Merge pull request #308 from alex/rename-bindings

Renamed bindings to backends

3 files changed, 200 insertions, 0 deletions

diff --git a/docs/hazmat/backends/index.rst b/docs/hazmat/backends/index.rst
new file mode 100644
index 00000000..a89cf0d5
--- /dev/null
+++ b/docs/hazmat/backends/index.rst
@@ -0,0 +1,34 @@
+.. hazmat::
+
+Bindings
+========
+
+.. toctree::
+    :maxdepth: 1
+
+    openssl
+    interfaces
+
+
+Getting a Backend Provider
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+.. currentmodule:: cryptography.hazmat.backends
+
+``cryptography`` aims to support multiple backends to ensure it can provide
+the widest number of supported cryptographic algorithms as well as supporting
+platform specific implementations.
+
+You can get the default backend by calling
+:func:`~default_backend`.
+
+The default backend will change over time as we implement new backends and
+the libraries we use in those backends changes.
+
+
+.. function:: default_backend()
+
+    :returns: An object that provides at least
+        :class:`~interfaces.CipherBackend`, :class:`~interfaces.HashBackend`, and
+        :class:`~interfaces.HMACBackend`.
+
diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst
new file mode 100644
index 00000000..b524943d
--- /dev/null
+++ b/docs/hazmat/backends/interfaces.rst
@@ -0,0 +1,141 @@
+.. hazmat::
+
+Backend Interfaces
+==================
+
+.. currentmodule:: cryptography.hazmat.backends.interfaces
+
+
+Backend implementations may provide a number of interfaces to support operations
+such as :doc:`/hazmat/primitives/symmetric-encryption`,
+:doc:`/hazmat/primitives/cryptographic-hashes`, and
+:doc:`/hazmat/primitives/hmac`.
+
+A specific ``backend`` may provide one or more of these interfaces.
+
+
+.. class:: CipherBackend
+
+    A backend which provides methods for using ciphers for encryption
+    and decryption.
+
+    .. method:: cipher_supported(cipher, mode)
+
+        Check if a ``cipher`` and ``mode`` combination is supported by
+        this backend.
+
+        :param cipher: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.CipherAlgorithm`
+            provider.
+        :param mode: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.Mode` provider.
+
+        :returns: ``True`` if the specified ``cipher`` and ``mode`` combination
+            is supported by this backend, otherwise ``False``
+
+    .. method:: register_cipher_adapter(cipher_cls, mode_cls, adapter)
+
+        Register an adapter which can be used to create a backend specific
+        object from instances of the
+        :class:`~cryptography.hazmat.primitives.interfaces.CipherAlgorithm` and
+        the :class:`~cryptography.hazmat.primitives.interfaces.Mode` primitives.
+
+        :param cipher_cls: A class whose instances provide
+            :class:`~cryptography.hazmat.primitives.interfaces.CipherAlgorithm`
+        :param mode_cls: A class whose instances provide:
+            :class:`~cryptography.hazmat.primitives.interfaces.Mode`
+        :param adapter: A ``function`` that takes 3 arguments, ``backend`` (a
+            :class:`CipherBackend` provider), ``cipher`` (a
+            :class:`~cryptography.hazmat.primitives.interfaces.CipherAlgorithm`
+            provider ), and ``mode`` (a
+            :class:`~cryptography.hazmat.primitives.interfaces.Mode` provider).
+            It returns a backend specific object which may be used to construct
+            a :class:`~cryptogrpahy.hazmat.primitives.interfaces.CipherContext`.
+
+
+    .. method:: create_symmetric_encryption_ctx(cipher, mode)
+
+        Create a
+        :class:`~cryptogrpahy.hazmat.primitives.interfaces.CipherContext` that
+        can be used for encrypting data with the symmetric ``cipher`` using
+        the given ``mode``.
+
+        :param cipher: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.CipherAlgorithm`
+            provider.
+        :param mode: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.Mode` provider.
+
+        :returns:
+            :class:`~cryptography.hazmat.primitives.interfaces.CipherContext`
+
+        :raises ValueError: When tag is not None in an AEAD mode
+
+
+    .. method:: create_symmetric_decryption_ctx(cipher, mode)
+
+        Create a
+        :class:`~cryptogrpahy.hazmat.primitives.interfaces.CipherContext` that
+        can be used for decrypting data with the symmetric ``cipher`` using
+        the given ``mode``.
+
+        :param cipher: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.CipherAlgorithm`
+            provider.
+        :param mode: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.Mode` provider.
+
+        :returns:
+            :class:`~cryptography.hazmat.primitives.interfaces.CipherContext`
+
+        :raises ValueError: When tag is None in an AEAD mode
+
+
+.. class:: HashBackend
+
+    A backend with methods for using cryptographic hash functions.
+
+    .. method:: hash_supported(algorithm)
+
+        Check if the specified ``algorithm`` is supported by this backend.
+
+        :param algorithm: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            provider.
+
+        :returns: ``True`` if the specified ``algorithm`` is supported by this
+            backend, otherwise ``False``.
+
+
+    .. method:: create_hash_ctx(algorithm)
+
+        Create a
+        :class:`~cryptogrpahy.hazmat.primitives.interfaces.HashContext` that
+        uses the specified ``algorithm`` to calculate a message digest.
+
+        :param algorithm: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            provider.
+
+        :returns:
+            :class:`~cryptography.hazmat.primitives.interfaces.HashContext`
+
+
+.. class:: HMACBackend
+
+    A backend with methods for using cryptographic hash functions as message
+    authentication codes.
+
+    .. method:: create_hmac_ctx(algorithm)
+
+        Create a
+        :class:`~cryptogrpahy.hazmat.primitives.interfaces.HashContext` that
+        uses the specified ``algorithm`` to calculate a hash-based message
+        authentication code.
+
+        :param algorithm: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            provider.
+
+        :returns:
+            :class:`~cryptography.hazmat.primitives.interfaces.HashContext`
diff --git a/docs/hazmat/backends/openssl.rst b/docs/hazmat/backends/openssl.rst
new file mode 100644
index 00000000..12fbff04
--- /dev/null
+++ b/docs/hazmat/backends/openssl.rst
@@ -0,0 +1,25 @@
+.. hazmat::
+
+OpenSSL
+=======
+
+These are `CFFI`_ bindings to the `OpenSSL`_ C library.
+
+.. data:: cryptography.hazmat.backends.openssl.backend
+
+    This is the exposed API for the OpenSSL bindings. It has two public
+    attributes:
+
+    .. attribute:: ffi
+
+        This is a :class:`cffi.FFI` instance. It can be used to allocate and
+        otherwise manipulate OpenSSL structures.
+
+    .. attribute:: lib
+
+        This is a ``cffi`` library. It can be used to call OpenSSL functions,
+        and access constants.
+
+
+.. _`CFFI`: https://cffi.readthedocs.org/
+.. _`OpenSSL`: https://www.openssl.org/