Skip to content

Commit 93bba73

Browse files
rohitkg98rohitkg98
authored
Removed redundant default_backend() (jpadilla#523)
- Cryptography now has default_backend by default
1 parent 4ed3067 commit 93bba73

File tree

4 files changed

+28
-69
lines changed

4 files changed

+28
-69
lines changed

docs/faq.rst

Lines changed: 2 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -11,20 +11,18 @@ extract the public or private keys from a x509 certificate in PEM format.
1111
1212
# Python 2
1313
from cryptography.x509 import load_pem_x509_certificate
14-
from cryptography.hazmat.backends import default_backend
1514
1615
cert_str = "-----BEGIN CERTIFICATE-----MIIDETCCAfm..."
17-
cert_obj = load_pem_x509_certificate(cert_str, default_backend())
16+
cert_obj = load_pem_x509_certificate(cert_str)
1817
public_key = cert_obj.public_key()
1918
private_key = cert_obj.private_key()
2019
2120
.. code-block:: python
2221
2322
# Python 3
2423
from cryptography.x509 import load_pem_x509_certificate
25-
from cryptography.hazmat.backends import default_backend
2624
2725
cert_str = "-----BEGIN CERTIFICATE-----MIIDETCCAfm...".encode()
28-
cert_obj = load_pem_x509_certificate(cert_str, default_backend())
26+
cert_obj = load_pem_x509_certificate(cert_str)
2927
public_key = cert_obj.public_key()
3028
private_key = cert_obj.private_key()

jwt/algorithms.py

Lines changed: 13 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,6 @@
3636
EllipticCurvePublicKey,
3737
)
3838
from cryptography.hazmat.primitives.asymmetric import ec, padding
39-
from cryptography.hazmat.backends import default_backend
4039
from cryptography.exceptions import InvalidSignature
4140

4241
import cryptography.exceptions
@@ -241,15 +240,11 @@ def prepare_key(self, key):
241240

242241
try:
243242
if key.startswith(b"ssh-rsa"):
244-
key = load_ssh_public_key(
245-
key, backend=default_backend()
246-
)
243+
key = load_ssh_public_key(key)
247244
else:
248-
key = load_pem_private_key(
249-
key, password=None, backend=default_backend()
250-
)
245+
key = load_pem_private_key(key, password=None)
251246
except ValueError:
252-
key = load_pem_public_key(key, backend=default_backend())
247+
key = load_pem_public_key(key)
253248
else:
254249
raise TypeError("Expecting a PEM-formatted key.")
255250

@@ -357,15 +352,15 @@ def from_jwk(jwk):
357352
public_numbers=public_numbers,
358353
)
359354

360-
return numbers.private_key(default_backend())
355+
return numbers.private_key()
361356
elif "n" in obj and "e" in obj:
362357
# Public key
363358
numbers = RSAPublicNumbers(
364359
from_base64url_uint(obj["e"]),
365360
from_base64url_uint(obj["n"]),
366361
)
367362

368-
return numbers.public_key(default_backend())
363+
return numbers.public_key()
369364
else:
370365
raise InvalidKeyError("Not a public or private key")
371366

@@ -406,17 +401,11 @@ def prepare_key(self, key):
406401
# the Verifying Key first.
407402
try:
408403
if key.startswith(b"ecdsa-sha2-"):
409-
key = load_ssh_public_key(
410-
key, backend=default_backend()
411-
)
404+
key = load_ssh_public_key(key)
412405
else:
413-
key = load_pem_public_key(
414-
key, backend=default_backend()
415-
)
406+
key = load_pem_public_key(key)
416407
except ValueError:
417-
key = load_pem_private_key(
418-
key, password=None, backend=default_backend()
419-
)
408+
key = load_pem_private_key(key, password=None)
420409

421410
else:
422411
raise TypeError("Expecting a PEM-formatted key.")
@@ -489,7 +478,7 @@ def from_jwk(jwk):
489478
)
490479

491480
if "d" not in obj:
492-
return public_numbers.public_key(default_backend())
481+
return public_numbers.public_key()
493482

494483
d = base64url_decode(force_bytes(obj.get("d")))
495484
if len(d) != len(x):
@@ -499,7 +488,7 @@ def from_jwk(jwk):
499488

500489
return ec.EllipticCurvePrivateNumbers(
501490
int_from_bytes(d, "big"), public_numbers
502-
).private_key(default_backend())
491+
).private_key()
503492

504493
class RSAPSSAlgorithm(RSAAlgorithm):
505494
"""
@@ -552,13 +541,11 @@ def prepare_key(self, key):
552541
str_key = key.decode("utf-8")
553542

554543
if "-----BEGIN PUBLIC" in str_key:
555-
return load_pem_public_key(key, backend=default_backend())
544+
return load_pem_public_key(key)
556545
if "-----BEGIN PRIVATE" in str_key:
557-
return load_pem_private_key(
558-
key, password=None, backend=default_backend()
559-
)
546+
return load_pem_private_key(key, password=None)
560547
if str_key[0:4] == "ssh-":
561-
return load_ssh_public_key(key, backend=default_backend())
548+
return load_ssh_public_key(key)
562549

563550
raise TypeError("Expecting a PEM-formatted or OpenSSH key.")
564551

tests/keys/__init__.py

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,6 @@ def load_hmac_key():
2121

2222
try:
2323
from cryptography.hazmat.primitives.asymmetric import ec
24-
from cryptography.hazmat.backends import default_backend
2524
from jwt.algorithms import RSAAlgorithm
2625

2726
has_crypto = True
@@ -57,4 +56,4 @@ def load_ec_pub_key_p_521():
5756
x=decode_value(keyobj["x"]),
5857
y=decode_value(keyobj["y"]),
5958
curve=ec.SECP521R1(),
60-
).public_key(default_backend())
59+
).public_key()

tests/test_api_jws.py

Lines changed: 12 additions & 37 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,6 @@
1414
from jwt.utils import base64url_decode, force_bytes, force_unicode
1515

1616
try:
17-
from cryptography.hazmat.backends import default_backend
1817
from cryptography.hazmat.primitives.serialization import (
1918
load_pem_private_key,
2019
load_pem_public_key,
@@ -494,16 +493,12 @@ def test_encode_decode_with_rsa_sha256(self, jws, payload):
494493
# PEM-formatted RSA key
495494
with open("tests/keys/testkey_rsa.priv", "r") as rsa_priv_file:
496495
priv_rsakey = load_pem_private_key(
497-
force_bytes(rsa_priv_file.read()),
498-
password=None,
499-
backend=default_backend(),
496+
force_bytes(rsa_priv_file.read()), password=None,
500497
)
501498
jws_message = jws.encode(payload, priv_rsakey, algorithm="RS256")
502499

503500
with open("tests/keys/testkey_rsa.pub", "r") as rsa_pub_file:
504-
pub_rsakey = load_ssh_public_key(
505-
force_bytes(rsa_pub_file.read()), backend=default_backend()
506-
)
501+
pub_rsakey = load_ssh_public_key(force_bytes(rsa_pub_file.read()))
507502

508503
jws.decode(jws_message, pub_rsakey, algorithms=["RS256"])
509504

@@ -523,16 +518,12 @@ def test_encode_decode_with_rsa_sha384(self, jws, payload):
523518
# PEM-formatted RSA key
524519
with open("tests/keys/testkey_rsa.priv", "r") as rsa_priv_file:
525520
priv_rsakey = load_pem_private_key(
526-
force_bytes(rsa_priv_file.read()),
527-
password=None,
528-
backend=default_backend(),
521+
force_bytes(rsa_priv_file.read()), password=None,
529522
)
530523
jws_message = jws.encode(payload, priv_rsakey, algorithm="RS384")
531524

532525
with open("tests/keys/testkey_rsa.pub", "r") as rsa_pub_file:
533-
pub_rsakey = load_ssh_public_key(
534-
force_bytes(rsa_pub_file.read()), backend=default_backend()
535-
)
526+
pub_rsakey = load_ssh_public_key(force_bytes(rsa_pub_file.read()))
536527
jws.decode(jws_message, pub_rsakey, algorithms=["RS384"])
537528

