diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2017-05-03 16:41:30 -0500 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2017-05-03 17:41:30 -0400 |
commit | 92f570eabe713653e5fe2dc9ba666493df047ccb (patch) | |
tree | ccc909d2897e0943a676f4e77bb5a9ec8ef4fcd8 /src/cryptography/hazmat/backends/openssl/ciphers.py | |
parent | 5fb10210276a10f104318504aa81d2ba9c42cba8 (diff) | |
download | cryptography-92f570eabe713653e5fe2dc9ba666493df047ccb.tar.gz cryptography-92f570eabe713653e5fe2dc9ba666493df047ccb.tar.bz2 cryptography-92f570eabe713653e5fe2dc9ba666493df047ccb.zip |
use openssl constants (#3534)
Diffstat (limited to 'src/cryptography/hazmat/backends/openssl/ciphers.py')
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/ciphers.py | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/ciphers.py b/src/cryptography/hazmat/backends/openssl/ciphers.py index b6058150..739ae19a 100644 --- a/src/cryptography/hazmat/backends/openssl/ciphers.py +++ b/src/cryptography/hazmat/backends/openssl/ciphers.py @@ -78,8 +78,11 @@ class _CipherContext(object): len(iv_nonce), self._backend._ffi.NULL ) self._backend.openssl_assert(res != 0) - if operation == self._DECRYPT and \ - self._backend.openssl_version_number() < 0x10002000: + if ( + self._operation == self._DECRYPT and + self._backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 and + not self._backend._lib.CRYPTOGRAPHY_IS_LIBRESSL + ): if mode.tag is None: raise NotImplementedError( "delayed passing of GCM tag requires OpenSSL >= 1.0.2." @@ -140,9 +143,14 @@ class _CipherContext(object): if isinstance(self._mode, modes.GCM): self.update(b"") - if self._operation == self._DECRYPT and \ - isinstance(self._mode, modes.ModeWithAuthenticationTag) and \ - self._backend.openssl_version_number() >= 0x10002000: + if ( + self._operation == self._DECRYPT and + isinstance(self._mode, modes.ModeWithAuthenticationTag) and + ( + not self._backend._lib.CRYPTOGRAPHY_OPENSSL_LESS_THAN_102 or + self._backend._lib.CRYPTOGRAPHY_IS_LIBRESSL + ) + ): tag = self._mode.tag if tag is None: raise ValueError( |