Strip signed certificate
Certificate (ca.crt) has to be striped for some application parsers as they might require pure base64 representation of certificate itself, without empty characters at the beginning nor the end of file Change-Id: I85457e0e2adcf21003300fafc6e2502f74b1afb5
This commit is contained in:
parent
db89edf907
commit
69ffdae1d0
|
@ -226,7 +226,7 @@ def sign(csr, issuer_name, ca_key, ca_key_password=None,
|
|||
certificate = builder.sign(
|
||||
private_key=ca_key, algorithm=hashes.SHA256(),
|
||||
backend=default_backend()
|
||||
).public_bytes(serialization.Encoding.PEM)
|
||||
).public_bytes(serialization.Encoding.PEM).strip()
|
||||
|
||||
return certificate
|
||||
|
||||
|
|
|
@ -223,6 +223,22 @@ class TestX509(base.BaseTestCase):
|
|||
skip_validation=True)
|
||||
mock_six.assert_called_once_with(csr)
|
||||
|
||||
@mock.patch('cryptography.x509.load_pem_x509_csr')
|
||||
def test_sign_empty_chars(self, mock_load_pem):
|
||||
ca_key = self._generate_private_key()
|
||||
private_key = self._generate_private_key()
|
||||
csr_obj = self._build_csr(private_key)
|
||||
csr = csr_obj.public_bytes(serialization.Encoding.PEM)
|
||||
csr = six.text_type(csr.decode('utf-8'))
|
||||
|
||||
mock_load_pem.return_value = csr_obj
|
||||
certificate = operations.sign(csr, self.issuer_name,
|
||||
ca_key, skip_validation=True)
|
||||
|
||||
# Certificate has to be striped for some parsers
|
||||
self.assertEqual(certificate,
|
||||
certificate.strip())
|
||||
|
||||
def test_sign_with_invalid_csr(self):
|
||||
ca_key = self._generate_private_key()
|
||||
csr = 'test'
|
||||
|
|
|
@ -0,0 +1,7 @@
|
|||
---
|
||||
fixes:
|
||||
- |
|
||||
Strip signed certificate. Certificate (ca.crt) has to be striped
|
||||
for some application parsers as they might require pure base64
|
||||
representation of the certificate itself, without empty characters
|
||||
at the beginning nor the end of file.
|
Loading…
Reference in New Issue