Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(164)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: net/data/verify_certificate_chain_unittest/generate-violates-basic-constraints-pathlen-0.py

Issue 1414393008: Add scripts to generate simple test data for certificate verification. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@key_usages
Patch Set: rebase Created 5 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « net/data/verify_certificate_chain_unittest/generate-unknown-root.py ('k') | net/data/verify_certificate_chain_unittest/intermediary-basic-constraints-ca-false.pem » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: net/data/verify_certificate_chain_unittest/generate-violates-basic-constraints-pathlen-0.py
diff --git a/net/data/verify_certificate_chain_unittest/generate-violates-basic-constraints-pathlen-0.py b/net/data/verify_certificate_chain_unittest/generate-violates-basic-constraints-pathlen-0.py
new file mode 100755
index 0000000000000000000000000000000000000000..0298956edb30a64db842971392faa7c3a8f01436
--- /dev/null
+++ b/net/data/verify_certificate_chain_unittest/generate-violates-basic-constraints-pathlen-0.py
@@ -0,0 +1,34 @@
+#!/usr/bin/python
+# Copyright (c) 2015 The Chromium Authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+"""Certificate chain with 2 intermediaries. The first intermediary has a basic
+constraints path length of 0, so it is a violation for it to have a subordinate
+intermediary."""
+
+import common
+
+# Self-signed root certificate (part of trust store).
+root = common.create_self_signed_root_certificate('Root')
+
+# Intermediary with pathlen 0
+intermediary1 = common.create_intermediary_certificate('Intermediary1', root)
+intermediary1.get_extensions().set_property('basicConstraints',
+ 'critical,CA:true,pathlen:0')
+
+# Another intermediary (with the same pathlen restriction)
+intermediary2 = common.create_intermediary_certificate('Intermediary2',
+ intermediary1)
+intermediary2.get_extensions().set_property('basicConstraints',
+ 'critical,CA:true,pathlen:0')
+
+# Target certificate.
+target = common.create_end_entity_certificate('Target', intermediary2)
+
+chain = [target, intermediary2, intermediary1]
+trusted = [root]
+time = common.DEFAULT_TIME
+verify_result = False
+
+common.write_test_file(__doc__, chain, trusted, time, verify_result)
« no previous file with comments | « net/data/verify_certificate_chain_unittest/generate-unknown-root.py ('k') | net/data/verify_certificate_chain_unittest/intermediary-basic-constraints-ca-false.pem » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698