sl@0: // sl@0: // Copyright (c) 2009 Nokia Corporation and/or its subsidiary(-ies). sl@0: // All rights reserved. sl@0: // This component and the accompanying materials are made available sl@0: // under the terms of the License "Eclipse Public License v1.0" sl@0: // which accompanies this distribution, and is available sl@0: // at the URL "http://www.eclipse.org/legal/epl-v10.html". sl@0: // sl@0: // Initial Contributors: sl@0: // Nokia Corporation - initial contribution. sl@0: // sl@0: // Contributors: sl@0: // sl@0: // Description: sl@0: // sl@0: //! @file sl@0: //! @SYMTestSuiteName SEC-CERTMAN sl@0: //! @SYMScriptTestEnvironment The script has no specific test environment requirements. sl@0: //! @SYMScriptPurpose Test the published API functions of CPKIXCertChain. sl@0: sl@0: LOAD_SUITE tpkixcert_tefserver sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-DATETIME-0001 sl@0: //! @SYMTestCaseDesc Testing CPKIXCertChain date and time checking behaviour during certificate validation. sl@0: //! @SYMCR 1240 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Call CPKIXCertChain::ValidateL() passing in a validation time where the certificate chain has expired. sl@0: //! 3) Call CPKIXCertChain::SetValidityPeriodCheckFatal() passing in EFalse. sl@0: //! 4) Call CPKIXCertChain::ValidateL() passing in a validation time where the certificate chain has expired. sl@0: //! 5) Call CPKIXCertChain::SetValidityPeriodCheckFatal() passing in ETrue. sl@0: //! 6) Call CPKIXCertChain::ValidateL() passing in a validation time where the certificate chain has expired. sl@0: //! 7) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults Calls 2 and 6 should fail with EDateOutOfRange. Call 4 should pass with EValidatedOK but report the warning EDateOutOfRange through both the old warnings API(CPKIXValidationResult::Warnings()) and the new one(CCertificateWarning::Warnings()). sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose 1) Check that current behaviour has not been altered and we still fail to validate out of date certificate chains. sl@0: //! 2) Check that new behaviour works correctly by allowing a certificate chain with an invalid date to validate successfully when explicitly told to. sl@0: //! 3) Then ensure this has left the system in the correct state to maintain normal behaviour. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-DATETIME-0001 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver DateTimeFatalValidateTest c:\tpkixcert_tef\scripts\validatetests.ini ExpiredDateTime sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-DATETIME-0001 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-DATETIME-0002 sl@0: //! @SYMTestCaseDesc TestingCPKIXCertChain date and time checking behaviour during certificate validation. sl@0: //! @SYMCR 1240 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Call CPKIXCertChain::ValidateL() passing in a validation time where the certificate chain has not yet become valid. sl@0: //! 3) Call CPKIXCertChain::SetValidityPeriodCheckFatal() passing in EFalse. sl@0: //! 4) Call CPKIXCertChain::ValidateL() passing in a validation time where the certificate chain has not yet become valid. sl@0: //! 5) Call CPKIXCertChain::SetValidityPeriodCheckFatal() passing in ETrue. sl@0: //! 6) Call CPKIXCertChain::ValidateL() passing in a validation time where the certificate chain has not yet become valid. sl@0: //! 7) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults Calls 2 and 6 should fail with EDateOutOfRange. Call 4 should pass with EValidatedOK but report the warning EDateOutOfRange through both the old warnings API(CPKIXValidationResult::Warnings()) and the new one(CCertificateWarning::Warnings()). sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose 1) Check that current behaviour has not been altered and we still fail to validate out of date certificate chains. sl@0: //! 2) Check that new behaviour works correctly by allowing a certificate chain with an invalid date to validate successfully when explicitly told to. sl@0: //! 3) Then ensure this has left the system in the correct state to maintain normal behaviour. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-DATETIME-0002 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver DateTimeFatalValidateTest c:\tpkixcert_tef\scripts\validatetests.ini InvalidDateTime sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-DATETIME-0002 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-DATETIME-0003 sl@0: //! @SYMTestCaseDesc TestingCPKIXCertChain date and time checking behaviour during certificate validation. sl@0: //! @SYMCR 1240 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Call CPKIXCertChain::ValidateL() passing in a validation time where the certificate chain is valid. sl@0: //! 3) Call CPKIXCertChain::SetValidityPeriodCheckFatal() passing in EFalse. sl@0: //! 4) Call CPKIXCertChain::ValidateL() passing in a validation time where the certificate chain is valid. sl@0: //! 5) Call CPKIXCertChain::SetValidityPeriodCheckFatal() passing in ETrue. sl@0: //! 6) Call CPKIXCertChain::ValidateL() passing in a validation time where the certificate chain is valid. sl@0: //! 7) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults Calls 2, 4 and 6 should validate successfully with EValidatedOK. sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose 1) Check that current behaviour has not been altered and we still fail to validate out of date certificate chains. sl@0: //! 2) Check that new behaviour works correctly by allowing a certificate chain with an invalid date to validate successfully when explicitly told to. sl@0: //! 3) Then ensure this has left the system in the correct state to maintain normal behaviour. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-DATETIME-0003 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver DateTimeFatalValidateTest c:\tpkixcert_tef\scripts\validatetests.ini ValidDateTime sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-DATETIME-0003 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0001 sl@0: //! @SYMTestCaseDesc Test correct behaviour of customisable supported critical extension processing. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Set the supported OID list to the default OIDs and the new ones through a call to CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ValidateL(). sl@0: //! 