pkixcheck_CheckExtendedKeyUsage_tests.cpp (79495B)
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ 2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */ 3 /* This code is made available to you under your choice of the following sets 4 * of licensing terms: 5 */ 6 /* This Source Code Form is subject to the terms of the Mozilla Public 7 * License, v. 2.0. If a copy of the MPL was not distributed with this 8 * file, You can obtain one at http://mozilla.org/MPL/2.0/. 9 */ 10 /* Copyright 2016 Mozilla Contributors 11 * 12 * Licensed under the Apache License, Version 2.0 (the "License"); 13 * you may not use this file except in compliance with the License. 14 * You may obtain a copy of the License at 15 * 16 * http://www.apache.org/licenses/LICENSE-2.0 17 * 18 * Unless required by applicable law or agreed to in writing, software 19 * distributed under the License is distributed on an "AS IS" BASIS, 20 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 21 * See the License for the specific language governing permissions and 22 * limitations under the License. 23 */ 24 25 #include "pkixgtest.h" 26 27 #include "mozpkix/pkixder.h" 28 #include "mozpkix/pkixutil.h" 29 30 using namespace mozilla::pkix; 31 using namespace mozilla::pkix::test; 32 33 namespace mozilla { namespace pkix { 34 35 extern Result CheckExtendedKeyUsage(EndEntityOrCA endEntityOrCA, 36 const Input* encodedExtendedKeyUsage, 37 KeyPurposeId requiredEKU); 38 39 } } // namespace mozilla::pkix 40 41 class pkixcheck_CheckExtendedKeyUsage : public ::testing::Test 42 { 43 }; 44 45 #define ASSERT_BAD(x) ASSERT_EQ(Result::ERROR_INADEQUATE_CERT_TYPE, x) 46 47 // tlv_id_kp_OCSPSigning and tlv_id_kp_serverAuth are defined in pkixtestutil.h 48 49 // tlv_id_kp_clientAuth, tlv_id_kp_codeSigning, tlv_id_kp_documentSigning and 50 // tlv_id_kp_documentSigningAdobe are defined in pkixgtest.h 51 52 // python DottedOIDToCode.py --tlv id_kp_emailProtection 1.3.6.1.5.5.7.3.4 53 static const uint8_t tlv_id_kp_emailProtection[] = { 54 0x06, 0x08, 0x2b, 0x06, 0x01, 0x05, 0x05, 0x07, 0x03, 0x04 55 }; 56 57 // python DottedOIDToCode.py --tlv id-Netscape-stepUp 2.16.840.1.113730.4.1 58 static const uint8_t tlv_id_Netscape_stepUp[] = { 59 0x06, 0x09, 0x60, 0x86, 0x48, 0x01, 0x86, 0xf8, 0x42, 0x04, 0x01 60 }; 61 62 // python DottedOIDToCode.py --tlv unknownOID 1.3.6.1.4.1.13769.666.666.666.1.500.9.3 63 static const uint8_t tlv_unknownOID[] = { 64 0x06, 0x12, 0x2b, 0x06, 0x01, 0x04, 0x01, 0xeb, 0x49, 0x85, 0x1a, 0x85, 0x1a, 65 0x85, 0x1a, 0x01, 0x83, 0x74, 0x09, 0x03 66 }; 67 68 // python DottedOIDToCode.py --tlv anyExtendedKeyUsage 2.5.29.37.0 69 static const uint8_t tlv_anyExtendedKeyUsage[] = { 70 0x06, 0x04, 0x55, 0x1d, 0x25, 0x00 71 }; 72 73 TEST_F(pkixcheck_CheckExtendedKeyUsage, none) 74 { 75 // The input Input is nullptr. This means the cert had no extended key usage 76 // extension. This is always valid except for when the certificate is an 77 // end-entity and the required usage is id-kp-OCSPSigning. 78 79 ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeEndEntity, 80 nullptr, 81 KeyPurposeId::anyExtendedKeyUsage)); 82 ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeCA, nullptr, 83 KeyPurposeId::anyExtendedKeyUsage)); 84 ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeEndEntity, 85 nullptr, 86 KeyPurposeId::id_kp_serverAuth)); 87 ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeCA, nullptr, 88 KeyPurposeId::id_kp_serverAuth)); 89 ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeEndEntity, 90 nullptr, 91 KeyPurposeId::id_kp_clientAuth)); 92 ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeCA, nullptr, 93 KeyPurposeId::id_kp_clientAuth)); 94 ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeEndEntity, 95 nullptr, 96 KeyPurposeId::id_kp_codeSigning)); 97 ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeCA, nullptr, 98 KeyPurposeId::id_kp_codeSigning)); 99 ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeEndEntity, 100 nullptr, 101 KeyPurposeId::id_kp_emailProtection)); 102 ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeCA, nullptr, 103 KeyPurposeId::id_kp_emailProtection)); 104 ASSERT_BAD(CheckExtendedKeyUsage(EndEntityOrCA::MustBeEndEntity, nullptr, 105 KeyPurposeId::id_kp_OCSPSigning)); 106 ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeCA, nullptr, 107 KeyPurposeId::id_kp_OCSPSigning)); 108 ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeEndEntity, 109 nullptr, 110 KeyPurposeId::id_kp_documentSigning)); 111 ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeCA, nullptr, 112 KeyPurposeId::id_kp_documentSigning)); 113 ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeEndEntity, 114 nullptr, 115 KeyPurposeId::id_kp_documentSigningAdobe)); 116 ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeCA, nullptr, 117 KeyPurposeId::id_kp_documentSigningAdobe)); 118 ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeEndEntity, 119 nullptr, 120 KeyPurposeId::id_kp_documentSigningMicrosoft)); 121 ASSERT_EQ(Success, CheckExtendedKeyUsage(EndEntityOrCA::MustBeCA, nullptr, 122 KeyPurposeId::id_kp_documentSigningMicrosoft)); 123 } 124 125 static const Input empty_null; 126 127 TEST_F(pkixcheck_CheckExtendedKeyUsage, empty) 128 { 129 // The input Input is empty. The cert has an empty extended key usage 130 // extension, which is syntactically invalid. 131 ASSERT_BAD(CheckExtendedKeyUsage(EndEntityOrCA::MustBeEndEntity, &empty_null, 132 KeyPurposeId::id_kp_serverAuth)); 133 ASSERT_BAD(CheckExtendedKeyUsage(EndEntityOrCA::MustBeCA, &empty_null, 134 KeyPurposeId::id_kp_serverAuth)); 135 136 static const uint8_t dummy = 0x00; 137 Input empty_nonnull; 138 ASSERT_EQ(Success, empty_nonnull.Init(&dummy, 0)); 139 ASSERT_BAD(CheckExtendedKeyUsage(EndEntityOrCA::MustBeEndEntity, &empty_nonnull, 140 KeyPurposeId::id_kp_serverAuth)); 141 ASSERT_BAD(CheckExtendedKeyUsage(EndEntityOrCA::MustBeCA, &empty_nonnull, 142 KeyPurposeId::id_kp_serverAuth)); 143 } 144 145 struct EKUTestcase 146 { 147 ByteString ekuSEQUENCE; 148 KeyPurposeId keyPurposeId; 149 Result expectedResultEndEntity; 150 Result expectedResultCA; 151 }; 152 153 ::std::ostream& operator<<(::std::ostream& os, const EKUTestcase&) 154 { 155 return os << "TODO (bug 1318770)"; 156 } 157 158 class CheckExtendedKeyUsageTest 159 : public ::testing::Test 160 , public ::testing::WithParamInterface<EKUTestcase> 161 { 162 }; 163 164 TEST_P(CheckExtendedKeyUsageTest, EKUTestcase) 165 { 166 const EKUTestcase& param(GetParam()); 167 Input encodedEKU; 168 ASSERT_EQ(Success, encodedEKU.Init(param.ekuSEQUENCE.data(), 169 param.ekuSEQUENCE.length())); 170 ASSERT_EQ(param.expectedResultEndEntity, 171 CheckExtendedKeyUsage(EndEntityOrCA::MustBeEndEntity, &encodedEKU, 172 param.keyPurposeId)); 173 ASSERT_EQ(param.expectedResultCA, 174 CheckExtendedKeyUsage(EndEntityOrCA::MustBeCA, &encodedEKU, 175 param.keyPurposeId)); 176 } 177 178 #define SINGLE_EKU_SUCCESS(oidBytes, keyPurposeId) \ 179 { TLV(der::SEQUENCE, BytesToByteString(oidBytes)), keyPurposeId, \ 180 Success, Success } 181 #define SINGLE_EKU_SUCCESS_CA(oidBytes, keyPurposeId) \ 182 { TLV(der::SEQUENCE, BytesToByteString(oidBytes)), keyPurposeId, \ 183 Result::ERROR_INADEQUATE_CERT_TYPE, Success } 184 #define SINGLE_EKU_FAILURE(oidBytes, keyPurposeId) \ 185 { TLV(der::SEQUENCE, BytesToByteString(oidBytes)), keyPurposeId, \ 186 Result::ERROR_INADEQUATE_CERT_TYPE, Result::ERROR_INADEQUATE_CERT_TYPE } 187 #define DOUBLE_EKU_SUCCESS(oidBytes1, oidBytes2, keyPurposeId) \ 188 { TLV(der::SEQUENCE, \ 189 BytesToByteString(oidBytes1) + BytesToByteString(oidBytes2)), \ 190 keyPurposeId, \ 191 Success, Success } 192 #define DOUBLE_EKU_SUCCESS_CA(oidBytes1, oidBytes2, keyPurposeId) \ 193 { TLV(der::SEQUENCE, \ 194 BytesToByteString(oidBytes1) + BytesToByteString(oidBytes2)), \ 195 keyPurposeId, \ 196 Result::ERROR_INADEQUATE_CERT_TYPE, Success } 197 #define DOUBLE_EKU_FAILURE(oidBytes1, oidBytes2, keyPurposeId) \ 198 { TLV(der::SEQUENCE, \ 199 BytesToByteString(oidBytes1) + BytesToByteString(oidBytes2)), \ 200 keyPurposeId, \ 201 Result::ERROR_INADEQUATE_CERT_TYPE, Result::ERROR_INADEQUATE_CERT_TYPE } 202 203 static const EKUTestcase EKU_TESTCASES[] = 204 { 205 SINGLE_EKU_SUCCESS(tlv_id_kp_serverAuth, KeyPurposeId::anyExtendedKeyUsage), 206 SINGLE_EKU_SUCCESS(tlv_id_kp_serverAuth, KeyPurposeId::id_kp_serverAuth), 207 SINGLE_EKU_FAILURE(tlv_id_kp_serverAuth, KeyPurposeId::id_kp_clientAuth), 208 SINGLE_EKU_FAILURE(tlv_id_kp_serverAuth, KeyPurposeId::id_kp_codeSigning), 209 