def _create_csr(self):
        """Create CSR protobuf

        Returns:
             CSR protobuf object
        """
        csr = cert_utils.create_csr(self._gateway_key, self._hw_id)
        duration = Duration()
        duration.FromTimedelta(datetime.timedelta(days=4))
        csr = CSR(
            id=Identity(gateway=Identity.Gateway(hardware_id=self._hw_id)),
            valid_time=duration,
            csr_der=csr.public_bytes(serialization.Encoding.DER),
        )
        return csr
    def test__construct_response(self, load_key_mock):
        ecdsa_key = ec.generate_private_key(ec.SECP256R1(), default_backend())

        key_types = {
            ChallengeKey.ECHO: None,
            ChallengeKey.SOFTWARE_ECDSA_SHA256: ecdsa_key,
        }
        for key_type, key in key_types.items():
            load_key_mock.return_value = key
            challenge = Challenge(key_type=key_type, challenge=b'challenge')
            response = self.manager._construct_response(challenge, CSR())
            self.assertEqual(response.hw_id.id, self.hw_id)
            self.assertEqual(response.challenge, challenge.challenge)

        challenge = Challenge(key_type=5, challenge=b'crap challenge')
        with self.assertRaises(bm.BootstrapError,
                               msg='Unknown key type: %s' %
                               challenge.key_type):
            self.manager._construct_response(challenge, CSR())