OLD | NEW |
(Empty) | |
| 1 # Copyright (c) 2010 The Chromium OS Authors. All rights reserved. |
| 2 # Use of this source code is governed by a BSD-style license that can be |
| 3 # found in the LICENSE file. |
| 4 |
| 5 import datetime, logging, re, subprocess, os |
| 6 |
| 7 # These certificate trees are for testing only in sealed containers |
| 8 # so it is okay that we have them checked into a GIT repository. |
| 9 # Nobody will ever use this information on the open air. |
| 10 |
| 11 cert_info = { |
| 12 'cert1': { |
| 13 'router': { |
| 14 'ca_cert': |
| 15 """-----BEGIN CERTIFICATE----- |
| 16 MIIDMTCCApqgAwIBAgIJANAMhNy2leWKMA0GCSqGSIb3DQEBBQUAMG8xCzAJBgNV |
| 17 BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBW |
| 18 aWV3MTMwMQYDVQQDEypjaHJvbWVsYWItd2lmaS10ZXN0YmVkLXJvb3QubXR2Lmdv |
| 19 b2dsZS5jb20wHhcNMTAwODExMDAyODI3WhcNMjAwODA4MDAyODI3WjBvMQswCQYD |
| 20 VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4g |
| 21 VmlldzEzMDEGA1UEAxMqY2hyb21lbGFiLXdpZmktdGVzdGJlZC1yb290Lm10di5n |
| 22 b29nbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDKzIZQXJjjtuQO |
| 23 hQvHUa436mSOSo7PTP4cM39Ip7dlSRqTL+lHdQN9d0dgrYQFvlHwaG5CBVYhtFtQ |
| 24 JMy2ozauwTwtD5oHHL0DyhhgNA9H4zrTpM/t5euHpZwrOik7lnw87JBdKto/wy5X |
| 25 bhKOwvrRSsJIVLc2j5bD0225EPff6wIDAQABo4HUMIHRMB0GA1UdDgQWBBRw5Wl2 |
| 26 YFf67mTeir0yYaF/jUS9QTCBoQYDVR0jBIGZMIGWgBRw5Wl2YFf67mTeir0yYaF/ |
| 27 jUS9QaFzpHEwbzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAU |
| 28 BgNVBAcTDU1vdW50YWluIFZpZXcxMzAxBgNVBAMTKmNocm9tZWxhYi13aWZpLXRl |
| 29 c3RiZWQtcm9vdC5tdHYuZ29vZ2xlLmNvbYIJANAMhNy2leWKMAwGA1UdEwQFMAMB |
| 30 Af8wDQYJKoZIhvcNAQEFBQADgYEAZAiBupvbckbb9ICASaz0a1uE4VNSqAZhhBXm |
| 31 AmrjmwnYU+yFkGgscyoq6wLzA+VbbfeBo088GT1LTyzUFqnsLNk7NrT1dtuCPijS |
| 32 p8gKkMu03kpkoKO0H9OB7HMRcdB7O87c5S1de4PLqdTwooF0f+yT6dqivUHgP5KF |
| 33 K3F2V44= |
| 34 -----END CERTIFICATE-----""", |
| 35 'server_cert': |
| 36 """-----BEGIN CERTIFICATE----- |
| 37 MIIDPTCCAqagAwIBAgIDEAABMA0GCSqGSIb3DQEBBAUAMG8xCzAJBgNVBAYTAlVT |
| 38 MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MTMw |
| 39 MQYDVQQDEypjaHJvbWVsYWItd2lmaS10ZXN0YmVkLXJvb3QubXR2Lmdvb2dsZS5j |
| 40 b20wHhcNMTAwODExMDAyODI3WhcNMTEwODExMDAyODI3WjBxMQswCQYDVQQGEwJV |
| 41 UzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzE1 |
| 42 MDMGA1UEAxMsY2hyb21lbGFiLXdpZmktdGVzdGJlZC1zZXJ2ZXIubXR2Lmdvb2ds |
| 43 ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPn4bKRL1o6E0V9346pa |
| 44 ZNmeVujp8L6gIxk1z5cFDcs07K7XV4ML/M2GPaYuHFGYgs5PO29Bju/oG246kI/o |
| 45 n7uEEcVedXWYOuQL+W3QI7c6NYsAiQmMSpLRlqX9q0QCAMXs/Hipm0oKGYA5Tsdo |
| 46 q9UIszkOIhZHP+YPbkJFyrATAgMBAAGjgeQwgeEwCQYDVR0TBAIwADARBglghkgB |
| 47 hvhCAQEEBAMCBkAwHQYDVR0OBBYEFDYGlkJwDwKS0M4/SYFdTlLDcvsBMIGhBgNV |
| 48 HSMEgZkwgZaAFHDlaXZgV/ruZN6KvTJhoX+NRL1BoXOkcTBvMQswCQYDVQQGEwJV |
| 49 UzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEz |
| 50 MDEGA1UEAxMqY2hyb21lbGFiLXdpZmktdGVzdGJlZC1yb290Lm10di5nb29nbGUu |