SINGLE_EKU_FAILURE(tlv_id_kp_serverAuth, KeyPurposeId::id_kp_emailProtection), 210 SINGLE_EKU_FAILURE(tlv_id_kp_serverAuth, KeyPurposeId::id_kp_OCSPSigning), 211 SINGLE_EKU_FAILURE(tlv_id_kp_serverAuth, KeyPurposeId::id_kp_documentSigning), 212 SINGLE_EKU_FAILURE(tlv_id_kp_serverAuth, KeyPurposeId::id_kp_documentSigningAdobe), 213 SINGLE_EKU_FAILURE(tlv_id_kp_serverAuth, KeyPurposeId::id_kp_documentSigningMicrosoft), 214 215 SINGLE_EKU_SUCCESS(tlv_id_kp_clientAuth, KeyPurposeId::anyExtendedKeyUsage), 216 SINGLE_EKU_FAILURE(tlv_id_kp_clientAuth, KeyPurposeId::id_kp_serverAuth), 217 SINGLE_EKU_SUCCESS(tlv_id_kp_clientAuth, KeyPurposeId::id_kp_clientAuth), 218 SINGLE_EKU_FAILURE(tlv_id_kp_clientAuth, KeyPurposeId::id_kp_codeSigning), 219 SINGLE_EKU_FAILURE(tlv_id_kp_clientAuth, KeyPurposeId::id_kp_emailProtection), 220 SINGLE_EKU_FAILURE(tlv_id_kp_clientAuth, KeyPurposeId::id_kp_OCSPSigning), 221 SINGLE_EKU_FAILURE(tlv_id_kp_clientAuth, KeyPurposeId::id_kp_documentSigning), 222 SINGLE_EKU_FAILURE(tlv_id_kp_clientAuth, KeyPurposeId::id_kp_documentSigningAdobe), 223 SINGLE_EKU_FAILURE(tlv_id_kp_clientAuth, KeyPurposeId::id_kp_documentSigningMicrosoft), 224 225 SINGLE_EKU_SUCCESS(tlv_id_kp_codeSigning, KeyPurposeId::anyExtendedKeyUsage), 226 SINGLE_EKU_FAILURE(tlv_id_kp_codeSigning, KeyPurposeId::id_kp_serverAuth), 227 SINGLE_EKU_FAILURE(tlv_id_kp_codeSigning, KeyPurposeId::id_kp_clientAuth), 228 SINGLE_EKU_SUCCESS(tlv_id_kp_codeSigning, KeyPurposeId::id_kp_codeSigning), 229 SINGLE_EKU_FAILURE(tlv_id_kp_codeSigning, KeyPurposeId::id_kp_emailProtection), 230 SINGLE_EKU_FAILURE(tlv_id_kp_codeSigning, KeyPurposeId::id_kp_OCSPSigning), 231 SINGLE_EKU_FAILURE(tlv_id_kp_codeSigning, KeyPurposeId::id_kp_documentSigning), 232 SINGLE_EKU_FAILURE(tlv_id_kp_codeSigning, KeyPurposeId::id_kp_documentSigningAdobe), 233 SINGLE_EKU_FAILURE(tlv_id_kp_codeSigning, KeyPurposeId::id_kp_documentSigningMicrosoft), 234 235 SINGLE_EKU_SUCCESS(tlv_id_kp_emailProtection, KeyPurposeId::anyExtendedKeyUsage), 236 SINGLE_EKU_FAILURE(tlv_id_kp_emailProtection, KeyPurposeId::id_kp_serverAuth), 237 SINGLE_EKU_FAILURE(tlv_id_kp_emailProtection, KeyPurposeId::id_kp_clientAuth), 238 SINGLE_EKU_FAILURE(tlv_id_kp_emailProtection, KeyPurposeId::id_kp_codeSigning), 239 SINGLE_EKU_SUCCESS(tlv_id_kp_emailProtection, KeyPurposeId::id_kp_emailProtection), 240 SINGLE_EKU_FAILURE(tlv_id_kp_emailProtection, KeyPurposeId::id_kp_OCSPSigning), 241 SINGLE_EKU_FAILURE(tlv_id_kp_emailProtection, KeyPurposeId::id_kp_documentSigning), 242 SINGLE_EKU_FAILURE(tlv_id_kp_emailProtection, KeyPurposeId::id_kp_documentSigningAdobe), 243 SINGLE_EKU_FAILURE(tlv_id_kp_emailProtection, KeyPurposeId::id_kp_documentSigningMicrosoft), 244 245 // For end-entities, if id-kp-OCSPSigning is present, no usage is allowed 246 // except OCSPSigning. 247 SINGLE_EKU_SUCCESS_CA(tlv_id_kp_OCSPSigning, KeyPurposeId::anyExtendedKeyUsage), 248 SINGLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_serverAuth), 249 SINGLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_clientAuth), 250 SINGLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_codeSigning), 251 SINGLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_emailProtection), 252 SINGLE_EKU_SUCCESS(tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_OCSPSigning), 253 SINGLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_documentSigning), 254 SINGLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_documentSigningAdobe), 255 SINGLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_documentSigningMicrosoft), 256 257 SINGLE_EKU_SUCCESS(tlv_id_Netscape_stepUp, KeyPurposeId::anyExtendedKeyUsage), 258 SINGLE_EKU_FAILURE(tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_serverAuth), 259 SINGLE_EKU_FAILURE(tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_clientAuth), 260 SINGLE_EKU_FAILURE(tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_codeSigning), 261 SINGLE_EKU_FAILURE(tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_emailProtection), 262 SINGLE_EKU_FAILURE(tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_OCSPSigning), 263 SINGLE_EKU_FAILURE(tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_documentSigning), 264 SINGLE_EKU_FAILURE(tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_documentSigningAdobe), 265 SINGLE_EKU_FAILURE(tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_documentSigningMicrosoft), 266 267 SINGLE_EKU_SUCCESS(tlv_id_kp_documentSigning, KeyPurposeId::anyExtendedKeyUsage), 268 SINGLE_EKU_FAILURE(tlv_id_kp_documentSigning, KeyPurposeId::id_kp_serverAuth), 269 SINGLE_EKU_FAILURE(tlv_id_kp_documentSigning, KeyPurposeId::id_kp_clientAuth), 270 SINGLE_EKU_FAILURE(tlv_id_kp_documentSigning, KeyPurposeId::id_kp_codeSigning), 271 SINGLE_EKU_FAILURE(tlv_id_kp_documentSigning, KeyPurposeId::id_kp_emailProtection), 272 SINGLE_EKU_FAILURE(tlv_id_kp_documentSigning, KeyPurposeId::id_kp_OCSPSigning), 273 SINGLE_EKU_SUCCESS(tlv_id_kp_documentSigning, KeyPurposeId::id_kp_documentSigning), 274 SINGLE_EKU_FAILURE(tlv_id_kp_documentSigning, KeyPurposeId::id_kp_documentSigningAdobe), 275 SINGLE_EKU_FAILURE(tlv_id_kp_documentSigning, KeyPurposeId::id_kp_documentSigningMicrosoft), 276 277 SINGLE_EKU_SUCCESS(tlv_id_kp_documentSigningAdobe, KeyPurposeId::anyExtendedKeyUsage), 278 SINGLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_serverAuth), 279 SINGLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_clientAuth), 280 SINGLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_codeSigning), 281 SINGLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_emailProtection), 282 SINGLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_OCSPSigning), 283 SINGLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigning), 284 SINGLE_EKU_SUCCESS(tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigningAdobe), 285 SINGLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigningMicrosoft), 286 287 SINGLE_EKU_SUCCESS(tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::anyExtendedKeyUsage), 288 SINGLE_EKU_FAILURE(tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_serverAuth), 289 SINGLE_EKU_FAILURE(tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_clientAuth), 290 SINGLE_EKU_FAILURE(tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_codeSigning), 291 SINGLE_EKU_FAILURE(tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_emailProtection), 292 SINGLE_EKU_FAILURE(tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_OCSPSigning), 293 SINGLE_EKU_FAILURE(tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigning), 294 SINGLE_EKU_FAILURE(tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigningAdobe), 295 SINGLE_EKU_SUCCESS(tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigningMicrosoft), 296 297 SINGLE_EKU_SUCCESS(tlv_unknownOID, KeyPurposeId::anyExtendedKeyUsage), 298 SINGLE_EKU_FAILURE(tlv_unknownOID, KeyPurposeId::id_kp_serverAuth), 299 SINGLE_EKU_FAILURE(tlv_unknownOID, KeyPurposeId::id_kp_clientAuth), 300 SINGLE_EKU_FAILURE(tlv_unknownOID, KeyPurposeId::id_kp_codeSigning), 301 SINGLE_EKU_FAILURE(tlv_unknownOID, KeyPurposeId::id_kp_emailProtection), 302 SINGLE_EKU_FAILURE(tlv_unknownOID, KeyPurposeId::id_kp_OCSPSigning), 303 SINGLE_EKU_FAILURE(tlv_unknownOID, KeyPurposeId::id_kp_documentSigning), 304 SINGLE_EKU_FAILURE(tlv_unknownOID, KeyPurposeId::id_kp_documentSigningAdobe), 305 SINGLE_EKU_FAILURE(tlv_unknownOID, KeyPurposeId::id_kp_documentSigningMicrosoft), 306 307 SINGLE_EKU_SUCCESS(tlv_anyExtendedKeyUsage, KeyPurposeId::anyExtendedKeyUsage), 308 SINGLE_EKU_FAILURE(tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_serverAuth), 309 SINGLE_EKU_FAILURE(tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_clientAuth), 310 SINGLE_EKU_FAILURE(tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_codeSigning), 311 SINGLE_EKU_FAILURE(tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_emailProtection), 312 SINGLE_EKU_FAILURE(tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_OCSPSigning), 313 SINGLE_EKU_FAILURE(tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigning), 314 SINGLE_EKU_FAILURE(tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningAdobe), 315 SINGLE_EKU_FAILURE(tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningMicrosoft), 316 317 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_clientAuth, KeyPurposeId::anyExtendedKeyUsage), 318 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_clientAuth, KeyPurposeId::id_kp_serverAuth), 319 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_clientAuth, KeyPurposeId::id_kp_clientAuth), 