diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-19 00:47:55 +0000 |
| commit | 26a029d407be480d791972afb5975cf62c9360a6 (patch) | |
| tree | f435a8308119effd964b339f76abb83a57c29483 /security/nss/tests/chains/scenarios/ipsec.cfg | |
| parent | Initial commit. (diff) | |
| download | firefox-26a029d407be480d791972afb5975cf62c9360a6.tar.xz firefox-26a029d407be480d791972afb5975cf62c9360a6.zip | |
Adding upstream version 124.0.1.upstream/124.0.1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'security/nss/tests/chains/scenarios/ipsec.cfg')
| -rw-r--r-- | security/nss/tests/chains/scenarios/ipsec.cfg | 149 |
1 files changed, 149 insertions, 0 deletions
diff --git a/security/nss/tests/chains/scenarios/ipsec.cfg b/security/nss/tests/chains/scenarios/ipsec.cfg new file mode 100644 index 0000000000..8c1ef3994d --- /dev/null +++ b/security/nss/tests/chains/scenarios/ipsec.cfg @@ -0,0 +1,149 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +scenario IPsec + +entity Root + type Root + +entity CA1 + type Intermediate + issuer Root + +entity NoKU + type EE + issuer CA1 + +entity DigSig + type EE + issuer CA1 + ku digitalSignature + +entity NonRep + type EE + issuer CA1 + ku nonRepudiation + +entity DigSigNonRepAndExtra + type EE + issuer CA1 + ku digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement + +entity NoMatch + type EE + issuer CA1 + ku keyEncipherment,dataEncipherment,keyAgreement + +entity NonCriticalServerAuthEKU + type EE + issuer CA1 + eku serverAuth + +entity NonIPSECEKU + type EE + issuer CA1 + eku codeSigning + +entity CriticalServerAuthEKU + type EE + issuer CA1 + ku digitalSignature + eku critical,serverAuth + +entity EKUIPsecIKE + type EE + issuer CA1 + ku digitalSignature + eku critical,ipsecIKE + +entity EKUIPsecIKEEnd + type EE + issuer CA1 + ku digitalSignature + eku ipsecIKEEnd + +entity EKUIPsecIKEIntermediate + type EE + issuer CA1 + ku digitalSignature + eku codeSigning,serverAuth,ipsecIKEIntermediate + +entity EKUAny + type EE + issuer CA1 + ku digitalSignature + eku x509Any + +entity EKUEmail + type EE + issuer CA1 + ku digitalSignature + eku emailProtection + +entity EKUIPsecUser + type EE + issuer CA1 + ku digitalSignature + eku ipsecUser + +db All + +import Root::C,, +import CA1:Root: + +verify NoKU:CA1 + usage 12 + result pass + +verify DigSig:CA1 + usage 12 + result pass + +verify NonRep:CA1 + usage 12 + result pass + +verify DigSigNonRepAndExtra:CA1 + usage 12 + result pass + +verify NoMatch:CA1 + usage 12 + result fail + +verify NonIPSECEKU:CA1 + usage 12 + result fail + +verify NonCriticalServerAuthEKU:CA1 + usage 12 + result pass + +verify CriticalServerAuthEKU:CA1 + usage 12 + result pass + +verify EKUIPsecIKE:CA1 + usage 12 + result pass + +verify EKUIPsecIKEEnd:CA1 + usage 12 + result pass + +verify EKUIPsecIKEIntermediate:CA1 + usage 12 + result pass + +verify EKUAny:CA1 + usage 12 + result pass + +verify EKUEmail:CA1 + usage 12 + result pass + +verify EKUIPsecUser:CA1 + usage 12 + result pass |