def _get_pem_key(credentials): """Gets private key for a PEM payload from a credentials object. :type credentials: :class:`service_account.ServiceAccountCredentials`, :param credentials: The credentials used to create a private key for signing text. :rtype: :class:`OpenSSL.crypto.PKey` :returns: A PKey object used to sign text. :raises: `TypeError` if `credentials` is the wrong type. `EnvironmentError` if `crypto` did not import successfully. """ if isinstance(credentials, ServiceAccountCredentials): if credentials._private_key_pkcs12 is not None: # Take our PKCS12 (.p12) text and convert to PEM text. pem_text = crypt.pkcs12_key_as_pem( credentials._private_key_pkcs12, credentials._private_key_password) else: pem_text = credentials._private_key_pkcs8_pem else: raise TypeError( (credentials, 'not a valid service account credentials type')) if crypto is None: raise EnvironmentError( 'pyOpenSSL must be installed to load a private key') return crypto.load_privatekey(crypto.FILETYPE_PEM, pem_text)
def _get_pem_key(credentials): """Gets private key for a PEM payload from a credentials object. :type credentials: :class:`service_account.ServiceAccountCredentials`, :param credentials: The credentials used to create a private key for signing text. :rtype: :class:`OpenSSL.crypto.PKey` :returns: A PKey object used to sign text. :raises: `TypeError` if `credentials` is the wrong type. `EnvironmentError` if `crypto` did not import successfully. """ if isinstance(credentials, ServiceAccountCredentials): if credentials._private_key_pkcs12 is not None: # Take our PKCS12 (.p12) text and convert to PEM text. pem_text = crypt.pkcs12_key_as_pem( credentials._private_key_pkcs12, credentials._private_key_password) else: pem_text = credentials._private_key_pkcs8_pem else: raise TypeError((credentials, 'not a valid service account credentials type')) if crypto is None: raise EnvironmentError( 'pyOpenSSL must be installed to load a private key') return crypto.load_privatekey(crypto.FILETYPE_PEM, pem_text)
def test_succeeds(self): self.assertEqual(True, HAS_OPENSSL) credentials = self._make_signed_jwt_creds() pem_contents = crypt.pkcs12_key_as_pem(credentials.private_key, credentials.private_key_password) pkcs12_key_as_pem = datafile('pem_from_pkcs12.pem') pkcs12_key_as_pem = crypt._parse_pem_key(pkcs12_key_as_pem) self.assertEqual(pem_contents, pkcs12_key_as_pem)
def test_succeeds(self): self.assertEqual(True, HAS_OPENSSL) credentials = self._make_signed_jwt_creds() pem_contents = crypt.pkcs12_key_as_pem(credentials.private_key, credentials.private_key_password) pkcs12_key_as_pem = datafile('pem_from_pkcs12.pem') pkcs12_key_as_pem = crypt._parse_pem_key(pkcs12_key_as_pem) alternate_pem = datafile('pem_from_pkcs12_alternate.pem') self.assertTrue(pem_contents in [pkcs12_key_as_pem, alternate_pem])
def _succeeds_helper(self, password=None): self.assertEqual(True, HAS_OPENSSL) credentials = self._make_signed_jwt_creds() if password is None: password = credentials.private_key_password pem_contents = crypt.pkcs12_key_as_pem(credentials.private_key, password) pkcs12_key_as_pem = datafile('pem_from_pkcs12.pem') pkcs12_key_as_pem = _helpers._parse_pem_key(pkcs12_key_as_pem) alternate_pem = datafile('pem_from_pkcs12_alternate.pem') self.assertTrue(pem_contents in [pkcs12_key_as_pem, alternate_pem])
def _succeeds_helper(self, password=None): self.assertEqual(True, client.HAS_OPENSSL) credentials = self._make_svc_account_creds() if password is None: password = credentials._private_key_password pem_contents = crypt.pkcs12_key_as_pem( credentials._private_key_pkcs12, password) pkcs12_key_as_pem = datafile('pem_from_pkcs12.pem') pkcs12_key_as_pem = _helpers._parse_pem_key(pkcs12_key_as_pem) alternate_pem = datafile('pem_from_pkcs12_alternate.pem') self.assertTrue(pem_contents in [pkcs12_key_as_pem, alternate_pem])
def _get_pem_key(credentials): """Gets RSA key for a PEM payload from a credentials object. :type credentials: :class:`client.SignedJwtAssertionCredentials`, :class:`service_account._ServiceAccountCredentials` :param credentials: The credentials used to create an RSA key for signing text. :rtype: :class:`Crypto.PublicKey.RSA._RSAobj` :returns: An RSA object used to sign text. :raises: `TypeError` if `credentials` is the wrong type. """ if isinstance(credentials, client.SignedJwtAssertionCredentials): # Take our PKCS12 (.p12) key and make it into a RSA key we can use. pem_text = crypt.pkcs12_key_as_pem(credentials.private_key, credentials.private_key_password) elif isinstance(credentials, service_account._ServiceAccountCredentials): pem_text = credentials._private_key_pkcs8_text else: raise TypeError((credentials, 'not a valid service account credentials type')) return RSA.importKey(pem_text)
def _get_pem_key(credentials): """Gets RSA key for a PEM payload from a credentials object. :type credentials: :class:`client.SignedJwtAssertionCredentials`, :class:`service_account._ServiceAccountCredentials` :param credentials: The credentials used to create an RSA key for signing text. :rtype: :class:`Crypto.PublicKey.RSA._RSAobj` :returns: An RSA object used to sign text. :raises: `TypeError` if `credentials` is the wrong type. """ if isinstance(credentials, client.SignedJwtAssertionCredentials): # Take our PKCS12 (.p12) key and make it into a RSA key we can use. pem_text = crypt.pkcs12_key_as_pem(credentials.private_key, credentials.private_key_password) elif isinstance(credentials, service_account._ServiceAccountCredentials): pem_text = credentials._private_key_pkcs8_text else: raise TypeError( (credentials, 'not a valid service account credentials type')) return RSA.importKey(pem_text)
def _get_pem_key(credentials): """Gets private key for a PEM payload from a credentials object. :type credentials: :class:`client.SignedJwtAssertionCredentials`, :class:`service_account._ServiceAccountCredentials` :param credentials: The credentials used to create a private key for signing text. :rtype: :class:`OpenSSL.crypto.PKey` :returns: A PKey object used to sign text. :raises: `TypeError` if `credentials` is the wrong type. """ if isinstance(credentials, client.SignedJwtAssertionCredentials): # Take our PKCS12 (.p12) text and convert to PEM text. pem_text = crypt.pkcs12_key_as_pem(credentials.private_key, credentials.private_key_password) elif isinstance(credentials, service_account._ServiceAccountCredentials): pem_text = credentials._private_key_pkcs8_text else: raise TypeError((credentials, 'not a valid service account credentials type')) return crypto.load_privatekey(crypto.FILETYPE_PEM, pem_text)