summaryrefslogtreecommitdiffstats
path: root/security/nss/tests/chains/scenarios/ipsec.cfg
diff options
context:
space:
mode:
Diffstat (limited to 'security/nss/tests/chains/scenarios/ipsec.cfg')
-rw-r--r--security/nss/tests/chains/scenarios/ipsec.cfg149
1 files changed, 149 insertions, 0 deletions
diff --git a/security/nss/tests/chains/scenarios/ipsec.cfg b/security/nss/tests/chains/scenarios/ipsec.cfg
new file mode 100644
index 0000000000..8c1ef3994d
--- /dev/null
+++ b/security/nss/tests/chains/scenarios/ipsec.cfg
@@ -0,0 +1,149 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+scenario IPsec
+
+entity Root
+ type Root
+
+entity CA1
+ type Intermediate
+ issuer Root
+
+entity NoKU
+ type EE
+ issuer CA1
+
+entity DigSig
+ type EE
+ issuer CA1
+ ku digitalSignature
+
+entity NonRep
+ type EE
+ issuer CA1
+ ku nonRepudiation
+
+entity DigSigNonRepAndExtra
+ type EE
+ issuer CA1
+ ku digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement
+
+entity NoMatch
+ type EE
+ issuer CA1
+ ku keyEncipherment,dataEncipherment,keyAgreement
+
+entity NonCriticalServerAuthEKU
+ type EE
+ issuer CA1
+ eku serverAuth
+
+entity NonIPSECEKU
+ type EE
+ issuer CA1
+ eku codeSigning
+
+entity CriticalServerAuthEKU
+ type EE
+ issuer CA1
+ ku digitalSignature
+ eku critical,serverAuth
+
+entity EKUIPsecIKE
+ type EE
+ issuer CA1
+ ku digitalSignature
+ eku critical,ipsecIKE
+
+entity EKUIPsecIKEEnd
+ type EE
+ issuer CA1
+ ku digitalSignature
+ eku ipsecIKEEnd
+
+entity EKUIPsecIKEIntermediate
+ type EE
+ issuer CA1
+ ku digitalSignature
+ eku codeSigning,serverAuth,ipsecIKEIntermediate
+
+entity EKUAny
+ type EE
+ issuer CA1
+ ku digitalSignature
+ eku x509Any
+
+entity EKUEmail
+ type EE
+ issuer CA1
+ ku digitalSignature
+ eku emailProtection
+
+entity EKUIPsecUser
+ type EE
+ issuer CA1
+ ku digitalSignature
+ eku ipsecUser
+
+db All
+
+import Root::C,,
+import CA1:Root:
+
+verify NoKU:CA1
+ usage 12
+ result pass
+
+verify DigSig:CA1
+ usage 12
+ result pass
+
+verify NonRep:CA1
+ usage 12
+ result pass
+
+verify DigSigNonRepAndExtra:CA1
+ usage 12
+ result pass
+
+verify NoMatch:CA1
+ usage 12
+ result fail
+
+verify NonIPSECEKU:CA1
+ usage 12
+ result fail
+
+verify NonCriticalServerAuthEKU:CA1
+ usage 12
+ result pass
+
+verify CriticalServerAuthEKU:CA1
+ usage 12
+ result pass
+
+verify EKUIPsecIKE:CA1
+ usage 12
+ result pass
+
+verify EKUIPsecIKEEnd:CA1
+ usage 12
+ result pass
+
+verify EKUIPsecIKEIntermediate:CA1
+ usage 12
+ result pass
+
+verify EKUAny:CA1
+ usage 12
+ result pass
+
+verify EKUEmail:CA1
+ usage 12
+ result pass
+
+verify EKUIPsecUser:CA1
+ usage 12
+ result pass
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-22 05:45:49 +0000