320 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_clientAuth, KeyPurposeId::id_kp_codeSigning), 321 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_clientAuth, KeyPurposeId::id_kp_emailProtection), 322 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_clientAuth, KeyPurposeId::id_kp_OCSPSigning), 323 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_clientAuth, KeyPurposeId::id_kp_documentSigning), 324 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_clientAuth, KeyPurposeId::id_kp_documentSigningAdobe), 325 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_clientAuth, KeyPurposeId::id_kp_documentSigningMicrosoft), 326 327 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_codeSigning, KeyPurposeId::anyExtendedKeyUsage), 328 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_serverAuth), 329 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_clientAuth), 330 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_codeSigning), 331 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_emailProtection), 332 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_OCSPSigning), 333 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_documentSigning), 334 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_documentSigningAdobe), 335 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_documentSigningMicrosoft), 336 337 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_emailProtection, KeyPurposeId::anyExtendedKeyUsage), 338 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_serverAuth), 339 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_clientAuth), 340 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_codeSigning), 341 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_emailProtection), 342 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_OCSPSigning), 343 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_documentSigning), 344 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_documentSigningAdobe), 345 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_documentSigningMicrosoft), 346 347 DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_serverAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::anyExtendedKeyUsage), 348 DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_serverAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_serverAuth), 349 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_clientAuth), 350 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_codeSigning), 351 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_emailProtection), 352 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_OCSPSigning), 353 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_documentSigning), 354 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_documentSigningAdobe), 355 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_documentSigningMicrosoft), 356 357 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_Netscape_stepUp, KeyPurposeId::anyExtendedKeyUsage), 358 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_serverAuth), 359 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_clientAuth), 360 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_codeSigning), 361 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_emailProtection), 362 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_OCSPSigning), 363 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_documentSigning), 364 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_documentSigningAdobe), 365 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_documentSigningMicrosoft), 366 367 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_documentSigning, KeyPurposeId::anyExtendedKeyUsage), 368 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_serverAuth), 369 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_clientAuth), 370 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_codeSigning), 371 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_emailProtection), 372 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_OCSPSigning), 373 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_documentSigning), 374 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_documentSigningAdobe), 375 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_documentSigningMicrosoft), 376 377 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_documentSigningAdobe, KeyPurposeId::anyExtendedKeyUsage), 378 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_serverAuth), 379 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_clientAuth), 380 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_codeSigning), 381 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_emailProtection), 382 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_OCSPSigning), 383 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigning), 384 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigningAdobe), 385 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigningMicrosoft), 386 387 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::anyExtendedKeyUsage), 388 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_serverAuth), 389 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_clientAuth), 390 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_codeSigning), 391 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_emailProtection), 392 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_OCSPSigning), 393 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigning), 394 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigningAdobe), 395 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigningMicrosoft), 396 397 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_unknownOID, KeyPurposeId::anyExtendedKeyUsage), 398 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_unknownOID, KeyPurposeId::id_kp_serverAuth), 399 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_unknownOID, KeyPurposeId::id_kp_clientAuth), 400 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_unknownOID, KeyPurposeId::id_kp_codeSigning), 401 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_unknownOID, KeyPurposeId::id_kp_emailProtection), 402 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_unknownOID, KeyPurposeId::id_kp_OCSPSigning), 403 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_unknownOID, KeyPurposeId::id_kp_documentSigning), 404 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_unknownOID, KeyPurposeId::id_kp_documentSigningAdobe), 405 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_unknownOID, KeyPurposeId::id_kp_documentSigningMicrosoft), 406 407 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::anyExtendedKeyUsage), 408 DOUBLE_EKU_SUCCESS(tlv_id_kp_serverAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_serverAuth), 409 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_clientAuth), 410 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_codeSigning), 411 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_emailProtection), 412 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_OCSPSigning), 413 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigning), 414 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningAdobe), 415 DOUBLE_EKU_FAILURE(tlv_id_kp_serverAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningMicrosoft), 416 417 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_codeSigning, KeyPurposeId::anyExtendedKeyUsage), 418 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_serverAuth), 419 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_clientAuth), 420 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_codeSigning), 421 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_emailProtection), 422 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_OCSPSigning), 423 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_documentSigning), 424 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_documentSigningAdobe), 425 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_codeSigning, KeyPurposeId::id_kp_documentSigningMicrosoft), 426 427 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_emailProtection, KeyPurposeId::anyExtendedKeyUsage), 428 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_serverAuth), 429 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_clientAuth), 430 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_codeSigning), 431 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_emailProtection), 