1# This file is dual licensed under the terms of the Apache License, Version 2# 2.0, and the BSD License. See the LICENSE file in the root of this repository 3# for complete details. 4 5from __future__ import absolute_import, division, print_function 6 7import abc 8 9import six 10 11 12@six.add_metaclass(abc.ABCMeta) 13class CipherBackend(object): 14 @abc.abstractmethod 15 def cipher_supported(self, cipher, mode): 16 """ 17 Return True if the given cipher and mode are supported. 18 """ 19 20 @abc.abstractmethod 21 def create_symmetric_encryption_ctx(self, cipher, mode): 22 """ 23 Get a CipherContext that can be used for encryption. 24 """ 25 26 @abc.abstractmethod 27 def create_symmetric_decryption_ctx(self, cipher, mode): 28 """ 29 Get a CipherContext that can be used for decryption. 30 """ 31 32 33@six.add_metaclass(abc.ABCMeta) 34class HashBackend(object): 35 @abc.abstractmethod 36 def hash_supported(self, algorithm): 37 """ 38 Return True if the hash algorithm is supported by this backend. 39 """ 40 41 @abc.abstractmethod 42 def create_hash_ctx(self, algorithm): 43 """ 44 Create a HashContext for calculating a message digest. 45 """ 46 47 48@six.add_metaclass(abc.ABCMeta) 49class HMACBackend(object): 50 @abc.abstractmethod 51 def hmac_supported(self, algorithm): 52 """ 53 Return True if the hash algorithm is supported for HMAC by this 54 backend. 55 """ 56 57 @abc.abstractmethod 58 def create_hmac_ctx(self, key, algorithm): 59 """ 60 Create a context for calculating a message authentication code. 61 """ 62 63 64@six.add_metaclass(abc.ABCMeta) 65class CMACBackend(object): 66 @abc.abstractmethod 67 def cmac_algorithm_supported(self, algorithm): 68 """ 69 Returns True if the block cipher is supported for CMAC by this backend 70 """ 71 72 @abc.abstractmethod 73 def create_cmac_ctx(self, algorithm): 74 """ 75 Create a context for calculating a message authentication code. 76 """ 77 78 79@six.add_metaclass(abc.ABCMeta) 80class PBKDF2HMACBackend(object): 81 @abc.abstractmethod 82 def pbkdf2_hmac_supported(self, algorithm): 83 """ 84 Return True if the hash algorithm is supported for PBKDF2 by this 85 backend. 86 """ 87 88 @abc.abstractmethod 89 def derive_pbkdf2_hmac( 90 self, algorithm, length, salt, iterations, key_material 91 ): 92 """ 93 Return length bytes derived from provided PBKDF2 parameters. 94 """ 95 96 97@six.add_metaclass(abc.ABCMeta) 98class RSABackend(object): 99 @abc.abstractmethod 100 def generate_rsa_private_key(self, public_exponent, key_size): 101 """ 102 Generate an RSAPrivateKey instance with public_exponent and a modulus 103 of key_size bits. 104 """ 105 106 @abc.abstractmethod 107 def rsa_padding_supported(self, padding): 108 """ 109 Returns True if the backend supports the given padding options. 110 """ 111 112 @abc.abstractmethod 113 def generate_rsa_parameters_supported(self, public_exponent, key_size): 114 """ 115 Returns True if the backend supports the given parameters for key 116 generation. 117 """ 118 119 @abc.abstractmethod 120 def load_rsa_private_numbers(self, numbers): 121 """ 122 Returns an RSAPrivateKey provider. 123 """ 124 125 @abc.abstractmethod 126 def load_rsa_public_numbers(self, numbers): 127 """ 128 Returns an RSAPublicKey provider. 