Skip to content

S
shrapnel
Commit b4079484 authored by Sam Rushing's avatar Sam Rushing
Browse files
Options

pkey.encrypt() using EVP_PKEY_encrypt.

parent f023cfe3
Hide whitespace changes
Inline Side-by-side
Showing with 30 additions and 0 deletions
coro/ssl/openssl.pxi
View file @ b4079484
......@@ -153,6 +153,13 @@ cdef extern from "openssl/evp.h":
int EVP_SignFinal (EVP_MD_CTX *, char *, int *, EVP_PKEY *)
int EVP_VerifyFinal (EVP_MD_CTX *, char *, int, EVP_PKEY *)
int EVP_MAX_MD_SIZE
# --- public key encryption ---
ctypedef struct EVP_PKEY_CTX
# NOTE: replacing ENGINE * with void * here, we otherwise have no support for ENGINE.
EVP_PKEY_CTX * EVP_PKEY_CTX_new (EVP_PKEY *, void *)
void EVP_PKEY_CTX_free (EVP_PKEY_CTX *)
int EVP_PKEY_encrypt_init (EVP_PKEY_CTX *)
int EVP_PKEY_encrypt (EVP_PKEY_CTX *, unsigned char *, size_t *, const unsigned char *, size_t)
cdef extern from "openssl/ec.h":
ctypedef struct EC_KEY
......
coro/ssl/openssl.pyx
View file @ b4079484
......@@ -188,6 +188,29 @@ cdef class pkey:
def bits (self):
return self._bits()
def encrypt (self, bytes iblock):
cdef size_t outlen = 0
cdef bytes oblock
# NOTE: no engine support yet...
cdef EVP_PKEY_CTX * ctx = EVP_PKEY_CTX_new (self.pkey, NULL)
if ctx is NULL:
raise_ssl_error()
else:
try:
if EVP_PKEY_encrypt_init (ctx) != 1:
raise_ssl_error()
else:
if EVP_PKEY_encrypt (ctx, NULL, &outlen, iblock, len(iblock)) != 1:
raise_ssl_error()
else:
oblock = PyBytes_FromStringAndSize (NULL, outlen)
if EVP_PKEY_encrypt (ctx, oblock, &outlen, iblock, len(iblock)) != 1:
raise_ssl_error()
else:
return oblock
finally:
EVP_PKEY_CTX_free (ctx)
# compatibility
def read_pem_key (pem, pwd):
return pkey (pem, pwd, True)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7