OLD | NEW |
(Empty) | |
| 1 #!/usr/bin/env python |
| 2 # Copyright 2016 The Chromium Authors. All rights reserved. |
| 3 # Use of this source code is governed by a BSD-style license that can be |
| 4 # found in the LICENSE file. |
| 5 |
| 6 import os |
| 7 import sys |
| 8 sys.path += [os.path.join('..', 'verify_certificate_chain_unittest')] |
| 9 |
| 10 import common |
| 11 |
| 12 |
| 13 # Self-signed root certificate. Not saved to a .pem since the test doesn't need |
| 14 # it. |
| 15 root = common.create_self_signed_root_certificate('Root') |
| 16 |
| 17 |
| 18 # Intermediary certificates. All have the same subject and key. |
| 19 i_base = common.create_intermediary_certificate('I', root) |
| 20 common.write_string_to_file(i_base.get_cert_pem(), 'i.pem') |
| 21 |
| 22 i2 = common.create_intermediary_certificate('I', root, key_from=i_base) |
| 23 common.write_string_to_file(i2.get_cert_pem(), 'i2.pem') |
| 24 |
| 25 i3 = common.create_intermediary_certificate('I', root, key_from=i_base) |
| 26 common.write_string_to_file(i3.get_cert_pem(), 'i3.pem') |
| 27 |
| 28 |
| 29 # More Intermediary certificates, which are just to generate the proper config |
| 30 # files so the target certs will have the desired Authority Information Access |
| 31 # values. These ones aren't saved to files. |
| 32 i_no_aia = common.create_intermediary_certificate('I', root, key_from=i_base) |
| 33 section = i_no_aia.config.get_section('signing_ca_ext') |
| 34 section.set_property('authorityInfoAccess', None) |
| 35 |
| 36 i_two_aia = common.create_intermediary_certificate('I', root, key_from=i_base) |
| 37 section = i_two_aia.config.get_section('issuer_info') |
| 38 section.set_property('caIssuers;URI.1', 'http://url-for-aia2/I2.foo') |
| 39 |
| 40 i_three_aia = common.create_intermediary_certificate('I', root, key_from=i_base) |
| 41 section = i_three_aia.config.get_section('issuer_info') |
| 42 section.set_property('caIssuers;URI.1', 'http://url-for-aia2/I2.foo') |
| 43 section.set_property('caIssuers;URI.2', 'http://url-for-aia3/I3.foo') |
| 44 |
| 45 i_six_aia = common.create_intermediary_certificate('I', root, key_from=i_base) |
| 46 section = i_six_aia.config.get_section('issuer_info') |
| 47 section.set_property('caIssuers;URI.1', 'http://url-for-aia2/I2.foo') |
| 48 section.set_property('caIssuers;URI.2', 'http://url-for-aia3/I3.foo') |
| 49 section.set_property('caIssuers;URI.3', 'http://url-for-aia4/I4.foo') |
| 50 section.set_property('caIssuers;URI.4', 'http://url-for-aia5/I5.foo') |
| 51 section.set_property('caIssuers;URI.5', 'http://url-for-aia6/I6.foo') |
| 52 |
| 53 i_file_aia = common.create_intermediary_certificate('I', root, key_from=i_base) |
| 54 section = i_file_aia.config.get_section('issuer_info') |
| 55 section.set_property('caIssuers;URI.0', 'file:///dev/null') |
| 56 |
| 57 i_invalid_url_aia = common.create_intermediary_certificate('I', root, |
| 58 key_from=i_base) |
| 59 section = i_invalid_url_aia.config.get_section('issuer_info') |
| 60 section.set_property('caIssuers;URI.0', 'foobar') |
| 61 |
| 62 i_file_and_http_aia = common.create_intermediary_certificate('I', root, |
| 63 key_from=i_base) |
| 64 section = i_file_and_http_aia.config.get_section('issuer_info') |
| 65 section.set_property('caIssuers;URI.0', 'file:///dev/null') |
| 66 section.set_property('caIssuers;URI.1', 'http://url-for-aia2/I2.foo') |
| 67 |
| 68 i_invalid_and_http_aia = common.create_intermediary_certificate('I', root, |
| 69 key_from=i_base) |
| 70 section = i_invalid_and_http_aia.config.get_section('issuer_info') |
| 71 section.set_property('caIssuers;URI.0', 'foobar') |
| 72 section.set_property('caIssuers;URI.1', 'http://url-for-aia2/I2.foo') |
| 73 |
| 74 |
| 75 # target certs |
| 76 |
| 77 target = common.create_end_entity_certificate('target', i_base) |
| 78 common.write_string_to_file(target.get_cert_pem(), 'target_one_aia.pem') |
| 79 |
| 80 target = common.create_end_entity_certificate('target', i_no_aia) |
| 81 common.write_string_to_file(target.get_cert_pem(), 'target_no_aia.pem') |
| 82 |
| 83 target = common.create_end_entity_certificate('target', i_two_aia) |
| 84 common.write_string_to_file(target.get_cert_pem(), 'target_two_aia.pem') |
| 85 |
| 86 target = common.create_end_entity_certificate('target', i_three_aia) |
| 87 common.write_string_to_file(target.get_cert_pem(), 'target_three_aia.pem') |
| 88 |
| 89 target = common.create_end_entity_certificate('target', i_six_aia) |
| 90 common.write_string_to_file(target.get_cert_pem(), 'target_six_aia.pem') |
| 91 |
| 92 target = common.create_end_entity_certificate('target', i_file_aia) |
| 93 common.write_string_to_file(target.get_cert_pem(), 'target_file_aia.pem') |
| 94 |
| 95 target = common.create_end_entity_certificate('target', i_invalid_url_aia) |
| 96 common.write_string_to_file(target.get_cert_pem(), 'target_invalid_url_aia.pem') |
| 97 |
| 98 target = common.create_end_entity_certificate('target', i_file_and_http_aia) |
| 99 common.write_string_to_file(target.get_cert_pem(), |
| 100 'target_file_and_http_aia.pem') |
| 101 |
| 102 target = common.create_end_entity_certificate('target', i_invalid_and_http_aia) |
| 103 common.write_string_to_file(target.get_cert_pem(), |
| 104 'target_invalid_and_http_aia.pem') |
| 105 |
OLD | NEW |