diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2016-11-20 23:45:06 +0800 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2016-11-20 10:45:06 -0500 |
commit | 6012ccff0d709a80259f93a406eca5d133b40108 (patch) | |
tree | 6aab57ae422206aee4c21f318c7a30ed38fffdfb /src | |
parent | f555c74d5419a52648e2a903595c13bd13d13ce2 (diff) | |
download | cryptography-6012ccff0d709a80259f93a406eca5d133b40108.tar.gz cryptography-6012ccff0d709a80259f93a406eca5d133b40108.tar.bz2 cryptography-6012ccff0d709a80259f93a406eca5d133b40108.zip |
support prehashed sign/verify in DSA (#3266)
Diffstat (limited to 'src')
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/dsa.py | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/dsa.py b/src/cryptography/hazmat/backends/openssl/dsa.py index 07d2c3bc..e82c043d 100644 --- a/src/cryptography/hazmat/backends/openssl/dsa.py +++ b/src/cryptography/hazmat/backends/openssl/dsa.py @@ -6,7 +6,9 @@ from __future__ import absolute_import, division, print_function from cryptography import utils from cryptography.exceptions import InvalidSignature -from cryptography.hazmat.backends.openssl.utils import _truncate_digest +from cryptography.hazmat.backends.openssl.utils import ( + _calculate_digest_and_algorithm, _truncate_digest +) from cryptography.hazmat.primitives import hashes, serialization from cryptography.hazmat.primitives.asymmetric import ( AsymmetricSignatureContext, AsymmetricVerificationContext, dsa @@ -207,9 +209,11 @@ class _DSAPrivateKey(object): ) def sign(self, data, algorithm): - signer = self.signer(algorithm) - signer.update(data) - return signer.finalize() + data, algorithm = _calculate_digest_and_algorithm( + self._backend, data, algorithm + ) + data = _truncate_digest_for_dsa(self._dsa_cdata, data, self._backend) + return _dsa_sig_sign(self._backend, self, data) @utils.register_interface(dsa.DSAPublicKeyWithSerialization) @@ -279,6 +283,8 @@ class _DSAPublicKey(object): ) def verify(self, signature, data, algorithm): - verifier = self.verifier(signature, algorithm) - verifier.update(data) - verifier.verify() + data, algorithm = _calculate_digest_and_algorithm( + self._backend, data, algorithm + ) + data = _truncate_digest_for_dsa(self._dsa_cdata, data, self._backend) + return _dsa_sig_verify(self._backend, self, signature, data) |