Hide keyboard shortcuts

Hot-keys on this page

r m x p   toggle line displays

j k   next/prev highlighted chunk

0   (zero) top of page

1   (one) first highlighted chunk

1# This file is dual licensed under the terms of the Apache License, Version 

2# 2.0, and the BSD License. See the LICENSE file in the root of this repository 

3# for complete details. 

4 

5 

6import abc 

7 

8 

9class CipherBackend(metaclass=abc.ABCMeta): 

10 @abc.abstractmethod 

11 def cipher_supported(self, cipher, mode): 

12 """ 

13 Return True if the given cipher and mode are supported. 

14 """ 

15 

16 @abc.abstractmethod 

17 def create_symmetric_encryption_ctx(self, cipher, mode): 

18 """ 

19 Get a CipherContext that can be used for encryption. 

20 """ 

21 

22 @abc.abstractmethod 

23 def create_symmetric_decryption_ctx(self, cipher, mode): 

24 """ 

25 Get a CipherContext that can be used for decryption. 

26 """ 

27 

28 

29class HashBackend(metaclass=abc.ABCMeta): 

30 @abc.abstractmethod 

31 def hash_supported(self, algorithm): 

32 """ 

33 Return True if the hash algorithm is supported by this backend. 

34 """ 

35 

36 @abc.abstractmethod 

37 def create_hash_ctx(self, algorithm): 

38 """ 

39 Create a HashContext for calculating a message digest. 

40 """ 

41 

42 

43class HMACBackend(metaclass=abc.ABCMeta): 

44 @abc.abstractmethod 

45 def hmac_supported(self, algorithm): 

46 """ 

47 Return True if the hash algorithm is supported for HMAC by this 

48 backend. 

49 """ 

50 

51 @abc.abstractmethod 

52 def create_hmac_ctx(self, key, algorithm): 

53 """ 

54 Create a context for calculating a message authentication code. 

55 """ 

56 

57 

58class CMACBackend(metaclass=abc.ABCMeta): 

59 @abc.abstractmethod 

60 def cmac_algorithm_supported(self, algorithm): 

61 """ 

62 Returns True if the block cipher is supported for CMAC by this backend 

63 """ 

64 

65 @abc.abstractmethod 

66 def create_cmac_ctx(self, algorithm): 

67 """ 

68 Create a context for calculating a message authentication code. 

69 """ 

70 

71 

72class PBKDF2HMACBackend(metaclass=abc.ABCMeta): 

73 @abc.abstractmethod 

74 def pbkdf2_hmac_supported(self, algorithm): 

75 """ 

76 Return True if the hash algorithm is supported for PBKDF2 by this 

77 backend. 

78 """ 

79 

80 @abc.abstractmethod 

81 def derive_pbkdf2_hmac( 

82 self, algorithm, length, salt, iterations, key_material 

83 ): 

84 """ 

85 Return length bytes derived from provided PBKDF2 parameters. 

86 """ 

87 

88 

89class RSABackend(metaclass=abc.ABCMeta): 

90 @abc.abstractmethod 

91 def generate_rsa_private_key(self, public_exponent, key_size): 

92 """ 

93 Generate an RSAPrivateKey instance with public_exponent and a modulus 

94 of key_size bits. 

95 """ 

96 

97 @abc.abstractmethod 

98 def rsa_padding_supported(self, padding): 

99 """ 

100 Returns True if the backend supports the given padding options. 

101 """ 

102 

103 @abc.abstractmethod 

104 def generate_rsa_parameters_supported(self, public_exponent, key_size): 

105 """ 

106 Returns True if the backend supports the given parameters for key 

107 generation. 

108 """ 

109 

110 @abc.abstractmethod 

111 def load_rsa_private_numbers(self, numbers): 

112 """ 

113 Returns an RSAPrivateKey provider. 

114 """ 

115 

116 @abc.abstractmethod 

117 def load_rsa_public_numbers(self, numbers): 

118 """ 

119 Returns an RSAPublicKey provider. 

120 """ 

121 

122 

123class DSABackend(metaclass=abc.ABCMeta): 

124 @abc.abstractmethod 

125 def generate_dsa_parameters(self, key_size): 

126 """ 

127 Generate a DSAParameters instance with a modulus of key_size bits. 

128 """ 

129 

130 @abc.abstractmethod 

131 def generate_dsa_private_key(self, parameters): 

132 """ 

133 Generate a DSAPrivateKey instance with parameters as a DSAParameters 

134 object. 

