diff options
| -rw-r--r-- | src/_cffi_src/openssl/evp.py | 5 | ||||
| -rw-r--r-- | src/cryptography/hazmat/backends/openssl/backend.py | 17 | ||||
| -rw-r--r-- | tests/hazmat/backends/test_openssl.py | 2 |
3 files changed, 10 insertions, 14 deletions
diff --git a/src/_cffi_src/openssl/evp.py b/src/_cffi_src/openssl/evp.py index 6d17cb7c..3bd675f7 100644 --- a/src/_cffi_src/openssl/evp.py +++ b/src/_cffi_src/openssl/evp.py @@ -21,10 +21,7 @@ typedef struct env_md_ctx_st { ...; } EVP_MD_CTX; -typedef struct evp_pkey_st { - int type; - ...; -} EVP_PKEY; +typedef ... EVP_PKEY; typedef ... EVP_PKEY_CTX; static const int EVP_PKEY_RSA; static const int EVP_PKEY_DSA; diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py index 3c615e87..397de215 100644 --- a/src/cryptography/hazmat/backends/openssl/backend.py +++ b/src/cryptography/hazmat/backends/openssl/backend.py @@ -1077,7 +1077,7 @@ class Backend(object): pointer. """ - key_type = evp_pkey.type + key_type = self._lib.EVP_PKEY_id(evp_pkey) if key_type == self._lib.EVP_PKEY_RSA: rsa_cdata = self._lib.EVP_PKEY_get1_RSA(evp_pkey) @@ -1104,7 +1104,7 @@ class Backend(object): pointer. """ - key_type = evp_pkey.type + key_type = self._lib.EVP_PKEY_id(evp_pkey) if key_type == self._lib.EVP_PKEY_RSA: rsa_cdata = self._lib.EVP_PKEY_get1_RSA(evp_pkey) @@ -2132,19 +2132,20 @@ class Backend(object): else: raise ValueError("Unsupported encryption type") + key_type = self._lib.EVP_PKEY_id(evp_pkey) if encoding is serialization.Encoding.PEM: if format is serialization.PrivateFormat.PKCS8: write_bio = self._lib.PEM_write_bio_PKCS8PrivateKey key = evp_pkey else: assert format is serialization.PrivateFormat.TraditionalOpenSSL - if evp_pkey.type == self._lib.EVP_PKEY_RSA: + if key_type == self._lib.EVP_PKEY_RSA: write_bio = self._lib.PEM_write_bio_RSAPrivateKey - elif evp_pkey.type == self._lib.EVP_PKEY_DSA: + elif key_type == self._lib.EVP_PKEY_DSA: write_bio = self._lib.PEM_write_bio_DSAPrivateKey else: assert self._lib.Cryptography_HAS_EC == 1 - assert evp_pkey.type == self._lib.EVP_PKEY_EC + assert key_type == self._lib.EVP_PKEY_EC write_bio = self._lib.PEM_write_bio_ECPrivateKey key = cdata @@ -2158,9 +2159,7 @@ class Backend(object): "traditional OpenSSL keys" ) - return self._private_key_bytes_traditional_der( - evp_pkey.type, cdata - ) + return self._private_key_bytes_traditional_der(key_type, cdata) else: assert format is serialization.PrivateFormat.PKCS8 write_bio = self._lib.i2d_PKCS8PrivateKey_bio @@ -2210,7 +2209,7 @@ class Backend(object): key = evp_pkey elif format is serialization.PublicFormat.PKCS1: # Only RSA is supported here. - assert evp_pkey.type == self._lib.EVP_PKEY_RSA + assert self._lib.EVP_PKEY_id(evp_pkey) == self._lib.EVP_PKEY_RSA if encoding is serialization.Encoding.PEM: write_bio = self._lib.PEM_write_bio_RSAPublicKey else: diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index ad2daf7d..40cfc323 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -621,7 +621,7 @@ class TestOpenSSLSerializationWithOpenSSL(object): assert backend._ffi.string(buf, len(password)) == password def test_unsupported_evp_pkey_type(self): - key = pretend.stub(type="unsupported") + key = backend._create_evp_pkey_gc() with raises_unsupported_algorithm(None): backend._evp_pkey_to_private_key(key) with raises_unsupported_algorithm(None): |