enables to open encrypted keys with a password

4a972dc4 · mar-ar · oroulet · f095fd11 · 4a972dc4 · 4a972dc4
Commit 4a972dc4 authored Jan 21, 2020 by mar-ar Committed by oroulet Jan 21, 2020
Hide whitespace changes
Inline Side-by-side

Showing with 9 additions and 7 deletions

asyncua/client/client.py asyncua/client/client.py +2 -2

asyncua/crypto/uacrypto.py asyncua/crypto/uacrypto.py +5 -3

asyncua/server/server.py asyncua/server/server.py +2 -2

No files found.
--- a/asyncua/client/client.py
+++ b/asyncua/client/client.py
@@ -153,11 +153,11 @@ class Client:
        """
        self.user_certificate = await uacrypto.load_certificate(path)

-    async def load_private_key(self, path: str):
+    async def load_private_key(self, path, password=None, format=None):
        """
        Load user private key. This is used for authenticating using certificate
        """
-        self.user_private_key = await uacrypto.load_private_key(path)
+        self.user_private_key = await uacrypto.load_private_key(path, password, format)

    async def connect_and_get_server_endpoints(self):
        """

--- a/asyncua/crypto/uacrypto.py
+++ b/asyncua/crypto/uacrypto.py
@@ -27,13 +27,15 @@ def x509_from_der(data):
    return x509.load_der_x509_certificate(data, default_backend())


-async def load_private_key(path, format=None):
+async def load_private_key(path, password=None, format=None):
    _, ext = os.path.splitext(path)
+    if isinstance(password, str):
+        password.encode('utf-8')
    async with aiofiles.open(path, mode='rb') as f:
        if ext == ".pem" or format == 'pem' or format == 'PEM':
-            return serialization.load_pem_private_key(await f.read(), password=None, backend=default_backend())
+            return serialization.load_pem_private_key(await f.read(), password=password, backend=default_backend())
        else:
-            return serialization.load_der_private_key(await f.read(), password=None, backend=default_backend())
+            return serialization.load_der_private_key(await f.read(), password=password, backend=default_backend())


 def der_from_x509(certificate):

--- a/asyncua/server/server.py
+++ b/asyncua/server/server.py
@@ -156,8 +156,8 @@ class Server:
        """
        self.certificate = await uacrypto.load_certificate(path, format)

-    async def load_private_key(self, path, format=None):
-        self.iserver.private_key = await uacrypto.load_private_key(path, format)
+    async def load_private_key(self, path, password=None, format=None):
+        self.iserver.private_key = await uacrypto.load_private_key(path, password, format)

    def disable_clock(self, val: bool = True):
        """