135 """ 

136 

137 @abc.abstractmethod 

138 def generate_dsa_private_key_and_parameters(self, key_size): 

139 """ 

140 Generate a DSAPrivateKey instance using key size only. 

141 """ 

142 

143 @abc.abstractmethod 

144 def dsa_hash_supported(self, algorithm): 

145 """ 

146 Return True if the hash algorithm is supported by the backend for DSA. 

147 """ 

148 

149 @abc.abstractmethod 

150 def dsa_parameters_supported(self, p, q, g): 

151 """ 

152 Return True if the parameters are supported by the backend for DSA. 

153 """ 

154 

155 @abc.abstractmethod 

156 def load_dsa_private_numbers(self, numbers): 

157 """ 

158 Returns a DSAPrivateKey provider. 

159 """ 

160 

161 @abc.abstractmethod 

162 def load_dsa_public_numbers(self, numbers): 

163 """ 

164 Returns a DSAPublicKey provider. 

165 """ 

166 

167 @abc.abstractmethod 

168 def load_dsa_parameter_numbers(self, numbers): 

169 """ 

170 Returns a DSAParameters provider. 

171 """ 

172 

173 

174class EllipticCurveBackend(metaclass=abc.ABCMeta): 

175 @abc.abstractmethod 

176 def elliptic_curve_signature_algorithm_supported( 

177 self, signature_algorithm, curve 

178 ): 

179 """ 

180 Returns True if the backend supports the named elliptic curve with the 

181 specified signature algorithm. 

182 """ 

183 

184 @abc.abstractmethod 

185 def elliptic_curve_supported(self, curve): 

186 """ 

187 Returns True if the backend supports the named elliptic curve. 

188 """ 

189 

190 @abc.abstractmethod 

191 def generate_elliptic_curve_private_key(self, curve): 

192 """ 

193 Return an object conforming to the EllipticCurvePrivateKey interface. 

194 """ 

195 

196 @abc.abstractmethod 

197 def load_elliptic_curve_public_numbers(self, numbers): 

198 """ 

199 Return an EllipticCurvePublicKey provider using the given numbers. 

200 """ 

201 

202 @abc.abstractmethod 

203 def load_elliptic_curve_private_numbers(self, numbers): 

204 """ 

205 Return an EllipticCurvePrivateKey provider using the given numbers. 

206 """ 

207 

208 @abc.abstractmethod 

209 def elliptic_curve_exchange_algorithm_supported(self, algorithm, curve): 

210 """ 

211 Returns whether the exchange algorithm is supported by this backend. 

212 """ 

213 

214 @abc.abstractmethod 

215 def derive_elliptic_curve_private_key(self, private_value, curve): 

216 """ 

217 Compute the private key given the private value and curve. 

218 """ 

219 

220 

221class PEMSerializationBackend(metaclass=abc.ABCMeta): 

222 @abc.abstractmethod 

223 def load_pem_private_key(self, data, password): 

224 """ 

225 Loads a private key from PEM encoded data, using the provided password 

226 if the data is encrypted. 

227 """ 

228 

229 @abc.abstractmethod 

230 def load_pem_public_key(self, data): 

231 """ 

232 Loads a public key from PEM encoded data. 

233 """ 

234 

235 @abc.abstractmethod 

236 def load_pem_parameters(self, data): 

237 """ 

238 Load encryption parameters from PEM encoded data. 

239 """ 

240 

241 

242class DERSerializationBackend(metaclass=abc.ABCMeta): 

243 @abc.abstractmethod 

244 def load_der_private_key(self, data, password): 

245 """ 

246 Loads a private key from DER encoded data. Uses the provided password 

247 if the data is encrypted. 