432 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_OCSPSigning), 433 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_documentSigning), 434 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_documentSigningAdobe), 435 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_documentSigningMicrosoft), 436 437 DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_clientAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::anyExtendedKeyUsage), 438 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_serverAuth), 439 DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_clientAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_clientAuth), 440 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_codeSigning), 441 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_emailProtection), 442 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_OCSPSigning), 443 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_documentSigning), 444 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_documentSigningAdobe), 445 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_documentSigningMicrosoft), 446 447 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_Netscape_stepUp, KeyPurposeId::anyExtendedKeyUsage), 448 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_serverAuth), 449 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_clientAuth), 450 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_codeSigning), 451 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_emailProtection), 452 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_OCSPSigning), 453 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_documentSigning), 454 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_documentSigningAdobe), 455 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_documentSigningMicrosoft), 456 457 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_documentSigning, KeyPurposeId::anyExtendedKeyUsage), 458 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_serverAuth), 459 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_clientAuth), 460 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_codeSigning), 461 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_emailProtection), 462 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_OCSPSigning), 463 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_documentSigning), 464 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_documentSigningAdobe), 465 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_documentSigningMicrosoft), 466 467 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_documentSigningAdobe, KeyPurposeId::anyExtendedKeyUsage), 468 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_serverAuth), 469 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_clientAuth), 470 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_codeSigning), 471 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_emailProtection), 472 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_OCSPSigning), 473 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigning), 474 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigningAdobe), 475 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigningMicrosoft), 476 477 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::anyExtendedKeyUsage), 478 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_serverAuth), 479 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_clientAuth), 480 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_codeSigning), 481 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_emailProtection), 482 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_OCSPSigning), 483 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigning), 484 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigningAdobe), 485 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigningMicrosoft), 486 487 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_unknownOID, KeyPurposeId::anyExtendedKeyUsage), 488 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_unknownOID, KeyPurposeId::id_kp_serverAuth), 489 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_unknownOID, KeyPurposeId::id_kp_clientAuth), 490 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_unknownOID, KeyPurposeId::id_kp_codeSigning), 491 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_unknownOID, KeyPurposeId::id_kp_emailProtection), 492 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_unknownOID, KeyPurposeId::id_kp_OCSPSigning), 493 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_unknownOID, KeyPurposeId::id_kp_documentSigning), 494 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_unknownOID, KeyPurposeId::id_kp_documentSigningAdobe), 495 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_unknownOID, KeyPurposeId::id_kp_documentSigningMicrosoft), 496 497 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::anyExtendedKeyUsage), 498 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_serverAuth), 499 DOUBLE_EKU_SUCCESS(tlv_id_kp_clientAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_clientAuth), 500 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_codeSigning), 501 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_emailProtection), 502 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_OCSPSigning), 503 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigning), 504 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningAdobe), 505 DOUBLE_EKU_FAILURE(tlv_id_kp_clientAuth, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningMicrosoft), 506 507 DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_id_kp_emailProtection, KeyPurposeId::anyExtendedKeyUsage), 508 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_serverAuth), 509 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_clientAuth), 510 DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_codeSigning), 511 DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_emailProtection), 512 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_OCSPSigning), 513 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_documentSigning), 514 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_documentSigningAdobe), 515 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_emailProtection, KeyPurposeId::id_kp_documentSigningMicrosoft), 516 517 DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_codeSigning, tlv_id_kp_OCSPSigning, KeyPurposeId::anyExtendedKeyUsage), 518 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_serverAuth), 519 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_clientAuth), 520 DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_codeSigning, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_codeSigning), 521 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_emailProtection), 522 DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_OCSPSigning), 523 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_documentSigning), 524 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_documentSigningAdobe), 525 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_documentSigningMicrosoft), 526 527 DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_id_Netscape_stepUp, KeyPurposeId::anyExtendedKeyUsage), 528 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_serverAuth), 529 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_clientAuth), 530 DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_codeSigning), 531 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_emailProtection), 532 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_OCSPSigning), 533 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_documentSigning), 534 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_documentSigningAdobe), 535 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_documentSigningMicrosoft), 536 537 DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_id_kp_documentSigning, KeyPurposeId::anyExtendedKeyUsage), 538 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_serverAuth), 539 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_clientAuth), 540 DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_codeSigning), 541 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_emailProtection), 542 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_OCSPSigning), 543 DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_documentSigning), 544 