def _InstallTestCa(self): if not self._platform_backend.supports_test_ca: return assert not self.is_test_ca_installed, 'Test CA is already installed' if certutils.openssl_import_error: logging.warning( 'The OpenSSL module is unavailable. ' 'Browsers may fall back to ignoring certificate errors.') return if not platformsettings.HasSniSupport(): logging.warning( 'Web Page Replay requires SNI support (pyOpenSSL 0.13 or greater) ' 'to generate certificates from a test CA. ' 'Browsers may fall back to ignoring certificate errors.') return self._wpr_ca_cert_path = os.path.join(tempfile.mkdtemp(), 'testca.pem') try: certutils.write_dummy_ca_cert(*certutils.generate_dummy_ca_cert(), cert_path=self._wpr_ca_cert_path) self._platform_backend.InstallTestCa(self._wpr_ca_cert_path) logging.info( 'Test certificate authority installed on target platform.') except Exception: logging.exception( 'Failed to install test certificate authority on target platform. ' 'Browsers may fall back to ignoring certificate errors.') self._RemoveTestCa()
def InstallTestCa(self): """Install a randomly generated root CA on the android device. This allows transparent HTTPS testing with WPR server without need to tweak application network stack. """ # TODO(slamm): Move certificate creation related to webpagereplay.py. # The only code that needs to be in platform backend is installing the cert. if certutils.openssl_import_error: logging.warning('The OpenSSL module is unavailable. ' 'Will fallback to ignoring certificate errors.') return if not platformsettings.HasSniSupport(): logging.warning( 'Web Page Replay requires SNI support (pyOpenSSL 0.13 or greater) ' 'to generate certificates from a test CA. ' 'Will fallback to ignoring certificate errors.') return try: self._wpr_ca_cert_path = os.path.join(tempfile.mkdtemp(), 'testca.pem') certutils.write_dummy_ca_cert(*certutils.generate_dummy_ca_cert(), cert_path=self._wpr_ca_cert_path) self._device_cert_util = adb_install_cert.AndroidCertInstaller( self._device.adb.GetDeviceSerial(), None, self._wpr_ca_cert_path) logging.info('Installing test certificate authority on device: %s', str(self._device)) self._device_cert_util.install_cert(overwrite_cert=True) self._is_test_ca_installed = True except Exception as e: # Fallback to ignoring certificate errors. self.RemoveTestCa() logging.warning( 'Unable to install test certificate authority on device: %s. ' 'Will fallback to ignoring certificate errors. Install error: %s', str(self._device), e)
def _CheckFeatureSupport(self): if (self._options.should_generate_certs and not platformsettings.HasSniSupport()): self._parser.error('Option --should_generate_certs requires pyOpenSSL ' '0.13 or greater for SNI support.')
def test_has_sni(self): # Check that no exception is raised. platformsettings.HasSniSupport()