Fix _validate_csr_subject and _validate_csr_signature (#62790)

On python 3, if there is no explicit "return True", the
function call will be seen as "False", thus failling the module

(cherry picked from commit 75c4e9ec05)
pull/64281/head
Michael Scherer 5 years ago committed by Toshio Kuratomi
parent de4d3dc34d
commit 25ff3d491a

@ -0,0 +1,2 @@
bugfixes:
- "openssl_certificate - fix ``assertonly`` provider certificate verification, causing 'private key mismatch' and 'subject mismatch' errors."

@ -1861,12 +1861,10 @@ class AssertOnlyCertificateCryptography(AssertOnlyCertificateBase):
def _validate_csr_signature(self):
if not self.csr.is_signature_valid:
return False
if self.csr.public_key().public_numbers() != self.cert.public_key().public_numbers():
return False
return self.csr.public_key().public_numbers() == self.cert.public_key().public_numbers()
def _validate_csr_subject(self):
if self.csr.subject != self.cert.subject:
return False
return self.csr.subject == self.cert.subject
def _validate_csr_extensions(self):
cert_exts = self.cert.extensions

Loading…
Cancel
Save