From 88d4a52ab9e928c98191e7e40763179f04979f7f Mon Sep 17 00:00:00 2001 From: Kishi85 Date: Mon, 15 Apr 2019 18:14:14 +0200 Subject: [PATCH] tools: use cryptography conversion instead of custom function Use cryptography's int_to_bytes consistently instead of our own number to byte conversion function --- acertmgr/tools.py | 16 +++------------- 1 file changed, 3 insertions(+), 13 deletions(-) diff --git a/acertmgr/tools.py b/acertmgr/tools.py index 351197f..f4e5f20 100644 --- a/acertmgr/tools.py +++ b/acertmgr/tools.py @@ -7,7 +7,6 @@ # available under the ISC license, see LICENSE import base64 -import binascii import datetime import io import os @@ -19,8 +18,8 @@ from cryptography.hazmat.backends import default_backend from cryptography.hazmat.primitives import hashes, serialization from cryptography.hazmat.primitives.asymmetric import rsa, ec, padding from cryptography.hazmat.primitives.asymmetric.utils import decode_dss_signature -from cryptography.x509.oid import NameOID, ExtensionOID from cryptography.utils import int_to_bytes +from cryptography.x509.oid import NameOID, ExtensionOID try: from urllib.request import urlopen, Request # Python 3 @@ -241,8 +240,8 @@ def get_key_alg_and_jwk(key): # See https://tools.ietf.org/html/rfc7518#section-6.3 numbers = key.public_key().public_numbers() return "RS256", {"kty": "RSA", - "e": bytes_to_base64url(number_to_byte_format(numbers.e)), - "n": bytes_to_base64url(number_to_byte_format(numbers.n))} + "e": bytes_to_base64url(int_to_bytes(numbers.e)), + "n": bytes_to_base64url(int_to_bytes(numbers.n))} elif isinstance(key, ec.EllipticCurvePrivateKey): # See https://tools.ietf.org/html/rfc7518#section-6.2 numbers = key.public_key().public_numbers() @@ -302,15 +301,6 @@ def bytes_to_base64url(b): return base64.urlsafe_b64encode(b).decode('utf8').replace("=", "") -# @brief convert numbers to byte-string -# @param num number to convert -# @return byte-string containing the number -def number_to_byte_format(num): - n = format(num, 'x') - n = "0{0}".format(n) if len(n) % 2 else n - return binascii.unhexlify(n) - - # @brief check whether existing target file is still valid or source crt has been updated # @param target string containing the path to the target file # @param file string containing the path to the certificate file