RetroZilla/security/nss/tests/chains/scenarios/bridgewithpolicyextensionandmapping.cfg

# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.

scenario BridgeWithPolicyExtensionAndMapping

entity Army
  type Root

entity Navy
  type Root

entity CAArmy
  type Intermediate
  issuer Army
    policy OID.1.0
    policy OID.1.1

entity CANavy
  type Intermediate
  issuer Navy
    policy OID.2.0
    policy OID.2.1

entity Bridge
  type Bridge
  issuer CAArmy
    policy OID.1.0
    policy OID.1.1
    mapping OID.1.1:OID.2.1
  issuer CANavy
    policy OID.2.0
    policy OID.2.1
    mapping OID.2.1:OID.1.1

entity CA1
  type Intermediate
  issuer Bridge
    policy OID.1.1
    policy OID.2.1

entity CA2
  type Intermediate
  issuer Bridge
    policy OID.1.0
    policy OID.2.0

entity EE1
  type EE
  issuer CA1
    policy OID.2.1

entity EE2
  type EE
  issuer CA2
    policy OID.2.0

testdb

verify EE1:CA1
  cert CA1:Bridge
  cert Bridge:CAArmy
  cert CAArmy:Army
  trust Army:
  policy OID.1.0
  result fail

verify EE1:CA1
  cert CA1:Bridge
  cert Bridge:CAArmy
  cert CAArmy:Army
  trust Army:
  policy OID.1.1
  result pass

verify EE1:CA1
  cert CA1:Bridge
  cert Bridge:CAArmy
  cert CAArmy:Army
  trust Army:
  policy OID.2.0
  result fail

verify EE1:CA1
  cert CA1:Bridge
  cert Bridge:CAArmy
  cert CAArmy:Army
  trust Army:
  policy OID.2.1
  result fail

verify EE1:CA1
  cert CA1:Bridge
  cert Bridge:CANavy
  cert CANavy:Navy
  trust Navy:
  policy OID.1.0
  result fail

verify EE1:CA1
  cert CA1:Bridge
  cert Bridge:CANavy
  cert CANavy:Navy
  trust Navy:
  policy OID.1.1
  result fail

verify EE1:CA1
  cert CA1:Bridge
  cert Bridge:CANavy
  cert CANavy:Navy
  trust Navy:
  policy OID.2.0
  result fail

verify EE1:CA1
  cert CA1:Bridge
  cert Bridge:CANavy
  cert CANavy:Navy
  trust Navy:
  policy OID.2.1
  result fail

verify EE2:CA2
  cert CA2:Bridge
  cert Bridge:CANavy
  cert CANavy:Navy
  trust Navy:
  policy OID.1.0
  result fail

verify EE2:CA2
  cert CA2:Bridge
  cert Bridge:CANavy
  cert CANavy:Navy
  trust Navy:
  policy OID.1.1
  result fail

verify EE2:CA2
  cert CA2:Bridge
  cert Bridge:CANavy
  cert CANavy:Navy
  trust Navy:
  policy OID.2.0
  result pass

verify EE2:CA2
  cert CA2:Bridge
  cert Bridge:CANavy
  cert CANavy:Navy
  trust Navy:
  policy OID.2.1
  result fail

verify EE2:CA2
  cert CA2:Bridge
  cert Bridge:CAArmy
  cert CAArmy:Army
  trust Army:
  policy OID.1.0
  result fail

verify EE2:CA2
  cert CA2:Bridge
  cert Bridge:CAArmy
  cert CAArmy:Army
  trust Army:
  policy OID.1.1
  result fail

verify EE2:CA2
  cert CA2:Bridge
  cert Bridge:CAArmy
  cert CAArmy:Army
  trust Army:
  policy OID.2.0
  result fail

verify EE2:CA2
  cert CA2:Bridge
  cert Bridge:CAArmy
  cert CAArmy:Army
  trust Army:
  policy OID.2.1
  result fail
NSS: update to 3.15.5 2018-05-04 16:08:28 +02:00			`# This Source Code Form is subject to the terms of the Mozilla Public`
			`# License, v. 2.0. If a copy of the MPL was not distributed with this`
			`# file, You can obtain one at http://mozilla.org/MPL/2.0/.`

first commit 2015-10-21 05:03:22 +02:00			`scenario BridgeWithPolicyExtensionAndMapping`

			`entity Army`
			`type Root`

			`entity Navy`
			`type Root`

			`entity CAArmy`
			`type Intermediate`
			`issuer Army`
			`policy OID.1.0`
			`policy OID.1.1`

