From: Joseph Sutton Date: Wed, 5 Jul 2023 00:55:41 +0000 (+1200) Subject: tests/krb5: Have the caller of create_certificate() fetch the CA certificate and... X-Git-Tag: talloc-2.4.1~22 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=b73a01eefd2a526936f11e08a5a32dd2f1106359;p=thirdparty%2Fsamba.git tests/krb5: Have the caller of create_certificate() fetch the CA certificate and private key These are useful to keep around for other purposes. BUG: https://bugzilla.samba.org/show_bug.cgi?id=9612 Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett --- diff --git a/python/samba/tests/krb5/pkinit_tests.py b/python/samba/tests/krb5/pkinit_tests.py index 2481d1df4a8..822aec7bda0 100755 --- a/python/samba/tests/krb5/pkinit_tests.py +++ b/python/samba/tests/krb5/pkinit_tests.py @@ -699,14 +699,16 @@ class PkInitTests(KDCBaseTest): return ca_cert, ca_private_key - def create_certificate(self, creds, certificate_signature=None): + def create_certificate(self, + creds, + ca_cert, + ca_private_key, + certificate_signature=None): if certificate_signature is None: certificate_signature = hashes.SHA1 user_name = creds.get_username() - ca_cert, ca_private_key = self.get_ca_cert_and_private_key() - builder = x509.CertificateBuilder() # Add the subject name. @@ -873,8 +875,13 @@ class PkInitTests(KDCBaseTest): signature_algorithm_id = self.AlgorithmIdentifier_create( signature_algorithm) + ca_cert, ca_private_key = self.get_ca_cert_and_private_key() + # Create a certificate for the client signed by the CA. - certificate = self.create_certificate(creds, certificate_signature) + certificate = self.create_certificate(creds, + ca_cert, + ca_private_key, + certificate_signature) private_key = creds.get_private_key()