The Tor Browser / file diff

     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/security/manager/ssl/tests/unit/test_cert_trust/generate.py	Wed Dec 31 06:09:35 2014 +0100
     1.3 @@ -0,0 +1,72 @@
     1.4 +#!/usr/bin/python
     1.5 +# -*- Mode: python; c-basic-offset: 4; indent-tabs-mode: nil; tab-width: 40 -*-
     1.6 +# vim: set filetype=python:
     1.7 +#
     1.8 +# This Source Code Form is subject to the terms of the Mozilla Public
     1.9 +# License, v. 2.0. If a copy of the MPL was not distributed with this
    1.10 +# file, You can obtain one at http://mozilla.org/MPL/2.0/.
    1.11 +
    1.12 +import tempfile, os, sys
    1.13 +import random
    1.14 +import pexpect
    1.15 +import subprocess
    1.16 +import shutil
    1.17 +
    1.18 +libpath = os.path.abspath('../psm_common_py')
    1.19 +
    1.20 +sys.path.append(libpath)
    1.21 +
    1.22 +import CertUtils
    1.23 +
    1.24 +srcdir = os.getcwd()
    1.25 +db = tempfile.mkdtemp()
    1.26 +
    1.27 +CA_basic_constraints = "basicConstraints = critical, CA:TRUE\n"
    1.28 +EE_basic_constraints = "basicConstraints = CA:FALSE\n"
    1.29 +
    1.30 +CA_full_ku = ("keyUsage = digitalSignature, nonRepudiation, keyEncipherment, " +
    1.31 +              "dataEncipherment, keyAgreement, keyCertSign, cRLSign\n")
    1.32 +
    1.33 +CA_eku = ("extendedKeyUsage = critical, serverAuth, clientAuth, " +
    1.34 +          "emailProtection, codeSigning\n")
    1.35 +
    1.36 +authority_key_ident = "authorityKeyIdentifier = keyid, issuer\n"
    1.37 +subject_key_ident = "subjectKeyIdentifier = hash\n"
    1.38 +
    1.39 +
    1.40 +
    1.41 +def generate_certs():
    1.42 +    key_type = 'rsa'
    1.43 +    ca_ext = CA_basic_constraints + CA_full_ku + subject_key_ident + CA_eku;
    1.44 +    ee_ext_text = (EE_basic_constraints + authority_key_ident)
    1.45 +    [ca_key, ca_cert] = CertUtils.generate_cert_generic(db,
    1.46 +                                                        srcdir,
    1.47 +                                                        1,
    1.48 +                                                        key_type,
    1.49 +                                                        'ca',
    1.50 +                                                        ca_ext)
    1.51 +
    1.52 +    [int_key, int_cert] = CertUtils.generate_cert_generic(db,
    1.53 +                                    srcdir,
    1.54 +                                    103,
    1.55 +                                    key_type,
    1.56 +                                    'int',
    1.57 +                                    ca_ext,
    1.58 +                                    ca_key,
    1.59 +                                    ca_cert)
    1.60 +
    1.61 +    #now the ee
    1.62 +    CertUtils.generate_cert_generic(db,
    1.63 +                                    srcdir,
    1.64 +                                    100,
    1.65 +                                    key_type,
    1.66 +                                    'ee',
    1.67 +                                    ee_ext_text,
    1.68 +                                    int_key,
    1.69 +                                    int_cert)
    1.70 +
    1.71 +
    1.72 +
    1.73 +
    1.74 +
    1.75 +generate_certs()