1 files changed, 399 insertions, 0 deletions

diff --git a/security/nss/tests/chains/scenarios/anypolicywithlevel.cfg b/security/nss/tests/chains/scenarios/anypolicywithlevel.cfg
new file mode 100644
index 0000000000..9dd84a7974
--- /dev/null
+++ b/security/nss/tests/chains/scenarios/anypolicywithlevel.cfg
@@ -0,0 +1,399 @@
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+
+scenario AnyPolicyWithLevel
+
+entity RootCA
+  type Root
+
+entity CA1
+  type Intermediate
+  issuer RootCA
+  policy any
+  inhibit 1
+
+entity CA12
+  type Intermediate
+  issuer CA1
+  policy any
+
+entity CA13
+  type Intermediate
+  issuer CA12
+  policy OID.1.0
+
+entity EE1 
+  type EE
+  issuer CA13
+  policy OID.1.0
+
+entity CA22
+  type Intermediate
+  issuer CA1
+  policy any
+
+entity CA23
+  type Intermediate
+  issuer CA22
+  policy any
+
+entity EE2
+  type EE
+  issuer CA23
+  policy OID.1.0
+
+entity CA32
+  type Intermediate
+  issuer CA1
+  policy any
+  inhibit 1
+
+entity CA33
+  type Intermediate
+  issuer CA32
+  policy any
+
+entity EE3
+  type EE
+  issuer CA33
+  policy OID.1.0
+
+entity CA42
+  type Intermediate
+  issuer CA1
+  policy any
+  policy OID.1.0
+
+entity CA43
+  type Intermediate
+  issuer CA42
+  policy any
+  policy OID.1.0
+
+entity EE4
+  type EE
+  issuer CA43
+  policy OID.1.0
+
+entity CA52
+  type Intermediate
+  issuer CA1
+  policy any
+  policy OID.1.0
+
+entity CA53
+  type Intermediate
+  issuer CA52
+  policy any
+
+entity EE5
+  type EE
+  issuer CA53
+  policy OID.1.0
+
+entity CA61
+  type Intermediate
+  issuer RootCA
+  policy any
+  inhibit 5
+
+entity CA62
+  type Intermediate
+  issuer CA61
+  policy any
+
+entity EE62
+  type EE
+  issuer CA62
+  policy OID.1.0
+
+entity CA63
+  type Intermediate
+  issuer CA62
+  policy any
+
+entity EE63
+  type EE
+  issuer CA63
+  policy OID.1.0
+
+entity CA64
+  type Intermediate
+  issuer CA63
+  policy any
+
+entity EE64
+  type EE
+  issuer CA64
+  policy OID.1.0
+
+entity CA65
+  type Intermediate
+  issuer CA64
+  policy any
+
+entity EE65
+  type EE
+  issuer CA65
+  policy OID.1.0
+
+entity CA66
+  type Intermediate
+  issuer CA65
+  policy any
+
+entity EE66
+  type EE
+  issuer CA66
+  policy OID.1.0
+
+entity CA67
+  type Intermediate
+  issuer CA66
+  policy any
+
+entity EE67
+  type EE
+  issuer CA67
+  policy OID.1.0
+
+db All
+
+verify EE1:CA13
+  cert RootCA:
+  cert CA1:RootCA
+  cert CA12:CA1
+  cert CA13:CA12
+  trust RootCA:
+  policy OID.1.0
+  result pass 
+
+verify EE1:CA13
+  cert RootCA:
+  cert CA1:RootCA
+  cert CA12:CA1
+  cert CA13:CA12
+  trust RootCA:
+  policy OID.2.0
+  result fail
+
+verify EE1:CA13
+  cert RootCA:
+  cert CA1:RootCA
+  cert CA12:CA1
+  cert CA13:CA12
+  trust RootCA:
+  policy OID.2.5.29.32.0
+  result pass
+
+verify EE2:CA23
+  cert RootCA:
+  cert CA1:RootCA
+  cert CA22:CA1
+  cert CA23:CA22
+  trust RootCA:
+  policy OID.1.0
+  result fail
+
+verify EE2:CA23
+  cert RootCA:
+  cert CA1:RootCA
+  cert CA22:CA1
+  cert CA23:CA22
+  trust RootCA:
+  policy OID.2.0
+  result fail
+
