(PUP-2606) Add RSA private key test

Verify the ssl application generates an RSA private key if needed. Ensure state
machine does the same and the `private?` method returns true.

spec/unit/application/ssl_spec.rb

@@ -106,6 +106,15 @@ def expects_command_to_fail(message)
 
     it_behaves_like 'an ssl action'
 
+    it 'generates an RSA private key' do
+      File.unlink(Puppet[:hostprivkey])
+
+      stub_request(:put, %r{puppet-ca/v1/certificate_request/#{name}}).to_return(status: 200)
+      stub_request(:get, %r{puppet-ca/v1/certificate/#{name}}).to_return(status: 404)
+
+      expects_command_to_pass(%r{Submitted certificate request for '#{name}' to https://.*})
+    end
+
     it 'submits the CSR and saves it locally' do
       stub_request(:put, %r{puppet-ca/v1/certificate_request/#{name}}).to_return(status: 200)
       stub_request(:get, %r{puppet-ca/v1/certificate/#{name}}).to_return(status: 404)

spec/unit/ssl/state_machine_spec.rb

@@ -257,13 +257,14 @@
         }.to raise_error(Puppet::SSL::SSLError, %r{The certificate for 'CN=signed' does not match its private key})
       end
 
-      it 'generates a new private key, saves it and passes it to the next state' do
+      it 'generates a new RSA private key, saves it and passes it to the next state' do
         allow_any_instance_of(Puppet::X509::CertProvider).to receive(:load_private_key).and_return(nil)
         expect_any_instance_of(Puppet::X509::CertProvider).to receive(:save_private_key)
 
         st = state.next_state
         expect(st).to be_instance_of(Puppet::SSL::StateMachine::NeedSubmitCSR)
         expect(st.private_key).to be_instance_of(OpenSSL::PKey::RSA)
+        expect(st.private_key).to be_private
       end
 
       it 'raises an error if it fails to load the key' do