Commit b8747324 authored by SVN-Git Migration's avatar SVN-Git Migration

Imported Upstream version 0.5.2

parent 84cdb4bb
Changelog
=========
0.5.2 - 2014-07-09
~~~~~~~~~~~~~~~~~~
* Add
:class:`~cryptography.hazmat.backends.interfaces.TraditionalOpenSSLSerializationBackend`
support to :doc:`/hazmat/backends/multibackend`.
* Fix compilation error on OS X 10.8 (Mountain Lion).
0.5.1 - 2014-07-07
~~~~~~~~~~~~~~~~~~
* Add
:class:`~cryptography.hazmat.backends.interfaces.PKCS8SerializationBackend`
support to :doc:`/hazmat/backends/multibackend`.
0.5 - 2014-07-07
~~~~~~~~~~~~~~~~
* **BACKWARDS INCOMPATIBLE:**
:class:`~cryptography.hazmat.primitives.ciphers.modes.GCM` no longer allows
truncation of tags by default. Previous versions of ``cryptography`` allowed
tags to be truncated by default, applications wishing to preserve this
behavior (not recommended) can pass the ``min_tag_length`` argument.
* Windows builds now statically link OpenSSL by default. When installing a
wheel on Windows you no longer need to install OpenSSL separately. Windows
users can switch between static and dynamic linking with an environment
variable. See :doc:`/installation` for more details.
* Added :class:`~cryptography.hazmat.primitives.kdf.hkdf.HKDFExpand`.
* Added :class:`~cryptography.hazmat.primitives.ciphers.modes.CFB8` support
for :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES` and
:class:`~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES` on
:doc:`/hazmat/backends/commoncrypto` and :doc:`/hazmat/backends/openssl`.
* Added ``AES`` :class:`~cryptography.hazmat.primitives.ciphers.modes.CTR`
support to the OpenSSL backend when linked against 0.9.8.
* Added
:class:`~cryptography.hazmat.backends.interfaces.PKCS8SerializationBackend`
and
:class:`~cryptography.hazmat.backends.interfaces.TraditionalOpenSSLSerializationBackend`
support to the :doc:`/hazmat/backends/openssl`.
* Added :doc:`/hazmat/primitives/asymmetric/ec` and
:class:`~cryptography.hazmat.backends.interfaces.EllipticCurveBackend`.
* Added :class:`~cryptography.hazmat.primitives.ciphers.modes.ECB` support
for :class:`~cryptography.hazmat.primitives.ciphers.algorithms.TripleDES` on
:doc:`/hazmat/backends/commoncrypto` and :doc:`/hazmat/backends/openssl`.
* Deprecated :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKey`
in favor of backend specific providers of the
:class:`~cryptography.hazmat.primitives.interfaces.RSAPrivateKey` interface.
* Deprecated :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPublicKey`
in favor of backend specific providers of the
:class:`~cryptography.hazmat.primitives.interfaces.RSAPublicKey` interface.
* Deprecated :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`
in favor of backend specific providers of the
:class:`~cryptography.hazmat.primitives.interfaces.DSAPrivateKey` interface.
* Deprecated :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPublicKey`
in favor of backend specific providers of the
:class:`~cryptography.hazmat.primitives.interfaces.DSAPublicKey` interface.
* Deprecated :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParameters`
in favor of backend specific providers of the
:class:`~cryptography.hazmat.primitives.interfaces.DSAParameters` interface.
* Deprecated ``encrypt_rsa``, ``decrypt_rsa``, ``create_rsa_signature_ctx`` and
``create_rsa_verification_ctx`` on
:class:`~cryptography.hazmat.backends.interfaces.RSABackend`.
* Deprecated ``create_dsa_signature_ctx`` and ``create_dsa_verification_ctx``
on :class:`~cryptography.hazmat.backends.interfaces.DSABackend`.
0.4 - 2014-05-03
~~~~~~~~~~~~~~~~
......
Metadata-Version: 1.1
Name: cryptography
Version: 0.4
Version: 0.5.2
Summary: cryptography is a package which provides cryptographic recipes and primitives to Python developers.
