Coverage for /pythoncovmergedfiles/medio/medio/usr/local/lib/python3.8/site-packages/cryptography/hazmat/backends/openssl/x448.py: 30%
53 statements
« prev ^ index » next coverage.py v7.0.1, created at 2022-12-25 06:11 +0000
1# This file is dual licensed under the terms of the Apache License, Version
2# 2.0, and the BSD License. See the LICENSE file in the root of this repository
3# for complete details.
5import typing
7from cryptography.hazmat.backends.openssl.utils import _evp_pkey_derive
8from cryptography.hazmat.primitives import serialization
9from cryptography.hazmat.primitives.asymmetric.x448 import (
10 X448PrivateKey,
11 X448PublicKey,
12)
14if typing.TYPE_CHECKING:
15 from cryptography.hazmat.backends.openssl.backend import Backend
17_X448_KEY_SIZE = 56
20class _X448PublicKey(X448PublicKey):
21 def __init__(self, backend: "Backend", evp_pkey):
22 self._backend = backend
23 self._evp_pkey = evp_pkey
25 def public_bytes(
26 self,
27 encoding: serialization.Encoding,
28 format: serialization.PublicFormat,
29 ) -> bytes:
30 if (
31 encoding is serialization.Encoding.Raw
32 or format is serialization.PublicFormat.Raw
33 ):
34 if (
35 encoding is not serialization.Encoding.Raw
36 or format is not serialization.PublicFormat.Raw
37 ):
38 raise ValueError(
39 "When using Raw both encoding and format must be Raw"
40 )
42 return self._raw_public_bytes()
44 return self._backend._public_key_bytes(
45 encoding, format, self, self._evp_pkey, None
46 )
48 def _raw_public_bytes(self) -> bytes:
49 buf = self._backend._ffi.new("unsigned char []", _X448_KEY_SIZE)
50 buflen = self._backend._ffi.new("size_t *", _X448_KEY_SIZE)
51 res = self._backend._lib.EVP_PKEY_get_raw_public_key(
52 self._evp_pkey, buf, buflen
53 )
54 self._backend.openssl_assert(res == 1)
55 self._backend.openssl_assert(buflen[0] == _X448_KEY_SIZE)
56 return self._backend._ffi.buffer(buf, _X448_KEY_SIZE)[:]
59class _X448PrivateKey(X448PrivateKey):
60 def __init__(self, backend: "Backend", evp_pkey):
61 self._backend = backend
62 self._evp_pkey = evp_pkey
64 def public_key(self) -> X448PublicKey:
65 buf = self._backend._ffi.new("unsigned char []", _X448_KEY_SIZE)
66 buflen = self._backend._ffi.new("size_t *", _X448_KEY_SIZE)
67 res = self._backend._lib.EVP_PKEY_get_raw_public_key(
68 self._evp_pkey, buf, buflen
69 )
70 self._backend.openssl_assert(res == 1)
71 self._backend.openssl_assert(buflen[0] == _X448_KEY_SIZE)
72 public_bytes = self._backend._ffi.buffer(buf)[:]
73 return self._backend.x448_load_public_bytes(public_bytes)
75 def exchange(self, peer_public_key: X448PublicKey) -> bytes:
76 if not isinstance(peer_public_key, X448PublicKey):
77 raise TypeError("peer_public_key must be X448PublicKey.")
79 return _evp_pkey_derive(self._backend, self._evp_pkey, peer_public_key)
81 def private_bytes(
82 self,
83 encoding: serialization.Encoding,
84 format: serialization.PrivateFormat,
85 encryption_algorithm: serialization.KeySerializationEncryption,
86 ) -> bytes:
87 if (
88 encoding is serialization.Encoding.Raw
89 or format is serialization.PublicFormat.Raw
90 ):
91 if (
92 format is not serialization.PrivateFormat.Raw
93 or encoding is not serialization.Encoding.Raw
94 or not isinstance(
95 encryption_algorithm, serialization.NoEncryption
96 )
97 ):
98 raise ValueError(
99 "When using Raw both encoding and format must be Raw "
100 "and encryption_algorithm must be NoEncryption()"
101 )
103 return self._raw_private_bytes()
105 return self._backend._private_key_bytes(
106 encoding, format, encryption_algorithm, self, self._evp_pkey, None
107 )
109 def _raw_private_bytes(self) -> bytes:
110 buf = self._backend._ffi.new("unsigned char []", _X448_KEY_SIZE)
111 buflen = self._backend._ffi.new("size_t *", _X448_KEY_SIZE)
112 res = self._backend._lib.EVP_PKEY_get_raw_private_key(
113 self._evp_pkey, buf, buflen
114 )
115 self._backend.openssl_assert(res == 1)
116 self._backend.openssl_assert(buflen[0] == _X448_KEY_SIZE)
117 return self._backend._ffi.buffer(buf, _X448_KEY_SIZE)[:]