aboutsummaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/cryptography/hazmat/backends/openssl/backend.py8
-rw-r--r--src/cryptography/hazmat/backends/openssl/ed25519.py5
-rw-r--r--src/cryptography/hazmat/primitives/asymmetric/ed25519.py4
-rw-r--r--src/cryptography/hazmat/primitives/serialization/ssh.py13
4 files changed, 21 insertions, 9 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index eab60778..b040b809 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -38,7 +38,7 @@ from cryptography.hazmat.backends.openssl.ec import (
_EllipticCurvePrivateKey, _EllipticCurvePublicKey
)
from cryptography.hazmat.backends.openssl.ed25519 import (
- _ED25519_KEY_SIZE, _Ed25519PrivateKey, _Ed25519PublicKey
+ _Ed25519PrivateKey, _Ed25519PublicKey
)
from cryptography.hazmat.backends.openssl.ed448 import (
_ED448_KEY_SIZE, _Ed448PrivateKey, _Ed448PublicKey
@@ -70,7 +70,7 @@ from cryptography.hazmat.backends.openssl.x509 import (
)
from cryptography.hazmat.bindings.openssl import binding
from cryptography.hazmat.primitives import hashes, serialization
-from cryptography.hazmat.primitives.asymmetric import dsa, ec, rsa
+from cryptography.hazmat.primitives.asymmetric import dsa, ec, ed25519, rsa
from cryptography.hazmat.primitives.asymmetric.padding import (
MGF1, OAEP, PKCS1v15, PSS
)
@@ -2212,7 +2212,7 @@ class Backend(object):
def ed25519_load_public_bytes(self, data):
utils._check_bytes("data", data)
- if len(data) != _ED25519_KEY_SIZE:
+ if len(data) != ed25519._ED25519_KEY_SIZE:
raise ValueError("An Ed25519 public key is 32 bytes long")
evp_pkey = self._lib.EVP_PKEY_new_raw_public_key(
@@ -2224,7 +2224,7 @@ class Backend(object):
return _Ed25519PublicKey(self, evp_pkey)
def ed25519_load_private_bytes(self, data):
- if len(data) != _ED25519_KEY_SIZE:
+ if len(data) != ed25519._ED25519_KEY_SIZE:
raise ValueError("An Ed25519 private key is 32 bytes long")
utils._check_byteslike("data", data)
diff --git a/src/cryptography/hazmat/backends/openssl/ed25519.py b/src/cryptography/hazmat/backends/openssl/ed25519.py
index 15c1b1ec..f02f5622 100644
--- a/src/cryptography/hazmat/backends/openssl/ed25519.py
+++ b/src/cryptography/hazmat/backends/openssl/ed25519.py
@@ -7,12 +7,9 @@ from __future__ import absolute_import, division, print_function
from cryptography import exceptions, utils
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric.ed25519 import (
- Ed25519PrivateKey, Ed25519PublicKey
+ Ed25519PrivateKey, Ed25519PublicKey, _ED25519_KEY_SIZE, _ED25519_SIG_SIZE
)
-_ED25519_KEY_SIZE = 32
-_ED25519_SIG_SIZE = 64
-
@utils.register_interface(Ed25519PublicKey)
class _Ed25519PublicKey(object):
diff --git a/src/cryptography/hazmat/primitives/asymmetric/ed25519.py b/src/cryptography/hazmat/primitives/asymmetric/ed25519.py
index 96be9c58..d89445fa 100644
--- a/src/cryptography/hazmat/primitives/asymmetric/ed25519.py
+++ b/src/cryptography/hazmat/primitives/asymmetric/ed25519.py
@@ -11,6 +11,10 @@ import six
from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
+_ED25519_KEY_SIZE = 32
+_ED25519_SIG_SIZE = 64
+
+
@six.add_metaclass(abc.ABCMeta)
class Ed25519PublicKey(object):
@classmethod
diff --git a/src/cryptography/hazmat/primitives/serialization/ssh.py b/src/cryptography/hazmat/primitives/serialization/ssh.py
index cb838927..a1d6c8c9 100644
--- a/src/cryptography/hazmat/primitives/serialization/ssh.py
+++ b/src/cryptography/hazmat/primitives/serialization/ssh.py
@@ -11,7 +11,7 @@ import six
from cryptography import utils
from cryptography.exceptions import UnsupportedAlgorithm
-from cryptography.hazmat.primitives.asymmetric import dsa, ec, rsa
+from cryptography.hazmat.primitives.asymmetric import dsa, ec, ed25519, rsa
def load_ssh_public_key(data, backend):
@@ -31,6 +31,8 @@ def load_ssh_public_key(data, backend):
b'ecdsa-sha2-nistp256', b'ecdsa-sha2-nistp384', b'ecdsa-sha2-nistp521',
]:
loader = _load_ssh_ecdsa_public_key
+ elif key_type == b'ssh-ed25519':
+ loader = _load_ssh_ed25519_public_key
else:
raise UnsupportedAlgorithm('Key type is not supported.')
@@ -102,6 +104,15 @@ def _load_ssh_ecdsa_public_key(expected_key_type, decoded_data, backend):
return ec.EllipticCurvePublicKey.from_encoded_point(curve, data)
+def _load_ssh_ed25519_public_key(expected_key_type, decoded_data, backend):
+ data, rest = _ssh_read_next_string(decoded_data)
+
+ if rest:
+ raise ValueError('Key body contains extra bytes.')
+
+ return ed25519.Ed25519PublicKey.from_public_bytes(data)
+
+
def _ssh_read_next_string(data):
"""
Retrieves the next RFC 4251 string value from the data.
generated by cgit v1.2.3 (git 2.25.1) at 2025-04-20 14:01:02 +0000