Merge pull request #2647 from reaperhulk/opaque-evp-pkey

opaque EVP_PKEY since EVP_PKEY_id exists
author: Alex Gaynor <alex.gaynor@gmail.com> 2016-01-08 07:21:17 -0500
committer: Alex Gaynor <alex.gaynor@gmail.com> 2016-01-08 07:21:17 -0500
commit: b3913acb3612e5c941924b15d3de47a2280d4011 (patch)
tree: ffbd8595ca370859bbc678a32b5345606f96f942 /src
parent: 14d125e3dae32ec329fab88d7293c1554d501422 (diff)
parent: 3a2ae678710e7f61c7fe374e1ebc76e0b4705ecb (diff)
download: cryptography-b3913acb3612e5c941924b15d3de47a2280d4011.tar.gz
cryptography-b3913acb3612e5c941924b15d3de47a2280d4011.tar.bz2
cryptography-b3913acb3612e5c941924b15d3de47a2280d4011.zip
2 files changed, 22 insertions, 13 deletions
diff --git a/src/_cffi_src/openssl/evp.py b/src/_cffi_src/openssl/evp.py
index 6d17cb7c..1d37b814 100644
--- a/src/_cffi_src/openssl/evp.py
+++ b/src/_cffi_src/openssl/evp.py
@@ -21,10 +21,7 @@ typedef struct env_md_ctx_st {
     ...;
 } EVP_MD_CTX;
 
-typedef struct evp_pkey_st {
-    int type;
-    ...;
-} EVP_PKEY;
+typedef ... EVP_PKEY;
 typedef ... EVP_PKEY_CTX;
 static const int EVP_PKEY_RSA;
 static const int EVP_PKEY_DSA;
@@ -122,6 +119,8 @@ int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *, const char *, int,
 int EVP_PKEY_cmp(const EVP_PKEY *, const EVP_PKEY *);
 
 EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *);
+
+int Cryptography_EVP_PKEY_id(const EVP_PKEY *);
 """
 
 MACROS = """
@@ -230,4 +229,13 @@ int (*EVP_PKEY_assign_EC_KEY)(EVP_PKEY *, EC_KEY *) = NULL;
 EC_KEY *(*EVP_PKEY_get1_EC_KEY)(EVP_PKEY *) = NULL;
 int (*EVP_PKEY_set1_EC_KEY)(EVP_PKEY *, EC_KEY *) = NULL;
 #endif
+/* EVP_PKEY_id is not available on 0.9.8 so we'll define our own. This can
+   be removed when we remove 0.9.8 support. */
+int Cryptography_EVP_PKEY_id(const EVP_PKEY *key) {
+    #if OPENSSL_VERSION_NUMBER >= 0x10000000L
+        return EVP_PKEY_id(key);
+    #else
+        return key->type;
+    #endif
+}
 """
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index 02cfda8f..c3e1db66 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -1077,7 +1077,7 @@ class Backend(object):
         pointer.
         """
 
-        key_type = evp_pkey.type
+        key_type = self._lib.Cryptography_EVP_PKEY_id(evp_pkey)
 
         if key_type == self._lib.EVP_PKEY_RSA:
             rsa_cdata = self._lib.EVP_PKEY_get1_RSA(evp_pkey)
@@ -1104,7 +1104,7 @@ class Backend(object):
         pointer.
         """
 
-        key_type = evp_pkey.type
+        key_type = self._lib.Cryptography_EVP_PKEY_id(evp_pkey)
 
         if key_type == self._lib.EVP_PKEY_RSA:
             rsa_cdata = self._lib.EVP_PKEY_get1_RSA(evp_pkey)
@@ -2132,19 +2132,20 @@ class Backend(object):
         else:
             raise ValueError("Unsupported encryption type")
 
+        key_type = self._lib.Cryptography_EVP_PKEY_id(evp_pkey)
         if encoding is serialization.Encoding.PEM:
             if format is serialization.PrivateFormat.PKCS8:
                 write_bio = self._lib.PEM_write_bio_PKCS8PrivateKey
                 key = evp_pkey
             else:
                 assert format is serialization.PrivateFormat.TraditionalOpenSSL
-                if evp_pkey.type == self._lib.EVP_PKEY_RSA:
+                if key_type == self._lib.EVP_PKEY_RSA:
                     write_bio = self._lib.PEM_write_bio_RSAPrivateKey
-                elif evp_pkey.type == self._lib.EVP_PKEY_DSA:
+                elif key_type == self._lib.EVP_PKEY_DSA:
                     write_bio = self._lib.PEM_write_bio_DSAPrivateKey
                 else:
                     assert self._lib.Cryptography_HAS_EC == 1
-                    assert evp_pkey.type == self._lib.EVP_PKEY_EC
+                    assert key_type == self._lib.EVP_PKEY_EC
                     write_bio = self._lib.PEM_write_bio_ECPrivateKey
 
                 key = cdata
@@ -2158,9 +2159,7 @@ class Backend(object):
                         "traditional OpenSSL keys"
                     )
 
-                return self._private_key_bytes_traditional_der(
-                    evp_pkey.type, cdata
-                )
+                return self._private_key_bytes_traditional_der(key_type, cdata)
             else:
                 assert format is serialization.PrivateFormat.PKCS8
                 write_bio = self._lib.i2d_PKCS8PrivateKey_bio
@@ -2210,7 +2209,9 @@ class Backend(object):
             key = evp_pkey
         elif format is serialization.PublicFormat.PKCS1:
             # Only RSA is supported here.
-            assert evp_pkey.type == self._lib.EVP_PKEY_RSA
+            assert self._lib.Cryptography_EVP_PKEY_id(
+                evp_pkey
+            ) == self._lib.EVP_PKEY_RSA
             if encoding is serialization.Encoding.PEM:
                 write_bio = self._lib.PEM_write_bio_RSAPublicKey
             else:
author	Alex Gaynor <alex.gaynor@gmail.com>	2016-01-08 07:21:17 -0500
committer	Alex Gaynor <alex.gaynor@gmail.com>	2016-01-08 07:21:17 -0500
commit	b3913acb3612e5c941924b15d3de47a2280d4011 (patch)
tree	ffbd8595ca370859bbc678a32b5345606f96f942 /src
parent	14d125e3dae32ec329fab88d7293c1554d501422 (diff)
parent	3a2ae678710e7f61c7fe374e1ebc76e0b4705ecb (diff)
download	cryptography-b3913acb3612e5c941924b15d3de47a2280d4011.tar.gz cryptography-b3913acb3612e5c941924b15d3de47a2280d4011.tar.bz2 cryptography-b3913acb3612e5c941924b15d3de47a2280d4011.zip