diff options
| -rw-r--r-- | docs/development/test-vectors.rst | 10 | ||||
| -rw-r--r-- | src/cryptography/hazmat/backends/openssl/backend.py | 2 | ||||
| -rw-r--r-- | src/cryptography/hazmat/bindings/openssl/dh.py | 4 | ||||
| -rw-r--r-- | src/cryptography/hazmat/bindings/openssl/err.py | 5 |
4 files changed, 16 insertions, 5 deletions
diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst index 3d40a210..68b85291 100644 --- a/docs/development/test-vectors.rst +++ b/docs/development/test-vectors.rst @@ -227,11 +227,11 @@ header format (substituting the correct information): .. _`Specification repository`: https://github.com/fernet/spec .. _`errata`: http://www.rfc-editor.org/errata_search.php?rfc=6238 .. _`OpenSSL example key`: https://github.com/openssl/openssl/blob/d02b48c63a58ea4367a0e905979f140b7d090f86/test/testrsa.pem -.. _`GnuTLS key parsing tests`: https://gitorious.org/gnutls/gnutls/commit/f16ef39ef0303b02d7fa590a37820440c466ce8d -.. _`enc-rsa-pkcs8.pem`: https://gitorious.org/gnutls/gnutls/source/f8d943b38bf74eaaa11d396112daf43cb8aa82ae:tests/pkcs8-decode/encpkcs8.pem -.. _`enc2-rsa-pkcs8.pem`: https://gitorious.org/gnutls/gnutls/source/f8d943b38bf74eaaa11d396112daf43cb8aa82ae:tests/pkcs8-decode/enc2pkcs8.pem -.. _`unenc-rsa-pkcs8.pem`: https://gitorious.org/gnutls/gnutls/source/f8d943b38bf74eaaa11d396112daf43cb8aa82ae:tests/pkcs8-decode/unencpkcs8.pem -.. _`pkcs12_s2k_pem.c`: https://gitorious.org/gnutls/gnutls/source/f8d943b38bf74eaaa11d396112daf43cb8aa82ae:tests/pkcs12_s2k_pem.c +.. _`GnuTLS key parsing tests`: https://gitlab.com/gnutls/gnutls/commit/f16ef39ef0303b02d7fa590a37820440c466ce8d +.. _`enc-rsa-pkcs8.pem`: https://gitlab.com/gnutls/gnutls/blob/f8d943b38bf74eaaa11d396112daf43cb8aa82ae/tests/pkcs8-decode/encpkcs8.pem +.. _`enc2-rsa-pkcs8.pem`: https://gitlab.com/gnutls/gnutls/blob/f8d943b38bf74eaaa11d396112daf43cb8aa82ae/tests/pkcs8-decode/enc2pkcs8.pem +.. _`unenc-rsa-pkcs8.pem`: https://gitlab.com/gnutls/gnutls/blob/f8d943b38bf74eaaa11d396112daf43cb8aa82ae/tests/pkcs8-decode/unencpkcs8.pem +.. _`pkcs12_s2k_pem.c`: https://gitlab.com/gnutls/gnutls/blob/f8d943b38bf74eaaa11d396112daf43cb8aa82ae/tests/pkcs12_s2k_pem.c .. _`Botan's ECC private keys`: https://github.com/randombit/botan/tree/4917f26a2b154e841cd27c1bcecdd41d2bdeb6ce/src/tests/data/ecc .. _`GnuTLS example keys`: https://gitorious.org/gnutls/gnutls/commit/ad2061deafdd7db78fd405f9d143b0a7c579da7b .. _`NESSIE IDEA vectors`: https://www.cosic.esat.kuleuven.be/nessie/testvectors/bc/idea/Idea-128-64.verified.test-vectors diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py index 65c26ba8..42dcc0fb 100644 --- a/src/cryptography/hazmat/backends/openssl/backend.py +++ b/src/cryptography/hazmat/backends/openssl/backend.py @@ -320,6 +320,7 @@ class Backend(object): ) def _bn_to_int(self, bn): + assert bn != self._ffi.NULL if six.PY3: # Python 3 has constant time from_bytes, so use that. @@ -346,6 +347,7 @@ class Backend(object): ownership of the object). Be sure to register it for GC if it will be discarded after use. """ + assert bn is None or bn != self._ffi.NULL if bn is None: bn = self._ffi.NULL diff --git a/src/cryptography/hazmat/bindings/openssl/dh.py b/src/cryptography/hazmat/bindings/openssl/dh.py index 06ac6f41..b66e7196 100644 --- a/src/cryptography/hazmat/bindings/openssl/dh.py +++ b/src/cryptography/hazmat/bindings/openssl/dh.py @@ -18,6 +18,9 @@ typedef struct dh_st { BIGNUM *priv_key; /* Public DH value g^x */ BIGNUM *pub_key; + /* X9.42/RFC 2631 */ + BIGNUM *q; + BIGNUM *j; ...; } DH; """ @@ -28,6 +31,7 @@ void DH_free(DH *); int DH_size(const DH *); DH *DH_generate_parameters(int, int, void (*)(int, int, void *), void *); int DH_check(const DH *, int *); +int DH_check_pub_key(const DH *, const BIGNUM *, int *); int DH_generate_key(DH *); int DH_compute_key(unsigned char *, const BIGNUM *, DH *); int DH_set_ex_data(DH *, int, void *); diff --git a/src/cryptography/hazmat/bindings/openssl/err.py b/src/cryptography/hazmat/bindings/openssl/err.py index ec393c1b..0ee19c9e 100644 --- a/src/cryptography/hazmat/bindings/openssl/err.py +++ b/src/cryptography/hazmat/bindings/openssl/err.py @@ -21,6 +21,7 @@ struct ERR_string_data_st { }; typedef struct ERR_string_data_st ERR_STRING_DATA; +static const int ERR_LIB_DH; static const int ERR_LIB_EVP; static const int ERR_LIB_EC; static const int ERR_LIB_PEM; @@ -95,6 +96,10 @@ static const int ASN1_R_UNSUPPORTED_TYPE; static const int ASN1_R_WRONG_TAG; static const int ASN1_R_WRONG_TYPE; +static const int DH_F_COMPUTE_KEY; + +static const int DH_R_INVALID_PUBKEY; + static const int EVP_F_AES_INIT_KEY; static const int EVP_F_D2I_PKEY; static const int EVP_F_DSA_PKEY2PKCS8; |