]> git.saurik.com Git - apple/security.git/blob - SecurityTests/clxutils/certcrl/testSubjects/crossSigned/crossSigned.scr
Security-57336.1.9.tar.gz
[apple/security.git] / SecurityTests / clxutils / certcrl / testSubjects / crossSigned / crossSigned.scr
1 #
2 # Test for cross-signed cert detect, Radar 4566041
3 # WARNING this results in a hang when running with a Security.framework in which
4 # 4566041 is not fixed.
5 #
6 globals
7 allowUnverified = true
8 crlNetFetchEnable = false
9 certNetFetchEnable = false
10 useSystemAnchors = false
11 end
12
13 test = "Plain in-memory cross signed detect"
14 cert = SOA1-SOA2.pem
15 cert = SOA2-SOA1.pem
16 # specify verify time so this test will always be valid
17 verifyTime = 20060601000000
18 leafCertIsCA = true
19 error = CSSMERR_TP_NOT_TRUSTED
20 # verify we got both certs - IS_IN_INPUT_CERTS
21 certstatus = 1:0x4
22 end
23
24 test = "verify with DB containing one cert"
25 cert = SOA2-SOA1.pem
26 certDb = crossSigned1.db
27 # specify verify time so this test will always be valid
28 verifyTime = 20060601000000
29 leafCertIsCA = true
30 error = CSSMERR_TP_NOT_TRUSTED
31 # verify we got both certs
32 certstatus = 1:0
33 end
34
35 test = "verify with DB containing both certs"
36 cert = SOA2-SOA1.pem
37 certDb = crossSignedBoth.db
38 # specify verify time so this test will always be valid
39 verifyTime = 20060601000000
40 leafCertIsCA = true
41 error = CSSMERR_TP_NOT_TRUSTED
42 # verify we got both certs
43 certstatus = 1:0
44 end