SecurityTests/clxutils/certcrl/testSubjects/AppleCerts/AppleCerts.scr

   1 #
   2 # test Apple certs. Requires the root to be trusted somehow (it's not explicitly passed to
   3 # the verifier here). .
   4 #
   5 globals
   6 allowUnverified = true
   7 crlNetFetchEnable = false
   8 certNetFetchEnable = false
   9 useSystemAnchors = true
  10 useTrustSettings = true
  11 end
  12 #
  13 test = Development
  14 cert = AppleDevelopment.pem
  15 cert = AppleSWUPDATE.pem
  16 policy = swuSign
  17 error = CSSMERR_APPLETP_CODE_SIGN_DEVELOPMENT
  18 certerror=0:CSSMERR_APPLETP_CODE_SIGN_DEVELOPMENT
  19 end
  20 #
  21 #
  22 test = "Software Update"
  23 cert = AppleSoftUpdate.pem
  24 cert = AppleSWUPDATE.pem
  25 policy = swuSign
  26 end
  27 #
  28 test = "test the intermediate CA, wrong cert chain length"
  29 cert = AppleSWUPDATE.pem
  30 policy = swuSign
  31 error = CSSMERR_APPLETP_CS_BAD_CERT_CHAIN_LENGTH
  32 end
  33 #
  34