diff --git a/.travis.yml b/.travis.yml index a7b13e7f7f15..8350ebcac619 100644 --- a/.travis.yml +++ b/.travis.yml @@ -25,19 +25,6 @@ env: - TOX_ENV=pep8 - TOX_ENV=py3pep8 -matrix: - allow_failures: - - env: TOX_ENV=py26 OPENSSL=0.9.8 - - env: TOX_ENV=py27 OPENSSL=0.9.8 - - env: TOX_ENV=py32 OPENSSL=0.9.8 - - env: TOX_ENV=py33 OPENSSL=0.9.8 - - env: TOX_ENV=pypy OPENSSL=0.9.8 - - env: TOX_ENV=py26 CC=clang OPENSSL=0.9.8 - - env: TOX_ENV=py27 CC=clang OPENSSL=0.9.8 - - env: TOX_ENV=py32 CC=clang OPENSSL=0.9.8 - - env: TOX_ENV=py33 CC=clang OPENSSL=0.9.8 - - env: TOX_ENV=pypy CC=clang OPENSSL=0.9.8 - install: - "sudo add-apt-repository \"deb http://archive.ubuntu.com/ubuntu/ lucid main\"" - sudo add-apt-repository -y ppa:pypy/ppa @@ -47,11 +34,14 @@ install: # This is required because we need to get rid of the Travis installed PyPy # or it'll take precedence over the PPA installed one. - "[[ ${TOX_ENV} == pypy ]] && sudo rm -rf /usr/local/pypy/bin || true" - - pip install tox + - pip install tox coveralls script: - tox -e $TOX_ENV +after_success: + - coveralls + notifications: irc: channels: diff --git a/README.rst b/README.rst index c9baddea35cb..def2e1fc8f6d 100644 --- a/README.rst +++ b/README.rst @@ -2,13 +2,17 @@ Cryptography ============ .. image:: https://travis-ci.org/pyca/cryptography.png?branch=master - :target: https://travis-ci.org/pyca/cryptography + :target: https://travis-ci.org/pyca/cryptography + +.. image:: https://coveralls.io/repos/pyca/cryptography/badge.png?branch=master + :target: https://coveralls.io/r/pyca/cryptography?branch=master + ``cryptography`` is a package designed to expose cryptographic recipes and primitives to Python developers. It is currently in early development and isn't recommended for general usage -yet. It targets Python 2.6-2.7, Python 3.2+, as well as PyPy. +yet. It targets Python 2.6-2.7, Python 3.2+, and PyPy. You can find more information in the `documentation`_. diff --git a/cryptography/hazmat/bindings/openssl/asn1.py b/cryptography/hazmat/bindings/openssl/asn1.py index 5bd72e9ad7c7..719a523c01e2 100644 --- a/cryptography/hazmat/bindings/openssl/asn1.py +++ b/cryptography/hazmat/bindings/openssl/asn1.py @@ -119,3 +119,6 @@ BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *, BIGNUM *); """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/backend.py b/cryptography/hazmat/bindings/openssl/backend.py index ea1073b9180a..69ffde16638c 100644 --- a/cryptography/hazmat/bindings/openssl/backend.py +++ b/cryptography/hazmat/bindings/openssl/backend.py @@ -74,6 +74,7 @@ def _ensure_ffi_initialized(cls): includes = [] functions = [] macros = [] + customizations = [] for name in cls._modules: module_name = "cryptography.hazmat.bindings.openssl." + name __import__(module_name) @@ -84,6 +85,7 @@ def _ensure_ffi_initialized(cls): macros.append(module.MACROS) functions.append(module.FUNCTIONS) includes.append(module.INCLUDES) + customizations.append(module.CUSTOMIZATIONS) # loop over the functions & macros after declaring all the types # so we can set interdependent types in different files and still @@ -102,7 +104,7 @@ def _ensure_ffi_initialized(cls): # int foo(int); # int foo(short); lib = ffi.verify( - source="\n".join(includes + functions), + source="\n".join(includes + functions + customizations), libraries=["crypto", "ssl"], ) @@ -315,19 +317,20 @@ def create_ctx(self, key, hash_cls): evp_md = self._backend.lib.EVP_get_digestbyname( hash_cls.name.encode('ascii')) assert evp_md != self._backend.ffi.NULL - res = self._backend.lib.HMAC_Init_ex(ctx, key, len(key), evp_md, - self._backend.ffi.NULL) + res = self._backend.lib.Cryptography_HMAC_Init_ex( + ctx, key, len(key), evp_md, self._backend.ffi.NULL + ) assert res != 0 return ctx def update_ctx(self, ctx, data): - res = self._backend.lib.HMAC_Update(ctx, data, len(data)) + res = self._backend.lib.Cryptography_HMAC_Update(ctx, data, len(data)) assert res != 0 def finalize_ctx(self, ctx, digest_size): buf = self._backend.ffi.new("unsigned char[]", digest_size) buflen = self._backend.ffi.new("unsigned int *", digest_size) - res = self._backend.lib.HMAC_Final(ctx, buf, buflen) + res = self._backend.lib.Cryptography_HMAC_Final(ctx, buf, buflen) assert res != 0 self._backend.lib.HMAC_CTX_cleanup(ctx) return self._backend.ffi.buffer(buf)[:digest_size] @@ -337,7 +340,7 @@ def copy_ctx(self, ctx): self._backend.lib.HMAC_CTX_init(copied_ctx) copied_ctx = self._backend.ffi.gc(copied_ctx, self._backend.lib.HMAC_CTX_cleanup) - res = self._backend.lib.HMAC_CTX_copy(copied_ctx, ctx) + res = self._backend.lib.Cryptography_HMAC_CTX_copy(copied_ctx, ctx) assert res != 0 return copied_ctx diff --git a/cryptography/hazmat/bindings/openssl/bignum.py b/cryptography/hazmat/bindings/openssl/bignum.py index 72d467c3c2dd..fcfadff177d8 100644 --- a/cryptography/hazmat/bindings/openssl/bignum.py +++ b/cryptography/hazmat/bindings/openssl/bignum.py @@ -32,3 +32,6 @@ MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/bio.py b/cryptography/hazmat/bindings/openssl/bio.py index 88be788f0a8a..c23dd0d8710b 100644 --- a/cryptography/hazmat/bindings/openssl/bio.py +++ b/cryptography/hazmat/bindings/openssl/bio.py @@ -168,3 +168,6 @@ #define BIO_TYPE_BASE64 ... #define BIO_TYPE_FILTER ... """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/conf.py b/cryptography/hazmat/bindings/openssl/conf.py index 85c7a210d5bb..4846252c78d9 100644 --- a/cryptography/hazmat/bindings/openssl/conf.py +++ b/cryptography/hazmat/bindings/openssl/conf.py @@ -24,3 +24,6 @@ MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/crypto.py b/cryptography/hazmat/bindings/openssl/crypto.py index 501fb5a11016..773d9b14bf2c 100644 --- a/cryptography/hazmat/bindings/openssl/crypto.py +++ b/cryptography/hazmat/bindings/openssl/crypto.py @@ -35,3 +35,6 @@ #define CRYPTO_MEM_CHECK_ENABLE ... #define CRYPTO_MEM_CHECK_DISABLE ... """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/dh.py b/cryptography/hazmat/bindings/openssl/dh.py index ac130054e809..b8fbf3681930 100644 --- a/cryptography/hazmat/bindings/openssl/dh.py +++ b/cryptography/hazmat/bindings/openssl/dh.py @@ -26,3 +26,6 @@ MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/dsa.py b/cryptography/hazmat/bindings/openssl/dsa.py index 2fa67b87b2b9..e6c369a6ecfb 100644 --- a/cryptography/hazmat/bindings/openssl/dsa.py +++ b/cryptography/hazmat/bindings/openssl/dsa.py @@ -28,3 +28,6 @@ MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/engine.py b/cryptography/hazmat/bindings/openssl/engine.py index b3ec31253446..b76befce2895 100644 --- a/cryptography/hazmat/bindings/openssl/engine.py +++ b/cryptography/hazmat/bindings/openssl/engine.py @@ -50,3 +50,6 @@ #define ENGINE_METHOD_ALL ... #define ENGINE_METHOD_NONE ... """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/err.py b/cryptography/hazmat/bindings/openssl/err.py index 39ae315c0916..6a36dee0e106 100644 --- a/cryptography/hazmat/bindings/openssl/err.py +++ b/cryptography/hazmat/bindings/openssl/err.py @@ -57,3 +57,6 @@ int ERR_GET_REASON(unsigned long); int ERR_FATAL_ERROR(unsigned long); """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/evp.py b/cryptography/hazmat/bindings/openssl/evp.py index 4d0fb7fcfd3a..da54f89da639 100644 --- a/cryptography/hazmat/bindings/openssl/evp.py +++ b/cryptography/hazmat/bindings/openssl/evp.py @@ -29,9 +29,9 @@ } EVP_PKEY; static const int EVP_PKEY_RSA; static