diff options
| -rw-r--r-- | cryptography/hazmat/backends/openssl/backend.py | 20 |
1 files changed, 15 insertions, 5 deletions
diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py index 90d608fa..de6f841c 100644 --- a/cryptography/hazmat/backends/openssl/backend.py +++ b/cryptography/hazmat/backends/openssl/backend.py @@ -274,6 +274,20 @@ class Backend(object): self._lib.OPENSSL_free(hex_cdata) return int(hex_str, 16) + def _int_to_bn(self, num): + """ + Converts a python integer to a BIGNUM. The returned BIGNUM will not + be garbage collected (to support adding them to structs that take + ownership of the object). Be sure to register it for GC if it will + be discarded after use. + """ + hex_num = hex(num).rstrip("L").lstrip("0x").encode("ascii") or b"0" + bn_ptr = self._ffi.new("BIGNUM **") + res = self._lib.BN_hex2bn(bn_ptr, hex_num) + assert res != 0 + assert bn_ptr[0] != self._ffi.NULL + return bn_ptr[0] + def generate_rsa_private_key(self, public_exponent, key_size): if public_exponent < 3: raise ValueError("public_exponent must be >= 3") @@ -288,13 +302,9 @@ class Backend(object): assert ctx != self._ffi.NULL ctx = self._ffi.gc(ctx, self._lib.RSA_free) - bn = self._lib.BN_new() - assert bn != self._ffi.NULL + bn = self._int_to_bn(public_exponent) bn = self._ffi.gc(bn, self._lib.BN_free) - res = self._lib.BN_set_word(bn, public_exponent) - assert res == 1 - res = self._lib.RSA_generate_key_ex( ctx, key_size, bn, self._ffi.NULL ) |