• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# This file is dual licensed under the terms of the Apache License, Version
2# 2.0, and the BSD License. See the LICENSE file in the root of this repository
3# for complete details.
4
5from __future__ import absolute_import, division, print_function
6
7INCLUDES = """
8#include <openssl/evp.h>
9"""
10
11TYPES = """
12typedef ... EVP_CIPHER;
13typedef ... EVP_CIPHER_CTX;
14typedef ... EVP_MD;
15typedef ... EVP_MD_CTX;
16
17typedef ... EVP_PKEY;
18typedef ... EVP_PKEY_CTX;
19static const int EVP_PKEY_RSA;
20static const int EVP_PKEY_DSA;
21static const int EVP_PKEY_DH;
22static const int EVP_PKEY_DHX;
23static const int EVP_PKEY_EC;
24static const int EVP_PKEY_X25519;
25static const int EVP_PKEY_ED25519;
26static const int EVP_PKEY_X448;
27static const int EVP_PKEY_ED448;
28static const int EVP_PKEY_POLY1305;
29static const int EVP_MAX_MD_SIZE;
30static const int EVP_CTRL_AEAD_SET_IVLEN;
31static const int EVP_CTRL_AEAD_GET_TAG;
32static const int EVP_CTRL_AEAD_SET_TAG;
33
34static const int Cryptography_HAS_SCRYPT;
35static const int Cryptography_HAS_EVP_PKEY_DHX;
36static const int Cryptography_HAS_EVP_PKEY_get_set_tls_encodedpoint;
37static const int Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY;
38static const long Cryptography_HAS_RAW_KEY;
39static const long Cryptography_HAS_EVP_DIGESTFINAL_XOF;
40"""
41
42FUNCTIONS = """
43const EVP_CIPHER *EVP_get_cipherbyname(const char *);
44int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *, int);
45int EVP_CipherInit_ex(EVP_CIPHER_CTX *, const EVP_CIPHER *, ENGINE *,
46                      const unsigned char *, const unsigned char *, int);
47int EVP_CipherUpdate(EVP_CIPHER_CTX *, unsigned char *, int *,
48                     const unsigned char *, int);
49int EVP_CipherFinal_ex(EVP_CIPHER_CTX *, unsigned char *, int *);
50int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *);
51EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void);
52void EVP_CIPHER_CTX_free(EVP_CIPHER_CTX *);
53int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *, int);
54const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *);
55
56int EVP_MD_CTX_copy_ex(EVP_MD_CTX *, const EVP_MD_CTX *);
57int EVP_DigestInit_ex(EVP_MD_CTX *, const EVP_MD *, ENGINE *);
58int EVP_DigestUpdate(EVP_MD_CTX *, const void *, size_t);
59int EVP_DigestFinal_ex(EVP_MD_CTX *, unsigned char *, unsigned int *);
60int EVP_DigestFinalXOF(EVP_MD_CTX *, unsigned char *, size_t);
61const EVP_MD *EVP_get_digestbyname(const char *);
62
63EVP_PKEY *EVP_PKEY_new(void);
64void EVP_PKEY_free(EVP_PKEY *);
65int EVP_PKEY_type(int);
66int EVP_PKEY_size(EVP_PKEY *);
67RSA *EVP_PKEY_get1_RSA(EVP_PKEY *);
68DSA *EVP_PKEY_get1_DSA(EVP_PKEY *);
69DH *EVP_PKEY_get1_DH(EVP_PKEY *);
70
71int EVP_PKEY_encrypt(EVP_PKEY_CTX *, unsigned char *, size_t *,
72                     const unsigned char *, size_t);
73int EVP_PKEY_decrypt(EVP_PKEY_CTX *, unsigned char *, size_t *,
74                     const unsigned char *, size_t);
75
76int EVP_SignInit(EVP_MD_CTX *, const EVP_MD *);
77int EVP_SignUpdate(EVP_MD_CTX *, const void *, size_t);
78int EVP_SignFinal(EVP_MD_CTX *, unsigned char *, unsigned int *, EVP_PKEY *);
79
80int EVP_VerifyInit(EVP_MD_CTX *, const EVP_MD *);
81int EVP_VerifyUpdate(EVP_MD_CTX *, const void *, size_t);
82int EVP_VerifyFinal(EVP_MD_CTX *, const unsigned char *, unsigned int,
83                    EVP_PKEY *);
84
85int EVP_DigestSignInit(EVP_MD_CTX *, EVP_PKEY_CTX **, const EVP_MD *,
86                       ENGINE *, EVP_PKEY *);
87int EVP_DigestSignUpdate(EVP_MD_CTX *, const void *, size_t);
88int EVP_DigestSignFinal(EVP_MD_CTX *, unsigned char *, size_t *);
89int EVP_DigestVerifyInit(EVP_MD_CTX *, EVP_PKEY_CTX **, const EVP_MD *,
90                         ENGINE *, EVP_PKEY *);
