diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-03-01 16:05:58 -0600 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2015-03-01 21:55:08 -0600 |
| commit | fb9410ddbaeb7e10343ff925bd505633e24c10c7 (patch) | |
| tree | 4650f34e31a33bb604e4df6e94f8b4078799469b /src | |
| parent | 741175ef2bf965c9439dc4525df7e48c8a4ff72c (diff) | |
| download | cryptography-fb9410ddbaeb7e10343ff925bd505633e24c10c7.tar.gz cryptography-fb9410ddbaeb7e10343ff925bd505633e24c10c7.tar.bz2 cryptography-fb9410ddbaeb7e10343ff925bd505633e24c10c7.zip | |
add support for serialization of EC private keys
Diffstat (limited to 'src')
| -rw-r--r-- | src/cryptography/hazmat/backends/openssl/ec.py | 19 | ||||
| -rw-r--r-- | src/cryptography/hazmat/bindings/openssl/pem.py | 16 | ||||
| -rw-r--r-- | src/cryptography/hazmat/primitives/asymmetric/ec.py | 19 |
3 files changed, 51 insertions, 3 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/ec.py b/src/cryptography/hazmat/backends/openssl/ec.py index 52c93da9..19d646e8 100644 --- a/src/cryptography/hazmat/backends/openssl/ec.py +++ b/src/cryptography/hazmat/backends/openssl/ec.py @@ -148,7 +148,7 @@ class _ECDSAVerificationContext(object): return True -@utils.register_interface(ec.EllipticCurvePrivateKeyWithNumbers) +@utils.register_interface(ec.EllipticCurvePrivateKeyWithSerialization) class _EllipticCurvePrivateKey(object): def __init__(self, backend, ec_key_cdata): self._backend = backend @@ -200,6 +200,23 @@ class _EllipticCurvePrivateKey(object): public_numbers=self.public_key().public_numbers() ) + def private_bytes(self, encoding, format, encryption_algorithm): + evp_pkey = self._backend._lib.EVP_PKEY_new() + assert evp_pkey != self._backend._ffi.NULL + evp_pkey = self._backend._ffi.gc( + evp_pkey, self._backend._lib.EVP_PKEY_free + ) + res = self._backend._lib.EVP_PKEY_set1_EC_KEY(evp_pkey, self._ec_key) + assert res == 1 + return self._backend._private_key_bytes( + encoding, + format, + encryption_algorithm, + self._backend._lib.PEM_write_bio_ECPrivateKey, + evp_pkey, + self._ec_key + ) + @utils.register_interface(ec.EllipticCurvePublicKeyWithNumbers) class _EllipticCurvePublicKey(object): diff --git a/src/cryptography/hazmat/bindings/openssl/pem.py b/src/cryptography/hazmat/bindings/openssl/pem.py index d0c70f5d..98c7648f 100644 --- a/src/cryptography/hazmat/bindings/openssl/pem.py +++ b/src/cryptography/hazmat/bindings/openssl/pem.py @@ -72,9 +72,23 @@ int PEM_write_bio_PUBKEY(BIO *, EVP_PKEY *); """ MACROS = """ +int PEM_write_bio_ECPrivateKey(BIO *, EC_KEY *, const EVP_CIPHER *, + unsigned char *, int, pem_password_cb *, + void *); """ CUSTOMIZATIONS = """ +// Cryptography_HAS_EC is provided by ec.py so we don't need to define it here +#ifdef OPENSSL_NO_EC +int (*PEM_write_bio_ECPrivateKey)(BIO *, EC_KEY *, const EVP_CIPHER *, + unsigned char *, int, pem_password_cb *, + void *) = NULL; +#endif + """ -CONDITIONAL_NAMES = {} +CONDITIONAL_NAMES = { + "Cryptography_HAS_EC": [ + "PEM_write_bio_ECPrivateKey" + ] +} diff --git a/src/cryptography/hazmat/primitives/asymmetric/ec.py b/src/cryptography/hazmat/primitives/asymmetric/ec.py index c7749ca5..52e14816 100644 --- a/src/cryptography/hazmat/primitives/asymmetric/ec.py +++ b/src/cryptography/hazmat/primitives/asymmetric/ec.py @@ -57,13 +57,30 @@ class EllipticCurvePrivateKey(object): @six.add_metaclass(abc.ABCMeta) -class EllipticCurvePrivateKeyWithNumbers(EllipticCurvePrivateKey): +class EllipticCurvePrivateKeyWithSerialization(EllipticCurvePrivateKey): @abc.abstractmethod def private_numbers(self): """ Returns an EllipticCurvePrivateNumbers. """ + @abc.abstractmethod + def private_bytes(self, encoding, format, encryption_algorithm): + """ + Returns the key serialized as bytes. + """ + + +EllipticCurvePrivateKeyWithNumbers = utils.deprecated( + EllipticCurvePrivateKeyWithSerialization, + __name__, + ( + "The EllipticCurvePrivateKeyWithNumbers interface has been renamed to " + "EllipticCurvePrivateKeyWithSerialization" + ), + utils.DeprecatedIn08 +) + @six.add_metaclass(abc.ABCMeta) class EllipticCurvePublicKey(object): |