Merge pull request #658 from reaperhulk/int-to-bn

Add private _int_to_bn method to openssl backend

1 files changed, 15 insertions, 5 deletions

diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py
index 90d608fa..de6f841c 100644
--- a/cryptography/hazmat/backends/openssl/backend.py
+++ b/cryptography/hazmat/backends/openssl/backend.py
@@ -274,6 +274,20 @@ class Backend(object):
         self._lib.OPENSSL_free(hex_cdata)
         return int(hex_str, 16)
 
+    def _int_to_bn(self, num):
+        """
+        Converts a python integer to a BIGNUM. The returned BIGNUM will not
+        be garbage collected (to support adding them to structs that take
+        ownership of the object). Be sure to register it for GC if it will
+        be discarded after use.
+        """
+        hex_num = hex(num).rstrip("L").lstrip("0x").encode("ascii") or b"0"
+        bn_ptr = self._ffi.new("BIGNUM **")
+        res = self._lib.BN_hex2bn(bn_ptr, hex_num)
+        assert res != 0
+        assert bn_ptr[0] != self._ffi.NULL
+        return bn_ptr[0]
+
     def generate_rsa_private_key(self, public_exponent, key_size):
         if public_exponent < 3:
             raise ValueError("public_exponent must be >= 3")
@@ -288,13 +302,9 @@ class Backend(object):
         assert ctx != self._ffi.NULL
         ctx = self._ffi.gc(ctx, self._lib.RSA_free)
 
-        bn = self._lib.BN_new()
-        assert bn != self._ffi.NULL
+        bn = self._int_to_bn(public_exponent)
         bn = self._ffi.gc(bn, self._lib.BN_free)
 
-        res = self._lib.BN_set_word(bn, public_exponent)
-        assert res == 1
-
         res = self._lib.RSA_generate_key_ex(
             ctx, key_size, bn, self._ffi.NULL
         )