1#!/usr/bin/env python 2# Copyright 2021 The Chromium Authors 3# 4# Licensed under the Apache License, Version 2.0 (the "License"); 5# you may not use this file except in compliance with the License. 6# You may obtain a copy of the License at 7# 8# https://www.apache.org/licenses/LICENSE-2.0 9# 10# Unless required by applicable law or agreed to in writing, software 11# distributed under the License is distributed on an "AS IS" BASIS, 12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13# See the License for the specific language governing permissions and 14# limitations under the License. 15""" 16A chain with a self-signed Root1 and a Root1 cross signed by Root2. The 17cross-signed root has a newer notBefore date than the self-signed one. 18""" 19 20import sys 21sys.path += ['../..'] 22 23import gencerts 24 25DATE_A = '150101120000Z' 26DATE_B = '150102120000Z' 27DATE_Z = '180101120000Z' 28 29root1 = gencerts.create_self_signed_root_certificate('Root1') 30root1.set_validity_range(DATE_A, DATE_Z) 31 32root2 = gencerts.create_self_signed_root_certificate('Root2') 33root2.set_validity_range(DATE_A, DATE_Z) 34 35root1_cross = gencerts.create_intermediate_certificate('Root1', root2) 36root1_cross.set_key(root1.get_key()) 37root1_cross.set_validity_range(DATE_B, DATE_Z) 38 39target = gencerts.create_end_entity_certificate('Target', root1) 40target.set_validity_range(DATE_A, DATE_Z) 41 42gencerts.write_chain('Root1', [root1], out_pem='root1.pem') 43gencerts.write_chain('Root2', [root2], out_pem='root2.pem') 44gencerts.write_chain( 45 'Root1 cross-signed by Root2, with a newer notBefore date' 46 ' than Root1', [root1_cross], 47 out_pem='root1_cross.pem') 48gencerts.write_chain('Target', [target], out_pem='target.pem') 49