Adding OCSP Parser

net/data/parse_ocsp_unittest/annotate_test_data.py

 #!/usr/bin/python
-# Copyright (c) 2015 The Chromium Authors. All rights reserved.
+# Copyright (c) 2016 The Chromium Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
+# TODO: Deduplicate various annotate_test_data.

[eroman, 2016/02/19 02:27:33]

TODO(svaldez)

[svaldez, 2016/02/19 15:13:55]

Done.

 
 """This script is called without any arguments to re-format all of the *.pem
 files in the script's parent directory.
 
 The main formatting change is to run "openssl asn1parse" for each of the PEM
-block sections (except for DATA), and add that output to the comment.
+block sections, and add that output to the comment. It also runs the command
+on the OCTET STRING representing BasicOCSPResponse.
 
-Refer to the README file for more information.
 """
 
 import glob
 import os
 import re
 import base64
 import subprocess
 
 
 def Transform(file_data):
   """Returns a transformed (formatted) version of file_data"""
 
   result = ''
 
   for block in GetPemBlocks(file_data):
     if len(result) != 0:
       result += '\n'
 
     # If there was a user comment (non-script-generated comment) associated
     # with the block, output it immediately before the block.
     user_comment = GetUserComment(block.comment)
     if user_comment:
-      result += user_comment
+      result += user_comment + '\n'
 
-    # For every block except for DATA, try to pretty print the parsed ASN.1.
-    # DATA blocks likely would be DER in practice, but for the purposes of
-    # these tests seeing its structure doesn't clarify
-    # anything and is just a distraction.
-    if block.name != 'DATA':
-      generated_comment = GenerateCommentForBlock(block.name, block.data)
-      result += generated_comment + '\n'
+    generated_comment = GenerateCommentForBlock(block.name, block.data)
+    result += generated_comment + '\n'
 
 
     result += MakePemBlockString(block.name, block.data)
 
   return result
 
 
 def GenerateCommentForBlock(block_name, block_data):
   """Returns a string describing the ASN.1 structure of block_data"""
 
   p = subprocess.Popen(['openssl', 'asn1parse', '-i', '-inform', 'DER'],
                        stdout=subprocess.PIPE, stdin=subprocess.PIPE,
                        stderr=subprocess.PIPE)
   stdout_data, stderr_data = p.communicate(input=block_data)
   generated_comment = '$ openssl asn1parse -i < [%s]\n%s' % (block_name,
                                                              stdout_data)
+
+  # We also run 'openssl asn1parse' against the OCTET STRING encoded

[eroman, 2016/02/19 02:27:33]

I noticed another comment that used "we". Typically best to avoid pronouns.

[svaldez, 2016/02/19 15:13:55]

Done.

+  # BasicOCSPResponse.
+  if block_name == 'OCSP RESPONSE':
+    if '[HEX DUMP]:' in generated_comment:
+      (generated_comment, response) = generated_comment.split('[HEX DUMP]:', 1)
+      response = response.replace('\n', '')
+      if len(response) % 2 != 0:
+        response = '0' + response
+      response = GenerateCommentForBlock('INNER', response.decode('hex'))
+      response = response.split('\n', 1)[1]
+      response = response.replace(': ', ':      ')
+      generated_comment += '\n%s' % (response)
   return generated_comment.strip('\n')
 
 
 
 def GetUserComment(comment):
   """Removes any script-generated lines (everything after the $ openssl line)"""
 
   # Consider everything after "$ openssl" to be a generated comment.
   comment = comment.split('$ openssl asn1parse -i', 1)[0]
   if IsEntirelyWhiteSpace(comment):
@@ skipping 85 matching lines @@
     print "Processing %s ..." % (path)
     original_data = ReadFileToString(path)
     transformed_data = Transform(original_data)
     if original_data != transformed_data:
       WriteStringToFile(transformed_data, path)
       print "Rewrote %s" % (path)
 
 
 if __name__ == "__main__":
   main()