aboutsummaryrefslogtreecommitdiffstats
path: root/src/cryptography/hazmat/bindings/openssl/evp.py
diff options
context:
space:
mode:
Diffstat (limited to 'src/cryptography/hazmat/bindings/openssl/evp.py')
-rw-r--r--src/cryptography/hazmat/bindings/openssl/evp.py263
1 files changed, 263 insertions, 0 deletions
diff --git a/src/cryptography/hazmat/bindings/openssl/evp.py b/src/cryptography/hazmat/bindings/openssl/evp.py
new file mode 100644
index 00000000..033b083b
--- /dev/null
+++ b/src/cryptography/hazmat/bindings/openssl/evp.py
@@ -0,0 +1,263 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from __future__ import absolute_import, division, print_function
+
+INCLUDES = """
+#include <openssl/evp.h>
+"""
+
+TYPES = """
+typedef ... EVP_CIPHER;
+typedef struct {
+ const EVP_CIPHER *cipher;
+ ENGINE *engine;
+ int encrypt;
+ ...;
+} EVP_CIPHER_CTX;
+typedef ... EVP_MD;
+typedef struct env_md_ctx_st {
+ ...;
+} EVP_MD_CTX;
+
+typedef struct evp_pkey_st {
+ int type;
+ ...;
+} EVP_PKEY;
+typedef ... EVP_PKEY_CTX;
+static const int EVP_PKEY_RSA;
+static const int EVP_PKEY_DSA;
+static const int EVP_PKEY_EC;
+static const int EVP_MAX_MD_SIZE;
+static const int EVP_CTRL_GCM_SET_IVLEN;
+static const int EVP_CTRL_GCM_GET_TAG;
+static const int EVP_CTRL_GCM_SET_TAG;
+
+static const int Cryptography_HAS_GCM;
+static const int Cryptography_HAS_PBKDF2_HMAC;
+static const int Cryptography_HAS_PKEY_CTX;
+"""
+
+FUNCTIONS = """
+const EVP_CIPHER *EVP_get_cipherbyname(const char *);
+int EVP_EncryptInit_ex(EVP_CIPHER_CTX *, const EVP_CIPHER *, ENGINE *,
+ const unsigned char *, const unsigned char *);
+int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *, int);
+int EVP_EncryptUpdate(EVP_CIPHER_CTX *, unsigned char *, int *,
+ const unsigned char *, int);
+int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *, unsigned char *, int *);
+int EVP_DecryptInit_ex(EVP_CIPHER_CTX *, const EVP_CIPHER *, ENGINE *,
+ const unsigned char *, const unsigned char *);
+int EVP_DecryptUpdate(EVP_CIPHER_CTX *, unsigned char *, int *,
+ const unsigned char *, int);
+int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *, unsigned char *, int *);
+int EVP_CipherInit_ex(EVP_CIPHER_CTX *, const EVP_CIPHER *, ENGINE *,
+ const unsigned char *, const unsigned char *, int);
+int EVP_CipherUpdate(EVP_CIPHER_CTX *, unsigned char *, int *,
+ const unsigned char *, int);
+int EVP_CipherFinal_ex(EVP_CIPHER_CTX *, unsigned char *, int *);
+int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *);
+void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *);
+EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
+void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *);
+int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *, int);
+
+EVP_MD_CTX *EVP_MD_CTX_create(void);
+int EVP_MD_CTX_copy_ex(EVP_MD_CTX *, const EVP_MD_CTX *);
+int EVP_DigestInit_ex(EVP_MD_CTX *, const EVP_MD *, ENGINE *);
+int EVP_DigestUpdate(EVP_MD_CTX *, const void *, size_t);
+int EVP_DigestFinal_ex(EVP_MD_CTX *, unsigned char *, unsigned int *);
+int EVP_MD_CTX_cleanup(EVP_MD_CTX *);
+void EVP_MD_CTX_destroy(EVP_MD_CTX *);
+const EVP_MD *EVP_get_digestbyname(const char *);
+
+EVP_PKEY *EVP_PKEY_new(void);
+void EVP_PKEY_free(EVP_PKEY *);
+int EVP_PKEY_type(int);
+int EVP_PKEY_bits(EVP_PKEY *);
+int EVP_PKEY_size(EVP_PKEY *);
+RSA *EVP_PKEY_get1_RSA(EVP_PKEY *);
+DSA *EVP_PKEY_get1_DSA(EVP_PKEY *);
+DH *EVP_PKEY_get1_DH(EVP_PKEY *);
+
+int EVP_SignInit(EVP_MD_CTX *, const EVP_MD *);
+int EVP_SignUpdate(EVP_MD_CTX *, const void *, size_t);
+int EVP_SignFinal(EVP_MD_CTX *, unsigned char *, unsigned int *, EVP_PKEY *);
+
+int EVP_VerifyInit(EVP_MD_CTX *, const EVP_MD *);
