Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(472)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: net/data/cert_issuer_source_aia_unittest/generate-certs.py

Issue 2797303006: Save the private keys used by generated verify_certificate_chain tests. (Closed)
Patch Set: Fix comment Created 3 years, 8 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « no previous file | net/data/cert_issuer_source_aia_unittest/i.pem » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 #!/usr/bin/env python 1 #!/usr/bin/env python
2 # Copyright 2016 The Chromium Authors. All rights reserved. 2 # Copyright 2016 The Chromium Authors. All rights reserved.
3 # Use of this source code is governed by a BSD-style license that can be 3 # Use of this source code is governed by a BSD-style license that can be
4 # found in the LICENSE file. 4 # found in the LICENSE file.
5 5
6 import os 6 import os
7 import sys 7 import sys
8 sys.path += [os.path.join('..', 'verify_certificate_chain_unittest')] 8 sys.path += [os.path.join('..', 'verify_certificate_chain_unittest')]
9 9
10 import common 10 import common
11 11
12 common.set_default_validity_range(common.JANUARY_1_2015_UTC, 12 common.set_default_validity_range(common.JANUARY_1_2015_UTC,
13 common.JANUARY_1_2021_UTC) 13 common.JANUARY_1_2021_UTC)
14 14
15 # Generate the keys -- the same key is used for all intermediates and end entity
16 # certificates.
17 root_key = common.get_or_generate_rsa_key(2048, common.create_key_path('root'))
18 i_key = common.get_or_generate_rsa_key(2048, common.create_key_path('i'))
19 target_key = common.get_or_generate_rsa_key(2048,
20 common.create_key_path('target'))
15 21
16 # Self-signed root certificate. 22 # Self-signed root certificate.
17 root = common.create_self_signed_root_certificate('Root') 23 root = common.create_self_signed_root_certificate('Root')
24 root.set_key(root_key)
18 common.write_string_to_file(root.get_cert_pem(), 'root.pem') 25 common.write_string_to_file(root.get_cert_pem(), 'root.pem')
19 26
20 27
21 # Intermediate certificates. All have the same subject and key. 28 # Intermediate certificates. All have the same subject and key.
22 i_base = common.create_intermediate_certificate('I', root) 29 i_base = common.create_intermediate_certificate('I', root)
30 i_base.set_key(i_key)
23 common.write_string_to_file(i_base.get_cert_pem(), 'i.pem') 31 common.write_string_to_file(i_base.get_cert_pem(), 'i.pem')
24 32
25 i2 = common.create_intermediate_certificate('I', root) 33 i2 = common.create_intermediate_certificate('I', root)
26 i2.set_key(i_base.get_key()) 34 i2.set_key(i_key)
27 common.write_string_to_file(i2.get_cert_pem(), 'i2.pem') 35 common.write_string_to_file(i2.get_cert_pem(), 'i2.pem')
28 36
29 i3 = common.create_intermediate_certificate('I', root) 37 i3 = common.create_intermediate_certificate('I', root)
30 i3.set_key(i_base.get_key()) 38 i3.set_key(i_key)
31 common.write_string_to_file(i3.get_cert_pem(), 'i3.pem') 39 common.write_string_to_file(i3.get_cert_pem(), 'i3.pem')
32 40
33 41
34 # More Intermediate certificates, which are just to generate the proper config 42 # More Intermediate certificates, which are just to generate the proper config
35 # files so the target certs will have the desired Authority Information Access 43 # files so the target certs will have the desired Authority Information Access
36 # values. These ones aren't saved to files. 44 # values. These ones aren't saved to files.
