Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(558)

Side by Side Diff: server/site_eap_tls.py

Issue 3139013: 802.1x EAP-TLS Authentication for wifi tests (Closed) Base URL: ssh://gitrw.chromium.org/autotest.git
Patch Set: Change eap_tls to eap-tls Created 10 years, 4 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | server/site_linux_router.py » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
2 # Use of this source code is governed by a BSD-style license that can be
3 # found in the LICENSE file.
4
5 import datetime, logging, re, subprocess, os
6
7 # These certificate trees are for testing only in sealed containers
8 # so it is okay that we have them checked into a GIT repository.
9 # Nobody will ever use this information on the open air.
10
11 cert_info = {
12 'cert1': {
13 'router': {
14 'ca_cert':
15 """-----BEGIN CERTIFICATE-----
16 MIIDMTCCApqgAwIBAgIJANAMhNy2leWKMA0GCSqGSIb3DQEBBQUAMG8xCzAJBgNV
17 BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBW
18 aWV3MTMwMQYDVQQDEypjaHJvbWVsYWItd2lmaS10ZXN0YmVkLXJvb3QubXR2Lmdv
19 b2dsZS5jb20wHhcNMTAwODExMDAyODI3WhcNMjAwODA4MDAyODI3WjBvMQswCQYD
20 VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4g
21 VmlldzEzMDEGA1UEAxMqY2hyb21lbGFiLXdpZmktdGVzdGJlZC1yb290Lm10di5n
22 b29nbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDKzIZQXJjjtuQO
23 hQvHUa436mSOSo7PTP4cM39Ip7dlSRqTL+lHdQN9d0dgrYQFvlHwaG5CBVYhtFtQ
24 JMy2ozauwTwtD5oHHL0DyhhgNA9H4zrTpM/t5euHpZwrOik7lnw87JBdKto/wy5X
25 bhKOwvrRSsJIVLc2j5bD0225EPff6wIDAQABo4HUMIHRMB0GA1UdDgQWBBRw5Wl2
26 YFf67mTeir0yYaF/jUS9QTCBoQYDVR0jBIGZMIGWgBRw5Wl2YFf67mTeir0yYaF/
27 jUS9QaFzpHEwbzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAU
28 BgNVBAcTDU1vdW50YWluIFZpZXcxMzAxBgNVBAMTKmNocm9tZWxhYi13aWZpLXRl
29 c3RiZWQtcm9vdC5tdHYuZ29vZ2xlLmNvbYIJANAMhNy2leWKMAwGA1UdEwQFMAMB
30 Af8wDQYJKoZIhvcNAQEFBQADgYEAZAiBupvbckbb9ICASaz0a1uE4VNSqAZhhBXm
31 AmrjmwnYU+yFkGgscyoq6wLzA+VbbfeBo088GT1LTyzUFqnsLNk7NrT1dtuCPijS
32 p8gKkMu03kpkoKO0H9OB7HMRcdB7O87c5S1de4PLqdTwooF0f+yT6dqivUHgP5KF
33 K3F2V44=
34 -----END CERTIFICATE-----""",
35 'server_cert':
36 """-----BEGIN CERTIFICATE-----
37 MIIDPTCCAqagAwIBAgIDEAABMA0GCSqGSIb3DQEBBAUAMG8xCzAJBgNVBAYTAlVT
38 MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MTMw
39 MQYDVQQDEypjaHJvbWVsYWItd2lmaS10ZXN0YmVkLXJvb3QubXR2Lmdvb2dsZS5j
40 b20wHhcNMTAwODExMDAyODI3WhcNMTEwODExMDAyODI3WjBxMQswCQYDVQQGEwJV
41 UzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzE1
42 MDMGA1UEAxMsY2hyb21lbGFiLXdpZmktdGVzdGJlZC1zZXJ2ZXIubXR2Lmdvb2ds
43 ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPn4bKRL1o6E0V9346pa
44 ZNmeVujp8L6gIxk1z5cFDcs07K7XV4ML/M2GPaYuHFGYgs5PO29Bju/oG246kI/o
45 n7uEEcVedXWYOuQL+W3QI7c6NYsAiQmMSpLRlqX9q0QCAMXs/Hipm0oKGYA5Tsdo
46 q9UIszkOIhZHP+YPbkJFyrATAgMBAAGjgeQwgeEwCQYDVR0TBAIwADARBglghkgB
47 hvhCAQEEBAMCBkAwHQYDVR0OBBYEFDYGlkJwDwKS0M4/SYFdTlLDcvsBMIGhBgNV
