| OLD | NEW |
|---|
| (Empty) |
| 1 #!/usr/bin/python | |
| 2 # Copyright (c) 2017 The Chromium Authors. All rights reserved. | |
| 3 # Use of this source code is governed by a BSD-style license that can be | |
| 4 # found in the LICENSE file. | |
| 5 | |
| 6 """Certificate chain with 1 intermediate and a trust anchor. The trust anchor | |
| 7 has an EKU that restricts it to clientAuth. Verification is expected to fail as | |
| 8 the end-entity is verified for serverAuth, and the trust anchor enforces | |
| 9 constraints.""" | |
| 10 | |
| 11 import common | |
| 12 | |
| 13 # Self-signed root certificate (used as trust anchor) with non-CA basic | |
| 14 # constraints. | |
| 15 root = common.create_self_signed_root_certificate('Root') | |
| 16 root.get_extensions().set_property('extendedKeyUsage', 'clientAuth') | |
| 17 | |
| 18 # Intermediate certificate. | |
| 19 intermediate = common.create_intermediate_certificate('Intermediate', root) | |
| 20 | |
| 21 # Target certificate. | |
| 22 target = common.create_end_entity_certificate('Target', intermediate) | |
| 23 | |
| 24 chain = [target, intermediate] | |
| 25 trusted = common.TrustAnchor(root, constrained=True) | |
| 26 time = common.DEFAULT_TIME | |
| 27 key_purpose = common.KEY_PURPOSE_SERVER_AUTH | |
| 28 verify_result = False | |
| 29 errors = """----- Certificate i=2 (CN=Root) ----- | |
| 30 ERROR: The extended key usage does not include server auth | |
| 31 | |
| 32 """ | |
| 33 | |
| 34 common.write_test_file(__doc__, chain, trusted, time, key_purpose, | |
| 35 verify_result, errors) | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2805213004:
Refactor how net/data/verify_certificate_chain_unittest/* (Closed)
