1# This file is dual licensed under the terms of the Apache License, Version 2# 2.0, and the BSD License. See the LICENSE file in the root of this repository 3# for complete details. 4 5from __future__ import absolute_import, division, print_function 6 7 8def cryptography_has_ec2m(): 9 return [ 10 "EC_POINT_set_affine_coordinates_GF2m", 11 "EC_POINT_get_affine_coordinates_GF2m", 12 "EC_POINT_set_compressed_coordinates_GF2m", 13 ] 14 15 16def cryptography_has_rsa_oaep_md(): 17 return [ 18 "EVP_PKEY_CTX_set_rsa_oaep_md", 19 ] 20 21 22def cryptography_has_rsa_oaep_label(): 23 return [ 24 "EVP_PKEY_CTX_set0_rsa_oaep_label", 25 ] 26 27 28def cryptography_has_ssl3_method(): 29 return [ 30 "SSLv3_method", 31 "SSLv3_client_method", 32 "SSLv3_server_method", 33 ] 34 35 36def cryptography_has_102_verification(): 37 return [ 38 "X509_V_ERR_SUITE_B_INVALID_VERSION", 39 "X509_V_ERR_SUITE_B_INVALID_ALGORITHM", 40 "X509_V_ERR_SUITE_B_INVALID_CURVE", 41 "X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM", 42 "X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED", 43 "X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256", 44 "X509_V_FLAG_SUITEB_128_LOS_ONLY", 45 "X509_V_FLAG_SUITEB_192_LOS", 46 "X509_V_FLAG_SUITEB_128_LOS", 47 ] 48 49 50def cryptography_has_110_verification_params(): 51 return ["X509_CHECK_FLAG_NEVER_CHECK_SUBJECT"] 52 53 54def cryptography_has_set_cert_cb(): 55 return [ 56 "SSL_CTX_set_cert_cb", 57 "SSL_set_cert_cb", 58 ] 59 60 61def cryptography_has_ssl_st(): 62 return [ 63 "SSL_ST_BEFORE", 64 "SSL_ST_OK", 65 "SSL_ST_INIT", 66 "SSL_ST_RENEGOTIATE", 67 ] 68 69 70def cryptography_has_tls_st(): 71 return [ 72 "TLS_ST_BEFORE", 73 "TLS_ST_OK", 74 ] 75 76 77def cryptography_has_scrypt(): 78 return [ 79 "EVP_PBE_scrypt", 80 ] 81 82 83def cryptography_has_evp_pkey_dhx(): 84 return [ 85 "EVP_PKEY_DHX", 86 ] 87 88 89def cryptography_has_mem_functions(): 90 return [ 91 "Cryptography_CRYPTO_set_mem_functions", 92 ] 93 94 95def cryptography_has_sct(): 96 return [ 97 "SCT_get_version", 98 "SCT_get_log_entry_type", 99 "SCT_get0_log_id", 100 "SCT_get0_signature", 101 "SCT_get_timestamp", 102 "SCT_set_source", 103 "sk_SCT_new_null", 104 "sk_SCT_free", 105 "sk_SCT_num", 106 "sk_SCT_value", 107 "sk_SCT_push", 108 "SCT_LIST_free", 109 "SCT_new", 110 "SCT_set1_log_id", 111 "SCT_set_timestamp", 112 "SCT_set_version", 113 "SCT_set_log_entry_type", 114 ] 115 116 117def cryptography_has_x509_store_ctx_get_issuer(): 118 return [ 119 "X509_STORE_get_get_issuer", 120 "X509_STORE_set_get_issuer", 121 ] 122 123 124def cryptography_has_ed448(): 125 return [ 126 "EVP_PKEY_ED448", 127 "NID_ED448", 128 ] 129 130 131def cryptography_has_ed25519(): 132 return [ 133 "NID_ED25519", 134 "EVP_PKEY_ED25519", 135 ] 136 137 138def cryptography_has_poly1305(): 139 return [ 140 "NID_poly1305", 141 "EVP_PKEY_POLY1305", 142 ] 143 144 145def cryptography_has_oneshot_evp_digest_sign_verify(): 146 return [ 147 "EVP_DigestSign", 148 "EVP_DigestVerify", 149 ] 150 151 152def cryptography_has_evp_digestfinal_xof(): 153 return [ 154 "EVP_DigestFinalXOF", 155 ] 156 157 158def cryptography_has_evp_pkey_get_set_tls_encodedpoint(): 159 return [ 160 "EVP_PKEY_get1_tls_encodedpoint", 161 "EVP_PKEY_set1_tls_encodedpoint", 162 ] 163 164 165def cryptography_has_fips(): 166 return [ 167 "FIPS_mode_set", 168 "FIPS_mode", 169 ] 170 171 172def cryptography_has_ssl_sigalgs(): 173 return [ 174 "SSL_CTX_set1_sigalgs_list", 175 "SSL_get_sigalgs", 176 ] 177 178 179def cryptography_has_psk(): 180 return [ 181 "SSL_CTX_use_psk_identity_hint", 182 "SSL_CTX_set_psk_server_callback", 183 "SSL_CTX_set_psk_client_callback", 184 ] 185 186 187def cryptography_has_custom_ext(): 188 return [ 189 "SSL_CTX_add_client_custom_ext", 190 "SSL_CTX_add_server_custom_ext", 191 "SSL_extension_supported", 192 ] 193 194 195def cryptography_has_openssl_cleanup(): 196 return [ 197 "OPENSSL_cleanup", 198 ] 199 200 201def cryptography_has_tlsv13(): 202 return [ 203 "SSL_OP_NO_TLSv1_3", 204 "SSL_VERIFY_POST_HANDSHAKE", 205 "SSL_CTX_set_ciphersuites", 206 "SSL_verify_client_post_handshake", 207 "SSL_CTX_set_post_handshake_auth", 208 "SSL_set_post_handshake_auth", 209 "SSL_SESSION_get_max_early_data", 210 "SSL_write_early_data", 211 "SSL_read_early_data", 212 "SSL_CTX_set_max_early_data", 213 ] 214 215 216def cryptography_has_keylog(): 217 return [ 218 "SSL_CTX_set_keylog_callback", 219 "SSL_CTX_get_keylog_callback", 220 ] 221 222 223def cryptography_has_raw_key(): 224 return [ 225 "EVP_PKEY_new_raw_private_key", 226 "EVP_PKEY_new_raw_public_key", 227 "EVP_PKEY_get_raw_private_key", 228 "EVP_PKEY_get_raw_public_key", 229 ] 230 231 232def cryptography_has_engine(): 233 return [ 234 "ENGINE_by_id", 235 "ENGINE_init", 236 "ENGINE_finish", 237 "ENGINE_get_default_RAND", 238 "ENGINE_set_default_RAND", 239 "ENGINE_unregister_RAND", 240 "ENGINE_ctrl_cmd", 241 "ENGINE_free", 242 "ENGINE_get_name", 243 "Cryptography_add_osrandom_engine", 244 "ENGINE_ctrl_cmd_string", 245 "ENGINE_load_builtin_engines", 246 "ENGINE_load_private_key", 247 "ENGINE_load_public_key", 248 ] 249 250 251def cryptography_has_verified_chain(): 252 return [ 253 "SSL_get0_verified_chain", 254 ] 255 256 257def cryptography_has_srtp(): 258 return [ 259 "SSL_CTX_set_tlsext_use_srtp", 260 "SSL_set_tlsext_use_srtp", 261 "SSL_get_selected_srtp_profile", 262 ] 263 264 265def cryptography_has_get_proto_version(): 266 return [ 267 "SSL_CTX_get_min_proto_version", 268 "SSL_CTX_get_max_proto_version", 269 "SSL_get_min_proto_version", 270 "SSL_get_max_proto_version", 271 ] 272 273 274# This is a mapping of 275# {condition: function-returning-names-dependent-on-that-condition} so we can 276# loop over them and delete unsupported names at runtime. It will be removed 277# when cffi supports #if in cdef. We use functions instead of just a dict of 278# lists so we can use coverage to measure which are used. 279CONDITIONAL_NAMES = { 280 "Cryptography_HAS_EC2M": cryptography_has_ec2m, 281 "Cryptography_HAS_RSA_OAEP_MD": cryptography_has_rsa_oaep_md, 282 "Cryptography_HAS_RSA_OAEP_LABEL": cryptography_has_rsa_oaep_label, 283 "Cryptography_HAS_SSL3_METHOD": cryptography_has_ssl3_method, 284 "Cryptography_HAS_102_VERIFICATION": cryptography_has_102_verification, 285 "Cryptography_HAS_110_VERIFICATION_PARAMS": ( 286 cryptography_has_110_verification_params 287 ), 288 "Cryptography_HAS_SET_CERT_CB": cryptography_has_set_cert_cb, 289 "Cryptography_HAS_SSL_ST": cryptography_has_ssl_st, 290 "Cryptography_HAS_TLS_ST": cryptography_has_tls_st, 291 "Cryptography_HAS_SCRYPT": cryptography_has_scrypt, 292 "Cryptography_HAS_EVP_PKEY_DHX": cryptography_has_evp_pkey_dhx, 293 "Cryptography_HAS_MEM_FUNCTIONS": cryptography_has_mem_functions, 294 "Cryptography_HAS_SCT": cryptography_has_sct, 295 "Cryptography_HAS_X509_STORE_CTX_GET_ISSUER": ( 296 cryptography_has_x509_store_ctx_get_issuer 297 ), 298 "Cryptography_HAS_ED448": cryptography_has_ed448, 299 "Cryptography_HAS_ED25519": cryptography_has_ed25519, 300 "Cryptography_HAS_POLY1305": cryptography_has_poly1305, 301 "Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY": ( 302 cryptography_has_oneshot_evp_digest_sign_verify 303 ), 304 "Cryptography_HAS_EVP_PKEY_get_set_tls_encodedpoint": ( 305 cryptography_has_evp_pkey_get_set_tls_encodedpoint 306 ), 307 "Cryptography_HAS_FIPS": cryptography_has_fips, 308 "Cryptography_HAS_SIGALGS": cryptography_has_ssl_sigalgs, 309 "Cryptography_HAS_PSK": cryptography_has_psk, 310 "Cryptography_HAS_CUSTOM_EXT": cryptography_has_custom_ext, 311 "Cryptography_HAS_OPENSSL_CLEANUP": cryptography_has_openssl_cleanup, 312 "Cryptography_HAS_TLSv1_3": cryptography_has_tlsv13, 313 "Cryptography_HAS_KEYLOG": cryptography_has_keylog, 314 "Cryptography_HAS_RAW_KEY": cryptography_has_raw_key, 315 "Cryptography_HAS_EVP_DIGESTFINAL_XOF": ( 316 cryptography_has_evp_digestfinal_xof 317 ), 318 "Cryptography_HAS_ENGINE": cryptography_has_engine, 319 "Cryptography_HAS_VERIFIED_CHAIN": cryptography_has_verified_chain, 320 "Cryptography_HAS_SRTP": cryptography_has_srtp, 321 "Cryptography_HAS_GET_PROTO_VERSION": cryptography_has_get_proto_version, 322} 323