const int EVP_PKEY_DSA; -static const int EVP_CTRL_GCM_SET_IVLEN; -static const int EVP_CTRL_GCM_GET_TAG; -static const int EVP_CTRL_GCM_SET_TAG; +static const int Cryptography_EVP_CTRL_GCM_SET_IVLEN; +static const int Cryptography_EVP_CTRL_GCM_GET_TAG; +static const int Cryptography_EVP_CTRL_GCM_SET_TAG; """ FUNCTIONS = """ @@ -95,3 +95,15 @@ int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *); int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *, int, int, void *); """ + +CUSTOMIZATIONS = """ +#ifdef EVP_CTRL_GCM_SET_TAG +const int Cryptography_EVP_CTRL_GCM_GET_TAG = EVP_CTRL_GCM_GET_TAG; +const int Cryptography_EVP_CTRL_GCM_SET_TAG = EVP_CTRL_GCM_SET_TAG; +const int Cryptography_EVP_CTRL_GCM_SET_IVLEN = EVP_CTRL_GCM_SET_IVLEN; +#else +const int Cryptography_EVP_CTRL_GCM_GET_TAG = -1; +const int Cryptography_EVP_CTRL_GCM_SET_TAG = -1; +const int Cryptography_EVP_CTRL_GCM_SET_IVLEN = -1; +#endif +""" diff --git a/cryptography/hazmat/bindings/openssl/hmac.py b/cryptography/hazmat/bindings/openssl/hmac.py index e97ac35e5ce7..10e671418cd2 100644 --- a/cryptography/hazmat/bindings/openssl/hmac.py +++ b/cryptography/hazmat/bindings/openssl/hmac.py @@ -22,11 +22,69 @@ FUNCTIONS = """ void HMAC_CTX_init(HMAC_CTX *); void HMAC_CTX_cleanup(HMAC_CTX *); -int HMAC_Init_ex(HMAC_CTX *, const void *, int, const EVP_MD *, ENGINE *); -int HMAC_Update(HMAC_CTX *, const unsigned char *, size_t); -int HMAC_Final(HMAC_CTX *, unsigned char *, unsigned int *); -int HMAC_CTX_copy(HMAC_CTX *, HMAC_CTX *); + +int Cryptography_HMAC_Init_ex(HMAC_CTX *, const void *, int, const EVP_MD *, + ENGINE *); +int Cryptography_HMAC_Update(HMAC_CTX *, const unsigned char *, size_t); +int Cryptography_HMAC_Final(HMAC_CTX *, unsigned char *, unsigned int *); +int Cryptography_HMAC_CTX_copy(HMAC_CTX *, HMAC_CTX *); """ MACROS = """ """ + +CUSTOMIZATIONS = """ +int Cryptography_HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len, + const EVP_MD *md, ENGINE *impl) { +#if OPENSSL_VERSION_NUMBER >= 0x010000000 + return HMAC_Init_ex(ctx, key, key_len, md, impl); +#else + HMAC_Init_ex(ctx, key, key_len, md, impl); + return 1; +#endif +} + +int Cryptography_HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, + size_t data_len) { +#if OPENSSL_VERSION_NUMBER >= 0x010000000 + return HMAC_Update(ctx, data, data_len); +#else + HMAC_Update(ctx, data, data_len); + return 1; +#endif +} + +int Cryptography_HMAC_Final(HMAC_CTX *ctx, unsigned char *digest, + unsigned int *digest_len) { +#if OPENSSL_VERSION_NUMBER >= 0x010000000 + return HMAC_Final(ctx, digest, digest_len); +#else + HMAC_Final(ctx, digest, digest_len); + return 1; +#endif +} + +int Cryptography_HMAC_CTX_copy(HMAC_CTX *dst_ctx, HMAC_CTX *src_ctx) { +#if OPENSSL_VERSION_NUMBER >= 0x010000000 + return HMAC_CTX_copy(dst_ctx, src_ctx); +#else + HMAC_CTX_init(dst_ctx); + if (!EVP_MD_CTX_copy_ex(&dst_ctx->i_ctx, &src_ctx->i_ctx)) { + goto err; + } + if (!EVP_MD_CTX_copy_ex(&dst_ctx->o_ctx, &src_ctx->o_ctx)) { + goto err; + } + if (!EVP_MD_CTX_copy_ex(&dst_ctx->md_ctx, &src_ctx->md_ctx)) { + goto err; + } + memcpy(dst_ctx->key, src_ctx->key, HMAC_MAX_MD_CBLOCK); + dst_ctx->key_length = src_ctx->key_length; + dst_ctx->md = src_ctx->md; + return 1; + + err: + return 0; +#endif +} +""" diff --git a/cryptography/hazmat/bindings/openssl/nid.py b/cryptography/hazmat/bindings/openssl/nid.py index 0f5b00030081..9816dde48b0b 100644 --- a/cryptography/hazmat/bindings/openssl/nid.py +++ b/cryptography/hazmat/bindings/openssl/nid.py @@ -39,6 +39,11 @@ static const int NID_pbe_WithSHA1And3_Key_TripleDES_CBC; """ -FUNCTIONS = "" +FUNCTIONS = """ +""" + +MACROS = """ +""" -MACROS = "" +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/opensslv.py