+int EVP_VerifyUpdate(EVP_MD_CTX *, const void *, size_t);
+int EVP_VerifyFinal(EVP_MD_CTX *, const unsigned char *, unsigned int,
+ EVP_PKEY *);
+
+const EVP_MD *EVP_md5(void);
+
+int PKCS5_PBKDF2_HMAC_SHA1(const char *, int, const unsigned char *, int, int,
+ int, unsigned char *);
+
+int EVP_PKEY_set1_RSA(EVP_PKEY *, struct rsa_st *);
+int EVP_PKEY_set1_DSA(EVP_PKEY *, struct dsa_st *);
+int EVP_PKEY_set1_DH(EVP_PKEY *, DH *);
+
+int EVP_PKEY_get_attr_count(const EVP_PKEY *);
+int EVP_PKEY_get_attr_by_NID(const EVP_PKEY *, int, int);
+int EVP_PKEY_get_attr_by_OBJ(const EVP_PKEY *, ASN1_OBJECT *, int);
+X509_ATTRIBUTE *EVP_PKEY_get_attr(const EVP_PKEY *, int);
+X509_ATTRIBUTE *EVP_PKEY_delete_attr(EVP_PKEY *, int);
+int EVP_PKEY_add1_attr(EVP_PKEY *, X509_ATTRIBUTE *);
+int EVP_PKEY_add1_attr_by_OBJ(EVP_PKEY *, const ASN1_OBJECT *, int,
+ const unsigned char *, int);
+int EVP_PKEY_add1_attr_by_NID(EVP_PKEY *, int, int,
+ const unsigned char *, int);
+int EVP_PKEY_add1_attr_by_txt(EVP_PKEY *, const char *, int,
+ const unsigned char *, int);
+
+int EVP_PKEY_cmp(const EVP_PKEY *, const EVP_PKEY *);
+"""
+
+MACROS = """
+void OpenSSL_add_all_algorithms(void);
+int EVP_PKEY_assign_RSA(EVP_PKEY *, RSA *);
+int EVP_PKEY_assign_DSA(EVP_PKEY *, DSA *);
+
+int EVP_PKEY_assign_EC_KEY(EVP_PKEY *, EC_KEY *);
+EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *);
+int EVP_PKEY_set1_EC_KEY(EVP_PKEY *, EC_KEY *);
+
+int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *);
+int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *, int, int, void *);
+
+int PKCS5_PBKDF2_HMAC(const char *, int, const unsigned char *, int, int,
+ const EVP_MD *, int, unsigned char *);
+
+int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *, const EVP_MD *);
+
+/* These aren't macros, but must be in this section because they're not
+ available in 0.9.8. */
+EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *, ENGINE *);
+EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int, ENGINE *);
+EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *);
+void EVP_PKEY_CTX_free(EVP_PKEY_CTX *);
+int EVP_PKEY_sign_init(EVP_PKEY_CTX *);
+int EVP_PKEY_sign(EVP_PKEY_CTX *, unsigned char *, size_t *,
+ const unsigned char *, size_t);
+int EVP_PKEY_verify_init(EVP_PKEY_CTX *);
+int EVP_PKEY_verify(EVP_PKEY_CTX *, const unsigned char *, size_t,
+ const unsigned char *, size_t);
+int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *);
+int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *);
+
+/* The following were macros in 0.9.8e. Once we drop support for RHEL/CentOS 5
+ we should move these back to FUNCTIONS. */
+const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *);
+int EVP_CIPHER_block_size(const EVP_CIPHER *);
+const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *);
+int EVP_MD_size(const EVP_MD *);
+
+/* Must be in macros because EVP_PKEY_CTX is undefined in 0.9.8 */
+int Cryptography_EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
+ size_t *outlen, const unsigned char *in,
+ size_t inlen);
+int Cryptography_EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
+ size_t *outlen, const unsigned char *in,
+ size_t inlen);
+"""
+
+CUSTOMIZATIONS = """
+#ifdef EVP_CTRL_GCM_SET_TAG
+const long Cryptography_HAS_GCM = 1;
+#else
+const long Cryptography_HAS_GCM = 0;
+const long EVP_CTRL_GCM_GET_TAG = -1;
+const long EVP_CTRL_GCM_SET_TAG = -1;
+const long EVP_CTRL_GCM_SET_IVLEN = -1;
+#endif
+#if OPENSSL_VERSION_NUMBER >= 0x10000000L
+const long Cryptography_HAS_PBKDF2_HMAC = 1;
+const long Cryptography_HAS_PKEY_CTX = 1;
+
+/* OpenSSL 0.9.8 defines EVP_PKEY_encrypt and EVP_PKEY_decrypt functions,
+ but they are a completely different signature from the ones in 1.0.0+.
