2 # Copyright 2018 The Chromium Authors. All rights reserved.
3 # Use of this source code is governed by a BSD-style license that can be
4 # found in the LICENSE file.
11 _THIS_DIR = os.path.dirname(__file__)
12 sys.path.append(os.path.join(_THIS_DIR, 'wpt', 'tools', 'wptserve', 'wptserve'))
13 from sslutils.openssl import OpenSSLEnvironment
19 cert_dir = os.path.join(_THIS_DIR, 'certs')
21 print '===> Removing old files...'
22 old_files = filter(lambda filename: '.sxg.' not in filename,
24 old_files = [os.path.join(cert_dir, fn) for fn in old_files]
25 if subprocess.call(['git', 'rm'] + old_files) != 0:
28 print '\n===> Regenerating keys and certificates...'
29 env = OpenSSLEnvironment(logging.getLogger(__name__),
31 force_regenerate=True,
34 key_path, pem_path = env.host_cert_path(
36 # See '_subdomains' in wpt/tools/serve/serve.py.
40 'xn--n8j6ds53lwwkrqhv28a.' + _DOMAIN,
41 'xn--lve-6lad.' + _DOMAIN])
42 if subprocess.call('git add -v ' + os.path.join(cert_dir, '*'), shell=True) != 0:
45 print '\n===> Updating wpt.config.json and base.py...'
46 key_basename = os.path.basename(key_path)
47 pem_basename = os.path.basename(pem_path)
48 config_path = os.path.join(_THIS_DIR, 'wpt.config.json')
49 if subprocess.call(['sed', '-i', '', '-E',
50 's%/[^/]+[.]key%/{key}%g;s%/[^/]+[.]pem%/{pem}%g'.format(
51 key=key_basename, pem=pem_basename),
54 base_py_path = os.path.join(_THIS_DIR, '..', '..',
55 'web_tests', 'port', 'base.py')
56 proc = subprocess.Popen('openssl x509 -noout -pubkey -in ' + pem_path +
57 ' | openssl pkey -pubin -outform der'
58 ' | openssl dgst -sha256 -binary'
59 ' | base64', shell=True, stdout=subprocess.PIPE)
60 base64, _ = proc.communicate()
61 if subprocess.call(['sed', '-i', '', '-E',
62 's%WPT_FINGERPRINT = \'.*\'%WPT_FINGERPRINT = \'' +
63 base64.strip() + '\'%', base_py_path]) != 0:
65 if subprocess.call(['git', 'add', '-v', config_path, base_py_path]) != 0:
68 print '\n===> Certificate validity:'
69 subprocess.call(['grep', 'Not After', pem_path])
72 if __name__ == "__main__":