diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2018-10-29 21:10:54 +0800 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2018-10-29 09:10:54 -0400 |
commit | 983b35e7b0b76e687889f755d62c3a95dd485944 (patch) | |
tree | d820058a40082e52af5679905ae9c3a9cb6f3a25 /src/cryptography/hazmat/backends/openssl/rsa.py | |
parent | 328c314d5b003fb4cc8ddd419a73d58f710956ae (diff) | |
download | cryptography-983b35e7b0b76e687889f755d62c3a95dd485944.tar.gz cryptography-983b35e7b0b76e687889f755d62c3a95dd485944.tar.bz2 cryptography-983b35e7b0b76e687889f755d62c3a95dd485944.zip |
create & use _evp_md_from_algorithm and _evp_md_non_null_from_algorithm (#4542)
* create & use _evp_md_from_algorithm and _evp_md_non_null_from_algorithm
* remove unused import
Diffstat (limited to 'src/cryptography/hazmat/backends/openssl/rsa.py')
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/rsa.py | 27 |
1 files changed, 14 insertions, 13 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/rsa.py b/src/cryptography/hazmat/backends/openssl/rsa.py index 9a7bfaa5..00f5e377 100644 --- a/src/cryptography/hazmat/backends/openssl/rsa.py +++ b/src/cryptography/hazmat/backends/openssl/rsa.py @@ -92,14 +92,11 @@ def _enc_dec_rsa_pkey_ctx(backend, key, data, padding_enum, padding): isinstance(padding, OAEP) and backend._lib.Cryptography_HAS_RSA_OAEP_MD ): - mgf1_md = backend._lib.EVP_get_digestbyname( - padding._mgf._algorithm.name.encode("ascii")) - backend.openssl_assert(mgf1_md != backend._ffi.NULL) + mgf1_md = backend._evp_md_non_null_from_algorithm( + padding._mgf._algorithm) res = backend._lib.EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx, mgf1_md) backend.openssl_assert(res > 0) - oaep_md = backend._lib.EVP_get_digestbyname( - padding._algorithm.name.encode("ascii")) - backend.openssl_assert(oaep_md != backend._ffi.NULL) + oaep_md = backend._evp_md_non_null_from_algorithm(padding._algorithm) res = backend._lib.EVP_PKEY_CTX_set_rsa_oaep_md(pkey_ctx, oaep_md) backend.openssl_assert(res > 0) @@ -189,15 +186,21 @@ def _rsa_sig_determine_padding(backend, key, padding, algorithm): def _rsa_sig_setup(backend, padding, algorithm, key, data, init_func): padding_enum = _rsa_sig_determine_padding(backend, key, padding, algorithm) - evp_md = backend._lib.EVP_get_digestbyname(algorithm.name.encode("ascii")) - backend.openssl_assert(evp_md != backend._ffi.NULL) + evp_md = backend._evp_md_non_null_from_algorithm(algorithm) pkey_ctx = backend._lib.EVP_PKEY_CTX_new(key._evp_pkey, backend._ffi.NULL) backend.openssl_assert(pkey_ctx != backend._ffi.NULL) pkey_ctx = backend._ffi.gc(pkey_ctx, backend._lib.EVP_PKEY_CTX_free) res = init_func(pkey_ctx) backend.openssl_assert(res == 1) res = backend._lib.EVP_PKEY_CTX_set_signature_md(pkey_ctx, evp_md) - backend.openssl_assert(res > 0) + if res == 0: + backend._consume_errors() + raise UnsupportedAlgorithm( + "{0} is not supported by this backend for RSA signing.".format( + algorithm.name + ), + _Reasons.UNSUPPORTED_HASH + ) res = backend._lib.EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, padding_enum) backend.openssl_assert(res > 0) if isinstance(padding, PSS): @@ -206,10 +209,8 @@ def _rsa_sig_setup(backend, padding, algorithm, key, data, init_func): ) backend.openssl_assert(res > 0) - mgf1_md = backend._lib.EVP_get_digestbyname( - padding._mgf._algorithm.name.encode("ascii") - ) - backend.openssl_assert(mgf1_md != backend._ffi.NULL) + mgf1_md = backend._evp_md_non_null_from_algorithm( + padding._mgf._algorithm) res = backend._lib.EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx, mgf1_md) backend.openssl_assert(res > 0) |