| 51 Y29tggkA0AyE3LaV5YowDQYJKoZIhvcNAQEEBQADgYEAQphT8fiEPvwuDpzkuClg |
| 52 xqajzKwX677ggbYrP+k1v2WIPRBUW7lZs8OdKgwkIxvD4RBNwztEcBreWJG0I5xQ |
| 53 sJ9H+K12INdQ+TOrSAiEYuy4bu9EXf2On7MsAgcSTbQHN3bLuvtag3frDVvERlMU |
| 54 iaHwTA/p/X5zeCxKQunfwP0= |
| 55 -----END CERTIFICATE-----""", |
| 56 'private_key': |
| 57 """-----BEGIN RSA PRIVATE KEY----- |
| 58 MIICXAIBAAKBgQD5+GykS9aOhNFfd+OqWmTZnlbo6fC+oCMZNc+XBQ3LNOyu11eD |
| 59 C/zNhj2mLhxRmILOTztvQY7v6BtuOpCP6J+7hBHFXnV1mDrkC/lt0CO3OjWLAIkJ |
| 60 jEqS0Zal/atEAgDF7Px4qZtKChmAOU7HaKvVCLM5DiIWRz/mD25CRcqwEwIDAQAB |
| 61 AoGBAPWF55f8kXKMzGXcCTdC8Dm7x5ugZIGoIrFZZFvub9z/T9Zv1xn1hUqNpzH5 |
| 62 qoEOrrRbqIIfv3iu33qGdYWUNIZ2PO/9q/IQ31Z4eV2iVQ3kpjoZnvfhyJ7t0QXG |
| 63 xbS1F5UAcS1cdVxPjWkXYg4uoIg3/Y+HCW6n77v8UPl0+QT5AkEA/1XfTVYqs6eI |
| 64 I7pNip+tqwFg93WewZ4it17O1VxaSZX+rjLs6+nxzVeWyIAcbw5Tdos4onafsf8t |
| 65 ncjrqB0ebQJBAPqe+jk97pazkSKqIyXogpApZ1EbJHHJblS4HU/FAq0wZHMqvDmy |
| 66 8sQR+B7RZ96MnuIGsVIbKz0BveuD+wn7+H8CQHl9k32JxVGsIiPVznVqGskmI8w6 |
| 67 4+n+Y0hazRFKGw+uVfru8joiG1J4HZ+TDXRuHZpnDfCHft7DqyHLaw2XpVUCQCGW |
| 68 UrR/L011DTtXD9TRv0Wwts7w00aIl0e1UQBSx9QMCzo//O/CorRSMC15JPF3aQej |
| 69 m/oD+Bx58kjw7CDfauMCQGV7dPtWmA6DbparS8Z59Fx25XpN6+asw+Krrq3iGqpf |
| 70 /E8LtHSUdiUZztQN0oUUCEh8C//2NRDUK5M2Y7kjF+Y= |
| 71 -----END RSA PRIVATE KEY-----""", |
| 72 'eap_user_file': '* TLS' |
| 73 }, |
| 74 'client': { |
| 75 'client_cert': |
| 76 """-----BEGIN CERTIFICATE----- |
| 77 MIIDKjCCApOgAwIBAgIDEAACMA0GCSqGSIb3DQEBBAUAMG8xCzAJBgNVBAYTAlVT |
| 78 MRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MTMw |
| 79 MQYDVQQDEypjaHJvbWVsYWItd2lmaS10ZXN0YmVkLXJvb3QubXR2Lmdvb2dsZS5j |
| 80 b20wHhcNMTAwODExMDAyODMwWhcNMTEwODExMDAyODMwWjBxMQswCQYDVQQGEwJV |
| 81 UzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzE1 |
| 82 MDMGA1UEAxMsY2hyb21lbGFiLXdpZmktdGVzdGJlZC1jbGllbnQubXR2Lmdvb2ds |
| 83 ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJu8uIlc6Ags6KS2bwqO |
| 84 flfILS//9YHJ/ch5GIC6PjA9HCUFlQSVuUb+igZ/CLZ+mTEiC76xVUD5GgZdJdHb |
| 85 lX0uTC6dI1N42pOklBNl3S3uXXyNGk1Ztg+6Lom/VKw1srlIKHIT/iMVYtzbt3+q |
| 86 hXOEjSMbMQb2hivwwV5kQSdDAgMBAAGjgdEwgc4wCQYDVR0TBAIwADAdBgNVHQ4E |
| 87 FgQUMGYODAgMy1ohCO7Aau20Zw3lSO8wgaEGA1UdIwSBmTCBloAUcOVpdmBX+u5k |
| 88 3oq9MmGhf41EvUGhc6RxMG8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9y |
| 89 bmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MTMwMQYDVQQDEypjaHJvbWVsYWIt |
| 90 d2lmaS10ZXN0YmVkLXJvb3QubXR2Lmdvb2dsZS5jb22CCQDQDITctpXlijANBgkq |
| 91 hkiG9w0BAQQFAAOBgQAqUk+8N8NLGnLvNdRXYG2krhptGHO9h0YHjOh+xxOUcBis |
| 92 DiSKG0/M5ucqGOJmF5DTDNVCLkjOcd69Zv+a/eFohlZ4K3rWo0vQs77e9rtkepB1 |
| 93 N+6M3dMP8Z9dhfgUp3ha84mSBY6qguNFKzSUZsBQ6JF5xxhjBRHP/5t/Sz2k2A== |
| 94 -----END CERTIFICATE-----""", |
| 95 'private_key': |
| 96 """-----BEGIN RSA PRIVATE KEY----- |
| 97 MIICXQIBAAKBgQCbvLiJXOgILOiktm8Kjn5XyC0v//WByf3IeRiAuj4wPRwlBZUE |