4) Ensure all critical extensions encountered are supported and that the certificate and certificate index information in the results match up with the correct certificates. sl@0: //! 5) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults Chain should validate successfully. All critical extensions should be reported through the new certificate warnings API (CCertificateWarning::CriticalExtensionsFound()). sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Test we correctly report the full gamut of possible critical extension patterns we may be expected to deal with in a certificate chain – multiple extensions in one certificate, multiple extensions spanning multiple certificates and the same extension in multiple certificates. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0001 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ValidateCertChain c:\tpkixcert_tef\scripts\validatetests.ini CustomCriticalExts sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ValidateCertChain c:\tpkixcert_tef\scripts\validatetests.ini CustomCriticalExts1 sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0001 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0002 sl@0: //! @SYMTestCaseDesc Test old and new warnings API for consistency and backwards compatibility. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Set the supported OID list to the default OIDs and the new ones through a call to CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ValidateL(). sl@0: //! 4) Compare resultant warnings. sl@0: //! 5) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults Chain should validate successfully. Each of the recognised critical extensions should be reported both as a warning through the old warnings return and through the new API CCertificateWarning::CriticalExtensionsFound(). CCertificateWarning::Warnings() should contain the other warnings found in CPKIXValidationResult::Warnings(). The new returns mechanism should have no additional warnings. sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure backwards compatibility of old style warning reporting and ensure the new warning returns match up with this. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0002 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ValidateCertChain c:\tpkixcert_tef\scripts\validatetests.ini Warnings sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0002 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0003 sl@0: //! @SYMTestCaseDesc Check supported OID list processing resilience. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct certificate chain. sl@0: //! 2) Set the supported OID list to the default OIDs and a new invalid format OID through a call to CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ValidateL(). sl@0: //! 4) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults Chain should validate successfully with EValidatedOK with expected warnings returned. sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Check the code is resilient to badly formed OID data being passed in to the supported OID list. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0003 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ValidateCertChain c:\tpkixcert_tef\scripts\validatetests.ini BadOidValue sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0003 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0004 sl@0: //! @SYMTestCaseDesc Check supported OID list processing resilience. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct certificate chain. sl@0: //! 2) Set the supported OID list to an empty one through a call to CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ValidateL(). sl@0: //! 4) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults Chain should error with EUnrecognizedCriticalExtension (it is necessary for the CA to contain a critical extension). sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Check the code is resilient to an empty supported OID list. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0004 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ValidateCertChain c:\tpkixcert_tef\scripts\validatetests.ini EmptySupportedOidList sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0004 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0005 sl@0: //! @SYMTestCaseDesc Test the Append API for manipulating supported OID list for correct behaviour. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Append a collection of new OIDs through CPKIXCertChain::AddSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ResetSupportedCriticalExtsToDefaultL(). sl@0: //! 4) Append a collection of OIDs already in the supported list through CPKIXCertChain::AddSupportedCriticalExtensionsL(). sl@0: //! 5) Call CPKIXCertChain::ResetSupportedCriticalExtsToDefaultL(). sl@0: //! 6) Append a collection of OIDs with duplicates within the collection. sl@0: //! 7) Call CPKIXCertChain::ResetSupportedCriticalExtsToDefaultL(). sl@0: //! 8) Append an empty collection of OIDs through CPKIXCertChain::AddSupportedCriticalExtensionsL(). sl@0: //! 9) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults Supported OID list should be updated correctly in each case. sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure OIDs are added to the supported list, that the result contains no duplicates and no errors are reported. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0005 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver AddSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini NewOids sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver AddSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini AlreadySupportedOids sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver AddSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini OidsWithDuplicates sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver AddSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini NoOids sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0005 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT_OOM-0005 sl@0: //! @SYMTestCaseDesc Test the Append API for manipulating supported OID list for correct behaviour. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions OOM loop around steps 1 to 9: sl@0: //! 1) Construct the certificate chain. sl@0: //! 