diff options
author | Matěj Cepl <mcepl@cepl.eu> | 2017-09-18 19:01:41 +0200 |
---|---|---|
committer | Matěj Cepl <mcepl@cepl.eu> | 2017-09-20 17:14:13 +0200 |
commit | 6adde3175c8d5b95d64122681daa790a6f572a32 (patch) | |
tree | 4dafda28bc03d83edc33d23f9aedb08b19d96d3b | |
parent | db5bd9a8b495f57117791a160a5662001ff96e22 (diff) | |
download | m2crypto-6adde3175c8d5b95d64122681daa790a6f572a32.tar.gz |
Don't use deprecated *_generate_key functions, update.
-rw-r--r-- | M2Crypto/DH.py | 4 | ||||
-rw-r--r-- | SWIG/_dh.i | 45 | ||||
-rw-r--r-- | SWIG/_dsa.i | 44 | ||||
-rw-r--r-- | SWIG/_lib.h | 4 | ||||
-rw-r--r-- | SWIG/_lib.i | 12 | ||||
-rw-r--r-- | SWIG/_lib11_compat.i | 2 | ||||
-rw-r--r-- | SWIG/_rsa.i | 60 | ||||
-rw-r--r-- | tests/test_dh.py | 1 |
8 files changed, 105 insertions, 67 deletions
diff --git a/M2Crypto/DH.py b/M2Crypto/DH.py index 3864087..c94f13b 100644 --- a/M2Crypto/DH.py +++ b/M2Crypto/DH.py @@ -85,7 +85,9 @@ class DH: def gen_params(plen, g, callback=genparam_callback): # type: (int, int, Optional[Callable]) -> DH - return DH(m2.dh_generate_parameters(plen, g, callback), 1) + dh_parms = m2.dh_generate_parameters(plen, g, callback) + dh_obj = DH(dh_parms, 1) + return dh_obj def load_params(file): @@ -54,30 +54,35 @@ DH *dh_read_parameters(BIO *bio) { return PEM_read_bio_DHparams(bio, NULL, NULL, NULL); } -void gendh_callback(int p, int n, void *arg) { - PyObject *argv, *ret, *cbfunc; - - cbfunc = (PyObject *)arg; - argv = Py_BuildValue("(ii)", p, n); - ret = PyEval_CallObject(cbfunc, argv); - PyErr_Clear(); - Py_DECREF(argv); - Py_XDECREF(ret); -} - DH *dh_generate_parameters(int plen, int g, PyObject *pyfunc) { DH *dh; + BN_GENCB *gencb; + int ret; + + if ((gencb=BN_GENCB_new()) == NULL) { + PyErr_SetString(_dh_err, ERR_reason_error_string(ERR_get_error())); + return NULL; + } + + if ((dh=DH_new()) == NULL) { + PyErr_SetString(_dh_err, ERR_reason_error_string(ERR_get_error())); + BN_GENCB_free(gencb); + return NULL; + } + + BN_GENCB_set(gencb, bn_gencb_callback, (void *)pyfunc); -#if OPENSSL_VERSION_NUMBER >= 0x11100000L - PyErr_WarnEx(PyExc_DeprecationWarning, - "Function DH_generate_parameters has been deprecated.", 1)) -#endif Py_INCREF(pyfunc); - dh = DH_generate_parameters(plen, g, gendh_callback, (void *)pyfunc); + ret = DH_generate_parameters_ex(dh, plen, g, gencb); Py_DECREF(pyfunc); - if (!dh) - PyErr_SetString(_dh_err, ERR_reason_error_string(ERR_get_error())); - return dh; + BN_GENCB_free(gencb); + + if (ret) + return dh; + + PyErr_SetString(_dh_err, ERR_reason_error_string(ERR_get_error())); + DH_free(dh); + return NULL; } /* Note return value shenanigan. */ @@ -123,7 +128,7 @@ PyObject *dh_compute_key(DH *dh, PyObject *pubkey) { PyMem_Free(key); return ret; } - + PyObject *dh_get_p(DH *dh) { const BIGNUM* p = NULL; DH_get0_pqg(dh, &p, NULL, NULL); diff --git a/SWIG/_dsa.i b/SWIG/_dsa.i index d6ed51d..0438089 