129 """ 130 131 132@six.add_metaclass(abc.ABCMeta) 133class DSABackend(object): 134 @abc.abstractmethod 135 def generate_dsa_parameters(self, key_size): 136 """ 137 Generate a DSAParameters instance with a modulus of key_size bits. 138 """ 139 140 @abc.abstractmethod 141 def generate_dsa_private_key(self, parameters): 142 """ 143 Generate a DSAPrivateKey instance with parameters as a DSAParameters 144 object. 145 """ 146 147 @abc.abstractmethod 148 def generate_dsa_private_key_and_parameters(self, key_size): 149 """ 150 Generate a DSAPrivateKey instance using key size only. 151 """ 152 153 @abc.abstractmethod 154 def dsa_hash_supported(self, algorithm): 155 """ 156 Return True if the hash algorithm is supported by the backend for DSA. 157 """ 158 159 @abc.abstractmethod 160 def dsa_parameters_supported(self, p, q, g): 161 """ 162 Return True if the parameters are supported by the backend for DSA. 163 """ 164 165 @abc.abstractmethod 166 def load_dsa_private_numbers(self, numbers): 167 """ 168 Returns a DSAPrivateKey provider. 169 """ 170 171 @abc.abstractmethod 172 def load_dsa_public_numbers(self, numbers): 173 """ 174 Returns a DSAPublicKey provider. 175 """ 176 177 @abc.abstractmethod 178 def load_dsa_parameter_numbers(self, numbers): 179 """ 180 Returns a DSAParameters provider. 181 """ 182 183 184@six.add_metaclass(abc.ABCMeta) 185class EllipticCurveBackend(object): 186 @abc.abstractmethod 187 def elliptic_curve_signature_algorithm_supported( 188 self, signature_algorithm, curve 189 ): 190 """ 191 Returns True if the backend supports the named elliptic curve with the 192 specified signature algorithm. 193 """ 194 195 @abc.abstractmethod 196 def elliptic_curve_supported(self, curve): 197 """ 198 Returns True if the backend supports the named elliptic curve. 199 """ 200 201 @abc.abstractmethod 202 def generate_elliptic_curve_private_key(self, curve): 203 """ 204 Return an object conforming to the EllipticCurvePrivateKey interface. 205 """ 206 207 @abc.abstractmethod 208 def load_elliptic_curve_public_numbers(self, numbers): 209 """ 210 Return an EllipticCurvePublicKey provider using the given numbers. 211 """ 212 213 @abc.abstractmethod 214 def load_elliptic_curve_private_numbers(self, numbers): 215 """ 216 Return an EllipticCurvePrivateKey provider using the given numbers. 217 """ 218 219 @abc.abstractmethod 220 def elliptic_curve_exchange_algorithm_supported(self, algorithm, curve): 221 """ 222 Returns whether the exchange algorithm is supported by this backend. 223 """ 224 225 @abc.abstractmethod 226 def derive_elliptic_curve_private_key(self, private_value, curve): 227 """ 228 Compute the private key given the private value and curve. 229 """ 230 231 232@six.add_metaclass(abc.ABCMeta) 233class PEMSerializationBackend(object): 234 @abc.abstractmethod 235 def load_pem_private_key(self, data, password): 236 """ 237 Loads a private key from PEM encoded data, using the provided password 238 if the data is encrypted. 239 """ 240 241 @abc.abstractmethod 242 def load_pem_public_key(self, data): 243 """ 244 Loads a public key from PEM encoded data. 245 """ 246 247 @abc.abstractmethod 248 def load_pem_parameters(self, data): 249 """ 250 Load encryption parameters from PEM encoded data. 251 """ 252 253 254@six.add_metaclass(abc.ABCMeta) 255class DERSerializationBackend(object): 256 @abc.abstractmethod 257 def load_der_private_key(self, data, password): 258 """ 259 Loads a private key from DER encoded data. Uses the provided password 260 if the data is encrypted. 