Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / 7d5483b7cd0065b1f21b068ac2278ba74c21dc67^2..7d5483b7cd0065b1f21b068ac2278ba74c21dc67 / .
commit7d5483b7cd0065b1f21b068ac2278ba74c21dc67[log] [tgz]
authorAlex Gaynor <alex.gaynor@gmail.com>Sat Mar 07 12:33:01 2015 -0500
committerAlex Gaynor <alex.gaynor@gmail.com>Sat Mar 07 12:33:01 2015 -0500
tree17924147ce3ec236095543cf70564ff0c970b6a7
parente37a0a5c8d29cbede67f4731ec0edd69b63a89c0 [diff]
parent791afc0d63f6985227ea18752ccb12fa0987c420 [diff]
Merge pull request #1715 from reaperhulk/rsa-pkcs1-public-key

RSA PKCS1 public key loading support
diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst
index 3d40a21..68b8529 100644
--- a/docs/development/test-vectors.rst
+++ b/docs/development/test-vectors.rst

@@ -227,11 +227,11 @@
 .. _`Specification repository`: https://github.com/fernet/spec
 .. _`errata`: http://www.rfc-editor.org/errata_search.php?rfc=6238
 .. _`OpenSSL example key`: https://github.com/openssl/openssl/blob/d02b48c63a58ea4367a0e905979f140b7d090f86/test/testrsa.pem
-.. _`GnuTLS key parsing tests`: https://gitorious.org/gnutls/gnutls/commit/f16ef39ef0303b02d7fa590a37820440c466ce8d
-.. _`enc-rsa-pkcs8.pem`: https://gitorious.org/gnutls/gnutls/source/f8d943b38bf74eaaa11d396112daf43cb8aa82ae:tests/pkcs8-decode/encpkcs8.pem
-.. _`enc2-rsa-pkcs8.pem`: https://gitorious.org/gnutls/gnutls/source/f8d943b38bf74eaaa11d396112daf43cb8aa82ae:tests/pkcs8-decode/enc2pkcs8.pem
-.. _`unenc-rsa-pkcs8.pem`: https://gitorious.org/gnutls/gnutls/source/f8d943b38bf74eaaa11d396112daf43cb8aa82ae:tests/pkcs8-decode/unencpkcs8.pem
-.. _`pkcs12_s2k_pem.c`: https://gitorious.org/gnutls/gnutls/source/f8d943b38bf74eaaa11d396112daf43cb8aa82ae:tests/pkcs12_s2k_pem.c
+.. _`GnuTLS key parsing tests`: https://gitlab.com/gnutls/gnutls/commit/f16ef39ef0303b02d7fa590a37820440c466ce8d
+.. _`enc-rsa-pkcs8.pem`: https://gitlab.com/gnutls/gnutls/blob/f8d943b38bf74eaaa11d396112daf43cb8aa82ae/tests/pkcs8-decode/encpkcs8.pem
+.. _`enc2-rsa-pkcs8.pem`: https://gitlab.com/gnutls/gnutls/blob/f8d943b38bf74eaaa11d396112daf43cb8aa82ae/tests/pkcs8-decode/enc2pkcs8.pem
+.. _`unenc-rsa-pkcs8.pem`: https://gitlab.com/gnutls/gnutls/blob/f8d943b38bf74eaaa11d396112daf43cb8aa82ae/tests/pkcs8-decode/unencpkcs8.pem
+.. _`pkcs12_s2k_pem.c`: https://gitlab.com/gnutls/gnutls/blob/f8d943b38bf74eaaa11d396112daf43cb8aa82ae/tests/pkcs12_s2k_pem.c
 .. _`Botan's ECC private keys`: https://github.com/randombit/botan/tree/4917f26a2b154e841cd27c1bcecdd41d2bdeb6ce/src/tests/data/ecc
 .. _`GnuTLS example keys`: https://gitorious.org/gnutls/gnutls/commit/ad2061deafdd7db78fd405f9d143b0a7c579da7b
 .. _`NESSIE IDEA vectors`: https://www.cosic.esat.kuleuven.be/nessie/testvectors/bc/idea/Idea-128-64.verified.test-vectors

diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index 65c26ba..42dcc0f 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py

@@ -320,6 +320,7 @@
         )
 
     def _bn_to_int(self, bn):
+        assert bn != self._ffi.NULL
         if six.PY3:
             # Python 3 has constant time from_bytes, so use that.
 
@@ -346,6 +347,7 @@
         ownership of the object). Be sure to register it for GC if it will
         be discarded after use.
         """
+        assert bn is None or bn != self._ffi.NULL
 
         if bn is None:
             bn = self._ffi.NULL

diff --git a/src/cryptography/hazmat/bindings/openssl/dh.py b/src/cryptography/hazmat/bindings/openssl/dh.py
index 06ac6f4..b66e719 100644
--- a/src/cryptography/hazmat/bindings/openssl/dh.py
+++ b/src/cryptography/hazmat/bindings/openssl/dh.py

@@ -18,6 +18,9 @@
     BIGNUM *priv_key;
     /* Public DH value g^x */
     BIGNUM *pub_key;
+    /* X9.42/RFC 2631 */
+    BIGNUM *q;
+    BIGNUM *j;
     ...;
 } DH;
 """
@@ -28,6 +31,7 @@
 int DH_size(const DH *);
 DH *DH_generate_parameters(int, int, void (*)(int, int, void *), void *);
 int DH_check(const DH *, int *);
+int DH_check_pub_key(const DH *, const BIGNUM *, int *);
 int DH_generate_key(DH *);
 int DH_compute_key(unsigned char *, const BIGNUM *, DH *);
 int DH_set_ex_data(DH *, int, void *);

diff --git a/src/cryptography/hazmat/bindings/openssl/err.py b/src/cryptography/hazmat/bindings/openssl/err.py
index ec393c1..0ee19c9 100644
--- a/src/cryptography/hazmat/bindings/openssl/err.py
+++ b/src/cryptography/hazmat/bindings/openssl/err.py

@@ -21,6 +21,7 @@
 };
 typedef struct ERR_string_data_st ERR_STRING_DATA;
 
+static const int ERR_LIB_DH;
 static const int ERR_LIB_EVP;
 static const int ERR_LIB_EC;
 static const int ERR_LIB_PEM;
@@ -95,6 +96,10 @@
 static const int ASN1_R_WRONG_TAG;
 static const int ASN1_R_WRONG_TYPE;
 
+static const int DH_F_COMPUTE_KEY;
+
+static const int DH_R_INVALID_PUBKEY;
+
 static const int EVP_F_AES_INIT_KEY;
 static const int EVP_F_D2I_PKEY;
 static const int EVP_F_DSA_PKEY2PKCS8;