diff options
| author | Theo Buehler <botovq@users.noreply.github.com> | 2022-11-22 16:33:32 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-11-22 15:33:32 +0000 |
| commit | 95a2b50841648c06bacca7b3d37a3b99d4f71d1e (patch) | |
| tree | e2a46e92d060c056c67a58b906d933d0e53604ba /src/_cffi_src | |
| parent | e06ab09f683698620cfb464c3152392e92c4fa1d (diff) | |
| download | cryptography-95a2b50841648c06bacca7b3d37a3b99d4f71d1e.tar.gz | |
LibreSSL 3.7 adds support for Ed25519 (#7803)
* LibreSSL 3.7 adds support for Ed25519
This brings support for the raw public key API.
* Use feature variable to enable Ed25519
Ed25519 support is available since OpenSSL 1.1.1b and LibreSSL 3.7.0.
Diffstat (limited to 'src/_cffi_src')
| -rw-r--r-- | src/_cffi_src/openssl/cryptography.py | 8 | ||||
| -rw-r--r-- | src/_cffi_src/openssl/evp.py | 6 |
2 files changed, 13 insertions, 1 deletions
diff --git a/src/_cffi_src/openssl/cryptography.py b/src/_cffi_src/openssl/cryptography.py index f53ee72ac..e12e36549 100644 --- a/src/_cffi_src/openssl/cryptography.py +++ b/src/_cffi_src/openssl/cryptography.py @@ -42,9 +42,12 @@ INCLUDES = """ #if CRYPTOGRAPHY_IS_LIBRESSL #define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_360 \ (LIBRESSL_VERSION_NUMBER < 0x3060000f) +#define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_370 \ + (LIBRESSL_VERSION_NUMBER < 0x3070000f) #else #define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_360 (0) +#define CRYPTOGRAPHY_LIBRESSL_LESS_THAN_370 (0) #endif #if OPENSSL_VERSION_NUMBER < 0x10101000 @@ -68,6 +71,10 @@ INCLUDES = """ #else #define CRYPTOGRAPHY_NEEDS_OSRANDOM_ENGINE 0 #endif +/* Ed25519 support is available from OpenSSL 1.1.1b and LibreSSL 3.7.0. */ +#define CRYPTOGRAPHY_HAS_WORKING_ED25519 \ + (!CRYPTOGRAPHY_OPENSSL_LESS_THAN_111B || \ + (CRYPTOGRAPHY_IS_LIBRESSL && !CRYPTOGRAPHY_LIBRESSL_LESS_THAN_370)) """ TYPES = """ @@ -77,6 +84,7 @@ static const int CRYPTOGRAPHY_OPENSSL_300_OR_GREATER; static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_111B; static const int CRYPTOGRAPHY_OPENSSL_LESS_THAN_111E; static const int CRYPTOGRAPHY_NEEDS_OSRANDOM_ENGINE; +static const int CRYPTOGRAPHY_HAS_WORKING_ED25519; static const int CRYPTOGRAPHY_IS_LIBRESSL; static const int CRYPTOGRAPHY_IS_BORINGSSL; diff --git a/src/_cffi_src/openssl/evp.py b/src/_cffi_src/openssl/evp.py index 7a3ae2744..75d252201 100644 --- a/src/_cffi_src/openssl/evp.py +++ b/src/_cffi_src/openssl/evp.py @@ -199,9 +199,10 @@ int (*EVP_PKEY_set1_tls_encodedpoint)(EVP_PKEY *, const unsigned char *, #endif #if CRYPTOGRAPHY_IS_LIBRESSL -static const long Cryptography_HAS_RAW_KEY = 0; static const long Cryptography_HAS_EVP_DIGESTFINAL_XOF = 0; int (*EVP_DigestFinalXOF)(EVP_MD_CTX *, unsigned char *, size_t) = NULL; +#if CRYPTOGRAPHY_LIBRESSL_LESS_THAN_370 +static const long Cryptography_HAS_RAW_KEY = 0; EVP_PKEY *(*EVP_PKEY_new_raw_private_key)(int, ENGINE *, const unsigned char *, size_t) = NULL; EVP_PKEY *(*EVP_PKEY_new_raw_public_key)(int, ENGINE *, const unsigned char *, @@ -212,6 +213,9 @@ int (*EVP_PKEY_get_raw_public_key)(const EVP_PKEY *, unsigned char *, size_t *) = NULL; #else static const long Cryptography_HAS_RAW_KEY = 1; +#endif +#else +static const long Cryptography_HAS_RAW_KEY = 1; static const long Cryptography_HAS_EVP_DIGESTFINAL_XOF = 1; #endif |