From ae16d24fd17e73bd80e72de612639aaca528cf2f Mon Sep 17 00:00:00 2001 From: Jimmy Zelinskie Date: Tue, 27 Sep 2016 23:20:31 -0400 Subject: [PATCH] license: validate via key instance rather than PEM --- test/test_license.py | 18 ++++++++++++------ util/config/provider/license.py | 12 +++++++----- 2 files changed, 19 insertions(+), 11 deletions(-) diff --git a/test/test_license.py b/test/test_license.py index 0b041924b..5c7c93089 100644 --- a/test/test_license.py +++ b/test/test_license.py @@ -1,11 +1,15 @@ import unittest -import jwt from datetime import datetime, timedelta -from util.config.provider.license import (decode_license, LICENSE_PRODUCT_NAME, - LicenseValidationError) + +import jwt from Crypto.PublicKey import RSA +from cryptography.hazmat.backends import default_backend +from cryptography.hazmat.primitives.serialization import load_der_public_key + +from util.config.provider.license import (decode_license, LICENSE_PRODUCT_NAME, + LicenseValidationError) class TestLicense(unittest.TestCase): @@ -13,16 +17,18 @@ class TestLicense(unittest.TestCase): with open('test/data/test.pem') as f: private_key = f.read() - return (RSA.importKey(private_key).publickey().exportKey('PEM'), private_key) + public_key = load_der_public_key(RSA.importKey(private_key).publickey().exportKey('DER'), + backend=default_backend()) + return (public_key, private_key) def create_license(self, license_data): (public_key, private_key) = self.keys() # Encode the license with the JWT key. - encoded = jwt.encode(license_data, private_key, 'RS256') + encoded = jwt.encode(license_data, private_key, algorithm='RS256') # Decode it into a license object. - return decode_license(encoded, public_key_contents=public_key) + return decode_license(encoded, public_key_instance=public_key) def get_license(self, expiration_delta=None, **kwargs): license_data = { diff --git a/util/config/provider/license.py b/util/config/provider/license.py index 829a944cc..5346137a4 100644 --- a/util/config/provider/license.py +++ b/util/config/provider/license.py @@ -107,6 +107,7 @@ class License(object): LICENSE_FILENAME = 'license' + _PROD_LICENSE_PUBLIC_KEY_DATA = """ -----BEGIN PUBLIC KEY----- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuCkRnkuqox3A0djgRnHR @@ -119,10 +120,13 @@ qwIDAQAB -----END PUBLIC KEY----- """ -def decode_license(license_contents, public_key_contents=None): + +_PROD_LICENSE_PUBLIC_KEY = load_pem_public_key(_PROD_LICENSE_PUBLIC_KEY_DATA, + backend=default_backend()) + +def decode_license(license_contents, public_key_instance=None): """ Decodes the specified license contents, returning the decoded license. """ - public_key_data = public_key_contents or _PROD_LICENSE_PUBLIC_KEY_DATA - license_public_key = load_pem_public_key(public_key_data, backend=default_backend()) + license_public_key = public_key_instance or _PROD_LICENSE_PUBLIC_KEY try: decoded = jwt.decode(license_contents, key=license_public_key) except jwt.exceptions.DecodeError as de: @@ -130,5 +134,3 @@ def decode_license(license_contents, public_key_contents=None): raise LicenseDecodeError('Could not decode license found: %s' % de.message) return License(decoded) - -