| 98 lblG/ooGfwi2fpkxIgu+sVVA+RoGXSXR25V9LkwunSNTeNqTpJQTZd0t7l18jRpN |
| 99 WbYPui6Jv1SsNbK5SChyE/4jFWLc27d/qoVzhI0jGzEG9oYr8MFeZEEnQwIDAQAB |
| 100 AoGBAJk2qinhcBkS7XGWVVoCY8PCmMofO44LhZQjpnqGP8Y/aJ/3hOp0zklNA8du |
| 101 VMkNdXLD9uANID2ClBrsqtdx+vcac+mPSjxwI+tszVIzKHesYMf9XJJQrtP6gl4o |
| 102 sA6YOQB65dhYLpckuR4vb28Dwo2W8Ha4lv/zzeCo9/LOOm5hAkEAzegQGCnAdeui |
| 103 OShVZ69IcPJLMbZt641yeghWiBvclQxtvXk77Wf3jDoi16XqhGhvhkJRqcoUg+zg |
| 104 zwxFr6RqEwJBAMGgGBMPqNDtVS4pGcsr0xI8hIsDsSEBtlvfwpt1BeVJKdooQ51c |
| 105 gDK7Q28MV/xtrvlvo2J1Slod/6sZ681U9BECQQCToBzh5hVZth4x0qwg0XgjmmO0 |
| 106 +bGnX1tDCPVZUnh82FNZtDD2DkNaY1gVupwAYIwM+0FndT3uNAgeChNwUXXHAkBB |
| 107 gkXC5TBrh3CjTnqQl8Iw0FLTqasbDLZC/UCdUgltmsRTL/44Vlx1TZAyGQ4HtKBX |
| 108 eiLgI+jE9pNSs1FpRg3RAkBAxoAqiYyT9W222119Qt6PdJDTNI/YxKpDfnwRZm84 |
| 109 7x3V0FVuaN1GW9g4VMSsearlmgYizfRliaIrD+15Bg9Q |
| 110 -----END RSA PRIVATE KEY-----""", |
| 111 } |
| 112 } |
| 113 } |
| 114 |
| 115 def insert_conf_file(host, filename, contents): |
| 116 """ |
| 117 If config files are too big, the "host.run()" never returns. |
| 118 As a workaround, break the file up into lines and append the |
| 119 file piece by piece |
| 120 """ |
| 121 host.run('rm -f %s >/dev/null 2>&1' % filename, ignore_status=True) |
| 122 content_lines = contents.splitlines() |
| 123 while content_lines: |
| 124 buflist = [] |
| 125 buflen = 0 |
| 126 while content_lines and buflen + len(content_lines[0]) < 200: |
| 127 line = content_lines.pop(0) |
| 128 buflen += len(line) + 1 |
| 129 buflist.append(line) |
| 130 |
| 131 if not buflist: |
| 132 raise error.TestFail('Cert profile: line too long: %s' % |
| 133 content_lines[0]) |
| 134 host.run('cat <<EOF >>%s\n%s\nEOF\n' % |
| 135 (filename, '\n'.join(buflist))) |
| 136 |
| 137 def router_config(router, cert): |
| 138 """ |
| 139 Configure a router, and return the added config parameters |
| 140 """ |
| 141 conf = {} |
| 142 # Make sure time-of-day is correct on router |
| 143 router.run('date -us %s' % |
| 144 datetime.datetime.utcnow().strftime('%Y%m%d%H%M.%S')) |
| 145 |
| 146 if cert not in cert_info: |
| 147 raise error.TestFail('Cert profile %s not in the configuration' % cert) |
| 148 |
| 149 for k, v in cert_info[cert]['router'].iteritems(): |
| 150 filename = "/tmp/hostap_%s" % k |
| 151 insert_conf_file(router, filename, v) |
| 152 conf[k] = filename |
| 153 |
| 154 conf['eap_server'] = '1' |
| 155 return conf |
| 156 |
| 157 def client_config(client, cert): |
| 158 """ |
| 159 Configure a client, and return the added config parameters |
| 160 """ |
| 161 if cert not in cert_info: |
| 162 raise error.TestFail("Cert profile %s not in the configuration" % cert) |
| 163 |
| 164 client_pkg = '/tmp/pkg-client.pem' |
| 165 info = cert_info[cert]['client'] |
| 166 insert_conf_file(client, client_pkg, |
| 167 '\n'.join([info['client_cert'], info['private_key']])) |
| 168 return { 'psk': ':'.join(['chromeos', client_pkg]) } |
OLD | NEW |