Home-page: https://github.com/pyca/cryptography
Author: The cryptography developers
......@@ -9,6 +9,10 @@ License: Apache License, Version 2.0
Description: Cryptography
============
.. image:: https://pypip.in/version/cryptography/badge.svg
:target: https://pypi.python.org/pypi/cryptography/
:alt: Latest Version
.. image:: https://travis-ci.org/pyca/cryptography.svg?branch=master
:target: https://travis-ci.org/pyca/cryptography
......
Cryptography
============
.. image:: https://pypip.in/version/cryptography/badge.svg
:target: https://pypi.python.org/pypi/cryptography/
:alt: Latest Version
.. image:: https://travis-ci.org/pyca/cryptography.svg?branch=master
:target: https://travis-ci.org/pyca/cryptography
......
Metadata-Version: 1.1
Name: cryptography
Version: 0.4
Version: 0.5.2
Summary: cryptography is a package which provides cryptographic recipes and primitives to Python developers.
Home-page: https://github.com/pyca/cryptography
Author: The cryptography developers
......@@ -9,6 +9,10 @@ License: Apache License, Version 2.0
Description: Cryptography
============
.. image:: https://pypip.in/version/cryptography/badge.svg
:target: https://pypi.python.org/pypi/cryptography/
:alt: Latest Version
.. image:: https://travis-ci.org/pyca/cryptography.svg?branch=master
:target: https://travis-ci.org/pyca/cryptography
......
......@@ -22,18 +22,34 @@ cryptography/hazmat/backends/interfaces.py
cryptography/hazmat/backends/multibackend.py
cryptography/hazmat/backends/commoncrypto/__init__.py
cryptography/hazmat/backends/commoncrypto/backend.py
cryptography/hazmat/backends/commoncrypto/ciphers.py
cryptography/hazmat/backends/commoncrypto/hashes.py
cryptography/hazmat/backends/commoncrypto/hmac.py
cryptography/hazmat/backends/openssl/__init__.py
cryptography/hazmat/backends/openssl/backend.py
cryptography/hazmat/backends/openssl/ciphers.py
cryptography/hazmat/backends/openssl/cmac.py
cryptography/hazmat/backends/openssl/dsa.py
cryptography/hazmat/backends/openssl/ec.py
cryptography/hazmat/backends/openssl/hashes.py
cryptography/hazmat/backends/openssl/hmac.py
cryptography/hazmat/backends/openssl/rsa.py
cryptography/hazmat/bindings/__init__.py
cryptography/hazmat/bindings/utils.py
cryptography/hazmat/bindings/__pycache__/_Cryptography_cffi_444d7397xa22f8491.c
cryptography/hazmat/bindings/__pycache__/_Cryptography_cffi_be05eb56x6daa9a79.c
cryptography/hazmat/bindings/__pycache__/_Cryptography_cffi_79a5b0a3x3a8a382.c
cryptography/hazmat/bindings/__pycache__/_Cryptography_cffi_d62b3d91x972e1c0b.c
cryptography/hazmat/bindings/commoncrypto/__init__.py
cryptography/hazmat/bindings/commoncrypto/binding.py
cryptography/hazmat/bindings/commoncrypto/cf.py
cryptography/hazmat/bindings/commoncrypto/common_cryptor.py
cryptography/hazmat/bindings/commoncrypto/common_digest.py
cryptography/hazmat/bindings/commoncrypto/common_hmac.py
cryptography/hazmat/bindings/commoncrypto/common_key_derivation.py
cryptography/hazmat/bindings/commoncrypto/secimport.py
cryptography/hazmat/bindings/commoncrypto/secitem.py
cryptography/hazmat/bindings/commoncrypto/seckey.py
cryptography/hazmat/bindings/commoncrypto/seckeychain.py
cryptography/hazmat/bindings/commoncrypto/sectransform.py
cryptography/hazmat/bindings/openssl/__init__.py
cryptography/hazmat/bindings/openssl/aes.py
cryptography/hazmat/bindings/openssl/asn1.py
......@@ -64,6 +80,7 @@ cryptography/hazmat/bindings/openssl/rand.py
cryptography/hazmat/bindings/openssl/rsa.py
cryptography/hazmat/bindings/openssl/ssl.py
cryptography/hazmat/bindings/openssl/x509.py
