generate a certificate with cryptography
(self, key, common_name, issuer=None, sign_key=None)
| 73 | ) |
| 74 | |
| 75 | def gen_certificate(self, key, common_name, issuer=None, sign_key=None): |
| 76 | """generate a certificate with cryptography""" |
| 77 | |
| 78 | now = datetime.datetime.now(datetime.timezone.utc) |
| 79 | |
| 80 | certificate = x509.CertificateBuilder().subject_name( |
| 81 | x509.Name([ |
| 82 | x509.NameAttribute(NameOID.COMMON_NAME, common_name), |
| 83 | ]) |
| 84 | ).issuer_name( |
| 85 | x509.Name([ |
| 86 | x509.NameAttribute( |
| 87 | NameOID.COMMON_NAME, |
| 88 | issuer or common_name |
| 89 | ) |
| 90 | ]) |
| 91 | ).not_valid_before( |
| 92 | now |
| 93 | ).not_valid_after( |
| 94 | now + datetime.timedelta(seconds=86400) |
| 95 | ).serial_number( |
| 96 | x509.random_serial_number() |
| 97 | ).public_key( |
| 98 | key.public_key() |
| 99 | ).add_extension( |
| 100 | x509.BasicConstraints(ca=True, path_length=0), critical=True |
| 101 | ).sign( |
| 102 | private_key=sign_key or key, |
| 103 | algorithm=hashes.SHA256(), |
| 104 | backend=default_backend() |
| 105 | ) |
| 106 | return certificate |
| 107 | |
| 108 | @pytest.mark.xfail(reason="Issue #5269") |
| 109 | def test_security_task_done(self): |
no test coverage detected