add ed25519 bindings (#4476)

* add ed25519 bindings

* var name

4 files changed, 50 insertions, 0 deletions

diff --git a/src/_cffi_src/openssl/cryptography.py b/src/_cffi_src/openssl/cryptography.py
index 11499884..e16fc57d 100644
--- a/src/_cffi_src/openssl/cryptography.py
+++ b/src/_cffi_src/openssl/cryptography.py
@@ -53,6 +53,8 @@ INCLUDES = """
     (OPENSSL_VERSION_NUMBER < 0x10100000 || CRYPTOGRAPHY_IS_LIBRESSL)
 #define CRYPTOGRAPHY_OPENSSL_LESS_THAN_110J \
     (OPENSSL_VERSION_NUMBER < 0x101000af || CRYPTOGRAPHY_IS_LIBRESSL)
+#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_111 \
+    (OPENSSL_VERSION_NUMBER < 0x10101000 || CRYPTOGRAPHY_IS_LIBRESSL)
 """
 
 TYPES = """
@@ -62,6 +64,7 @@ static const int CRYPTOGRAPHY_OPENSSL_110F_OR_GREATER;
 
 static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_102I;
 static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_102;
+static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_111;
 
 static const int CRYPTOGRAPHY_IS_LIBRESSL;
 """
diff --git a/src/_cffi_src/openssl/evp.py b/src/_cffi_src/openssl/evp.py
index 715bfe19..2fb724d2 100644
--- a/src/_cffi_src/openssl/evp.py
+++ b/src/_cffi_src/openssl/evp.py
@@ -33,6 +33,7 @@ static const int Cryptography_HAS_PKEY_CTX;
 static const int Cryptography_HAS_SCRYPT;
 static const int Cryptography_HAS_EVP_PKEY_DHX;
 static const int Cryptography_HAS_EVP_PKEY_get_set_tls_encodedpoint;
+static const int Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY;
 """
 
 FUNCTIONS = """
@@ -98,6 +99,12 @@ const EVP_MD *EVP_sha256(void);
 const EVP_MD *EVP_sha384(void);
 const EVP_MD *EVP_sha512(void);
 
+int EVP_DigestSignInit(EVP_MD_CTX *, EVP_PKEY_CTX **, const EVP_MD *,
+                       ENGINE *, EVP_PKEY *);
+int EVP_DigestVerifyInit(EVP_MD_CTX *, EVP_PKEY_CTX **, const EVP_MD *,
+                         ENGINE *, EVP_PKEY *);
+
+
 int PKCS5_PBKDF2_HMAC_SHA1(const char *, int, const unsigned char *, int, int,
                            int, unsigned char *);
 
@@ -147,6 +154,11 @@ int Cryptography_EVP_PKEY_id(const EVP_PKEY *);
    without worrying about what OpenSSL we're running against. */
 EVP_MD_CTX *Cryptography_EVP_MD_CTX_new(void);
 void Cryptography_EVP_MD_CTX_free(EVP_MD_CTX *);
+/* Added in 1.1.1 */
+int EVP_DigestSign(EVP_MD_CTX *, unsigned char *, size_t *,
+                   const unsigned char *, size_t);
+int EVP_DigestVerify(EVP_MD_CTX *, const unsigned char *, size_t,
+                     const unsigned char *, size_t);
 /* Added in 1.1.0 */
 size_t EVP_PKEY_get1_tls_encodedpoint(EVP_PKEY *, unsigned char **);
 int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *, const unsigned char *,
@@ -232,6 +244,16 @@ int (*EVP_PKEY_set1_tls_encodedpoint)(EVP_PKEY *, const unsigned char *,
                                       size_t) = NULL;
 #endif
 
+#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_111
+static const long Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY = 0;
+int (*EVP_DigestSign)(EVP_MD_CTX *, unsigned char *, size_t *,
+                      const unsigned char *tbs, size_t) = NULL;
+int (*EVP_DigestVerify)(EVP_MD_CTX *, const unsigned char *, size_t,
+                        const unsigned char *, size_t) = NULL;
+#else
+static const long Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY = 1;
+#endif
+
 /* OpenSSL 1.1.0+ does this define for us, but if not present we'll do it */
 #if !defined(EVP_CTRL_AEAD_SET_IVLEN)
 # define EVP_CTRL_AEAD_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN
diff --git a/src/_cffi_src/openssl/nid.py b/src/_cffi_src/openssl/nid.py
index ee739c1b..03aaee92 100644
--- a/src/_cffi_src/openssl/nid.py
+++ b/src/_cffi_src/openssl/nid.py
@@ -10,6 +10,7 @@ INCLUDES = """
 
 TYPES = """
 static const int Cryptography_HAS_X25519;
+static const int Cryptography_HAS_ED25519;
 
 static const int NID_undef;
 static const int NID_dsa;
@@ -92,6 +93,7 @@ static const int NID_sect409r1;
 static const int NID_sect571k1;
 static const int NID_sect571r1;
 static const int NID_X25519;
+static const int NID_ED25519;
 static const int NID_wap_wsg_idm_ecid_wtls1;
 static const int NID_wap_wsg_idm_ecid_wtls3;
 static const int NID_wap_wsg_idm_ecid_wtls4;
@@ -233,4 +235,10 @@ static const int NID_X25519 = 0;
 #else
 static const long Cryptography_HAS_X25519 = 1;
 #endif
+#ifndef NID_ED25519
+static const long Cryptography_HAS_ED25519 = 0;
+static const int NID_ED25519 = 0;
+#else
+static const long Cryptography_HAS_ED25519 = 1;
+#endif
 """
diff --git a/src/cryptography/hazmat/bindings/openssl/_conditional.py b/src/cryptography/hazmat/bindings/openssl/_conditional.py
index f477f6ab..4170f3a1 100644
--- a/src/cryptography/hazmat/bindings/openssl/_conditional.py
+++ b/src/cryptography/hazmat/bindings/openssl/_conditional.py
@@ -211,6 +211,19 @@ def cryptography_has_x25519():
     ]
 
 
+def cryptography_has_ed25519():
+    return [
+        "NID_ED25519",
+    ]
+
+
+def cryptography_has_oneshot_evp_digest_sign_verify():
+    return [
+        "EVP_DigestSign",
+        "EVP_DigestVerify",
+    ]
+
+
 def cryptography_has_evp_pkey_get_set_tls_encodedpoint():
     return [
         "EVP_PKEY_get1_tls_encodedpoint",
@@ -309,6 +322,10 @@ CONDITIONAL_NAMES = {
         cryptography_has_x509_store_ctx_get_issuer
     ),
     "Cryptography_HAS_X25519": cryptography_has_x25519,
+    "Cryptography_HAS_ED25519": cryptography_has_ed25519,
+    "Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY": (
+        cryptography_has_oneshot_evp_digest_sign_verify
+    ),
     "Cryptography_HAS_EVP_PKEY_get_set_tls_encodedpoint": (
         cryptography_has_evp_pkey_get_set_tls_encodedpoint
     ),