diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-01-16 19:39:33 -0800 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-01-16 19:39:33 -0800 |
| commit | 5950fe9bbb4ddd3a3b285afc0c91fad26e21b191 (patch) | |
| tree | 853a4571df0d815eb6f1f2b1513e3b61f2cfac68 | |
| parent | 25feab3a8c526665067d28a2b8a9f4697de1b8b0 (diff) | |
| parent | 3e5e6863c498791f0a74df1875b8ec92a473acdc (diff) | |
| download | cryptography-5950fe9bbb4ddd3a3b285afc0c91fad26e21b191.tar.gz cryptography-5950fe9bbb4ddd3a3b285afc0c91fad26e21b191.tar.bz2 cryptography-5950fe9bbb4ddd3a3b285afc0c91fad26e21b191.zip | |
Merge pull request #470 from alex/bind-ecdhe-stuff
Start binding some stuff for ECDHE in pyOpenSSL.
| -rw-r--r-- | cryptography/hazmat/bindings/openssl/binding.py | 1 | ||||
| -rw-r--r-- | cryptography/hazmat/bindings/openssl/ec.py | 43 | ||||
| -rw-r--r-- | cryptography/hazmat/bindings/openssl/ssl.py | 10 |
3 files changed, 54 insertions, 0 deletions
diff --git a/cryptography/hazmat/bindings/openssl/binding.py b/cryptography/hazmat/bindings/openssl/binding.py index 8a4e1dd3..88299d14 100644 --- a/cryptography/hazmat/bindings/openssl/binding.py +++ b/cryptography/hazmat/bindings/openssl/binding.py @@ -48,6 +48,7 @@ class Binding(object): "crypto", "dh", "dsa", + "ec", "engine", "err", "evp", diff --git a/cryptography/hazmat/bindings/openssl/ec.py b/cryptography/hazmat/bindings/openssl/ec.py new file mode 100644 index 00000000..cbb03360 --- /dev/null +++ b/cryptography/hazmat/bindings/openssl/ec.py @@ -0,0 +1,43 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +INCLUDES = """ +""" + +TYPES = """ +static const int Cryptography_HAS_EC; + +typedef ... EC_KEY; +""" + +FUNCTIONS = """ +EC_KEY *EC_KEY_new_by_curve_name(int); +""" + +MACROS = """ +""" + +CUSTOMIZATIONS = """ +#ifdef OPENSSL_NO_EC +static const long Cryptography_HAS_EC = 0; +EC_KEY* (*EC_KEY_new_by_curve_name)(int) = NULL; +#else +static const long Cryptography_HAS_EC = 1; +#endif +""" + +CONDITIONAL_NAMES = { + "Cryptography_HAS_EC": [ + "EC_KEY_new_by_curve_name", + ] +} diff --git a/cryptography/hazmat/bindings/openssl/ssl.py b/cryptography/hazmat/bindings/openssl/ssl.py index d0d5ae2d..cd872d18 100644 --- a/cryptography/hazmat/bindings/openssl/ssl.py +++ b/cryptography/hazmat/bindings/openssl/ssl.py @@ -77,6 +77,7 @@ static const int SSL_OP_NO_QUERY_MTU; static const int SSL_OP_COOKIE_EXCHANGE; static const int SSL_OP_NO_TICKET; static const int SSL_OP_ALL; +static const int SSL_OP_SINGLE_ECDH_USE; static const int SSL_VERIFY_PEER; static const int SSL_VERIFY_FAIL_IF_NO_PEER_CERT; static const int SSL_VERIFY_CLIENT_ONCE; @@ -231,6 +232,7 @@ long SSL_CTX_get_mode(SSL_CTX *); long SSL_CTX_set_session_cache_mode(SSL_CTX *, long); long SSL_CTX_get_session_cache_mode(SSL_CTX *); long SSL_CTX_set_tmp_dh(SSL_CTX *, DH *); +long SSL_CTX_set_tmp_ecdh(SSL_CTX *, EC_KEY *); long SSL_CTX_add_extra_chain_cert(SSL_CTX *, X509 *); /*- These aren't macros these functions are all const X on openssl > 1.0.x -*/ @@ -345,6 +347,10 @@ static const long Cryptography_HAS_SSL_OP_MSIE_SSLV2_RSA_PADDING = 1; static const long Cryptography_HAS_SSL_OP_MSIE_SSLV2_RSA_PADDING = 0; const long SSL_OP_MSIE_SSLV2_RSA_PADDING = 0; #endif + +#ifdef OPENSSL_NO_EC +long (*SSL_CTX_set_tmp_ecdh)(SSL_CTX *, EC_KEY *) = NULL; +#endif """ CONDITIONAL_NAMES = { @@ -385,4 +391,8 @@ CONDITIONAL_NAMES = { "Cryptography_HAS_SSL_OP_MSIE_SSLV2_RSA_PADDING": [ "SSL_OP_MSIE_SSLV2_RSA_PADDING", ], + + "Cryptography_HAS_EC": [ + "EC_KEY_new_by_curve_name", + ] } |