2) Append a collection of new OIDs through CPKIXCertChain::AddSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ResetSupportedCriticalExtsToDefaultL(). sl@0: //! 4) Append a collection of OIDs already in the supported list through CPKIXCertChain::AddSupportedCriticalExtensionsL(). sl@0: //! 5) Call CPKIXCertChain::ResetSupportedCriticalExtsToDefaultL(). sl@0: //! 6) Append a collection of OIDs with duplicates within the collection. sl@0: //! 7) Call CPKIXCertChain::ResetSupportedCriticalExtsToDefaultL(). sl@0: //! 8) Append an empty collection of OIDs through CPKIXCertChain::AddSupportedCriticalExtensionsL(). sl@0: //! 9) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults There should be no memory leaks at any stage. sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure OIDs are added to the supported list, that the result contains no duplicates and no errors are reported. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT_OOM-0005 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver AddSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini OomNewOids sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver AddSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini OomAlreadySupportedOids sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver AddSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini OomOidsWithDuplicates sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver AddSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini OomNoOids sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT_OOM-0005 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0006 sl@0: //! @SYMTestCaseDesc Test the Remove API for manipulating supported OID list for correct behaviour. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Remove a collection of OIDs currently supported in the list through CPKIXCertChain::RemoveSupportedCriticalExtensions(). sl@0: //! 3) Call CPKIXCertChain::ResetSupportedCriticalExtsToDefaultL(). sl@0: //! 4) Remove a collection of OIDs not currently supported in the list through CPKIXCertChain::RemoveSupportedCriticalExtensions(). sl@0: //! 5) Call CPKIXCertChain::ResetSupportedCriticalExtsToDefaultL(). sl@0: //! 6) Remove an empty collection of OIDs through CPKIXCertChain::AddSupportedCriticalExtensionsL(). sl@0: //! 7) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults Supported OID list should be updated correctly in each case. sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure OIDs are removed from the supported list and no errors are reported. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0006 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver RemoveSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini NewOids sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver RemoveSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini AlreadySupportedOids sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver RemoveSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini SupportedOidsWithDuplicates sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver RemoveSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini NoOids sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0006 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT_OOM-0006 sl@0: //! @SYMTestCaseDesc Test the Remove API for manipulating supported OID list for correct behaviour. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions OOM loop around steps 1 to 7: sl@0: //! 1) Construct the certificate chain. sl@0: //! 2) Remove a collection of OIDs currently supported in the list through CPKIXCertChain::RemoveSupportedCriticalExtensions(). sl@0: //! 3) Call CPKIXCertChain::ResetSupportedCriticalExtsToDefaultL(). sl@0: //! 4) Remove a collection of OIDs not currently supported in the list through CPKIXCertChain::RemoveSupportedCriticalExtensions(). sl@0: //! 5) Call CPKIXCertChain::ResetSupportedCriticalExtsToDefaultL(). sl@0: //! 6) Remove an empty collection of OIDs through CPKIXCertChain::AddSupportedCriticalExtensionsL(). sl@0: //! 7) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults There should be no memory leaks at any stage. sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure OIDs are removed from the supported list and no errors are reported. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT_OOM-0006 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver RemoveSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini OomNewOids sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver RemoveSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini OomAlreadySupportedOids sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver RemoveSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini OomSupportedOidsWithDuplicates sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver RemoveSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini OomNoOids sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT_OOM-0006 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0007 sl@0: //! @SYMTestCaseDesc Test the Reset API for manipulating supported OID list for correct behaviour. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Call CPKIXCertChain::ResetSupportedCriticalExtsToDefaultL() with an empty supported OID list. sl@0: //! 3) Call CPKIXCertChain::ResetSupportedCriticalExtsToDefaultL() on a non empty, no default (one new OID added and one default OID removed) sl@0: //! supported OID list. sl@0: //! 4) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults Supported OID list should be updated correctly in each case. sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure the supported OID list is reset to the default values correctly. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0007 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ResetSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini NoOids sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ResetSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini OneAddedOneRemoved sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0007 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT_OOM-0007 sl@0: //! @SYMTestCaseDesc Test the Reset API for manipulating supported OID list for correct behaviour. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions OOM loop around steps 1 to 4: sl@0: //! 