diff options
author | Aviv Palivoda <palaviv@gmail.com> | 2017-02-07 15:24:56 +0200 |
---|---|---|
committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2017-02-07 21:24:56 +0800 |
commit | 6723a12712836cae4908f2918e88a3db9b12fe1c (patch) | |
tree | 0b8326a903d00138b48c0685dfbd9a47e17f2fe4 /src/cryptography/hazmat/backends/openssl/dh.py | |
parent | 523b132b27905e79f393d9999ff232ab61500a9d (diff) | |
download | cryptography-6723a12712836cae4908f2918e88a3db9b12fe1c.tar.gz cryptography-6723a12712836cae4908f2918e88a3db9b12fe1c.tar.bz2 cryptography-6723a12712836cae4908f2918e88a3db9b12fe1c.zip |
DH serialization (#3297)
* DH keys support serialization
* Add DH serialization documentation
* Add tests for DH keys serialization in DER encoding
* update version to 1.8
* Allow only SubjectPublicKeyInfo serialization
* Remove support in TraditionalOpenSSL format
* Fix pep8
* Refactor dh serialization tests
Diffstat (limited to 'src/cryptography/hazmat/backends/openssl/dh.py')
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/dh.py | 39 |
1 files changed, 35 insertions, 4 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/dh.py b/src/cryptography/hazmat/backends/openssl/dh.py index 666429f2..b594d411 100644 --- a/src/cryptography/hazmat/backends/openssl/dh.py +++ b/src/cryptography/hazmat/backends/openssl/dh.py @@ -5,6 +5,7 @@ from __future__ import absolute_import, division, print_function from cryptography import utils +from cryptography.hazmat.primitives import serialization from cryptography.hazmat.primitives.asymmetric import dh @@ -64,9 +65,10 @@ def _get_dh_num_bits(backend, dh_cdata): @utils.register_interface(dh.DHPrivateKeyWithSerialization) class _DHPrivateKey(object): - def __init__(self, backend, dh_cdata): + def __init__(self, backend, dh_cdata, evp_pkey): self._backend = backend self._dh_cdata = dh_cdata + self._evp_pkey = evp_pkey self._key_size_bytes = self._backend._lib.DH_size(dh_cdata) @property @@ -141,18 +143,32 @@ class _DHPrivateKey(object): pub_key_dup, self._backend._ffi.NULL) self._backend.openssl_assert(res == 1) - - return _DHPublicKey(self._backend, dh_cdata) + evp_pkey = self._backend._dh_cdata_to_evp_pkey(dh_cdata) + return _DHPublicKey(self._backend, dh_cdata, evp_pkey) def parameters(self): return _dh_cdata_to_parameters(self._dh_cdata, self._backend) + def private_bytes(self, encoding, format, encryption_algorithm): + if format is not serialization.PrivateFormat.PKCS8: + raise ValueError( + "DH private keys support only PKCS8 serialization" + ) + return self._backend._private_key_bytes( + encoding, + format, + encryption_algorithm, + self._evp_pkey, + self._dh_cdata + ) + @utils.register_interface(dh.DHPublicKeyWithSerialization) class _DHPublicKey(object): - def __init__(self, backend, dh_cdata): + def __init__(self, backend, dh_cdata, evp_pkey): self._backend = backend self._dh_cdata = dh_cdata + self._evp_pkey = evp_pkey self._key_size_bits = _get_dh_num_bits(self._backend, self._dh_cdata) @property @@ -180,3 +196,18 @@ class _DHPublicKey(object): def parameters(self): return _dh_cdata_to_parameters(self._dh_cdata, self._backend) + + def public_bytes(self, encoding, format): + if format is not serialization.PublicFormat.SubjectPublicKeyInfo: + raise ValueError( + "DH public keys support only " + "SubjectPublicKeyInfo serialization" + ) + + return self._backend._public_key_bytes( + encoding, + format, + self, + self._evp_pkey, + None + ) |