37 i_no_aia = common.create_intermediate_certificate('I', root) 45 i_no_aia = common.create_intermediate_certificate('I', root)
38 i_no_aia.set_key(i_base.get_key()) 46 i_no_aia.set_key(i_key)
39 section = i_no_aia.config.get_section('signing_ca_ext') 47 section = i_no_aia.config.get_section('signing_ca_ext')
40 section.set_property('authorityInfoAccess', None) 48 section.set_property('authorityInfoAccess', None)
41 49
42 i_two_aia = common.create_intermediate_certificate('I', root) 50 i_two_aia = common.create_intermediate_certificate('I', root)
43 i_two_aia.set_key(i_base.get_key()) 51 i_two_aia.set_key(i_key)
44 section = i_two_aia.config.get_section('issuer_info') 52 section = i_two_aia.config.get_section('issuer_info')
45 section.set_property('caIssuers;URI.1', 'http://url-for-aia2/I2.foo') 53 section.set_property('caIssuers;URI.1', 'http://url-for-aia2/I2.foo')
46 54
47 i_three_aia = common.create_intermediate_certificate('I', root) 55 i_three_aia = common.create_intermediate_certificate('I', root)
48 i_three_aia.set_key(i_base.get_key()) 56 i_three_aia.set_key(i_key)
49 section = i_three_aia.config.get_section('issuer_info') 57 section = i_three_aia.config.get_section('issuer_info')
50 section.set_property('caIssuers;URI.1', 'http://url-for-aia2/I2.foo') 58 section.set_property('caIssuers;URI.1', 'http://url-for-aia2/I2.foo')
51 section.set_property('caIssuers;URI.2', 'http://url-for-aia3/I3.foo') 59 section.set_property('caIssuers;URI.2', 'http://url-for-aia3/I3.foo')
52 60
53 i_six_aia = common.create_intermediate_certificate('I', root) 61 i_six_aia = common.create_intermediate_certificate('I', root)
54 i_six_aia.set_key(i_base.get_key()) 62 i_six_aia.set_key(i_key)
55 section = i_six_aia.config.get_section('issuer_info') 63 section = i_six_aia.config.get_section('issuer_info')
56 section.set_property('caIssuers;URI.1', 'http://url-for-aia2/I2.foo') 64 section.set_property('caIssuers;URI.1', 'http://url-for-aia2/I2.foo')
57 section.set_property('caIssuers;URI.2', 'http://url-for-aia3/I3.foo') 65 section.set_property('caIssuers;URI.2', 'http://url-for-aia3/I3.foo')
58 section.set_property('caIssuers;URI.3', 'http://url-for-aia4/I4.foo') 66 section.set_property('caIssuers;URI.3', 'http://url-for-aia4/I4.foo')
59 section.set_property('caIssuers;URI.4', 'http://url-for-aia5/I5.foo') 67 section.set_property('caIssuers;URI.4', 'http://url-for-aia5/I5.foo')
60 section.set_property('caIssuers;URI.5', 'http://url-for-aia6/I6.foo') 68 section.set_property('caIssuers;URI.5', 'http://url-for-aia6/I6.foo')
61 69
62 i_file_aia = common.create_intermediate_certificate('I', root) 70 i_file_aia = common.create_intermediate_certificate('I', root)
63 i_file_aia.set_key(i_base.get_key()) 71 i_file_aia.set_key(i_key)
64 section = i_file_aia.config.get_section('issuer_info') 72 section = i_file_aia.config.get_section('issuer_info')
65 section.set_property('caIssuers;URI.0', 'file:///dev/null') 73 section.set_property('caIssuers;URI.0', 'file:///dev/null')
66 74
67 i_invalid_url_aia = common.create_intermediate_certificate('I', root) 75 i_invalid_url_aia = common.create_intermediate_certificate('I', root)
68 i_invalid_url_aia.set_key(i_base.get_key()) 76 i_invalid_url_aia.set_key(i_key)
69 section = i_invalid_url_aia.config.get_section('issuer_info') 77 section = i_invalid_url_aia.config.get_section('issuer_info')
70 section.set_property('caIssuers;URI.0', 'foobar') 78 section.set_property('caIssuers;URI.0', 'foobar')
71 79
72 i_file_and_http_aia = common.create_intermediate_certificate('I', root) 80 i_file_and_http_aia = common.create_intermediate_certificate('I', root)
73 i_file_and_http_aia.set_key(i_base.get_key()) 81 i_file_and_http_aia.set_key(i_key)
74 section = i_file_and_http_aia.config.get_section('issuer_info') 82 section = i_file_and_http_aia.config.get_section('issuer_info')
75 section.set_property('caIssuers;URI.0', 'file:///dev/null') 83 section.set_property('caIssuers;URI.0', 'file:///dev/null')
76 section.set_property('caIssuers;URI.1', 'http://url-for-aia2/I2.foo') 84 section.set_property('caIssuers;URI.1', 'http://url-for-aia2/I2.foo')
77 85
78 i_invalid_and_http_aia = common.create_intermediate_certificate('I', root) 86 i_invalid_and_http_aia = common.create_intermediate_certificate('I', root)
79 i_invalid_and_http_aia.set_key(i_base.get_key()) 87 i_invalid_and_http_aia.set_key(i_key)
80 section = i_invalid_and_http_aia.config.get_section('issuer_info') 88 section = i_invalid_and_http_aia.config.get_section('issuer_info')
81 section.set_property('caIssuers;URI.0', 'foobar') 89 section.set_property('caIssuers;URI.0', 'foobar')
82 section.set_property('caIssuers;URI.1', 'http://url-for-aia2/I2.foo') 90 section.set_property('caIssuers;URI.1', 'http://url-for-aia2/I2.foo')