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_documentSigningAdobe), 545 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_documentSigningMicrosoft), 546 547 DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::anyExtendedKeyUsage), 548 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_serverAuth), 549 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_clientAuth), 550 DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_codeSigning), 551 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_emailProtection), 552 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_OCSPSigning), 553 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigning), 554 DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigningAdobe), 555 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigningMicrosoft), 556 557 DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::anyExtendedKeyUsage), 558 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_serverAuth), 559 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_clientAuth), 560 DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_codeSigning), 561 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_emailProtection), 562 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_OCSPSigning), 563 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigning), 564 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigningAdobe), 565 DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigningMicrosoft), 566 567 DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_unknownOID, KeyPurposeId::anyExtendedKeyUsage), 568 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_unknownOID, KeyPurposeId::id_kp_serverAuth), 569 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_unknownOID, KeyPurposeId::id_kp_clientAuth), 570 DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_unknownOID, KeyPurposeId::id_kp_codeSigning), 571 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_unknownOID, KeyPurposeId::id_kp_emailProtection), 572 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_unknownOID, KeyPurposeId::id_kp_OCSPSigning), 573 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_unknownOID, KeyPurposeId::id_kp_documentSigning), 574 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_unknownOID, KeyPurposeId::id_kp_documentSigningAdobe), 575 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_unknownOID, KeyPurposeId::id_kp_documentSigningMicrosoft), 576 577 DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::anyExtendedKeyUsage), 578 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_serverAuth), 579 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_clientAuth), 580 DOUBLE_EKU_SUCCESS(tlv_id_kp_codeSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_codeSigning), 581 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_emailProtection), 582 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_OCSPSigning), 583 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigning), 584 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningAdobe), 585 DOUBLE_EKU_FAILURE(tlv_id_kp_codeSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningMicrosoft), 586 587 DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_emailProtection, tlv_id_kp_OCSPSigning, KeyPurposeId::anyExtendedKeyUsage), 588 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_serverAuth), 589 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_clientAuth), 590 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_codeSigning), 591 DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_emailProtection, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_emailProtection), 592 DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_OCSPSigning), 593 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_documentSigning), 594 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_documentSigningAdobe), 595 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_OCSPSigning, KeyPurposeId::id_kp_documentSigningMicrosoft), 596 597 DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_id_Netscape_stepUp, KeyPurposeId::anyExtendedKeyUsage), 598 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_serverAuth), 599 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_clientAuth), 600 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_codeSigning), 601 DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_emailProtection), 602 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_OCSPSigning), 603 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_documentSigning), 604 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_documentSigningAdobe), 605 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_documentSigningMicrosoft), 606 607 DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_id_kp_documentSigning, KeyPurposeId::anyExtendedKeyUsage), 608 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_serverAuth), 609 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_clientAuth), 610 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_codeSigning), 611 DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_emailProtection), 612 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_OCSPSigning), 613 DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_documentSigning), 614 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_documentSigningAdobe), 615 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_documentSigningMicrosoft), 616 617 DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_id_kp_documentSigningAdobe, KeyPurposeId::anyExtendedKeyUsage), 618 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_serverAuth), 619 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_clientAuth), 620 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_codeSigning), 621 DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_emailProtection), 622 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_OCSPSigning), 623 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigning), 624 DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigningAdobe), 625 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigningMicrosoft), 626 627 DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::anyExtendedKeyUsage), 628 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_serverAuth), 629 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_clientAuth), 630 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_codeSigning), 631 DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_emailProtection), 632 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_OCSPSigning), 633 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigning), 634 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigningAdobe), 635 DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigningMicrosoft), 636 637 DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_unknownOID, KeyPurposeId::anyExtendedKeyUsage), 638 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_unknownOID, KeyPurposeId::id_kp_serverAuth), 639 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_unknownOID, KeyPurposeId::id_kp_clientAuth), 640 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_unknownOID, KeyPurposeId::id_kp_codeSigning), 641 DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_unknownOID, KeyPurposeId::id_kp_emailProtection), 642 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_unknownOID, KeyPurposeId::id_kp_OCSPSigning), 643 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_unknownOID, KeyPurposeId::id_kp_documentSigning), 644 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_unknownOID, KeyPurposeId::id_kp_documentSigningAdobe), 645 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_unknownOID, KeyPurposeId::id_kp_documentSigningMicrosoft), 646 647 DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_anyExtendedKeyUsage, KeyPurposeId::anyExtendedKeyUsage), 648 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_serverAuth), 649 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_clientAuth), 650 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_codeSigning), 651 DOUBLE_EKU_SUCCESS(tlv_id_kp_emailProtection, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_emailProtection), 652 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_OCSPSigning), 653 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigning), 654 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningAdobe), 655 DOUBLE_EKU_FAILURE(tlv_id_kp_emailProtection, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningMicrosoft), 