diff options
26 files changed, 163 insertions, 33 deletions
diff --git a/.travis.yml b/.travis.yml index a7b13e7f..8350ebca 100644 --- a/.travis.yml +++ b/.travis.yml @@ -25,19 +25,6 @@ env: - TOX_ENV=pep8 - TOX_ENV=py3pep8 -matrix: - allow_failures: - - env: TOX_ENV=py26 OPENSSL=0.9.8 - - env: TOX_ENV=py27 OPENSSL=0.9.8 - - env: TOX_ENV=py32 OPENSSL=0.9.8 - - env: TOX_ENV=py33 OPENSSL=0.9.8 - - env: TOX_ENV=pypy OPENSSL=0.9.8 - - env: TOX_ENV=py26 CC=clang OPENSSL=0.9.8 - - env: TOX_ENV=py27 CC=clang OPENSSL=0.9.8 - - env: TOX_ENV=py32 CC=clang OPENSSL=0.9.8 - - env: TOX_ENV=py33 CC=clang OPENSSL=0.9.8 - - env: TOX_ENV=pypy CC=clang OPENSSL=0.9.8 - install: - "sudo add-apt-repository \"deb http://archive.ubuntu.com/ubuntu/ lucid main\"" - sudo add-apt-repository -y ppa:pypy/ppa @@ -47,11 +34,14 @@ install: # This is required because we need to get rid of the Travis installed PyPy # or it'll take precedence over the PPA installed one. - "[[ ${TOX_ENV} == pypy ]] && sudo rm -rf /usr/local/pypy/bin || true" - - pip install tox + - pip install tox coveralls script: - tox -e $TOX_ENV +after_success: + - coveralls + notifications: irc: channels: @@ -2,13 +2,17 @@ Cryptography ============ .. image:: https://travis-ci.org/pyca/cryptography.png?branch=master - :target: https://travis-ci.org/pyca/cryptography + :target: https://travis-ci.org/pyca/cryptography + +.. image:: https://coveralls.io/repos/pyca/cryptography/badge.png?branch=master + :target: https://coveralls.io/r/pyca/cryptography?branch=master + ``cryptography`` is a package designed to expose cryptographic recipes and primitives to Python developers. It is currently in early development and isn't recommended for general usage -yet. It targets Python 2.6-2.7, Python 3.2+, as well as PyPy. +yet. It targets Python 2.6-2.7, Python 3.2+, and PyPy. You can find more information in the `documentation`_. diff --git a/cryptography/hazmat/bindings/openssl/asn1.py b/cryptography/hazmat/bindings/openssl/asn1.py index 5bd72e9a..719a523c 100644 --- a/cryptography/hazmat/bindings/openssl/asn1.py +++ b/cryptography/hazmat/bindings/openssl/asn1.py @@ -119,3 +119,6 @@ long ASN1_INTEGER_get(ASN1_INTEGER *); BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *, BIGNUM *); """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/backend.py b/cryptography/hazmat/bindings/openssl/backend.py index 18388783..0c3d22d5 100644 --- a/cryptography/hazmat/bindings/openssl/backend.py +++ b/cryptography/hazmat/bindings/openssl/backend.py @@ -76,6 +76,7 @@ class Backend(object): includes = [] functions = [] macros = [] + customizations = [] for name in cls._modules: module_name = "cryptography.hazmat.bindings.openssl." + name __import__(module_name) @@ -86,6 +87,7 @@ class Backend(object): macros.append(module.MACROS) functions.append(module.FUNCTIONS) includes.append(module.INCLUDES) + customizations.append(module.CUSTOMIZATIONS) # loop over the functions & macros after declaring all the types # so we can set interdependent types in different files and still @@ -104,7 +106,7 @@ class Backend(object): # int foo(int); # int foo(short); lib = ffi.verify( - source="\n".join(includes + functions), + source="\n".join(includes + functions + customizations), libraries=["crypto", "ssl"], ) @@ -317,19 +319,20 @@ class HMACs(object): evp_md = self._backend.lib.EVP_get_digestbyname( hash_cls.name.encode('ascii')) assert evp_md != self._backend.ffi.NULL - res = self._backend.lib.HMAC_Init_ex(ctx, key, len(key), evp_md, - self._backend.ffi.NULL) + res = self._backend.lib.Cryptography_HMAC_Init_ex( + ctx, key, len(key), evp_md, self._backend.ffi.NULL + ) assert res != 0 return ctx def update_ctx(self, ctx, data): - res = self._backend.lib.HMAC_Update(ctx, data, len(data)) + res = self._backend.lib.Cryptography_HMAC_Update(ctx, data, len(data)) assert res != 0 def finalize_ctx(self, ctx, digest_size): buf = self._backend.ffi.new("unsigned char[]", digest_size) buflen = self._backend.ffi.new("unsigned int *", digest_size) - res = self._backend.lib.HMAC_Final(ctx, buf, buflen) + res = self._backend.lib.Cryptography_HMAC_Final(ctx, buf, buflen) assert res != 0 self._backend.lib.HMAC_CTX_cleanup(ctx) return self._backend.ffi.buffer(buf)[:digest_size] @@ -339,7 +342,7 @@ class HMACs(object): self._backend.lib.HMAC_CTX_init(copied_ctx) copied_ctx = self._backend.ffi.gc(copied_ctx, self._backend.lib.HMAC_CTX_cleanup) - res = self._backend.lib.HMAC_CTX_copy(copied_ctx, ctx) + res = self._backend.lib.Cryptography_HMAC_CTX_copy(copied_ctx, ctx) assert res != 0 return copied_ctx diff --git a/cryptography/hazmat/bindings/openssl/bignum.py b/cryptography/hazmat/bindings/openssl/bignum.py index 72d467c3..fcfadff1 100644 --- a/cryptography/hazmat/bindings/openssl/bignum.py +++ b/cryptography/hazmat/bindings/openssl/bignum.py @@ -32,3 +32,6 @@ int BN_hex2bn(BIGNUM **, const char *); MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/bio.py b/cryptography/hazmat/bindings/openssl/bio.py index 88be788f..c23dd0d8 100644 --- a/cryptography/hazmat/bindings/openssl/bio.py +++ b/cryptography/hazmat/bindings/openssl/bio.py @@ -168,3 +168,6 @@ long BIO_set_buffer_read_data(BIO *, void *, long); #define BIO_TYPE_BASE64 ... #define BIO_TYPE_FILTER ... """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/conf.py b/cryptography/hazmat/bindings/openssl/conf.py index 85c7a210..4846252c 100644 --- a/cryptography/hazmat/bindings/openssl/conf.py +++ b/cryptography/hazmat/bindings/openssl/conf.py @@ -24,3 +24,6 @@ FUNCTIONS = """ MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/crypto.py b/cryptography/hazmat/bindings/openssl/crypto.py index 501fb5a1..773d9b14 100644 --- a/cryptography/hazmat/bindings/openssl/crypto.py +++ b/cryptography/hazmat/bindings/openssl/crypto.py @@ -35,3 +35,6 @@ void CRYPTO_malloc_debug_init(); #define CRYPTO_MEM_CHECK_ENABLE ... #define CRYPTO_MEM_CHECK_DISABLE ... """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/dh.py b/cryptography/hazmat/bindings/openssl/dh.py index ac130054..b8fbf368 100644 --- a/cryptography/hazmat/bindings/openssl/dh.py +++ b/cryptography/hazmat/bindings/openssl/dh.py @@ -26,3 +26,6 @@ void DH_free(DH *); MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/dsa.py b/cryptography/hazmat/bindings/openssl/dsa.py index 2fa67b87..e6c369a6 100644 --- a/cryptography/hazmat/bindings/openssl/dsa.py +++ b/cryptography/hazmat/bindings/openssl/dsa.py @@ -28,3 +28,6 @@ void DSA_free(DSA *); MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/engine.py b/cryptography/hazmat/bindings/openssl/engine.py index b3ec3125..b76befce 100644 --- a/cryptography/hazmat/bindings/openssl/engine.py +++ b/cryptography/hazmat/bindings/openssl/engine.py @@ -50,3 +50,6 @@ MACROS = """ #define ENGINE_METHOD_ALL ... #define ENGINE_METHOD_NONE ... """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/err.py b/cryptography/hazmat/bindings/openssl/err.py index 39ae315c..6a36dee0 100644 --- a/cryptography/hazmat/bindings/openssl/err.py +++ b/cryptography/hazmat/bindings/openssl/err.py @@ -57,3 +57,6 @@ int ERR_GET_FUNC(unsigned long); int ERR_GET_REASON(unsigned long); int ERR_FATAL_ERROR(unsigned long); """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/evp.py b/cryptography/hazmat/bindings/openssl/evp.py index 4d0fb7fc..da54f89d 100644 --- a/cryptography/hazmat/bindings/openssl/evp.py +++ b/cryptography/hazmat/bindings/openssl/evp.py @@ -29,9 +29,9 @@ typedef struct evp_pkey_st { } EVP_PKEY; static const int EVP_PKEY_RSA; static const int EVP_PKEY_DSA; -static const int EVP_CTRL_GCM_SET_IVLEN; -static const int EVP_CTRL_GCM_GET_TAG; -static const int EVP_CTRL_GCM_SET_TAG; +static const int Cryptography_EVP_CTRL_GCM_SET_IVLEN; +static const int Cryptography_EVP_CTRL_GCM_GET_TAG; +static const int Cryptography_EVP_CTRL_GCM_SET_TAG; """ FUNCTIONS = """ @@ -95,3 +95,15 @@ int EVP_PKEY_assign_DSA(EVP_PKEY *, DSA *); int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *); int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *, int, int, void *); """ + +CUSTOMIZATIONS = """ +#ifdef EVP_CTRL_GCM_SET_TAG +const int Cryptography_EVP_CTRL_GCM_GET_TAG = EVP_CTRL_GCM_GET_TAG; +const int Cryptography_EVP_CTRL_GCM_SET_TAG = EVP_CTRL_GCM_SET_TAG; +const int Cryptography_EVP_CTRL_GCM_SET_IVLEN = EVP_CTRL_GCM_SET_IVLEN; +#else +const int Cryptography_EVP_CTRL_GCM_GET_TAG = -1; +const int Cryptography_EVP_CTRL_GCM_SET_TAG = -1; +const int Cryptography_EVP_CTRL_GCM_SET_IVLEN = -1; +#endif +""" diff --git a/cryptography/hazmat/bindings/openssl/hmac.py b/cryptography/hazmat/bindings/openssl/hmac.py index e97ac35e..10e67141 100644 --- a/cryptography/hazmat/bindings/openssl/hmac.py +++ b/cryptography/hazmat/bindings/openssl/hmac.py @@ -22,11 +22,69 @@ typedef struct { ...; } HMAC_CTX; FUNCTIONS = """ void HMAC_CTX_init(HMAC_CTX *); void HMAC_CTX_cleanup(HMAC_CTX *); -int HMAC_Init_ex(HMAC_CTX *, const void *, int, const EVP_MD *, ENGINE *); -int HMAC_Update(HMAC_CTX *, const unsigned char *, size_t); -int HMAC_Final(HMAC_CTX *, unsigned char *, unsigned int *); -int HMAC_CTX_copy(HMAC_CTX *, HMAC_CTX *); + +int Cryptography_HMAC_Init_ex(HMAC_CTX *, const void *, int, const EVP_MD *, + ENGINE *); +int Cryptography_HMAC_Update(HMAC_CTX *, const unsigned char *, size_t); +int Cryptography_HMAC_Final(HMAC_CTX *, unsigned char *, unsigned int *); +int Cryptography_HMAC_CTX_copy(HMAC_CTX *, HMAC_CTX *); """ MACROS = """ """ + +CUSTOMIZATIONS = """ +int Cryptography_HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len, + const EVP_MD *md, ENGINE *impl) { +#if OPENSSL_VERSION_NUMBER >= 0x010000000 + return HMAC_Init_ex(ctx, key, key_len, md, impl); +#else + HMAC_Init_ex(ctx, key, key_len, md, impl); + return 1; +#endif +} + +int Cryptography_HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, + size_t data_len) { +#if OPENSSL_VERSION_NUMBER >= 0x010000000 + return HMAC_Update(ctx, data, data_len); +#else + HMAC_Update(ctx, data, data_len); + return 1; +#endif +} + +int Cryptography_HMAC_Final(HMAC_CTX *ctx, unsigned char *digest, + unsigned int *digest_len) { +#if OPENSSL_VERSION_NUMBER >= 0x010000000 + return HMAC_Final(ctx, digest, digest_len); +#else + HMAC_Final(ctx, digest, digest_len); + return 1; +#endif +} + +int Cryptography_HMAC_CTX_copy(HMAC_CTX *dst_ctx, HMAC_CTX *src_ctx) { +#if OPENSSL_VERSION_NUMBER >= 0x010000000 + return HMAC_CTX_copy(dst_ctx, src_ctx); +#else + HMAC_CTX_init(dst_ctx); + if (!EVP_MD_CTX_copy_ex(&dst_ctx->i_ctx, &src_ctx->i_ctx)) { + goto err; + } + if (!EVP_MD_CTX_copy_ex(&dst_ctx->o_ctx, &src_ctx->o_ctx)) { + goto err; + } + if (!EVP_MD_CTX_copy_ex(&dst_ctx->md_ctx, &src_ctx->md_ctx)) { + goto err; + } + memcpy(dst_ctx->key, src_ctx->key, HMAC_MAX_MD_CBLOCK); + dst_ctx->key_length = src_ctx->key_length; + dst_ctx->md = src_ctx->md; + return 1; + + err: + return 0; +#endif +} +""" diff --git a/cryptography/hazmat/bindings/openssl/nid.py b/cryptography/hazmat/bindings/openssl/nid.py index 0f5b0003..9816dde4 100644 --- a/cryptography/hazmat/bindings/openssl/nid.py +++ b/cryptography/hazmat/bindings/openssl/nid.py @@ -39,6 +39,11 @@ static const int NID_crl_reason; static const int NID_pbe_WithSHA1And3_Key_TripleDES_CBC; """ -FUNCTIONS = "" +FUNCTIONS = """ +""" + +MACROS = """ +""" -MACROS = "" +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/opensslv.py b/cryptography/hazmat/bindings/openssl/opensslv.py index d1a1b3e6..d463776c 100644 --- a/cryptography/hazmat/bindings/openssl/opensslv.py +++ b/cryptography/hazmat/bindings/openssl/opensslv.py @@ -24,3 +24,6 @@ FUNCTIONS = """ MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/pem.py b/cryptography/hazmat/bindings/openssl/pem.py index 8c8f736d..00f0dc36 100644 --- a/cryptography/hazmat/bindings/openssl/pem.py +++ b/cryptography/hazmat/bindings/openssl/pem.py @@ -41,4 +41,8 @@ PKCS7 *PEM_read_bio_PKCS7(BIO *, PKCS7 **, pem_password_cb *, void *); DH *PEM_read_bio_DHparams(BIO *, DH **, pem_password_cb *, void *); """ -MACROS = "" +MACROS = """ +""" + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/pkcs12.py b/cryptography/hazmat/bindings/openssl/pkcs12.py index 5c002b93..d91d100f 100644 --- a/cryptography/hazmat/bindings/openssl/pkcs12.py +++ b/cryptography/hazmat/bindings/openssl/pkcs12.py @@ -32,3 +32,6 @@ int PKCS12_parse(PKCS12 *, const char *, EVP_PKEY **, X509 **, PKCS12 *PKCS12_create(char *, char *, EVP_PKEY *, X509 *, struct stack_st_X509 *, int, int, int, int, int); """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/pkcs7.py b/cryptography/hazmat/bindings/openssl/pkcs7.py index 752bfa00..60ea3c52 100644 --- a/cryptography/hazmat/bindings/openssl/pkcs7.py +++ b/cryptography/hazmat/bindings/openssl/pkcs7.py @@ -32,3 +32,6 @@ int PKCS7_type_is_enveloped(PKCS7 *); int PKCS7_type_is_signedAndEnveloped(PKCS7 *); int PKCS7_type_is_data(PKCS7 *); """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/rand.py b/cryptography/hazmat/bindings/openssl/rand.py index e4f6be23..848ee05a 100644 --- a/cryptography/hazmat/bindings/openssl/rand.py +++ b/cryptography/hazmat/bindings/openssl/rand.py @@ -35,3 +35,6 @@ int RAND_pseudo_bytes(unsigned char *, int); MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/rsa.py b/cryptography/hazmat/bindings/openssl/rsa.py index c8bf1cc0..21ed5d67 100644 --- a/cryptography/hazmat/bindings/openssl/rsa.py +++ b/cryptography/hazmat/bindings/openssl/rsa.py @@ -29,3 +29,6 @@ int RSA_check_key(const RSA *); MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/ssl.py b/cryptography/hazmat/bindings/openssl/ssl.py index 8aca86e4..58a64f0b 100644 --- a/cryptography/hazmat/bindings/openssl/ssl.py +++ b/cryptography/hazmat/bindings/openssl/ssl.py @@ -24,3 +24,6 @@ void SSL_load_error_strings(); MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/x509.py b/cryptography/hazmat/bindings/openssl/x509.py index 9a51a6d0..b2ee672e 100644 --- a/cryptography/hazmat/bindings/openssl/x509.py +++ b/cryptography/hazmat/bindings/openssl/x509.py @@ -185,3 +185,6 @@ X509_REVOKED *sk_X509_REVOKED_value(struct x509_revoked_st *, int); int X509_CRL_set_lastUpdate(X509_CRL *, const ASN1_TIME *); int X509_CRL_set_nextUpdate(X509_CRL *, const ASN1_TIME *); """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/x509name.py b/cryptography/hazmat/bindings/openssl/x509name.py index bd7abe2d..896f0ae4 100644 --- a/cryptography/hazmat/bindings/openssl/x509name.py +++ b/cryptography/hazmat/bindings/openssl/x509name.py @@ -46,3 +46,6 @@ int sk_X509_NAME_push(struct stack_st_X509_NAME *, X509_NAME *); X509_NAME *sk_X509_NAME_value(struct stack_st_X509_NAME *, int); void sk_X509_NAME_free(struct stack_st_X509_NAME *); """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/x509v3.py b/cryptography/hazmat/bindings/openssl/x509v3.py index 413bde5f..bc26236c 100644 --- a/cryptography/hazmat/bindings/openssl/x509v3.py +++ b/cryptography/hazmat/bindings/openssl/x509v3.py @@ -92,3 +92,6 @@ GENERAL_NAME *sk_GENERAL_NAME_value(struct stack_st_GENERAL_NAME *, int); const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *); const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int); """ + +CUSTOMIZATIONS = """ +""" @@ -8,7 +8,7 @@ deps = pretend commands = coverage run --source=cryptography/,tests/ -m pytest - coverage report -m --fail-under 100 + coverage report -m [testenv:docs] deps = sphinx |