diff options
author | Alex Gaynor <alex.gaynor@gmail.com> | 2014-12-17 17:53:07 -0800 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2014-12-17 17:53:07 -0800 |
commit | 882e64bdc7370d850f02229db361063ff3a69fdf (patch) | |
tree | 2a011414ab55c4243102ec4f2e740ecb22f752ed | |
parent | a165cd99894a728b4c0ee5a53f46eae25880bc73 (diff) | |
parent | db254840b5f4a3eb429624d870ae7acf7c33674c (diff) | |
download | cryptography-882e64bdc7370d850f02229db361063ff3a69fdf.tar.gz cryptography-882e64bdc7370d850f02229db361063ff3a69fdf.tar.bz2 cryptography-882e64bdc7370d850f02229db361063ff3a69fdf.zip |
Merge pull request #1538 from reaperhulk/named-curve
Set OPENSSL_EC_NAMED_CURVE on our EC_KEY instances
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/ec.py | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/ec.py b/src/cryptography/hazmat/backends/openssl/ec.py index e70c7c94..33d5b498 100644 --- a/src/cryptography/hazmat/backends/openssl/ec.py +++ b/src/cryptography/hazmat/backends/openssl/ec.py @@ -58,6 +58,18 @@ def _ec_key_curve_sn(backend, ec_key): return sn +def _mark_asn1_named_ec_curve(backend, ec_cdata): + """ + Set the named curve flag on the EC_KEY. This causes OpenSSL to + serialize EC keys along with their curve OID which makes + deserialization easier. + """ + + backend._lib.EC_KEY_set_asn1_flag( + ec_cdata, backend._lib.OPENSSL_EC_NAMED_CURVE + ) + + def _sn_to_elliptic_curve(backend, sn): try: return ec._CURVE_TYPES[sn]() @@ -138,6 +150,7 @@ class _ECDSAVerificationContext(object): class _EllipticCurvePrivateKey(object): def __init__(self, backend, ec_key_cdata): self._backend = backend + _mark_asn1_named_ec_curve(backend, ec_key_cdata) self._ec_key = ec_key_cdata sn = _ec_key_curve_sn(backend, ec_key_cdata) @@ -190,6 +203,7 @@ class _EllipticCurvePrivateKey(object): class _EllipticCurvePublicKey(object): def __init__(self, backend, ec_key_cdata): self._backend = backend + _mark_asn1_named_ec_curve(backend, ec_key_cdata) self._ec_key = ec_key_cdata sn = _ec_key_curve_sn(backend, ec_key_cdata) |