DSA support

pyca · May 3, 2014 · 595393d · 595393d
1 parent d798d7a
commit 595393d
Show file tree

Hide file tree

Showing 2 changed files with 36 additions and 0 deletions.
diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py
@@ -396,9 +396,23 @@ def _evp_pkey_to_private_key(self, evp_pkey):
             assert rsa_cdata != self._ffi.NULL
             rsa_cdata = self._ffi.gc(rsa_cdata, self._lib.RSA_free)
             return self._rsa_cdata_to_private_key(rsa_cdata)
+        elif type == self._lib.EVP_PKEY_DSA:
+            dsa_cdata = self._lib.EVP_PKEY_get1_DSA(evp_pkey)
+            assert dsa_cdata != self._ffi.NULL
+            dsa_cdata = self._ffi.gc(dsa_cdata, self._lib.DSA_free)
+            return self._dsa_cdata_to_private_key(dsa_cdata)
         else:
             raise UnsupportedAlgorithm("Unsupported key type.")
 
+    def _dsa_cdata_to_private_key(self, cdata):
+        return dsa.DSAPrivateKey(
+            modulus=self._bn_to_int(cdata.p),
+            subgroup_order=self._bn_to_int(cdata.q),
+            generator=self._bn_to_int(cdata.g),
+            x=self._bn_to_int(cdata.priv_key),
+            y=self._bn_to_int(cdata.pub_key)
+        )
+
     def _rsa_cdata_to_private_key(self, cdata):
         return rsa.RSAPrivateKey(
             p=self._bn_to_int(cdata.p),

diff --git a/tests/hazmat/primitives/test_serialization.py b/tests/hazmat/primitives/test_serialization.py
@@ -19,6 +19,7 @@
 
 import pytest
 
+from cryptography.hazmat.primitives.asymmetric import dsa, rsa
 from cryptography.hazmat.primitives.serialization import (
     load_pem_traditional_openssl_private_key
 )
@@ -48,8 +49,29 @@ def test_load_pem_rsa_private_key(self, key_file, password, backend):
         )
 
         assert key
+        assert isinstance(key, rsa.RSAPrivateKey)
         _check_rsa_private_key(key)
 
+    @pytest.mark.parametrize(
+        ("key_file", "password"),
+        [
+            ("dsa.1024.pem", None),
+            ("dsa.2048.pem", None),
+            ("dsa.3072.pem", None),
+        ]
+    )
+    def test_load_pem_dsa_private_key(self, key_file, password, backend):
+        key = load_vectors_from_file(
+            os.path.join(
+                "asymmetric", "Traditional_OpenSSL_Serialization", key_file),
+            lambda pemfile: load_pem_traditional_openssl_private_key(
+                pemfile.read().encode(), password, backend
+            )
+        )
+
+        assert key
+        assert isinstance(key, dsa.DSAPrivateKey)
+
     def test_key1_pem_encrypted_values(self, backend):
         pkey = load_vectors_from_file(
             os.path.join(