diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2016-01-08 07:21:17 -0500 | 
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2016-01-08 07:21:17 -0500 | 
| commit | b3913acb3612e5c941924b15d3de47a2280d4011 (patch) | |
| tree | ffbd8595ca370859bbc678a32b5345606f96f942 /src | |
| parent | 14d125e3dae32ec329fab88d7293c1554d501422 (diff) | |
| parent | 3a2ae678710e7f61c7fe374e1ebc76e0b4705ecb (diff) | |
| download | cryptography-b3913acb3612e5c941924b15d3de47a2280d4011.tar.gz cryptography-b3913acb3612e5c941924b15d3de47a2280d4011.tar.bz2 cryptography-b3913acb3612e5c941924b15d3de47a2280d4011.zip | |
Merge pull request #2647 from reaperhulk/opaque-evp-pkey
opaque EVP_PKEY since EVP_PKEY_id exists
Diffstat (limited to 'src')
| -rw-r--r-- | src/_cffi_src/openssl/evp.py | 16 | ||||
| -rw-r--r-- | src/cryptography/hazmat/backends/openssl/backend.py | 19 | 
2 files changed, 22 insertions, 13 deletions
| diff --git a/src/_cffi_src/openssl/evp.py b/src/_cffi_src/openssl/evp.py index 6d17cb7c..1d37b814 100644 --- a/src/_cffi_src/openssl/evp.py +++ b/src/_cffi_src/openssl/evp.py @@ -21,10 +21,7 @@ typedef struct env_md_ctx_st {      ...;  } EVP_MD_CTX; -typedef struct evp_pkey_st { -    int type; -    ...; -} EVP_PKEY; +typedef ... EVP_PKEY;  typedef ... EVP_PKEY_CTX;  static const int EVP_PKEY_RSA;  static const int EVP_PKEY_DSA; @@ -122,6 +119,8 @@ int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *, const char *, int,  int EVP_PKEY_cmp(const EVP_PKEY *, const EVP_PKEY *);  EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *); + +int Cryptography_EVP_PKEY_id(const EVP_PKEY *);  """  MACROS = """ @@ -230,4 +229,13 @@ int (*EVP_PKEY_assign_EC_KEY)(EVP_PKEY *, EC_KEY *) = NULL;  EC_KEY *(*EVP_PKEY_get1_EC_KEY)(EVP_PKEY *) = NULL;  int (*EVP_PKEY_set1_EC_KEY)(EVP_PKEY *, EC_KEY *) = NULL;  #endif +/* EVP_PKEY_id is not available on 0.9.8 so we'll define our own. This can +   be removed when we remove 0.9.8 support. */ +int Cryptography_EVP_PKEY_id(const EVP_PKEY *key) { +    #if OPENSSL_VERSION_NUMBER >= 0x10000000L +        return EVP_PKEY_id(key); +    #else +        return key->type; +    #endif +}  """ diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py index 02cfda8f..c3e1db66 100644 --- a/src/cryptography/hazmat/backends/openssl/backend.py +++ b/src/cryptography/hazmat/backends/openssl/backend.py @@ -1077,7 +1077,7 @@ class Backend(object):          pointer.          """ -        key_type = evp_pkey.type +        key_type = self._lib.Cryptography_EVP_PKEY_id(evp_pkey)          if key_type == self._lib.EVP_PKEY_RSA:              rsa_cdata = self._lib.EVP_PKEY_get1_RSA(evp_pkey) @@ -1104,7 +1104,7 @@ class Backend(object):          pointer.          """ -        key_type = evp_pkey.type +        key_type = self._lib.Cryptography_EVP_PKEY_id(evp_pkey)          if key_type == self._lib.EVP_PKEY_RSA:              rsa_cdata = self._lib.EVP_PKEY_get1_RSA(evp_pkey) @@ -2132,19 +2132,20 @@ class Backend(object):          else:              raise ValueError("Unsupported encryption type") +        key_type = self._lib.Cryptography_EVP_PKEY_id(evp_pkey)          if encoding is serialization.Encoding.PEM:              if format is serialization.PrivateFormat.PKCS8:                  write_bio = self._lib.PEM_write_bio_PKCS8PrivateKey                  key = evp_pkey              else:                  assert format is serialization.PrivateFormat.TraditionalOpenSSL -                if evp_pkey.type == self._lib.EVP_PKEY_RSA: +                if key_type == self._lib.EVP_PKEY_RSA:                      write_bio = self._lib.PEM_write_bio_RSAPrivateKey -                elif evp_pkey.type == self._lib.EVP_PKEY_DSA: +                elif key_type == self._lib.EVP_PKEY_DSA:                      write_bio = self._lib.PEM_write_bio_DSAPrivateKey                  else:                      assert self._lib.Cryptography_HAS_EC == 1 -                    assert evp_pkey.type == self._lib.EVP_PKEY_EC +                    assert key_type == self._lib.EVP_PKEY_EC                      write_bio = self._lib.PEM_write_bio_ECPrivateKey                  key = cdata @@ -2158,9 +2159,7 @@ class Backend(object):                          "traditional OpenSSL keys"                      ) -                return self._private_key_bytes_traditional_der( -                    evp_pkey.type, cdata -                ) +                return self._private_key_bytes_traditional_der(key_type, cdata)              else:                  assert format is serialization.PrivateFormat.PKCS8                  write_bio = self._lib.i2d_PKCS8PrivateKey_bio @@ -2210,7 +2209,9 @@ class Backend(object):              key = evp_pkey          elif format is serialization.PublicFormat.PKCS1:              # Only RSA is supported here. -            assert evp_pkey.type == self._lib.EVP_PKEY_RSA +            assert self._lib.Cryptography_EVP_PKEY_id( +                evp_pkey +            ) == self._lib.EVP_PKEY_RSA              if encoding is serialization.Encoding.PEM:                  write_bio = self._lib.PEM_write_bio_RSAPublicKey              else: | 