cryptography/hazmat/bindings/openssl/x509_vfy.py
cryptography/hazmat/bindings/openssl/x509name.py
cryptography/hazmat/bindings/openssl/x509v3.py
cryptography/hazmat/primitives/__init__.py
......@@ -73,10 +90,12 @@ cryptography/hazmat/primitives/hashes.py
cryptography/hazmat/primitives/hmac.py
cryptography/hazmat/primitives/interfaces.py
cryptography/hazmat/primitives/padding.py
cryptography/hazmat/primitives/serialization.py
cryptography/hazmat/primitives/__pycache__/_Cryptography_cffi_684bb40axf342507b.c
cryptography/hazmat/primitives/__pycache__/_Cryptography_cffi_8f86901cxc1767c5a.c
cryptography/hazmat/primitives/asymmetric/__init__.py
cryptography/hazmat/primitives/asymmetric/dsa.py
cryptography/hazmat/primitives/asymmetric/ec.py
cryptography/hazmat/primitives/asymmetric/padding.py
cryptography/hazmat/primitives/asymmetric/rsa.py
cryptography/hazmat/primitives/ciphers/__init__.py
......@@ -108,6 +127,7 @@ docs/random-numbers.rst
docs/security.rst
docs/spelling_wordlist.txt
docs/_static/.keep
docs/development/c-bindings.rst
docs/development/getting-started.rst
docs/development/index.rst
docs/development/reviewing-patches.rst
......@@ -139,9 +159,11 @@ docs/hazmat/primitives/padding.rst
docs/hazmat/primitives/symmetric-encryption.rst
docs/hazmat/primitives/twofactor.rst
docs/hazmat/primitives/asymmetric/dsa.rst
docs/hazmat/primitives/asymmetric/ec.rst
docs/hazmat/primitives/asymmetric/index.rst
docs/hazmat/primitives/asymmetric/padding.rst
docs/hazmat/primitives/asymmetric/rsa.rst
docs/hazmat/primitives/asymmetric/serialization.rst
docs/hazmat/primitives/mac/cmac.rst
docs/hazmat/primitives/mac/hmac.rst
docs/hazmat/primitives/mac/index.rst
......@@ -159,6 +181,8 @@ tests/hazmat/bindings/test_commoncrypto.py
tests/hazmat/bindings/test_openssl.py
tests/hazmat/bindings/test_utils.py
tests/hazmat/primitives/__init__.py
tests/hazmat/primitives/fixtures_dsa.py
tests/hazmat/primitives/fixtures_rsa.py
tests/hazmat/primitives/test_3des.py
tests/hazmat/primitives/test_aes.py
tests/hazmat/primitives/test_arc4.py
......@@ -170,6 +194,7 @@ tests/hazmat/primitives/test_ciphers.py
tests/hazmat/primitives/test_cmac.py
tests/hazmat/primitives/test_constant_time.py
tests/hazmat/primitives/test_dsa.py
tests/hazmat/primitives/test_ec.py
tests/hazmat/primitives/test_hash_vectors.py
tests/hazmat/primitives/test_hashes.py
tests/hazmat/primitives/test_hkdf.py
......@@ -182,6 +207,7 @@ tests/hazmat/primitives/test_pbkdf2hmac.py
tests/hazmat/primitives/test_pbkdf2hmac_vectors.py
tests/hazmat/primitives/test_rsa.py
tests/hazmat/primitives/test_seed.py
tests/hazmat/primitives/test_serialization.py
tests/hazmat/primitives/utils.py
tests/hazmat/primitives/twofactor/__init__.py
tests/hazmat/primitives/twofactor/test_hotp.py
......
cffi>=0.8
six>=1.4.1
\ No newline at end of file
six>=1.4.1
......@@ -22,10 +22,10 @@ __summary__ = ("cryptography is a package which provides cryptographic recipes"
" and primitives to Python developers.")
__uri__ = "https://github.com/pyca/cryptography"
__version__ = "0.4"
__version__ = "0.5.2"
__author__ = "The cryptography developers"
__email__ = "cryptography-dev@python.org"
__license__ = "Apache License, Version 2.0"
__copyright__ = "Copyright 2013-2014 %s" % __author__
__copyright__ = "Copyright 2013-2014 {0}".format(__author__)
......@@ -21,6 +21,8 @@ class _Reasons(object):
UNSUPPORTED_PADDING = object()
UNSUPPORTED_MGF = object()
UNSUPPORTED_PUBLIC_KEY_ALGORITHM = object()
UNSUPPORTED_ELLIPTIC_CURVE = object()
UNSUPPORTED_SERIALIZATION = object()
class UnsupportedAlgorithm(Exception):
......
