def test_sign_csr(self):
self.sign_csr_mocks()
cert.sign_csr('acsr', 'secretkey', ca_cert='cacert')
self.serialization.load_pem_private_key.assert_called_with(
b'secretkey', password=None, backend=self.expect_bend)
self.cryptography.x509.load_pem_x509_csr.assert_called_with(
b'acsr', self.expect_bend)
self.cryptography.x509.load_pem_x509_certificate.assert_called_with(
b'cacert', self.expect_bend)
def test_sign_csr_issuer_name(self):
self.sign_csr_mocks()
cert.sign_csr('acsr', 'secretkey', issuer_name='issuer')
self.serialization.load_pem_private_key.assert_called_with(
b'secretkey', password=None, backend=self.expect_bend)
self.cryptography.x509.load_pem_x509_csr.assert_called_with(
b'acsr', self.expect_bend)
self.bcons_mock.assert_called_with(ca=False, path_length=None)
self.builder_mock.issuer_name.assert_called_once_with('issuer')
self.builder_mock.add_extension.assert_called_once_with(
self.bcons_mock(), critical=True)
def test_sign_csr_key_password(self):
self.sign_csr_mocks()
cert.sign_csr('acsr',
'secretkey',
ca_cert='cacert',
ca_private_key_password='******')
self.serialization.load_pem_private_key.assert_called_with(
b'secretkey', password='******', backend=self.expect_bend)
self.cryptography.x509.load_pem_x509_csr.assert_called_with(
b'acsr', self.expect_bend)
self.cryptography.x509.load_pem_x509_certificate.assert_called_with(
b'cacert', self.expect_bend)
self.bcons_mock.assert_called_with(ca=False, path_length=None)
self.builder_mock.add_extension.assert_called_once_with(
self.bcons_mock(), critical=True)