Drop paramiko < 2 compat code

This drops the paramiko < 2 compatibility code so we only need to
support one major version.

Depends-On: I2369638282b4fefccd8484a5039fcfa9795069a7
(global requirements change)

Change-Id: Ife4df9e64299e1182d77d568d1deed5ec3b608b3
Closes-Bug: #1483132
This commit is contained in:
Sean Dague 2016-05-10 11:39:11 -04:00 committed by Corey Wright
parent c05b338f16
commit 6b1293fd6f
3 changed files with 2 additions and 34 deletions

View File

@ -128,39 +128,8 @@ def generate_x509_fingerprint(pem_key):
'Error message: %s') % ex) 'Error message: %s') % ex)
def generate_key(bits):
"""Generate a paramiko RSAKey"""
# NOTE(dims): pycryptodome has changed the signature of the RSA.generate
# call. specifically progress_func has been dropped. paramiko still uses
# pycrypto. However some projects like latest pysaml2 have switched from
# pycrypto to pycryptodome as pycrypto seems to have been abandoned.
# paramiko project has started transition to pycryptodome as well but
# there is no release yet with that support. So at the moment depending on
# which version of pysaml2 is installed, Nova is likely to break. So we
# call "RSA.generate(bits)" which works on both pycrypto and pycryptodome
# and then wrap it into a paramiko.RSAKey
#
# NOTE(coreywright): Paramiko 2 avoids this conundrum by migrating from
# PyCrypto/PyCryptodome to cryptography.
#
# TODO(coreywright): When Paramiko constraint is upgraded to 2.x, then
# remove this abstraction and replace the call to this function with a call
# to `paramiko.RSAKey.generate(bits)`.
if paramiko.__version_info__[0] == 2:
key = paramiko.RSAKey.generate(bits)
else: # paramiko 1.x
from Crypto.PublicKey import RSA
rsa = RSA.generate(bits)
key = paramiko.RSAKey(vals=(rsa.e, rsa.n))
key.d = rsa.d
key.p = rsa.p
key.q = rsa.q
return key
def generate_key_pair(bits=2048): def generate_key_pair(bits=2048):
key = generate_key(bits) key = paramiko.RSAKey.generate(bits)
keyout = six.StringIO() keyout = six.StringIO()
key.write_private_key(keyout) key.write_private_key(keyout)
private_key = keyout.getvalue() private_key = keyout.getvalue()

View File

@ -362,7 +362,7 @@ class KeyPairTest(test.NoDBTestCase):
keyin.seek(0) keyin.seek(0)
key = paramiko.RSAKey.from_private_key(keyin) key = paramiko.RSAKey.from_private_key(keyin)
with mock.patch.object(crypto, 'generate_key') as mock_generate: with mock.patch.object(paramiko.RSAKey, 'generate') as mock_generate:
mock_generate.return_value = key mock_generate.return_value = key
(private_key, public_key, fingerprint) = crypto.generate_key_pair() (private_key, public_key, fingerprint) = crypto.generate_key_pair()
self.assertEqual(self.rsa_pub, public_key) self.assertEqual(self.rsa_pub, public_key)

View File

@ -13,7 +13,6 @@ lxml>=2.3 # BSD
Routes!=2.0,!=2.1,!=2.3.0,>=1.12.3;python_version=='2.7' # MIT Routes!=2.0,!=2.1,!=2.3.0,>=1.12.3;python_version=='2.7' # MIT
Routes!=2.0,!=2.3.0,>=1.12.3;python_version!='2.7' # MIT Routes!=2.0,!=2.3.0,>=1.12.3;python_version!='2.7' # MIT
cryptography!=1.3.0,>=1.0 # BSD/Apache-2.0 cryptography!=1.3.0,>=1.0 # BSD/Apache-2.0
pycrypto>=2.6 # Public Domain
WebOb>=1.2.3 # MIT WebOb>=1.2.3 # MIT
greenlet>=0.3.2 # MIT greenlet>=0.3.2 # MIT
PasteDeploy>=1.5.0 # MIT PasteDeploy>=1.5.0 # MIT