656 657 DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_OCSPSigning, tlv_id_Netscape_stepUp, KeyPurposeId::anyExtendedKeyUsage), 658 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_serverAuth), 659 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_clientAuth), 660 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_codeSigning), 661 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_emailProtection), 662 DOUBLE_EKU_SUCCESS(tlv_id_kp_OCSPSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_OCSPSigning), 663 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_documentSigning), 664 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_documentSigningAdobe), 665 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_Netscape_stepUp, KeyPurposeId::id_kp_documentSigningMicrosoft), 666 667 DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigning, KeyPurposeId::anyExtendedKeyUsage), 668 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_serverAuth), 669 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_clientAuth), 670 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_codeSigning), 671 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_emailProtection), 672 DOUBLE_EKU_SUCCESS(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_OCSPSigning), 673 DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_documentSigning), 674 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_documentSigningAdobe), 675 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_documentSigningMicrosoft), 676 677 DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::anyExtendedKeyUsage), 678 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_serverAuth), 679 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_clientAuth), 680 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_codeSigning), 681 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_emailProtection), 682 DOUBLE_EKU_SUCCESS(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_OCSPSigning), 683 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigning), 684 DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigningAdobe), 685 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigningMicrosoft), 686 687 DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::anyExtendedKeyUsage), 688 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_serverAuth), 689 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_clientAuth), 690 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_codeSigning), 691 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_emailProtection), 692 DOUBLE_EKU_SUCCESS(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_OCSPSigning), 693 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigning), 694 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigningAdobe), 695 DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_OCSPSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigningMicrosoft), 696 697 DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_OCSPSigning, tlv_unknownOID, KeyPurposeId::anyExtendedKeyUsage), 698 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_unknownOID, KeyPurposeId::id_kp_serverAuth), 699 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_unknownOID, KeyPurposeId::id_kp_clientAuth), 700 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_unknownOID, KeyPurposeId::id_kp_codeSigning), 701 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_unknownOID, KeyPurposeId::id_kp_emailProtection), 702 DOUBLE_EKU_SUCCESS(tlv_id_kp_OCSPSigning, tlv_unknownOID, KeyPurposeId::id_kp_OCSPSigning), 703 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_unknownOID, KeyPurposeId::id_kp_documentSigning), 704 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_unknownOID, KeyPurposeId::id_kp_documentSigningAdobe), 705 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_unknownOID, KeyPurposeId::id_kp_documentSigningMicrosoft), 706 707 DOUBLE_EKU_SUCCESS_CA(tlv_id_kp_OCSPSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::anyExtendedKeyUsage), 708 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_serverAuth), 709 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_clientAuth), 710 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_codeSigning), 711 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_emailProtection), 712 DOUBLE_EKU_SUCCESS(tlv_id_kp_OCSPSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_OCSPSigning), 713 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigning), 714 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningAdobe), 715 DOUBLE_EKU_FAILURE(tlv_id_kp_OCSPSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningMicrosoft), 716 717 DOUBLE_EKU_SUCCESS(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigning, KeyPurposeId::anyExtendedKeyUsage), 718 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_serverAuth), 719 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_clientAuth), 720 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_codeSigning), 721 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_emailProtection), 722 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_OCSPSigning), 723 DOUBLE_EKU_SUCCESS(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_documentSigning), 724 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_documentSigningAdobe), 725 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigning, KeyPurposeId::id_kp_documentSigningMicrosoft), 726 727 DOUBLE_EKU_SUCCESS(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigningAdobe, KeyPurposeId::anyExtendedKeyUsage), 728 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_serverAuth), 729 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_clientAuth), 730 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_codeSigning), 731 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_emailProtection), 732 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_OCSPSigning), 733 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigning), 734 DOUBLE_EKU_SUCCESS(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigningAdobe), 735 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigningMicrosoft), 736 737 DOUBLE_EKU_SUCCESS(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::anyExtendedKeyUsage), 738 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_serverAuth), 739 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_clientAuth), 740 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_codeSigning), 741 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_emailProtection), 742 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_OCSPSigning), 743 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigning), 744 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigningAdobe), 745 DOUBLE_EKU_SUCCESS(tlv_id_Netscape_stepUp, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigningMicrosoft), 746 747 DOUBLE_EKU_SUCCESS(tlv_id_Netscape_stepUp, tlv_unknownOID, KeyPurposeId::anyExtendedKeyUsage), 748 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_unknownOID, KeyPurposeId::id_kp_serverAuth), 749 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_unknownOID, KeyPurposeId::id_kp_clientAuth), 750 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_unknownOID, KeyPurposeId::id_kp_codeSigning), 751 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_unknownOID, KeyPurposeId::id_kp_emailProtection), 752 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_unknownOID, KeyPurposeId::id_kp_OCSPSigning), 753 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_unknownOID, KeyPurposeId::id_kp_documentSigning), 754 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_unknownOID, KeyPurposeId::id_kp_documentSigningAdobe), 755 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_unknownOID, KeyPurposeId::id_kp_documentSigningMicrosoft), 756 757 DOUBLE_EKU_SUCCESS(tlv_id_Netscape_stepUp, tlv_anyExtendedKeyUsage, KeyPurposeId::anyExtendedKeyUsage), 758 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_serverAuth), 759 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_clientAuth), 760 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_codeSigning), 761 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_emailProtection), 762 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_OCSPSigning), 763 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigning), 764 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningAdobe), 765 