Merge "Port signature_utils to Python 3"

2015-11-06 13:29:26 +00:00 · 2015-11-06 13:29:26 +00:00 · d57a4fc4ed
parent 52623b9edd 43178a29e5
commit d57a4fc4ed
3 changed files with 14 additions and 8 deletions
--- a/glance/common/signature_utils.py
+++ b/glance/common/signature_utils.py
@ -15,7 +15,7 @@

 """Support signature verification."""

-import base64
+import binascii

 from castellan import key_manager
 from cryptography import exceptions as crypto_exception
@ -25,7 +25,9 @@ from cryptography.hazmat.primitives.asymmetric import rsa
 from cryptography.hazmat.primitives import hashes
 from cryptography import x509
 from oslo_log import log as logging
+from oslo_serialization import base64
 from oslo_utils import encodeutils
+import six

 from glance.common import exception
 from glance import i18n
@ -112,6 +114,9 @@ def verify_signature(context, checksum_hash, image_properties):
            'Required image properties for signature verification do not'
            ' exist. Cannot verify signature.')

+    if isinstance(checksum_hash, six.text_type):
+        checksum_hash = checksum_hash.encode('utf-8')
+
    signature = get_signature(image_properties[SIGNATURE])
    hash_method = get_hash_method(image_properties[HASH_METHOD])
    signature_key_type = get_signature_key_type(
@ -179,8 +184,8 @@ def get_signature(signature_data):
    :raises: SignatureVerificationError if the signature data is malformatted
    """
    try:
-        signature = base64.b64decode(signature_data)
-    except TypeError:
+        signature = base64.decode_as_bytes(signature_data)
+    except (TypeError, binascii.Error):
        raise exception.SignatureVerificationError(
            'The signature data was not properly encoded using base64')

--- a/glance/tests/unit/common/test_signature_utils.py
+++ b/glance/tests/unit/common/test_signature_utils.py
@ -119,9 +119,9 @@ class TestSignatureUtils(test_utils.BaseTestCase):

    @mock.patch('glance.common.signature_utils.get_public_key')
    def test_verify_signature_PSS(self, mock_get_pub_key):
-        checksum_hash = '224626ae19824466f2a7f39ab7b80f7f'
+        checksum_hash = b'224626ae19824466f2a7f39ab7b80f7f'
        mock_get_pub_key.return_value = TEST_PRIVATE_KEY.public_key()
-        for hash_name, hash_alg in signature_utils.HASH_METHODS.iteritems():
+        for hash_name, hash_alg in signature_utils.HASH_METHODS.items():
            signer = TEST_PRIVATE_KEY.signer(
                padding.PSS(
                    mgf=padding.MGF1(hash_alg),
@ -143,10 +143,10 @@ class TestSignatureUtils(test_utils.BaseTestCase):

    @mock.patch('glance.common.signature_utils.get_public_key')
    def test_verify_signature_custom_PSS_salt(self, mock_get_pub_key):
-        checksum_hash = '224626ae19824466f2a7f39ab7b80f7f'
+        checksum_hash = b'224626ae19824466f2a7f39ab7b80f7f'
        mock_get_pub_key.return_value = TEST_PRIVATE_KEY.public_key()
        custom_salt_length = 32
-        for hash_name, hash_alg in signature_utils.HASH_METHODS.iteritems():
+        for hash_name, hash_alg in signature_utils.HASH_METHODS.items():
            signer = TEST_PRIVATE_KEY.signer(
                padding.PSS(
                    mgf=padding.MGF1(hash_alg),
@ -269,7 +269,7 @@ class TestSignatureUtils(test_utils.BaseTestCase):
                                None, checksum_hash, image_properties)

    def test_get_signature(self):
-        signature = 'A' * 256
+        signature = b'A' * 256
        data = base64.b64encode(signature)
        self.assertEqual(signature,
                         signature_utils.get_signature(data))
--- a/tox.ini
+++ b/tox.ini
@ -41,6 +41,7 @@ commands =
    glance.tests.unit.common.test_rpc \
    glance.tests.unit.common.test_scripts \
    glance.tests.unit.common.test_semver \
+    glance.tests.unit.common.test_signature_utils \
    glance.tests.unit.common.test_swift_store_utils \
    glance.tests.unit.common.test_utils \
    glance.tests.unit.common.test_wsgi \