+verify EE2:CA23
+  cert RootCA:
+  cert CA1:RootCA
+  cert CA22:CA1
+  cert CA23:CA22
+  trust RootCA:
+  policy OID.2.5.29.32.0
+  result fail
+
+verify EE2:CA23
+  cert RootCA:
+  cert CA1:RootCA
+  cert CA22:CA1
+  cert CA23:CA22
+  trust RootCA:
+  result pass
+
+verify EE3:CA33
+  cert RootCA:
+  cert CA1:RootCA
+  cert CA32:CA1
+  cert CA33:CA32
+  trust RootCA:
+  policy OID.1.0
+  result fail
+
+verify EE3:CA33
+  cert RootCA:
+  cert CA1:RootCA
+  cert CA32:CA1
+  cert CA33:CA32
+  trust RootCA:
+  policy OID.2.0
+  result fail
+
+verify EE3:CA33
+  cert RootCA:
+  cert CA1:RootCA
+  cert CA32:CA1
+  cert CA33:CA32
+  trust RootCA:
+  policy OID.2.5.29.32.0
+  result fail
+
+verify EE3:CA33
+  cert RootCA:
+  cert CA1:RootCA
+  cert CA32:CA1
+  cert CA33:CA32
+  trust RootCA:
+  result pass
+
+verify EE4:CA43
+  cert RootCA:
+  cert CA1:RootCA
+  cert CA42:CA1
+  cert CA43:CA42
+  trust RootCA:
+  policy OID.1.0
+  result pass
+
+verify EE4:CA43
+  cert RootCA:
+  cert CA1:RootCA
+  cert CA42:CA1
+  cert CA43:CA42
+  trust RootCA:
+  policy OID.2.0
+  result fail
+
+verify EE4:CA43
+  cert RootCA:
+  cert CA1:RootCA
+  cert CA42:CA1
+  cert CA43:CA42
+  trust RootCA:
+  policy OID.2.5.29.32.0
+  result pass
+
+verify EE5:CA53
+  cert RootCA:
+  cert CA1:RootCA
+  cert CA52:CA1
+  cert CA53:CA52
+  trust RootCA:
+  policy OID.1.0
+  result fail
+
+verify EE5:CA53
+  cert RootCA:
+  cert CA1:RootCA
+  cert CA52:CA1
+  cert CA53:CA52
+  trust RootCA:
+  policy OID.2.0
+  result fail
+
+verify EE5:CA53
+  cert RootCA:
+  cert CA1:RootCA
+  cert CA52:CA1
+  cert CA53:CA52
+  trust RootCA:
+  policy OID.2.5.29.32.0
+  result fail
+
+verify EE5:CA53
+  cert RootCA:
+  cert CA1:RootCA
+  cert CA52:CA1
+  cert CA53:CA52
+  trust RootCA:
+  result pass
+
+verify EE62:CA62
+  cert RootCA:
+  cert CA61:RootCA
+  cert CA62:CA61
+  cert CA63:CA62
+  cert CA64:CA63
+  cert CA65:CA64
+  cert CA66:CA65
+  cert CA67:CA66
+  trust RootCA:
+  policy OID.1.0
+  result pass
+
+verify EE63:CA63
+  cert RootCA:
+  cert CA61:RootCA
+  cert CA62:CA61
+  cert CA63:CA62
+  cert CA64:CA63
+  cert CA65:CA64
+  cert CA66:CA65
+  cert CA67:CA66
+  trust RootCA:
+  policy OID.1.0
+  result pass
+
+verify EE64:CA64
+  cert RootCA:
+  cert CA61:RootCA
+  cert CA62:CA61
+  cert CA63:CA62
+  cert CA64:CA63
+  cert CA65:CA64
+  cert CA66:CA65
+  cert CA67:CA66
+  trust RootCA:
+  policy OID.1.0
+  result pass
+
+verify EE65:CA65
+  cert RootCA:
+  cert CA61:RootCA
+  cert CA62:CA61
+  cert CA63:CA62
+  cert CA64:CA63
+  cert CA65:CA64
+  cert CA66:CA65
+  cert CA67:CA66
+  trust RootCA:
+  policy OID.1.0
+  result pass
+
+verify EE66:CA66
+  cert RootCA:
+  cert CA61:RootCA
+  cert CA62:CA61
+  cert CA63:CA62
+  cert CA64:CA63
+  cert CA65:CA64
+  cert CA66:CA65
+  cert CA67:CA66
+  trust RootCA:
+  policy OID.1.0
+  result pass
+
+verify EE67:CA67
+  cert RootCA:
+  cert CA61:RootCA
+  cert CA62:CA61
+  cert CA63:CA62
+  cert CA64:CA63
+  cert CA65:CA64
+  cert CA66:CA65
+  cert CA67:CA66
+  trust RootCA:
+  policy OID.1.0
+  result fail
+