+ These wrapper functions allows us to safely declare them on any version and
+ conditionally remove them on 0.9.8. */
+int Cryptography_EVP_PKEY_encrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
+ size_t *outlen, const unsigned char *in,
+ size_t inlen) {
+ return EVP_PKEY_encrypt(ctx, out, outlen, in, inlen);
+}
+int Cryptography_EVP_PKEY_decrypt(EVP_PKEY_CTX *ctx, unsigned char *out,
+ size_t *outlen, const unsigned char *in,
+ size_t inlen) {
+ return EVP_PKEY_decrypt(ctx, out, outlen, in, inlen);
+}
+#else
+const long Cryptography_HAS_PBKDF2_HMAC = 0;
+int (*PKCS5_PBKDF2_HMAC)(const char *, int, const unsigned char *, int, int,
+ const EVP_MD *, int, unsigned char *) = NULL;
+const long Cryptography_HAS_PKEY_CTX = 0;
+typedef void EVP_PKEY_CTX;
+int (*EVP_PKEY_CTX_set_signature_md)(EVP_PKEY_CTX *, const EVP_MD *) = NULL;
+int (*EVP_PKEY_sign_init)(EVP_PKEY_CTX *) = NULL;
+int (*EVP_PKEY_sign)(EVP_PKEY_CTX *, unsigned char *, size_t *,
+ const unsigned char *, size_t) = NULL;
+int (*EVP_PKEY_verify_init)(EVP_PKEY_CTX *) = NULL;
+int (*EVP_PKEY_verify)(EVP_PKEY_CTX *, const unsigned char *, size_t,
+ const unsigned char *, size_t) = NULL;
+EVP_PKEY_CTX *(*EVP_PKEY_CTX_new)(EVP_PKEY *, ENGINE *) = NULL;
+EVP_PKEY_CTX *(*EVP_PKEY_CTX_new_id)(int, ENGINE *) = NULL;
+EVP_PKEY_CTX *(*EVP_PKEY_CTX_dup)(EVP_PKEY_CTX *) = NULL;
+void (*EVP_PKEY_CTX_free)(EVP_PKEY_CTX *) = NULL;
+int (*EVP_PKEY_encrypt_init)(EVP_PKEY_CTX *) = NULL;
+int (*EVP_PKEY_decrypt_init)(EVP_PKEY_CTX *) = NULL;
+int (*Cryptography_EVP_PKEY_encrypt)(EVP_PKEY_CTX *, unsigned char *, size_t *,
+ const unsigned char *, size_t) = NULL;
+int (*Cryptography_EVP_PKEY_decrypt)(EVP_PKEY_CTX *, unsigned char *, size_t *,
+ const unsigned char *, size_t) = NULL;
+#endif
+#ifdef OPENSSL_NO_EC
+int (*EVP_PKEY_assign_EC_KEY)(EVP_PKEY *, EC_KEY *) = NULL;
+EC_KEY *(*EVP_PKEY_get1_EC_KEY)(EVP_PKEY *) = NULL;
+int (*EVP_PKEY_set1_EC_KEY)(EVP_PKEY *, EC_KEY *) = NULL;
+#endif
+
+"""
+
+CONDITIONAL_NAMES = {
+ "Cryptography_HAS_GCM": [
+ "EVP_CTRL_GCM_GET_TAG",
+ "EVP_CTRL_GCM_SET_TAG",
+ "EVP_CTRL_GCM_SET_IVLEN",
+ ],
+ "Cryptography_HAS_PBKDF2_HMAC": [
+ "PKCS5_PBKDF2_HMAC"
+ ],
+ "Cryptography_HAS_PKEY_CTX": [
+ "EVP_PKEY_CTX_new",
+ "EVP_PKEY_CTX_new_id",
+ "EVP_PKEY_CTX_dup",
+ "EVP_PKEY_CTX_free",
+ "EVP_PKEY_sign",
+ "EVP_PKEY_sign_init",
+ "EVP_PKEY_verify",
+ "EVP_PKEY_verify_init",
+ "Cryptography_EVP_PKEY_encrypt",
+ "EVP_PKEY_encrypt_init",
+ "Cryptography_EVP_PKEY_decrypt",
+ "EVP_PKEY_decrypt_init",
+ "EVP_PKEY_CTX_set_signature_md",
+ ],
+ "Cryptography_HAS_EC": [
+ "EVP_PKEY_assign_EC_KEY",
+ "EVP_PKEY_get1_EC_KEY",
+ "EVP_PKEY_set1_EC_KEY",
+ ]
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-25 22:52:49 +0000