| OLD | NEW |
|---|
| (Empty) |
| 1 #!/usr/bin/python | |
| 2 # Copyright (c) 2015 The Chromium Authors. All rights reserved. | |
| 3 # Use of this source code is governed by a BSD-style license that can be | |
| 4 # found in the LICENSE file. | |
| 5 | |
| 6 """Certificate chain with 1 intermediate, a trusted root, and a target | |
| 7 certificate that is not a CA, and yet has the keyCertSign bit set. Verification | |
| 8 is expected to fail, since keyCertSign should only be asserted when CA is | |
| 9 true.""" | |
| 10 | |
| 11 import common | |
| 12 | |
| 13 # Self-signed root certificate (used as trust anchor). | |
| 14 root = common.create_self_signed_root_certificate('Root') | |
| 15 | |
| 16 # Intermediate certificate. | |
| 17 intermediate = common.create_intermediate_certificate('Intermediate', root) | |
| 18 | |
| 19 # Target certificate (end entity but has keyCertSign bit set). | |
| 20 target = common.create_end_entity_certificate('Target', intermediate) | |
| 21 target.get_extensions().set_property('keyUsage', | |
| 22 'critical,digitalSignature,keyEncipherment,keyCertSign') | |
| 23 | |
| 24 | |
| 25 chain = [target, intermediate] | |
| 26 trusted = common.TrustAnchor(root, constrained=False) | |
| 27 time = common.DEFAULT_TIME | |
| 28 key_purpose = common.DEFAULT_KEY_PURPOSE | |
| 29 verify_result = False | |
| 30 errors = """----- Certificate i=0 (CN=Target) ----- | |
| 31 ERROR: Target certificate looks like a CA but does not set all CA properties | |
| 32 | |
| 33 """ | |
| 34 | |
| 35 common.write_test_file(__doc__, chain, trusted, time, key_purpose, | |
| 36 verify_result, errors) | |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2805213004:
Refactor how net/data/verify_certificate_chain_unittest/* (Closed)
