Merge pull request #919 from Ayrx/cmac-interfaces

CMAC interfaces + documentation
author: Paul Kehrer <paul.l.kehrer@gmail.com> 2014-04-16 09:29:06 -0400
committer: Paul Kehrer <paul.l.kehrer@gmail.com> 2014-04-16 09:29:06 -0400
commit: 182825a138f0a565939c20fcf9d97f15945dbd30 (patch)
tree: d4105e3b7ea926ec9a31a4f7232b008a03dc6e6d
parent: cd6183389098ecf498edc054fea4c9d4019e4981 (diff)
parent: 83cd3f894353c5f9e6393972319e7c20c0981a9c (diff)
download: cryptography-182825a138f0a565939c20fcf9d97f15945dbd30.tar.gz
cryptography-182825a138f0a565939c20fcf9d97f15945dbd30.tar.bz2
cryptography-182825a138f0a565939c20fcf9d97f15945dbd30.zip
4 files changed, 82 insertions, 0 deletions
diff --git a/cryptography/hazmat/backends/interfaces.py b/cryptography/hazmat/backends/interfaces.py
index e4c1df34..4137b534 100644
--- a/cryptography/hazmat/backends/interfaces.py
+++ b/cryptography/hazmat/backends/interfaces.py
@@ -142,3 +142,18 @@ class OpenSSLSerializationBackend(object):
         Load a private key from PEM encoded data, using password if the data
         is encrypted.
         """
+
+
+@six.add_metaclass(abc.ABCMeta)
+class CMACBackend(object):
+    @abc.abstractmethod
+    def cmac_supported(self):
+        """
+        Returns True if the backend supports CMAC
+        """
+
+    @abc.abstractmethod
+    def create_cmac_ctx(self, algorithm):
+        """
+        Create a CMACContext for calculating a message authentication code.
+        """
diff --git a/cryptography/hazmat/primitives/interfaces.py b/cryptography/hazmat/primitives/interfaces.py
index 4d92ef27..810a67a4 100644
--- a/cryptography/hazmat/primitives/interfaces.py
+++ b/cryptography/hazmat/primitives/interfaces.py
@@ -469,3 +469,23 @@ class KeyDerivationFunction(object):
         Checks whether the key generated by the key material matches the
         expected derived key. Raises an exception if they do not match.
         """
+
+
+@six.add_metaclass(abc.ABCMeta)
+class CMACContext(object):
+    @abc.abstractmethod
+    def update(self, data):
+        """
+        Processes the provided bytes.
+        """
+
+    def finalize(self):
+        """
+        Returns the message authentication code as bytes.
+        """
+
+    @abc.abstractmethod
+    def copy(self):
+        """
+        Return a CMACContext that is a copy of the current context.
+        """
diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst
index 9c401d28..546aa766 100644
--- a/docs/hazmat/backends/interfaces.rst
+++ b/docs/hazmat/backends/interfaces.rst
@@ -319,3 +319,27 @@ A specific ``backend`` may provide one or more of these interfaces.
         :raises ValueError: This is raised if the key size is not (1024 or 2048 or 3072)
             or if the OpenSSL version is older than 1.0.0 and the key size is larger than 1024
             because older OpenSSL versions don't support a key size larger than 1024.
+
+
+.. class:: CMACBackend
+
+    .. versionadded:: 0.4
+
+    A backend with methods for using CMAC
+
+    .. method:: cmac_supported()
+
+        :return: True if CMAC is supported by the backend. False if otherwise.
+
+    .. method:: create_cmac_ctx(algorithm)
+
+        Create a
+        :class:`~cryptography.hazmat.primitives.interfaces.CMACContext` that
+        uses the specified ``algorithm`` to calculate a message authentication code.
+
+        :param algorithm: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.BlockCipherAlgorithm`
+            provider.
+
+        :returns:
+            :class:`~cryptography.hazmat.primitives.interfaces.CMACContext`
diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst
index f4fb8ded..95fd6f9f 100644
--- a/docs/hazmat/primitives/interfaces.rst
+++ b/docs/hazmat/primitives/interfaces.rst
@@ -513,6 +513,29 @@ Key derivation functions
         something like checking whether a user's password attempt matches the
         stored derived key.
 
+
+`CMAC`_
+~~~~~~~
+
+.. class:: CMACContext
+
+    .. versionadded:: 0.4
+
+    .. method:: update(data)
+
+        :param data bytes: The data you want to authenticate.
+
+    .. method:: finalize()
+
+        :return: The message authentication code.
+
+    .. method:: copy()
+
+        :return: A :class:`~cryptography.hazmat.primitives.interfaces.CMACContext`
+            that is a copy of the current context.
+
+
 .. _`RSA`: https://en.wikipedia.org/wiki/RSA_(cryptosystem)
 .. _`Chinese remainder theorem`: https://en.wikipedia.org/wiki/Chinese_remainder_theorem
 .. _`DSA`: https://en.wikipedia.org/wiki/Digital_Signature_Algorithm
+.. _`CMAC`: https://en.wikipedia.org/wiki/CMAC
author	Paul Kehrer <paul.l.kehrer@gmail.com>	2014-04-16 09:29:06 -0400
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	2014-04-16 09:29:06 -0400
commit	182825a138f0a565939c20fcf9d97f15945dbd30 (patch)
tree	d4105e3b7ea926ec9a31a4f7232b008a03dc6e6d
parent	cd6183389098ecf498edc054fea4c9d4019e4981 (diff)
parent	83cd3f894353c5f9e6393972319e7c20c0981a9c (diff)
download	cryptography-182825a138f0a565939c20fcf9d97f15945dbd30.tar.gz cryptography-182825a138f0a565939c20fcf9d97f15945dbd30.tar.bz2 cryptography-182825a138f0a565939c20fcf9d97f15945dbd30.zip