diff options
| -rw-r--r-- | cryptography/hazmat/backends/openssl/backend.py | 16 | ||||
| -rw-r--r-- | cryptography/hazmat/bindings/openssl/ec.py | 48 |
2 files changed, 34 insertions, 30 deletions
diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py index 900d25c2..bbcfa327 100644 --- a/cryptography/hazmat/backends/openssl/backend.py +++ b/cryptography/hazmat/backends/openssl/backend.py @@ -346,9 +346,6 @@ class Backend(object): evp_pkey = self._new_evp_pkey() rsa_cdata = self._rsa_cdata_from_private_key(private_key) - res = self._lib.RSA_blinding_on(rsa_cdata, self._ffi.NULL) - assert res == 1 - res = self._lib.EVP_PKEY_assign_RSA(evp_pkey, rsa_cdata) assert res == 1 @@ -358,9 +355,6 @@ class Backend(object): evp_pkey = self._new_evp_pkey() rsa_cdata = self._rsa_cdata_from_public_key(public_key) - res = self._lib.RSA_blinding_on(rsa_cdata, self._ffi.NULL) - assert res == 1 - res = self._lib.EVP_PKEY_assign_RSA(evp_pkey, rsa_cdata) assert res == 1 @@ -391,6 +385,9 @@ class Backend(object): ctx.dmp1 = self._int_to_bn(private_key.dmp1) ctx.dmq1 = self._int_to_bn(private_key.dmq1) ctx.iqmp = self._int_to_bn(private_key.iqmp) + res = self._lib.RSA_blinding_on(ctx, self._ffi.NULL) + assert res == 1 + return ctx def _rsa_cdata_from_public_key(self, public_key): @@ -401,6 +398,9 @@ class Backend(object): assert ctx != self._ffi.NULL ctx.e = self._int_to_bn(public_key.e) ctx.n = self._int_to_bn(public_key.n) + res = self._lib.RSA_blinding_on(ctx, self._ffi.NULL) + assert res == 1 + return ctx def create_rsa_signature_ctx(self, private_key, padding, algorithm): @@ -843,6 +843,8 @@ class _RSASignatureContext(object): evp_pkey, self._backend._ffi.NULL ) assert pkey_ctx != self._backend._ffi.NULL + pkey_ctx = self._backend._ffi.gc(pkey_ctx, + self._backend._lib.EVP_PKEY_CTX_free) res = self._backend._lib.EVP_PKEY_sign_init(pkey_ctx) assert res == 1 res = self._backend._lib.EVP_PKEY_CTX_set_signature_md( @@ -1028,6 +1030,8 @@ class _RSAVerificationContext(object): evp_pkey, self._backend._ffi.NULL ) assert pkey_ctx != self._backend._ffi.NULL + pkey_ctx = self._backend._ffi.gc(pkey_ctx, + self._backend._lib.EVP_PKEY_CTX_free) res = self._backend._lib.EVP_PKEY_verify_init(pkey_ctx) assert res == 1 res = self._backend._lib.EVP_PKEY_CTX_set_signature_md( diff --git a/cryptography/hazmat/bindings/openssl/ec.py b/cryptography/hazmat/bindings/openssl/ec.py index 669490de..8ae2ae9a 100644 --- a/cryptography/hazmat/bindings/openssl/ec.py +++ b/cryptography/hazmat/bindings/openssl/ec.py @@ -240,9 +240,6 @@ void (*EC_GROUP_clear_free)(EC_GROUP *); EC_GROUP *(*EC_GROUP_new_curve_GFp)( const BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *); -EC_GROUP *(*EC_GROUP_new_curve_GF2m)( - const BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *); - EC_GROUP *(*EC_GROUP_new_by_curve_name)(int); int (*EC_GROUP_set_curve_GFp)( @@ -251,12 +248,6 @@ int (*EC_GROUP_set_curve_GFp)( int (*EC_GROUP_get_curve_GFp)( const EC_GROUP *, BIGNUM *, BIGNUM *, BIGNUM *, BN_CTX *); -int (*EC_GROUP_set_curve_GF2m)( - EC_GROUP *, const BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *); - -int (*EC_GROUP_get_curve_GF2m)( - const EC_GROUP *, BIGNUM *, BIGNUM *, BIGNUM *, BN_CTX *); - const EC_METHOD *(*EC_GROUP_method_of)(const EC_GROUP *) = NULL; const EC_POINT *(*EC_GROUP_get0_generator)(const EC_GROUP *) = NULL; int (*EC_GROUP_get_curve_name)(const EC_GROUP *) = NULL; @@ -283,15 +274,6 @@ int (*EC_POINT_get_affine_coordinates_GFp)(const EC_GROUP *, int (*EC_POINT_set_compressed_coordinates_GFp)(const EC_GROUP *, EC_POINT *, const BIGNUM *, int, BN_CTX *) = NULL; -int (*EC_POINT_set_affine_coordinates_GF2m)(const EC_GROUP *, EC_POINT *, - const BIGNUM *, const BIGNUM *, BN_CTX *) = NULL; - -int (*EC_POINT_get_affine_coordinates_GF2m)(const EC_GROUP *, - const EC_POINT *, BIGNUM *, BIGNUM *, BN_CTX *) = NULL; - -int (*EC_POINT_set_compressed_coordinates_GF2m)(const EC_GROUP *, EC_POINT *, - const BIGNUM *, int, BN_CTX *) = NULL; - size_t (*EC_POINT_point2oct)(const EC_GROUP *, const EC_POINT *, point_conversion_form_t, unsigned char *, size_t, BN_CTX *) = NULL; @@ -380,6 +362,24 @@ static const long Cryptography_HAS_EC_NISTP_64_GCC_128 = 1; static const long Cryptography_HAS_EC2M = 0; const EC_METHOD *(*EC_GF2m_simple_method)() = NULL; + +int (*EC_POINT_set_affine_coordinates_GF2m)(const EC_GROUP *, EC_POINT *, + const BIGNUM *, const BIGNUM *, BN_CTX *) = NULL; + +int (*EC_POINT_get_affine_coordinates_GF2m)(const EC_GROUP *, + const EC_POINT *, BIGNUM *, BIGNUM *, BN_CTX *) = NULL; + +int (*EC_POINT_set_compressed_coordinates_GF2m)(const EC_GROUP *, EC_POINT *, + const BIGNUM *, int, BN_CTX *) = NULL; + +int (*EC_GROUP_set_curve_GF2m)( + EC_GROUP *, const BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *); + +int (*EC_GROUP_get_curve_GF2m)( + const EC_GROUP *, BIGNUM *, BIGNUM *, BIGNUM *, BN_CTX *); + +EC_GROUP *(*EC_GROUP_new_curve_GF2m)( + const BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *); #else static const long Cryptography_HAS_EC2M = 1; #endif @@ -391,12 +391,9 @@ CONDITIONAL_NAMES = { "EC_GROUP_free", "EC_GROUP_clear_free", "EC_GROUP_new_curve_GFp", - "EC_GROUP_new_curve_GF2m", "EC_GROUP_new_by_curve_name", "EC_GROUP_set_curve_GFp", "EC_GROUP_get_curve_GFp", - "EC_GROUP_set_curve_GF2m", - "EC_GROUP_get_curve_GF2m", "EC_GROUP_method_of", "EC_GROUP_get0_generator", "EC_GROUP_get_curve_name", @@ -431,9 +428,6 @@ CONDITIONAL_NAMES = { "EC_POINT_set_affine_coordinates_GFp", "EC_POINT_get_affine_coordinates_GFp", "EC_POINT_set_compressed_coordinates_GFp", - "EC_POINT_set_affine_coordinates_GF2m", - "EC_POINT_get_affine_coordinates_GF2m", - "EC_POINT_set_compressed_coordinates_GF2m", "EC_POINT_point2oct", "EC_POINT_oct2point", "EC_POINT_point2bn", @@ -473,5 +467,11 @@ CONDITIONAL_NAMES = { "Cryptography_HAS_EC2M": [ "EC_GF2m_simple_method", + "EC_POINT_set_affine_coordinates_GF2m", + "EC_POINT_get_affine_coordinates_GF2m", + "EC_POINT_set_compressed_coordinates_GF2m", + "EC_GROUP_set_curve_GF2m", + "EC_GROUP_get_curve_GF2m", + "EC_GROUP_new_curve_GF2m", ], } |