1# This file is dual licensed under the terms of the Apache License, Version
2# 2.0, and the BSD License. See the LICENSE file in the root of this repository
3# for complete details.
4
5from __future__ import absolute_import, division, print_function
6
7import abc
8
9import six
10
11
12@six.add_metaclass(abc.ABCMeta)
13class CipherBackend(object):
14    @abc.abstractmethod
15    def cipher_supported(self, cipher, mode):
16        """
17        Return True if the given cipher and mode are supported.
18        """
19
20    @abc.abstractmethod
21    def create_symmetric_encryption_ctx(self, cipher, mode):
22        """
23        Get a CipherContext that can be used for encryption.
24        """
25
26    @abc.abstractmethod
27    def create_symmetric_decryption_ctx(self, cipher, mode):
28        """
29        Get a CipherContext that can be used for decryption.
30        """
31
32
33@six.add_metaclass(abc.ABCMeta)
34class HashBackend(object):
35    @abc.abstractmethod
36    def hash_supported(self, algorithm):
37        """
38        Return True if the hash algorithm is supported by this backend.
39        """
40
41    @abc.abstractmethod
42    def create_hash_ctx(self, algorithm):
43        """
44        Create a HashContext for calculating a message digest.
45        """
46
47
48@six.add_metaclass(abc.ABCMeta)
49class HMACBackend(object):
50    @abc.abstractmethod
51    def hmac_supported(self, algorithm):
52        """
53        Return True if the hash algorithm is supported for HMAC by this
54        backend.
55        """
56
57    @abc.abstractmethod
58    def create_hmac_ctx(self, key, algorithm):
59        """
60        Create a MACContext for calculating a message authentication code.
61        """
62
63
64@six.add_metaclass(abc.ABCMeta)
65class CMACBackend(object):
66    @abc.abstractmethod
67    def cmac_algorithm_supported(self, algorithm):
68        """
69        Returns True if the block cipher is supported for CMAC by this backend
70        """
71
72    @abc.abstractmethod
73    def create_cmac_ctx(self, algorithm):
74        """
75        Create a MACContext for calculating a message authentication code.
76        """
77
78
79@six.add_metaclass(abc.ABCMeta)
80class PBKDF2HMACBackend(object):
81    @abc.abstractmethod
82    def pbkdf2_hmac_supported(self, algorithm):
83        """
84        Return True if the hash algorithm is supported for PBKDF2 by this
85        backend.
86        """
87
88    @abc.abstractmethod
89    def derive_pbkdf2_hmac(self, algorithm, length, salt, iterations,
90                           key_material):
91        """
92        Return length bytes derived from provided PBKDF2 parameters.
93        """
94
95
96@six.add_metaclass(abc.ABCMeta)
97class RSABackend(object):
98    @abc.abstractmethod
99    def generate_rsa_private_key(self, public_exponent, key_size):
100        """
101        Generate an RSAPrivateKey instance with public_exponent and a modulus
102        of key_size bits.
103        """
104
105    @abc.abstractmethod
106    def rsa_padding_supported(self, padding):
107        """
108        Returns True if the backend supports the given padding options.
109        """
110
111    @abc.abstractmethod
112    def generate_rsa_parameters_supported(self, public_exponent, key_size):
113        """
114        Returns True if the backend supports the given parameters for key
115        generation.
116        """
117
118    @abc.abstractmethod
119    def load_rsa_private_numbers(self, numbers):
120        """
121        Returns an RSAPrivateKey provider.
122        """
123
124    @abc.abstractmethod
125    def load_rsa_public_numbers(self, numbers):
126        """
127        Returns an RSAPublicKey provider.
128        """
129
130
131@six.add_metaclass(abc.ABCMeta)
132class DSABackend(object):
133    @abc.abstractmethod
134    def generate_dsa_parameters(self, key_size):
135        """
136        Generate a DSAParameters instance with a modulus of key_size bits.
137        """
138
139    @abc.abstractmethod
140    def generate_dsa_private_key(self, parameters):
141        """
142        Generate a DSAPrivateKey instance with parameters as a DSAParameters
143        object.
144        """
145
146    @abc.abstractmethod
147    def generate_dsa_private_key_and_parameters(self, key_size):
148        """
149        Generate a DSAPrivateKey instance using key size only.
150        """
151
152    @abc.abstractmethod
153    def dsa_hash_supported(self, algorithm):
154        """
155        Return True if the hash algorithm is supported by the backend for DSA.
156        """
157
158    @abc.abstractmethod
159    def dsa_parameters_supported(self, p, q, g):
160        """
161        Return True if the parameters are supported by the backend for DSA.
162        """
163
164    @abc.abstractmethod
165    def load_dsa_private_numbers(self, numbers):
166        """
167        Returns a DSAPrivateKey provider.
168        """
169
170    @abc.abstractmethod
171    def load_dsa_public_numbers(self, numbers):
172        """
173        Returns a DSAPublicKey provider.
174        """
175
176    @abc.abstractmethod
177    def load_dsa_parameter_numbers(self, numbers):
178        """
179        Returns a DSAParameters provider.
180        """
181
182
183@six.add_metaclass(abc.ABCMeta)
184class EllipticCurveBackend(object):
185    @abc.abstractmethod
186    def elliptic_curve_signature_algorithm_supported(
187        self, signature_algorithm, curve
188    ):
189        """
190        Returns True if the backend supports the named elliptic curve with the
191        specified signature algorithm.
