support x448 public/private serialization both raw and pkcs8 (#4653)

* support x448 public/private serialization both raw and pkcs8 * add tests for all other asym key types to prevent Raw * more tests * better tests * fix a test * funny story, I'm actually illiterate. * pep8 * require PrivateFormat.Raw or PublicFormat.Raw with Encoding.Raw * missing docs * parametrize * docs fixes * remove dupe line * assert something
author: Paul Kehrer <paul.l.kehrer@gmail.com> 2019-01-12 21:18:21 -0800
committer: Alex Gaynor <alex.gaynor@gmail.com> 2019-01-13 00:18:21 -0500
commit: dbcbffa06c9930a687010ca816596ca3f5cc78e9 (patch)
tree: 27f88222ed222e45784f4c1e6ea0b8d6b9f9d07b /src/cryptography/hazmat/backends/openssl/x448.py
parent: 9b198104db8b53178212b5849919b6a61ca794ab (diff)
download: cryptography-dbcbffa06c9930a687010ca816596ca3f5cc78e9.tar.gz
cryptography-dbcbffa06c9930a687010ca816596ca3f5cc78e9.tar.bz2
cryptography-dbcbffa06c9930a687010ca816596ca3f5cc78e9.zip
1 files changed, 72 insertions, 1 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/x448.py b/src/cryptography/hazmat/backends/openssl/x448.py
index a10aa821..3792fd79 100644
--- a/src/cryptography/hazmat/backends/openssl/x448.py
+++ b/src/cryptography/hazmat/backends/openssl/x448.py
@@ -6,11 +6,15 @@ from __future__ import absolute_import, division, print_function
 
 from cryptography import utils
 from cryptography.hazmat.backends.openssl.utils import _evp_pkey_derive
+from cryptography.hazmat.primitives import serialization
 from cryptography.hazmat.primitives.asymmetric.x448 import (
     X448PrivateKey, X448PublicKey
 )
 
 _X448_KEY_SIZE = 56
+_PEM_DER = (
+    serialization.Encoding.PEM, serialization.Encoding.DER
+)
 
 
 @utils.register_interface(X448PublicKey)
@@ -19,7 +23,35 @@ class _X448PublicKey(object):
         self._backend = backend
         self._evp_pkey = evp_pkey
 
-    def public_bytes(self):
+    def public_bytes(self, encoding, format):
+        if (
+            encoding is serialization.Encoding.Raw or
+            format is serialization.PublicFormat.Raw
+        ):
+            if (
+                encoding is not serialization.Encoding.Raw or
+                format is not serialization.PublicFormat.Raw
+            ):
+                raise ValueError(
+                    "When using Raw both encoding and format must be Raw"
+                )
+
+            return self._raw_public_bytes()
+
+        if (
+            encoding in _PEM_DER and
+            format is not serialization.PublicFormat.SubjectPublicKeyInfo
+        ):
+            raise ValueError(
+                "format must be SubjectPublicKeyInfo when encoding is PEM or "
+                "DER"
+            )
+
+        return self._backend._public_key_bytes(
+            encoding, format, self, self._evp_pkey, None
+        )
+
+    def _raw_public_bytes(self):
         buf = self._backend._ffi.new("unsigned char []", _X448_KEY_SIZE)
         buflen = self._backend._ffi.new("size_t *", _X448_KEY_SIZE)
         res = self._backend._lib.EVP_PKEY_get_raw_public_key(
@@ -53,3 +85,42 @@ class _X448PrivateKey(object):
         return _evp_pkey_derive(
             self._backend, self._evp_pkey, peer_public_key
         )
+
+    def private_bytes(self, encoding, format, encryption_algorithm):
+        if (
+            encoding is serialization.Encoding.Raw or
+            format is serialization.PublicFormat.Raw
+        ):
+            if (
+                format is not serialization.PrivateFormat.Raw or
+                encoding is not serialization.Encoding.Raw or not
+                isinstance(encryption_algorithm, serialization.NoEncryption)
+            ):
+                raise ValueError(
+                    "When using Raw both encoding and format must be Raw "
+                    "and encryption_algorithm must be NoEncryption"
+                )
+
+            return self._raw_private_bytes()
+
+        if (
+            encoding in _PEM_DER and
+            format is not serialization.PrivateFormat.PKCS8
+        ):
+            raise ValueError(
+                "format must be PKCS8 when encoding is PEM or DER"
+            )
+
+        return self._backend._private_key_bytes(
+            encoding, format, encryption_algorithm, self._evp_pkey, None
+        )
+
+    def _raw_private_bytes(self):
+        buf = self._backend._ffi.new("unsigned char []", _X448_KEY_SIZE)
+        buflen = self._backend._ffi.new("size_t *", _X448_KEY_SIZE)
+        res = self._backend._lib.EVP_PKEY_get_raw_private_key(
+            self._evp_pkey, buf, buflen
+        )
+        self._backend.openssl_assert(res == 1)
+        self._backend.openssl_assert(buflen[0] == _X448_KEY_SIZE)
+        return self._backend._ffi.buffer(buf, _X448_KEY_SIZE)[:]
author	Paul Kehrer <paul.l.kehrer@gmail.com>	2019-01-12 21:18:21 -0800
committer	Alex Gaynor <alex.gaynor@gmail.com>	2019-01-13 00:18:21 -0500
commit	dbcbffa06c9930a687010ca816596ca3f5cc78e9 (patch)
tree	27f88222ed222e45784f4c1e6ea0b8d6b9f9d07b /src/cryptography/hazmat/backends/openssl/x448.py
parent	9b198104db8b53178212b5849919b6a61ca794ab (diff)
download	cryptography-dbcbffa06c9930a687010ca816596ca3f5cc78e9.tar.gz cryptography-dbcbffa06c9930a687010ca816596ca3f5cc78e9.tar.bz2 cryptography-dbcbffa06c9930a687010ca816596ca3f5cc78e9.zip