| #!/usr/bin/env python |
| # Copyright 2019 The Chromium Authors |
| # Use of this source code is governed by a BSD-style license that can be |
| # found in the LICENSE file. |
| """This script is called without any arguments to re-generate all of the *.pem |
| files in the script's directory. |
| |
| The https://github.com/google/der-ascii tools must be in the PATH. |
| """ |
| |
| import base64 |
| import subprocess |
| import os |
| |
| |
| HEADER = "Generated by %s. Do not edit." % os.path.split(__file__)[1] |
| |
| |
| def Ascii2Der(txt): |
| p = subprocess.Popen(['ascii2der'], |
| stdin=subprocess.PIPE, |
| stdout=subprocess.PIPE, |
| stderr=subprocess.PIPE) |
| stdout_data, stderr_data = p.communicate(txt) |
| if p.returncode: |
| raise RuntimeError('ascii2der returned %i: %s' % (p.returncode, |
| stderr_data)) |
| return stdout_data |
| |
| |
| def MakePemBlock(text, der, name): |
| b64 = base64.b64encode(der) |
| wrapped = '\n'.join(b64[pos:pos + 64] for pos in xrange(0, len(b64), 64)) |
| return '%s\n\n%s\n-----BEGIN %s-----\n%s\n-----END %s-----' % ( |
| HEADER, text, name, wrapped, name) |
| |
| |
| def Generate(path, dertext): |
| der = Ascii2Der(dertext) |
| data = MakePemBlock(dertext, der, 'AUTHORITY_KEY_IDENTIFIER') |
| with open(path, "w") as f: |
| f.write(data) |
| |
| |
| Generate('empty_sequence.pem', 'SEQUENCE {}') |
| |
| Generate('key_identifier.pem', """ |
| SEQUENCE { |
| [0 PRIMITIVE] { `DEADB00F`} |
| } |
| """) |
| |
| Generate('issuer_and_serial.pem', """ |
| SEQUENCE { |
| [1] { |
| [4] { |
| SEQUENCE { |
| SET { |
| SEQUENCE { |
| # commonName |
| OBJECT_IDENTIFIER { 2.5.4.3 } |
| UTF8String { "Root" } |
| } |
| } |
| } |
| } |
| } |
| [2 PRIMITIVE] { `274f` } |
| } |
| """) |
| |
| Generate('url_issuer_and_serial.pem', """ |
| SEQUENCE { |
| [1] { |
| [6 PRIMITIVE] { "http://example.com" } |
| } |
| [2 PRIMITIVE] { `274f` } |
| } |
| """) |
| |
| Generate('key_identifier_and_issuer_and_serial.pem', """ |
| SEQUENCE { |
| [0 PRIMITIVE] { `DEADB00F`} |
| [1] { |
| [4] { |
| SEQUENCE { |
| SET { |
| SEQUENCE { |
| # commonName |
| OBJECT_IDENTIFIER { 2.5.4.3 } |
| UTF8String { "Root" } |
| } |
| } |
| } |
| } |
| } |
| [2 PRIMITIVE] { `274f` } |
| } |
| """) |
| |
| Generate('issuer_only.pem', """ |
| SEQUENCE { |
| [1] { |
| [4] { |
| SEQUENCE { |
| SET { |
| SEQUENCE { |
| # commonName |
| OBJECT_IDENTIFIER { 2.5.4.3 } |
| UTF8String { "Root" } |
| } |
| } |
| } |
| } |
| } |
| } |
| """) |
| |
| Generate('serial_only.pem', """ |
| SEQUENCE { |
| [2 PRIMITIVE] { `274f` } |
| } |
| """) |
| |
| Generate('invalid_contents.pem', """ |
| SEQUENCE { |
| INTEGER {`1234`} |
| } |
| """) |
| |
| Generate('invalid_key_identifier.pem', """ |
| SEQUENCE { |
| # Tag and Length for [0 PRIMITIVE], but no data. |
| `8004` |
| } |
| """) |
| |
| Generate('invalid_issuer.pem', """ |
| SEQUENCE { |
| [0 PRIMITIVE] { `DEADB00F`} |
| # Tag and Length for [1] {...}, but no data. |
| `a104` |
| } |
| """) |
| |
| Generate('invalid_serial.pem', """ |
| SEQUENCE { |
| [0 PRIMITIVE] { `DEADB00F`} |
| [1] {} |
| # Tag and Length for [2 PRIMITIVE], but no data. |
| `8204` |
| } |
| """) |
| |
| Generate('extra_contents_after_issuer_and_serial.pem', """ |
| SEQUENCE { |
| [1] { |
| [4] { |
| SEQUENCE { |
| SET { |
| SEQUENCE { |
| # commonName |
| OBJECT_IDENTIFIER { 2.5.4.3 } |
| UTF8String { "Root" } |
| } |
| } |
| } |
| } |
| } |
| [2 PRIMITIVE] { `274f` } |
| INTEGER {`1234`} |
| } |
| """) |
| |
| Generate('extra_contents_after_extension_sequence.pem', """ |
| SEQUENCE { |
| [0 PRIMITIVE] { `DEADB00F`} |
| } |
| INTEGER {`1234`} |
| """) |