100644 --- a/SWIG/_dsa.i +++ b/SWIG/_dsa.i @@ -40,30 +40,36 @@ void dsa_init(PyObject *dsa_err) { _dsa_err = dsa_err; } -void genparam_callback(int p, int n, void *arg) { - PyObject *argv, *ret, *cbfunc; - - cbfunc = (PyObject *)arg; - argv = Py_BuildValue("(ii)", p, n); - ret = PyEval_CallObject(cbfunc, argv); - PyErr_Clear(); - Py_DECREF(argv); - Py_XDECREF(ret); -} - DSA *dsa_generate_parameters(int bits, PyObject *pyfunc) { DSA *dsa; + BN_GENCB *gencb; + int ret; + + if ((gencb=BN_GENCB_new()) == NULL) { + PyErr_SetString(_dh_err, ERR_reason_error_string(ERR_get_error())); + return NULL; + } + + if ((dsa = DSA_new()) == NULL) { + PyErr_SetString(_dsa_err, ERR_reason_error_string(ERR_get_error())); + BN_GENCB_free(gencb); + return NULL; + } + + BN_GENCB_set(gencb, bn_gencb_callback, (void *) pyfunc); -#if OPENSSL_VERSION_NUMBER >= 0x11100000L - PyErr_WarnEx(PyExc_DeprecationWarning, - "Function DSA_generate_parameters has been deprecated.", 1)) -#endif Py_INCREF(pyfunc); - dsa = DSA_generate_parameters(bits, NULL, 0, NULL, NULL, genparam_callback, (void *)pyfunc); + ret = DSA_generate_parameters_ex(dsa, bits, NULL, 0, NULL, NULL, + gencb); Py_DECREF(pyfunc); - if (!dsa) - PyErr_SetString(_dsa_err, ERR_reason_error_string(ERR_get_error())); - return dsa; + BN_GENCB_free(gencb); + + if (ret) + return dsa; + + PyErr_SetString(_dsa_err, ERR_reason_error_string(ERR_get_error())); + DSA_free(dsa); + return NULL; } PyObject *dsa_get_p(DSA *dsa) { diff --git a/SWIG/_lib.h b/SWIG/_lib.h index 5c36c0c..e8a8645 100644 --- a/SWIG/_lib.h +++ b/SWIG/_lib.h @@ -1,6 +1,8 @@ /* Copyright (c) 1999 Ng Pheng Siong. All rights reserved. */ /* $Id$ */ +#include <openssl/bn.h> + typedef struct _blob { unsigned char *data; int len; @@ -20,7 +22,7 @@ static BIGNUM* m2_PyObject_AsBIGNUM(PyObject* value, PyObject* _py_exc) ; static int m2_PyObject_GetBufferInt(PyObject *obj, Py_buffer *view, int flags); static void m2_PyBuffer_Release(PyObject *obj, Py_buffer *view); -void gen_callback(int p, int n, void *arg); +int bn_gencb_callback(int p, int n, BN_GENCB *gencb); int passphrase_callback(char *buf, int num, int v, void *userdata); void lib_init(void); diff --git a/SWIG/_lib.i b/SWIG/_lib.i index 80496d3..4365c4e 100644 --- a/SWIG/_lib.i +++ b/SWIG/_lib.i @@ -2,6 +2,7 @@ /* $Id$ */ %{ +#include <openssl/bn.h> #include <openssl/dh.h> #include <openssl/err.h> #include <openssl/evp.h> @@ -424,17 +425,18 @@ RSA *ssl_set_tmp_rsa_callback(SSL *ssl, int is_export, int keylength) { return rsa; } -void gen_callback(int p, int n, void *arg) { +/* Universal callback for dh_generate_parameters, + * dsa_generate_parametersm, and rsa_generate_key */ +int bn_gencb_callback(int p, int n, BN_GENCB *gencb) { PyObject *argv, *ret, *cbfunc; - PyGILState_STATE gilstate; - gilstate = PyGILState_Ensure(); - cbfunc = (PyObject *)arg; + cbfunc = (PyObject *)BN_GENCB_get_arg(gencb); argv = Py_BuildValue("(ii)", p, n); ret = PyEval_CallObject(cbfunc, argv); + PyErr_Clear(); Py_DECREF(argv); Py_XDECREF(ret); - PyGILState_Release(gilstate); + return 1; } int passphrase_callback(char *buf, int num, int v, void *arg) { diff --git a/SWIG/_lib11_compat.i b/SWIG/_lib11_compat.i index ad9e700..1ec42dd 100644 --- a/SWIG/_lib11_compat.i +++ b/SWIG/_lib11_compat.i @@ -30,6 +30,8 @@ static void *CRYPTO_zalloc(size_t num, const char *file, int line) # define BN_F_BN_GENCB_NEW 143 #endif +# define BN_GENCB_get_arg(gencb) ((gencb)->arg) + BN_GENCB *BN_GENCB_new(void) { BN_GENCB *ret; diff --git a/SWIG/_rsa.i b/SWIG/_rsa.i index cfea61c..c8a37cf 100644 --- a/SWIG/_rsa.i +++ b/SWIG/_rsa.i @@ -427,33 +427,51 @@ int rsa_verify(RSA *rsa, PyObject *py_verify_string, PyObject* py_sign_string, i return ret; } -void genrsa_callback(int p, int n, void *arg) { - PyObject *argv, *ret, *cbfunc; - - cbfunc = (PyObject *)arg; - argv = Py_BuildValue("(ii)", p, n); - ret = PyEval_CallObject(cbfunc, argv); - PyErr_Clear(); - Py_DECREF(argv); - Py_XDECREF(ret); -} - PyObject *rsa_generate_key(int bits, unsigned long e, PyObject *pyfunc) { RSA *rsa; PyObject *self = NULL; /* bug in SWIG_NewPointerObj as of 3.0.5 */ + BN_GENCB *gencb; + BIGNUM *e_big; + int ret; - Py_INCREF(pyfunc); -#if OPENSSL_VERSION_NUMBER >= 0x11100000L - PyErr_WarnEx(PyExc_DeprecationWarning, - "Function RSA_generate_key has been deprecated.", 1)) -#endif - rsa = RSA_generate_key(bits, e, genrsa_callback, (void *)pyfunc); - Py_DECREF(pyfunc); - if (!rsa) { + if ((e_big=BN_new()) == NULL) { PyErr_SetString(_rsa_err, ERR_reason_error_string(ERR_get_error())); - return NULL; + return NULL; } - return SWIG_NewPointerObj((void *)rsa, SWIGTYPE_p_RSA, 0); + + if (BN_set_word(e_big, e) == 0) { + PyErr_SetString(_rsa_err, ERR_reason_error_string(ERR_get_error())); + BN_free(e_big); + return NULL; + } + + if ((gencb=BN_GENCB_new()) == NULL) { + PyErr_SetString(_rsa_err, ERR_reason_error_string(ERR_get_error())); + BN_free(e_big); + return NULL; + } + + if ((rsa = RSA_new()) == NULL) { + PyErr_SetString(_rsa_err, ERR_reason_error_string(ERR_get_error())); + BN_free(e_big); + BN_GENCB_free(gencb); + return NULL; + } + + BN_GENCB_set(gencb, bn_gencb_callback, (void *) pyfunc); + + Py_INCREF(pyfunc); + ret = RSA_generate_key_ex(rsa, bits, e_big, gencb); + BN_free(e_big); + BN_GENCB_free(gencb); + Py_DECREF(pyfunc); + + if (ret) + return SWIG_NewPointerObj((void *)rsa, SWIGTYPE_p_RSA, 0); + + PyErr_SetString(_rsa_err, ERR_reason_error_string(ERR_get_error())); + RSA_free(rsa); + return NULL; } int rsa_type_check(RSA *rsa) { diff --git a/tests/test_dh.py b/tests/test_dh.py index d5920da..20b763a 100644 --- a/tests/test_dh.py +++ b/tests/test_dh.py @@ -11,6 +11,7 @@ except ImportError: from M2Crypto import DH, BIO, Rand + class DHTestCase(unittest.TestCase): params = 'tests/dhparam.pem' |