Generate a private key and cert object to be used in testing.
(
project: str,
name: str,
cert_before: datetime.datetime = datetime.datetime.now(datetime.timezone.utc),
cert_after: datetime.datetime = datetime.datetime.now(datetime.timezone.utc)
+ datetime.timedelta(hours=1),
)
| 110 | |
| 111 | |
| 112 | def generate_cert( |
| 113 | project: str, |
| 114 | name: str, |
| 115 | cert_before: datetime.datetime = datetime.datetime.now(datetime.timezone.utc), |
| 116 | cert_after: datetime.datetime = datetime.datetime.now(datetime.timezone.utc) |
| 117 | + datetime.timedelta(hours=1), |
| 118 | ) -> tuple[x509.CertificateBuilder, rsa.RSAPrivateKey]: |
| 119 | """ |
| 120 | Generate a private key and cert object to be used in testing. |
| 121 | """ |
| 122 | # generate private key |
| 123 | key = rsa.generate_private_key(public_exponent=65537, key_size=2048) |
| 124 | common_name = f"{project}:{name}" |
| 125 | # configure cert subject |
| 126 | subject = issuer = x509.Name( |
| 127 | [ |
| 128 | x509.NameAttribute(NameOID.COUNTRY_NAME, "US"), |
| 129 | x509.NameAttribute(NameOID.STATE_OR_PROVINCE_NAME, "California"), |
| 130 | x509.NameAttribute(NameOID.LOCALITY_NAME, "Mountain View"), |
| 131 | x509.NameAttribute(NameOID.ORGANIZATION_NAME, "Google Inc"), |
| 132 | x509.NameAttribute(NameOID.COMMON_NAME, common_name), |
| 133 | ] |
| 134 | ) |
| 135 | # build cert |
| 136 | cert = ( |
| 137 | x509.CertificateBuilder() |
| 138 | .subject_name(subject) |
| 139 | .issuer_name(issuer) |
| 140 | .public_key(key.public_key()) |
| 141 | .serial_number(x509.random_serial_number()) |
| 142 | .not_valid_before(cert_before) |
| 143 | .not_valid_after(cert_after) |
| 144 | ) |
| 145 | return cert, key |
| 146 | |
| 147 | |
| 148 | def self_signed_cert(cert: x509.CertificateBuilder, key: rsa.RSAPrivateKey) -> str: |