Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(714)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/data/verify_certificate_chain_unittest/generate-target-has-keycertsign-but-not-ca.py

Issue 2759023002: Improvements to the net/cert/internal error handling. (Closed)
Patch Set: fix comment Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « net/data/verify_certificate_chain_unittest/generate-intermediate-unknown-critical-extension.py ('k') | net/data/verify_certificate_chain_unittest/generate-target-has-pathlen-but-not-ca.py » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 #!/usr/bin/python 1 #!/usr/bin/python
2 # Copyright (c) 2015 The Chromium Authors. All rights reserved. 2 # Copyright (c) 2015 The Chromium Authors. All rights reserved.
3 # Use of this source code is governed by a BSD-style license that can be 3 # Use of this source code is governed by a BSD-style license that can be
4 # found in the LICENSE file. 4 # found in the LICENSE file.
5 5
6 """Certificate chain with 1 intermediate, a trusted root, and a target 6 """Certificate chain with 1 intermediate, a trusted root, and a target
7 certificate that is not a CA, and yet has the keyCertSign bit set. Verification 7 certificate that is not a CA, and yet has the keyCertSign bit set. Verification
8 is expected to fail, since keyCertSign should only be asserted when CA is 8 is expected to fail, since keyCertSign should only be asserted when CA is
9 true.""" 9 true."""
10 10
11 import common 11 import common
12 12
13 # Self-signed root certificate (used as trust anchor). 13 # Self-signed root certificate (used as trust anchor).
14 root = common.create_self_signed_root_certificate('Root') 14 root = common.create_self_signed_root_certificate('Root')
15 15
16 # Intermediate certificate. 16 # Intermediate certificate.
17 intermediate = common.create_intermediate_certificate('Intermediate', root) 17 intermediate = common.create_intermediate_certificate('Intermediate', root)
18 18
19 # Target certificate (end entity but has keyCertSign bit set). 19 # Target certificate (end entity but has keyCertSign bit set).
20 target = common.create_end_entity_certificate('Target', intermediate) 20 target = common.create_end_entity_certificate('Target', intermediate)
21 target.get_extensions().set_property('keyUsage', 21 target.get_extensions().set_property('keyUsage',
22 'critical,digitalSignature,keyEncipherment,keyCertSign') 22 'critical,digitalSignature,keyEncipherment,keyCertSign')
23 23
24 24
25 chain = [target, intermediate] 25 chain = [target, intermediate]
26 trusted = common.TrustAnchor(root, constrained=False) 26 trusted = common.TrustAnchor(root, constrained=False)
27 time = common.DEFAULT_TIME 27 time = common.DEFAULT_TIME
28 verify_result = False 28 verify_result = False
29 errors = """[Context] Processing Certificate 29 errors = """----- Certificate i=0 (CN=Target) -----
30 index: 1 30 ERROR: Target certificate looks like a CA but does not set all CA properties
31 [Error] Target certificate looks like a CA but does not set all CA propert ies 31
32 """ 32 """
33 33
34 common.write_test_file(__doc__, chain, trusted, time, verify_result, errors) 34 common.write_test_file(__doc__, chain, trusted, time, verify_result, errors)
OLDNEW
« no previous file with comments | « net/data/verify_certificate_chain_unittest/generate-intermediate-unknown-critical-extension.py ('k') | net/data/verify_certificate_chain_unittest/generate-target-has-pathlen-but-not-ca.py » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698