net/data/cert_issuer_source_aia_unittest/generate-certs.py - Issue 2036033002: Add CertIssuerSourceAia: authorityInfoAccess fetching for CertPathBuilder.

Unified Diff: net/data/cert_issuer_source_aia_unittest/generate-certs.py

Issue 2036033002: Add CertIssuerSourceAia: authorityInfoAccess fetching for CertPathBuilder. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@cert-parsing-path-building

Patch Set: remove orphaned kw_args change, remove g_cur_path_id change from this cl Created 4 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

Index: net/data/cert_issuer_source_aia_unittest/generate-certs.py

diff --git a/net/data/cert_issuer_source_aia_unittest/generate-certs.py b/net/data/cert_issuer_source_aia_unittest/generate-certs.py

new file mode 100755

index 0000000000000000000000000000000000000000..534d498f6ba049b2c24824d8de4895015280d934

--- /dev/null

+++ b/net/data/cert_issuer_source_aia_unittest/generate-certs.py

@@ -0,0 +1,112 @@

+#!/usr/bin/env python

+# Use of this source code is governed by a BSD-style license that can be

+# found in the LICENSE file.

+import os

+import sys

+sys.path += [os.path.join('..', 'verify_certificate_chain_unittest')]

+import common

+# Self-signed root certificate. Not saved to a .pem since the test doesn't need

+# it.

+root = common.create_self_signed_root_certificate('Root')

+# Intermediary certificates. All have the same subject and key.

+i_base = common.create_intermediary_certificate('I', root)

+common.write_string_to_file(i_base.get_cert_pem(), 'i.pem')

+i2 = common.create_intermediary_certificate('I', root)

+i2.set_key_path(i_base.get_key_path())

+common.write_string_to_file(i2.get_cert_pem(), 'i2.pem')

+i3 = common.create_intermediary_certificate('I', root)

+i3.set_key_path(i_base.get_key_path())

+common.write_string_to_file(i3.get_cert_pem(), 'i3.pem')

+# More Intermediary certificates, which are just to generate the proper config

+# files so the target certs will have the desired Authority Information Access

+# values. These ones aren't saved to files.

+i_no_aia = common.create_intermediary_certificate('I', root)

+i_no_aia.set_key_path(i_base.get_key_path())

+section = i_no_aia.config.get_section('signing_ca_ext')

+section.set_property('authorityInfoAccess', None)

+i_two_aia = common.create_intermediary_certificate('I', root)

+i_two_aia.set_key_path(i_base.get_key_path())

+section = i_two_aia.config.get_section('issuer_info')

+section.set_property('caIssuers;URI.1', 'http://url-for-aia2/I2.foo')

+i_three_aia = common.create_intermediary_certificate('I', root)

+i_three_aia.set_key_path(i_base.get_key_path())

+section = i_three_aia.config.get_section('issuer_info')

+section.set_property('caIssuers;URI.1', 'http://url-for-aia2/I2.foo')

+section.set_property('caIssuers;URI.2', 'http://url-for-aia3/I3.foo')

+i_six_aia = common.create_intermediary_certificate('I', root)

+i_six_aia.set_key_path(i_base.get_key_path())

+section = i_six_aia.config.get_section('issuer_info')

+section.set_property('caIssuers;URI.1', 'http://url-for-aia2/I2.foo')

+section.set_property('caIssuers;URI.2', 'http://url-for-aia3/I3.foo')

+section.set_property('caIssuers;URI.3', 'http://url-for-aia4/I4.foo')

+section.set_property('caIssuers;URI.4', 'http://url-for-aia5/I5.foo')

+section.set_property('caIssuers;URI.5', 'http://url-for-aia6/I6.foo')

+i_file_aia = common.create_intermediary_certificate('I', root)

+i_file_aia.set_key_path(i_base.get_key_path())

+section = i_file_aia.config.get_section('issuer_info')

+section.set_property('caIssuers;URI.0', 'file:///dev/null')

+i_invalid_url_aia = common.create_intermediary_certificate('I', root)

+i_invalid_url_aia.set_key_path(i_base.get_key_path())

+section = i_invalid_url_aia.config.get_section('issuer_info')

+section.set_property('caIssuers;URI.0', 'foobar')

+i_file_and_http_aia = common.create_intermediary_certificate('I', root)

+i_file_and_http_aia.set_key_path(i_base.get_key_path())

+section = i_file_and_http_aia.config.get_section('issuer_info')

+section.set_property('caIssuers;URI.0', 'file:///dev/null')

+section.set_property('caIssuers;URI.1', 'http://url-for-aia2/I2.foo')

+i_invalid_and_http_aia = common.create_intermediary_certificate('I', root)

+i_invalid_and_http_aia.set_key_path(i_base.get_key_path())

+section = i_invalid_and_http_aia.config.get_section('issuer_info')

+section.set_property('caIssuers;URI.0', 'foobar')

+section.set_property('caIssuers;URI.1', 'http://url-for-aia2/I2.foo')

+# target certs

+target = common.create_end_entity_certificate('target', i_base)

+common.write_string_to_file(target.get_cert_pem(), 'target_one_aia.pem')

+target = common.create_end_entity_certificate('target', i_no_aia)

+common.write_string_to_file(target.get_cert_pem(), 'target_no_aia.pem')

+target = common.create_end_entity_certificate('target', i_two_aia)

+common.write_string_to_file(target.get_cert_pem(), 'target_two_aia.pem')

+target = common.create_end_entity_certificate('target', i_three_aia)

+common.write_string_to_file(target.get_cert_pem(), 'target_three_aia.pem')

+target = common.create_end_entity_certificate('target', i_six_aia)

+common.write_string_to_file(target.get_cert_pem(), 'target_six_aia.pem')

+target = common.create_end_entity_certificate('target', i_file_aia)

+common.write_string_to_file(target.get_cert_pem(), 'target_file_aia.pem')

+target = common.create_end_entity_certificate('target', i_invalid_url_aia)

+common.write_string_to_file(target.get_cert_pem(), 'target_invalid_url_aia.pem')

+target = common.create_end_entity_certificate('target', i_file_and_http_aia)

+common.write_string_to_file(target.get_cert_pem(),

+ 'target_file_and_http_aia.pem')

+target = common.create_end_entity_certificate('target', i_invalid_and_http_aia)

+common.write_string_to_file(target.get_cert_pem(),

+ 'target_invalid_and_http_aia.pem')

« no previous file with comments | « net/cert/internal/parsed_certificate.cc ('k') | net/data/cert_issuer_source_aia_unittest/i.pem » ('j') | no next file with comments »