Fixes #3538 -- Make our OpenSSL EC verifier's implementation match the API (#3539)
* Document our real API for EC verification, not an accident
* formatting consistency
* fix the code itself
* fixed class name
* fixed a test too
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 5223fea..8935285 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -9,6 +9,12 @@
* Add support for providing ``tag`` during
:class:`~cryptography.hazmat.primitives.ciphers.modes.GCM` finalization via
:meth:`~cryptography.hazmat.primitives.ciphers.AEADDecryptionContext.finalize_with_tag`.
+* **BACKWARDS INCOMPATIBLE:** Elliptic Curve signature verification no long
+ returns ``True`` on success. This brings it in line with the interface's
+ documentation, and our intent. The correct way to use
+ :meth:`~cryptography.hazmat.primitives.asymmetric.ec.EllipticCurvePublicKey.verify`
+ has always been to check whether or not
+ :class:`~cryptography.exceptions.InvalidSignature` was raised.
1.8.1 - 2017-03-10
diff --git a/docs/hazmat/primitives/asymmetric/ec.rst b/docs/hazmat/primitives/asymmetric/ec.rst
index 56e2e0e..3c595fa 100644
--- a/docs/hazmat/primitives/asymmetric/ec.rst
+++ b/docs/hazmat/primitives/asymmetric/ec.rst
@@ -78,20 +78,24 @@
:func:`~cryptography.hazmat.primitives.asymmetric.utils.decode_dss_signature`.
- Verification requires the public key, the signature itself, the signed data, and knowledge of the hashing algorithm that was used when producing the signature:
+ Verification requires the public key, the signature itself, the signed
+ data, and knowledge of the hashing algorithm that was used when producing
+ the signature:
>>> public_key = private_key.public_key()
>>> verifier = public_key.verifier(signature, ec.ECDSA(hashes.SHA256()))
>>> verifier.update(b"this is some data I'd like")
>>> verifier.update(b" to sign")
>>> verifier.verify()
- True
- The last call will either return ``True`` or raise an :class:`~cryptography.exceptions.InvalidSignature` exception.
+ If the signature is not valid, an
+ :class:`~cryptography.exceptions.InvalidSignature` exception will be raised.
.. note::
- Although in this case the public key was derived from the private one, in a typical setting you will not possess the private key. The `Key loading`_ section explains how to load the public key from other sources.
-
+ Although in this case the public key was derived from the private one,
+ in a typical setting you will not possess the private key. The
+ `Key loading`_ section explains how to load the public key from other
+ sources.
.. class:: EllipticCurvePrivateNumbers(private_value, public_numbers)
@@ -589,7 +593,7 @@
... encoding=serialization.Encoding.PEM,
... format=serialization.PrivateFormat.PKCS8,
... encryption_algorithm=serialization.BestAvailableEncryption(b'testpassword')
- ... )
+ ... )
>>> serialized_private.splitlines()[0]
'-----BEGIN ENCRYPTED PRIVATE KEY-----'
@@ -605,7 +609,7 @@
>>> serialized_public = public_key.public_bytes(
... encoding=serialization.Encoding.PEM,
... format=serialization.PublicFormat.SubjectPublicKeyInfo
- ... )
+ ... )
>>> serialized_public.splitlines()[0]
'-----BEGIN PUBLIC KEY-----'
@@ -622,15 +626,16 @@
.. doctest::
>>> loaded_public_key = serialization.load_pem_public_key(
- ... serialized_public,
- ... backend=default_backend()
- ... )
+ ... serialized_public,
+ ... backend=default_backend()
+ ... )
>>> loaded_private_key = serialization.load_pem_private_key(
- ... serialized_private,
- ... password=b'testpassword', # or password=None, if in plain text
- ... backend=default_backend()
- ... )
+ ... serialized_private,
+ ... # or password=None, if in plain text
+ ... password=b'testpassword',
+ ... backend=default_backend()
+ ... )
.. _`FIPS 186-3`: http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf
diff --git a/src/cryptography/hazmat/backends/openssl/ec.py b/src/cryptography/hazmat/backends/openssl/ec.py
index cecd25e..68a35b2 100644
--- a/src/cryptography/hazmat/backends/openssl/ec.py
+++ b/src/cryptography/hazmat/backends/openssl/ec.py
@@ -86,7 +86,6 @@
if res != 1:
backend._consume_errors()
raise InvalidSignature
- return True
@utils.register_interface(AsymmetricSignatureContext)
@@ -118,7 +117,7 @@
def verify(self):
digest = self._digest.finalize()
- return _ecdsa_sig_verify(
+ _ecdsa_sig_verify(
self._backend, self._public_key, self._signature, digest
)
@@ -283,4 +282,4 @@
data, algorithm = _calculate_digest_and_algorithm(
self._backend, data, signature_algorithm._algorithm
)
- return _ecdsa_sig_verify(self._backend, self, signature, data)
+ _ecdsa_sig_verify(self._backend, self, signature, data)
diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py
index 7127071..ad4bbc5 100644
--- a/tests/hazmat/primitives/test_ec.py
+++ b/tests/hazmat/primitives/test_ec.py
@@ -508,7 +508,7 @@
ec.ECDSA(hash_type())
)
verifier.update(vector['message'])
- assert verifier.verify()
+ verifier.verify()
@pytest.mark.parametrize(
"vector",