diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2018-09-26 13:38:36 -0500 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2018-09-26 14:38:36 -0400 |
| commit | 1717f8c998b22fbbebec4b5514aee42fb3a2f68d (patch) | |
| tree | 5992e22e5b74ae27a118b8859388a5e2ab53dbac | |
| parent | 0a7bebfaf710d3691cec311d13be7725af4b93cc (diff) | |
| download | cryptography-1717f8c998b22fbbebec4b5514aee42fb3a2f68d.tar.gz cryptography-1717f8c998b22fbbebec4b5514aee42fb3a2f68d.tar.bz2 cryptography-1717f8c998b22fbbebec4b5514aee42fb3a2f68d.zip | |
add ed25519 bindings (#4476)
* add ed25519 bindings
* var name
| -rw-r--r-- | src/_cffi_src/openssl/cryptography.py | 3 | ||||
| -rw-r--r-- | src/_cffi_src/openssl/evp.py | 22 | ||||
| -rw-r--r-- | src/_cffi_src/openssl/nid.py | 8 | ||||
| -rw-r--r-- | src/cryptography/hazmat/bindings/openssl/_conditional.py | 17 |
4 files changed, 50 insertions, 0 deletions
diff --git a/src/_cffi_src/openssl/cryptography.py b/src/_cffi_src/openssl/cryptography.py index 11499884..e16fc57d 100644 --- a/src/_cffi_src/openssl/cryptography.py +++ b/src/_cffi_src/openssl/cryptography.py @@ -53,6 +53,8 @@ INCLUDES = """ (OPENSSL_VERSION_NUMBER < 0x10100000 || CRYPTOGRAPHY_IS_LIBRESSL) #define CRYPTOGRAPHY_OPENSSL_LESS_THAN_110J \ (OPENSSL_VERSION_NUMBER < 0x101000af || CRYPTOGRAPHY_IS_LIBRESSL) +#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_111 \ + (OPENSSL_VERSION_NUMBER < 0x10101000 || CRYPTOGRAPHY_IS_LIBRESSL) """ TYPES = """ @@ -62,6 +64,7 @@ static const int CRYPTOGRAPHY_OPENSSL_110F_OR_GREATER; static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_102I; static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_102; +static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_111; static const int CRYPTOGRAPHY_IS_LIBRESSL; """ diff --git a/src/_cffi_src/openssl/evp.py b/src/_cffi_src/openssl/evp.py index 715bfe19..2fb724d2 100644 --- a/src/_cffi_src/openssl/evp.py +++ b/src/_cffi_src/openssl/evp.py @@ -33,6 +33,7 @@ static const int Cryptography_HAS_PKEY_CTX; static const int Cryptography_HAS_SCRYPT; static const int Cryptography_HAS_EVP_PKEY_DHX; static const int Cryptography_HAS_EVP_PKEY_get_set_tls_encodedpoint; +static const int Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY; """ FUNCTIONS = """ @@ -98,6 +99,12 @@ const EVP_MD *EVP_sha256(void); const EVP_MD *EVP_sha384(void); const EVP_MD *EVP_sha512(void); +int EVP_DigestSignInit(EVP_MD_CTX *, EVP_PKEY_CTX **, const EVP_MD *, + ENGINE *, EVP_PKEY *); +int EVP_DigestVerifyInit(EVP_MD_CTX *, EVP_PKEY_CTX **, const EVP_MD *, + ENGINE *, EVP_PKEY *); + + int PKCS5_PBKDF2_HMAC_SHA1(const char *, int, const unsigned char *, int, int, int, unsigned char *); @@ -147,6 +154,11 @@ int Cryptography_EVP_PKEY_id(const EVP_PKEY *); without worrying about what OpenSSL we're running against. */ EVP_MD_CTX *Cryptography_EVP_MD_CTX_new(void); void Cryptography_EVP_MD_CTX_free(EVP_MD_CTX *); +/* Added in 1.1.1 */ +int EVP_DigestSign(EVP_MD_CTX *, unsigned char *, size_t *, + const unsigned char *, size_t); +int EVP_DigestVerify(EVP_MD_CTX *, const unsigned char *, size_t, + const unsigned char *, size_t); /* Added in 1.1.0 */ size_t EVP_PKEY_get1_tls_encodedpoint(EVP_PKEY *, unsigned char **); int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *, const unsigned char *, @@ -232,6 +244,16 @@ int (*EVP_PKEY_set1_tls_encodedpoint)(EVP_PKEY *, const unsigned char *, size_t) = NULL; #endif +#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_111 +static const long Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY = 0; +int (*EVP_DigestSign)(EVP_MD_CTX *, unsigned char *, size_t *, + const unsigned char *tbs, size_t) = NULL; +int (*EVP_DigestVerify)(EVP_MD_CTX *, const unsigned char *, size_t, + const unsigned char *, size_t) = NULL; +#else +static const long Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY = 1; +#endif + /* OpenSSL 1.1.0+ does this define for us, but if not present we'll do it */ #if !defined(EVP_CTRL_AEAD_SET_IVLEN) # define EVP_CTRL_AEAD_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN diff --git a/src/_cffi_src/openssl/nid.py b/src/_cffi_src/openssl/nid.py index ee739c1b..03aaee92 100644 --- a/src/_cffi_src/openssl/nid.py +++ b/src/_cffi_src/openssl/nid.py @@ -10,6 +10,7 @@ INCLUDES = """ TYPES = """ static const int Cryptography_HAS_X25519; +static const int Cryptography_HAS_ED25519; static const int NID_undef; static const int NID_dsa; @@ -92,6 +93,7 @@ static const int NID_sect409r1; static const int NID_sect571k1; static const int NID_sect571r1; static const int NID_X25519; +static const int NID_ED25519; static const int NID_wap_wsg_idm_ecid_wtls1; static const int NID_wap_wsg_idm_ecid_wtls3; static const int NID_wap_wsg_idm_ecid_wtls4; @@ -233,4 +235,10 @@ static const int NID_X25519 = 0; #else static const long Cryptography_HAS_X25519 = 1; #endif +#ifndef NID_ED25519 +static const long Cryptography_HAS_ED25519 = 0; +static const int NID_ED25519 = 0; +#else +static const long Cryptography_HAS_ED25519 = 1; +#endif """ diff --git a/src/cryptography/hazmat/bindings/openssl/_conditional.py b/src/cryptography/hazmat/bindings/openssl/_conditional.py index f477f6ab..4170f3a1 100644 --- a/src/cryptography/hazmat/bindings/openssl/_conditional.py +++ b/src/cryptography/hazmat/bindings/openssl/_conditional.py @@ -211,6 +211,19 @@ def cryptography_has_x25519(): ] +def cryptography_has_ed25519(): + return [ + "NID_ED25519", + ] + + +def cryptography_has_oneshot_evp_digest_sign_verify(): + return [ + "EVP_DigestSign", + "EVP_DigestVerify", + ] + + def cryptography_has_evp_pkey_get_set_tls_encodedpoint(): return [ "EVP_PKEY_get1_tls_encodedpoint", @@ -309,6 +322,10 @@ CONDITIONAL_NAMES = { cryptography_has_x509_store_ctx_get_issuer ), "Cryptography_HAS_X25519": cryptography_has_x25519, + "Cryptography_HAS_ED25519": cryptography_has_ed25519, + "Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY": ( + cryptography_has_oneshot_evp_digest_sign_verify + ), "Cryptography_HAS_EVP_PKEY_get_set_tls_encodedpoint": ( cryptography_has_evp_pkey_get_set_tls_encodedpoint ), |