Handle str and bytes better in crypto (loading and signing)

1 files changed, 9 insertions, 12 deletions

diff --git a/oauth2client/crypt.py b/oauth2client/crypt.py
index 4d92545..0f5cdc0 100644..100755
--- a/oauth2client/crypt.py
+++ b/oauth2client/crypt.py
@@ -112,11 +112,14 @@ try:
       Returns:
         string, The signature of the message for the given key.
       """
+      message = str(message)
       try:
-          message = str.encode(message)
+          signed_message = crypto.sign(self._key, message, 'sha256')
       except TypeError:
-          pass
-      return crypto.sign(self._key, message, 'sha256')
+          # Failed as str, so let's try with bytes (probably 0.14+)
+          message = bytes.decode(message)
+          signed_message = crypto.sign(self._key, message, 'sha256')
+      return signed_message
 
     @staticmethod
     def from_string(key, password='notasecret'):
@@ -138,14 +141,12 @@ try:
       else:
         # OpenSSL 0.13 needs password to be str
         # OpenSSL 0.14 needs password to be bytes
-        # Ensure password is str
-        if isinstance(password, bytes):
-          password = bytes.decode(password)
+        password = str(password)
         try:
           pkey = crypto.load_pkcs12(key, password).get_privatekey()
         except TypeError:
           # Failed as str, so let's try with bytes (probably 0.14+)
-          password = str.encode(password)
+          password = bytes.decode(password)
           pkey = crypto.load_pkcs12(key, password).get_privatekey()
       return OpenSSLSigner(pkey)
 
@@ -367,11 +368,7 @@ def verify_signed_jwt_with_certs(jwt, certs, audience):
   if (len(segments) != 3):
     raise AppIdentityError(
       'Wrong number of segments in token: %s' % jwt)
-  signed = '%s.%s' % (segments[0], segments[1])
-  try:
-    signed = str.encode(signed)
-  except TypeError:
-    pass
+  signed = str('%s.%s' % (segments[0], segments[1]))
 
   signature = _urlsafe_b64decode(segments[2])