blob: 9503075459b950c21e73e0f5b8de920fb8c0172b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
""" _curves.py
specify some additional curves that OpenSSL provides but cryptography doesn't explicitly expose
"""
from cryptography import utils
from cryptography.hazmat.primitives.asymmetric import ec
from cryptography.hazmat.bindings.openssl.binding import Binding
__all__ = tuple()
# TODO: investigate defining additional curves using EC_GROUP_new_curve
# https://wiki.openssl.org/index.php/Elliptic_Curve_Cryptography#Defining_Curves
def _openssl_get_supported_curves():
if hasattr(_openssl_get_supported_curves, '_curves'):
return _openssl_get_supported_curves._curves
# use cryptography's cffi bindings to get an array of curve names
b = Binding()
cn = b.lib.EC_get_builtin_curves(b.ffi.NULL, 0)
cs = b.ffi.new('EC_builtin_curve[]', cn)
b.lib.EC_get_builtin_curves(cs, cn)
# store the result so we don't have to do all of this every time
curves = { b.ffi.string(b.lib.OBJ_nid2sn(c.nid)).decode('utf-8') for c in cs }
_openssl_get_supported_curves._curves = curves
return curves
@utils.register_interface(ec.EllipticCurve)
class BrainpoolP256R1(object):
name = 'brainpoolP256r1'
key_size = 256
@utils.register_interface(ec.EllipticCurve)
class BrainpoolP384R1(object):
name = 'brainpoolP384r1'
key_size = 384
@utils.register_interface(ec.EllipticCurve)
class BrainpoolP512R1(object):
name = 'brainpoolP512r1'
key_size = 512
# add these curves to the _CURVE_TYPES list
for curve in [BrainpoolP256R1, BrainpoolP384R1, BrainpoolP512R1]:
if curve.name not in ec._CURVE_TYPES and curve.name in _openssl_get_supported_curves():
ec._CURVE_TYPES[curve.name] = curve
|