1#!/usr/bin/env python 2# Copyright 2021 The Chromium Authors 3# Use of this source code is governed by a BSD-style license that can be 4# found in the LICENSE file. 5""" 6A chain with a self-signed Root1 and a Root1 cross signed by Root2. The 7cross-signed root has a newer notBefore date than the self-signed one. 8""" 9 10import sys 11sys.path += ['../..'] 12 13import gencerts 14 15DATE_A = '150101120000Z' 16DATE_B = '150102120000Z' 17DATE_Z = '180101120000Z' 18 19root1 = gencerts.create_self_signed_root_certificate('Root1') 20root1.set_validity_range(DATE_A, DATE_Z) 21 22root2 = gencerts.create_self_signed_root_certificate('Root2') 23root2.set_validity_range(DATE_A, DATE_Z) 24 25root1_cross = gencerts.create_intermediate_certificate('Root1', root2) 26root1_cross.set_key(root1.get_key()) 27root1_cross.set_validity_range(DATE_B, DATE_Z) 28 29target = gencerts.create_end_entity_certificate('Target', root1) 30target.set_validity_range(DATE_A, DATE_Z) 31 32gencerts.write_chain('Root1', [root1], out_pem='root1.pem') 33gencerts.write_chain('Root2', [root2], out_pem='root2.pem') 34gencerts.write_chain( 35 'Root1 cross-signed by Root2, with a newer notBefore date' 36 ' than Root1', [root1_cross], 37 out_pem='root1_cross.pem') 38gencerts.write_chain('Target', [target], out_pem='target.pem') 39