Tree - rpms/resource-agents - CentOS Git server

rpms / resource-agents

Blame SOURCES/9-google-cloud-sdk-oauth2client-python-rsa-to-cryptography.patch

Blob History Raw

		05afe3	`diff -uNr a/bundled/gcp/google-cloud-sdk/lib/third_party/oauth2client/_pure_python_crypt.py b/bundled/gcp/google-cloud-sdk/lib/third_party/oauth2client/_pure_python_crypt.py`
		4d1913	`--- a/bundled/gcp/google-cloud-sdk/lib/third_party/oauth2client/_pure_python_crypt.py 1980-01-01 09:00:00.000000000 +0100`
		4d1913	`+++ b/bundled/gcp/google-cloud-sdk/lib/third_party/oauth2client/_pure_python_crypt.py 2019-04-04 11:56:00.292677044 +0200`
		4d1913	`@@ -19,8 +19,14 @@`
		4d1913	`certificates.`
		4d1913	`"""`
		4d1913
		4d1913	`+from pyasn1.codec.der import decoder`
		05afe3	`from pyasn1_modules import pem`
		05afe3	`-import rsa`
		4d1913	`+from pyasn1_modules.rfc2459 import Certificate`
		4d1913	`+from pyasn1_modules.rfc5208 import PrivateKeyInfo`
		05afe3	`+from cryptography.hazmat.primitives import serialization, hashes`
		05afe3	`+from cryptography.hazmat.primitives.asymmetric import padding`
		05afe3	`+from cryptography import x509`
		05afe3	`+from cryptography.hazmat.backends import default_backend`
		05afe3	`import six`
		05afe3
		05afe3	`from oauth2client import _helpers`
		4d1913	`@@ -40,7 +46,7 @@`
		4d1913	`'-----END RSA PRIVATE KEY-----')`
		4d1913	`_PKCS8_MARKER = ('-----BEGIN PRIVATE KEY-----',`
		4d1913	`'-----END PRIVATE KEY-----')`
		4d1913	`-_PKCS8_SPEC = None`
		4d1913	`+_PKCS8_SPEC = PrivateKeyInfo()`
		4d1913
		4d1913
		4d1913	`def _bit_list_to_bytes(bit_list):`
		4d1913	`@@ -67,7 +73,8 @@`
		05afe3	`"""`
		05afe3
		05afe3	`def __init__(self, pubkey):`
		05afe3	`- self._pubkey = pubkey`
		05afe3	`+ self._pubkey = serialization.load_pem_public_key(pubkey,`
		05afe3	`+ backend=default_backend())`
		05afe3
		05afe3	`def verify(self, message, signature):`
		05afe3	`"""Verifies a message against a signature.`
		4d1913	`@@ -84,8 +91,9 @@`
		05afe3	`"""`
		05afe3	`message = _helpers._to_bytes(message, encoding='utf-8')`
		05afe3	`try:`
		05afe3	`- return rsa.pkcs1.verify(message, signature, self._pubkey)`
		05afe3	`- except (ValueError, rsa.pkcs1.VerificationError):`
		05afe3	`+ return self._pubkey.verify(signature, message, padding.PKCS1v15(),`
		05afe3	`+ hashes.SHA256())`
		05afe3	`+ except (ValueError, TypeError, InvalidSignature):`
		05afe3	`return False`
		05afe3
		05afe3	`@classmethod`
		4d1913	`@@ -109,19 +117,18 @@`
		05afe3	`"""`
		05afe3	`key_pem = _helpers._to_bytes(key_pem)`
		05afe3	`if is_x509_cert:`
		4d1913	`- from pyasn1.codec.der import decoder`
		4d1913	`- from pyasn1_modules import rfc2459`
		4d1913	`-`
		05afe3	`- der = rsa.pem.load_pem(key_pem, 'CERTIFICATE')`
		4d1913	`- asn1_cert, remaining = decoder.decode(der, asn1Spec=rfc2459.Certificate())`
		05afe3	`+ der = x509.load_pem_x509_certificate(pem_data, default_backend())`
		4d1913	`+ asn1_cert, remaining = decoder.decode(der, asn1Spec=Certificate())`
		05afe3	`if remaining != b'':`
		05afe3	`raise ValueError('Unused bytes', remaining)`
		05afe3
		05afe3	`cert_info = asn1_cert['tbsCertificate']['subjectPublicKeyInfo']`
		05afe3	`key_bytes = _bit_list_to_bytes(cert_info['subjectPublicKey'])`
		05afe3	`- pubkey = rsa.PublicKey.load_pkcs1(key_bytes, 'DER')`
		05afe3	`+ pubkey = serialization.load_der_public_key(decoded_key,`
		05afe3	`+ backend=default_backend())`
		05afe3	`else:`
		05afe3	`- pubkey = rsa.PublicKey.load_pkcs1(key_pem, 'PEM')`
		05afe3	`+ pubkey = serialization.load_pem_public_key(decoded_key,`
		05afe3	`+ backend=default_backend())`
		05afe3	`return cls(pubkey)`
		05afe3
		05afe3
		05afe3	`@@ -134,6 +141,8 @@`
		05afe3
		05afe3	`def __init__(self, pkey):`
		05afe3	`self._key = pkey`
		05afe3	`+ self._pubkey = serialization.load_pem_private_key(pkey,`
		05afe3	`+ backend=default_backend())`
		05afe3
		05afe3	`def sign(self, message):`
		05afe3	`"""Signs a message.`
		05afe3	`@@ -145,7 +154,7 @@`
		05afe3	`string, The signature of the message for the given key.`
		05afe3	`"""`
		05afe3	`message = _helpers._to_bytes(message, encoding='utf-8')`
		05afe3	`- return rsa.pkcs1.sign(message, self._key, 'SHA-256')`
		05afe3	`+ return self._key.sign(message, padding.PKCS1v15(), hashes.SHA256())`
		05afe3
		05afe3	`@classmethod`
		05afe3	`def from_string(cls, key, password='notasecret'):`
		4d1913	`@@ -163,27 +172,24 @@`
		4d1913	`ValueError if the key cannot be parsed as PKCS#1 or PKCS#8 in`
		4d1913	`PEM format.`
		4d1913	`"""`
		4d1913	`- global _PKCS8_SPEC`
		4d1913	`key = _helpers._from_bytes(key) # pem expects str in Py3`
		4d1913	`marker_id, key_bytes = pem.readPemBlocksFromFile(`
		05afe3	`six.StringIO(key), _PKCS1_MARKER, _PKCS8_MARKER)`
		05afe3
		05afe3	`if marker_id == 0:`
		05afe3	`- pkey = rsa.key.PrivateKey.load_pkcs1(key_bytes,`
		05afe3	`- format='DER')`
		4d1913	`- elif marker_id == 1:`
		4d1913	`- from pyasn1.codec.der import decoder`
		4d1913	`- from pyasn1_modules import rfc5208`
		05afe3	`+ pkey = serialization.load_der_private_key(`
		05afe3	`+ key_bytes, password=None,`
		05afe3	`+ backend=default_backend())`
		4d1913
		4d1913	`- if _PKCS8_SPEC is None:`
		4d1913	`- _PKCS8_SPEC = rfc5208.PrivateKeyInfo()`
		4d1913	`+ elif marker_id == 1:`
		05afe3	`key_info, remaining = decoder.decode(`
		05afe3	`key_bytes, asn1Spec=_PKCS8_SPEC)`
		05afe3	`if remaining != b'':`
		05afe3	`raise ValueError('Unused bytes', remaining)`
		05afe3	`pkey_info = key_info.getComponentByName('privateKey')`
		05afe3	`- pkey = rsa.key.PrivateKey.load_pkcs1(pkey_info.asOctets(),`
		05afe3	`- format='DER')`
		05afe3	`+ pkey = serialization.load_der_private_key(`
		05afe3	`+ pkey_info.asOctets(), password=None,`
		05afe3	`+ backend=default_backend())`
		05afe3	`else:`
		05afe3	`raise ValueError('No key could be detected.')`
		05afe3

rpms / resource-agents

Source Code

Blame SOURCES/9-google-cloud-sdk-oauth2client-python-rsa-to-cryptography.patch