The Tor Browser / file comparison

comparison: security/manager/ssl/tests/unit/test_getchain/generate.py

security/manager/ssl/tests/unit/test_getchain/generate.py

changeset 0
6474c204b198
equal deleted inserted replaced
-1:000000000000 0:d607bdaa2620
1 #!/usr/bin/python
2
3 # This Source Code Form is subject to the terms of the Mozilla Public
4 # License, v. 2.0. If a copy of the MPL was not distributed with this
5 # file, You can obtain one at http://mozilla.org/MPL/2.0/.
6
7 import tempfile, os, sys
8 import random
9 import pexpect
10 import subprocess
11 import shutil
12
13 libpath = os.path.abspath('../psm_common_py')
14
15 sys.path.append(libpath)
16
17 import CertUtils
18
19 srcdir = os.getcwd()
20 db = tempfile.mkdtemp()
21
22 CA_basic_constraints = "basicConstraints = critical, CA:TRUE\n"
23 EE_basic_constraints = "basicConstraints = CA:FALSE\n"
24
25 CA_full_ku = ("keyUsage = digitalSignature, nonRepudiation, keyEncipherment, " +
26 "dataEncipherment, keyAgreement, keyCertSign, cRLSign\n")
27
28 CA_eku = ("extendedKeyUsage = critical, serverAuth, clientAuth, " +
29 "emailProtection, codeSigning\n")
30
31 authority_key_ident = "authorityKeyIdentifier = keyid, issuer\n"
32 subject_key_ident = "subjectKeyIdentifier = hash\n"
33
34
35 def self_sign_csr(db_dir, dst_dir, csr_name, key_file, serial_num, ext_text,
36 out_prefix):
37 extensions_filename = db_dir + "/openssl-exts"
38 f = open(extensions_filename, 'w')
39 f.write(ext_text)
40 f.close()
41 cert_name = dst_dir + "/" + out_prefix + ".der"
42 os.system ("openssl x509 -req -sha256 -days 3650 -in " + csr_name +
43 " -signkey " + key_file +
44 " -set_serial " + str(serial_num) +
45 " -extfile " + extensions_filename +
46 " -outform DER -out " + cert_name)
47
48
49
50 def generate_certs():
51 key_type = 'rsa'
52 ca_ext = CA_basic_constraints + CA_full_ku + subject_key_ident + CA_eku;
53 ee_ext_text = (EE_basic_constraints + authority_key_ident)
54 [ca_key, ca_cert] = CertUtils.generate_cert_generic(db,
55 srcdir,
56 1,
57 key_type,
58 'ca',
59 ca_ext)
60 CertUtils.generate_cert_generic(db,
61 srcdir,
62 100,
63 key_type,
64 'ee',
65 ee_ext_text,
66 ca_key,
67 ca_cert)
68
69 shutil.copy(ca_cert, srcdir + "/" + "ca-1.der")
70 self_sign_csr(db, srcdir, db + "/ca.csr", ca_key, 2, ca_ext, "ca-2")
71 os.remove(ca_cert);
72
73 generate_certs()

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial