1# This file is dual licensed under the terms of the Apache License, Version 2# 2.0, and the BSD License. See the LICENSE file in the root of this repository 3# for complete details. 4 5from __future__ import absolute_import, division, print_function 6 7import abc 8 9import six 10 11 12@six.add_metaclass(abc.ABCMeta) 13class CipherBackend(object): 14 @abc.abstractmethod 15 def cipher_supported(self, cipher, mode): 16 """ 17 Return True if the given cipher and mode are supported. 18 """ 19 20 @abc.abstractmethod 21 def create_symmetric_encryption_ctx(self, cipher, mode): 22 """ 23 Get a CipherContext that can be used for encryption. 24 """ 25 26 @abc.abstractmethod 27 def create_symmetric_decryption_ctx(self, cipher, mode): 28 """ 29 Get a CipherContext that can be used for decryption. 30 """ 31 32 33@six.add_metaclass(abc.ABCMeta) 34class HashBackend(object): 35 @abc.abstractmethod 36 def hash_supported(self, algorithm): 37 """ 38 Return True if the hash algorithm is supported by this backend. 39 """ 40 41 @abc.abstractmethod 42 def create_hash_ctx(self, algorithm): 43 """ 44 Create a HashContext for calculating a message digest. 45 """ 46 47 48@six.add_metaclass(abc.ABCMeta) 49class HMACBackend(object): 50 @abc.abstractmethod 51 def hmac_supported(self, algorithm): 52 """ 53 Return True if the hash algorithm is supported for HMAC by this 54 backend. 55 """ 56 57 @abc.abstractmethod 58 def create_hmac_ctx(self, key, algorithm): 59 """ 60 Create a MACContext for calculating a message authentication code. 61 """ 62 63 64@six.add_metaclass(abc.ABCMeta) 65class CMACBackend(object): 66 @abc.abstractmethod 67 def cmac_algorithm_supported(self, algorithm): 68 """ 69 Returns True if the block cipher is supported for CMAC by this backend 70 """ 71 72 @abc.abstractmethod 73 def create_cmac_ctx(self, algorithm): 74 """ 75 Create a MACContext for calculating a message authentication code. 76 """ 77 78 79@six.add_metaclass(abc.ABCMeta) 80class PBKDF2HMACBackend(object): 81 @abc.abstractmethod 82 def pbkdf2_hmac_supported(self, algorithm): 83 """ 84 Return True if the hash algorithm is supported for PBKDF2 by this 85 backend. 86 """ 87 88 @abc.abstractmethod 89 def derive_pbkdf2_hmac(self, algorithm, length, salt, iterations, 90 key_material): 91 """ 92 Return length bytes derived from provided PBKDF2 parameters. 93 """ 94 95 96@six.add_metaclass(abc.ABCMeta) 97class RSABackend(object): 98 @abc.abstractmethod 99 def generate_rsa_private_key(self, public_exponent, key_size): 100 """ 101 Generate an RSAPrivateKey instance with public_exponent and a modulus 102 of key_size bits. 103 """ 104 105 @abc.abstractmethod 106 def rsa_padding_supported(self, padding): 107 """ 108 Returns True if the backend supports the given padding options. 109 """ 110 111 @abc.abstractmethod 112 def generate_rsa_parameters_supported(self, public_exponent, key_size): 113 """ 114 Returns True if the backend supports the given parameters for key 115 generation. 116 """ 117 118 @abc.abstractmethod 119 def load_rsa_private_numbers(self, numbers): 120 """ 121 Returns an RSAPrivateKey provider. 122 """ 123 124 @abc.abstractmethod 125 def load_rsa_public_numbers(self, numbers): 126 """ 127 Returns an RSAPublicKey provider. 128 """ 129 130 131@six.add_metaclass(abc.ABCMeta) 132class DSABackend(object): 133 @abc.abstractmethod 134 def generate_dsa_parameters(self, key_size): 135 """ 136 Generate a DSAParameters instance with a modulus of key_size bits. 137 """ 138 139 @abc.abstractmethod 140 def generate_dsa_private_key(self, parameters): 141 """ 142 Generate a DSAPrivateKey instance with parameters as a DSAParameters 143 object. 144 """ 145 146 @abc.abstractmethod 147 def generate_dsa_private_key_and_parameters(self, key_size): 148 """ 149 Generate a DSAPrivateKey instance using key size only. 150 """ 151 152 @abc.abstractmethod 153 def dsa_hash_supported(self, algorithm): 154 """ 155 Return True if the hash algorithm is supported by the backend for DSA. 156 """ 157 158 @abc.abstractmethod 159 def dsa_parameters_supported(self, p, q, g): 160 """ 161 Return True if the parameters are supported by the backend for DSA. 162 """ 163 164 @abc.abstractmethod 165 def load_dsa_private_numbers(self, numbers): 166 """ 167 Returns a DSAPrivateKey provider. 168 """ 169 170 @abc.abstractmethod 171 def load_dsa_public_numbers(self, numbers): 172 """ 173 Returns a DSAPublicKey provider. 174 """ 175 176 @abc.abstractmethod 177 def load_dsa_parameter_numbers(self, numbers): 178 """ 179 Returns a DSAParameters provider. 180 """ 181 182 183@six.add_metaclass(abc.ABCMeta) 184class EllipticCurveBackend(object): 185 @abc.abstractmethod 186 def elliptic_curve_signature_algorithm_supported( 187 self, signature_algorithm, curve 188 ): 189 """ 190 Returns True if the backend supports the named elliptic curve with the 191 specified signature algorithm. 192 """ 193 194 @abc.abstractmethod 195 def elliptic_curve_supported(self, curve): 196 """ 197 Returns True if the backend supports the named elliptic curve. 198 """ 199 200 @abc.abstractmethod 201 def generate_elliptic_curve_private_key(self, curve): 202 """ 203 Return an object conforming to the EllipticCurvePrivateKey interface. 204 """ 205 206 @abc.abstractmethod 207 def load_elliptic_curve_public_numbers(self, numbers): 208 """ 209 Return an EllipticCurvePublicKey provider using the given numbers. 210 """ 211 212 @abc.abstractmethod 213 def load_elliptic_curve_private_numbers(self, numbers): 214 """ 215 Return an EllipticCurvePrivateKey provider using the given numbers. 216 """ 217 218 @abc.abstractmethod 219 def elliptic_curve_exchange_algorithm_supported(self, algorithm, curve): 220 """ 221 Returns whether the exchange algorithm is supported by this backend. 222 """ 223 224 @abc.abstractmethod 225 def derive_elliptic_curve_private_key(self, private_value, curve): 226 """ 227 Compute the private key given the private value and curve. 228 """ 229 230 231@six.add_metaclass(abc.ABCMeta) 232class PEMSerializationBackend(object): 233 @abc.abstractmethod 234 def load_pem_private_key(self, data, password): 235 """ 236 Loads a private key from PEM encoded data, using the provided password 237 if the data is encrypted. 238 """ 239 240 @abc.abstractmethod 241 def load_pem_public_key(self, data): 242 """ 243 Loads a public key from PEM encoded data. 244 """ 245 246 @abc.abstractmethod 247 def load_pem_parameters(self, data): 248 """ 249 Load encryption parameters from PEM encoded data. 250 """ 251 252 253@six.add_metaclass(abc.ABCMeta) 254class DERSerializationBackend(object): 255 @abc.abstractmethod 256 def load_der_private_key(self, data, password): 257 """ 258 Loads a private key from DER encoded data. Uses the provided password 259 if the data is encrypted. 