From cc4a42dbc56974c10bf8dc0aca67ab29cccd2f77 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 4 Jan 2014 13:32:56 -0600 Subject: Add initial CommonCrypto bindings (no backend yet) --- .../hazmat/bindings/commoncrypto/__init__.py | 12 ++++ .../hazmat/bindings/commoncrypto/binding.py | 40 +++++++++++++ .../hazmat/bindings/commoncrypto/common_digest.py | 67 ++++++++++++++++++++++ tests/hazmat/bindings/test_commoncrypto.py | 25 ++++++++ 4 files changed, 144 insertions(+) create mode 100644 cryptography/hazmat/bindings/commoncrypto/__init__.py create mode 100644 cryptography/hazmat/bindings/commoncrypto/binding.py create mode 100644 cryptography/hazmat/bindings/commoncrypto/common_digest.py create mode 100644 tests/hazmat/bindings/test_commoncrypto.py diff --git a/cryptography/hazmat/bindings/commoncrypto/__init__.py b/cryptography/hazmat/bindings/commoncrypto/__init__.py new file mode 100644 index 00000000..55c925c6 --- /dev/null +++ b/cryptography/hazmat/bindings/commoncrypto/__init__.py @@ -0,0 +1,12 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. diff --git a/cryptography/hazmat/bindings/commoncrypto/binding.py b/cryptography/hazmat/bindings/commoncrypto/binding.py new file mode 100644 index 00000000..796135fc --- /dev/null +++ b/cryptography/hazmat/bindings/commoncrypto/binding.py @@ -0,0 +1,40 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from __future__ import absolute_import, division, print_function + +from cryptography.hazmat.bindings.utils import build_ffi + + +class Binding(object): + """ + CommonCrypto API wrapper. + """ + _module_prefix = "cryptography.hazmat.bindings.commoncrypto." + _modules = [ + "common_digest", + ] + + ffi = None + lib = None + + def __init__(self): + self._ensure_ffi_initialized() + + @classmethod + def _ensure_ffi_initialized(cls): + if cls.ffi is not None and cls.lib is not None: + return + + cls.ffi, cls.lib = build_ffi(cls._module_prefix, cls._modules, + "", "", []) diff --git a/cryptography/hazmat/bindings/commoncrypto/common_digest.py b/cryptography/hazmat/bindings/commoncrypto/common_digest.py new file mode 100644 index 00000000..ec0fcc92 --- /dev/null +++ b/cryptography/hazmat/bindings/commoncrypto/common_digest.py @@ -0,0 +1,67 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +INCLUDES = """ +#include +""" + +TYPES = """ +typedef uint32_t CC_LONG; +typedef uint64_t CC_LONG64; +typedef struct CC_MD5state_st { + ...; +} CC_MD5_CTX; +typedef struct CC_SHA1state_st { + ...; +} CC_SHA1_CTX; +typedef struct CC_SHA256state_st { + ...; +} CC_SHA256_CTX; +typedef struct CC_SHA512state_st { + ...; +} CC_SHA512_CTX; +""" + +FUNCTIONS = """ +int CC_MD5_Init(CC_MD5_CTX *); +int CC_MD5_Update(CC_MD5_CTX *, const void *, CC_LONG); +int CC_MD5_Final(unsigned char *, CC_MD5_CTX *); + +int CC_SHA1_Init(CC_SHA1_CTX *); +int CC_SHA1_Update(CC_SHA1_CTX *, const void *, CC_LONG); +int CC_SHA1_Final(unsigned char *, CC_SHA1_CTX *); + +int CC_SHA224_Init(CC_SHA256_CTX *); +int CC_SHA224_Update(CC_SHA256_CTX *, const void *, CC_LONG); +int CC_SHA224_Final(unsigned char *, CC_SHA256_CTX *); + +int CC_SHA256_Init(CC_SHA256_CTX *); +int CC_SHA256_Update(CC_SHA256_CTX *, const void *, CC_LONG); +int CC_SHA256_Final(unsigned char *, CC_SHA256_CTX *); + +int CC_SHA384_Init(CC_SHA512_CTX *); +int CC_SHA384_Update(CC_SHA512_CTX *, const void *, CC_LONG); +int CC_SHA384_Final(unsigned char *, CC_SHA512_CTX *); + +int CC_SHA512_Init(CC_SHA512_CTX *); +int CC_SHA512_Update(CC_SHA512_CTX *, const void *, CC_LONG); +int CC_SHA512_Final(unsigned char *, CC_SHA512_CTX *); +""" + +MACROS = """ +""" + +CUSTOMIZATIONS = """ +""" + +CONDITIONAL_NAMES = {} diff --git a/tests/hazmat/bindings/test_commoncrypto.py b/tests/hazmat/bindings/test_commoncrypto.py new file mode 100644 index 00000000..385eeeb6 --- /dev/null +++ b/tests/hazmat/bindings/test_commoncrypto.py @@ -0,0 +1,25 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +import pytest + +from cryptography.hazmat.bindings.commoncrypto.binding import Binding + + +@pytest.mark.commoncrypto +class TestCommonCrypto(object): + def test_binding_loads(self): + binding = Binding() + assert binding + assert binding.lib + assert binding.ffi -- cgit v1.2.3 From 5001c3f7479ff28457948a582e5e7446ac838ca6 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 4 Jan 2014 13:56:19 -0600 Subject: cover a missing branch in the commoncrypto bindings --- tests/hazmat/bindings/test_commoncrypto.py | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/tests/hazmat/bindings/test_commoncrypto.py b/tests/hazmat/bindings/test_commoncrypto.py index 385eeeb6..1eb71151 100644 --- a/tests/hazmat/bindings/test_commoncrypto.py +++ b/tests/hazmat/bindings/test_commoncrypto.py @@ -13,13 +13,19 @@ import pytest -from cryptography.hazmat.bindings.commoncrypto.binding import Binding - @pytest.mark.commoncrypto class TestCommonCrypto(object): def test_binding_loads(self): + from cryptography.hazmat.bindings.commoncrypto.binding import Binding binding = Binding() assert binding assert binding.lib assert binding.ffi + + def test_binding_returns_same_lib(self): + from cryptography.hazmat.bindings.commoncrypto.binding import Binding + binding = Binding() + binding2 = Binding() + assert binding.lib == binding2.lib + assert binding.ffi == binding2.ffi -- cgit v1.2.3 From 5e612d0ac078bae569dece5f718166a834fa9f7e Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 4 Jan 2014 19:42:36 -0600 Subject: add is_available() to CommonCrypto binding, use it for skipif --- cryptography/hazmat/bindings/commoncrypto/binding.py | 8 +++++++- tests/hazmat/bindings/test_commoncrypto.py | 7 ++++--- 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/cryptography/hazmat/bindings/commoncrypto/binding.py b/cryptography/hazmat/bindings/commoncrypto/binding.py index 796135fc..ac5997ea 100644 --- a/cryptography/hazmat/bindings/commoncrypto/binding.py +++ b/cryptography/hazmat/bindings/commoncrypto/binding.py @@ -13,7 +13,9 @@ from __future__ import absolute_import, division, print_function -from cryptography.hazmat.bindings.utils import build_ffi +from cryptography.hazmat.bindings.utils import ( + build_ffi, binding_available +) class Binding(object): @@ -38,3 +40,7 @@ class Binding(object): cls.ffi, cls.lib = build_ffi(cls._module_prefix, cls._modules, "", "", []) + + @classmethod + def is_available(cls): + return binding_available(cls._ensure_ffi_initialized) diff --git a/tests/hazmat/bindings/test_commoncrypto.py b/tests/hazmat/bindings/test_commoncrypto.py index 1eb71151..db3d1b74 100644 --- a/tests/hazmat/bindings/test_commoncrypto.py +++ b/tests/hazmat/bindings/test_commoncrypto.py @@ -13,18 +13,19 @@ import pytest +from cryptography.hazmat.bindings.commoncrypto.binding import Binding -@pytest.mark.commoncrypto + +@pytest.mark.skipif(not Binding.is_available(), + reason="CommonCrypto not available") class TestCommonCrypto(object): def test_binding_loads(self): - from cryptography.hazmat.bindings.commoncrypto.binding import Binding binding = Binding() assert binding assert binding.lib assert binding.ffi def test_binding_returns_same_lib(self): - from cryptography.hazmat.bindings.commoncrypto.binding import Binding binding = Binding() binding2 = Binding() assert binding.lib == binding2.lib -- cgit v1.2.3 From 7fccf4c38e1bb63066232198b9aa4551e4da660f Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 4 Jan 2014 21:51:31 -0600 Subject: add CommonCrypto binding docs --- docs/hazmat/bindings/commoncrypto.rst | 28 ++++++++++++++++++++++++++++ docs/hazmat/bindings/index.rst | 1 + 2 files changed, 29 insertions(+) create mode 100644 docs/hazmat/bindings/commoncrypto.rst diff --git a/docs/hazmat/bindings/commoncrypto.rst b/docs/hazmat/bindings/commoncrypto.rst new file mode 100644 index 00000000..a4423365 --- /dev/null +++ b/docs/hazmat/bindings/commoncrypto.rst @@ -0,0 +1,28 @@ +.. hazmat:: + +CommonCrypto Binding +==================== + +.. currentmodule:: cryptography.hazmat.bindings.commoncrypto.binding + +These are `CFFI`_ bindings to the `CommonCrypto`_ C library. It is available on +Mac OS X. + +.. class:: cryptography.hazmat.bindings.commoncrypto.binding.Binding() + + This is the exposed API for the CommonCrypto bindings. It has two public + attributes: + + .. attribute:: ffi + + This is a :class:`cffi.FFI` instance. It can be used to allocate and + otherwise manipulate OpenSSL structures. + + .. attribute:: lib + + This is a ``cffi`` library. It can be used to call OpenSSL functions, + and access constants. + + +.. _`CFFI`: https://cffi.readthedocs.org/ +.. _`CommonCrypto`: https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man3/Common%20Crypto.3cc.html#//apple_ref/doc/man/3cc/CommonCrypto diff --git a/docs/hazmat/bindings/index.rst b/docs/hazmat/bindings/index.rst index e2a17591..caab8d6a 100644 --- a/docs/hazmat/bindings/index.rst +++ b/docs/hazmat/bindings/index.rst @@ -20,3 +20,4 @@ Individual Bindings :maxdepth: 1 openssl + commoncrypto -- cgit v1.2.3 From 79a230f81ff702d590ebc36169dc11392019839f Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 8 Jan 2014 22:40:12 -0600 Subject: refactor commoncrypto's is_available to check platform for now --- cryptography/hazmat/bindings/commoncrypto/binding.py | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/cryptography/hazmat/bindings/commoncrypto/binding.py b/cryptography/hazmat/bindings/commoncrypto/binding.py index ac5997ea..e0cd61f7 100644 --- a/cryptography/hazmat/bindings/commoncrypto/binding.py +++ b/cryptography/hazmat/bindings/commoncrypto/binding.py @@ -13,9 +13,9 @@ from __future__ import absolute_import, division, print_function -from cryptography.hazmat.bindings.utils import ( - build_ffi, binding_available -) +import sys + +from cryptography.hazmat.bindings.utils import build_ffi class Binding(object): @@ -43,4 +43,4 @@ class Binding(object): @classmethod def is_available(cls): - return binding_available(cls._ensure_ffi_initialized) + return sys.platform == "darwin" -- cgit v1.2.3