			`entity CANavy`
			`type Intermediate`
			`issuer Navy`
			`policy OID.2.0`
			`policy OID.2.1`

			`entity Bridge`
			`type Bridge`
			`issuer CAArmy`
			`policy OID.1.0`
			`policy OID.1.1`
			`mapping OID.1.1:OID.2.1`
			`issuer CANavy`
			`policy OID.2.0`
			`policy OID.2.1`
			`mapping OID.2.1:OID.1.1`

			`entity CA1`
			`type Intermediate`
			`issuer Bridge`
			`policy OID.1.1`
			`policy OID.2.1`

			`entity CA2`
			`type Intermediate`
			`issuer Bridge`
			`policy OID.1.0`
			`policy OID.2.0`

			`entity EE1`
			`type EE`
			`issuer CA1`
			`policy OID.2.1`

			`entity EE2`
			`type EE`
			`issuer CA2`
			`policy OID.2.0`

			`testdb`

			`verify EE1:CA1`
			`cert CA1:Bridge`
			`cert Bridge:CAArmy`
			`cert CAArmy:Army`
			`trust Army:`
			`policy OID.1.0`
			`result fail`

			`verify EE1:CA1`
			`cert CA1:Bridge`
			`cert Bridge:CAArmy`
			`cert CAArmy:Army`
			`trust Army:`
			`policy OID.1.1`
			`result pass`

			`verify EE1:CA1`
			`cert CA1:Bridge`
			`cert Bridge:CAArmy`
			`cert CAArmy:Army`
			`trust Army:`
			`policy OID.2.0`
			`result fail`

			`verify EE1:CA1`
			`cert CA1:Bridge`
			`cert Bridge:CAArmy`
			`cert CAArmy:Army`
			`trust Army:`
			`policy OID.2.1`
			`result fail`

			`verify EE1:CA1`
			`cert CA1:Bridge`
			`cert Bridge:CANavy`
			`cert CANavy:Navy`
			`trust Navy:`
			`policy OID.1.0`
			`result fail`

			`verify EE1:CA1`
			`cert CA1:Bridge`
			`cert Bridge:CANavy`
			`cert CANavy:Navy`
			`trust Navy:`
			`policy OID.1.1`
			`result fail`

			`verify EE1:CA1`
			`cert CA1:Bridge`
			`cert Bridge:CANavy`
			`cert CANavy:Navy`
			`trust Navy:`
			`policy OID.2.0`
			`result fail`

			`verify EE1:CA1`
			`cert CA1:Bridge`
			`cert Bridge:CANavy`
			`cert CANavy:Navy`
			`trust Navy:`
			`policy OID.2.1`
			`result fail`

			`verify EE2:CA2`
			`cert CA2:Bridge`
			`cert Bridge:CANavy`
			`cert CANavy:Navy`
			`trust Navy:`
			`policy OID.1.0`
			`result fail`

			`verify EE2:CA2`
			`cert CA2:Bridge`
			`cert Bridge:CANavy`
			`cert CANavy:Navy`
			`trust Navy:`
			`policy OID.1.1`
			`result fail`

			`verify EE2:CA2`
			`cert CA2:Bridge`
			`cert Bridge:CANavy`
			`cert CANavy:Navy`
			`trust Navy:`
			`policy OID.2.0`
			`result pass`

			`verify EE2:CA2`
			`cert CA2:Bridge`
			`cert Bridge:CANavy`
			`cert CANavy:Navy`
			`trust Navy:`
			`policy OID.2.1`
			`result fail`

			`verify EE2:CA2`
			`cert CA2:Bridge`
			`cert Bridge:CAArmy`
			`cert CAArmy:Army`
			`trust Army:`
			`policy OID.1.0`
			`result fail`

			`verify EE2:CA2`
			`cert CA2:Bridge`
			`cert Bridge:CAArmy`
			`cert CAArmy:Army`
			`trust Army:`
			`policy OID.1.1`
			`result fail`

			`verify EE2:CA2`
			`cert CA2:Bridge`
			`cert Bridge:CAArmy`
			`cert CAArmy:Army`
			`trust Army:`
			`policy OID.2.0`
			`result fail`

			`verify EE2:CA2`
			`cert CA2:Bridge`
			`cert Bridge:CAArmy`
			`cert CAArmy:Army`
			`trust Army:`
			`policy OID.2.1`
			`result fail`