......@@ -43,7 +43,7 @@ class Fernet(object):
key = base64.urlsafe_b64decode(key)
if len(key) != 32:
raise ValueError(
"Fernet key must be 32 url-safe base64-encoded bytes"
"Fernet key must be 32 url-safe base64-encoded bytes."
)
self._signing_key = key[:16]
......@@ -60,10 +60,8 @@ class Fernet(object):
return self._encrypt_from_parts(data, current_time, iv)
def _encrypt_from_parts(self, data, current_time, iv):
if isinstance(data, six.text_type):
raise TypeError(
"Unicode-objects must be encoded before encryption"
)
if not isinstance(data, bytes):
raise TypeError("data must be bytes.")
padder = padding.PKCS7(algorithms.AES.block_size).padder()
padded_data = padder.update(data) + padder.finalize()
......@@ -82,10 +80,8 @@ class Fernet(object):
return base64.urlsafe_b64encode(basic_parts + hmac)
def decrypt(self, token, ttl=None):
if isinstance(token, six.text_type):
raise TypeError(
"Unicode-objects must be encoded before decryption"
)
if not isinstance(token, bytes):
raise TypeError("token must be bytes.")
current_time = int(time.time())
......
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from __future__ import absolute_import, division, print_function
from cryptography import utils
from cryptography.exceptions import (
InvalidTag, UnsupportedAlgorithm, _Reasons
)
from cryptography.hazmat.primitives import constant_time, interfaces
from cryptography.hazmat.primitives.ciphers.modes import (
CFB, CFB8, CTR, OFB
)
@utils.register_interface(interfaces.CipherContext)
class _CipherContext(object):
def __init__(self, backend, cipher, mode, operation):
self._backend = backend
self._cipher = cipher
self._mode = mode
self._operation = operation
# There is a bug in CommonCrypto where block ciphers do not raise
# kCCAlignmentError when finalizing if you supply non-block aligned
# data. To work around this we need to keep track of the block
# alignment ourselves, but only for alg+mode combos that require
# block alignment. OFB, CFB, and CTR make a block cipher algorithm
# into a stream cipher so we don't need to track them (and thus their
# block size is effectively 1 byte just like OpenSSL/CommonCrypto
# treat RC4 and other stream cipher block sizes).
# This bug has been filed as rdar://15589470
self._bytes_processed = 0
if (isinstance(cipher, interfaces.BlockCipherAlgorithm) and not
isinstance(mode, (OFB, CFB, CFB8, CTR))):
self._byte_block_size = cipher.block_size // 8
else:
self._byte_block_size = 1
registry = self._backend._cipher_registry
try:
cipher_enum, mode_enum = registry[type(cipher), type(mode)]
except KeyError:
raise UnsupportedAlgorithm(
"cipher {0} in {1} mode is not supported "
"by this backend.".format(
cipher.name, mode.name if mode else mode),
_Reasons.UNSUPPORTED_CIPHER
)
ctx = self._backend._ffi.new("CCCryptorRef *")
ctx = self._backend._ffi.gc(ctx, self._backend._release_cipher_ctx)
if isinstance(mode, interfaces.ModeWithInitializationVector):
iv_nonce = mode.initialization_vector
elif isinstance(mode, interfaces.ModeWithNonce):
iv_nonce = mode.nonce
else:
iv_nonce = self._backend._ffi.NULL
if isinstance(mode, CTR):
mode_option = self._backend._lib.kCCModeOptionCTR_BE
else:
mode_option = 0
res = self._backend._lib.CCCryptorCreateWithMode(
operation,
mode_enum, cipher_enum,
self._backend._lib.ccNoPadding, iv_nonce,
cipher.key, len(cipher.key),
self._backend._ffi.NULL, 0, 0, mode_option, ctx)
self._backend._check_cipher_response(res)
self._ctx = ctx
def update(self, data):
# Count bytes processed to handle block alignment.
self._bytes_processed += len(data)
buf = self._backend._ffi.new(
"unsigned char[]", len(data) + self._byte_block_size - 1)
outlen = self._backend._ffi.new("size_t *")
res = self._backend._lib.CCCryptorUpdate(
self._ctx[0], data, len(data), buf,
len(data) + self._byte_block_size - 1, outlen)
self._backend._check_cipher_response(res)
return self._backend._ffi.buffer(buf)[:outlen[0]]
def finalize(self):
# Raise error if block alignment is wrong.
if self._bytes_processed % self._byte_block_size:
raise ValueError(
"The length of the provided data is not a multiple of "
"the block length."
