Use ComparableRSAKey autowrap throughout the code base.

acme/challenges_test.py

@@ -17,10 +17,10 @@ from acme import other
 CERT = jose.ComparableX509(OpenSSL.crypto.load_certificate(
     OpenSSL.crypto.FILETYPE_PEM, pkg_resources.resource_string(
         'letsencrypt.tests', os.path.join('testdata', 'cert.pem'))))
-KEY = jose.ComparableRSAKey(serialization.load_pem_private_key(
+KEY = serialization.load_pem_private_key(
     pkg_resources.resource_string(
         'acme.jose', os.path.join('testdata', 'rsa512_key.pem')),
-    password=None, backend=default_backend()))
+    password=None, backend=default_backend())
 
 
 class ChallengeResponseTest(unittest.TestCase):

acme/jose/jwk.py

@@ -210,7 +210,7 @@ class JWKRSA(JWK):
             key = rsa.RSAPrivateNumbers(
                 p, q, d, dp, dq, qi, public_numbers).private_key(default_backend())
 
-        return cls(key=util.ComparableRSAKey(key))
+        return cls(key=key)
 
     def fields_to_partial_json(self):
         # pylint: disable=protected-access

acme/jose/jwk_test.py

@@ -111,9 +111,8 @@ class JWKRSATest(unittest.TestCase):
     def test_load(self):
         from acme.jose.jwk import JWKRSA
         self.assertEqual(
-            JWKRSA(key=RSA256_KEY), JWKRSA.load(
-                pkg_resources.resource_string(
-                    __name__, os.path.join('testdata', 'rsa256_key.pem'))))
+            self.private, JWKRSA.load(pkg_resources.resource_string(
+                __name__, os.path.join('testdata', 'rsa256_key.pem'))))
 
     def test_public_key(self):
         self.assertEqual(self.jwk256, self.private.public_key())

acme/jose/jws_test.py

@@ -19,10 +19,10 @@ from acme.jose import util
 CERT = util.ComparableX509(OpenSSL.crypto.load_certificate(
     OpenSSL.crypto.FILETYPE_PEM, pkg_resources.resource_string(
         'letsencrypt.tests', 'testdata/cert.pem')))
-RSA512_KEY = util.ComparableRSAKey(serialization.load_pem_private_key(
+RSA512_KEY = serialization.load_pem_private_key(
     pkg_resources.resource_string(
         __name__, os.path.join('testdata', 'rsa512_key.pem')),
-    password=None, backend=default_backend()))
+    password=None, backend=default_backend())
 
 
 class MediaTypeTest(unittest.TestCase):

acme/jws_test.py

@@ -10,10 +10,10 @@ from acme import errors
 from acme import jose
 
 
-RSA512_KEY = jose.ComparableRSAKey(serialization.load_pem_private_key(
+RSA512_KEY = serialization.load_pem_private_key(
     pkg_resources.resource_string(
         'acme.jose', os.path.join('testdata', 'rsa512_key.pem')),
-    password=None, backend=default_backend()))
+    password=None, backend=default_backend())
 
 
 class HeaderTest(unittest.TestCase):

acme/messages_test.py

@@ -18,10 +18,10 @@ CERT = jose.ComparableX509(OpenSSL.crypto.load_certificate(
 CSR = jose.ComparableX509(OpenSSL.crypto.load_certificate_request(
     OpenSSL.crypto.FILETYPE_ASN1, pkg_resources.resource_string(
         'acme.jose', os.path.join('testdata', 'csr.der'))))
-KEY = jose.util.ComparableRSAKey(serialization.load_pem_private_key(
+KEY = serialization.load_pem_private_key(
     pkg_resources.resource_string(
         'acme.jose', os.path.join('testdata', 'rsa512_key.pem')),
-    password=None, backend=default_backend()))
+    password=None, backend=default_backend())
 CERT = jose.ComparableX509(OpenSSL.crypto.load_certificate(
     OpenSSL.crypto.FILETYPE_ASN1, pkg_resources.resource_string(
         'acme.jose', os.path.join('testdata', 'cert.der'))))

acme/other_test.py

@@ -9,10 +9,10 @@ from cryptography.hazmat.primitives import serialization
 from acme import jose
 
 
-KEY = jose.ComparableRSAKey(serialization.load_pem_private_key(
+KEY = serialization.load_pem_private_key(
     pkg_resources.resource_string(
         'acme.jose', os.path.join('testdata', 'rsa512_key.pem')),
-    password=None, backend=default_backend()))
+    password=None, backend=default_backend())
 
 
 class SignatureTest(unittest.TestCase):

examples/acme_client.py

@@ -20,10 +20,10 @@ BITS = 2048  # minimum for Boulder
 DOMAIN = 'example1.com'  # example.com is ignored by Boulder
 
 # generate_private_key requires cryptography>=0.5
-key = jose.JWKRSA(key=jose.ComparableRSAKey(rsa.generate_private_key(
+key = jose.JWKRSA(key=rsa.generate_private_key(
     public_exponent=65537,
     key_size=2048,
-    backend=default_backend())))
+    backend=default_backend()))
 acme = client.Client(NEW_REG_URL, key)
 
 regr = acme.register(contact=())

letsencrypt/proof_of_possession.py

@@ -57,9 +57,7 @@ class ProofOfPossession(object): # pylint: disable=too-few-public-methods
                 except ValueError:
                     logger.warn("Certificate is neither PER nor DER: %s", cert)
 
-            # TODO: only RSA is supported
-            cert_key = achall.alg.kty(key=jose.ComparableRSAKey(
-                cert_obj.public_key()))
+            cert_key = achall.alg.kty(key=cert_obj.public_key())
             if cert_key == achall.hints.jwk:
                 return self._gen_response(achall, key)
 

letsencrypt/tests/acme_util.py

@@ -12,10 +12,10 @@ from acme import jose
 from acme import messages
 
 
-KEY = jose.ComparableRSAKey(serialization.load_pem_private_key(
+KEY = serialization.load_pem_private_key(
     pkg_resources.resource_string(
         __name__, os.path.join('testdata', 'rsa512_key.pem')),
-    password=None, backend=default_backend()))
+    password=None, backend=default_backend())
 
 # Challenges
 SIMPLE_HTTP = challenges.SimpleHTTP(

letsencrypt/tests/proof_of_possession_test.py

@@ -29,9 +29,9 @@ CERT3_PATH = pkg_resources.resource_filename(
 CERT3_KEY_PATH = pkg_resources.resource_filename(
     BASE_PACKAGE, os.path.join("testdata", "rsa512_key.pem"))
 with open(CERT3_KEY_PATH) as cert3_file:
-    CERT3_KEY = jose.ComparableRSAKey(serialization.load_pem_private_key(
+    CERT3_KEY = serialization.load_pem_private_key(
         cert3_file.read(), password=None,
-        backend=default_backend())).public_key()
+        backend=default_backend()).public_key()
 
 
 class ProofOfPossessionTest(unittest.TestCase):