1#!/usr/bin/env python 2# Copyright 2018 The Chromium Authors 3# Use of this source code is governed by a BSD-style license that can be 4# found in the LICENSE file. 5 6"""Certificate chain where both the intermediate and target certificates have 7incorrect signatures.""" 8 9import sys 10sys.path += ['../..'] 11 12import gencerts 13 14# Self-signed root certificate. 15root = gencerts.create_self_signed_root_certificate('Root') 16 17# Actual root that was used to sign the intermediate certificate. It has the 18# same subject as expected, but a different RSA key from the certificate 19# included in the actual chain. 20wrong_root = gencerts.create_self_signed_root_certificate('Root') 21 22# Intermediate certificate to include in the certificate chain. 23intermediate = gencerts.create_intermediate_certificate('Intermediate', 24 wrong_root) 25 26# Actual intermediate that was used to sign the target certificate. It has the 27# same subject as expected, but a different RSA key from the certificate 28# included in the actual chain. 29wrong_intermediate = gencerts.create_intermediate_certificate('Intermediate', 30 root) 31 32# Target certificate, signed using |wrong_intermediate| NOT |intermediate|. 33target = gencerts.create_end_entity_certificate('Target', wrong_intermediate) 34 35chain = [target, intermediate, root] 36gencerts.write_chain(__doc__, chain, 'chain.pem') 37