diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2013-09-11 20:01:10 -0500 |
---|---|---|
committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2013-10-06 17:31:31 -0500 |
commit | 867b979b81aba0578d7241d6a38201214a976ace (patch) | |
tree | 5806ae52f86a3f1d3dc25ba660c5cd436fb0ba0f | |
parent | 20d5e91620af487c80b2186e0a61b657d18fc2f3 (diff) | |
download | cryptography-867b979b81aba0578d7241d6a38201214a976ace.tar.gz cryptography-867b979b81aba0578d7241d6a38201214a976ace.tar.bz2 cryptography-867b979b81aba0578d7241d6a38201214a976ace.zip |
lower ciphername, add api supports, improved assertion message
* supports method added to api to check if a ciphername is available.
This will be used with skipif (and probably elsewhere)
* ciphername lowered. OpenSSL frequently supports aliases for various
casing, but reliably supports all lowercase.
(e.g. camellia-128-cbc, vs Camellia-128-CBC)
* When a cipher is not found an error will now be raised telling you
what string cipher it couldn't find. This should probably become a
real error like CipherNotFoundError.
-rw-r--r-- | cryptography/bindings/openssl/api.py | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/cryptography/bindings/openssl/api.py b/cryptography/bindings/openssl/api.py index 12927782..073cb532 100644 --- a/cryptography/bindings/openssl/api.py +++ b/cryptography/bindings/openssl/api.py @@ -72,6 +72,10 @@ class API(object): """ return self.ffi.string(self.lib.OPENSSL_VERSION_TEXT).decode("ascii") + def supports(self, ciphername): + return (self._ffi.NULL != + self._lib.EVP_get_cipherbyname(ciphername.encode("ascii"))) + def create_block_cipher_context(self, cipher, mode): ctx = self.ffi.new("EVP_CIPHER_CTX *") res = self.lib.EVP_CIPHER_CTX_init(ctx) @@ -80,9 +84,10 @@ class API(object): # TODO: compute name using a better algorithm ciphername = "{0}-{1}-{2}".format( cipher.name, cipher.key_size, mode.name - ) - evp_cipher = self.lib.EVP_get_cipherbyname(ciphername.encode("ascii")) - assert evp_cipher != self.ffi.NULL + ).lower() + evp_cipher = self._lib.EVP_get_cipherbyname(ciphername.encode("ascii")) + if evp_cipher == self._ffi.NULL: + raise AssertionError("Unsupported cipher: {0}".format(ciphername)) if isinstance(mode, interfaces.ModeWithInitializationVector): iv_nonce = mode.initialization_vector else: |