83 91
84 92
85 # target certs 93 # target certs
86 94
87 target = common.create_end_entity_certificate('target', i_base) 95 target = common.create_end_entity_certificate('target', i_base)
96 target.set_key(target_key)
88 target.get_extensions().set_property('subjectAltName', 'DNS:target') 97 target.get_extensions().set_property('subjectAltName', 'DNS:target')
89 common.write_string_to_file(target.get_cert_pem(), 'target_one_aia.pem') 98 common.write_string_to_file(target.get_cert_pem(), 'target_one_aia.pem')
90 99
91 target = common.create_end_entity_certificate('target', i_no_aia) 100 target = common.create_end_entity_certificate('target', i_no_aia)
101 target.set_key(target_key)
92 target.get_extensions().set_property('subjectAltName', 'DNS:target') 102 target.get_extensions().set_property('subjectAltName', 'DNS:target')
93 common.write_string_to_file(target.get_cert_pem(), 'target_no_aia.pem') 103 common.write_string_to_file(target.get_cert_pem(), 'target_no_aia.pem')
94 104
95 target = common.create_end_entity_certificate('target', i_two_aia) 105 target = common.create_end_entity_certificate('target', i_two_aia)
106 target.set_key(target_key)
96 target.get_extensions().set_property('subjectAltName', 'DNS:target') 107 target.get_extensions().set_property('subjectAltName', 'DNS:target')
97 common.write_string_to_file(target.get_cert_pem(), 'target_two_aia.pem') 108 common.write_string_to_file(target.get_cert_pem(), 'target_two_aia.pem')
98 109
99 target = common.create_end_entity_certificate('target', i_three_aia) 110 target = common.create_end_entity_certificate('target', i_three_aia)
111 target.set_key(target_key)
100 target.get_extensions().set_property('subjectAltName', 'DNS:target') 112 target.get_extensions().set_property('subjectAltName', 'DNS:target')
101 common.write_string_to_file(target.get_cert_pem(), 'target_three_aia.pem') 113 common.write_string_to_file(target.get_cert_pem(), 'target_three_aia.pem')
102 114
103 target = common.create_end_entity_certificate('target', i_six_aia) 115 target = common.create_end_entity_certificate('target', i_six_aia)
116 target.set_key(target_key)
104 target.get_extensions().set_property('subjectAltName', 'DNS:target') 117 target.get_extensions().set_property('subjectAltName', 'DNS:target')
105 common.write_string_to_file(target.get_cert_pem(), 'target_six_aia.pem') 118 common.write_string_to_file(target.get_cert_pem(), 'target_six_aia.pem')
106 119
107 target = common.create_end_entity_certificate('target', i_file_aia) 120 target = common.create_end_entity_certificate('target', i_file_aia)
121 target.set_key(target_key)
108 target.get_extensions().set_property('subjectAltName', 'DNS:target') 122 target.get_extensions().set_property('subjectAltName', 'DNS:target')
109 common.write_string_to_file(target.get_cert_pem(), 'target_file_aia.pem') 123 common.write_string_to_file(target.get_cert_pem(), 'target_file_aia.pem')
110 124
111 target = common.create_end_entity_certificate('target', i_invalid_url_aia) 125 target = common.create_end_entity_certificate('target', i_invalid_url_aia)
126 target.set_key(target_key)
112 target.get_extensions().set_property('subjectAltName', 'DNS:target') 127 target.get_extensions().set_property('subjectAltName', 'DNS:target')
113 common.write_string_to_file(target.get_cert_pem(), 'target_invalid_url_aia.pem') 128 common.write_string_to_file(target.get_cert_pem(), 'target_invalid_url_aia.pem')
114 129
115 target = common.create_end_entity_certificate('target', i_file_and_http_aia) 130 target = common.create_end_entity_certificate('target', i_file_and_http_aia)
131 target.set_key(target_key)
116 target.get_extensions().set_property('subjectAltName', 'DNS:target') 132 target.get_extensions().set_property('subjectAltName', 'DNS:target')
117 common.write_string_to_file(target.get_cert_pem(), 133 common.write_string_to_file(target.get_cert_pem(),
118 'target_file_and_http_aia.pem') 134 'target_file_and_http_aia.pem')
119 135
120 target = common.create_end_entity_certificate('target', i_invalid_and_http_aia) 136 target = common.create_end_entity_certificate('target', i_invalid_and_http_aia)
137 target.set_key(target_key)
121 target.get_extensions().set_property('subjectAltName', 'DNS:target') 138 target.get_extensions().set_property('subjectAltName', 'DNS:target')
122 common.write_string_to_file(target.get_cert_pem(), 139 common.write_string_to_file(target.get_cert_pem(),
123 'target_invalid_and_http_aia.pem') 140 'target_invalid_and_http_aia.pem')
OLDNEW
« no previous file with comments | « no previous file | net/data/cert_issuer_source_aia_unittest/i.pem » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698