b/cryptography/hazmat/bindings/openssl/opensslv.py index d1a1b3e69907..d463776c2418 100644 --- a/cryptography/hazmat/bindings/openssl/opensslv.py +++ b/cryptography/hazmat/bindings/openssl/opensslv.py @@ -24,3 +24,6 @@ MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/pem.py b/cryptography/hazmat/bindings/openssl/pem.py index 8c8f736d6c44..00f0dc365fe1 100644 --- a/cryptography/hazmat/bindings/openssl/pem.py +++ b/cryptography/hazmat/bindings/openssl/pem.py @@ -41,4 +41,8 @@ DH *PEM_read_bio_DHparams(BIO *, DH **, pem_password_cb *, void *); """ -MACROS = "" +MACROS = """ +""" + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/pkcs12.py b/cryptography/hazmat/bindings/openssl/pkcs12.py index 5c002b9389dd..d91d100f0525 100644 --- a/cryptography/hazmat/bindings/openssl/pkcs12.py +++ b/cryptography/hazmat/bindings/openssl/pkcs12.py @@ -32,3 +32,6 @@ PKCS12 *PKCS12_create(char *, char *, EVP_PKEY *, X509 *, struct stack_st_X509 *, int, int, int, int, int); """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/pkcs7.py b/cryptography/hazmat/bindings/openssl/pkcs7.py index 752bfa002595..60ea3c5238ca 100644 --- a/cryptography/hazmat/bindings/openssl/pkcs7.py +++ b/cryptography/hazmat/bindings/openssl/pkcs7.py @@ -32,3 +32,6 @@ int PKCS7_type_is_signedAndEnveloped(PKCS7 *); int PKCS7_type_is_data(PKCS7 *); """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/rand.py b/cryptography/hazmat/bindings/openssl/rand.py index e4f6be23596a..848ee05a1ab1 100644 --- a/cryptography/hazmat/bindings/openssl/rand.py +++ b/cryptography/hazmat/bindings/openssl/rand.py @@ -35,3 +35,6 @@ MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/rsa.py b/cryptography/hazmat/bindings/openssl/rsa.py index c8bf1cc01f40..21ed5d6710bf 100644 --- a/cryptography/hazmat/bindings/openssl/rsa.py +++ b/cryptography/hazmat/bindings/openssl/rsa.py @@ -29,3 +29,6 @@ MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/ssl.py b/cryptography/hazmat/bindings/openssl/ssl.py index 8aca86e48d5f..58a64f0b9ac2 100644 --- a/cryptography/hazmat/bindings/openssl/ssl.py +++ b/cryptography/hazmat/bindings/openssl/ssl.py @@ -24,3 +24,6 @@ MACROS = """ """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/x509.py b/cryptography/hazmat/bindings/openssl/x509.py index 9a51a6d011b8..b2ee672e33ac 100644 --- a/cryptography/hazmat/bindings/openssl/x509.py +++ b/cryptography/hazmat/bindings/openssl/x509.py @@ -185,3 +185,6 @@ int X509_CRL_set_lastUpdate(X509_CRL *, const ASN1_TIME *); int X509_CRL_set_nextUpdate(X509_CRL *, const ASN1_TIME *); """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/x509name.py b/cryptography/hazmat/bindings/openssl/x509name.py index bd7abe2d10e2..896f0ae410ed 100644 --- a/cryptography/hazmat/bindings/openssl/x509name.py +++ b/cryptography/hazmat/bindings/openssl/x509name.py @@ -46,3 +46,6 @@ X509_NAME *sk_X509_NAME_value(struct stack_st_X509_NAME *, int); void sk_X509_NAME_free(struct stack_st_X509_NAME *); """ + +CUSTOMIZATIONS = """ +""" diff --git a/cryptography/hazmat/bindings/openssl/x509v3.py b/cryptography/hazmat/bindings/openssl/x509v3.py index 413bde5f228a..bc26236c19aa 100644 --- a/cryptography/hazmat/bindings/openssl/x509v3.py +++ b/cryptography/hazmat/bindings/openssl/x509v3.py @@ -92,3 +92,6 @@ const X509V3_EXT_METHOD *X509V3_EXT_get(X509_EXTENSION *); const X509V3_EXT_METHOD *X509V3_EXT_get_nid(int); """ + +CUSTOMIZATIONS = """ +""" diff --git a/tox.ini b/tox.ini index c0a9738f2086..dab22a6df573 100644 --- a/tox.ini +++ b/tox.ini @@ -8,7 +8,7 @@ deps = pretend commands = coverage run --source=cryptography/,tests/ -m pytest - coverage report -m --fail-under 100 + coverage report -m [testenv:docs] deps = sphinx