scenario OCSP

db OCSPRoot
import OCSPRoot:x:CT,C,C

db OCSPCA1
import_key OCSPCA1

crl OCSPCA1

revoke OCSPCA1
  serial 3

revoke OCSPCA1
  serial 4 

testdb OCSPRoot

#EE - OK, CA - OK
verify OCSPEE11:x
  cert OCSPCA1:x
  trust OCSPRoot
  rev_type leaf
  rev_mtype ocsp
  result pass

#EE - revoked, CA - OK
verify OCSPEE12:x
  cert OCSPCA1:x
  trust OCSPRoot
  rev_type leaf
  rev_mtype ocsp
  result fail

#EE - unknown 
verify OCSPEE15:x
  cert OCSPCA1:x
  trust OCSPRoot
  rev_type leaf
  rev_mtype ocsp
  result pass

#EE - unknown, requireFreshInfo
verify OCSPEE15:x
  cert OCSPCA1:x
  trust OCSPRoot
  rev_type leaf
  rev_flags requireFreshInfo
  rev_mtype ocsp
  result fail

#EE - OK, CA - revoked, leaf
verify OCSPEE21:x
  cert OCSPCA2:x
  trust OCSPRoot
  rev_type leaf
  rev_mtype ocsp
  result pass

#EE - OK, CA - revoked, chain
verify OCSPEE21:x
  cert OCSPCA2:x
  trust OCSPRoot
  rev_type chain
  rev_flags requireFreshInfo
  rev_mtype ocsp
  result fail

#EE - OK, CA - unknown
verify OCSPEE31:x
  cert OCSPCA3:x
  trust OCSPRoot
  rev_type leaf
  rev_mtype ocsp
  result pass

#EE - OK, CA - unknown, requireFreshInfo
verify OCSPEE31:x
  cert OCSPCA3:x
  trust OCSPRoot
  rev_type leaf
  rev_flags requireFreshInfo
  rev_mtype ocsp
  result fail

#EE - revoked, doNotUse
verify OCSPEE12:x
  cert OCSPCA1:x
  trust OCSPRoot
  rev_type leaf
  rev_mtype ocsp
  rev_mflags doNotUse
  result pass

#EE - revoked, forbidFetching
verify OCSPEE12:x
  cert OCSPCA1:x
  trust OCSPRoot
  rev_type leaf
  rev_mtype ocsp
  rev_mflags forbidFetching
  result pass

#EE - unknown status, failIfNoInfo
verify OCSPEE15:x
  cert OCSPCA1:x
  trust OCSPRoot
  rev_type leaf
  rev_mtype ocsp
  rev_mflags failIfNoInfo
  result fail

testdb OCSPCA1

#EE - OK on OCSP, revoked locally - should fail ??
# two things about this test: crl is not imported into the db and
# cert 13 is not revoked by crl.
verify OCSPEE13:x
  cert OCSPCA1:x
  trust OCSPCA1
  rev_type leaf
  rev_flags testLocalInfoFirst
  rev_mtype ocsp
  result pass