260 """ 261 262 @abc.abstractmethod 263 def load_der_public_key(self, data): 264 """ 265 Loads a public key from DER encoded data. 266 """ 267 268 @abc.abstractmethod 269 def load_der_parameters(self, data): 270 """ 271 Load encryption parameters from DER encoded data. 272 """ 273 274 275@six.add_metaclass(abc.ABCMeta) 276class X509Backend(object): 277 @abc.abstractmethod 278 def load_pem_x509_certificate(self, data): 279 """ 280 Load an X.509 certificate from PEM encoded data. 281 """ 282 283 @abc.abstractmethod 284 def load_der_x509_certificate(self, data): 285 """ 286 Load an X.509 certificate from DER encoded data. 287 """ 288 289 @abc.abstractmethod 290 def load_der_x509_csr(self, data): 291 """ 292 Load an X.509 CSR from DER encoded data. 293 """ 294 295 @abc.abstractmethod 296 def load_pem_x509_csr(self, data): 297 """ 298 Load an X.509 CSR from PEM encoded data. 299 """ 300 301 @abc.abstractmethod 302 def create_x509_csr(self, builder, private_key, algorithm): 303 """ 304 Create and sign an X.509 CSR from a CSR builder object. 305 """ 306 307 @abc.abstractmethod 308 def create_x509_certificate(self, builder, private_key, algorithm): 309 """ 310 Create and sign an X.509 certificate from a CertificateBuilder object. 311 """ 312 313 @abc.abstractmethod 314 def create_x509_crl(self, builder, private_key, algorithm): 315 """ 316 Create and sign an X.509 CertificateRevocationList from a 317 CertificateRevocationListBuilder object. 318 """ 319 320 @abc.abstractmethod 321 def create_x509_revoked_certificate(self, builder): 322 """ 323 Create a RevokedCertificate object from a RevokedCertificateBuilder 324 object. 325 """ 326 327 @abc.abstractmethod 328 def x509_name_bytes(self, name): 329 """ 330 Compute the DER encoded bytes of an X509 Name object. 331 """ 332 333 334@six.add_metaclass(abc.ABCMeta) 335class DHBackend(object): 336 @abc.abstractmethod 337 def generate_dh_parameters(self, generator, key_size): 338 """ 339 Generate a DHParameters instance with a modulus of key_size bits. 340 Using the given generator. Often 2 or 5. 341 """ 342 343 @abc.abstractmethod 344 def generate_dh_private_key(self, parameters): 345 """ 346 Generate a DHPrivateKey instance with parameters as a DHParameters 347 object. 348 """ 349 350 @abc.abstractmethod 351 def generate_dh_private_key_and_parameters(self, generator, key_size): 352 """ 353 Generate a DHPrivateKey instance using key size only. 354 Using the given generator. Often 2 or 5. 355 """ 356 357 @abc.abstractmethod 358 def load_dh_private_numbers(self, numbers): 359 """ 360 Load a DHPrivateKey from DHPrivateNumbers 361 """ 362 363 @abc.abstractmethod 364 def load_dh_public_numbers(self, numbers): 365 """ 366 Load a DHPublicKey from DHPublicNumbers. 367 """ 368 369 @abc.abstractmethod 370 def load_dh_parameter_numbers(self, numbers): 371 """ 372 Load DHParameters from DHParameterNumbers. 373 """ 374 375 @abc.abstractmethod 376 def dh_parameters_supported(self, p, g, q=None): 377 """ 378 Returns whether the backend supports DH with these parameter values. 379 """ 380 381 @abc.abstractmethod 382 def dh_x942_serialization_supported(self): 383 """ 384 Returns True if the backend supports the serialization of DH objects 385 with subgroup order (q). 386 """ 387 388 389@six.add_metaclass(abc.ABCMeta) 390class ScryptBackend(object): 391 @abc.abstractmethod 392 def derive_scrypt(self, key_material, salt, length, n, r, p): 393 """ 394 Return bytes derived from provided Scrypt parameters. 395 """ 396