diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2022-04-25 22:39:59 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-04-26 03:39:59 +0000 |
| commit | 34fd658c4c0ab08134fadd29ad16afdd2ec6eebb (patch) | |
| tree | c715dc2c746f32146cee535a4a0b241f4a2202ca /src/_cffi_src | |
| parent | d7aac1c3d8f1ad71f6a2eac28680f3b689c909ad (diff) | |
| download | cryptography-34fd658c4c0ab08134fadd29ad16afdd2ec6eebb.tar.gz | |
Load RSA PSS keys as regular RSA keys (#7112)
* RSA PSS openssl constant
* load PSS keys (OpenSSL only) but strip the constraints
* empty commit for CI, sigh
* review feedback
* nit
Diffstat (limited to 'src/_cffi_src')
| -rw-r--r-- | src/_cffi_src/openssl/cryptography.py | 3 | ||||
| -rw-r--r-- | src/_cffi_src/openssl/evp.py | 7 |
2 files changed, 10 insertions, 0 deletions
diff --git a/src/_cffi_src/openssl/cryptography.py b/src/_cffi_src/openssl/cryptography.py index 1ad7fb616..f92dd2a0a 100644 --- a/src/_cffi_src/openssl/cryptography.py +++ b/src/_cffi_src/openssl/cryptography.py @@ -70,6 +70,8 @@ INCLUDES = """ (OPENSSL_VERSION_NUMBER < 0x10101020 || CRYPTOGRAPHY_IS_LIBRESSL) #define CRYPTOGRAPHY_OPENSSL_LESS_THAN_111D \ (OPENSSL_VERSION_NUMBER < 0x10101040 || CRYPTOGRAPHY_IS_LIBRESSL) +#define CRYPTOGRAPHY_OPENSSL_LESS_THAN_111E \ + (OPENSSL_VERSION_NUMBER < 0x10101050 || CRYPTOGRAPHY_IS_LIBRESSL) #if (CRYPTOGRAPHY_OPENSSL_LESS_THAN_111D && !CRYPTOGRAPHY_IS_LIBRESSL && \ !defined(OPENSSL_NO_ENGINE)) || defined(USE_OSRANDOM_RNG_FOR_TESTING) #define CRYPTOGRAPHY_NEEDS_OSRANDOM_ENGINE 1 @@ -84,6 +86,7 @@ static const int CRYPTOGRAPHY_OPENSSL_300_OR_GREATER; static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_111; static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_111B; +static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_111E; static const int CRYPTOGRAPHY_NEEDS_OSRANDOM_ENGINE; static const int CRYPTOGRAPHY_LIBRESSL_LESS_THAN_340; diff --git a/src/_cffi_src/openssl/evp.py b/src/_cffi_src/openssl/evp.py index 8828cdc92..f4d9fb953 100644 --- a/src/_cffi_src/openssl/evp.py +++ b/src/_cffi_src/openssl/evp.py @@ -16,6 +16,7 @@ typedef ... EVP_MD_CTX; typedef ... EVP_PKEY; typedef ... EVP_PKEY_CTX; static const int EVP_PKEY_RSA; +static const int EVP_PKEY_RSA_PSS; static const int EVP_PKEY_DSA; static const int EVP_PKEY_DH; static const int EVP_PKEY_DHX; @@ -293,4 +294,10 @@ int (*EVP_PKEY_set1_DH)(EVP_PKEY *, DH *) = NULL; #else static const long Cryptography_HAS_EVP_PKEY_DH = 1; #endif + +// This can be removed when we drop OpenSSL 1.1.0 support +// OPENSSL_LESS_THAN_111 +#if !defined(EVP_PKEY_RSA_PSS) +#define EVP_PKEY_RSA_PSS 912 +#endif """ |