From 6b22d6663dcba1a08a3662d9d0205005be6bcd86 Mon Sep 17 00:00:00 2001 From: Christopher Grebs Date: Fri, 4 Sep 2015 23:14:33 +0200 Subject: Add support for RSA_R_OAEP_DECODING_ERROR error flag. --- src/_cffi_src/openssl/err.py | 9 +++++++++ src/cryptography/hazmat/backends/openssl/rsa.py | 3 +++ src/cryptography/hazmat/bindings/openssl/_conditional.py | 3 +++ 3 files changed, 15 insertions(+) (limited to 'src') diff --git a/src/_cffi_src/openssl/err.py b/src/_cffi_src/openssl/err.py index 6ec13775..3eb783ee 100644 --- a/src/_cffi_src/openssl/err.py +++ b/src/_cffi_src/openssl/err.py @@ -14,6 +14,7 @@ static const int Cryptography_HAS_098H_ERROR_CODES; static const int Cryptography_HAS_098C_CAMELLIA_CODES; static const int Cryptography_HAS_EC_CODES; static const int Cryptography_HAS_RSA_R_PKCS_DECODING_ERROR; +static const int Cryptography_HAS_RSA_R_OAEP_DECODING_ERROR; struct ERR_string_data_st { unsigned long error; @@ -230,6 +231,7 @@ static const int RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY; static const int RSA_R_BLOCK_TYPE_IS_NOT_01; static const int RSA_R_BLOCK_TYPE_IS_NOT_02; static const int RSA_R_PKCS_DECODING_ERROR; +static const int RSA_R_OAEP_DECODING_ERROR; static const int RSA_F_RSA_SIGN; """ @@ -334,4 +336,11 @@ static const long Cryptography_HAS_RSA_R_PKCS_DECODING_ERROR = 1; static const long Cryptography_HAS_RSA_R_PKCS_DECODING_ERROR = 0; static const long RSA_R_PKCS_DECODING_ERROR = 0; #endif + +#ifdef RSA_R_OAEP_DECODING_ERROR +static const long Cryptography_HAS_RSA_R_OAEP_DECODING_ERROR = 1; +#else +static const long Cryptography_HAS_RSA_R_OAEP_DECODING_ERROR = 0; +static const long RSA_R_OAEP_DECODING_ERROR = 0; +#endif """ diff --git a/src/cryptography/hazmat/backends/openssl/rsa.py b/src/cryptography/hazmat/backends/openssl/rsa.py index 664f6d35..1be6f059 100644 --- a/src/cryptography/hazmat/backends/openssl/rsa.py +++ b/src/cryptography/hazmat/backends/openssl/rsa.py @@ -142,6 +142,9 @@ def _handle_rsa_enc_dec_error(backend, key): if backend._lib.Cryptography_HAS_RSA_R_PKCS_DECODING_ERROR: decoding_errors.append(backend._lib.RSA_R_PKCS_DECODING_ERROR) + if backend._lib.Cryptography_HAS_RSA_R_OAEP_DECODING_ERROR: + decoding_errors.append(backend._lib.RSA_R_OAEP_DECODING_ERROR) + assert errors[0].reason in decoding_errors raise ValueError("Decryption failed.") diff --git a/src/cryptography/hazmat/bindings/openssl/_conditional.py b/src/cryptography/hazmat/bindings/openssl/_conditional.py index 206c2915..c4e39db9 100644 --- a/src/cryptography/hazmat/bindings/openssl/_conditional.py +++ b/src/cryptography/hazmat/bindings/openssl/_conditional.py @@ -219,6 +219,9 @@ CONDITIONAL_NAMES = { "Cryptography_HAS_RSA_R_PKCS_DECODING_ERROR": [ "RSA_R_PKCS_DECODING_ERROR" ], + "Cryptography_HAS_RSA_R_OAEP_DECODING_ERROR": [ + "RSA_R_OAEP_DECODING_ERROR" + ], "Cryptography_HAS_GCM": [ "EVP_CTRL_GCM_GET_TAG", "EVP_CTRL_GCM_SET_TAG", -- cgit v1.2.3 From c809360573fc2ef659c154740c32e98f35fc5da9 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sun, 27 Dec 2015 23:55:39 -0600 Subject: RSA_R_OAEP_DECODING_ERROR is pretty ubiquitous --- src/_cffi_src/openssl/err.py | 8 -------- src/cryptography/hazmat/backends/openssl/rsa.py | 4 +--- src/cryptography/hazmat/bindings/openssl/_conditional.py | 3 --- 3 files changed, 1 insertion(+), 14 deletions(-) (limited to 'src') diff --git a/src/_cffi_src/openssl/err.py b/src/_cffi_src/openssl/err.py index 3eb783ee..9d97be16 100644 --- a/src/_cffi_src/openssl/err.py +++ b/src/_cffi_src/openssl/err.py @@ -14,7 +14,6 @@ static const int Cryptography_HAS_098H_ERROR_CODES; static const int Cryptography_HAS_098C_CAMELLIA_CODES; static const int Cryptography_HAS_EC_CODES; static const int Cryptography_HAS_RSA_R_PKCS_DECODING_ERROR; -static const int Cryptography_HAS_RSA_R_OAEP_DECODING_ERROR; struct ERR_string_data_st { unsigned long error; @@ -336,11 +335,4 @@ static const long Cryptography_HAS_RSA_R_PKCS_DECODING_ERROR = 1; static const long Cryptography_HAS_RSA_R_PKCS_DECODING_ERROR = 0; static const long RSA_R_PKCS_DECODING_ERROR = 0; #endif - -#ifdef RSA_R_OAEP_DECODING_ERROR -static const long Cryptography_HAS_RSA_R_OAEP_DECODING_ERROR = 1; -#else -static const long Cryptography_HAS_RSA_R_OAEP_DECODING_ERROR = 0; -static const long RSA_R_OAEP_DECODING_ERROR = 0; -#endif """ diff --git a/src/cryptography/hazmat/backends/openssl/rsa.py b/src/cryptography/hazmat/backends/openssl/rsa.py index 1be6f059..033cd3b1 100644 --- a/src/cryptography/hazmat/backends/openssl/rsa.py +++ b/src/cryptography/hazmat/backends/openssl/rsa.py @@ -138,13 +138,11 @@ def _handle_rsa_enc_dec_error(backend, key): decoding_errors = [ backend._lib.RSA_R_BLOCK_TYPE_IS_NOT_01, backend._lib.RSA_R_BLOCK_TYPE_IS_NOT_02, + backend._lib.RSA_R_OAEP_DECODING_ERROR, ] if backend._lib.Cryptography_HAS_RSA_R_PKCS_DECODING_ERROR: decoding_errors.append(backend._lib.RSA_R_PKCS_DECODING_ERROR) - if backend._lib.Cryptography_HAS_RSA_R_OAEP_DECODING_ERROR: - decoding_errors.append(backend._lib.RSA_R_OAEP_DECODING_ERROR) - assert errors[0].reason in decoding_errors raise ValueError("Decryption failed.") diff --git a/src/cryptography/hazmat/bindings/openssl/_conditional.py b/src/cryptography/hazmat/bindings/openssl/_conditional.py index c4e39db9..206c2915 100644 --- a/src/cryptography/hazmat/bindings/openssl/_conditional.py +++ b/src/cryptography/hazmat/bindings/openssl/_conditional.py @@ -219,9 +219,6 @@ CONDITIONAL_NAMES = { "Cryptography_HAS_RSA_R_PKCS_DECODING_ERROR": [ "RSA_R_PKCS_DECODING_ERROR" ], - "Cryptography_HAS_RSA_R_OAEP_DECODING_ERROR": [ - "RSA_R_OAEP_DECODING_ERROR" - ], "Cryptography_HAS_GCM": [ "EVP_CTRL_GCM_GET_TAG", "EVP_CTRL_GCM_SET_TAG", -- cgit v1.2.3