48 HSMEgZkwgZaAFHDlaXZgV/ruZN6KvTJhoX+NRL1BoXOkcTBvMQswCQYDVQQGEwJV
49 UzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEz
50 MDEGA1UEAxMqY2hyb21lbGFiLXdpZmktdGVzdGJlZC1yb290Lm10di5nb29nbGUu
51 Y29tggkA0AyE3LaV5YowDQYJKoZIhvcNAQEEBQADgYEAQphT8fiEPvwuDpzkuClg
52 xqajzKwX677ggbYrP+k1v2WIPRBUW7lZs8OdKgwkIxvD4RBNwztEcBreWJG0I5xQ
53 sJ9H+K12INdQ+TOrSAiEYuy4bu9EXf2On7MsAgcSTbQHN3bLuvtag3frDVvERlMU
54 iaHwTA/p/X5zeCxKQunfwP0=
55 -----END CERTIFICATE-----""",
56 'private_key':
57 """-----BEGIN RSA PRIVATE KEY-----
58 MIICXAIBAAKBgQD5+GykS9aOhNFfd+OqWmTZnlbo6fC+oCMZNc+XBQ3LNOyu11eD
59 C/zNhj2mLhxRmILOTztvQY7v6BtuOpCP6J+7hBHFXnV1mDrkC/lt0CO3OjWLAIkJ
60 jEqS0Zal/atEAgDF7Px4qZtKChmAOU7HaKvVCLM5DiIWRz/mD25CRcqwEwIDAQAB
61 AoGBAPWF55f8kXKMzGXcCTdC8Dm7x5ugZIGoIrFZZFvub9z/T9Zv1xn1hUqNpzH5
62 qoEOrrRbqIIfv3iu33qGdYWUNIZ2PO/9q/IQ31Z4eV2iVQ3kpjoZnvfhyJ7t0QXG
63 xbS1F5UAcS1cdVxPjWkXYg4uoIg3/Y+HCW6n77v8UPl0+QT5AkEA/1XfTVYqs6eI
64 I7pNip+tqwFg93WewZ4it17O1VxaSZX+rjLs6+nxzVeWyIAcbw5Tdos4onafsf8t
65 ncjrqB0ebQJBAPqe+jk97pazkSKqIyXogpApZ1EbJHHJblS4HU/FAq0wZHMqvDmy
66 8sQR+B7RZ96MnuIGsVIbKz0BveuD+wn7+H8CQHl9k32JxVGsIiPVznVqGskmI8w6
67 4+n+Y0hazRFKGw+uVfru8joiG1J4HZ+TDXRuHZpnDfCHft7DqyHLaw2XpVUCQCGW
68 UrR/L011DTtXD9TRv0Wwts7w00aIl0e1UQBSx9QMCzo//O/CorRSMC15JPF3aQej
69 m/oD+Bx58kjw7CDfauMCQGV7dPtWmA6DbparS8Z59Fx25XpN6+asw+Krrq3iGqpf
70 /E8LtHSUdiUZztQN0oUUCEh8C//2NRDUK5M2Y7kjF+Y=
71 -----END RSA PRIVATE KEY-----""",
72 'eap_user_file': '* TLS'
73 },
74 'client': {
75 'client_cert':
76 """-----BEGIN CERTIFICATE-----
77 MIIDKjCCApOgAwIBAgIDEAACMA0GCSqGSIb3DQEBBAUAMG8xCzAJBgNVBAYTAlVT
78 MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MTMw
79 MQYDVQQDEypjaHJvbWVsYWItd2lmaS10ZXN0YmVkLXJvb3QubXR2Lmdvb2dsZS5j
80 b20wHhcNMTAwODExMDAyODMwWhcNMTEwODExMDAyODMwWjBxMQswCQYDVQQGEwJV
81 UzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzE1
82 MDMGA1UEAxMsY2hyb21lbGFiLXdpZmktdGVzdGJlZC1jbGllbnQubXR2Lmdvb2ds
83 ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJu8uIlc6Ags6KS2bwqO
84 flfILS//9YHJ/ch5GIC6PjA9HCUFlQSVuUb+igZ/CLZ+mTEiC76xVUD5GgZdJdHb
85 lX0uTC6dI1N42pOklBNl3S3uXXyNGk1Ztg+6Lom/VKw1srlIKHIT/iMVYtzbt3+q
86 hXOEjSMbMQb2hivwwV5kQSdDAgMBAAGjgdEwgc4wCQYDVR0TBAIwADAdBgNVHQ4E
87 FgQUMGYODAgMy1ohCO7Aau20Zw3lSO8wgaEGA1UdIwSBmTCBloAUcOVpdmBX+u5k
88 3oq9MmGhf41EvUGhc6RxMG8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9y
89 bmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MTMwMQYDVQQDEypjaHJvbWVsYWIt
90 d2lmaS10ZXN0YmVkLXJvb3QubXR2Lmdvb2dsZS5jb22CCQDQDITctpXlijANBgkq
91 hkiG9w0BAQQFAAOBgQAqUk+8N8NLGnLvNdRXYG2krhptGHO9h0YHjOh+xxOUcBis
92 DiSKG0/M5ucqGOJmF5DTDNVCLkjOcd69Zv+a/eFohlZ4K3rWo0vQs77e9rtkepB1
93 N+6M3dMP8Z9dhfgUp3ha84mSBY6qguNFKzSUZsBQ6JF5xxhjBRHP/5t/Sz2k2A==
94 -----END CERTIFICATE-----""",
95 'private_key':
96 """-----BEGIN RSA PRIVATE KEY-----
