• Home
  • History
  • Annotate
  • Line#
  • Navigate
  • Raw
  • Download
  • only in /macosx-10.10/Security-57031.1.35/SecurityTests/clxutils/certcrl/testSubjects/CodePkgSigning/
1#
2# Test Code Signing and Package Signing policies.
3# This used to be called the Code Signing POlicy; it was renamed on 8/15/06.
4#
5globals
6allowUnverified = true
7crlNetFetchEnable = false
8certNetFetchEnable = false
9useSystemAnchors = false
10end
11
12### policy = CSSMOID_APPLE_TP_CODE_SIGNING ###
13
14test = "Apple Code Signing success"
15cert = CodeSignLeaf.cer
16root = CodeSignRoot.cer
17policy = codeSign
18end
19
20test = "Apple Code Signing, no EKU, expect fail"
21cert = NoEKULeaf.cer
22root = CodeSignRoot.cer
23policy = codeSign
24error = CSSMERR_APPLETP_INVALID_EXTENDED_KEY_USAGE
25end
26
27test = "Apple Code Signing, wrong EKU, expect fail"
28cert = BadCodeSignLeaf.cer
29root = CodeSignRoot.cer
30policy = codeSign
31error = CSSMERR_APPLETP_INVALID_EXTENDED_KEY_USAGE
32end
33
34### policy = CSSMOID_APPLE_TP_PACKAGE_SIGNING ###
35
36test = "Package Signing success"
37cert = CodeSignLeaf.cer
38root = CodeSignRoot.cer
39policy = pkgSign
40end
41
42test = "Package Signing, no EKU, expect fail"
43cert = NoEKULeaf.cer
44root = CodeSignRoot.cer
45policy = pkgSign
46error = CSSMERR_APPLETP_INVALID_EXTENDED_KEY_USAGE
47end
48
49test = "Package Signing, wrong EKU, expect fail"
50cert = BadCodeSignLeaf.cer
51root = CodeSignRoot.cer
52policy = pkgSign
53error = CSSMERR_APPLETP_INVALID_EXTENDED_KEY_USAGE
54end
55