538529
# string-formatted key
@@ -551,16 +542,12 @@ def test_encode_decode_with_rsa_sha512(self, jws, payload):
551542
# PEM-formatted RSA key
552543
with open("tests/keys/testkey_rsa.priv", "r") as rsa_priv_file:
553544
priv_rsakey = load_pem_private_key(
554-
force_bytes(rsa_priv_file.read()),
555-
password=None,
556-
backend=default_backend(),
545+
force_bytes(rsa_priv_file.read()), password=None,
557546
)
558547
jws_message = jws.encode(payload, priv_rsakey, algorithm="RS512")
559548

560549
with open("tests/keys/testkey_rsa.pub", "r") as rsa_pub_file:
561-
pub_rsakey = load_ssh_public_key(
562-
force_bytes(rsa_pub_file.read()), backend=default_backend()
563-
)
550+
pub_rsakey = load_ssh_public_key(force_bytes(rsa_pub_file.read()))
564551
jws.decode(jws_message, pub_rsakey, algorithms=["RS512"])
565552

566553
# string-formatted key
@@ -599,16 +586,12 @@ def test_encode_decode_with_ecdsa_sha256(self, jws, payload):
599586
# PEM-formatted EC key
600587
with open("tests/keys/testkey_ec.priv", "r") as ec_priv_file:
601588
priv_eckey = load_pem_private_key(
602-
force_bytes(ec_priv_file.read()),
603-
password=None,
604-
backend=default_backend(),
589+
force_bytes(ec_priv_file.read()), password=None,
605590
)
606591
jws_message = jws.encode(payload, priv_eckey, algorithm="ES256")
607592

608593
with open("tests/keys/testkey_ec.pub", "r") as ec_pub_file:
609-
pub_eckey = load_pem_public_key(
610-
force_bytes(ec_pub_file.read()), backend=default_backend()
611-
)
594+
pub_eckey = load_pem_public_key(force_bytes(ec_pub_file.read()))
612595
jws.decode(jws_message, pub_eckey, algorithms=["ES256"])
613596

614597
# string-formatted key
@@ -628,16 +611,12 @@ def test_encode_decode_with_ecdsa_sha384(self, jws, payload):
628611
# PEM-formatted EC key
629612
with open("tests/keys/testkey_ec.priv", "r") as ec_priv_file:
630613
priv_eckey = load_pem_private_key(
631-
force_bytes(ec_priv_file.read()),
632-
password=None,
633-
backend=default_backend(),
614+
force_bytes(ec_priv_file.read()), password=None,
634615
)
635616
jws_message = jws.encode(payload, priv_eckey, algorithm="ES384")
636617

637618
with open("tests/keys/testkey_ec.pub", "r") as ec_pub_file:
638-
pub_eckey = load_pem_public_key(
639-
force_bytes(ec_pub_file.read()), backend=default_backend()
640-
)
619+
pub_eckey = load_pem_public_key(force_bytes(ec_pub_file.read()))
641620
jws.decode(jws_message, pub_eckey, algorithms=["ES384"])
642621

643622
# string-formatted key
@@ -656,16 +635,12 @@ def test_encode_decode_with_ecdsa_sha512(self, jws, payload):
656635
# PEM-formatted EC key
657636
with open("tests/keys/testkey_ec.priv", "r") as ec_priv_file:
658637
priv_eckey = load_pem_private_key(
659-
force_bytes(ec_priv_file.read()),
660-
password=None,
661-
backend=default_backend(),
638+
force_bytes(ec_priv_file.read()), password=None,
662639
)
663640
jws_message = jws.encode(payload, priv_eckey, algorithm="ES512")
664641

665642
with open("tests/keys/testkey_ec.pub", "r") as ec_pub_file:
666-
pub_eckey = load_pem_public_key(
667-
force_bytes(ec_pub_file.read()), backend=default_backend()
668-
)
643+
pub_eckey = load_pem_public_key(force_bytes(ec_pub_file.read()))
669644
jws.decode(jws_message, pub_eckey, algorithms=["ES512"])
670645

671646
# string-formatted key

0 commit comments

Comments
 (0)