Remove the dependency on pyOpenSSL

main
Florent Daigniere 2 years ago
parent a366116cae
commit 3e38e7b89d

@ -2,20 +2,21 @@
They are thus represented as ASCII armored PEM. They are thus represented as ASCII armored PEM.
""" """
from OpenSSL import crypto from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import rsa
def gen_key(key_type=crypto.TYPE_RSA, bits=2048): def gen_key(bits=2048):
""" Generate and return a new RSA key. """ Generate and return a new RSA key.
""" """
key = crypto.PKey() k = rsa.generate_private_key(public_exponent=65537, key_size=bits)
key.generate_key(key_type, bits) return k.private_bytes(encoding=serialization.Encoding.PEM,format=serialization.PrivateFormat.PKCS8,encryption_algorithm=serialization.NoEncryption())
return crypto.dump_privatekey(crypto.FILETYPE_PEM, key)
def strip_key(pem): def strip_key(pem):
""" Return only the b64 part of the ASCII armored PEM. """ Return only the b64 part of the ASCII armored PEM.
""" """
key = crypto.load_privatekey(crypto.FILETYPE_PEM, pem)
public_pem = crypto.dump_publickey(crypto.FILETYPE_PEM, key) priv_key = serialization.load_pem_private_key(pem, password=None)
public_pem = priv_key.public_key().public_bytes(encoding=serialization.Encoding.PEM,format=serialization.PublicFormat.SubjectPublicKeyInfo)
return public_pem.replace(b"\n", b"").split(b"-----")[2] return public_pem.replace(b"\n", b"").split(b"-----")[2]

@ -19,7 +19,7 @@ from marshmallow_sqlalchemy.fields import RelatedList
from flask_marshmallow import Marshmallow from flask_marshmallow import Marshmallow
from OpenSSL import crypto from cryptography.hazmat.primitives import serialization
from pygments import highlight from pygments import highlight
from pygments.token import Token from pygments.token import Token
@ -609,7 +609,7 @@ class DkimKeyField(fields.String):
# check key validity # check key validity
try: try:
crypto.load_privatekey(crypto.FILETYPE_PEM, value) serialization.load_pem_private_key(value, password=None)
except crypto.Error as exc: except crypto.Error as exc:
raise ValidationError(f'invalid dkim key {bad_key!r}') from exc raise ValidationError(f'invalid dkim key {bad_key!r}') from exc
else: else:

@ -27,7 +27,6 @@ mysql-connector-python==8.0.29
passlib passlib
psycopg2-binary psycopg2-binary
Pygments Pygments
pyOpenSSL
PyYAML PyYAML
redis redis
SQLAlchemy SQLAlchemy

@ -51,7 +51,6 @@ psycopg2-binary==2.9.5
pycares==4.2.2 pycares==4.2.2
pycparser==2.21 pycparser==2.21
Pygments==2.13.0 Pygments==2.13.0
pyOpenSSL==22.1.0
pyparsing==3.0.9 pyparsing==3.0.9
python-dateutil==2.8.2 python-dateutil==2.8.2
pytz==2022.6 pytz==2022.6

Loading…
Cancel
Save