aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPaul Kehrer <paul.l.kehrer@gmail.com>2017-07-08 12:36:45 -0500
committerAlex Gaynor <alex.gaynor@gmail.com>2017-07-08 13:36:45 -0400
commitbb631441a3c3e9782fb4be20ec09bceadeb05fa8 (patch)
tree04d20f1e6efb3ce744ada8e5f5b06da7af7a434b
parent9c6352413d91afc4f0a58f76cd3b4364d37679b9 (diff)
downloadcryptography-bb631441a3c3e9782fb4be20ec09bceadeb05fa8.tar.gz
cryptography-bb631441a3c3e9782fb4be20ec09bceadeb05fa8.tar.bz2
cryptography-bb631441a3c3e9782fb4be20ec09bceadeb05fa8.zip
stop using backend methods for chacha (#3765)
Diffstat
-rw-r--r--src/cryptography/hazmat/backends/openssl/aead.py15
-rw-r--r--src/cryptography/hazmat/backends/openssl/backend.py18
-rw-r--r--src/cryptography/hazmat/primitives/ciphers/aead.py9
3 files changed, 20 insertions, 22 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/aead.py b/src/cryptography/hazmat/backends/openssl/aead.py
index 5eb2e997..53b10e99 100644
--- a/src/cryptography/hazmat/backends/openssl/aead.py
+++ b/src/cryptography/hazmat/backends/openssl/aead.py
@@ -11,6 +11,15 @@ _ENCRYPT = 1
_DECRYPT = 0
+def _aead_cipher_name(cls, key_length):
+ from cryptography.hazmat.primitives.ciphers.aead import (
+ ChaCha20Poly1305
+ )
+ assert cls is ChaCha20Poly1305
+ assert key_length == 32 or key_length is None
+ return b"chacha20-poly1305"
+
+
def _aead_setup(backend, cipher_name, key, nonce, tag, tag_len, operation):
evp_cipher = backend._lib.EVP_get_cipherbyname(cipher_name)
backend.openssl_assert(evp_cipher != backend._ffi.NULL)
@@ -69,8 +78,9 @@ def _process_data(backend, ctx, data):
return backend._ffi.buffer(buf, outlen[0])[:]
-def _encrypt(backend, cipher_name, key, nonce, data, associated_data,
+def _encrypt(backend, cipher_cls, key, nonce, data, associated_data,
tag_length):
+ cipher_name = _aead_cipher_name(cipher_cls, len(key))
ctx = _aead_setup(
backend, cipher_name, key, nonce, None, tag_length, _ENCRYPT
)
@@ -91,12 +101,13 @@ def _encrypt(backend, cipher_name, key, nonce, data, associated_data,
return processed_data + tag
-def _decrypt(backend, cipher_name, key, nonce, data, associated_data,
+def _decrypt(backend, cipher_cls, key, nonce, data, associated_data,
tag_length):
if len(data) < tag_length:
raise InvalidTag
tag = data[-tag_length:]
data = data[:-tag_length]
+ cipher_name = _aead_cipher_name(cipher_cls, len(key))
ctx = _aead_setup(
backend, cipher_name, key, nonce, tag, tag_length, _DECRYPT
)
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index 98c79be6..28760aa8 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -1924,24 +1924,10 @@ class Backend(object):
self.openssl_assert(res == 1)
return self._ffi.buffer(buf)[:]
- def chacha20poly1305_encrypt(self, key, nonce, data, associated_data):
- return aead._encrypt(
- self, b"chacha20-poly1305", key, nonce, data, associated_data, 16
- )
-
- def chacha20poly1305_decrypt(self, key, nonce, data, associated_data):
- return aead._decrypt(
- self, b"chacha20-poly1305", key, nonce, data, associated_data, 16
- )
-
def aead_cipher_supported(self, cls):
- from cryptography.hazmat.primitives.ciphers.aead import (
- ChaCha20Poly1305
- )
- assert cls is ChaCha20Poly1305
+ cipher_name = aead._aead_cipher_name(cls, None)
return (
- self._lib.EVP_get_cipherbyname(b"chacha20-poly1305") !=
- self._ffi.NULL
+ self._lib.EVP_get_cipherbyname(cipher_name) != self._ffi.NULL
)
diff --git a/src/cryptography/hazmat/primitives/ciphers/aead.py b/src/cryptography/hazmat/primitives/ciphers/aead.py
index 8b2e20c4..7d2103d3 100644
--- a/src/cryptography/hazmat/primitives/ciphers/aead.py
+++ b/src/cryptography/hazmat/primitives/ciphers/aead.py
@@ -7,6 +7,7 @@ from __future__ import absolute_import, division, print_function
import os
from cryptography import exceptions, utils
+from cryptography.hazmat.backends.openssl import aead
from cryptography.hazmat.backends.openssl.backend import backend
@@ -33,8 +34,8 @@ class ChaCha20Poly1305(object):
associated_data = b""
self._check_params(nonce, data, associated_data)
- return backend.chacha20poly1305_encrypt(
- self._key, nonce, data, associated_data
+ return aead._encrypt(
+ backend, type(self), self._key, nonce, data, associated_data, 16
)
def decrypt(self, nonce, data, associated_data):
@@ -42,8 +43,8 @@ class ChaCha20Poly1305(object):
associated_data = b""
self._check_params(nonce, data, associated_data)
- return backend.chacha20poly1305_decrypt(
- self._key, nonce, data, associated_data
+ return aead._decrypt(
+ backend, type(self), self._key, nonce, data, associated_data, 16
)
def _check_params(self, nonce, data, associated_data):
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-06 21:07:59 +0000