Replace pyOpenSSL by cryptography
The crypto module of the pyOpenSSL library is now discouraged and the cryptography library should be used to manage certificates and keys[1]. [1] https://www.pyopenssl.org/en/latest/api/crypto.html Change-Id: I004e97dfe6444d0278013901005f104461bd8d1a
This commit is contained in:
parent
ebc729b0a7
commit
16811815b6
@ -13,7 +13,7 @@
|
||||
|
||||
from cryptography.hazmat.backends import default_backend
|
||||
from cryptography.hazmat.primitives import serialization
|
||||
from OpenSSL import crypto
|
||||
from cryptography import x509
|
||||
from oslo_serialization import base64
|
||||
|
||||
from barbican import i18n as u # noqa
|
||||
@ -188,12 +188,12 @@ def _convert_public_der_to_pem(der):
|
||||
|
||||
|
||||
def _convert_certificate_pem_to_der(pem):
|
||||
cert = crypto.load_certificate(crypto.FILETYPE_PEM, pem)
|
||||
der = crypto.dump_certificate(crypto.FILETYPE_ASN1, cert)
|
||||
cert = x509.load_pem_x509_certificate(pem)
|
||||
der = cert.public_bytes(serialization.Encoding.DER)
|
||||
return der
|
||||
|
||||
|
||||
def _convert_certificate_der_to_pem(der):
|
||||
cert = crypto.load_certificate(crypto.FILETYPE_ASN1, der)
|
||||
pem = crypto.dump_certificate(crypto.FILETYPE_PEM, cert)
|
||||
cert = x509.load_der_x509_certificate(der)
|
||||
pem = cert.public_bytes(serialization.Encoding.PEM)
|
||||
return pem
|
||||
|
@ -20,7 +20,6 @@ Paste>=2.0.2 # MIT
|
||||
PasteDeploy>=1.5.0 # MIT
|
||||
pbr!=2.1.0,>=2.0.0 # Apache-2.0
|
||||
pecan!=1.0.2,!=1.0.3,!=1.0.4,!=1.2,>=1.0.0 # BSD
|
||||
pyOpenSSL>=17.1.0 # Apache-2.0
|
||||
ldap3>=1.0.2 # LGPLv3
|
||||
keystonemiddleware>=9.5.0 # Apache-2.0
|
||||
SQLAlchemy!=1.1.5,!=1.1.6,!=1.1.7,!=1.1.8,>=1.0.10 # MIT
|
||||
|
Loading…
Reference in New Issue
Block a user