Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(230)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/data/verify_certificate_chain_unittest/common.py

Issue 2282183004: Add error information to VerifyCertificateChain(). (Closed)
Patch Set: Created 4 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« net/cert/internal/verify_certificate_chain.cc ('K') | « net/data/verify_certificate_chain_unittest/README ('k') | net/data/verify_certificate_chain_unittest/expired-target.pem » ('j') | net/data/verify_certificate_chain_unittest/generate-target-signed-by-512bit-rsa.py » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 #!/usr/bin/python 1 #!/usr/bin/python
2 # Copyright (c) 2015 The Chromium Authors. All rights reserved. 2 # Copyright (c) 2015 The Chromium Authors. All rights reserved.
3 # Use of this source code is governed by a BSD-style license that can be 3 # Use of this source code is governed by a BSD-style license that can be
4 # found in the LICENSE file. 4 # found in the LICENSE file.
5 5
6 """Set of helpers to generate signed X.509v3 certificates. 6 """Set of helpers to generate signed X.509v3 certificates.
7 7
8 This works by shelling out calls to the 'openssl req' and 'openssl ca' 8 This works by shelling out calls to the 'openssl req' and 'openssl ca'
9 commands, and passing the appropriate command line flags and configuration file 9 commands, and passing the appropriate command line flags and configuration file
10 (.cnf). 10 (.cnf).
(...skipping 418 matching lines...) Expand 10 before | Expand all | Expand 10 after
429 cert_data = self.cert.get_cert_pem() 429 cert_data = self.cert.get_cert_pem()
430 block_name = 'TRUST_ANCHOR_UNCONSTRAINED' 430 block_name = 'TRUST_ANCHOR_UNCONSTRAINED'
431 if self.constrained: 431 if self.constrained:
432 block_name = 'TRUST_ANCHOR_CONSTRAINED' 432 block_name = 'TRUST_ANCHOR_CONSTRAINED'
433 433
434 # Use a different block name in the .pem file, depending on the anchor type. 434 # Use a different block name in the .pem file, depending on the anchor type.
435 return cert_data.replace('CERTIFICATE', block_name) 435 return cert_data.replace('CERTIFICATE', block_name)
436 436
437 437
438 def write_test_file(description, chain, trust_anchor, utc_time, verify_result, 438 def write_test_file(description, chain, trust_anchor, utc_time, verify_result,
439 out_pem=None): 439 errors, out_pem=None):
440 """Writes a test file that contains all the inputs necessary to run a 440 """Writes a test file that contains all the inputs necessary to run a
441 verification on a certificate chain""" 441 verification on a certificate chain"""
442 442
443 # Prepend the script name that generated the file to the description. 443 # Prepend the script name that generated the file to the description.
444 test_data = '[Created by: %s]\n\n%s\n' % (sys.argv[0], description) 444 test_data = '[Created by: %s]\n\n%s\n' % (sys.argv[0], description)
445 445
446 # Write the certificate chain to the output file. 446 # Write the certificate chain to the output file.
447 for cert in chain: 447 for cert in chain:
448 test_data += '\n' + cert.get_cert_pem() 448 test_data += '\n' + cert.get_cert_pem()
449 449
450 test_data += '\n' + trust_anchor.get_pem() 450 test_data += '\n' + trust_anchor.get_pem()
451 test_data += '\n' + data_to_pem('TIME', utc_time) 451 test_data += '\n' + data_to_pem('TIME', utc_time)
452 452
453 verify_result_string = 'SUCCESS' if verify_result else 'FAIL' 453 verify_result_string = 'SUCCESS' if verify_result else 'FAIL'
454 test_data += '\n' + data_to_pem('VERIFY_RESULT', verify_result_string) 454 test_data += '\n' + data_to_pem('VERIFY_RESULT', verify_result_string)
455 455
456 if errors is not None:
457 test_data += '\n' + data_to_pem('ERRORS', '\n'.join(errors))
458
456 write_string_to_file(test_data, out_pem if out_pem else g_out_pem) 459 write_string_to_file(test_data, out_pem if out_pem else g_out_pem)
457 460
458 461
459 def write_string_to_file(data, path): 462 def write_string_to_file(data, path):
460 with open(path, 'w') as f: 463 with open(path, 'w') as f:
461 f.write(data) 464 f.write(data)
462 465
463 466
464 def init(invoking_script_path): 467 def init(invoking_script_path):
465 """Creates an output directory to contain all the temporary files that may be 468 """Creates an output directory to contain all the temporary files that may be
(...skipping 27 matching lines...) Expand all
493 496
494 497
495 def create_intermediate_certificate(name, issuer): 498 def create_intermediate_certificate(name, issuer):
496 return Certificate(name, TYPE_CA, issuer) 499 return Certificate(name, TYPE_CA, issuer)
497 500
498 501
499 def create_end_entity_certificate(name, issuer): 502 def create_end_entity_certificate(name, issuer):
500 return Certificate(name, TYPE_END_ENTITY, issuer) 503 return Certificate(name, TYPE_END_ENTITY, issuer)
501 504
502 init(sys.argv[0]) 505 init(sys.argv[0])
OLDNEW
« net/cert/internal/verify_certificate_chain.cc ('K') | « net/data/verify_certificate_chain_unittest/README ('k') | net/data/verify_certificate_chain_unittest/expired-target.pem » ('j') | net/data/verify_certificate_chain_unittest/generate-target-signed-by-512bit-rsa.py » ('J')

Powered by Google App Engine
This is Rietveld 408576698