From 7b57fe1fd4e31e57fb0840fdd2ae32710fd1060c Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Mon, 12 Nov 2018 08:42:09 -0500
Subject: x448 bindings (#4577)

---
 src/_cffi_src/openssl/evp.py                             | 8 ++++++++
 src/_cffi_src/openssl/nid.py                             | 8 ++++++++
 src/cryptography/hazmat/bindings/openssl/_conditional.py | 8 ++++++++
 3 files changed, 24 insertions(+)

(limited to 'src')

diff --git a/src/_cffi_src/openssl/evp.py b/src/_cffi_src/openssl/evp.py
index 227ec35a..84b91086 100644
--- a/src/_cffi_src/openssl/evp.py
+++ b/src/_cffi_src/openssl/evp.py
@@ -22,6 +22,7 @@ static const int EVP_PKEY_DH;
 static const int EVP_PKEY_DHX;
 static const int EVP_PKEY_EC;
 static const int EVP_PKEY_X25519;
+static const int EVP_PKEY_X448;
 static const int EVP_MAX_MD_SIZE;
 static const int EVP_CTRL_AEAD_SET_IVLEN;
 static const int EVP_CTRL_AEAD_GET_TAG;
@@ -290,4 +291,11 @@ static const long Cryptography_HAS_RAW_KEY = 1;
 #ifndef EVP_PKEY_X25519
 #define EVP_PKEY_X25519 NID_X25519
 #endif
+
+/* This is tied to X448 support so we reuse the Cryptography_HAS_X448
+   conditional to remove it. OpenSSL 1.1.1 adds this define.  We can remove
+   this in the distant future when we drop 1.1.0 support. */
+#ifndef EVP_PKEY_X448
+#define EVP_PKEY_X448 NID_X448
+#endif
 """
diff --git a/src/_cffi_src/openssl/nid.py b/src/_cffi_src/openssl/nid.py
index 03aaee92..226229e9 100644
--- a/src/_cffi_src/openssl/nid.py
+++ b/src/_cffi_src/openssl/nid.py
@@ -10,6 +10,7 @@ INCLUDES = """
 
 TYPES = """
 static const int Cryptography_HAS_X25519;
+static const int Cryptography_HAS_X448;
 static const int Cryptography_HAS_ED25519;
 
 static const int NID_undef;
@@ -93,6 +94,7 @@ static const int NID_sect409r1;
 static const int NID_sect571k1;
 static const int NID_sect571r1;
 static const int NID_X25519;
+static const int NID_X448;
 static const int NID_ED25519;
 static const int NID_wap_wsg_idm_ecid_wtls1;
 static const int NID_wap_wsg_idm_ecid_wtls3;
@@ -241,4 +243,10 @@ static const int NID_ED25519 = 0;
 #else
 static const long Cryptography_HAS_ED25519 = 1;
 #endif
+#ifndef NID_X448
+static const long Cryptography_HAS_X448 = 0;
+static const int NID_X448 = 0;
+#else
+static const long Cryptography_HAS_X448 = 1;
+#endif
 """
diff --git a/src/cryptography/hazmat/bindings/openssl/_conditional.py b/src/cryptography/hazmat/bindings/openssl/_conditional.py
index 959a1abb..330a718c 100644
--- a/src/cryptography/hazmat/bindings/openssl/_conditional.py
+++ b/src/cryptography/hazmat/bindings/openssl/_conditional.py
@@ -224,6 +224,13 @@ def cryptography_has_x25519():
     ]
 
 
+def cryptography_has_x448():
+    return [
+        "EVP_PKEY_X448",
+        "NID_X448",
+    ]
+
+
 def cryptography_has_ed25519():
     return [
         "NID_ED25519",
@@ -358,6 +365,7 @@ CONDITIONAL_NAMES = {
         cryptography_has_x509_store_ctx_get_issuer
     ),
     "Cryptography_HAS_X25519": cryptography_has_x25519,
+    "Cryptography_HAS_X448": cryptography_has_x448,
     "Cryptography_HAS_ED25519": cryptography_has_ed25519,
     "Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY": (
         cryptography_has_oneshot_evp_digest_sign_verify
-- 
cgit v1.2.3