Source code

Revision control

Copy as Markdown

Other Tools

# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
scenario IPsec
entity Root
type Root
entity CA1
type Intermediate
issuer Root
entity NoKU
type EE
issuer CA1
entity DigSig
type EE
issuer CA1
ku digitalSignature
entity NonRep
type EE
issuer CA1
ku nonRepudiation
entity DigSigNonRepAndExtra
type EE
issuer CA1
ku digitalSignature,nonRepudiation,keyEncipherment,dataEncipherment,keyAgreement
entity NoMatch
type EE
issuer CA1
ku keyEncipherment,dataEncipherment,keyAgreement
entity NonCriticalServerAuthEKU
type EE
issuer CA1
eku serverAuth
entity NonIPSECEKU
type EE
issuer CA1
eku codeSigning
entity CriticalServerAuthEKU
type EE
issuer CA1
ku digitalSignature
eku critical,serverAuth
entity EKUIPsecIKE
type EE
issuer CA1
ku digitalSignature
eku critical,ipsecIKE
entity EKUIPsecIKEEnd
type EE
issuer CA1
ku digitalSignature
eku ipsecIKEEnd
entity EKUIPsecIKEIntermediate
type EE
issuer CA1
ku digitalSignature
eku codeSigning,serverAuth,ipsecIKEIntermediate
entity EKUAny
type EE
issuer CA1
ku digitalSignature
eku x509Any
entity EKUEmail
type EE
issuer CA1
ku digitalSignature
eku emailProtection
entity EKUIPsecUser
type EE
issuer CA1
ku digitalSignature
eku ipsecUser
db All
import Root::C,,
import CA1:Root:
verify NoKU:CA1
usage 12
result pass
verify DigSig:CA1
usage 12
result pass
verify NonRep:CA1
usage 12
result pass
verify DigSigNonRepAndExtra:CA1
usage 12
result pass
verify NoMatch:CA1
usage 12
result fail
verify NonIPSECEKU:CA1
usage 12
result fail
verify NonCriticalServerAuthEKU:CA1
usage 12
result pass
verify CriticalServerAuthEKU:CA1
usage 12
result pass
verify EKUIPsecIKE:CA1
usage 12
result pass
verify EKUIPsecIKEEnd:CA1
usage 12
result pass
verify EKUIPsecIKEIntermediate:CA1
usage 12
result pass
verify EKUAny:CA1
usage 12
result pass
verify EKUEmail:CA1
usage 12
result pass
verify EKUIPsecUser:CA1
usage 12
result pass