Fix hardcoded CSR in test_webui/test_cert.py

Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com> Reviewed-By: Petr Vobornik <pvoborni@redhat.com>
2025-02-25 18:55:28 -06:00 · 2018-08-22 08:54:09 +02:00 · 2018-08-22 08:54:09 +02:00 · 2b3fd70156
commit 2b3fd70156
parent 1a7e4b0ec1
2 changed files with 26 additions and 18 deletions
--- a/ipatests/test_webui/crypto_utils.py
+++ b/ipatests/test_webui/crypto_utils.py
@ -0,0 +1,23 @@
+#
+# Copyright (C) 2018  FreeIPA Contributors see COPYING for license
+#
+
+from cryptography import x509
+from cryptography.hazmat.backends import default_backend
+from cryptography.hazmat.primitives import serialization, hashes
+from cryptography.hazmat.primitives.asymmetric import rsa
+from cryptography.x509.oid import NameOID
+
+
+def generate_csr(hostname):
+    key = rsa.generate_private_key(
+        public_exponent=65537,
+        key_size=2048,
+        backend=default_backend()
+    )
+    csr = x509.CertificateSigningRequestBuilder()
+    csr = csr.subject_name(x509.Name([
+        x509.NameAttribute(NameOID.COMMON_NAME, u'{}'.format(hostname))
+    ]))
+    csr = csr.sign(key, hashes.SHA256(), default_backend())
+    return csr.public_bytes(serialization.Encoding.PEM)
--- a/ipatests/test_webui/test_cert.py
+++ b/ipatests/test_webui/test_cert.py
@ -21,6 +21,7 @@
 Cert tests
 """

+from ipatests.test_webui.crypto_utils import generate_csr
 from ipatests.test_webui.ui_driver import UI_driver
 from ipatests.test_webui.ui_driver import screenshot
 from datetime import date, timedelta
@ -28,23 +29,6 @@ import pytest

 ENTITY = 'cert'

-CERT_CSR = ("""-----BEGIN NEW CERTIFICATE REQUEST-----
-MIICcjCCAVoCAQAwLTERMA8GA1UEChMISVBBLlRFU1QxGDAWBgNVBAMTD21hc3Rl
-ci5pcGEudGVzdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK9xZ/OT
-PC9vlwP78ACCYTOGy8C+Ho4OUF4p4PYPkns4Zdov6N/f0MlUcxY7cpAlKlAZT53b
-OphSKamc7nlNgUAzV1S6JTm1YXiTzG6mAOWWK/i3O25rNfiz0D+srlqS0ADsGPwG
-4vxuWJYwUEKcV4YgCYCJj78dD+yxoz5anVrNosN4tVGg6jfaPI9uu1T+FhsNM/AC
-EN7pa50bgeV7iBZs/pdZEXEsk18NO4W55yPAKQp5JFCL6eeBJcHTU/IuEb/YPCSr
-e873Iwzw4ZqW8dHbE10Za3VzdKPDUbtJp93rvU6imRavvifIAa3GgBuLYbpEXXcG
-B6MLHdWOApwPBoMCAwEAAaAAMA0GCSqGSIb3DQEBCwUAA4IBAQClXDGZoGUSetZP
-lwx//vSN6P6y30dpiHDQiY4hCLYplpoB7V6wXXVMyuKpJjRMQ2mSdyuFge14Lvwr
-y1pE8Vg0+D99PW09tGTp54egPCKeyXptJ/1xi/Quo70OfSSI01vSczMDGTa4OfAB
-VPzE2xey1qL0a0UHqwBaSqnt6D0Xmid79YP0XkVEqZeHZvprtXzeA4dNc1GrZrjb
-7bazcPXbd7PXQaEFvmhqbDMFvu3xMBm5HJd4WkYKvBFDw4NHfT6jw/yRZXkWwJ/F
-EI0h2e9yxrSKgOEpWmeCdETZhMCljx5C2rLNqLAWJIJQ293UuVRCg4Rn6fdIefhF
-yKHlBerZ
-----END NEW CERTIFICATE REQUEST-----""")
-
 ERR_SPACE = "invalid '{}': Leading and trailing spaces are not allowed"
 ERR_MUST_INTEGER = "invalid '{}': must be an integer"
 LEAST_SERIAL = "invalid '{}': must be at least 0"
@ -180,7 +164,8 @@ class test_cert(UI_driver):

        # add a new cert
        hostname = self.config.get('ipa_server')
-        record = add_cert(self, 'HTTP/{}'.format(hostname), CERT_CSR)
+        csr = generate_csr(hostname)
+        record = add_cert(self, 'HTTP/{}'.format(hostname), csr)

        # revoke added cert
        revoke_cert(self, record, '1')