change derive_elliptic_curve_public_point to return EllipticCurvePubl… (#3243)

* change derive_elliptic_curve_public_point to return EllipticCurvePublicKey * also rename the backend interface method * review feedback * Rename to derive_elliptic_curve_private_key * Returns EllipticCurvePrivateKey * Reuses the EC_POINT in the openssl impl * Rename "secret" arg to "private_value" which is consistent with our naming for the value in ECPrivateNumbers.
author: Paul Kehrer <paul.l.kehrer@gmail.com> 2016-11-19 09:49:10 +0800
committer: Alex Gaynor <alex.gaynor@gmail.com> 2016-11-18 20:49:10 -0500
commit: 533a3c909d59698259456233041a3d4e232bf87e (patch)
tree: a6b443972c93af54ac4cba0e04705243fc4feb00 /src
parent: e929c3c613d5ba5bd8f0c6ba08563a211ef70601 (diff)
download: cryptography-533a3c909d59698259456233041a3d4e232bf87e.tar.gz
cryptography-533a3c909d59698259456233041a3d4e232bf87e.tar.bz2
cryptography-533a3c909d59698259456233041a3d4e232bf87e.zip
4 files changed, 18 insertions, 16 deletions
diff --git a/src/cryptography/hazmat/backends/interfaces.py b/src/cryptography/hazmat/backends/interfaces.py
index 7417f6ca..e15a7ca4 100644
--- a/src/cryptography/hazmat/backends/interfaces.py
+++ b/src/cryptography/hazmat/backends/interfaces.py
@@ -222,9 +222,9 @@ class EllipticCurveBackend(object):
         """
 
     @abc.abstractmethod
-    def derive_elliptic_curve_public_point(self, private_value, curve):
+    def derive_elliptic_curve_private_key(self, private_value, curve):
         """
-        Compute the public key point (x, y) given the private value and curve.
+        Compute the private key given the private value and curve.
         """
 
 
diff --git a/src/cryptography/hazmat/backends/multibackend.py b/src/cryptography/hazmat/backends/multibackend.py
index 36a83537..bcd9c520 100644
--- a/src/cryptography/hazmat/backends/multibackend.py
+++ b/src/cryptography/hazmat/backends/multibackend.py
@@ -279,11 +279,11 @@ class MultiBackend(object):
             _Reasons.UNSUPPORTED_ELLIPTIC_CURVE
         )
 
-    def derive_elliptic_curve_public_point(self, private_value, curve):
+    def derive_elliptic_curve_private_key(self, private_value, curve):
         for b in self._filtered_backends(EllipticCurveBackend):
             try:
-                return b.derive_elliptic_curve_public_point(private_value,
-                                                            curve)
+                return b.derive_elliptic_curve_private_key(private_value,
+                                                           curve)
             except UnsupportedAlgorithm:
                 continue
 
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index b8e407b0..4a341fc2 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -1386,7 +1386,7 @@ class Backend(object):
 
         return _EllipticCurvePublicKey(self, ec_cdata, evp_pkey)
 
-    def derive_elliptic_curve_public_point(self, private_value, curve):
+    def derive_elliptic_curve_private_key(self, private_value, curve):
         curve_nid = self._elliptic_curve_to_nid(curve)
 
         ec_cdata = self._lib.EC_KEY_new_by_curve_name(curve_nid)
@@ -1415,10 +1415,15 @@ class Backend(object):
             res = get_func(group, point, bn_x, bn_y, bn_ctx)
             self.openssl_assert(res == 1)
 
-            point_x = self._bn_to_int(bn_x)
-            point_y = self._bn_to_int(bn_y)
+        res = self._lib.EC_KEY_set_public_key(ec_cdata, point)
+        self.openssl_assert(res == 1)
+        res = self._lib.EC_KEY_set_private_key(
+            ec_cdata, self._int_to_bn(private_value))
+        self.openssl_assert(res == 1)
 
-        return point_x, point_y
+        evp_pkey = self._ec_cdata_to_evp_pkey(ec_cdata)
+
+        return _EllipticCurvePrivateKey(self, ec_cdata, evp_pkey)
 
     def elliptic_curve_exchange_algorithm_supported(self, algorithm, curve):
         return (
diff --git a/src/cryptography/hazmat/primitives/asymmetric/ec.py b/src/cryptography/hazmat/primitives/asymmetric/ec.py
index 1005ccd6..023a2d15 100644
--- a/src/cryptography/hazmat/primitives/asymmetric/ec.py
+++ b/src/cryptography/hazmat/primitives/asymmetric/ec.py
@@ -253,17 +253,14 @@ def generate_private_key(curve, backend):
     return backend.generate_elliptic_curve_private_key(curve)
 
 
-def derive_private_key(secret, curve, backend):
-    if not isinstance(secret, six.integer_types):
-        raise TypeError("secret must be an integer type.")
+def derive_private_key(private_value, curve, backend):
+    if not isinstance(private_value, six.integer_types):
+        raise TypeError("private_value must be an integer type.")
 
     if not isinstance(curve, EllipticCurve):
         raise TypeError("curve must provide the EllipticCurve interface.")
 
-    x, y = backend.derive_elliptic_curve_public_point(secret, curve)
-    public_numbers = EllipticCurvePublicNumbers(x, y, curve)
-    private_numbers = EllipticCurvePrivateNumbers(secret, public_numbers)
-    return private_numbers.private_key(backend)
+    return backend.derive_elliptic_curve_private_key(private_value, curve)
 
 
 class EllipticCurvePublicNumbers(object):
author	Paul Kehrer <paul.l.kehrer@gmail.com>	2016-11-19 09:49:10 +0800
committer	Alex Gaynor <alex.gaynor@gmail.com>	2016-11-18 20:49:10 -0500
commit	533a3c909d59698259456233041a3d4e232bf87e (patch)
tree	a6b443972c93af54ac4cba0e04705243fc4feb00 /src
parent	e929c3c613d5ba5bd8f0c6ba08563a211ef70601 (diff)
download	cryptography-533a3c909d59698259456233041a3d4e232bf87e.tar.gz cryptography-533a3c909d59698259456233041a3d4e232bf87e.tar.bz2 cryptography-533a3c909d59698259456233041a3d4e232bf87e.zip