-
Notifications
You must be signed in to change notification settings - Fork 311
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding cryptography
Signer.
#185
Conversation
google/auth/_service_account_info.py
Outdated
if _cryptography_impl is None: | ||
DefaultSigner = crypt.RSASigner | ||
else: | ||
DefaultSigner = _cryptography_impl.CryptographySigner |
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
google/auth/crypt.py
Outdated
@@ -206,7 +206,59 @@ def sign(self, message): | |||
raise NotImplementedError('Sign must be implemented') | |||
|
|||
|
|||
class RSASigner(Signer): | |||
class _FromServiceAccountMixin(object): |
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
@dhermes how would you feel about splitting
|
SGTM. Care to do the re-org in a separate PR without the |
Ya. Will do (soonish, I hope) |
Alright, with #189 in you should be good to rebase. :) |
google/auth/crypt/base.py
Outdated
@@ -62,3 +68,51 @@ def sign(self, message): | |||
# pylint: disable=missing-raises-doc,redundant-returns-doc | |||
# (pylint doesn't recognize that this is abstract) | |||
raise NotImplementedError('Sign must be implemented') | |||
|
|||
|
|||
class _FromServiceAccountMixin(object): |
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
google/auth/crypt/rsa.py
Outdated
from google.auth.crypt import _python_rsa | ||
|
||
RSASigner = _python_rsa.RSASigner | ||
RSAVerifier = _python_rsa.RSAVerifier |
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
@jonparrott Officially rebased (unit tests and |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks mostly good so far.
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
|
||
"""Verifier and signer that use the ``cryptography`` library. |
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
_SHA256 = hashes.SHA256() | ||
|
||
|
||
class CryptographySigner(base.Signer, base._FromServiceAccountMixin): |
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
google/auth/crypt/base.py
Outdated
@@ -62,3 +68,51 @@ def sign(self, message): | |||
# pylint: disable=missing-raises-doc,redundant-returns-doc | |||
# (pylint doesn't recognize that this is abstract) | |||
raise NotImplementedError('Sign must be implemented') | |||
|
|||
|
|||
class _FromServiceAccountMixin(object): |
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
google/auth/crypt/rsa.py
Outdated
from google.auth.crypt import _python_rsa | ||
|
||
RSASigner = _python_rsa.RSASigner | ||
RSAVerifier = _python_rsa.RSAVerifier |
This comment was marked as spam.
This comment was marked as spam.
Sorry, something went wrong.
@jonparrott Updates sent for your review comments (including |
Is there any plan to complete this PR? |
@thomas-riccardi yes, it's just low on the list as we already have working implementation here and this is just a "speed up" PR. |
@thomas-riccardi We don't actually have a local "expert" that knows the relevant methods to use for @jonparrott We could factor out the base class parts so this PR was more focused, but I don't know if it's worth it. |
Up to you. |
Fixes googleapis#183. NOTE: This change is incomplete. It needs unit tests and a Verifier implementation.
Also making "RSA" explicit in `_cryptography_rsa` module docstring.
Alright, I've brought this to the finish line with tests and a verifier implementation. Thank you @dhermes for getting this party started. Will merge once CI is green. :) |
Thanks @jonparrott! |
Fixes #183.
NOTE: This change is incomplete. It needs unit tests and a
Verifier
implementation.Big H/T to @arthurdarcet for the implementation.