1) Construct the certificate chain. sl@0: //! 2) Call CPKIXCertChain::ResetSupportedCriticalExtsToDefaultL() with an empty supported OID list. sl@0: //! 3) Call CPKIXCertChain::ResetSupportedCriticalExtsToDefaultL() on a non empty, no default (one new OID added and one default OID removed) sl@0: //! supported OID list. sl@0: //! 4) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults There should be no memory leaks at any stage. sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure the supported OID list is reset to the default values correctly. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT_OOM-0007 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ResetSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini OomNoOids sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ResetSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini OomOneAddedOneRemoved sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT_OOM-0007 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0008 sl@0: //! @SYMTestCaseDesc Test the Set API for manipulating supported OID list for correct behaviour. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Set an empty collection of OIDs through CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ResetSupportedCriticalExtsToDefaultL(). sl@0: //! 4) Set a collection of non empty (one new OID and one default OID removed) collection of OIDs through CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 5) Call CPKIXCertChain::ResetSupportedCriticalExtsToDefaultL(). sl@0: //! 6) Set the same collection of OIDs as is currently supported through CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 7) Call CPKIXCertChain::ResetSupportedCriticalExtsToDefaultL(). sl@0: //! 8) Set a collection of OIDs containing internal duplicates through CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 9) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults Supported OID list should be updated correctly in each case. sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure supported OID list is updated correctly, the result contains no duplicates and no errors are reported. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0008 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver SetSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini NoOids sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver SetSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini OneAddedOneRemoved sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver SetSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini CurrentlySupported sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver SetSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini OidsWithDuplicates sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0008 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT_OOM-0008 sl@0: //! @SYMTestCaseDesc Test the Set API for manipulating supported OID list for correct behaviour. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions OOM loop around steps 1 to 9: sl@0: //! 1) Construct the certificate chain. sl@0: //! 2) Set an empty collection of OIDs through CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ResetSupportedCriticalExtsToDefaultL(). sl@0: //! 4) Set a collection of non empty (one new OID and one default OID removed) collection of OIDs through CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 5) Call CPKIXCertChain::ResetSupportedCriticalExtsToDefaultL(). sl@0: //! 6) Set the same collection of OIDs as is currently supported through CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 7) Call CPKIXCertChain::ResetSupportedCriticalExtsToDefaultL(). sl@0: //! 8) Set a collection of OIDs containing internal duplicates through CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 9) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults There should be no memory leaks at any stage. sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure supported OID list is updated correctly, the result contains no duplicates and no errors are reported. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT_OOM-0008 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver SetSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini OomNoOids sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver SetSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini OomOneAddedOneRemoved sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver SetSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini OomCurrentlySupported sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver SetSupportedOidsTest c:\tpkixcert_tef\scripts\apitests.ini OomOidsWithDuplicates sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT_OOM-0008 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0009 sl@0: //! @SYMTestCaseDesc Test CPKIXCertChain::ValidateL() code fails correctly. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Set the supported OID list to the default OIDs and the new one through a call to CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ValidateL(). The default OID value for KExtendedKeyUsage is not set. sl@0: //! 4) Ensure the correct error value is returned sl@0: //! 5) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults The validation should return with EUnrecognisedCriticalExtension sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure we fail correctly for critical extension OIDs encountered that are outside the specified list that we recognise. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0009 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ValidateCertChain c:\tpkixcert_tef\scripts\validatetests.ini Missing_ExtendedKeyUsage sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0009 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0010 sl@0: //! @SYMTestCaseDesc Test CPKIXCertChain::ValidateL() code fails correctly. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Set the supported OID list to the default OIDs and the new one through a call to CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ValidateL(). The default OID value for KPolicyMapping is not set. sl@0: //! 4) Ensure the correct error value is returned sl@0: //! 5) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults The validation should return with EUnrecognisedCriticalExtension sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure we fail correctly for critical extension OIDs encountered that are outside the specified list that we recognise. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0010 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ValidateCertChain c:\tpkixcert_tef\scripts\validatetests.ini Missing_PolicyMapping sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0010 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0011 sl@0: //! @SYMTestCaseDesc Test CPKIXCertChain::ValidateL() code fails correctly. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Set the supported OID list to the default OIDs and the new one through a call to CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ValidateL(). The default OID value for KDeviceListConstraint is not set. sl@0: //! 4) Ensure the correct error value is returned sl@0: //! 5) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults The validation should return with EUnrecognisedCriticalExtension sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure we fail correctly for critical extension OIDs encountered that are outside the specified list that we recognise. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0011 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ValidateCertChain c:\tpkixcert_tef\scripts\validatetests.ini Missing_DeviceIdListConstraint sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0011 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0012 sl@0: //! @SYMTestCaseDesc Test CPKIXCertChain::ValidateL() code fails correctly. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Set the supported OID list to the default OIDs and the new one through a call to CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ValidateL(). The default OID value for KSidListConstraint is not set. sl@0: //! 4) Ensure the correct error value is returned sl@0: //! 5) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults The validation should return with EUnrecognisedCriticalExtension sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure we fail correctly for critical extension OIDs encountered that are outside the specified list that we recognise. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0012 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ValidateCertChain c:\tpkixcert_tef\scripts\validatetests.ini Missing_SidListConstraint sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0012 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0013 sl@0: //! @SYMTestCaseDesc Test CPKIXCertChain::ValidateL() code fails correctly. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Set the supported OID list to the default OIDs and the new one through a call to CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ValidateL(). The default OID value for KVidListConstraint is not set. sl@0: //! 4) Ensure the correct error value is returned sl@0: //! 5) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults The validation should return with EUnrecognisedCriticalExtension sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure we fail correctly for critical extension OIDs encountered that are outside the specified list that we recognise. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0013 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ValidateCertChain c:\tpkixcert_tef\scripts\validatetests.ini Missing_VidListConstraint sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0013 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0014 sl@0: //! @SYMTestCaseDesc Test CPKIXCertChain::ValidateL() code fails correctly. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Set the supported OID list to the default OIDs and the new one through a call to CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ValidateL(). The default OID value for KCapabilitiesConstraint is not set. sl@0: //! 4) Ensure the correct error value is returned sl@0: //! 5) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults The validation should return with EUnrecognisedCriticalExtension sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure we fail correctly for critical extension OIDs encountered that are outside the specified list that we recognise. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0014 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ValidateCertChain c:\tpkixcert_tef\scripts\validatetests.ini Missing_CapabilitiesConstraint sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0014 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0015 sl@0: //! @SYMTestCaseDesc Test CPKIXCertChain::ValidateL() code fails correctly. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Set the supported OID list to the default OIDs and the new one through a call to CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ValidateL(). The default OID value for KCertPolicies is not set. sl@0: //! 4) Ensure the correct error value is returned sl@0: //! 5) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults The validation should return with EUnrecognisedCriticalExtension sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure we fail correctly for critical extension OIDs encountered that are outside the specified list that we recognise. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0015 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ValidateCertChain c:\tpkixcert_tef\scripts\validatetests.ini Missing_CertPolicies sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0015 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0016 sl@0: //! @SYMTestCaseDesc Test CPKIXCertChain::ValidateL() code fails correctly. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Set the supported OID list to the default OIDs and the new one through a call to CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ValidateL(). The default OID value for KPolicyConstraints is not set. sl@0: //! 4) Ensure the correct error value is returned sl@0: //! 5) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults The validation should return with EUnrecognisedCriticalExtension sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure we fail correctly for critical extension OIDs encountered that are outside the specified list that we recognise. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0016 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ValidateCertChain c:\tpkixcert_tef\scripts\validatetests.ini Missing_PolicyConstraint sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0016 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0017 sl@0: //! @SYMTestCaseDesc Test CPKIXCertChain::ValidateL() code fails correctly. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Set the supported OID list to the default OIDs and the new one through a call to CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ValidateL(). The default OID value for KNameConstraints is not set. sl@0: //! 4) Ensure the correct error value is returned sl@0: //! 5) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults The validation should return with EUnrecognisedCriticalExtension sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure we fail correctly for critical extension OIDs encountered that are outside the specified list that we recognise. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0017 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ValidateCertChain c:\tpkixcert_tef\scripts\validatetests.ini Missing_NameConstraint sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0017 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0018 sl@0: //! @SYMTestCaseDesc Test CPKIXCertChain::ValidateL() code fails correctly. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Set the supported OID list to the default OIDs and the new one through a call to CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ValidateL(). The default OID value for KBasicConstraints is not set. sl@0: //! 4) Ensure the correct error value is returned sl@0: //! 5) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults The validation should return with EUnrecognisedCriticalExtension sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure we fail correctly for critical extension OIDs encountered that are outside the specified list that we recognise. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0018 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ValidateCertChain c:\tpkixcert_tef\scripts\validatetests.ini Missing_BasicConstraint sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0018 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0019 sl@0: //! @SYMTestCaseDesc Test CPKIXCertChain::ValidateL() code fails correctly. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Set the supported OID list to the default OIDs and the new one through a call to CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ValidateL(). The default OID value for KKeyUsage is not set. sl@0: //! 4) Ensure the correct error value is returned sl@0: //! 5) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults The validation should return with EUnrecognisedCriticalExtension sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure we fail correctly for critical extension OIDs encountered that are outside the specified list that we recognise. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0019 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ValidateCertChain c:\tpkixcert_tef\scripts\validatetests.ini Missing_KeyUsage sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0019 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0020 sl@0: //! @SYMTestCaseDesc Test CPKIXCertChain::ValidateL() code fails correctly. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Set the supported OID list to the default OIDs and the new one through a call to CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ValidateL(). The default OID value for KSubjectAltName is not set. sl@0: //! 4) Ensure the correct error value is returned sl@0: //! 5) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults The validation should return with EUnrecognisedCriticalExtension sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure we fail correctly for critical extension OIDs encountered that are outside the specified list that we recognise. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0020 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ValidateCertChain c:\tpkixcert_tef\scripts\validatetests.ini Missing_SubjectAltName sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0020 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0021 sl@0: //! @SYMTestCaseDesc Test CPKIXCertChain::ValidateL() code fails correctly. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Set the supported OID list to the default OIDs and the new one through a call to CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ValidateL(). The default OID value for KInhibitAnyPolicy is not set. sl@0: //! 4) Ensure the correct error value is returned sl@0: //! 5) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults The validation should return with EUnrecognisedCriticalExtension sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure we fail correctly for critical extension OIDs encountered that are outside the specified list that we recognise. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0021 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ValidateCertChain c:\tpkixcert_tef\scripts\validatetests.ini Missing_InhibitAnyPolicy sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0021 sl@0: sl@0: sl@0: //! @SYMTestCaseID SEC-CERTMAN-PKIXCERT-CRITEXT-0022 sl@0: //! @SYMTestCaseDesc Test CPKIXCertChain::ValidateL() code fails correctly. sl@0: //! @SYMCR 1399 sl@0: //! @SYMTestPriority Critical sl@0: //! @SYMTestActions 1) Construct the certificate chain. sl@0: //! 2) Set the supported OID list to the default OIDs and the new one through a call to CPKIXCertChain::SetSupportedCriticalExtensionsL(). sl@0: //! 3) Call CPKIXCertChain::ValidateL(). The default OID value for KTestOid is not set. sl@0: //! 4) Ensure the correct error value is returned sl@0: //! 5) Cleanup the certificate chain and utility classes. sl@0: //! @SYMTestExpectedResults The validation should return with EUnrecognisedCriticalExtension sl@0: //! @SYMTestType CIT sl@0: //! @SYMTestPurpose Ensure we fail correctly for critical extension OIDs encountered that are outside the specified list that we recognise. sl@0: START_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0022 sl@0: RUN_TEST_STEP 100 tpkixcert_tefserver ValidateCertChain c:\tpkixcert_tef\scripts\validatetests.ini Missing_TestOid sl@0: END_TESTCASE SEC-CERTMAN-PKIXCERT-CRITEXT-0022