)
buf = self._backend._ffi.new("unsigned char[]", self._byte_block_size)
outlen = self._backend._ffi.new("size_t *")
res = self._backend._lib.CCCryptorFinal(
self._ctx[0], buf, len(buf), outlen)
self._backend._check_cipher_response(res)
self._backend._release_cipher_ctx(self._ctx)
return self._backend._ffi.buffer(buf)[:outlen[0]]
@utils.register_interface(interfaces.AEADCipherContext)
@utils.register_interface(interfaces.AEADEncryptionContext)
class _GCMCipherContext(object):
def __init__(self, backend, cipher, mode, operation):
self._backend = backend
self._cipher = cipher
self._mode = mode
self._operation = operation
self._tag = None
registry = self._backend._cipher_registry
try:
cipher_enum, mode_enum = registry[type(cipher), type(mode)]
except KeyError:
raise UnsupportedAlgorithm(
"cipher {0} in {1} mode is not supported "
"by this backend.".format(
cipher.name, mode.name if mode else mode),
_Reasons.UNSUPPORTED_CIPHER
)
ctx = self._backend._ffi.new("CCCryptorRef *")
ctx = self._backend._ffi.gc(ctx, self._backend._release_cipher_ctx)
self._ctx = ctx
res = self._backend._lib.CCCryptorCreateWithMode(
operation,
mode_enum, cipher_enum,
self._backend._lib.ccNoPadding,
self._backend._ffi.NULL,
cipher.key, len(cipher.key),
self._backend._ffi.NULL, 0, 0, 0, self._ctx)
self._backend._check_cipher_response(res)
res = self._backend._lib.CCCryptorGCMAddIV(
self._ctx[0],
mode.initialization_vector,
len(mode.initialization_vector)
)
self._backend._check_cipher_response(res)
def update(self, data):
buf = self._backend._ffi.new("unsigned char[]", len(data))
args = (self._ctx[0], data, len(data), buf)
if self._operation == self._backend._lib.kCCEncrypt:
res = self._backend._lib.CCCryptorGCMEncrypt(*args)
else:
res = self._backend._lib.CCCryptorGCMDecrypt(*args)
self._backend._check_cipher_response(res)
return self._backend._ffi.buffer(buf)[:]
def finalize(self):
tag_size = self._cipher.block_size // 8
tag_buf = self._backend._ffi.new("unsigned char[]", tag_size)
tag_len = self._backend._ffi.new("size_t *", tag_size)
res = self._backend._lib.CCCryptorGCMFinal(
self._ctx[0], tag_buf, tag_len
)
self._backend._check_cipher_response(res)
self._backend._release_cipher_ctx(self._ctx)
self._tag = self._backend._ffi.buffer(tag_buf)[:]
if (self._operation == self._backend._lib.kCCDecrypt and
not constant_time.bytes_eq(
self._tag[:len(self._mode.tag)], self._mode.tag
)):
raise InvalidTag
return b""
def authenticate_additional_data(self, data):
res = self._backend._lib.CCCryptorGCMAddAAD(
self._ctx[0], data, len(data)
)
self._backend._check_cipher_response(res)
@property
def tag(self):
return self._tag
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from __future__ import absolute_import, division, print_function
from cryptography import utils
from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
from cryptography.hazmat.primitives import interfaces
@utils.register_interface(interfaces.HashContext)
class _HashContext(object):
def __init__(self, backend, algorithm, ctx=None):
self.algorithm = algorithm
self._backend = backend
if ctx is None:
try:
methods = self._backend._hash_mapping[self.algorithm.name]
except KeyError:
raise UnsupportedAlgorithm(
"{0} is not a supported hash on this backend.".format(
algorithm.name),
_Reasons.UNSUPPORTED_HASH
)
ctx = self._backend._ffi.new(methods.ctx)
res = methods.hash_init(ctx)
assert res == 1
self._ctx = ctx
def copy(self):
methods = self._backend._hash_mapping[self.algorithm.name]
new_ctx = self._backend._ffi.new(methods.ctx)