261 """ 262 263 @abc.abstractmethod 264 def load_der_public_key(self, data): 265 """ 266 Loads a public key from DER encoded data. 267 """ 268 269 @abc.abstractmethod 270 def load_der_parameters(self, data): 271 """ 272 Load encryption parameters from DER encoded data. 273 """ 274 275 276@six.add_metaclass(abc.ABCMeta) 277class X509Backend(object): 278 @abc.abstractmethod 279 def load_pem_x509_certificate(self, data): 280 """ 281 Load an X.509 certificate from PEM encoded data. 282 """ 283 284 @abc.abstractmethod 285 def load_der_x509_certificate(self, data): 286 """ 287 Load an X.509 certificate from DER encoded data. 288 """ 289 290 @abc.abstractmethod 291 def load_der_x509_csr(self, data): 292 """ 293 Load an X.509 CSR from DER encoded data. 294 """ 295 296 @abc.abstractmethod 297 def load_pem_x509_csr(self, data): 298 """ 299 Load an X.509 CSR from PEM encoded data. 300 """ 301 302 @abc.abstractmethod 303 def create_x509_csr(self, builder, private_key, algorithm): 304 """ 305 Create and sign an X.509 CSR from a CSR builder object. 306 """ 307 308 @abc.abstractmethod 309 def create_x509_certificate(self, builder, private_key, algorithm): 310 """ 311 Create and sign an X.509 certificate from a CertificateBuilder object. 312 """ 313 314 @abc.abstractmethod 315 def create_x509_crl(self, builder, private_key, algorithm): 316 """ 317 Create and sign an X.509 CertificateRevocationList from a 318 CertificateRevocationListBuilder object. 319 """ 320 321 @abc.abstractmethod 322 def create_x509_revoked_certificate(self, builder): 323 """ 324 Create a RevokedCertificate object from a RevokedCertificateBuilder 325 object. 326 """ 327 328 @abc.abstractmethod 329 def x509_name_bytes(self, name): 330 """ 331 Compute the DER encoded bytes of an X509 Name object. 332 """ 333 334 335@six.add_metaclass(abc.ABCMeta) 336class DHBackend(object): 337 @abc.abstractmethod 338 def generate_dh_parameters(self, generator, key_size): 339 """ 340 Generate a DHParameters instance with a modulus of key_size bits. 341 Using the given generator. Often 2 or 5. 342 """ 343 344 @abc.abstractmethod 345 def generate_dh_private_key(self, parameters): 346 """ 347 Generate a DHPrivateKey instance with parameters as a DHParameters 348 object. 349 """ 350 351 @abc.abstractmethod 352 def generate_dh_private_key_and_parameters(self, generator, key_size): 353 """ 354 Generate a DHPrivateKey instance using key size only. 355 Using the given generator. Often 2 or 5. 356 """ 357 358 @abc.abstractmethod 359 def load_dh_private_numbers(self, numbers): 360 """ 361 Load a DHPrivateKey from DHPrivateNumbers 362 """ 363 364 @abc.abstractmethod 365 def load_dh_public_numbers(self, numbers): 366 """ 367 Load a DHPublicKey from DHPublicNumbers. 368 """ 369 370 @abc.abstractmethod 371 def load_dh_parameter_numbers(self, numbers): 372 """ 373 Load DHParameters from DHParameterNumbers. 374 """ 375 376 @abc.abstractmethod 377 def dh_parameters_supported(self, p, g, q=None): 378 """ 379 Returns whether the backend supports DH with these parameter values. 380 """ 381 382 @abc.abstractmethod 383 def dh_x942_serialization_supported(self): 384 """ 385 Returns True if the backend supports the serialization of DH objects 386 with subgroup order (q). 387 """ 388 389 390@six.add_metaclass(abc.ABCMeta) 391class ScryptBackend(object): 392 @abc.abstractmethod 393 def derive_scrypt(self, key_material, salt, length, n, r, p): 394 """ 395 Return bytes derived from provided Scrypt parameters. 396 """ 397