mmolloy/nscertkeycreate
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fc94008530933048bc32fed0b6dfb9eeaa4f6237
nscertkeycreate/legacy/tests/test_csr_create_wildcard_cli.py
deamonkai fc94008530 initial
2026-01-23 12:11:21 -06:00

73 lines
2.9 KiB
Python
Raw Blame History

"""Tests for CSR create when wildcard SANs are provided on the CLI."""
from certctl import cli
def test_cli_csr_create_cli_san_wildcard_interactive_confirm_yes(monkeypatch, tmp_path):
from certctl import keygen, csr as csrmod
key_pem = keygen.generate_private_key(kind="rsa", bits=1024)
key_file = tmp_path / "k.pem"
key_file.write_text(key_pem)
# Simulate interactive terminal and confirmation
monkeypatch.setattr("builtins.input", lambda prompt='': "yes")
import sys
monkeypatch.setattr(sys.stdin, "isatty", lambda: True, raising=False)
out = tmp_path / "req.csr"
rc = cli.main(["csr", "create", "--key-file", str(key_file), "--subject", "/C=US/CN=example.com", "--san", "*.example.com", "--out", str(out)])
assert rc == 0
assert out.exists()
csr_pem = out.read_text()
assert csrmod.csr_has_san(csr_pem, "DNS:*.example.com")
def test_cli_csr_create_cli_san_wildcard_interactive_confirm_no(monkeypatch, tmp_path):
from certctl import keygen, csr as csrmod
key_pem = keygen.generate_private_key(kind="rsa", bits=1024)
key_file = tmp_path / "k.pem"
key_file.write_text(key_pem)
# Simulate interactive terminal and decline confirmation
answers = iter(["no"]) # decline wildcard
monkeypatch.setattr("builtins.input", lambda prompt='': next(answers))
import sys
monkeypatch.setattr(sys.stdin, "isatty", lambda: True, raising=False)
out = tmp_path / "req.csr"
rc = cli.main(["csr", "create", "--key-file", str(key_file), "--subject", "/C=US/CN=example.com", "--san", "*.example.com", "--out", str(out)])
assert rc == 0
assert out.exists()
csr_pem = out.read_text()
assert not csrmod.csr_has_san(csr_pem, "DNS:*.example.com")
def test_cli_csr_create_cli_san_wildcard_noninteractive_fails(monkeypatch, tmp_path):
from certctl import keygen
key_pem = keygen.generate_private_key(kind="rsa", bits=1024)
key_file = tmp_path / "k.pem"
key_file.write_text(key_pem)
# Simulate non-interactive (isatty False)
import sys
monkeypatch.setattr(sys.stdin, "isatty", lambda: False, raising=False)
out = tmp_path / "req.csr"
rc = cli.main(["csr", "create", "--key-file", str(key_file), "--san", "*.example.com", "--out", str(out)])
assert rc != 0
def test_cli_csr_create_cli_san_wildcard_allow_flag_noninteractive(monkeypatch, tmp_path):
from certctl import keygen, csr as csrmod
key_pem = keygen.generate_private_key(kind="rsa", bits=1024)
key_file = tmp_path / "k.pem"
key_file.write_text(key_pem)
import sys
monkeypatch.setattr(sys.stdin, "isatty", lambda: False, raising=False)
out = tmp_path / "req.csr"
rc = cli.main(["csr", "create", "--key-file", str(key_file), "--subject", "/C=US/CN=example.com", "--san", "*.example.com", "--allow-wildcard", "--out", str(out)])
assert rc == 0
csr_pem = out.read_text()
assert csrmod.csr_has_san(csr_pem, "DNS:*.example.com")
Reference in New Issue View Git Blame Copy Permalink