From 6d64bab45e841f1fa6c841ad3f8a34318482aa55 Mon Sep 17 00:00:00 2001
From: Seth Schoen <schoen@eff.org>
Date: Thu, 12 Jul 2012 14:48:32 -0700
Subject: [PATCH] wow, but M2Crypto is annoying! - make a BIO for the public
 key

It turns out that M2Crypto.RSA.load_key_string() requires a keypair,
not a public key.  There is no M2Crypto.RSA.load_pub_key_string(),
only M2Crypto.RSA.load_pub_key_bio(), which requires an OpenSSL BIO
object.
---
 server-ca/chocolate.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/server-ca/chocolate.py b/server-ca/chocolate.py
index ca8120989..781341779 100755
--- a/server-ca/chocolate.py
+++ b/server-ca/chocolate.py
@@ -303,7 +303,9 @@ class session(object):
             chall.succeeded = (c["satisfied"] == "True")   # TODO: this contradicts comment in protocol about meaning of "succeeded"
             # Calculate y
             dvsni_r = c["dvsni:r"]
-            pubkey = M2Crypto.RSA.load_key_string(self.pubkey())
+            bio = M2Crypto.BIO.MemoryBuffer()
+            bio.write(self.pubkey())
+            pubkey = M2Crypto.RSA.load_pub_key_bio(bio)
             y = pubkey.public_encrypt(dvsni_r, M2Crypto.RSA.pkcs1_oaep_padding)
             # In dvsni, we send nonce, y, ext
             chall.data.append(c["dvsni:nonce"])