DOUBLE_EKU_FAILURE(tlv_id_Netscape_stepUp, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningMicrosoft), 766 767 DOUBLE_EKU_SUCCESS(tlv_id_kp_documentSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::anyExtendedKeyUsage), 768 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_serverAuth), 769 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_clientAuth), 770 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_codeSigning), 771 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_emailProtection), 772 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_OCSPSigning), 773 DOUBLE_EKU_SUCCESS(tlv_id_kp_documentSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigning), 774 DOUBLE_EKU_SUCCESS(tlv_id_kp_documentSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigningAdobe), 775 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_id_kp_documentSigningAdobe, KeyPurposeId::id_kp_documentSigningMicrosoft), 776 777 DOUBLE_EKU_SUCCESS(tlv_id_kp_documentSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::anyExtendedKeyUsage), 778 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_serverAuth), 779 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_clientAuth), 780 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_codeSigning), 781 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_emailProtection), 782 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_OCSPSigning), 783 DOUBLE_EKU_SUCCESS(tlv_id_kp_documentSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigning), 784 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigningAdobe), 785 DOUBLE_EKU_SUCCESS(tlv_id_kp_documentSigning, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigningMicrosoft), 786 787 DOUBLE_EKU_SUCCESS(tlv_id_kp_documentSigning, tlv_unknownOID, KeyPurposeId::anyExtendedKeyUsage), 788 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_unknownOID, KeyPurposeId::id_kp_serverAuth), 789 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_unknownOID, KeyPurposeId::id_kp_clientAuth), 790 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_unknownOID, KeyPurposeId::id_kp_codeSigning), 791 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_unknownOID, KeyPurposeId::id_kp_emailProtection), 792 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_unknownOID, KeyPurposeId::id_kp_OCSPSigning), 793 DOUBLE_EKU_SUCCESS(tlv_id_kp_documentSigning, tlv_unknownOID, KeyPurposeId::id_kp_documentSigning), 794 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_unknownOID, KeyPurposeId::id_kp_documentSigningAdobe), 795 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_unknownOID, KeyPurposeId::id_kp_documentSigningMicrosoft), 796 797 DOUBLE_EKU_SUCCESS(tlv_id_kp_documentSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::anyExtendedKeyUsage), 798 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_serverAuth), 799 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_clientAuth), 800 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_codeSigning), 801 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_emailProtection), 802 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_OCSPSigning), 803 DOUBLE_EKU_SUCCESS(tlv_id_kp_documentSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigning), 804 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningAdobe), 805 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigning, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningMicrosoft), 806 807 DOUBLE_EKU_SUCCESS(tlv_id_kp_documentSigningAdobe, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::anyExtendedKeyUsage), 808 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_serverAuth), 809 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_clientAuth), 810 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_codeSigning), 811 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_emailProtection), 812 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_OCSPSigning), 813 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigning), 814 DOUBLE_EKU_SUCCESS(tlv_id_kp_documentSigningAdobe, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigningAdobe), 815 DOUBLE_EKU_SUCCESS(tlv_id_kp_documentSigningAdobe, tlv_id_kp_documentSigningMicrosoft, KeyPurposeId::id_kp_documentSigningMicrosoft), 816 817 DOUBLE_EKU_SUCCESS(tlv_id_kp_documentSigningAdobe, tlv_unknownOID, KeyPurposeId::anyExtendedKeyUsage), 818 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, tlv_unknownOID, KeyPurposeId::id_kp_serverAuth), 819 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, tlv_unknownOID, KeyPurposeId::id_kp_clientAuth), 820 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, tlv_unknownOID, KeyPurposeId::id_kp_codeSigning), 821 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, tlv_unknownOID, KeyPurposeId::id_kp_emailProtection), 822 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, tlv_unknownOID, KeyPurposeId::id_kp_OCSPSigning), 823 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, tlv_unknownOID, KeyPurposeId::id_kp_documentSigning), 824 DOUBLE_EKU_SUCCESS(tlv_id_kp_documentSigningAdobe, tlv_unknownOID, KeyPurposeId::id_kp_documentSigningAdobe), 825 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, tlv_unknownOID, KeyPurposeId::id_kp_documentSigningMicrosoft), 826 827 DOUBLE_EKU_SUCCESS(tlv_id_kp_documentSigningAdobe, tlv_anyExtendedKeyUsage, KeyPurposeId::anyExtendedKeyUsage), 828 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_serverAuth), 829 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_clientAuth), 830 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_codeSigning), 831 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_emailProtection), 832 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_OCSPSigning), 833 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigning), 834 DOUBLE_EKU_SUCCESS(tlv_id_kp_documentSigningAdobe, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningAdobe), 835 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningAdobe, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningMicrosoft), 836 837 DOUBLE_EKU_SUCCESS(tlv_id_kp_documentSigningMicrosoft, tlv_unknownOID, KeyPurposeId::anyExtendedKeyUsage), 838 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningMicrosoft, tlv_unknownOID, KeyPurposeId::id_kp_serverAuth), 839 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningMicrosoft, tlv_unknownOID, KeyPurposeId::id_kp_clientAuth), 840 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningMicrosoft, tlv_unknownOID, KeyPurposeId::id_kp_codeSigning), 841 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningMicrosoft, tlv_unknownOID, KeyPurposeId::id_kp_emailProtection), 842 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningMicrosoft, tlv_unknownOID, KeyPurposeId::id_kp_OCSPSigning), 843 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningMicrosoft, tlv_unknownOID, KeyPurposeId::id_kp_documentSigning), 844 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningMicrosoft, tlv_unknownOID, KeyPurposeId::id_kp_documentSigningAdobe), 845 DOUBLE_EKU_SUCCESS(tlv_id_kp_documentSigningMicrosoft, tlv_unknownOID, KeyPurposeId::id_kp_documentSigningMicrosoft), 846 847 DOUBLE_EKU_SUCCESS(tlv_id_kp_documentSigningMicrosoft, tlv_anyExtendedKeyUsage, KeyPurposeId::anyExtendedKeyUsage), 848 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningMicrosoft, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_serverAuth), 849 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningMicrosoft, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_clientAuth), 850 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningMicrosoft, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_codeSigning), 851 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningMicrosoft, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_emailProtection), 852 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningMicrosoft, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_OCSPSigning), 853 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningMicrosoft, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigning), 854 DOUBLE_EKU_FAILURE(tlv_id_kp_documentSigningMicrosoft, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningAdobe), 855 DOUBLE_EKU_SUCCESS(tlv_id_kp_documentSigningMicrosoft, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningMicrosoft), 856 857 DOUBLE_EKU_SUCCESS(tlv_unknownOID, tlv_anyExtendedKeyUsage, KeyPurposeId::anyExtendedKeyUsage), 858 