Merge "Port signature_utils to Python 3"
This commit is contained in:
commit
d57a4fc4ed
@ -15,7 +15,7 @@
|
||||
|
||||
"""Support signature verification."""
|
||||
|
||||
import base64
|
||||
import binascii
|
||||
|
||||
from castellan import key_manager
|
||||
from cryptography import exceptions as crypto_exception
|
||||
@ -25,7 +25,9 @@ from cryptography.hazmat.primitives.asymmetric import rsa
|
||||
from cryptography.hazmat.primitives import hashes
|
||||
from cryptography import x509
|
||||
from oslo_log import log as logging
|
||||
from oslo_serialization import base64
|
||||
from oslo_utils import encodeutils
|
||||
import six
|
||||
|
||||
from glance.common import exception
|
||||
from glance import i18n
|
||||
@ -112,6 +114,9 @@ def verify_signature(context, checksum_hash, image_properties):
|
||||
'Required image properties for signature verification do not'
|
||||
' exist. Cannot verify signature.')
|
||||
|
||||
if isinstance(checksum_hash, six.text_type):
|
||||
checksum_hash = checksum_hash.encode('utf-8')
|
||||
|
||||
signature = get_signature(image_properties[SIGNATURE])
|
||||
hash_method = get_hash_method(image_properties[HASH_METHOD])
|
||||
signature_key_type = get_signature_key_type(
|
||||
@ -179,8 +184,8 @@ def get_signature(signature_data):
|
||||
:raises: SignatureVerificationError if the signature data is malformatted
|
||||
"""
|
||||
try:
|
||||
signature = base64.b64decode(signature_data)
|
||||
except TypeError:
|
||||
signature = base64.decode_as_bytes(signature_data)
|
||||
except (TypeError, binascii.Error):
|
||||
raise exception.SignatureVerificationError(
|
||||
'The signature data was not properly encoded using base64')
|
||||
|
||||
|
@ -119,9 +119,9 @@ class TestSignatureUtils(test_utils.BaseTestCase):
|
||||
|
||||
@mock.patch('glance.common.signature_utils.get_public_key')
|
||||
def test_verify_signature_PSS(self, mock_get_pub_key):
|
||||
checksum_hash = '224626ae19824466f2a7f39ab7b80f7f'
|
||||
checksum_hash = b'224626ae19824466f2a7f39ab7b80f7f'
|
||||
mock_get_pub_key.return_value = TEST_PRIVATE_KEY.public_key()
|
||||
for hash_name, hash_alg in signature_utils.HASH_METHODS.iteritems():
|
||||
for hash_name, hash_alg in signature_utils.HASH_METHODS.items():
|
||||
signer = TEST_PRIVATE_KEY.signer(
|
||||
padding.PSS(
|
||||
mgf=padding.MGF1(hash_alg),
|
||||
@ -143,10 +143,10 @@ class TestSignatureUtils(test_utils.BaseTestCase):
|
||||
|
||||
@mock.patch('glance.common.signature_utils.get_public_key')
|
||||
def test_verify_signature_custom_PSS_salt(self, mock_get_pub_key):
|
||||
checksum_hash = '224626ae19824466f2a7f39ab7b80f7f'
|
||||
checksum_hash = b'224626ae19824466f2a7f39ab7b80f7f'
|
||||
mock_get_pub_key.return_value = TEST_PRIVATE_KEY.public_key()
|
||||
custom_salt_length = 32
|
||||
for hash_name, hash_alg in signature_utils.HASH_METHODS.iteritems():
|
||||
for hash_name, hash_alg in signature_utils.HASH_METHODS.items():
|
||||
signer = TEST_PRIVATE_KEY.signer(
|
||||
padding.PSS(
|
||||
mgf=padding.MGF1(hash_alg),
|
||||
@ -269,7 +269,7 @@ class TestSignatureUtils(test_utils.BaseTestCase):
|
||||
None, checksum_hash, image_properties)
|
||||
|
||||
def test_get_signature(self):
|
||||
signature = 'A' * 256
|
||||
signature = b'A' * 256
|
||||
data = base64.b64encode(signature)
|
||||
self.assertEqual(signature,
|
||||
signature_utils.get_signature(data))
|
||||
|
1
tox.ini
1
tox.ini
@ -41,6 +41,7 @@ commands =
|
||||
glance.tests.unit.common.test_rpc \
|
||||
glance.tests.unit.common.test_scripts \
|
||||
glance.tests.unit.common.test_semver \
|
||||
glance.tests.unit.common.test_signature_utils \
|
||||
glance.tests.unit.common.test_swift_store_utils \
|
||||
glance.tests.unit.common.test_utils \
|
||||
glance.tests.unit.common.test_wsgi \
|
||||
|
Loading…
x
Reference in New Issue
Block a user