Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / pyopenssl / c09fd581772ebe9d30bcf6b24665b4b75175029b^! / . / doc / api
commitc09fd581772ebe9d30bcf6b24665b4b75175029b[log] [tgz]
authorJean-Paul Calderone <exarkun@twistedmatrix.com>Fri Apr 18 22:00:10 2014 -0400
committerJean-Paul Calderone <exarkun@twistedmatrix.com>Fri Apr 18 22:00:10 2014 -0400
tree7b75907547593638e7fabe393cfb4bc7447ac35f
parentf43678bc99019f55908752f9885f680cd70d42ca [diff]
Switch to an explicit curve object.

Happily, this eliminates just about all of the error cases.

diff --git a/doc/api/crypto.rst b/doc/api/crypto.rst
index ee93cfb..974e516 100644
--- a/doc/api/crypto.rst
+++ b/doc/api/crypto.rst

@@ -119,6 +119,28 @@
     Generic exception used in the :py:mod:`.crypto` module.
 
 
+.. py:function:: get_elliptic_curves
+
+    Return a set of objects representing the elliptic curves supported in the
+    OpenSSL build in use.
+
+    The curve objects have a :py:class:`unicode` ``name`` attribute by which
+    they identifying themselves.
+
+    The curve objects are useful as values for the argument accepted by
+    :py:meth:`Context.set_tmp_ecdh_curve` to specify which elliptical curve
+    should be used for ECDHE key exchange.
+
+
+.. py:function:: get_elliptic_curve
+
+    Return a single curve object selected by name.
+
+    See :py:func:`get_elliptic_curves` for information about curve objects.
+
+    If the named curve is not supported then :py:class:`ValueError` is raised.
+
+
 .. py:function:: dump_certificate(type, cert)
 
     Dump the certificate *cert* into a buffer string encoded with the type

diff --git a/doc/api/ssl.rst b/doc/api/ssl.rst
index b7eca70..9016e98 100644
--- a/doc/api/ssl.rst
+++ b/doc/api/ssl.rst

@@ -110,17 +110,6 @@
      .. versionadded:: 0.14
 
 
-.. py:data:: ELLIPTIC_CURVE_DESCRIPTIONS
-
-    A dictionary mapping short names of elliptic curves to textual
-    descriptions.  This dictionary contains exactly the set of curves
-    supported by the OpenSSL build in use.
-
-    The keys are the curve names that can be passed into
-    Constants used with :py:meth:`Context.set_tmp_ecdh_curve` to
-    specify which elliptical curve should be used for ECDHE key exchange.
-
-
 .. py:data:: OPENSSL_VERSION_NUMBER
 
     An integer giving the version number of the OpenSSL library used to build this
@@ -327,21 +316,15 @@
 
     Load parameters for Ephemeral Diffie-Hellman from *dhfile*.
 
-.. py:method:: Context.set_tmp_ecdh_curve(curve_name)
+
+.. py:method:: Context.set_tmp_ecdh_curve(curve)
 
    Select a curve to use for ECDHE key exchange.
 
-   The valid values of *curve_name* are the keys in
-   :py:data:`ELLIPTIC_CURVE_DESCRIPTIONS`.
+   The valid values of *curve* are the objects returned by
+   :py:func:`OpenSSL.crypto.get_elliptic_curves` or
+   :py:func:`OpenSSL.crypto.get_elliptic_curve`.
 
-   Raises a subclass of ``ValueError`` if the linked OpenSSL was not
-   compiled with elliptical curve support or the specified curve is
-   not available.  You can check the specific subclass, but, in
-   general, you should just handle ``ValueError``.
-
-   :param curve_name: The 'short name' of a curve, e.g. 'prime256v1'
-   :type curve_name: str
-   :return: None
 
 .. py:method:: Context.set_app_data(data)