|
|
cert OCSPCA2:x
|
|
trust OCSPRoot
|
|
rev_type leaf
|
|
rev_mtype ocsp
|
|
rev_mflags failIfNoInfo
|
|
result fail
|
|
|
|
testdb OCSPCA1
|
|
|
|
#EE - OK on OCSP, revoked locally - should fail ??
|
|
# two things about this test: crl is not imported into the db and
|
|
# cert 13 is not revoked by crl.
|
|
verify OCSPEE13:x
|
|
cert OCSPCA1:x
|
|
trust OCSPCA1
|
|
rev_type leaf
|
|
rev_flags testLocalInfoFirst
|
|
rev_mtype ocsp
|
|
result pass
|
|
|
|
db OCSPRoot1
|
|
import OCSPRoot:x:CT,C,C
|
|
|
|
verify OCSPEE23:x
|
|
cert OCSPCA2:x
|
|
trust OCSPRoot
|
|
rev_type chain
|
|
rev_mtype ocsp
|
|
rev_type leaf
|
|
rev_mtype ocsp
|
|
result fail
|
|
|
|
db OCSPRoot2
|
|
import OCSPRoot:x:T,,
|
|
|
|
# bug 527438
|
|
# expected result of this test is FAIL
|
|
verify OCSPEE23:x
|
|
cert OCSPCA2:x
|
|
trust OCSPRoot
|
|
rev_type chain
|
|
rev_mtype ocsp
|
|
rev_type leaf
|
|
rev_mtype ocsp
|
|
result pass
|
|
|