91
92
93
94EVP_PKEY_CTX *EVP_PKEY_CTX_new(EVP_PKEY *, ENGINE *);
95EVP_PKEY_CTX *EVP_PKEY_CTX_new_id(int, ENGINE *);
96EVP_PKEY_CTX *EVP_PKEY_CTX_dup(EVP_PKEY_CTX *);
97void EVP_PKEY_CTX_free(EVP_PKEY_CTX *);
98int EVP_PKEY_sign_init(EVP_PKEY_CTX *);
99int EVP_PKEY_sign(EVP_PKEY_CTX *, unsigned char *, size_t *,
100                  const unsigned char *, size_t);
101int EVP_PKEY_verify_init(EVP_PKEY_CTX *);
102int EVP_PKEY_verify(EVP_PKEY_CTX *, const unsigned char *, size_t,
103                    const unsigned char *, size_t);
104int EVP_PKEY_verify_recover_init(EVP_PKEY_CTX *);
105int EVP_PKEY_verify_recover(EVP_PKEY_CTX *, unsigned char *,
106                            size_t *, const unsigned char *, size_t);
107int EVP_PKEY_encrypt_init(EVP_PKEY_CTX *);
108int EVP_PKEY_decrypt_init(EVP_PKEY_CTX *);
109
110int EVP_PKEY_set1_RSA(EVP_PKEY *, RSA *);
111int EVP_PKEY_set1_DSA(EVP_PKEY *, DSA *);
112int EVP_PKEY_set1_DH(EVP_PKEY *, DH *);
113
114int EVP_PKEY_cmp(const EVP_PKEY *, const EVP_PKEY *);
115
116int EVP_PKEY_keygen_init(EVP_PKEY_CTX *);
117int EVP_PKEY_keygen(EVP_PKEY_CTX *, EVP_PKEY **);
118int EVP_PKEY_derive_init(EVP_PKEY_CTX *);
119int EVP_PKEY_derive_set_peer(EVP_PKEY_CTX *, EVP_PKEY *);
120int EVP_PKEY_derive(EVP_PKEY_CTX *, unsigned char *, size_t *);
121int EVP_PKEY_set_type(EVP_PKEY *, int);
122
123int EVP_PKEY_id(const EVP_PKEY *);
124int Cryptography_EVP_PKEY_id(const EVP_PKEY *);
125
126EVP_MD_CTX *EVP_MD_CTX_new(void);
127void EVP_MD_CTX_free(EVP_MD_CTX *);
128/* Backwards compat aliases for pyOpenSSL */
129EVP_MD_CTX *Cryptography_EVP_MD_CTX_new(void);
130void Cryptography_EVP_MD_CTX_free(EVP_MD_CTX *);
131
132/* Added in 1.1.1 */
133int EVP_DigestSign(EVP_MD_CTX *, unsigned char *, size_t *,
134                   const unsigned char *, size_t);
135int EVP_DigestVerify(EVP_MD_CTX *, const unsigned char *, size_t,
136                     const unsigned char *, size_t);
137/* Added in 1.1.0 */
138size_t EVP_PKEY_get1_tls_encodedpoint(EVP_PKEY *, unsigned char **);
139int EVP_PKEY_set1_tls_encodedpoint(EVP_PKEY *, const unsigned char *,
140                                   size_t);
141
142/* EVP_PKEY * became const in 1.1.0 */
143int EVP_PKEY_bits(EVP_PKEY *);
144
145void OpenSSL_add_all_algorithms(void);
146int EVP_PKEY_assign_RSA(EVP_PKEY *, RSA *);
147
148EC_KEY *EVP_PKEY_get1_EC_KEY(EVP_PKEY *);
149int EVP_PKEY_set1_EC_KEY(EVP_PKEY *, EC_KEY *);
150
151int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *, int, int, void *);
152
153int PKCS5_PBKDF2_HMAC(const char *, int, const unsigned char *, int, int,
154                      const EVP_MD *, int, unsigned char *);
155
156int EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *, const EVP_MD *);
157
158int EVP_PBE_scrypt(const char *, size_t, const unsigned char *, size_t,
159                   uint64_t, uint64_t, uint64_t, uint64_t, unsigned char *,
160                   size_t);
161
162EVP_PKEY *EVP_PKEY_new_raw_private_key(int, ENGINE *, const unsigned char *,
163                                       size_t);
164EVP_PKEY *EVP_PKEY_new_raw_public_key(int, ENGINE *, const unsigned char *,
165                                      size_t);
166int EVP_PKEY_get_raw_private_key(const EVP_PKEY *, unsigned char *, size_t *);
167int EVP_PKEY_get_raw_public_key(const EVP_PKEY *, unsigned char *, size_t *);
168"""
169
170CUSTOMIZATIONS = """
171#ifdef EVP_PKEY_DHX
172const long Cryptography_HAS_EVP_PKEY_DHX = 1;
173#else
174const long Cryptography_HAS_EVP_PKEY_DHX = 0;
175const long EVP_PKEY_DHX = -1;
176#endif
177
178int Cryptography_EVP_PKEY_id(const EVP_PKEY *key) {
179    return EVP_PKEY_id(key);
180}
181EVP_MD_CTX *Cryptography_EVP_MD_CTX_new(void) {
182    return EVP_MD_CTX_new();
183}
184void Cryptography_EVP_MD_CTX_free(EVP_MD_CTX *md) {
185    EVP_MD_CTX_free(md);
