diff options
| -rw-r--r-- | src/_cffi_src/openssl/evp.py | 4 | ||||
| -rw-r--r-- | src/_cffi_src/openssl/x509.py | 2 | ||||
| -rw-r--r-- | src/cryptography/hazmat/backends/openssl/decode_asn1.py | 9 |
3 files changed, 11 insertions, 4 deletions
diff --git a/src/_cffi_src/openssl/evp.py b/src/_cffi_src/openssl/evp.py index d3ec568a..a91a9666 100644 --- a/src/_cffi_src/openssl/evp.py +++ b/src/_cffi_src/openssl/evp.py @@ -51,7 +51,6 @@ int EVP_CipherUpdate(EVP_CIPHER_CTX *, unsigned char *, int *, const unsigned char *, int); int EVP_CipherFinal_ex(EVP_CIPHER_CTX *, unsigned char *, int *); int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *); -void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *); EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void); void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *); int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *, int); @@ -119,6 +118,9 @@ int Cryptography_EVP_PKEY_id(const EVP_PKEY *); """ MACROS = """ +/* became a macro in 1.1.0 */ +void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *); + void OpenSSL_add_all_algorithms(void); int EVP_PKEY_assign_RSA(EVP_PKEY *, RSA *); int EVP_PKEY_assign_DSA(EVP_PKEY *, DSA *); diff --git a/src/_cffi_src/openssl/x509.py b/src/_cffi_src/openssl/x509.py index c5eb600a..4cdc8274 100644 --- a/src/_cffi_src/openssl/x509.py +++ b/src/_cffi_src/openssl/x509.py @@ -36,6 +36,8 @@ typedef struct { ...; } X509_CINF; +/* TODO: opaque X509_EXTENSION. Cryptography no longer depends on it being + non-opaque but pyOpenSSL needs a release where it doesn't depend on this */ typedef struct { ASN1_OBJECT *object; ASN1_BOOLEAN critical; diff --git a/src/cryptography/hazmat/backends/openssl/decode_asn1.py b/src/cryptography/hazmat/backends/openssl/decode_asn1.py index 5f828c6b..140d3de4 100644 --- a/src/cryptography/hazmat/backends/openssl/decode_asn1.py +++ b/src/cryptography/hazmat/backends/openssl/decode_asn1.py @@ -198,7 +198,9 @@ class _X509ExtensionParser(object): backend.openssl_assert(ext != backend._ffi.NULL) crit = backend._lib.X509_EXTENSION_get_critical(ext) critical = crit == 1 - oid = x509.ObjectIdentifier(_obj2txt(backend, ext.object)) + oid = x509.ObjectIdentifier( + _obj2txt(backend, backend._lib.X509_EXTENSION_get_object(ext)) + ) if oid in seen_oids: raise x509.DuplicateExtension( "Duplicate {0} extension found".format(oid), oid @@ -652,9 +654,10 @@ def _decode_cert_issuer(backend, ext): """ data_ptr_ptr = backend._ffi.new("const unsigned char **") - data_ptr_ptr[0] = ext.value.data + value = backend._lib.X509_EXTENSION_get_data(ext) + data_ptr_ptr[0] = value.data gns = backend._lib.d2i_GENERAL_NAMES( - backend._ffi.NULL, data_ptr_ptr, ext.value.length + backend._ffi.NULL, data_ptr_ptr, value.length ) # Check the result of d2i_GENERAL_NAMES() is valid. Usually this is covered |