From 36eafde21319411cff72fdc876113b69f89ccc90 Mon Sep 17 00:00:00 2001 From: Jakub Warmuz Date: Wed, 8 Jul 2015 12:07:05 +0000 Subject: [PATCH] Use ComparableRSAKey autowrap throughout the code base. --- acme/challenges_test.py | 4 ++-- acme/jose/jwk.py | 2 +- acme/jose/jwk_test.py | 5 ++--- acme/jose/jws_test.py | 4 ++-- acme/jws_test.py | 4 ++-- acme/messages_test.py | 4 ++-- acme/other_test.py | 4 ++-- examples/acme_client.py | 4 ++-- letsencrypt/proof_of_possession.py | 4 +--- letsencrypt/tests/acme_util.py | 4 ++-- letsencrypt/tests/proof_of_possession_test.py | 4 ++-- 11 files changed, 20 insertions(+), 23 deletions(-) diff --git a/acme/challenges_test.py b/acme/challenges_test.py index 9d03e01cd..94c04388d 100644 --- a/acme/challenges_test.py +++ b/acme/challenges_test.py @@ -17,10 +17,10 @@ from acme import other CERT = jose.ComparableX509(OpenSSL.crypto.load_certificate( OpenSSL.crypto.FILETYPE_PEM, pkg_resources.resource_string( 'letsencrypt.tests', os.path.join('testdata', 'cert.pem')))) -KEY = jose.ComparableRSAKey(serialization.load_pem_private_key( +KEY = serialization.load_pem_private_key( pkg_resources.resource_string( 'acme.jose', os.path.join('testdata', 'rsa512_key.pem')), - password=None, backend=default_backend())) + password=None, backend=default_backend()) class ChallengeResponseTest(unittest.TestCase): diff --git a/acme/jose/jwk.py b/acme/jose/jwk.py index 9454c6f9e..2b48d56e6 100644 --- a/acme/jose/jwk.py +++ b/acme/jose/jwk.py @@ -210,7 +210,7 @@ class JWKRSA(JWK): key = rsa.RSAPrivateNumbers( p, q, d, dp, dq, qi, public_numbers).private_key(default_backend()) - return cls(key=util.ComparableRSAKey(key)) + return cls(key=key) def fields_to_partial_json(self): # pylint: disable=protected-access diff --git a/acme/jose/jwk_test.py b/acme/jose/jwk_test.py index 06032f45b..5be28ba17 100644 --- a/acme/jose/jwk_test.py +++ b/acme/jose/jwk_test.py @@ -111,9 +111,8 @@ class JWKRSATest(unittest.TestCase): def test_load(self): from acme.jose.jwk import JWKRSA self.assertEqual( - JWKRSA(key=RSA256_KEY), JWKRSA.load( - pkg_resources.resource_string( - __name__, os.path.join('testdata', 'rsa256_key.pem')))) + self.private, JWKRSA.load(pkg_resources.resource_string( + __name__, os.path.join('testdata', 'rsa256_key.pem')))) def test_public_key(self): self.assertEqual(self.jwk256, self.private.public_key()) diff --git a/acme/jose/jws_test.py b/acme/jose/jws_test.py index 1520f149e..72b8b7b22 100644 --- a/acme/jose/jws_test.py +++ b/acme/jose/jws_test.py @@ -19,10 +19,10 @@ from acme.jose import util CERT = util.ComparableX509(OpenSSL.crypto.load_certificate( OpenSSL.crypto.FILETYPE_PEM, pkg_resources.resource_string( 'letsencrypt.tests', 'testdata/cert.pem'))) -RSA512_KEY = util.ComparableRSAKey(serialization.load_pem_private_key( +RSA512_KEY = serialization.load_pem_private_key( pkg_resources.resource_string( __name__, os.path.join('testdata', 'rsa512_key.pem')), - password=None, backend=default_backend())) + password=None, backend=default_backend()) class MediaTypeTest(unittest.TestCase): diff --git a/acme/jws_test.py b/acme/jws_test.py index 77e52ddc6..e65a3bd46 100644 --- a/acme/jws_test.py +++ b/acme/jws_test.py @@ -10,10 +10,10 @@ from acme import errors from acme import jose -RSA512_KEY = jose.ComparableRSAKey(serialization.load_pem_private_key( +RSA512_KEY = serialization.load_pem_private_key( pkg_resources.resource_string( 'acme.jose', os.path.join('testdata', 'rsa512_key.pem')), - password=None, backend=default_backend())) + password=None, backend=default_backend()) class HeaderTest(unittest.TestCase): diff --git a/acme/messages_test.py b/acme/messages_test.py index 1380fe2f2..59b1685dc 100644 --- a/acme/messages_test.py +++ b/acme/messages_test.py @@ -18,10 +18,10 @@ CERT = jose.ComparableX509(OpenSSL.crypto.load_certificate( CSR = jose.ComparableX509(OpenSSL.crypto.load_certificate_request( OpenSSL.crypto.FILETYPE_ASN1, pkg_resources.resource_string( 'acme.jose', os.path.join('testdata', 'csr.der')))) -KEY = jose.util.ComparableRSAKey(serialization.load_pem_private_key( +KEY = serialization.load_pem_private_key( pkg_resources.resource_string( 'acme.jose', os.path.join('testdata', 'rsa512_key.pem')), - password=None, backend=default_backend())) + password=None, backend=default_backend()) CERT = jose.ComparableX509(OpenSSL.crypto.load_certificate( OpenSSL.crypto.FILETYPE_ASN1, pkg_resources.resource_string( 'acme.jose', os.path.join('testdata', 'cert.der')))) diff --git a/acme/other_test.py b/acme/other_test.py index 22ef70a4c..64699038e 100644 --- a/acme/other_test.py +++ b/acme/other_test.py @@ -9,10 +9,10 @@ from cryptography.hazmat.primitives import serialization from acme import jose -KEY = jose.ComparableRSAKey(serialization.load_pem_private_key( +KEY = serialization.load_pem_private_key( pkg_resources.resource_string( 'acme.jose', os.path.join('testdata', 'rsa512_key.pem')), - password=None, backend=default_backend())) + password=None, backend=default_backend()) class SignatureTest(unittest.TestCase): diff --git a/examples/acme_client.py b/examples/acme_client.py index f7e3916d8..e07031fbe 100644 --- a/examples/acme_client.py +++ b/examples/acme_client.py @@ -20,10 +20,10 @@ BITS = 2048 # minimum for Boulder DOMAIN = 'example1.com' # example.com is ignored by Boulder # generate_private_key requires cryptography>=0.5 -key = jose.JWKRSA(key=jose.ComparableRSAKey(rsa.generate_private_key( +key = jose.JWKRSA(key=rsa.generate_private_key( public_exponent=65537, key_size=2048, - backend=default_backend()))) + backend=default_backend())) acme = client.Client(NEW_REG_URL, key) regr = acme.register(contact=()) diff --git a/letsencrypt/proof_of_possession.py b/letsencrypt/proof_of_possession.py index 09723dd96..f13238c85 100644 --- a/letsencrypt/proof_of_possession.py +++ b/letsencrypt/proof_of_possession.py @@ -57,9 +57,7 @@ class ProofOfPossession(object): # pylint: disable=too-few-public-methods except ValueError: logger.warn("Certificate is neither PER nor DER: %s", cert) - # TODO: only RSA is supported - cert_key = achall.alg.kty(key=jose.ComparableRSAKey( - cert_obj.public_key())) + cert_key = achall.alg.kty(key=cert_obj.public_key()) if cert_key == achall.hints.jwk: return self._gen_response(achall, key) diff --git a/letsencrypt/tests/acme_util.py b/letsencrypt/tests/acme_util.py index 4b660c648..8e19a9ca8 100644 --- a/letsencrypt/tests/acme_util.py +++ b/letsencrypt/tests/acme_util.py @@ -12,10 +12,10 @@ from acme import jose from acme import messages -KEY = jose.ComparableRSAKey(serialization.load_pem_private_key( +KEY = serialization.load_pem_private_key( pkg_resources.resource_string( __name__, os.path.join('testdata', 'rsa512_key.pem')), - password=None, backend=default_backend())) + password=None, backend=default_backend()) # Challenges SIMPLE_HTTP = challenges.SimpleHTTP( diff --git a/letsencrypt/tests/proof_of_possession_test.py b/letsencrypt/tests/proof_of_possession_test.py index 3013e2e12..d91b8bdb6 100644 --- a/letsencrypt/tests/proof_of_possession_test.py +++ b/letsencrypt/tests/proof_of_possession_test.py @@ -29,9 +29,9 @@ CERT3_PATH = pkg_resources.resource_filename( CERT3_KEY_PATH = pkg_resources.resource_filename( BASE_PACKAGE, os.path.join("testdata", "rsa512_key.pem")) with open(CERT3_KEY_PATH) as cert3_file: - CERT3_KEY = jose.ComparableRSAKey(serialization.load_pem_private_key( + CERT3_KEY = serialization.load_pem_private_key( cert3_file.read(), password=None, - backend=default_backend())).public_key() + backend=default_backend()).public_key() class ProofOfPossessionTest(unittest.TestCase):