fix last coverage issue

mathiasertl · Mar 9, 2024 · 83a0b92 · 83a0b92
1 parent ca2d168
commit 83a0b92
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 4 deletions.
diff --git a/ca/django_ca/key_backends/storages.py b/ca/django_ca/key_backends/storages.py
@@ -87,7 +87,7 @@ def load_default_password(cls, password: Optional[bytes], info: ValidationInfo)
         """Validator to load the password from CA_PASSWORDS if not given."""
         if info.context and password is None:
             ca: CertificateAuthority = info.context.get("ca")
-            if ca:
+            if ca:  # pragma: no branch  # when we pass a context, we also pass a ca, but just to be sure
                 if settings_password := ca_settings.CA_PASSWORDS.get(ca.serial):
                     return settings_password
 
@@ -206,7 +206,9 @@ def create_private_key(
         # Update model instance
         ca.key_backend_options = {"path": path}
 
-        use_private_key_options = UsePrivateKeyOptions(password=options.password)
+        use_private_key_options = UsePrivateKeyOptions.model_validate(
+            {"password": options.password}, context={"ca": ca}
+        )
 
         return key.public_key(), use_private_key_options
 

diff --git a/ca/django_ca/tests/commands/test_import_ca.py b/ca/django_ca/tests/commands/test_import_ca.py
@@ -28,7 +28,6 @@
 import pytest
 from freezegun import freeze_time
 
-from ca import settings
 from django_ca import ca_settings
 from django_ca.key_backends.storages import UsePrivateKeyOptions
 from django_ca.models import CertificateAuthority
@@ -234,6 +233,7 @@ def test_ocsp_responder_arguments(self) -> None:
         self.assertEqual(ca.ocsp_responder_key_validity, 10)
         self.assertEqual(ca.ocsp_response_validity, 3600)
 
+    @override_tmpcadir()
     def test_create_cadir(self) -> None:
         """Test importing a CA when the directory does not yet exist."""
         name = "testname"
@@ -274,13 +274,14 @@ def test_bogus_private_key(ca_name: str) -> None:
         cmd("import_ca", ca_name, Path(__file__).resolve(), pem_path)
 
 
+@pytest.mark.usefixtures("tmpcadir")
 def test_invalid_private_key_type(ca_name: str) -> None:
     """Test importing a CA with an invalid private key type."""
     private_key = X448PrivateKey.generate()
     private_key_der = private_key.private_bytes(
         Encoding.PEM, format=PrivateFormat.PKCS8, encryption_algorithm=NoEncryption()
     )
-    private_key_path = os.path.join(settings.CA_DIR, "x448.key")  # type: ignore[arg-type]
+    private_key_path = os.path.join(ca_settings.CA_DIR, "x448.key")
     with open(private_key_path, "wb") as stream:
         stream.write(private_key_der)