diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2019-03-10 10:12:00 +0800 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2019-03-09 21:12:00 -0500 |
commit | b73ed5a6a3067c832413a6b4c987667a9d545153 (patch) | |
tree | e8d2881b29c41bc7967c2e24805de506fc996468 /src/cryptography/hazmat/primitives | |
parent | 3a300e6c8ed64503f3ef6cc22e5dda403fe8751a (diff) | |
download | cryptography-b73ed5a6a3067c832413a6b4c987667a9d545153.tar.gz cryptography-b73ed5a6a3067c832413a6b4c987667a9d545153.tar.bz2 cryptography-b73ed5a6a3067c832413a6b4c987667a9d545153.zip |
poly1305 support (#4802)
* poly1305 support
* some more tests
* have I mentioned how bad the spellchecker is?
* doc improvements
* EVP_PKEY_new_raw_private_key copies the key but that's not documented
Let's assume that might change and be very defensive
* review feedback
* add a test that fails on a tag of the correct length but wrong value
* docs improvements
Diffstat (limited to 'src/cryptography/hazmat/primitives')
-rw-r--r-- | src/cryptography/hazmat/primitives/poly1305.py | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/src/cryptography/hazmat/primitives/poly1305.py b/src/cryptography/hazmat/primitives/poly1305.py new file mode 100644 index 00000000..02b6629d --- /dev/null +++ b/src/cryptography/hazmat/primitives/poly1305.py @@ -0,0 +1,43 @@ +# This file is dual licensed under the terms of the Apache License, Version +# 2.0, and the BSD License. See the LICENSE file in the root of this repository +# for complete details. + +from __future__ import absolute_import, division, print_function + + +from cryptography import utils +from cryptography.exceptions import ( + AlreadyFinalized, UnsupportedAlgorithm, _Reasons +) + + +class Poly1305(object): + def __init__(self, key): + from cryptography.hazmat.backends.openssl.backend import backend + if not backend.poly1305_supported(): + raise UnsupportedAlgorithm( + "poly1305 is not supported by this version of OpenSSL.", + _Reasons.UNSUPPORTED_MAC + ) + self._ctx = backend.create_poly1305_ctx(key) + + def update(self, data): + if self._ctx is None: + raise AlreadyFinalized("Context was already finalized.") + utils._check_byteslike("data", data) + self._ctx.update(data) + + def finalize(self): + if self._ctx is None: + raise AlreadyFinalized("Context was already finalized.") + mac = self._ctx.finalize() + self._ctx = None + return mac + + def verify(self, tag): + utils._check_bytes("tag", tag) + if self._ctx is None: + raise AlreadyFinalized("Context was already finalized.") + + ctx, self._ctx = self._ctx, None + ctx.verify(tag) |