diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2017-06-04 16:42:16 -1000 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2017-06-04 22:42:16 -0400 |
commit | a8ba6654c2c7835af0226a5e1be5bceae105f2f8 (patch) | |
tree | 9bed6534bb51cb0d6c7a02eccba71cfade91c811 | |
parent | cf7b35403dd1c88c9de31d449b716fd646707ea0 (diff) | |
download | cryptography-a8ba6654c2c7835af0226a5e1be5bceae105f2f8.tar.gz cryptography-a8ba6654c2c7835af0226a5e1be5bceae105f2f8.tar.bz2 cryptography-a8ba6654c2c7835af0226a5e1be5bceae105f2f8.zip |
bind EVP_CTRL_AEAD even when on < 1.1.0 (#3679)
-rw-r--r-- | src/_cffi_src/openssl/evp.py | 17 | ||||
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/ciphers.py | 8 |
2 files changed, 18 insertions, 7 deletions
diff --git a/src/_cffi_src/openssl/evp.py b/src/_cffi_src/openssl/evp.py index 127dacf7..3508e746 100644 --- a/src/_cffi_src/openssl/evp.py +++ b/src/_cffi_src/openssl/evp.py @@ -22,9 +22,9 @@ static const int EVP_PKEY_DH; static const int EVP_PKEY_DHX; static const int EVP_PKEY_EC; static const int EVP_MAX_MD_SIZE; -static const int EVP_CTRL_GCM_SET_IVLEN; -static const int EVP_CTRL_GCM_GET_TAG; -static const int EVP_CTRL_GCM_SET_TAG; +static const int EVP_CTRL_AEAD_SET_IVLEN; +static const int EVP_CTRL_AEAD_GET_TAG; +static const int EVP_CTRL_AEAD_SET_TAG; static const int Cryptography_HAS_GCM; static const int Cryptography_HAS_PBKDF2_HMAC; @@ -211,4 +211,15 @@ int (*EVP_PBE_scrypt)(const char *, size_t, const unsigned char *, size_t, #else static const long Cryptography_HAS_SCRYPT = 1; #endif + +/* OpenSSL 1.1.0+ does this define for us, but if not present we'll do it */ +#if !defined(EVP_CTRL_AEAD_SET_IVLEN) +# define EVP_CTRL_AEAD_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN +#endif +#if !defined(EVP_CTRL_AEAD_GET_TAG) +# define EVP_CTRL_AEAD_GET_TAG EVP_CTRL_GCM_GET_TAG +#endif +#if !defined(EVP_CTRL_AEAD_SET_TAG) +# define EVP_CTRL_AEAD_SET_TAG EVP_CTRL_GCM_SET_TAG +#endif """ diff --git a/src/cryptography/hazmat/backends/openssl/ciphers.py b/src/cryptography/hazmat/backends/openssl/ciphers.py index 4ca2fee6..e141e8ec 100644 --- a/src/cryptography/hazmat/backends/openssl/ciphers.py +++ b/src/cryptography/hazmat/backends/openssl/ciphers.py @@ -75,13 +75,13 @@ class _CipherContext(object): self._backend.openssl_assert(res != 0) if isinstance(mode, modes.GCM): res = self._backend._lib.EVP_CIPHER_CTX_ctrl( - ctx, self._backend._lib.EVP_CTRL_GCM_SET_IVLEN, + ctx, self._backend._lib.EVP_CTRL_AEAD_SET_IVLEN, len(iv_nonce), self._backend._ffi.NULL ) self._backend.openssl_assert(res != 0) if mode.tag is not None: res = self._backend._lib.EVP_CIPHER_CTX_ctrl( - ctx, self._backend._lib.EVP_CTRL_GCM_SET_TAG, + ctx, self._backend._lib.EVP_CTRL_AEAD_SET_TAG, len(mode.tag), mode.tag ) self._backend.openssl_assert(res != 0) @@ -179,7 +179,7 @@ class _CipherContext(object): "unsigned char[]", self._block_size_bytes ) res = self._backend._lib.EVP_CIPHER_CTX_ctrl( - self._ctx, self._backend._lib.EVP_CTRL_GCM_GET_TAG, + self._ctx, self._backend._lib.EVP_CTRL_AEAD_GET_TAG, self._block_size_bytes, tag_buf ) self._backend.openssl_assert(res != 0) @@ -199,7 +199,7 @@ class _CipherContext(object): "method please update OpenSSL" ) res = self._backend._lib.EVP_CIPHER_CTX_ctrl( - self._ctx, self._backend._lib.EVP_CTRL_GCM_SET_TAG, + self._ctx, self._backend._lib.EVP_CTRL_AEAD_SET_TAG, len(tag), tag ) self._backend.openssl_assert(res != 0) |