diff --git a/tools/releasetools/common.py b/tools/releasetools/common.py index 370710ecaf..0c878571c3 100644 --- a/tools/releasetools/common.py +++ b/tools/releasetools/common.py @@ -1800,17 +1800,23 @@ def GetTypeAndDevice(mount_point, info): def ParseCertificate(data): - """Parse a PEM-format certificate.""" - cert = [] + """Parses and converts a PEM-encoded certificate into DER-encoded. + + This gives the same result as `openssl x509 -in -outform DER`. + + Returns: + The decoded certificate string. + """ + cert_buffer = [] save = False for line in data.split("\n"): if "--END CERTIFICATE--" in line: break if save: - cert.append(line) + cert_buffer.append(line) if "--BEGIN CERTIFICATE--" in line: save = True - cert = "".join(cert).decode('base64') + cert = "".join(cert_buffer).decode('base64') return cert diff --git a/tools/releasetools/test_common.py b/tools/releasetools/test_common.py index 619eda54f8..c073eba0d6 100644 --- a/tools/releasetools/test_common.py +++ b/tools/releasetools/test_common.py @@ -15,6 +15,7 @@ # import os +import subprocess import tempfile import time import unittest @@ -402,6 +403,9 @@ class CommonApkUtilsTest(unittest.TestCase): 'Compressed4.apk' : 'certs/compressed4', } + def setUp(self): + self.testdata_dir = test_utils.get_testdata_dir() + def tearDown(self): common.Cleanup() @@ -479,17 +483,27 @@ class CommonApkUtilsTest(unittest.TestCase): self.assertRaises(ValueError, common.ReadApkCerts, input_zip) def test_ExtractPublicKey(self): - testdata_dir = test_utils.get_testdata_dir() - cert = os.path.join(testdata_dir, 'testkey.x509.pem') - pubkey = os.path.join(testdata_dir, 'testkey.pubkey.pem') + cert = os.path.join(self.testdata_dir, 'testkey.x509.pem') + pubkey = os.path.join(self.testdata_dir, 'testkey.pubkey.pem') with open(pubkey, 'rb') as pubkey_fp: self.assertEqual(pubkey_fp.read(), common.ExtractPublicKey(cert)) def test_ExtractPublicKey_invalidInput(self): - testdata_dir = test_utils.get_testdata_dir() - wrong_input = os.path.join(testdata_dir, 'testkey.pk8') + wrong_input = os.path.join(self.testdata_dir, 'testkey.pk8') self.assertRaises(AssertionError, common.ExtractPublicKey, wrong_input) + def test_ParseCertificate(self): + cert = os.path.join(self.testdata_dir, 'testkey.x509.pem') + + cmd = ['openssl', 'x509', '-in', cert, '-outform', 'DER'] + proc = common.Run(cmd, stdout=subprocess.PIPE, stderr=subprocess.PIPE) + expected, _ = proc.communicate() + self.assertEqual(0, proc.returncode) + + with open(cert) as cert_fp: + actual = common.ParseCertificate(cert_fp.read()) + self.assertEqual(expected, actual) + class CommonUtilsTest(unittest.TestCase):