From 4b555e64d1e49d91ed851c59bb11b734b302f71d Mon Sep 17 00:00:00 2001
From: Piotr Kucharski <bif@google.com>
Date: Wed, 22 May 2019 20:25:25 +0200
Subject: [PATCH] replace M2Crypto with py-cryptography

---
 README.md                                     |  6 ++---
 adb/adb_commands.py                           |  4 ++--
 adb/adb_debug.py                              |  6 ++---
 ...{sign_m2crypto.py => sign_cryptography.py} | 22 +++++++++++--------
 make_tools.py                                 |  2 +-
 setup.py                                      |  2 +-
 6 files changed, 23 insertions(+), 19 deletions(-)
 rename adb/{sign_m2crypto.py => sign_cryptography.py} (54%)

diff --git a/README.md b/README.md
index c157455..b1bdb68 100644
--- a/README.md
+++ b/README.md
@@ -46,11 +46,11 @@ A [presentation was made at PyCon 2016][pycon_preso], and here's some demo code:
 import os.path as op
 
 from adb import adb_commands
-from adb import sign_m2crypto
+from adb import sign_cryptography
 
 
 # KitKat+ devices require authentication
-signer = sign_m2crypto.M2CryptoSigner(
+signer = sign_cryptography.CryptographySigner(
     op.expanduser('~/.android/adbkey'))
 # Connect to the device
 device = adb_commands.AdbCommands()
@@ -83,7 +83,7 @@ for i in xrange(10):
   * libusb1 (1.0.16+)
   * python-libusb1 (1.2.0+)
   * `adb.zip`: one of:
-    * python-m2crypto (0.21.1+)
+    * py-cryptography
     * python-rsa (3.2+)
   * `fastboot.zip` (optional):
     * python-progressbar (2.3+)
diff --git a/adb/adb_commands.py b/adb/adb_commands.py
index f3667c8..734e31c 100644
--- a/adb/adb_commands.py
+++ b/adb/adb_commands.py
@@ -40,9 +40,9 @@
 
 try:
     # Imported locally to keep compatibility with previous code.
-    from adb.sign_m2crypto import M2CryptoSigner
+    from adb.sign_cryptography import CryptographySigner
 except ImportError:
-    # Ignore this error when M2Crypto is not installed, there are other options.
+    # Ignore this error when cryptography is not installed, there are other options.
     pass
 
 
diff --git a/adb/adb_debug.py b/adb/adb_debug.py
index 18cb8ad..6037269 100644
--- a/adb/adb_debug.py
+++ b/adb/adb_debug.py
@@ -27,9 +27,9 @@
 from adb import common_cli
 
 try:
-    from adb import sign_m2crypto
+    from adb import sign_cryptography
 
-    rsa_signer = sign_m2crypto.M2CryptoSigner
+    rsa_signer = sign_cryptography.CryptographySigner
 except ImportError:
     try:
         from adb import sign_pythonrsa
@@ -187,7 +187,7 @@ def main():
         if os.path.isfile(default):
             args.rsa_key_path = [default]
     if args.rsa_key_path and not rsa_signer:
-        parser.error('Please install either M2Crypto, python-rsa, or PycryptoDome')
+        parser.error('Please install either cryptography, python-rsa, or PycryptoDome')
 
     # Hacks so that the generated doc is nicer.
     if args.command_name == 'devices':
diff --git a/adb/sign_m2crypto.py b/adb/sign_cryptography.py
similarity index 54%
rename from adb/sign_m2crypto.py
rename to adb/sign_cryptography.py
index b8b6d0d..31a9ef7 100644
--- a/adb/sign_m2crypto.py
+++ b/adb/sign_cryptography.py
@@ -12,22 +12,26 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-from M2Crypto import RSA
-
 from adb import adb_protocol
 
+from cryptography.hazmat.backends import default_backend
+from cryptography.hazmat.primitives import hashes
+from cryptography.hazmat.primitives import serialization
+from cryptography.hazmat.primitives.asymmetric import padding
+from cryptography.hazmat.primitives.asymmetric import utils
+
 
-class M2CryptoSigner(adb_protocol.AuthSigner):
-    """AuthSigner using M2Crypto."""
+class CryptographySigner(adb_protocol.AuthSigner):
+    """AuthSigner using cryptography.io."""
 
     def __init__(self, rsa_key_path):
         with open(rsa_key_path + '.pub') as rsa_pub_file:
             self.public_key = rsa_pub_file.read()
 
-        self.rsa_key = RSA.load_key(rsa_key_path)
+        with open(rsa_key_path) as rsa_prv_file:
+            self.rsa_key = serialization.load_pem_private_key(
+                    rsa_prv_file.read(), None, default_backend())
 
     def Sign(self, data):
-        return self.rsa_key.sign(data, 'sha1')
-
-    def GetPublicKey(self):
-        return self.public_key
+        return self.rsa_key.sign(
+            data, padding.PKCS1v15(), utils.Prehashed(hashes.SHA1()))
diff --git a/make_tools.py b/make_tools.py
index 9e33536..fde99b6 100755
--- a/make_tools.py
+++ b/make_tools.py
@@ -43,7 +43,7 @@ def main():
     z.write('adb/common.py')
     z.write('adb/common_cli.py')
     z.write('adb/filesync_protocol.py')
-    z.write('adb/sign_m2crypto.py')
+    z.write('adb/sign_cryptography.py')
     z.write('adb/sign_pythonrsa.py')
     z.write('adb/usb_exceptions.py')
   with zipfile.ZipFile('fastboot.zip', 'w', zipfile.ZIP_DEFLATED) as z:
diff --git a/setup.py b/setup.py
index f476438..fbcdb81 100644
--- a/setup.py
+++ b/setup.py
@@ -15,7 +15,7 @@
 from setuptools import setup
 
 # Figure out if the system already has a supported Crypto library
-rsa_signer_library = 'M2Crypto>=0.21.1,<=0.26.4'
+rsa_signer_library = 'cryptography'
 try:
   import rsa