static void tests(void)
{
	SecCertificateRef cert0;
	isnt(cert0 = SecCertificateCreateWithBytes(NULL, _c0, sizeof(_c0)),
		NULL, "create cert0");
    SecTrustStoreRef user_store;
    isnt(user_store = SecTrustStoreForDomain(kSecTrustStoreDomainUser),
        NULL, "get user trust settings store handle");
    ok(!SecTrustStoreContains(user_store, cert0),
        "cert0 is not yet present");
    ok_status(SecTrustStoreSetTrustSettings(user_store, cert0, NULL),
        "make cert0 trusted for anything");
    ok(SecTrustStoreContains(user_store, cert0),
        "cert0 is present");
    ok_status(SecTrustStoreSetTrustSettings(user_store, cert0, NULL),
        "make cert0 trusted for anything - again, should update now");
    ok(SecTrustStoreContains(user_store, cert0),
        "cert0 is still present");
    ok_status(SecTrustStoreRemoveCertificate(user_store, cert0),
        "removing cert0");
    ok(!SecTrustStoreContains(user_store, cert0),
        "cert0 is no longer present");

    /* Adding again...*/
    ok_status(SecTrustStoreSetTrustSettings(user_store, cert0, NULL),
        "make cert0 trusted for anything");
    ok(SecTrustStoreContains(user_store, cert0),
       "cert0 is present");

    /* Remove it */
    ok_status(SecTrustStoreRemoveCertificate(user_store, cert0),
              "removing cert0");
    ok(!SecTrustStoreContains(user_store, cert0),
       "cert0 is no longer present");

	CFReleaseSafe(cert0);
}
static bool SecUserAnchorSourceContains(SecCertificateSourceRef source,
	SecCertificateRef certificate) {
    return SecTrustStoreContains(
        SecTrustStoreForDomain(kSecTrustStoreDomainUser), certificate);
}