add EVP raw key bindings (#4578)
diff --git a/src/_cffi_src/openssl/evp.py b/src/_cffi_src/openssl/evp.py
index 2fb724d..227ec35 100644
--- a/src/_cffi_src/openssl/evp.py
+++ b/src/_cffi_src/openssl/evp.py
@@ -34,6 +34,7 @@
static const int Cryptography_HAS_EVP_PKEY_DHX;
static const int Cryptography_HAS_EVP_PKEY_get_set_tls_encodedpoint;
static const int Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY;
+static const long Cryptography_HAS_RAW_KEY;
"""
FUNCTIONS = """
@@ -193,6 +194,13 @@
int EVP_PBE_scrypt(const char *, size_t, const unsigned char *, size_t,
uint64_t, uint64_t, uint64_t, uint64_t, unsigned char *,
size_t);
+
+EVP_PKEY *EVP_PKEY_new_raw_private_key(int, ENGINE *, const unsigned char *,
+ size_t);
+EVP_PKEY *EVP_PKEY_new_raw_public_key(int, ENGINE *, const unsigned char *,
+ size_t);
+int EVP_PKEY_get_raw_private_key(const EVP_PKEY *, unsigned char *, size_t *);
+int EVP_PKEY_get_raw_public_key(const EVP_PKEY *, unsigned char *, size_t *);
"""
CUSTOMIZATIONS = """
@@ -246,12 +254,22 @@
#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_111
static const long Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY = 0;
+static const long Cryptography_HAS_RAW_KEY = 0;
int (*EVP_DigestSign)(EVP_MD_CTX *, unsigned char *, size_t *,
const unsigned char *tbs, size_t) = NULL;
int (*EVP_DigestVerify)(EVP_MD_CTX *, const unsigned char *, size_t,
const unsigned char *, size_t) = NULL;
+EVP_PKEY *(*EVP_PKEY_new_raw_private_key)(int, ENGINE *, const unsigned char *,
+ size_t) = NULL;
+EVP_PKEY *(*EVP_PKEY_new_raw_public_key)(int, ENGINE *, const unsigned char *,
+ size_t) = NULL;
+int (*EVP_PKEY_get_raw_private_key)(const EVP_PKEY *, unsigned char *,
+ size_t *) = NULL;
+int (*EVP_PKEY_get_raw_public_key)(const EVP_PKEY *, unsigned char *,
+ size_t *) = NULL;
#else
static const long Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY = 1;
+static const long Cryptography_HAS_RAW_KEY = 1;
#endif
/* OpenSSL 1.1.0+ does this define for us, but if not present we'll do it */
diff --git a/src/cryptography/hazmat/bindings/openssl/_conditional.py b/src/cryptography/hazmat/bindings/openssl/_conditional.py
index 219f163..959a1ab 100644
--- a/src/cryptography/hazmat/bindings/openssl/_conditional.py
+++ b/src/cryptography/hazmat/bindings/openssl/_conditional.py
@@ -301,6 +301,15 @@
]
+def cryptography_has_raw_key():
+ return [
+ "EVP_PKEY_new_raw_private_key",
+ "EVP_PKEY_new_raw_public_key",
+ "EVP_PKEY_get_raw_private_key",
+ "EVP_PKEY_get_raw_public_key",
+ ]
+
+
# This is a mapping of
# {condition: function-returning-names-dependent-on-that-condition} so we can
# loop over them and delete unsupported names at runtime. It will be removed
@@ -363,4 +372,5 @@
"Cryptography_HAS_OPENSSL_CLEANUP": cryptography_has_openssl_cleanup,
"Cryptography_HAS_CIPHER_DETAILS": cryptography_has_cipher_details,
"Cryptography_HAS_TLSv1_3": cryptography_has_tlsv13,
+ "Cryptography_HAS_RAW_KEY": cryptography_has_raw_key,
}