c4c44bcb2d
Mostly a find-replace job. Let's do this now so we don't have to carry it for the next decade. Change-Id: I7bef9fb7c6895f746cee1aca6522786f38b9857c Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
42 lines
1.3 KiB
Python
42 lines
1.3 KiB
Python
# Copyright 2013 Nebula, Inc.
|
|
# All Rights Reserved.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
|
|
import base64
|
|
import subprocess
|
|
|
|
|
|
class DecryptionFailure(Exception):
|
|
pass
|
|
|
|
|
|
def decrypt_password(private_key, password):
|
|
"""Base64 decodes password and unencrypts it with private key.
|
|
|
|
Requires openssl binary available in the path.
|
|
"""
|
|
unencoded = base64.b64decode(password)
|
|
cmd = ['openssl', 'rsautl', '-decrypt', '-inkey', private_key]
|
|
proc = subprocess.Popen(cmd, stdin=subprocess.PIPE,
|
|
stdout=subprocess.PIPE,
|
|
stderr=subprocess.PIPE)
|
|
out, err = proc.communicate(unencoded)
|
|
proc.stdin.close()
|
|
if proc.returncode:
|
|
raise DecryptionFailure(err)
|
|
|
|
if isinstance(out, bytes):
|
|
return out.decode('utf-8')
|
|
return out
|