net/data/verify_certificate_chain_unittest/common.py - Issue 1923433002: Certificate path builder for new certificate verification library

Unified Diff: net/data/verify_certificate_chain_unittest/common.py

Issue 1923433002: Certificate path builder for new certificate verification library (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: . Created 4 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« net/cert/internal/path_builder.cc ('K') | « net/cert/internal/verify_certificate_chain_unittest.cc ('k') | net/data/verify_certificate_chain_unittest/generate-key-rollover.py » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: net/data/verify_certificate_chain_unittest/common.py

diff --git a/net/data/verify_certificate_chain_unittest/common.py b/net/data/verify_certificate_chain_unittest/common.py

index 5a6c3ec97e0a13b72062cebba3ae510d176c1df0..58c1c8f22cb6bb02f80016c869bb23a11b3bd083 100755

--- a/net/data/verify_certificate_chain_unittest/common.py

+++ b/net/data/verify_certificate_chain_unittest/common.py

@@ -72,12 +72,16 @@ def GetUniquePathId(name):

class Certificate(object):

"""Helper for building an X.509 certificate."""

- def __init__(self, name, cert_type, issuer):

+ def __init__(self, name, cert_type, issuer, key_from=None):

# The name will be used for the subject's CN, and also as a component of

# the temporary filenames to help with debugging.

self.name = name

self.path_id = GetUniquePathId(name)

+ # If specified, use they key from the given Certificate object instead of

+ # generating a new one.

+ self.key_from = key_from

# The issuer is also a Certificate object. Passing |None| means it is a

# self-signed certificate.

self.issuer = issuer

@@ -167,6 +171,8 @@ class Certificate(object):

def get_key_path(self):

+ if self.key_from is not None:

+ return self.key_from.get_key_path()

return self.get_path('.key')

@@ -351,7 +357,8 @@ def data_to_pem(block_header, block_data):

base64.b64encode(block_data), block_header)

-def write_test_file(description, chain, trusted_certs, utc_time, verify_result):

+def write_test_file(description, chain, trusted_certs, utc_time, verify_result,

+ out_pem=None):

"""Writes a test file that contains all the inputs necessary to run a

verification on a certificate chain"""

@@ -374,7 +381,7 @@ def write_test_file(description, chain, trusted_certs, utc_time, verify_result):

verify_result_string = 'SUCCESS' if verify_result else 'FAIL'

test_data += '\n' + data_to_pem('VERIFY_RESULT', verify_result_string)

- write_string_to_file(test_data, g_out_pem)

+ write_string_to_file(test_data, out_pem if out_pem else g_out_pem)

def write_string_to_file(data, path):

@@ -413,11 +420,11 @@ def create_self_signed_root_certificate(name):

return Certificate(name, TYPE_CA, None)

-def create_intermediary_certificate(name, issuer):

- return Certificate(name, TYPE_CA, issuer)

+def create_intermediary_certificate(name, issuer, **kw_args):

+ return Certificate(name, TYPE_CA, issuer, **kw_args)

-def create_end_entity_certificate(name, issuer):

- return Certificate(name, TYPE_END_ENTITY, issuer)

+def create_end_entity_certificate(name, issuer, **kw_args):

+ return Certificate(name, TYPE_END_ENTITY, issuer, **kw_args)

init(sys.argv[0])