[apple/security.git] / SecurityTests / clxutils / certcrl / testSubjects / expiredAppleCA / one.scr

#
# test handling of expired Apple development CA certs, Radar 3622125.
#

globals
allowUnverified = true
crlNetFetchEnable = false
certNetFetchEnable = false
useSystemAnchors = false
end

#
# Original Dev CA expires Sep 7, 2007
# New Dev CA expires Dec 31, 2008
# leaf cert expires Oct 13, 2006
#
# After initial sanity checks, we evaluate at a time after the 
# original CA expired and before the new CA expires; we assume
# that the leaf is expired in all cases. 
#

test = "No CA input certs, both CAs in DlDb"
cert = dmitchtread.cer
root = AppleDevRoot.pem
certDb = appleDevCAs.keychain
verifyTime = 20071201000000
error = CSSMERR_TP_CERT_EXPIRED
# leaf expired
# IS_IN_INPUT_CERTS | EXPIRED
certstatus = 0:0x05
# !IS_IN_INPUT_CERTS, !EXPIRED
certstatus = 1:0x0
# IS_IN_ANCHORS  IS_ROOT
certstatus = 2:0x18
end
Commit	Line	Data
d8f41ccd A	1	#
	2	# test handling of expired Apple development CA certs, Radar 3622125.
	3	#
	4
	5	globals
	6	allowUnverified = true
	7	crlNetFetchEnable = false
	8	certNetFetchEnable = false
	9	useSystemAnchors = false
	10	end
	11
	12	#
	13	# Original Dev CA expires Sep 7, 2007
	14	# New Dev CA expires Dec 31, 2008
	15	# leaf cert expires Oct 13, 2006
	16	#
	17	# After initial sanity checks, we evaluate at a time after the
	18	# original CA expired and before the new CA expires; we assume
	19	# that the leaf is expired in all cases.
	20	#
	21
	22	test = "No CA input certs, both CAs in DlDb"
	23	cert = dmitchtread.cer
	24	root = AppleDevRoot.pem
	25	certDb = appleDevCAs.keychain
	26	verifyTime = 20071201000000
	27	error = CSSMERR_TP_CERT_EXPIRED
	28	# leaf expired
	29	# IS_IN_INPUT_CERTS \| EXPIRED
	30	certstatus = 0:0x05
	31	# !IS_IN_INPUT_CERTS, !EXPIRED
	32	certstatus = 1:0x0
	33	# IS_IN_ANCHORS IS_ROOT
	34	certstatus = 2:0x18
	35	end