third_party/blink/tools/blinkpy/third_party/wpt/update_certs.py - chromium/src - Git at Google

 #!/usr/bin/env vpython
 # Copyright 2018 The Chromium Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.

 import logging
 import os
 import subprocess
 import sys

 _THIS_DIR = os.path.dirname(__file__)
 sys.path.append(os.path.join(_THIS_DIR, 'wpt', 'tools', 'wptserve', 'wptserve'))
 from sslutils.openssl import OpenSSLEnvironment


 _DOMAIN = '127.0.0.1'

 def main():
     cert_dir = os.path.join(_THIS_DIR, 'certs')

     print '===> Removing old files...'
     old_files = filter(lambda filename: '.sxg.' not in filename,
                        os.listdir(cert_dir))
     old_files = [os.path.join(cert_dir, fn) for fn in old_files]
     if subprocess.call(['git', 'rm'] + old_files) != 0:
         sys.exit(1)

     print '\n===> Regenerating keys and certificates...'
     env = OpenSSLEnvironment(logging.getLogger(__name__),
                              base_path=cert_dir,
                              force_regenerate=True,
                              duration=3000)
     with env:
         key_path, pem_path = env.host_cert_path(
             [_DOMAIN,
              # See '_subdomains' in wpt/tools/serve/serve.py.
              'www.' + _DOMAIN,
              'www1.' + _DOMAIN,
              'www2.' + _DOMAIN,
              'xn--n8j6ds53lwwkrqhv28a.' + _DOMAIN,
              'xn--lve-6lad.' + _DOMAIN])
         if subprocess.call('git add -v ' + os.path.join(cert_dir, '*'), shell=True) != 0:
             sys.exit(1)

         print '\n===> Updating wpt.config.json and base.py...'
         key_basename = os.path.basename(key_path)
         pem_basename = os.path.basename(pem_path)
         config_path = os.path.join(_THIS_DIR, 'wpt.config.json')
         if subprocess.call(['sed', '-i', '', '-E',
                             's%/[^/]+[.]key%/{key}%g;s%/[^/]+[.]pem%/{pem}%g'.format(
                                 key=key_basename, pem=pem_basename),
                             config_path]) != 0:
             sys.exit(1)
         base_py_path = os.path.join(_THIS_DIR, '..', '..',
                                     'web_tests', 'port', 'base.py')
         proc = subprocess.Popen('openssl x509 -noout -pubkey -in ' + pem_path +
                                 ' | openssl pkey -pubin -outform der'
                                 ' | openssl dgst -sha256 -binary'
                                 ' | base64', shell=True, stdout=subprocess.PIPE)
         base64, _ = proc.communicate()
         if subprocess.call(['sed', '-i', '', '-E',
                             's%WPT_FINGERPRINT = \'.*\'%WPT_FINGERPRINT = \'' +
                             base64.strip() + '\'%', base_py_path]) != 0:
             sys.exit(1)
         if subprocess.call(['git', 'add', '-v', config_path, base_py_path]) != 0:
             sys.exit(1)

         print '\n===> Certificate validity:'
         subprocess.call(['grep', 'Not After', pem_path])


 if __name__ == "__main__":
     main()
	#!/usr/bin/env vpython
	# Copyright 2018 The Chromium Authors. All rights reserved.
	# Use of this source code is governed by a BSD-style license that can be
	# found in the LICENSE file.

	import logging
	import os
	import subprocess
	import sys

	_THIS_DIR = os.path.dirname(__file__)
	sys.path.append(os.path.join(_THIS_DIR, 'wpt', 'tools', 'wptserve', 'wptserve'))
	from sslutils.openssl import OpenSSLEnvironment


	_DOMAIN = '127.0.0.1'

	def main():
	cert_dir = os.path.join(_THIS_DIR, 'certs')

	print '===> Removing old files...'
	old_files = filter(lambda filename: '.sxg.' not in filename,
	os.listdir(cert_dir))
	old_files = [os.path.join(cert_dir, fn) for fn in old_files]
	if subprocess.call(['git', 'rm'] + old_files) != 0:
	sys.exit(1)

	print '\n===> Regenerating keys and certificates...'
	env = OpenSSLEnvironment(logging.getLogger(__name__),
	base_path=cert_dir,
	force_regenerate=True,
	duration=3000)
	with env:
	key_path, pem_path = env.host_cert_path(
	[_DOMAIN,
	# See '_subdomains' in wpt/tools/serve/serve.py.
	'www.' + _DOMAIN,
	'www1.' + _DOMAIN,
	'www2.' + _DOMAIN,
	'xn--n8j6ds53lwwkrqhv28a.' + _DOMAIN,
	'xn--lve-6lad.' + _DOMAIN])
	if subprocess.call('git add -v ' + os.path.join(cert_dir, '*'), shell=True) != 0:
	sys.exit(1)

	print '\n===> Updating wpt.config.json and base.py...'
	key_basename = os.path.basename(key_path)
	pem_basename = os.path.basename(pem_path)
	config_path = os.path.join(_THIS_DIR, 'wpt.config.json')
	if subprocess.call(['sed', '-i', '', '-E',
	's%/[^/]+[.]key%/{key}%g;s%/[^/]+[.]pem%/{pem}%g'.format(
	key=key_basename, pem=pem_basename),
	config_path]) != 0:
	sys.exit(1)
	base_py_path = os.path.join(_THIS_DIR, '..', '..',
	'web_tests', 'port', 'base.py')
	proc = subprocess.Popen('openssl x509 -noout -pubkey -in ' + pem_path +
	' \| openssl pkey -pubin -outform der'
	' \| openssl dgst -sha256 -binary'
	' \| base64', shell=True, stdout=subprocess.PIPE)
	base64, _ = proc.communicate()
	if subprocess.call(['sed', '-i', '', '-E',
	's%WPT_FINGERPRINT = \'.*\'%WPT_FINGERPRINT = \'' +
	base64.strip() + '\'%', base_py_path]) != 0:
	sys.exit(1)
	if subprocess.call(['git', 'add', '-v', config_path, base_py_path]) != 0:
	sys.exit(1)

	print '\n===> Certificate validity:'
	subprocess.call(['grep', 'Not After', pem_path])


	if __name__ == "__main__":
	main()