diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2018-07-12 22:19:21 +0530 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2018-07-12 12:49:20 -0400 |
commit | 0fba4e28de2d0b5b8a262f512b65e487ded0c6e1 (patch) | |
tree | be394af373887f0d616892263178c04aec789914 /src/cryptography/hazmat/backends/openssl/x25519.py | |
parent | e74a263112847bf856c12128ce45f8d3ac2d116a (diff) | |
download | cryptography-0fba4e28de2d0b5b8a262f512b65e487ded0c6e1.tar.gz cryptography-0fba4e28de2d0b5b8a262f512b65e487ded0c6e1.tar.bz2 cryptography-0fba4e28de2d0b5b8a262f512b65e487ded0c6e1.zip |
raise valueerror for null x25519 derived keys (#4332)
* raise valueerror for null x25519 derived keys
OpenSSL errors when it hits this edge case and a null shared key is bad
anyway so let's raise an error
* empty commit
Diffstat (limited to 'src/cryptography/hazmat/backends/openssl/x25519.py')
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/x25519.py | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/x25519.py b/src/cryptography/hazmat/backends/openssl/x25519.py index 5599c2fd..983ece6a 100644 --- a/src/cryptography/hazmat/backends/openssl/x25519.py +++ b/src/cryptography/hazmat/backends/openssl/x25519.py @@ -71,5 +71,9 @@ class _X25519PrivateKey(object): self._backend.openssl_assert(keylen[0] > 0) buf = self._backend._ffi.new("unsigned char[]", keylen[0]) res = self._backend._lib.EVP_PKEY_derive(ctx, buf, keylen) - self._backend.openssl_assert(res == 1) + if res != 1: + raise ValueError( + "Null shared key derived from public/private pair." + ) + return self._backend._ffi.buffer(buf, keylen[0])[:] |