diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2019-01-17 09:43:47 -0600 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2019-01-17 10:43:47 -0500 |
commit | 5b4c81e39622fc13895bf5df7d0f4f6bd067e7a0 (patch) | |
tree | 70ae40472a57cad2b25d9fba7044f3a719e7c05f /src/cryptography/hazmat/primitives/asymmetric | |
parent | 8d9ea52be9e7de1373641d3afaed9b292cb03f43 (diff) | |
download | cryptography-5b4c81e39622fc13895bf5df7d0f4f6bd067e7a0.tar.gz cryptography-5b4c81e39622fc13895bf5df7d0f4f6bd067e7a0.tar.bz2 cryptography-5b4c81e39622fc13895bf5df7d0f4f6bd067e7a0.zip |
x448 and x25519 should enforce key lengths in backend (#4703)
* x448 and x25519 should enforce key lengths in from_private_bytes
they should also check if the algorithm is supported like the public
bytes class methods do
* oops
* move the checks
Diffstat (limited to 'src/cryptography/hazmat/primitives/asymmetric')
-rw-r--r-- | src/cryptography/hazmat/primitives/asymmetric/x25519.py | 9 | ||||
-rw-r--r-- | src/cryptography/hazmat/primitives/asymmetric/x448.py | 6 |
2 files changed, 12 insertions, 3 deletions
diff --git a/src/cryptography/hazmat/primitives/asymmetric/x25519.py b/src/cryptography/hazmat/primitives/asymmetric/x25519.py index 94602261..4e8badf4 100644 --- a/src/cryptography/hazmat/primitives/asymmetric/x25519.py +++ b/src/cryptography/hazmat/primitives/asymmetric/x25519.py @@ -22,9 +22,6 @@ class X25519PublicKey(object): _Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM ) - if len(data) != 32: - raise ValueError("An X25519 public key is 32 bytes long") - return backend.x25519_load_public_bytes(data) @abc.abstractmethod @@ -49,6 +46,12 @@ class X25519PrivateKey(object): @classmethod def from_private_bytes(cls, data): from cryptography.hazmat.backends.openssl.backend import backend + if not backend.x25519_supported(): + raise UnsupportedAlgorithm( + "X25519 is not supported by this version of OpenSSL.", + _Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM + ) + return backend.x25519_load_private_bytes(data) @abc.abstractmethod diff --git a/src/cryptography/hazmat/primitives/asymmetric/x448.py b/src/cryptography/hazmat/primitives/asymmetric/x448.py index 992ec0fd..475e678f 100644 --- a/src/cryptography/hazmat/primitives/asymmetric/x448.py +++ b/src/cryptography/hazmat/primitives/asymmetric/x448.py @@ -46,6 +46,12 @@ class X448PrivateKey(object): @classmethod def from_private_bytes(cls, data): from cryptography.hazmat.backends.openssl.backend import backend + if not backend.x448_supported(): + raise UnsupportedAlgorithm( + "X448 is not supported by this version of OpenSSL.", + _Reasons.UNSUPPORTED_EXCHANGE_ALGORITHM + ) + return backend.x448_load_private_bytes(data) @abc.abstractmethod |