Drop paramiko < 2 compat code
This drops the paramiko < 2 compatibility code so we only need to support one major version. Depends-On: I2369638282b4fefccd8484a5039fcfa9795069a7 (global requirements change) Change-Id: Ife4df9e64299e1182d77d568d1deed5ec3b608b3 Closes-Bug: #1483132
This commit is contained in:
parent
c05b338f16
commit
6b1293fd6f
|
@ -128,39 +128,8 @@ def generate_x509_fingerprint(pem_key):
|
|||
'Error message: %s') % ex)
|
||||
|
||||
|
||||
def generate_key(bits):
|
||||
"""Generate a paramiko RSAKey"""
|
||||
# NOTE(dims): pycryptodome has changed the signature of the RSA.generate
|
||||
# call. specifically progress_func has been dropped. paramiko still uses
|
||||
# pycrypto. However some projects like latest pysaml2 have switched from
|
||||
# pycrypto to pycryptodome as pycrypto seems to have been abandoned.
|
||||
# paramiko project has started transition to pycryptodome as well but
|
||||
# there is no release yet with that support. So at the moment depending on
|
||||
# which version of pysaml2 is installed, Nova is likely to break. So we
|
||||
# call "RSA.generate(bits)" which works on both pycrypto and pycryptodome
|
||||
# and then wrap it into a paramiko.RSAKey
|
||||
#
|
||||
# NOTE(coreywright): Paramiko 2 avoids this conundrum by migrating from
|
||||
# PyCrypto/PyCryptodome to cryptography.
|
||||
#
|
||||
# TODO(coreywright): When Paramiko constraint is upgraded to 2.x, then
|
||||
# remove this abstraction and replace the call to this function with a call
|
||||
# to `paramiko.RSAKey.generate(bits)`.
|
||||
|
||||
if paramiko.__version_info__[0] == 2:
|
||||
key = paramiko.RSAKey.generate(bits)
|
||||
else: # paramiko 1.x
|
||||
from Crypto.PublicKey import RSA
|
||||
rsa = RSA.generate(bits)
|
||||
key = paramiko.RSAKey(vals=(rsa.e, rsa.n))
|
||||
key.d = rsa.d
|
||||
key.p = rsa.p
|
||||
key.q = rsa.q
|
||||
return key
|
||||
|
||||
|
||||
def generate_key_pair(bits=2048):
|
||||
key = generate_key(bits)
|
||||
key = paramiko.RSAKey.generate(bits)
|
||||
keyout = six.StringIO()
|
||||
key.write_private_key(keyout)
|
||||
private_key = keyout.getvalue()
|
||||
|
|
|
@ -362,7 +362,7 @@ class KeyPairTest(test.NoDBTestCase):
|
|||
keyin.seek(0)
|
||||
key = paramiko.RSAKey.from_private_key(keyin)
|
||||
|
||||
with mock.patch.object(crypto, 'generate_key') as mock_generate:
|
||||
with mock.patch.object(paramiko.RSAKey, 'generate') as mock_generate:
|
||||
mock_generate.return_value = key
|
||||
(private_key, public_key, fingerprint) = crypto.generate_key_pair()
|
||||
self.assertEqual(self.rsa_pub, public_key)
|
||||
|
|
|
@ -13,7 +13,6 @@ lxml>=2.3 # BSD
|
|||
Routes!=2.0,!=2.1,!=2.3.0,>=1.12.3;python_version=='2.7' # MIT
|
||||
Routes!=2.0,!=2.3.0,>=1.12.3;python_version!='2.7' # MIT
|
||||
cryptography!=1.3.0,>=1.0 # BSD/Apache-2.0
|
||||
pycrypto>=2.6 # Public Domain
|
||||
WebOb>=1.2.3 # MIT
|
||||
greenlet>=0.3.2 # MIT
|
||||
PasteDeploy>=1.5.0 # MIT
|
||||
|
|
Loading…
Reference in New Issue