# CommonCrypto has no APIs for copying hashes, so we have to copy the
# underlying struct.
new_ctx[0] = self._ctx[0]
return _HashContext(self._backend, self.algorithm, ctx=new_ctx)
def update(self, data):
methods = self._backend._hash_mapping[self.algorithm.name]
res = methods.hash_update(self._ctx, data, len(data))
assert res == 1
def finalize(self):
methods = self._backend._hash_mapping[self.algorithm.name]
buf = self._backend._ffi.new("unsigned char[]",
self.algorithm.digest_size)
res = methods.hash_final(buf, self._ctx)
assert res == 1
return self._backend._ffi.buffer(buf)[:]
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from __future__ import absolute_import, division, print_function
from cryptography import utils
from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
from cryptography.hazmat.primitives import interfaces
@utils.register_interface(interfaces.HashContext)
class _HMACContext(object):
def __init__(self, backend, key, algorithm, ctx=None):
self.algorithm = algorithm
self._backend = backend
if ctx is None:
ctx = self._backend._ffi.new("CCHmacContext *")
try:
alg = self._backend._supported_hmac_algorithms[algorithm.name]
except KeyError:
raise UnsupportedAlgorithm(
"{0} is not a supported HMAC hash on this backend.".format(
algorithm.name),
_Reasons.UNSUPPORTED_HASH
)
self._backend._lib.CCHmacInit(ctx, alg, key, len(key))
self._ctx = ctx
self._key = key
def copy(self):
copied_ctx = self._backend._ffi.new("CCHmacContext *")
# CommonCrypto has no APIs for copying HMACs, so we have to copy the
# underlying struct.
copied_ctx[0] = self._ctx[0]
return _HMACContext(
self._backend, self._key, self.algorithm, ctx=copied_ctx
)
def update(self, data):
self._backend._lib.CCHmacUpdate(self._ctx, data, len(data))
def finalize(self):
buf = self._backend._ffi.new("unsigned char[]",
self.algorithm.digest_size)
self._backend._lib.CCHmacFinal(self._ctx, buf)
return self._backend._ffi.buffer(buf)[:]
......@@ -129,6 +129,31 @@ class RSABackend(object):
Returns encrypted bytes.
"""
@abc.abstractmethod
def rsa_padding_supported(self, padding):
"""
Returns True if the backend supports the given padding options.
"""
@abc.abstractmethod
def generate_rsa_parameters_supported(self, public_exponent, key_size):
"""
Returns True if the backend supports the given parameters for key
generation.
"""
@abc.abstractmethod
def load_rsa_private_numbers(self, numbers):
"""
Returns an RSAPrivateKey provider.
"""
@abc.abstractmethod
def load_rsa_public_numbers(self, numbers):
"""
Returns an RSAPublicKey provider.
"""
@six.add_metaclass(abc.ABCMeta)
class DSABackend(object):
......@@ -141,8 +166,14 @@ class DSABackend(object):
@abc.abstractmethod
def generate_dsa_private_key(self, parameters):
"""
Generate an DSAPrivateKey instance with parameters as
a DSAParameters object.
Generate a DSAPrivateKey instance with parameters as a DSAParameters
object.
"""
@abc.abstractmethod
def generate_dsa_private_key_and_parameters(self, key_size):
"""
Generate a DSAPrivateKey instance using key size only.
"""
@abc.abstractmethod
......@@ -171,6 +202,24 @@ class DSABackend(object):
Return True if the parameters are supported by the backend for DSA.
"""
@abc.abstractmethod
def load_dsa_private_numbers(self, numbers):
"""
Returns a DSAPrivateKey provider.
"""
@abc.abstractmethod
def load_dsa_public_numbers(self, numbers):
"""
Returns a DSAPublicKey provider.
"""
@abc.abstractmethod
def load_dsa_parameter_numbers(self, numbers):
"""
Returns a DSAParameters provider.
"""
@six.add_metaclass(abc.ABCMeta)
class TraditionalOpenSSLSerializationBackend(object):
......@@ -182,6 +231,16 @@ class TraditionalOpenSSLSerializationBackend(object):
"""
@six.add_metaclass(abc.ABCMeta)
class PKCS8SerializationBackend(object):
@abc.abstractmethod