diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-09-26 16:34:54 -0500 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-09-26 16:34:54 -0500 |
| commit | 0bcfa2d5503f3bc7b77aea514fe5ffce97b8abdb (patch) | |
| tree | 5dee78539dc735c718f92a78d3e48d1740aad756 | |
| parent | fc5f4f97c52b07f0345efd11b03b7996ff1168d6 (diff) | |
| download | cryptography-0bcfa2d5503f3bc7b77aea514fe5ffce97b8abdb.tar.gz cryptography-0bcfa2d5503f3bc7b77aea514fe5ffce97b8abdb.tar.bz2 cryptography-0bcfa2d5503f3bc7b77aea514fe5ffce97b8abdb.zip | |
add curve name parsing to public key loader
| -rw-r--r-- | cryptography/hazmat/backends/openssl/backend.py | 34 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_serialization.py | 2 |
2 files changed, 21 insertions, 15 deletions
diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py index 46ecde15..4fdede5b 100644 --- a/cryptography/hazmat/backends/openssl/backend.py +++ b/cryptography/hazmat/backends/openssl/backend.py @@ -479,19 +479,8 @@ class Backend(object): ec_cdata = self._lib.EVP_PKEY_get1_EC_KEY(evp_pkey) assert ec_cdata != self._ffi.NULL ec_cdata = self._ffi.gc(ec_cdata, self._lib.EC_KEY_free) - group = self._lib.EC_KEY_get0_group(ec_cdata) - assert group != self._ffi.NULL - - nid = self._lib.EC_GROUP_get_curve_name(group) - assert nid != 0 - - curve_name = self._lib.OBJ_nid2sn(nid) - assert curve_name != self._ffi.NULL - - sn = self._ffi.string(curve_name).decode('ascii') - + sn = self._ec_key_curve_sn(ec_cdata) curve = self._sn_to_elliptic_curve(sn) - return _EllipticCurvePrivateKey(self, ec_cdata, curve) else: raise UnsupportedAlgorithm("Unsupported key type.") @@ -514,15 +503,30 @@ class Backend(object): assert dsa_cdata != self._ffi.NULL dsa_cdata = self._ffi.gc(dsa_cdata, self._lib.DSA_free) return _DSAPublicKey(self, dsa_cdata) - elif self._lib.Cryptography_HAS_EC == 1 \ - and type == self._lib.EVP_PKEY_EC: + elif (self._lib.Cryptography_HAS_EC == 1 and + type == self._lib.EVP_PKEY_EC): ec_cdata = self._lib.EVP_PKEY_get1_EC_KEY(evp_pkey) assert ec_cdata != self._ffi.NULL ec_cdata = self._ffi.gc(ec_cdata, self._lib.EC_KEY_free) - return _EllipticCurvePublicKey(self, ec_cdata, None) + sn = self._ec_key_curve_sn(ec_cdata) + curve = self._sn_to_elliptic_curve(sn) + return _EllipticCurvePublicKey(self, ec_cdata, curve) else: raise UnsupportedAlgorithm("Unsupported key type.") + def _ec_key_curve_sn(self, ec_key): + group = self._lib.EC_KEY_get0_group(ec_key) + assert group != self._ffi.NULL + + nid = self._lib.EC_GROUP_get_curve_name(group) + assert nid != 0 + + curve_name = self._lib.OBJ_nid2sn(nid) + assert curve_name != self._ffi.NULL + + sn = self._ffi.string(curve_name).decode('ascii') + return sn + def _pem_password_cb(self, password): """ Generate a pem_password_cb function pointer that copied the password to diff --git a/tests/hazmat/primitives/test_serialization.py b/tests/hazmat/primitives/test_serialization.py index 06997491..5ee68b23 100644 --- a/tests/hazmat/primitives/test_serialization.py +++ b/tests/hazmat/primitives/test_serialization.py @@ -135,6 +135,8 @@ class TestPEMSerialization(object): ) assert key assert isinstance(key, interfaces.EllipticCurvePublicKey) + assert key.curve.name == "secp256r1" + assert key.curve.key_size == 256 @pytest.mark.traditional_openssl_serialization |