From 1717f8c998b22fbbebec4b5514aee42fb3a2f68d Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 26 Sep 2018 13:38:36 -0500 Subject: add ed25519 bindings (#4476) * add ed25519 bindings * var name --- src/_cffi_src/openssl/cryptography.py | 3 +++ src/_cffi_src/openssl/evp.py | 22 ++++++++++++++++++++++ src/_cffi_src/openssl/nid.py | 8 ++++++++ 3 files changed, 33 insertions(+) (limited to 'src/_cffi_src') diff --git a/src/_cffi_src/openssl/cryptography.py b/src/_cffi_src/openssl/cryptography.py index 11499884..e16fc57d 100644 --- a/src/_cffi_src/openssl/cryptography.py +++ b/src/_cffi_src/openssl/cryptography.py @@ -53,6 +53,8 @@ INCLUDES = """ (OPENSSL_VERSION_NUMBER < 0x10100000 || CRYPTOGRAPHY_IS_LIBRESSL) #define CRYPTOGRAPHY_OPENSSL_LESS_THAN_110J \ (OPENSSL_VERSION_NUMBER < 0x101000af || CRYPTOGRAPHY_IS_LIBRESSL) +#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_111 \ + (OPENSSL_VERSION_NUMBER < 0x10101000 || CRYPTOGRAPHY_IS_LIBRESSL) """ TYPES = """ @@ -62,6 +64,7 @@ static const int CRYPTOGRAPHY_OPENSSL_110F_OR_GREATER; static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_102I; static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_102; +static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_111; static const int CRYPTOGRAPHY_IS_LIBRESSL; """ diff --git a/src/_cffi_src/openssl/evp.py b/src/_cffi_src/openssl/evp.py index 715bfe19..2fb724d2 100644 --- a/src/_cffi_src/openssl/evp.py +++ b/src/_cffi_src/openssl/evp.py @@ -33,6 +33,7 @@ static const int Cryptography_HAS_PKEY_CTX; static const int Cryptography_HAS_SCRYPT; static const int Cryptography_HAS_EVP_PKEY_DHX; static const int Cryptography_HAS_EVP_PKEY_get_set_tls_encodedpoint; +static const int Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY; """ FUNCTIONS = """ @@ -98,6 +99,12 @@ const EVP_MD *EVP_sha256(void); const EVP_MD *EVP_sha384(void); const EVP_MD *EVP_sha512(void); +int EVP_DigestSignInit(EVP_MD_CTX *, EVP_PKEY_CTX **, const EVP_MD *, + ENGINE *, EVP_PKEY *); +int EVP_DigestVerifyInit(EVP_MD_CTX *, EVP_PKEY_CTX **, const EVP_MD *, + ENGINE *, EVP_PKEY *); + + int PKCS5_PBKDF2_HMAC_SHA1(const char *, int, const unsigned char *, int, int, int, unsigned char *); @@ -147,6 +154,11 @@ int Cryptography_EVP_PKEY_id(const EVP_PKEY *); without worrying about what OpenSSL we're running against. */ EVP_MD_CTX *Cryptography_EVP_MD_CTX_new(void); void Cryptography_EVP_MD_CTX_free(EVP_MD_CTX *); +/* Added in 1.1.1 */ +int EVP_DigestSign(EVP_MD_CTX *, unsigned char *, size_t *, + const unsigned char *, size_t); +int EVP_DigestVerify(EVP_MD_CTX *, const unsigned char *, size_t, + const unsigned char *, size_t); /* Added in 1.1.0 */ size_t EVP_PKEY_get1_tls_encodedpoint(EVP_PKEY *, unsigned char **); int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *, const unsigned char *, @@ -232,6 +244,16 @@ int (*EVP_PKEY_set1_tls_encodedpoint)(EVP_PKEY *, const unsigned char *, size_t) = NULL; #endif +#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_111 +static const long Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY = 0; +int (*EVP_DigestSign)(EVP_MD_CTX *, unsigned char *, size_t *, + const unsigned char *tbs, size_t) = NULL; +int (*EVP_DigestVerify)(EVP_MD_CTX *, const unsigned char *, size_t, + const unsigned char *, size_t) = NULL; +#else +static const long Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY = 1; +#endif + /* OpenSSL 1.1.0+ does this define for us, but if not present we'll do it */ #if !defined(EVP_CTRL_AEAD_SET_IVLEN) # define EVP_CTRL_AEAD_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN diff --git a/src/_cffi_src/openssl/nid.py b/src/_cffi_src/openssl/nid.py index ee739c1b..03aaee92 100644 --- a/src/_cffi_src/openssl/nid.py +++ b/src/_cffi_src/openssl/nid.py @@ -10,6 +10,7 @@ INCLUDES = """ TYPES = """ static const int Cryptography_HAS_X25519; +static const int Cryptography_HAS_ED25519; static const int NID_undef; static const int NID_dsa; @@ -92,6 +93,7 @@ static const int NID_sect409r1; static const int NID_sect571k1; static const int NID_sect571r1; static const int NID_X25519; +static const int NID_ED25519; static const int NID_wap_wsg_idm_ecid_wtls1; static const int NID_wap_wsg_idm_ecid_wtls3; static const int NID_wap_wsg_idm_ecid_wtls4; @@ -233,4 +235,10 @@ static const int NID_X25519 = 0; #else static const long Cryptography_HAS_X25519 = 1; #endif +#ifndef NID_ED25519 +static const long Cryptography_HAS_ED25519 = 0; +static const int NID_ED25519 = 0; +#else +static const long Cryptography_HAS_ED25519 = 1; +#endif """ -- cgit v1.2.3