97 MIICXQIBAAKBgQCbvLiJXOgILOiktm8Kjn5XyC0v//WByf3IeRiAuj4wPRwlBZUE
98 lblG/ooGfwi2fpkxIgu+sVVA+RoGXSXR25V9LkwunSNTeNqTpJQTZd0t7l18jRpN
99 WbYPui6Jv1SsNbK5SChyE/4jFWLc27d/qoVzhI0jGzEG9oYr8MFeZEEnQwIDAQAB
100 AoGBAJk2qinhcBkS7XGWVVoCY8PCmMofO44LhZQjpnqGP8Y/aJ/3hOp0zklNA8du
101 VMkNdXLD9uANID2ClBrsqtdx+vcac+mPSjxwI+tszVIzKHesYMf9XJJQrtP6gl4o
102 sA6YOQB65dhYLpckuR4vb28Dwo2W8Ha4lv/zzeCo9/LOOm5hAkEAzegQGCnAdeui
103 OShVZ69IcPJLMbZt641yeghWiBvclQxtvXk77Wf3jDoi16XqhGhvhkJRqcoUg+zg
104 zwxFr6RqEwJBAMGgGBMPqNDtVS4pGcsr0xI8hIsDsSEBtlvfwpt1BeVJKdooQ51c
105 gDK7Q28MV/xtrvlvo2J1Slod/6sZ681U9BECQQCToBzh5hVZth4x0qwg0XgjmmO0
106 +bGnX1tDCPVZUnh82FNZtDD2DkNaY1gVupwAYIwM+0FndT3uNAgeChNwUXXHAkBB
107 gkXC5TBrh3CjTnqQl8Iw0FLTqasbDLZC/UCdUgltmsRTL/44Vlx1TZAyGQ4HtKBX
108 eiLgI+jE9pNSs1FpRg3RAkBAxoAqiYyT9W222119Qt6PdJDTNI/YxKpDfnwRZm84
109 7x3V0FVuaN1GW9g4VMSsearlmgYizfRliaIrD+15Bg9Q
110 -----END RSA PRIVATE KEY-----""",
111 }
112 }
113 }
114
115 def insert_conf_file(host, filename, contents):
116 """
117 If config files are too big, the "host.run()" never returns.
118 As a workaround, break the file up into lines and append the
119 file piece by piece
120 """
121 host.run('rm -f %s >/dev/null 2>&1' % filename, ignore_status=True)
122 content_lines = contents.splitlines()
123 while content_lines:
124 buflist = []
125 buflen = 0
126 while content_lines and buflen + len(content_lines[0]) < 200:
127 line = content_lines.pop(0)
128 buflen += len(line) + 1
129 buflist.append(line)
130
131 if not buflist:
132 raise error.TestFail('Cert profile: line too long: %s' %
133 content_lines[0])
134 host.run('cat <<EOF >>%s\n%s\nEOF\n' %
135 (filename, '\n'.join(buflist)))
136
137 def router_config(router, cert):
138 """
139 Configure a router, and return the added config parameters
140 """
141 conf = {}
142 # Make sure time-of-day is correct on router
143 router.run('date -us %s' %
144 datetime.datetime.utcnow().strftime('%Y%m%d%H%M.%S'))
145
146 if cert not in cert_info:
147 raise error.TestFail('Cert profile %s not in the configuration' % cert)
148
149 for k, v in cert_info[cert]['router'].iteritems():
150 filename = "/tmp/hostap_%s" % k
151 insert_conf_file(router, filename, v)
152 conf[k] = filename
153
154 conf['eap_server'] = '1'
155 return conf
156
157 def client_config(client, cert):
158 """
159 Configure a client, and return the added config parameters
160 """
161 if cert not in cert_info:
162 raise error.TestFail("Cert profile %s not in the configuration" % cert)
163
164 client_pkg = '/tmp/pkg-client.pem'
165 info = cert_info[cert]['client']
166 insert_conf_file(client, client_pkg,
167 '\n'.join([info['client_cert'], info['private_key']]))
168 return { 'psk': ':'.join(['chromeos', client_pkg]) }
OLDNEW
« no previous file with comments | « no previous file | server/site_linux_router.py » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698