rpms / fence-agents

Clone
Source Code
GIT

Blame SOURCES/bz1568753-6-oauth2client-python-rsa-to-cryptography.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   7f4c66a4e32df932e5a07345fe8ffa8d76c37ac8
  2.   SOURCES
  3.   bz1568753-6-oauth2client-python-rsa-to-cryptography.patch
Blob History Raw
6a3e49 
diff -uNr a/oauth2client/_pure_python_crypt.py b/oauth2client/_pure_python_crypt.py
6a3e49 
--- a/oauth2client/_pure_python_crypt.py	2016-10-14 19:53:53.000000000 +0200
6a3e49 
+++ b/oauth2client/_pure_python_crypt.py	2018-06-21 15:40:25.216478384 +0200
6a3e49 
@@ -23,7 +23,10 @@
6a3e49 
 from pyasn1_modules import pem
6a3e49 
 from pyasn1_modules.rfc2459 import Certificate
6a3e49 
 from pyasn1_modules.rfc5208 import PrivateKeyInfo
6a3e49 
-import rsa
6a3e49 
+from cryptography.hazmat.primitives import serialization, hashes
6a3e49 
+from cryptography.hazmat.primitives.asymmetric import padding
6a3e49 
+from cryptography import x509
6a3e49 
+from cryptography.hazmat.backends import default_backend
6a3e49 
 import six
6a3e49
6a3e49 
 from oauth2client import _helpers
6a3e49 
@@ -70,7 +73,8 @@
6a3e49 
     """
6a3e49
6a3e49 
     def __init__(self, pubkey):
6a3e49 
-        self._pubkey = pubkey
6a3e49 
+        self._pubkey = serialization.load_pem_public_key(pubkey,
6a3e49 
+            backend=default_backend())
6a3e49
6a3e49 
     def verify(self, message, signature):
6a3e49 
         """Verifies a message against a signature.
6a3e49 
@@ -87,8 +91,9 @@
6a3e49 
         """
6a3e49 
         message = _helpers._to_bytes(message, encoding='utf-8')
6a3e49 
         try:
6a3e49 
-            return rsa.pkcs1.verify(message, signature, self._pubkey)
6a3e49 
-        except (ValueError, rsa.pkcs1.VerificationError):
6a3e49 
+            return self._pubkey.verify(signature, message, padding.PKCS1v15(),
6a3e49 
+                hashes.SHA256())
6a3e49 
+        except (ValueError, TypeError, InvalidSignature):
6a3e49 
             return False
6a3e49
6a3e49 
     @classmethod
6a3e49 
@@ -112,16 +117,18 @@
6a3e49 
         """
6a3e49 
         key_pem = _helpers._to_bytes(key_pem)
6a3e49 
         if is_x509_cert:
6a3e49 
-            der = rsa.pem.load_pem(key_pem, 'CERTIFICATE')
6a3e49 
+            der = x509.load_pem_x509_certificate(pem_data, default_backend())
6a3e49 
             asn1_cert, remaining = decoder.decode(der, asn1Spec=Certificate())
6a3e49 
             if remaining != b'':
6a3e49 
                 raise ValueError('Unused bytes', remaining)
6a3e49
6a3e49 
             cert_info = asn1_cert['tbsCertificate']['subjectPublicKeyInfo']
6a3e49 
             key_bytes = _bit_list_to_bytes(cert_info['subjectPublicKey'])
6a3e49 
-            pubkey = rsa.PublicKey.load_pkcs1(key_bytes, 'DER')
6a3e49 
+            pubkey = serialization.load_der_public_key(decoded_key,
6a3e49 
+                backend=default_backend())
6a3e49 
         else:
6a3e49 
-            pubkey = rsa.PublicKey.load_pkcs1(key_pem, 'PEM')
6a3e49 
+            pubkey = serialization.load_pem_public_key(decoded_key,
6a3e49 
+                backend=default_backend())
6a3e49 
         return cls(pubkey)
6a3e49
6a3e49
6a3e49 
@@ -134,6 +141,8 @@
6a3e49
6a3e49 
     def __init__(self, pkey):
6a3e49 
         self._key = pkey
6a3e49 
+        self._pubkey = serialization.load_pem_private_key(pkey,
6a3e49 
+            backend=default_backend())
6a3e49
6a3e49 
     def sign(self, message):
6a3e49 
         """Signs a message.
6a3e49 
@@ -145,7 +154,7 @@
6a3e49 
             string, The signature of the message for the given key.
6a3e49 
         """
6a3e49 
         message = _helpers._to_bytes(message, encoding='utf-8')
6a3e49 
-        return rsa.pkcs1.sign(message, self._key, 'SHA-256')
6a3e49 
+        return self._key.sign(message, padding.PKCS1v15(), hashes.SHA256())
6a3e49
6a3e49 
     @classmethod
6a3e49 
     def from_string(cls, key, password='notasecret'):
6a3e49 
@@ -168,16 +177,19 @@
6a3e49 
             six.StringIO(key), _PKCS1_MARKER, _PKCS8_MARKER)
6a3e49
6a3e49 
         if marker_id == 0:
6a3e49 
-            pkey = rsa.key.PrivateKey.load_pkcs1(key_bytes,
6a3e49 
-                                                 format='DER')
6a3e49 
+            pkey = serialization.load_der_private_key(
6a3e49 
+                key_bytes, password=None,
6a3e49 
+                backend=default_backend())
6a3e49 
+
6a3e49 
         elif marker_id == 1:
6a3e49 
             key_info, remaining = decoder.decode(
6a3e49 
                 key_bytes, asn1Spec=_PKCS8_SPEC)
6a3e49 
             if remaining != b'':
6a3e49 
                 raise ValueError('Unused bytes', remaining)
6a3e49 
             pkey_info = key_info.getComponentByName('privateKey')
6a3e49 
-            pkey = rsa.key.PrivateKey.load_pkcs1(pkey_info.asOctets(),
6a3e49 
-                                                 format='DER')
6a3e49 
+            pkey = serialization.load_der_private_key(
6a3e49 
+                pkey_info.asOctets(), password=None,
6a3e49 
+                backend=default_backend())
6a3e49 
         else:
6a3e49 
             raise ValueError('No key could be detected.')
6a3e49

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation