Remove the dependency on pyOpenSSL

2025-10-30 17:47:55 +00:00 · 2022-11-27 15:41:21 +01:00
parent a366116cae
commit 3e38e7b89d
4 changed files with 10 additions and 11 deletions
--- a/core/admin/mailu/dkim.py
+++ b/core/admin/mailu/dkim.py
@@ -2,20 +2,21 @@
 They are thus represented as ASCII armored PEM.
 """

-from OpenSSL import crypto
+from cryptography.hazmat.primitives import serialization
+from cryptography.hazmat.primitives.asymmetric import rsa


-def gen_key(key_type=crypto.TYPE_RSA, bits=2048):
+def gen_key(bits=2048):
    """ Generate and return a new RSA key.
    """
-    key = crypto.PKey()
-    key.generate_key(key_type, bits)
-    return crypto.dump_privatekey(crypto.FILETYPE_PEM, key)
+    k = rsa.generate_private_key(public_exponent=65537, key_size=bits)
+    return k.private_bytes(encoding=serialization.Encoding.PEM,format=serialization.PrivateFormat.PKCS8,encryption_algorithm=serialization.NoEncryption())


 def strip_key(pem):
    """ Return only the b64 part of the ASCII armored PEM.
    """
-    key = crypto.load_privatekey(crypto.FILETYPE_PEM, pem)
-    public_pem = crypto.dump_publickey(crypto.FILETYPE_PEM, key)
+
+    priv_key = serialization.load_pem_private_key(pem, password=None)
+    public_pem = priv_key.public_key().public_bytes(encoding=serialization.Encoding.PEM,format=serialization.PublicFormat.SubjectPublicKeyInfo)
    return public_pem.replace(b"\n", b"").split(b"-----")[2]
--- a/core/admin/mailu/schemas.py
+++ b/core/admin/mailu/schemas.py
@@ -19,7 +19,7 @@ from marshmallow_sqlalchemy.fields import RelatedList

 from flask_marshmallow import Marshmallow

-from OpenSSL import crypto
+from cryptography.hazmat.primitives import serialization

 from pygments import highlight
 from pygments.token import Token
@@ -609,7 +609,7 @@ class DkimKeyField(fields.String):

        # check key validity
        try:
-            crypto.load_privatekey(crypto.FILETYPE_PEM, value)
+            serialization.load_pem_private_key(value, password=None)
        except crypto.Error as exc:
            raise ValidationError(f'invalid dkim key {bad_key!r}') from exc
        else:
--- a/core/base/requirements-dev.txt
+++ b/core/base/requirements-dev.txt
@@ -27,7 +27,6 @@ mysql-connector-python==8.0.29
 passlib
 psycopg2-binary
 Pygments
-pyOpenSSL
 PyYAML
 redis
 SQLAlchemy
--- a/core/base/requirements-prod.txt
+++ b/core/base/requirements-prod.txt
@@ -51,7 +51,6 @@ psycopg2-binary==2.9.5
 pycares==4.2.2
 pycparser==2.21
 Pygments==2.13.0
-pyOpenSSL==22.1.0
 pyparsing==3.0.9
 python-dateutil==2.8.2
 pytz==2022.6