186}
187
188#if CRYPTOGRAPHY_IS_LIBRESSL || defined(OPENSSL_NO_SCRYPT)
189static const long Cryptography_HAS_SCRYPT = 0;
190int (*EVP_PBE_scrypt)(const char *, size_t, const unsigned char *, size_t,
191                      uint64_t, uint64_t, uint64_t, uint64_t, unsigned char *,
192                      size_t) = NULL;
193#else
194static const long Cryptography_HAS_SCRYPT = 1;
195#endif
196
197#if !CRYPTOGRAPHY_IS_LIBRESSL
198static const long Cryptography_HAS_EVP_PKEY_get_set_tls_encodedpoint = 1;
199#else
200static const long Cryptography_HAS_EVP_PKEY_get_set_tls_encodedpoint = 0;
201size_t (*EVP_PKEY_get1_tls_encodedpoint)(EVP_PKEY *, unsigned char **) = NULL;
202int (*EVP_PKEY_set1_tls_encodedpoint)(EVP_PKEY *, const unsigned char *,
203                                      size_t) = NULL;
204#endif
205
206#if CRYPTOGRAPHY_OPENSSL_LESS_THAN_111
207static const long Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY = 0;
208static const long Cryptography_HAS_RAW_KEY = 0;
209static const long Cryptography_HAS_EVP_DIGESTFINAL_XOF = 0;
210int (*EVP_DigestFinalXOF)(EVP_MD_CTX *, unsigned char *, size_t) = NULL;
211int (*EVP_DigestSign)(EVP_MD_CTX *, unsigned char *, size_t *,
212                      const unsigned char *tbs, size_t) = NULL;
213int (*EVP_DigestVerify)(EVP_MD_CTX *, const unsigned char *, size_t,
214                        const unsigned char *, size_t) = NULL;
215EVP_PKEY *(*EVP_PKEY_new_raw_private_key)(int, ENGINE *, const unsigned char *,
216                                       size_t) = NULL;
217EVP_PKEY *(*EVP_PKEY_new_raw_public_key)(int, ENGINE *, const unsigned char *,
218                                      size_t) = NULL;
219int (*EVP_PKEY_get_raw_private_key)(const EVP_PKEY *, unsigned char *,
220                                    size_t *) = NULL;
221int (*EVP_PKEY_get_raw_public_key)(const EVP_PKEY *, unsigned char *,
222                                   size_t *) = NULL;
223#else
224static const long Cryptography_HAS_ONESHOT_EVP_DIGEST_SIGN_VERIFY = 1;
225static const long Cryptography_HAS_RAW_KEY = 1;
226static const long Cryptography_HAS_EVP_DIGESTFINAL_XOF = 1;
227#endif
228
229/* OpenSSL 1.1.0+ does this define for us, but if not present we'll do it */
230#if !defined(EVP_CTRL_AEAD_SET_IVLEN)
231# define EVP_CTRL_AEAD_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN
232#endif
233#if !defined(EVP_CTRL_AEAD_GET_TAG)
234# define EVP_CTRL_AEAD_GET_TAG EVP_CTRL_GCM_GET_TAG
235#endif
236#if !defined(EVP_CTRL_AEAD_SET_TAG)
237# define EVP_CTRL_AEAD_SET_TAG EVP_CTRL_GCM_SET_TAG
238#endif
239
240/* This is tied to X25519 support so we reuse the Cryptography_HAS_X25519
241   conditional to remove it. OpenSSL 1.1.0 didn't have this define, but
242   1.1.1 will when it is released. We can remove this in the distant
243   future when we drop 1.1.0 support. */
244#ifndef EVP_PKEY_X25519
245#define EVP_PKEY_X25519 NID_X25519
246#endif
247
248/* This is tied to X448 support so we reuse the Cryptography_HAS_X448
249   conditional to remove it. OpenSSL 1.1.1 adds this define.  We can remove
250   this in the distant future when we drop 1.1.0 support. */
251#ifndef EVP_PKEY_X448
252#define EVP_PKEY_X448 NID_X448
253#endif
254
255/* This is tied to ED25519 support so we reuse the Cryptography_HAS_ED25519
256   conditional to remove it. */
257#ifndef EVP_PKEY_ED25519
258#define EVP_PKEY_ED25519 NID_ED25519
259#endif
260
261/* This is tied to ED448 support so we reuse the Cryptography_HAS_ED448
262   conditional to remove it. */
263#ifndef EVP_PKEY_ED448
264#define EVP_PKEY_ED448 NID_ED448
265#endif
266
267/* This is tied to poly1305 support so we reuse the Cryptography_HAS_POLY1305
268   conditional to remove it. */
269#ifndef EVP_PKEY_POLY1305
270#define EVP_PKEY_POLY1305 NID_poly1305
271#endif
272"""
273