diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-12-17 17:51:21 -0600 |
---|---|---|
committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-12-17 17:51:21 -0600 |
commit | 9f90dcabc3ebabcde9f2df2821f3453f52e883fc (patch) | |
tree | cbf0bbd85a6907985276ca30a91f045837c25a4d | |
parent | cda2ee4bc524951b0e6ade475a9d0a3945251504 (diff) | |
download | cryptography-9f90dcabc3ebabcde9f2df2821f3453f52e883fc.tar.gz cryptography-9f90dcabc3ebabcde9f2df2821f3453f52e883fc.tar.bz2 cryptography-9f90dcabc3ebabcde9f2df2821f3453f52e883fc.zip |
mark named curve inside EC key classes
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/backend.py | 17 | ||||
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/ec.py | 16 |
2 files changed, 14 insertions, 19 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py index cef526cd..daccf5ca 100644 --- a/src/cryptography/hazmat/backends/openssl/backend.py +++ b/src/cryptography/hazmat/backends/openssl/backend.py @@ -896,8 +896,6 @@ class Backend(object): res = self._lib.EC_KEY_check_key(ec_cdata) assert res == 1 - self._mark_asn1_named_ec_curve(ec_cdata) - return _EllipticCurvePrivateKey(self, ec_cdata) else: raise UnsupportedAlgorithm( @@ -930,8 +928,6 @@ class Backend(object): ec_cdata, self._int_to_bn(numbers.private_value)) assert res == 1 - self._mark_asn1_named_ec_curve(ec_cdata) - return _EllipticCurvePrivateKey(self, ec_cdata) def elliptic_curve_public_key_from_numbers(self, numbers): @@ -953,8 +949,6 @@ class Backend(object): ec_cdata = self._ec_key_set_public_key_affine_coordinates( ec_cdata, numbers.x, numbers.y) - self._mark_asn1_named_ec_curve(ec_cdata) - return _EllipticCurvePublicKey(self, ec_cdata) def _elliptic_curve_to_nid(self, curve): @@ -977,17 +971,6 @@ class Backend(object): ) return curve_nid - def _mark_asn1_named_ec_curve(self, ec_cdata): - """ - Set the named curve flag on the EC_KEY. This causes OpenSSL to - serialise EC keys along with their curve OID which makes - deserialisation easier. - """ - - self._lib.EC_KEY_set_asn1_flag( - ec_cdata, self._lib.OPENSSL_EC_NAMED_CURVE - ) - @contextmanager def _tmp_bn_ctx(self): bn_ctx = self._lib.BN_CTX_new() diff --git a/src/cryptography/hazmat/backends/openssl/ec.py b/src/cryptography/hazmat/backends/openssl/ec.py index 9c616a30..a2a90d17 100644 --- a/src/cryptography/hazmat/backends/openssl/ec.py +++ b/src/cryptography/hazmat/backends/openssl/ec.py @@ -52,6 +52,18 @@ def _ec_key_curve_sn(backend, ec_key): return sn +def _mark_asn1_named_ec_curve(backend, ec_cdata): + """ + Set the named curve flag on the EC_KEY. This causes OpenSSL to + serialise EC keys along with their curve OID which makes + deserialisation easier. + """ + + backend._lib.EC_KEY_set_asn1_flag( + ec_cdata, backend._lib.OPENSSL_EC_NAMED_CURVE + ) + + def _sn_to_elliptic_curve(backend, sn): try: return ec._CURVE_TYPES[sn]() @@ -132,6 +144,7 @@ class _ECDSAVerificationContext(object): class _EllipticCurvePrivateKey(object): def __init__(self, backend, ec_key_cdata): self._backend = backend + _mark_asn1_named_ec_curve(backend, ec_key_cdata) self._ec_key = ec_key_cdata sn = _ec_key_curve_sn(backend, ec_key_cdata) @@ -167,8 +180,6 @@ class _EllipticCurvePrivateKey(object): res = self._backend._lib.EC_KEY_set_public_key(public_ec_key, point) assert res == 1 - self._backend._mark_asn1_named_ec_curve(public_ec_key) - return _EllipticCurvePublicKey( self._backend, public_ec_key ) @@ -186,6 +197,7 @@ class _EllipticCurvePrivateKey(object): class _EllipticCurvePublicKey(object): def __init__(self, backend, ec_key_cdata): self._backend = backend + _mark_asn1_named_ec_curve(backend, ec_key_cdata) self._ec_key = ec_key_cdata sn = _ec_key_curve_sn(backend, ec_key_cdata) |