[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Pki-devel] Replace legacy Python base64 invocations



Patch for https://fedorahosted.org/pki/ticket/1102

b64encode() and base64.encodestring() work slightly different.
encodestring() includes an extra newline at the end of the string. It
seems the server treats both representations equally.

I ran the KRA tests according to base/kra/functional/drmtest.readme.txt.
The tests are passing, too.

Christian
From 8c811f9516d66022aad75df0ee94c71d16ecd64e Mon Sep 17 00:00:00 2001
From: Christian Heimes <cheimes redhat com>
Date: Fri, 26 Jun 2015 14:40:31 +0200
Subject: [PATCH] Replace legacy Python base64 invocations

Replace deprecated base64 functions base64.encodestring() and
base64.decodestring() with b64encode() and b64decode().

https://fedorahosted.org/pki/ticket/1102
---
 base/common/python/pki/key.py               | 21 +++++++++++----------
 base/common/python/pki/systemcert.py        |  2 +-
 base/kra/functional/drmclient_deprecated.py |  8 ++++----
 base/kra/functional/drmtest.py              | 16 ++++++++--------
 4 files changed, 24 insertions(+), 23 deletions(-)

diff --git a/base/common/python/pki/key.py b/base/common/python/pki/key.py
index 3ff6e3dba628181bbb72d5decf8403c8dd747881..578971276fc20111473023e2a49b6b441201f1d6 100644
--- a/base/common/python/pki/key.py
+++ b/base/common/python/pki/key.py
@@ -86,8 +86,8 @@ class Key(object):
 
     def __init__(self, key_data):
         """ Constructor """
-        self.encrypted_data = base64.decodestring(key_data.wrapped_private_data)
-        self.nonce_data = base64.decodestring(key_data.nonce_data)
+        self.encrypted_data = base64.b64decode(key_data.wrapped_private_data)
+        self.nonce_data = base64.b64decode(key_data.nonce_data)
         self.algorithm = key_data.algorithm
         self.size = key_data.size
 
@@ -129,7 +129,7 @@ class KeyInfo(object):
             else:
                 setattr(key_info, k, v)
         if key_info.public_key is not None:
-            key_info.public_key = base64.decodestring(key_info.public_key)
+            key_info.public_key = base64.b64decode(key_info.public_key)
         return key_info
 
     def get_key_id(self):
@@ -579,7 +579,7 @@ class KeyClient(object):
             raise TypeError("Must specify Client Key ID")
 
         if trans_wrapped_session_key is not None:
-            twsk = base64.encodestring(trans_wrapped_session_key)
+            twsk = base64.b64encode(trans_wrapped_session_key)
             # noinspection PyUnusedLocal
             request = SymKeyGenerationRequest(
                 client_key_id=client_key_id,
@@ -757,9 +757,9 @@ class KeyClient(object):
         if not nonce_iv:
             raise TypeError('Missing nonce IV')
 
-        data = base64.encodestring(encrypted_data)
-        twsk = base64.encodestring(wrapped_session_key)
-        symkey_params = base64.encodestring(nonce_iv)
+        data = base64.b64encode(encrypted_data)
+        twsk = base64.b64encode(wrapped_session_key)
+        symkey_params = base64.b64encode(nonce_iv)
 
         request = KeyArchivalRequest(client_key_id=client_key_id,
                                      data_type=data_type,
@@ -799,7 +799,7 @@ class KeyClient(object):
         if pki_archive_options is None:
             raise TypeError("No data provided to be archived")
 
-        data = base64.encodestring(pki_archive_options)
+        data = base64.b64encode(pki_archive_options)
         request = KeyArchivalRequest(client_key_id=client_key_id,
                                      data_type=data_type,
                                      pki_archive_options=data,
@@ -908,8 +908,9 @@ class KeyClient(object):
         request = KeyRecoveryRequest(
             key_id=key_id,
             request_id=request_id,
-            trans_wrapped_session_key=base64.encodestring(
-                trans_wrapped_session_key))
+            trans_wrapped_session_key=base64.b64encode(
+                trans_wrapped_session_key)
+        )
 
         key = self.retrieve_key_data(request)
         if not key_provided:
diff --git a/base/common/python/pki/systemcert.py b/base/common/python/pki/systemcert.py
index d59e07b3dae1633b655af8fa790f98f4e2d20226..56bad786519548a951ba0ba698b5c447485ad0ce 100644
--- a/base/common/python/pki/systemcert.py
+++ b/base/common/python/pki/systemcert.py
@@ -54,6 +54,6 @@ class SystemCertClient(object):
 
         pem = cert_data.encoded
         b64 = pem[len(pki.CERT_HEADER):len(pem) - len(pki.CERT_FOOTER)]
-        cert_data.binary = base64.decodestring(b64)
+        cert_data.binary = base64.b64decode(b64)
 
         return cert_data
diff --git a/base/kra/functional/drmclient_deprecated.py b/base/kra/functional/drmclient_deprecated.py
index 602057f92601b21249f6f2f77b0452951a4b32ad..46406f1ae6c8acf45aac1e22040225e7f4ce4103 100644
--- a/base/kra/functional/drmclient_deprecated.py
+++ b/base/kra/functional/drmclient_deprecated.py
@@ -918,8 +918,8 @@ class kra:
         parse_result = self.get_parse_result_xml(http_body, parse_key_data_xml)
 
         if passphrase == None:
-            iv = nss.data_to_hex(base64.decodestring(parse_result['nonce_data']))
-            parse_result['data'] = self.symmetric_unwrap(base64.decodestring(parse_result['wrapped_data']),
+            iv = nss.data_to_hex(base64.b64decode(parse_result['nonce_data']))
+            parse_result['data'] = self.symmetric_unwrap(base64.b64decode(parse_result['wrapped_data']),
                                                          session_key, iv)
 
         return parse_result
@@ -1008,14 +1008,14 @@ except CertificateOperationError, e:
 # retrieve key
 response = test_kra.retrieve_security_data(request_id)
 print response
-print "retrieved data is " + base64.encodestring(response['data'])
+print "retrieved data is " + base64.b64encode(response['data']) + '\n'
 
 # read original symkey from file
 f = open(work_dir + "/" + symkey_file)
 orig_key = f.read()
 print "orig key is " + orig_key
 
-if orig_key.strip() == base64.encodestring(response['data']).strip():
+if orig_key.strip() == base64.b64encode(response['data']):
     print "Success: the keys match"
 else:
     print "Failure: keys do not match"
diff --git a/base/kra/functional/drmtest.py b/base/kra/functional/drmtest.py
index 0a7bbeaaef350a4027e82ab0c74407bc057e3e8f..ade9587719b8357ae9803a4a4f7ea4f524812e33 100755
--- a/base/kra/functional/drmtest.py
+++ b/base/kra/functional/drmtest.py
@@ -69,7 +69,7 @@ def print_key_info(key_info):
     if key_info.public_key is not None:
         print "Public key: "
         print
-        pub_key = base64.encodestring(key_info.public_key)
+        pub_key = base64.b64encode(key_info.public_key)
         print pub_key
 
 
@@ -77,11 +77,11 @@ def print_key_data(key_data):
     """ Prints the relevant fields of a KeyData object """
     print "Key Algorithm: " + str(key_data.algorithm)
     print "Key Size: " + str(key_data.size)
-    print "Nonce Data: " + base64.encodestring(key_data.nonce_data)
+    print "Nonce Data: " + base64.b64encode(key_data.nonce_data)
     print "Wrapped Private Data: " + \
-          base64.encodestring(key_data.encrypted_data)
+          base64.b64encode(key_data.encrypted_data)
     if key_data.data is not None:
-        print "Private Data: " + base64.encodestring(key_data.data)
+        print "Private Data: " + base64.b64encode(key_data.data)
 
 
 def run_test(protocol, hostname, port, client_cert, certdb_dir, certdb_password):
@@ -165,12 +165,12 @@ def run_test(protocol, hostname, port, client_cert, certdb_dir, certdb_password)
     unwrapped_key = crypto.symmetric_unwrap(key_data.encrypted_data,
                                             session_key,
                                             nonce_iv=key_data.nonce_data)
-    key1 = base64.encodestring(unwrapped_key)
+    key1 = base64.b64encode(unwrapped_key)
 
     # Test 7: Recover key without providing trans_wrapped_session_key
     key_data = keyclient.retrieve_key(key_id)
     print_key_data(key_data)
-    key2 = base64.encodestring(key_data.data)
+    key2 = base64.b64encode(key_data.data)
 
     # Test 8 - Confirm that keys returned are the same
     if key1 == key2:
@@ -251,7 +251,7 @@ def run_test(protocol, hostname, port, client_cert, certdb_dir, certdb_password)
 
     response = keyclient.archive_key(client_key_id,
                                      keyclient.SYMMETRIC_KEY_TYPE,
-                                     base64.decodestring(key1),
+                                     base64.b64decode(key1),
                                      key_algorithm=keyclient.AES_ALGORITHM,
                                      key_size=128)
     print_key_request(response.request_info)
@@ -262,7 +262,7 @@ def run_test(protocol, hostname, port, client_cert, certdb_dir, certdb_password)
 
     key_data = keyclient.retrieve_key(key_info.get_key_id())
     print_key_data(key_data)
-    key2 = base64.encodestring(key_data.data)
+    key2 = base64.b64encode(key_data.data)
 
     if key1 == key2:
         print "Success: archived and recovered keys match"
-- 
2.4.3

Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]