#
# miscellaneous policies tested here.
#
globals
allowUnverified = true
crlNetFetchEnable = false
certNetFetchEnable = false
useSystemAnchors = false
end

test = "Resource signing"
policy = resourceSign
cert = resourceSignLeaf.cer
root = miscPoliciesRoot.cer
end

test = "Resource signing, no EKU"
policy = resourceSign
cert = noEKU.cer
root = miscPoliciesRoot.cer
error = CSSMERR_APPLETP_INVALID_EXTENDED_KEY_USAGE
end