diff options
| author | Danny Hermes <daniel.j.hermes@gmail.com> | 2015-01-14 20:24:45 -0800 |
|---|---|---|
| committer | Danny Hermes <daniel.j.hermes@gmail.com> | 2015-01-14 20:24:45 -0800 |
| commit | 4d020992b36b4afd753cc5e69646c70d1ac2a7c2 (patch) | |
| tree | 103638d5a57af646b75144986e247ac9e0a9dfcb /oauth2client/crypt.py | |
| parent | bb2e7708ab80d13faf7b36a1f05999ce8496e6ef (diff) | |
| download | oauth2client-4d020992b36b4afd753cc5e69646c70d1ac2a7c2.tar.gz | |
Moving private_key_as_pem->pkcs12_key_as_pem.
Also only defining if OpenSSL is installed and conditionally
defining a method which raises NotImplementedError if not
defined.
Diffstat (limited to 'oauth2client/crypt.py')
| -rw-r--r-- | oauth2client/crypt.py | 54 |
1 files changed, 21 insertions, 33 deletions
diff --git a/oauth2client/crypt.py b/oauth2client/crypt.py index f877de1..381f389 100644 --- a/oauth2client/crypt.py +++ b/oauth2client/crypt.py @@ -137,9 +137,30 @@ try: password = password.encode('utf-8') pkey = crypto.load_pkcs12(key, password).get_privatekey() return OpenSSLSigner(pkey) + + + def pkcs12_key_as_pem(private_key_text, private_key_password): + """Convert the contents of a PKCS12 key to PEM using OpenSSL. + + Args: + private_key_text: String. Private key. + private_key_password: String. Password for PKCS12. + + Returns: + String. PEM contents of ``private_key_text``. + """ + decoded_body = base64.b64decode(private_key_text) + if isinstance(private_key_password, six.string_types): + private_key_password = private_key_password.encode('ascii') + + pkcs12 = crypto.load_pkcs12(decoded_body, private_key_password) + return crypto.dump_privatekey(crypto.FILETYPE_PEM, + pkcs12.get_privatekey()) except ImportError: OpenSSLVerifier = None OpenSSLSigner = None + def pkcs12_key_as_pem(*args, **kwargs): + raise NotImplementedError('pkcs12_key_as_pem requires OpenSSL.') try: @@ -286,39 +307,6 @@ def _parse_pem_key(raw_key_input): return raw_key_input[offset:] -def private_key_as_pem(private_key_text, private_key_password=None): - """Convert the contents of a key to PEM. - - First tries to determine if the current key is PEM, then tries to - use OpenSSL to convert from PKCS12 to PEM. - - Args: - private_key_text: String. Private key. - private_key_password: Optional string. Password for PKCS12. - - Returns: - String. PEM contents of ``private_key_text``. - - Raises: - ImportError: If key is PKCS12 and OpenSSL is not installed. - """ - decoded_body = base64.b64decode(private_key_text) - pem_contents = _parse_pem_key(decoded_body) - if pem_contents is None: - if OpenSSLVerifier is None or OpenSSLSigner is None: - raise ImportError('OpenSSL not installed. Required to convert ' - 'PKCS12 key to PEM.') - - if isinstance(private_key_password, six.string_types): - private_key_password = private_key_password.encode('ascii') - - pkcs12 = crypto.load_pkcs12(decoded_body, private_key_password) - pem_contents = crypto.dump_privatekey(crypto.FILETYPE_PEM, - pkcs12.get_privatekey()) - - return pem_contents - - def _urlsafe_b64encode(raw_bytes): if isinstance(raw_bytes, six.text_type): raw_bytes = raw_bytes.encode('utf-8') |