248 """ 

249 

250 @abc.abstractmethod 

251 def load_der_public_key(self, data): 

252 """ 

253 Loads a public key from DER encoded data. 

254 """ 

255 

256 @abc.abstractmethod 

257 def load_der_parameters(self, data): 

258 """ 

259 Load encryption parameters from DER encoded data. 

260 """ 

261 

262 

263class X509Backend(metaclass=abc.ABCMeta): 

264 @abc.abstractmethod 

265 def load_pem_x509_certificate(self, data): 

266 """ 

267 Load an X.509 certificate from PEM encoded data. 

268 """ 

269 

270 @abc.abstractmethod 

271 def load_der_x509_certificate(self, data): 

272 """ 

273 Load an X.509 certificate from DER encoded data. 

274 """ 

275 

276 @abc.abstractmethod 

277 def load_der_x509_csr(self, data): 

278 """ 

279 Load an X.509 CSR from DER encoded data. 

280 """ 

281 

282 @abc.abstractmethod 

283 def load_pem_x509_csr(self, data): 

284 """ 

285 Load an X.509 CSR from PEM encoded data. 

286 """ 

287 

288 @abc.abstractmethod 

289 def create_x509_csr(self, builder, private_key, algorithm): 

290 """ 

291 Create and sign an X.509 CSR from a CSR builder object. 

292 """ 

293 

294 @abc.abstractmethod 

295 def create_x509_certificate(self, builder, private_key, algorithm): 

296 """ 

297 Create and sign an X.509 certificate from a CertificateBuilder object. 

298 """ 

299 

300 @abc.abstractmethod 

301 def create_x509_crl(self, builder, private_key, algorithm): 

302 """ 

303 Create and sign an X.509 CertificateRevocationList from a 

304 CertificateRevocationListBuilder object. 

305 """ 

306 

307 @abc.abstractmethod 

308 def create_x509_revoked_certificate(self, builder): 

309 """ 

310 Create a RevokedCertificate object from a RevokedCertificateBuilder 

311 object. 

312 """ 

313 

314 @abc.abstractmethod 

315 def x509_name_bytes(self, name): 

316 """ 

317 Compute the DER encoded bytes of an X509 Name object. 

318 """ 

319 

320 

321class DHBackend(metaclass=abc.ABCMeta): 

322 @abc.abstractmethod 

323 def generate_dh_parameters(self, generator, key_size): 

324 """ 

325 Generate a DHParameters instance with a modulus of key_size bits. 

326 Using the given generator. Often 2 or 5. 

327 """ 

328 

329 @abc.abstractmethod 

330 def generate_dh_private_key(self, parameters): 

331 """ 

332 Generate a DHPrivateKey instance with parameters as a DHParameters 

333 object. 

334 """ 

335 

336 @abc.abstractmethod 

337 def generate_dh_private_key_and_parameters(self, generator, key_size): 

338 """ 

339 Generate a DHPrivateKey instance using key size only. 

340 Using the given generator. Often 2 or 5. 

341 """ 

342 

343 @abc.abstractmethod 

344 def load_dh_private_numbers(self, numbers): 

345 """ 

346 Load a DHPrivateKey from DHPrivateNumbers 

347 """ 

348 

349 @abc.abstractmethod 

350 def load_dh_public_numbers(self, numbers): 

351 """ 

352 Load a DHPublicKey from DHPublicNumbers. 

353 """ 

354 

355 @abc.abstractmethod 

356 def load_dh_parameter_numbers(self, numbers): 

357 """ 

358 Load DHParameters from DHParameterNumbers. 

359 """ 

360 

361 @abc.abstractmethod 

362 def dh_parameters_supported(self, p, g, q=None): 

363 """ 

364 Returns whether the backend supports DH with these parameter values. 

365 """ 

366 

367 @abc.abstractmethod 

368 def dh_x942_serialization_supported(self): 

369 """ 

370 Returns True if the backend supports the serialization of DH objects 

371 with subgroup order (q). 

372 """ 

373 

374 

375class ScryptBackend(metaclass=abc.ABCMeta): 

376 @abc.abstractmethod 

377 def derive_scrypt(self, key_material, salt, length, n, r, p): 

378 """ 

379 Return bytes derived from provided Scrypt parameters. 

380 """