DOUBLE_EKU_FAILURE(tlv_unknownOID, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_serverAuth), 859 DOUBLE_EKU_FAILURE(tlv_unknownOID, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_clientAuth), 860 DOUBLE_EKU_FAILURE(tlv_unknownOID, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_codeSigning), 861 DOUBLE_EKU_FAILURE(tlv_unknownOID, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_emailProtection), 862 DOUBLE_EKU_FAILURE(tlv_unknownOID, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_OCSPSigning), 863 DOUBLE_EKU_FAILURE(tlv_unknownOID, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigning), 864 DOUBLE_EKU_FAILURE(tlv_unknownOID, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningAdobe), 865 DOUBLE_EKU_FAILURE(tlv_unknownOID, tlv_anyExtendedKeyUsage, KeyPurposeId::id_kp_documentSigningMicrosoft), 866 }; 867 868 INSTANTIATE_TEST_SUITE_P(pkixcheck_CheckExtendedKeyUsage, 869 CheckExtendedKeyUsageTest, 870 ::testing::ValuesIn(EKU_TESTCASES)); 871 872 struct EKUChainTestcase 873 { 874 ByteString ekuExtensionEE; 875 ByteString ekuExtensionCA; 876 KeyPurposeId keyPurposeId; 877 Result expectedResult; 878 }; 879 880 ::std::ostream& operator<<(::std::ostream& os, const EKUChainTestcase&) 881 { 882 return os << "TODO (bug 1318770)"; 883 } 884 885 class CheckExtendedKeyUsageChainTest 886 : public ::testing::Test 887 , public ::testing::WithParamInterface<EKUChainTestcase> 888 { 889 }; 890 891 static ByteString 892 CreateCert(const char* issuerCN, const char* subjectCN, 893 EndEntityOrCA endEntityOrCA, ByteString encodedEKU) 894 { 895 static long serialNumberValue = 0; 896 ++serialNumberValue; 897 ByteString serialNumber(CreateEncodedSerialNumber(serialNumberValue)); 898 EXPECT_FALSE(ENCODING_FAILED(serialNumber)); 899 900 ByteString issuerDER(CNToDERName(issuerCN)); 901 ByteString subjectDER(CNToDERName(subjectCN)); 902 903 ByteString extensions[3]; 904 extensions[0] = 905 CreateEncodedBasicConstraints(endEntityOrCA == EndEntityOrCA::MustBeCA, 906 nullptr, Critical::Yes); 907 EXPECT_FALSE(ENCODING_FAILED(extensions[0])); 908 if (encodedEKU.length() > 0) { 909 extensions[1] = encodedEKU; 910 } 911 912 ScopedTestKeyPair reusedKey(CloneReusedKeyPair()); 913 ByteString certDER(CreateEncodedCertificate( 914 v3, sha256WithRSAEncryption(), serialNumber, issuerDER, 915 oneDayBeforeNow, oneDayAfterNow, subjectDER, 916 *reusedKey, extensions, *reusedKey, 917 sha256WithRSAEncryption())); 918 EXPECT_FALSE(ENCODING_FAILED(certDER)); 919 920 return certDER; 921 } 922 923 class EKUTrustDomain final : public DefaultCryptoTrustDomain 924 { 925 public: 926 explicit EKUTrustDomain(ByteString issuerCertDER) 927 : mIssuerCertDER(issuerCertDER) 928 { 929 } 930 931 private: 932 Result GetCertTrust(EndEntityOrCA, const CertPolicyId&, Input candidateCert, 933 TrustLevel& trustLevel) override 934 { 935 trustLevel = InputEqualsByteString(candidateCert, mIssuerCertDER) 936 ? TrustLevel::TrustAnchor 937 : TrustLevel::InheritsTrust; 938 return Success; 939 } 940 941 Result FindIssuer(Input, IssuerChecker& checker, Time) override 942 { 943 Input derCert; 944 Result rv = derCert.Init(mIssuerCertDER.data(), mIssuerCertDER.length()); 945 if (rv != Success) { 946 return rv; 947 } 948 bool keepGoing; 949 return checker.Check(derCert, nullptr, keepGoing); 950 } 951 952 Result CheckRevocation(EndEntityOrCA, const CertID&, Time, Duration, 953 const Input*, const Input*) override 954 { 955 return Success; 956 } 957 958 Result IsChainValid(const DERArray&, Time, const CertPolicyId&) override 959 { 960 return Success; 961 } 962 963 ByteString mIssuerCertDER; 964 }; 965 966 TEST_P(CheckExtendedKeyUsageChainTest, EKUChainTestcase) 967 { 968 const EKUChainTestcase& param(GetParam()); 969 ByteString issuerCertDER(CreateCert("CA", "CA", EndEntityOrCA::MustBeCA, 970 param.ekuExtensionCA)); 971 ByteString subjectCertDER(CreateCert("CA", "EE", 972 EndEntityOrCA::MustBeEndEntity, 973 param.ekuExtensionEE)); 974 975 EKUTrustDomain trustDomain(issuerCertDER); 976 977 Input subjectCertDERInput; 978 ASSERT_EQ(Success, subjectCertDERInput.Init(subjectCertDER.data(), 979 subjectCertDER.length())); 980 ASSERT_EQ(param.expectedResult, 981 BuildCertChain(trustDomain, subjectCertDERInput, Now(), 982 EndEntityOrCA::MustBeEndEntity, 983 KeyUsage::noParticularKeyUsageRequired, 984 param.keyPurposeId, 985 CertPolicyId::anyPolicy, 986 nullptr)); 987 } 988 989 static const EKUChainTestcase EKU_CHAIN_TESTCASES[] = 990 { 991 { 992 // Both end-entity and CA have id-kp-serverAuth => should succeed 993 CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth)), 994 CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth)), 995 KeyPurposeId::id_kp_serverAuth, 996 Success 997 }, 998 { 999 // CA has no EKU extension => should succeed 1000 CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth)), 1001 ByteString(), 1002 KeyPurposeId::id_kp_serverAuth, 1003 Success 1004 }, 1005 { 1006 // End-entity has no EKU extension => should succeed 1007 ByteString(), 1008 CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth)), 1009 KeyPurposeId::id_kp_serverAuth, 1010 Success 1011 }, 1012 { 1013 // No EKU extensions at all => should succeed 1014 ByteString(), 1015 ByteString(), 1016 KeyPurposeId::id_kp_serverAuth, 1017 Success 1018 }, 1019 { 1020 // CA has EKU without id-kp-serverAuth => should fail 1021 CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth)), 1022 CreateEKUExtension(BytesToByteString(tlv_id_kp_clientAuth)), 1023 KeyPurposeId::id_kp_serverAuth, 1024 Result::ERROR_INADEQUATE_CERT_TYPE 1025 }, 1026 { 1027 // End-entity has EKU without id-kp-serverAuth => should fail 1028 CreateEKUExtension(BytesToByteString(tlv_id_kp_clientAuth)), 1029 CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth)), 1030 KeyPurposeId::id_kp_serverAuth, 1031 Result::ERROR_INADEQUATE_CERT_TYPE 1032 }, 1033 { 1034 // Both end-entity and CA have EKU without id-kp-serverAuth => should fail 1035 CreateEKUExtension(BytesToByteString(tlv_id_kp_clientAuth)), 1036 CreateEKUExtension(BytesToByteString(tlv_id_kp_clientAuth)), 1037 KeyPurposeId::id_kp_serverAuth, 1038 Result::ERROR_INADEQUATE_CERT_TYPE 1039 }, 1040 { 1041 // End-entity has no EKU, CA doesn't have id-kp-serverAuth => should fail 1042 ByteString(), 1043 CreateEKUExtension(BytesToByteString(tlv_id_kp_clientAuth)), 1044 KeyPurposeId::id_kp_serverAuth, 1045 Result::ERROR_INADEQUATE_CERT_TYPE 1046 }, 1047 { 1048 // End-entity doesn't have id-kp-serverAuth, CA has no EKU => should fail 1049 CreateEKUExtension(BytesToByteString(tlv_id_kp_clientAuth)), 1050 ByteString(), 1051 KeyPurposeId::id_kp_serverAuth, 1052 Result::ERROR_INADEQUATE_CERT_TYPE 1053 }, 1054 { 1055 // CA has id-Netscape-stepUp but not id-kp-serverAuth => should fail 1056 CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth)), 1057 CreateEKUExtension(BytesToByteString(tlv_id_Netscape_stepUp)), 1058 KeyPurposeId::id_kp_serverAuth, 1059 Result::ERROR_INADEQUATE_CERT_TYPE 1060 }, 1061 { 1062 // End-entity has id-Netscape-stepUp => should fail 1063 CreateEKUExtension(BytesToByteString(tlv_id_Netscape_stepUp)), 1064 CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth)), 1065 KeyPurposeId::id_kp_serverAuth, 1066 Result::ERROR_INADEQUATE_CERT_TYPE 1067 }, 1068 { 1069 // End-entity and CA have id-kp-serverAuth and id-kp-clientAuth => should 1070 // succeed 1071 CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth) + 1072 BytesToByteString(tlv_id_kp_clientAuth)), 1073 CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth) + 1074 BytesToByteString(tlv_id_kp_clientAuth)), 1075 KeyPurposeId::id_kp_serverAuth, 1076 Success 1077 }, 1078 { 1079 // End-entity has id-kp-serverAuth and id-kp-OCSPSigning => should fail 1080 CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth) + 1081 BytesToByteString(tlv_id_kp_OCSPSigning)), 1082 CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth) + 1083 BytesToByteString(tlv_id_kp_clientAuth)), 1084 KeyPurposeId::id_kp_serverAuth, 1085 Result::ERROR_INADEQUATE_CERT_TYPE 1086 }, 1087 { 1088 // CA has id-kp-serverAuth and id-kp-OCSPSigning => should succeed 1089 CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth) + 1090 BytesToByteString(tlv_id_kp_clientAuth)), 1091 CreateEKUExtension(BytesToByteString(tlv_id_kp_serverAuth) + 1092 BytesToByteString(tlv_id_kp_OCSPSigning)), 1093 KeyPurposeId::id_kp_serverAuth, 1094 Success 1095 }, 1096 }; 1097 1098 INSTANTIATE_TEST_SUITE_P(pkixcheck_CheckExtendedKeyUsage, 1099 CheckExtendedKeyUsageChainTest, 1100 ::testing::ValuesIn(EKU_CHAIN_TESTCASES));