From 01196cc741ddf611794ba6eb1b5f3a0bcff2f0da Mon Sep 17 00:00:00 2001 From: Joseph Sutton Date: Wed, 5 Jul 2023 12:53:45 +1200 Subject: [PATCH] tests/krb5: Factor out a method to fetch the CA certificate and private key BUG: https://bugzilla.samba.org/show_bug.cgi?id=9612 Signed-off-by: Joseph Sutton Reviewed-by: Andrew Bartlett --- python/samba/tests/krb5/pkinit_tests.py | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) diff --git a/python/samba/tests/krb5/pkinit_tests.py b/python/samba/tests/krb5/pkinit_tests.py index 4a4d81fd877..2481d1df4a8 100755 --- a/python/samba/tests/krb5/pkinit_tests.py +++ b/python/samba/tests/krb5/pkinit_tests.py @@ -663,12 +663,7 @@ class PkInitTests(KDCBaseTest): return kdc_exchange_dict - def create_certificate(self, creds, certificate_signature=None): - if certificate_signature is None: - certificate_signature = hashes.SHA1 - - user_name = creds.get_username() - + def get_ca_cert_and_private_key(self): # The password with which to try to encrypt the certificate or private # key specified on the command line. ca_pass = samba.tests.env_get_var_value('CA_PASS', allow_missing=True) @@ -702,6 +697,16 @@ class PkInitTests(KDCBaseTest): ca_private_key = serialization.load_pem_private_key( f.read(), password=ca_pass, backend=default_backend()) + return ca_cert, ca_private_key + + def create_certificate(self, creds, certificate_signature=None): + if certificate_signature is None: + certificate_signature = hashes.SHA1 + + user_name = creds.get_username() + + ca_cert, ca_private_key = self.get_ca_cert_and_private_key() + builder = x509.CertificateBuilder() # Add the subject name. -- 2.47.3