Fix support for loading RSAKey from X.509 cert.

Rebecka Gulliksson · Rebecka Gulliksson · commit 79f498eb4b3d · 2016-01-14T10:27:05.000+01:00
diff --git a/src/jwkest/jwk.py b/src/jwkest/jwk.py
@@ -340,7 +340,10 @@ def __init__(self, kty="RSA", alg="", use="", kid="", key=None,
         self.di = di
         self.qi = qi
 
-        if not self.key and self.n and self.e:
+        has_public_key_parts = len(self.n) > 0 and len(self.e)
+        has_x509_cert_chain = len(self.x5c) > 0
+
+        if not self.key and (has_public_key_parts or has_x509_cert_chain):
             self.deserialize()
         elif self.key and not (self.n and self.e):
             self._split()
@@ -376,8 +379,7 @@ def deserialize(self):
             if self.x5t:  # verify the cert
                 pass
 
-            cert = "\n".join([PREFIX, str(self.x5c[0]), POSTFIX])
-            self.key = import_rsa_key(cert)
+            self.key = der2rsa(base64.b64decode(self.x5c[0].encode("ascii")))
             self._split()
             if len(self.x5c) > 1:  # verify chain
                 pass
diff --git a/tests/test_2_jwk.py b/tests/test_2_jwk.py
@@ -310,5 +310,26 @@ def test_private_key_from_jwk():
     assert _eq(list(_d.keys()), kspec.keys())
 
 
+def test_rsa_pubkey_from_x509_cert_chain():
+    cert = "MIID0jCCArqgAwIBAgIBSTANBgkqhkiG9w0BAQQFADCBiDELMAkGA1UEBhMCREUxEDAOBgNVBAgTB0JhdmF" \
+           "yaWExEzARBgNVBAoTCkJpb0lEIEdtYkgxLzAtBgNVBAMTJkJpb0lEIENsaWVudCBDZXJ0aWZpY2F0aW9uIE" \
+           "F1dGhvcml0eSAyMSEwHwYJKoZIhvcNAQkBFhJzZWN1cml0eUBiaW9pZC5jb20wHhcNMTUwNDE1MTQ1NjM4W" \
+           "hcNMTYwNDE0MTQ1NjM4WjBfMQswCQYDVQQGEwJERTETMBEGA1UEChMKQmlvSUQgR21iSDE7MDkGA1UEAxMy" \
+           "QmlvSUQgT3BlbklEIENvbm5lY3QgSWRlbnRpdHkgUHJvdmlkZXIgQ2VydGlmaWNhdGUwggEiMA0GCSqGSIb" \
+           "3DQEBAQUAA4IBDwAwggEKAoIBAQC9aFETmU6kDfMBPKM2OfI5eedO3XP12Ci0hDC99bdzUUIhDZG34PQqcH" \
+           "89gVWGthJv5w3kqpdSrxfPCFMsBdnyk1VCuXmLgXS8s4oBtt1c9iM0J8X6Z+5subS3Xje8fu55Csh0JXNfo" \
+           "y29rCY/O6y0fNignegg0KS4PHv5T+agFmaG4rxCQV9/kd8tlo/HTyVPsuSPDgsXxisIVqur9aujYwdCoAZU" \
+           "8OU+5ccMLNIhpWJn+xNjgDRr4L9nxAYKc9vy+f7EoH3LT24B71zazZsQ78vpocz98UT/7vdgS/IYXFniPuU" \
+           "fblja7cq31bUoySDx6FYrtfCSUxNhaZSX8mppAgMBAAGjbzBtMAkGA1UdEwQCMAAwHQYDVR0OBBYEFOfg3f" \
+           "/ewBLK5SkcBEXusD62OlzaMB8GA1UdIwQYMBaAFCQmdD+nVcVLaKt3vu73XyNgpPEpMAsGA1UdDwQEAwIDi" \
+           "DATBgNVHSUEDDAKBggrBgEFBQcDAjANBgkqhkiG9w0BAQQFAAOCAQEAKQjhcL/iGhy0549hEHRQArJXs1im" \
+           "7W244yE+TSChdMWKe2eWvEhc9wX1aVV2mNJM1ZNeYSgfoK6jjuXaHiSaIJEUcW1wVM3rDywi2a9GKzOFgrW" \
+           "pVbpXQ05LSE7qEEWRmSpIMyKTitUalNpNA6cOML5hiuUTfZbw7OvPwbnbSYYL674gEA2sW5AhPiCr9dVnMn" \
+           "/UK2II40802zdXUOvIxWeXpcsCxxZMjp/Ir2jIZWOEjlAXQVGr2oBfL/be/o5WXpaqWSfPRBZV8htRIf0vT" \
+           "lGx7xR8FPWDYmcj4o/tKoNC1AchjOnCwwE/mj4hgtoAsHNmYXF0oZXk7cozqYDqKQ=="
+    rsa_key = RSAKey(x5c=[cert])
+    assert rsa_key.key
+
+
 if __name__ == "__main__":
     test_private_key_from_jwk()
