web_page_replay_go/src/webpagereplay/installroot.go - Issue 2997573003: [wpr-go] Add support install test root CA on Android

Side by Side Diff: web_page_replay_go/src/webpagereplay/installroot.go

Issue 2997573003: [wpr-go] Add support install test root CA on Android (Closed)

Patch Set: Created 3 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

« web_page_replay_go/src/webpagereplay/adb_cert_installer.go ('K') | « web_page_replay_go/src/webpagereplay/adb_cert_installer.go ('k') | web_page_replay_go/src/wpr.go » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2017 The Chromium Authors. All rights reserved.	1 // Copyright 2017 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 package webpagereplay	5 package webpagereplay

6	6

7 import (	7 import (

	8 "crypto/tls"

8 "fmt"	9 "fmt"

9 "os"	10 "os"

10 "os/exec"	11 "os/exec"

11 "path/filepath"	12 "path/filepath"

12 "runtime"	13 "runtime"

13 )	14 )

14	15

15 func getCAName() string {	16 func getCAName() string {

16 return "wpr-local"	17 return "wpr-local"

17 }	18 }

18 func getDbPath() string {	19 func getDbPath() string {

19 return "sql:" + filepath.Join(os.Getenv("HOME"), ".pki/nssdb")	20 return "sql:" + filepath.Join(os.Getenv("HOME"), ".pki/nssdb")

20 }	21 }

21	22

22 // TODO: Implement root CA installation for platforms other than Linux.	23 // TODO: Implement root CA installation for platforms other than Linux.

23 func InstallRoot(derBytes []byte) error {	24 func InstallRoot(certPath string, keyPath string, isAndroid bool) error {

24 if runtime.GOOS != "linux" {	25 if runtime.GOOS != "linux" {

25 fmt.Printf("Root certificate is skipped for %s\n", runtime.GOOS)	26 fmt.Printf("Root certificate is skipped for %s\n", runtime.GOOS)

26 return nil	27 return nil

27 }	28 }

	29 if isAndroid {
	Tom Bergan 2017/08/09 15:20:51 Do you want to do this before the runtime.GOOS che Do you want to do this before the runtime.GOOS check? (If AdbInstallRoot only works on linux, I'd add another runtime.GOOS check there.) xunjieli 2017/08/09 15:51:32 Done. I added a check here. Show quoted text On 2017/08/09 15:20:51, Tom Bergan wrote: > Do you want to do this before the runtime.GOOS check? (If AdbInstallRoot only > works on linux, I'd add another runtime.GOOS check there.) Done. I added a check here.
	30 fmt.Println("Installing test root CA on Android...")

	31 return AdbInstallRoot(certPath)

	32 }

	33 fmt.Printf("Loading cert from %v\n", certPath)

	34 fmt.Printf("Loading key from %v\n", keyPath)

	35 rootCert, err := tls.LoadX509KeyPair(certPath, keyPath)

	36 derBytes := rootCert.Certificate[0]

	37 if err != nil {

	38 return fmt.Errorf("error opening cert or key files: %v", err)

	39 }

28 CAName := getCAName()	40 CAName := getCAName()

29 dbPath := getDbPath()	41 dbPath := getDbPath()

30	42

31 fmt.Printf("Attempting to install root certificate in %q\n", dbPath)	43 fmt.Printf("Attempting to install root certificate in %q\n", dbPath)

32	44

33 » RemoveRoot()	45 » RemoveRoot(isAndroid)

34 cmd := exec.Command("certutil", "-d", dbPath, "-A", "-n", CAName, "-t", "C,p,p")	46 cmd := exec.Command("certutil", "-d", dbPath, "-A", "-n", CAName, "-t", "C,p,p")

35 cmd.Stdout = os.Stdout	47 cmd.Stdout = os.Stdout

36 cmd.Stderr = os.Stderr	48 cmd.Stderr = os.Stderr

37	49

38 stdin, err := cmd.StdinPipe()	50 stdin, err := cmd.StdinPipe()

39 if err != nil {	51 if err != nil {

40 return err	52 return err

41 }	53 }

42 if err := cmd.Start(); err != nil {	54 if err := cmd.Start(); err != nil {

43 return err	55 return err

44 }	56 }

45 if _, err := stdin.Write(derBytes); err != nil {	57 if _, err := stdin.Write(derBytes); err != nil {

46 return err	58 return err

47 }	59 }

48 stdin.Close()	60 stdin.Close()

49 if err := cmd.Wait(); err != nil {	61 if err := cmd.Wait(); err != nil {

50 return fmt.Errorf("NSS certutil failed: %s\n", err)	62 return fmt.Errorf("NSS certutil failed: %s\n", err)

51 }	63 }

52	64

53 fmt.Println("Root certificate should now be installed for NSS (i.e. Chro me).")	65 fmt.Println("Root certificate should now be installed for NSS (i.e. Chro me).")

54 return err	66 return err

55 }	67 }

56	68

57 func RemoveRoot() {	69 func RemoveRoot(isAndroid bool) {

58 if runtime.GOOS != "linux" {	70 if runtime.GOOS != "linux" {

59 fmt.Printf("Root certificate is skipped for %s\n", runtime.GOOS)	71 fmt.Printf("Root certificate is skipped for %s\n", runtime.GOOS)

60 return	72 return

61 }	73 }

	74 if isAndroid {
	Tom Bergan 2017/08/09 15:20:50 ditto here ditto here xunjieli 2017/08/09 15:51:32 Done. Show quoted text On 2017/08/09 15:20:50, Tom Bergan wrote: > ditto here Done.
	75 fmt.Println("Uninstalling test root CA on Android...")

	76 err := AdbUninstallRoot()

	77 if err != nil {

	78 fmt.Fprintf(os.Stderr, "remove test root CA on android d evice failed %v", err)

	79 }

	80 return

	81 }

62 fmt.Printf("Removing root certificate %s from NSS (i.e. Chrome)\n", getC AName())	82 fmt.Printf("Removing root certificate %s from NSS (i.e. Chrome)\n", getC AName())

63 // Try to delete any existing certificate. We ignore failures since the	83 // Try to delete any existing certificate. We ignore failures since the

64 // root might not yet exist.	84 // root might not yet exist.

65 cmd := exec.Command("certutil", "-d", getDbPath(), "-D", "-n", getCAName ())	85 cmd := exec.Command("certutil", "-d", getDbPath(), "-D", "-n", getCAName ())

66 cmd.Run()	86 cmd.Run()

67 }	87 }

OLD	NEW