def test_generate_cert(self):
ca_cert_path = os.path.join(self._temp_dir, 'testCA.pem')
issuer = 'testIssuer'
certutils.write_dummy_ca_cert(
*certutils.generate_dummy_ca_cert(issuer), cert_path=ca_cert_path)
with open(ca_cert_path, 'r') as root_file:
root_string = root_file.read()
subject = 'testSubject'
cert_string = certutils.generate_cert(
root_string, '', subject)
cert = certutils.load_cert(cert_string)
self.assertEqual(issuer, cert.get_issuer().commonName)
self.assertEqual(subject, cert.get_subject().commonName)
with open(ca_cert_path, 'r') as ca_cert_file:
ca_cert_str = ca_cert_file.read()
cert_string = certutils.generate_cert(ca_cert_str, cert_string,
'host.com')
cert = certutils.load_cert(cert_string)
self.assertEqual(issuer, cert.get_issuer().commonName)
self.assertEqual(subject, cert.get_subject().commonName)
self.assertEqual(2, cert.get_version())
self.assertEqual(2, cert.get_extension_count())
self.assertEqual(b"subjectAltName", cert.get_extension(0).get_short_name())
self.assertEqual(b"extendedKeyUsage",
cert.get_extension(1).get_short_name())
def test_generate_cert(self):
ca_cert_path = os.path.join(self._temp_dir, 'testCA.pem')
issuer = 'testIssuer'
certutils.write_dummy_ca_cert(
*certutils.generate_dummy_ca_cert(issuer), cert_path=ca_cert_path)
with open(ca_cert_path, 'r') as root_file:
root_string = root_file.read()
subject = 'testSubject'
cert_string = certutils.generate_cert(root_string, '', subject)
cert = certutils.load_cert(cert_string)
self.assertEqual(issuer, cert.get_issuer().commonName)
self.assertEqual(subject, cert.get_subject().commonName)
with open(ca_cert_path, 'r') as ca_cert_file:
ca_cert_str = ca_cert_file.read()
cert_string = certutils.generate_cert(ca_cert_str, cert_string,
'host.com')
cert = certutils.load_cert(cert_string)
self.assertEqual(issuer, cert.get_issuer().commonName)
self.assertEqual(subject, cert.get_subject().commonName)
self.assertEqual(2, cert.get_version())
self.assertEqual(2, cert.get_extension_count())
self.assertEqual(b"subjectAltName",
cert.get_extension(0).get_short_name())
self.assertEqual(b"extendedKeyUsage",
cert.get_extension(1).get_short_name())
def test_generate_cert(self):
ca_cert_path = os.path.join(self._temp_dir, 'testCA.pem')
issuer = 'testIssuer'
certutils.write_dummy_ca_cert(
*certutils.generate_dummy_ca_cert(issuer), cert_path=ca_cert_path)
with open(ca_cert_path, 'r') as root_file:
root_string = root_file.read()
subject = 'testSubject'
cert_string = certutils.generate_cert(root_string, '', subject)
cert = certutils.load_cert(cert_string)
self.assertEqual(issuer, cert.get_issuer().commonName)
self.assertEqual(subject, cert.get_subject().commonName)
with open(ca_cert_path, 'r') as ca_cert_file:
ca_cert_str = ca_cert_file.read()
cert_string = certutils.generate_cert(ca_cert_str, cert_string, 'host')
cert = certutils.load_cert(cert_string)
self.assertEqual(issuer, cert.get_issuer().commonName)
self.assertEqual(subject, cert.get_subject().commonName)
def test_generate_cert(self):
ca_cert_path = os.path.join(self._temp_dir, 'testCA.pem')
issuer = 'testIssuer'
certutils.write_dummy_ca_cert(
*certutils.generate_dummy_ca_cert(issuer), cert_path=ca_cert_path)
with open(ca_cert_path, 'r') as root_file:
root_string = root_file.read()
subject = 'testSubject'
cert_string = certutils.generate_cert(
root_string, '', subject)
cert = certutils.load_cert(cert_string)
self.assertEqual(issuer, cert.get_issuer().commonName)
self.assertEqual(subject, cert.get_subject().commonName)
with open(ca_cert_path, 'r') as ca_cert_file:
ca_cert_str = ca_cert_file.read()
cert_string = certutils.generate_cert(ca_cert_str, cert_string,
'host')
cert = certutils.load_cert(cert_string)
self.assertEqual(issuer, cert.get_issuer().commonName)
self.assertEqual(subject, cert.get_subject().commonName)
def get_certificate(self, host):
if host in self._host_to_cert_map:
return self._host_to_cert_map[host]
server_cert = self.http_archive_fetch.http_archive.get_server_cert(host)
if server_cert in self._server_cert_to_cert_map:
cert = self._server_cert_to_cert_map[server_cert]
self._host_to_cert_map[host] = cert
return cert
cert = certutils.generate_cert(self._ca_cert_str, server_cert, host)
self._server_cert_to_cert_map[server_cert] = cert
self._host_to_cert_map[host] = cert
return cert
def get_certificate(self, host):
if host in self._host_to_cert_map:
return self._host_to_cert_map[host]
server_cert = self.http_archive_fetch.http_archive.get_server_cert(
host)
if server_cert in self._server_cert_to_cert_map:
cert = self._server_cert_to_cert_map[server_cert]
self._host_to_cert_map[host] = cert
return cert
cert = certutils.generate_cert(self._ca_cert_str, server_cert, host)
self._server_cert_to_cert_map[server_cert] = cert
self._host_to_cert_map[host] = cert
return cert
def get_certificate(self, host): return certutils.generate_cert(self.ca_cert_str, '', host)
def get_certificate(self, host):
return certutils.generate_cert(self.ca_cert_str, '', host)
def _generate_cert(self, host):
"""Generate cert with the SNI field from the real server's response."""
root_ca_cert_str = self._get_root_cert()
return certutils.generate_cert(
root_ca_cert_str, self._get_server_cert(host), host)