Skip to content
This repository was archived by the owner on Mar 6, 2026. It is now read-only.

Commit 58a7df9

Browse files
daniel-sanchedaniel-sanche
committed
add backwards compatibility
1 parent 1c2c496 commit 58a7df9

1 file changed

Lines changed: 33 additions & 0 deletions

File tree

google/auth/crypt/_cryptography_rsa.py

Lines changed: 33 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -29,12 +29,35 @@
2929
from google.auth import _helpers
3030
from google.auth.crypt import base
3131

32+
import warnings
33+
34+
try:
35+
# attempt to import deprecated rsa module if available,
36+
# for backwards compatibility
37+
import rsa
38+
except ImportError:
39+
rsa = None
40+
41+
# Global flag for the module
42+
_RSA_DEPRECATION_WARNED = False
43+
3244
_CERTIFICATE_MARKER = b"-----BEGIN CERTIFICATE-----"
3345
_BACKEND = backends.default_backend()
3446
_PADDING = padding.PKCS1v15()
3547
_SHA256 = hashes.SHA256()
3648

3749

50+
def _warn_rsa_type(key_type):
51+
global _RSA_DEPRECATION_WARNED
52+
deprecation_msg = (
53+
"The 'rsa' library is deprecated and unmaintained. Support for "
54+
f"{key_type.__module__}.{key_type.__name__} keys will be removed in a future release. Please migrate to "
55+
"'cryptography' keys or use the '.from_string()' factory method."
56+
)
57+
warnings.warn(deprecation_msg, DeprecationWarning, stacklevel=3)
58+
_RSA_DEPRECATION_WARNED = True
59+
60+
3861
class RSAVerifier(base.Verifier):
3962
"""Verifies RSA cryptographic signatures using public keys.
4063
@@ -45,6 +68,11 @@ class RSAVerifier(base.Verifier):
4568
"""
4669

4770
def __init__(self, public_key):
71+
if rsa is not None and isinstance(public_key, rsa.key.PublicKey):
72+
# convert rsa.key.PublicKey to cryptography type
73+
_warn_rsa_type(type(public_key))
74+
der_bytes = public_key.save_pkcs1(format='DER')
75+
public_key = serialization.load_der_public_key(der_bytes)
4876
self._pubkey = public_key
4977

5078
@_helpers.copy_docstring(base.Verifier)
@@ -98,6 +126,11 @@ class RSASigner(base.Signer, base.FromServiceAccountMixin):
98126
"""
99127

100128
def __init__(self, private_key, key_id=None):
129+
if rsa is not None and isinstance(private_key, rsa.key.PrivateKey):
130+
# convert rsa.key.PublicKey to cryptography type
131+
_warn_rsa_type(type(private_key))
132+
der_bytes = private_key.save_pkcs1(format='DER')
133+
private_key = serialization.load_der_private_key(der_bytes, password=None)
101134
self._key = private_key
102135
self._key_id = key_id
103136

0 commit comments

Comments
 (0)