diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 01:47:29 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 01:47:29 +0000 |
commit | 0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d (patch) | |
tree | a31f07c9bcca9d56ce61e9a1ffd30ef350d513aa /security/nss/tests/chains/scenarios/ipsec.cfg | |
parent | Initial commit. (diff) | |
download | firefox-esr-0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d.tar.xz firefox-esr-0ebf5bdf043a27fd3dfb7f92e0cb63d88954c44d.zip |
Adding upstream version 115.8.0esr.upstream/115.8.0esr
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'security/nss/tests/chains/scenarios/ipsec.cfg')
-rw-r--r-- | security/nss/tests/chains/scenarios/ipsec.cfg | 149 |
1 files changed, 149 insertions, 0 deletions
diff --git a/security/nss/tests/chains/scenarios/ipsec.cfg b/security/nss/tests/chains/scenarios/ipsec.cfg new file mode 100644 index 0000000000..8c1ef3994d --- /dev/null +++ b/security/nss/tests/chains/scenarios/ipsec.cfg @@ -0,0 +1,149 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +scenario IPsec + +entity Root + type Root + +entity CA1 + type Intermediate + issuer Root + +entity NoKU + type EE + issuer CA1 + +entity DigSig + type EE + issuer CA1 + ku digitalSignature + +entity NonRep + type EE + issuer CA1 + ku nonRepudiation + +entity DigSigNonRepAndExtra + type EE + issuer CA1 + ku digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement + +entity NoMatch + type EE + issuer CA1 + ku keyEncipherment,dataEncipherment,keyAgreement + +entity NonCriticalServerAuthEKU + type EE + issuer CA1 + eku serverAuth + +entity NonIPSECEKU + type EE + issuer CA1 + eku codeSigning + +entity CriticalServerAuthEKU + type EE + issuer CA1 + ku digitalSignature + eku critical,serverAuth + +entity EKUIPsecIKE + type EE + issuer CA1 + ku digitalSignature + eku critical,ipsecIKE + +entity EKUIPsecIKEEnd + type EE + issuer CA1 + ku digitalSignature + eku ipsecIKEEnd + +entity EKUIPsecIKEIntermediate + type EE + issuer CA1 + ku digitalSignature + eku codeSigning,serverAuth,ipsecIKEIntermediate + +entity EKUAny + type EE + issuer CA1 + ku digitalSignature + eku x509Any + +entity EKUEmail + type EE + issuer CA1 + ku digitalSignature + eku emailProtection + +entity EKUIPsecUser + type EE + issuer CA1 + ku digitalSignature + eku ipsecUser + +db All + +import Root::C,, +import CA1:Root: + +verify NoKU:CA1 + usage 12 + result pass + +verify DigSig:CA1 + usage 12 + result pass + +verify NonRep:CA1 + usage 12 + result pass + +verify DigSigNonRepAndExtra:CA1 + usage 12 + result pass + +verify NoMatch:CA1 + usage 12 + result fail + +verify NonIPSECEKU:CA1 + usage 12 + result fail + +verify NonCriticalServerAuthEKU:CA1 + usage 12 + result pass + +verify CriticalServerAuthEKU:CA1 + usage 12 + result pass + +verify EKUIPsecIKE:CA1 + usage 12 + result pass + +verify EKUIPsecIKEEnd:CA1 + usage 12 + result pass + +verify EKUIPsecIKEIntermediate:CA1 + usage 12 + result pass + +verify EKUAny:CA1 + usage 12 + result pass + +verify EKUEmail:CA1 + usage 12 + result pass + +verify EKUIPsecUser:CA1 + usage 12 + result pass |