Replace openssl calls with cryptography lib
This patch is a code reduction cleanup fix. Exec calls to openssl can mostly be replaced with a proper python library called cryptography. Changed the following: * Removed convert_from_sshrsa_to_pkcs8 and _to_sequence since cryptography already has a method to do this conversion. * Replaced openssl rsautl call in ssh_encrypt_text and decrypt_text with cryptography's public key encrypt and decrypt methods. * Replaced call to openssl x509 with cryptography's load_pem_x509_certificate which also includes a way to retrieve the fingerprint. * generate_fingerprint's calls to paramiko were replaced with cryptography's serialization module. Cryptography supports all key sizes of elliptic curve keys whereas paramiko did not. * Removed the requirement on pyasn1 Change-Id: I750b49e6a73cd18af8199c1c859c9f6047252387
This commit is contained in:
Eric Brown
parent
a8ece7bec8
commit
16e5c6ab21
@ -12,6 +12,7 @@ keystonemiddleware>=2.0.0
|
||||
lxml>=2.3
|
||||
Routes!=2.0,!=2.1,>=1.12.3;python_version=='2.7'
|
||||
Routes!=2.0,>=1.12.3;python_version!='2.7'
|
||||
cryptography>=0.9.1 # Apache-2.0
|
||||
WebOb>=1.2.3
|
||||
greenlet>=0.3.2
|
||||
PasteDeploy>=1.5.0
|
||||
@ -21,7 +22,6 @@ sqlalchemy-migrate>=0.9.6
|
||||
netaddr>=0.7.12
|
||||
netifaces>=0.10.4
|
||||
paramiko>=1.13.0
|
||||
pyasn1
|
||||
Babel>=1.3
|
||||
iso8601>=0.1.9
|
||||
jsonschema!=2.5.0,<3.0.0,>=2.0.0
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user