The Tor Browser / file revision

security/manager/ssl/tests/unit/test_getchain/generate.py@6474c204b198

security/manager/ssl/tests/unit/test_getchain/generate.py

Wed, 31 Dec 2014 06:09:35 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Wed, 31 Dec 2014 06:09:35 +0100
changeset 0
6474c204b198
permissions
-rwxr-xr-x

Cloned upstream origin tor-browser at tor-browser-31.3.0esr-4.5-1-build1
revision ID fc1c9ff7c1b2defdbc039f12214767608f46423f for hacking purpose.

     1 #!/usr/bin/python

     2 

     3 # This Source Code Form is subject to the terms of the Mozilla Public

     4 # License, v. 2.0. If a copy of the MPL was not distributed with this

     5 # file, You can obtain one at http://mozilla.org/MPL/2.0/.

     6 

     7 import tempfile, os, sys

     8 import random

     9 import pexpect

    10 import subprocess

    11 import shutil

    12 

    13 libpath = os.path.abspath('../psm_common_py')

    14 

    15 sys.path.append(libpath)

    16 

    17 import CertUtils

    18 

    19 srcdir = os.getcwd()

    20 db = tempfile.mkdtemp()

    21 

    22 CA_basic_constraints = "basicConstraints = critical, CA:TRUE\n"

    23 EE_basic_constraints = "basicConstraints = CA:FALSE\n"

    24 

    25 CA_full_ku = ("keyUsage = digitalSignature, nonRepudiation, keyEncipherment, " +

    26               "dataEncipherment, keyAgreement, keyCertSign, cRLSign\n")

    27 

    28 CA_eku = ("extendedKeyUsage = critical, serverAuth, clientAuth, " +

    29           "emailProtection, codeSigning\n")

    30 

    31 authority_key_ident = "authorityKeyIdentifier = keyid, issuer\n"

    32 subject_key_ident = "subjectKeyIdentifier = hash\n"

    33 

    34 

    35 def self_sign_csr(db_dir, dst_dir, csr_name, key_file, serial_num, ext_text,

    36                   out_prefix):

    37     extensions_filename = db_dir + "/openssl-exts"

    38     f = open(extensions_filename, 'w')

    39     f.write(ext_text)

    40     f.close()

    41     cert_name = dst_dir + "/" + out_prefix + ".der"

    42     os.system ("openssl x509 -req -sha256 -days 3650 -in " + csr_name +

    43                " -signkey " + key_file +

    44                " -set_serial " + str(serial_num) +

    45                " -extfile " + extensions_filename +

    46                " -outform DER -out " + cert_name)

    47 

    48 

    49 

    50 def generate_certs():

    51     key_type = 'rsa'

    52     ca_ext = CA_basic_constraints + CA_full_ku + subject_key_ident + CA_eku;

    53     ee_ext_text = (EE_basic_constraints + authority_key_ident)

    54     [ca_key, ca_cert] = CertUtils.generate_cert_generic(db,

    55                                                         srcdir,

    56                                                         1,

    57                                                         key_type,

    58                                                         'ca',

    59                                                         ca_ext)

    60     CertUtils.generate_cert_generic(db,

    61                                     srcdir,

    62                                     100,

    63                                     key_type,

    64                                     'ee',

    65                                     ee_ext_text,

    66                                     ca_key,

    67                                     ca_cert)

    68 

    69     shutil.copy(ca_cert, srcdir + "/" + "ca-1.der")

    70     self_sign_csr(db, srcdir, db + "/ca.csr", ca_key, 2, ca_ext, "ca-2")

    71     os.remove(ca_cert);

    72 

    73 generate_certs()

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial