Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(56)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: third_party/google-endpoints/oauth2client/_openssl_crypt.py

Issue 2666783008: Add google-endpoints to third_party/. (Closed)
Patch Set: Created 3 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « third_party/google-endpoints/oauth2client/_helpers.py ('k') | third_party/google-endpoints/oauth2client/_pycrypto_crypt.py » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
(Empty)
1 # Copyright 2015 Google Inc. All rights reserved.
2 #
3 # Licensed under the Apache License, Version 2.0 (the "License");
4 # you may not use this file except in compliance with the License.
5 # You may obtain a copy of the License at
6 #
7 # http://www.apache.org/licenses/LICENSE-2.0
8 #
9 # Unless required by applicable law or agreed to in writing, software
10 # distributed under the License is distributed on an "AS IS" BASIS,
11 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 # See the License for the specific language governing permissions and
13 # limitations under the License.
14 """OpenSSL Crypto-related routines for oauth2client."""
15
16 import base64
17
18 from OpenSSL import crypto
19
20 from oauth2client._helpers import _parse_pem_key
21 from oauth2client._helpers import _to_bytes
22
23
24 class OpenSSLVerifier(object):
25 """Verifies the signature on a message."""
26
27 def __init__(self, pubkey):
28 """Constructor.
29
30 Args:
31 pubkey: OpenSSL.crypto.PKey, The public key to verify with.
32 """
33 self._pubkey = pubkey
34
35 def verify(self, message, signature):
36 """Verifies a message against a signature.
37
38 Args:
39 message: string or bytes, The message to verify. If string, will be
40 encoded to bytes as utf-8.
41 signature: string or bytes, The signature on the message. If string,
42 will be encoded to bytes as utf-8.
43
44 Returns:
45 True if message was signed by the private key associated with the
46 public key that this object was constructed with.
47 """
48 message = _to_bytes(message, encoding='utf-8')
49 signature = _to_bytes(signature, encoding='utf-8')
50 try:
51 crypto.verify(self._pubkey, signature, message, 'sha256')
52 return True
53 except crypto.Error:
54 return False
55
56 @staticmethod
57 def from_string(key_pem, is_x509_cert):
58 """Construct a Verified instance from a string.
59
60 Args:
61 key_pem: string, public key in PEM format.
62 is_x509_cert: bool, True if key_pem is an X509 cert, otherwise it
63 is expected to be an RSA key in PEM format.
64
65 Returns:
66 Verifier instance.
67
68 Raises:
69 OpenSSL.crypto.Error: if the key_pem can't be parsed.
70 """
71 if is_x509_cert:
72 pubkey = crypto.load_certificate(crypto.FILETYPE_PEM, key_pem)
73 else:
74 pubkey = crypto.load_privatekey(crypto.FILETYPE_PEM, key_pem)
75 return OpenSSLVerifier(pubkey)
76
77
78 class OpenSSLSigner(object):
79 """Signs messages with a private key."""
80
81 def __init__(self, pkey):
82 """Constructor.
83
84 Args:
85 pkey: OpenSSL.crypto.PKey (or equiv), The private key to sign with.
86 """
87 self._key = pkey
88
89 def sign(self, message):
90 """Signs a message.
91
92 Args:
93 message: bytes, Message to be signed.
94
95 Returns:
96 string, The signature of the message for the given key.
97 """
98 message = _to_bytes(message, encoding='utf-8')
99 return crypto.sign(self._key, message, 'sha256')
100
101 @staticmethod
102 def from_string(key, password=b'notasecret'):
103 """Construct a Signer instance from a string.
104
105 Args:
106 key: string, private key in PKCS12 or PEM format.
107 password: string, password for the private key file.
108
109 Returns:
110 Signer instance.
111
112 Raises:
113 OpenSSL.crypto.Error if the key can't be parsed.
114 """
115 parsed_pem_key = _parse_pem_key(key)
116 if parsed_pem_key:
117 pkey = crypto.load_privatekey(crypto.FILETYPE_PEM, parsed_pem_key)
118 else:
119 password = _to_bytes(password, encoding='utf-8')
120 pkey = crypto.load_pkcs12(key, password).get_privatekey()
121 return OpenSSLSigner(pkey)
122
123
124 def pkcs12_key_as_pem(private_key_text, private_key_password):
125 """Convert the contents of a PKCS12 key to PEM using OpenSSL.
126
127 Args:
128 private_key_text: String. Private key.
129 private_key_password: String. Password for PKCS12.
130
131 Returns:
132 String. PEM contents of ``private_key_text``.
133 """
134 decoded_body = base64.b64decode(private_key_text)
135 private_key_password = _to_bytes(private_key_password)
136
137 pkcs12 = crypto.load_pkcs12(decoded_body, private_key_password)
138 return crypto.dump_privatekey(crypto.FILETYPE_PEM,
139 pkcs12.get_privatekey())
OLDNEW
« no previous file with comments | « third_party/google-endpoints/oauth2client/_helpers.py ('k') | third_party/google-endpoints/oauth2client/_pycrypto_crypt.py » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698