192        """
193
194    @abc.abstractmethod
195    def elliptic_curve_supported(self, curve):
196        """
197        Returns True if the backend supports the named elliptic curve.
198        """
199
200    @abc.abstractmethod
201    def generate_elliptic_curve_private_key(self, curve):
202        """
203        Return an object conforming to the EllipticCurvePrivateKey interface.
204        """
205
206    @abc.abstractmethod
207    def load_elliptic_curve_public_numbers(self, numbers):
208        """
209        Return an EllipticCurvePublicKey provider using the given numbers.
210        """
211
212    @abc.abstractmethod
213    def load_elliptic_curve_private_numbers(self, numbers):
214        """
215        Return an EllipticCurvePrivateKey provider using the given numbers.
216        """
217
218    @abc.abstractmethod
219    def elliptic_curve_exchange_algorithm_supported(self, algorithm, curve):
220        """
221        Returns whether the exchange algorithm is supported by this backend.
222        """
223
224    @abc.abstractmethod
225    def derive_elliptic_curve_private_key(self, private_value, curve):
226        """
227        Compute the private key given the private value and curve.
228        """
229
230
231@six.add_metaclass(abc.ABCMeta)
232class PEMSerializationBackend(object):
233    @abc.abstractmethod
234    def load_pem_private_key(self, data, password):
235        """
236        Loads a private key from PEM encoded data, using the provided password
237        if the data is encrypted.
238        """
239
240    @abc.abstractmethod
241    def load_pem_public_key(self, data):
242        """
243        Loads a public key from PEM encoded data.
244        """
245
246    @abc.abstractmethod
247    def load_pem_parameters(self, data):
248        """
249        Load encryption parameters from PEM encoded data.
250        """
251
252
253@six.add_metaclass(abc.ABCMeta)
254class DERSerializationBackend(object):
255    @abc.abstractmethod
256    def load_der_private_key(self, data, password):
257        """
258        Loads a private key from DER encoded data. Uses the provided password
259        if the data is encrypted.
260        """
261
262    @abc.abstractmethod
263    def load_der_public_key(self, data):
264        """
265        Loads a public key from DER encoded data.
266        """
267
268    @abc.abstractmethod
269    def load_der_parameters(self, data):
270        """
271        Load encryption parameters from DER encoded data.
272        """
273
274
275@six.add_metaclass(abc.ABCMeta)
276class X509Backend(object):
277    @abc.abstractmethod
278    def load_pem_x509_certificate(self, data):
279        """
280        Load an X.509 certificate from PEM encoded data.
281        """
282
283    @abc.abstractmethod
284    def load_der_x509_certificate(self, data):
285        """
286        Load an X.509 certificate from DER encoded data.
287        """
288
289    @abc.abstractmethod
290    def load_der_x509_csr(self, data):
291        """
292        Load an X.509 CSR from DER encoded data.
293        """
294
295    @abc.abstractmethod
296    def load_pem_x509_csr(self, data):
297        """
298        Load an X.509 CSR from PEM encoded data.
299        """
300
301    @abc.abstractmethod
302    def create_x509_csr(self, builder, private_key, algorithm):
303        """
304        Create and sign an X.509 CSR from a CSR builder object.
305        """
306
307    @abc.abstractmethod
308    def create_x509_certificate(self, builder, private_key, algorithm):
309        """
310        Create and sign an X.509 certificate from a CertificateBuilder object.
311        """
312
313    @abc.abstractmethod
314    def create_x509_crl(self, builder, private_key, algorithm):
315        """
316        Create and sign an X.509 CertificateRevocationList from a
317        CertificateRevocationListBuilder object.
318        """
319
320    @abc.abstractmethod
321    def create_x509_revoked_certificate(self, builder):
322        """
323        Create a RevokedCertificate object from a RevokedCertificateBuilder
324        object.
325        """
326
327    @abc.abstractmethod
328    def x509_name_bytes(self, name):
329        """
330        Compute the DER encoded bytes of an X509 Name object.
331        """
332
333
334@six.add_metaclass(abc.ABCMeta)
335class DHBackend(object):
336    @abc.abstractmethod
337    def generate_dh_parameters(self, generator, key_size):
338        """
339        Generate a DHParameters instance with a modulus of key_size bits.
340        Using the given generator. Often 2 or 5.
341        """
342
343    @abc.abstractmethod
344    def generate_dh_private_key(self, parameters):
345        """
346        Generate a DHPrivateKey instance with parameters as a DHParameters
347        object.
348        """
349
350    @abc.abstractmethod
351    def generate_dh_private_key_and_parameters(self, generator, key_size):
352        """
353        Generate a DHPrivateKey instance using key size only.
354        Using the given generator. Often 2 or 5.
355        """
356
357    @abc.abstractmethod
358    def load_dh_private_numbers(self, numbers):
359        """
360        Load a DHPrivateKey from DHPrivateNumbers
361        """
362
363    @abc.abstractmethod
364    def load_dh_public_numbers(self, numbers):
365        """
366        Load a DHPublicKey from DHPublicNumbers.
367        """
368
369    @abc.abstractmethod
370    def load_dh_parameter_numbers(self, numbers):
371        """
372        Load DHParameters from DHParameterNumbers.
373        """
374
375    @abc.abstractmethod
376    def dh_parameters_supported(self, p, g, q=None):
377        """
378        Returns whether the backend supports DH with these parameter values.
379        """
380
381    @abc.abstractmethod
382    def dh_x942_serialization_supported(self):
383        """
384        Returns True if the backend supports the serialization of DH objects
385        with subgroup order (q).
386        """
387
388
389@six.add_metaclass(abc.ABCMeta)
390class ScryptBackend(object):
391    @abc.abstractmethod
392    def derive_scrypt(self, key_material, salt, length, n, r, p):
393        """
394        Return bytes derived from provided Scrypt parameters.
395        """
396