Making Lemur py3 compatible

lemur/certificates/models.py

@@ -7,6 +7,7 @@
 """
 import os
 import datetime
+
 from cryptography import x509
 from cryptography.hazmat.backends import default_backend
 
@@ -56,7 +57,10 @@ def create_name(issuer, not_before, not_after, subject, san):
     disallowed_chars = disallowed_chars.replace("-", "")
     disallowed_chars = disallowed_chars.replace(".", "")
     temp = temp.replace('*', "WILDCARD")
-    temp = temp.translate(None, disallowed_chars)
+
+    for c in disallowed_chars:
+        temp = temp.replace(c, "")
+
     # white space is silly too
     return temp.replace(" ", "-")
 
@@ -151,7 +155,9 @@ def cert_get_issuer(cert):
     delchars = ''.join(c for c in map(chr, range(256)) if not c.isalnum())
     try:
         issuer = str(cert.issuer.get_attributes_for_oid(x509.OID_ORGANIZATION_NAME)[0].value)
-        return issuer.translate(None, delchars)
+        for c in delchars:
+            issuer = issuer.replace(c, "")
+        return issuer
     except Exception as e:
         current_app.logger.error("Unable to get issuer! {0}".format(e))
 

lemur/certificates/service.py

@@ -304,15 +304,15 @@ def create_csr(csr_config):
         backend=default_backend()
     )
 
-    # TODO When we figure out a better way to validate these options they should be parsed as unicode
+    # TODO When we figure out a better way to validate these options they should be parsed as str
     builder = x509.CertificateSigningRequestBuilder()
     builder = builder.subject_name(x509.Name([
-        x509.NameAttribute(x509.OID_COMMON_NAME, unicode(csr_config['commonName'])),
-        x509.NameAttribute(x509.OID_ORGANIZATION_NAME, unicode(csr_config['organization'])),
-        x509.NameAttribute(x509.OID_ORGANIZATIONAL_UNIT_NAME, unicode(csr_config['organizationalUnit'])),
-        x509.NameAttribute(x509.OID_COUNTRY_NAME, unicode(csr_config['country'])),
-        x509.NameAttribute(x509.OID_STATE_OR_PROVINCE_NAME, unicode(csr_config['state'])),
-        x509.NameAttribute(x509.OID_LOCALITY_NAME, unicode(csr_config['location'])),
+        x509.NameAttribute(x509.OID_COMMON_NAME, csr_config['commonName']),
+        x509.NameAttribute(x509.OID_ORGANIZATION_NAME, csr_config['organization']),
+        x509.NameAttribute(x509.OID_ORGANIZATIONAL_UNIT_NAME, csr_config['organizationalUnit']),
+        x509.NameAttribute(x509.OID_COUNTRY_NAME, csr_config['country']),
+        x509.NameAttribute(x509.OID_STATE_OR_PROVINCE_NAME, csr_config['state']),
+        x509.NameAttribute(x509.OID_LOCALITY_NAME, csr_config['location']),
     ]))
 
     builder = builder.add_extension(

lemur/certificates/views.py

@@ -5,6 +5,8 @@
     :license: Apache, see LICENSE for more details.
 .. moduleauthor:: Kevin Glisson <kglisson@netflix.com>
 """
+from builtins import str
+
 from flask import Blueprint, make_response, jsonify
 from flask.ext.restful import reqparse, Api, fields
 
@@ -75,7 +77,7 @@ def pem_str(value, name):
     :return: :raise ValueError:
     """
     try:
-        x509.load_pem_x509_certificate(str(value), default_backend())
+        x509.load_pem_x509_certificate(bytes(value), default_backend())
     except Exception:
         raise ValueError("The parameter '{0}' needs to be a valid PEM string".format(name))
     return value
@@ -90,7 +92,7 @@ def private_key_str(value, name):
     :return: :raise ValueError:
     """
     try:
-        serialization.load_pem_private_key(str(value), None, backend=default_backend())
+        serialization.load_pem_private_key(bytes(value), None, backend=default_backend())
     except Exception:
         raise ValueError("The parameter '{0}' needs to be a valid RSA private key".format(name))
     return value