diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2017-08-22 09:37:32 -0700 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2017-08-22 12:37:32 -0400 |
| commit | e2c1c0fb8cb91b18597496b00df6a23b77f4affa (patch) | |
| tree | 9c4dbdc20ac56f9a3a41ccbcc6423e47e8dd8f47 /src | |
| parent | 22bedaafa70283e3efd735b3fba667172a25310f (diff) | |
| download | cryptography-e2c1c0fb8cb91b18597496b00df6a23b77f4affa.tar.gz cryptography-e2c1c0fb8cb91b18597496b00df6a23b77f4affa.tar.bz2 cryptography-e2c1c0fb8cb91b18597496b00df6a23b77f4affa.zip | |
add blake2b/blake2s support for hmac (#3873)
* add blake2b/blake2s support for hmac
This was a bug, but it turns out the noise protocol suggests using the
HMAC construction with BLAKE2 (rather than BLAKE2's own keyed
functionality) for a few reasons, so we should support it.
* actually test the thing
Diffstat (limited to 'src')
| -rw-r--r-- | src/cryptography/hazmat/backends/openssl/hmac.py | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/hmac.py b/src/cryptography/hazmat/backends/openssl/hmac.py index ea834204..3577f477 100644 --- a/src/cryptography/hazmat/backends/openssl/hmac.py +++ b/src/cryptography/hazmat/backends/openssl/hmac.py @@ -25,12 +25,11 @@ class _HMACContext(object): ctx = self._backend._ffi.gc( ctx, self._backend._lib.Cryptography_HMAC_CTX_free ) - evp_md = self._backend._lib.EVP_get_digestbyname( - algorithm.name.encode('ascii')) + name = self._backend._build_openssl_digest_name(algorithm) + evp_md = self._backend._lib.EVP_get_digestbyname(name) if evp_md == self._backend._ffi.NULL: raise UnsupportedAlgorithm( - "{0} is not a supported hash on this backend.".format( - algorithm.name), + "{0} is not a supported hash on this backend".format(name), _Reasons.UNSUPPORTED_HASH ) res = self._backend._lib.HMAC_Init_ex( |