Initial commit. Migrates over basic project files, and the OpenSSL bindings

from OpenTLS.

27 files changed, 1756 insertions, 0 deletions

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 00000000..5d29a9f4
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+*.py[co]
+__pycache__/
+_build/
diff --git a/LICENSE b/LICENSE
new file mode 100644
index 00000000..d6456956
--- /dev/null
+++ b/LICENSE
@@ -0,0 +1,202 @@
+
+                                 Apache License
+                           Version 2.0, January 2004
+                        http://www.apache.org/licenses/
+
+   TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
+
+   1. Definitions.
+
+      "License" shall mean the terms and conditions for use, reproduction,
+      and distribution as defined by Sections 1 through 9 of this document.
+
+      "Licensor" shall mean the copyright owner or entity authorized by
+      the copyright owner that is granting the License.
+
+      "Legal Entity" shall mean the union of the acting entity and all
+      other entities that control, are controlled by, or are under common
+      control with that entity. For the purposes of this definition,
+      "control" means (i) the power, direct or indirect, to cause the
+      direction or management of such entity, whether by contract or
+      otherwise, or (ii) ownership of fifty percent (50%) or more of the
+      outstanding shares, or (iii) beneficial ownership of such entity.
+
+      "You" (or "Your") shall mean an individual or Legal Entity
+      exercising permissions granted by this License.
+
+      "Source" form shall mean the preferred form for making modifications,
+      including but not limited to software source code, documentation
+      source, and configuration files.
+
+      "Object" form shall mean any form resulting from mechanical
+      transformation or translation of a Source form, including but
+      not limited to compiled object code, generated documentation,
+      and conversions to other media types.
+
+      "Work" shall mean the work of authorship, whether in Source or
+      Object form, made available under the License, as indicated by a
+      copyright notice that is included in or attached to the work
+      (an example is provided in the Appendix below).
+
+      "Derivative Works" shall mean any work, whether in Source or Object
+      form, that is based on (or derived from) the Work and for which the
+      editorial revisions, annotations, elaborations, or other modifications
+      represent, as a whole, an original work of authorship. For the purposes
+      of this License, Derivative Works shall not include works that remain
+      separable from, or merely link (or bind by name) to the interfaces of,
+      the Work and Derivative Works thereof.
+
+      "Contribution" shall mean any work of authorship, including
+      the original version of the Work and any modifications or additions
+      to that Work or Derivative Works thereof, that is intentionally
+      submitted to Licensor for inclusion in the Work by the copyright owner
+      or by an individual or Legal Entity authorized to submit on behalf of
+      the copyright owner. For the purposes of this definition, "submitted"
+      means any form of electronic, verbal, or written communication sent
+      to the Licensor or its representatives, including but not limited to
+      communication on electronic mailing lists, source code control systems,
+      and issue tracking systems that are managed by, or on behalf of, the
+      Licensor for the purpose of discussing and improving the Work, but
+      excluding communication that is conspicuously marked or otherwise
+      designated in writing by the copyright owner as "Not a Contribution."
+
+      "Contributor" shall mean Licensor and any individual or Legal Entity
+      on behalf of whom a Contribution has been received by Licensor and
+      subsequently incorporated within the Work.
+
+   2. Grant of Copyright License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      copyright license to reproduce, prepare Derivative Works of,
+      publicly display, publicly perform, sublicense, and distribute the
+      Work and such Derivative Works in Source or Object form.
+
+   3. Grant of Patent License. Subject to the terms and conditions of
+      this License, each Contributor hereby grants to You a perpetual,
+      worldwide, non-exclusive, no-charge, royalty-free, irrevocable
+      (except as stated in this section) patent license to make, have made,
+      use, offer to sell, sell, import, and otherwise transfer the Work,
+      where such license applies only to those patent claims licensable
+      by such Contributor that are necessarily infringed by their
+      Contribution(s) alone or by combination of their Contribution(s)
+      with the Work to which such Contribution(s) was submitted. If You
+      institute patent litigation against any entity (including a
+      cross-claim or counterclaim in a lawsuit) alleging that the Work
+      or a Contribution incorporated within the Work constitutes direct
+      or contributory patent infringement, then any patent licenses
+      granted to You under this License for that Work shall terminate
+      as of the date such litigation is filed.
+
+   4. Redistribution. You may reproduce and distribute copies of the
+      Work or Derivative Works thereof in any medium, with or without
+      modifications, and in Source or Object form, provided that You
+      meet the following conditions:
+
+      (a) You must give any other recipients of the Work or
+          Derivative Works a copy of this License; and
+
+      (b) You must cause any modified files to carry prominent notices
+          stating that You changed the files; and
+
+      (c) You must retain, in the Source form of any Derivative Works
+          that You distribute, all copyright, patent, trademark, and
+          attribution notices from the Source form of the Work,
+          excluding those notices that do not pertain to any part of
+          the Derivative Works; and
+
+      (d) If the Work includes a "NOTICE" text file as part of its
+          distribution, then any Derivative Works that You distribute must
+          include a readable copy of the attribution notices contained
+          within such NOTICE file, excluding those notices that do not
+          pertain to any part of the Derivative Works, in at least one
+          of the following places: within a NOTICE text file distributed
+          as part of the Derivative Works; within the Source form or
+          documentation, if provided along with the Derivative Works; or,
+          within a display generated by the Derivative Works, if and
+          wherever such third-party notices normally appear. The contents
+          of the NOTICE file are for informational purposes only and
+          do not modify the License. You may add Your own attribution
+          notices within Derivative Works that You distribute, alongside
+          or as an addendum to the NOTICE text from the Work, provided
+          that such additional attribution notices cannot be construed
+          as modifying the License.
+
+      You may add Your own copyright statement to Your modifications and
+      may provide additional or different license terms and conditions
+      for use, reproduction, or distribution of Your modifications, or
+      for any such Derivative Works as a whole, provided Your use,
+      reproduction, and distribution of the Work otherwise complies with
+      the conditions stated in this License.
+
+   5. Submission of Contributions. Unless You explicitly state otherwise,
+      any Contribution intentionally submitted for inclusion in the Work
+      by You to the Licensor shall be under the terms and conditions of
+      this License, without any additional terms or conditions.
+      Notwithstanding the above, nothing herein shall supersede or modify
+      the terms of any separate license agreement you may have executed
+      with Licensor regarding such Contributions.
+
+   6. Trademarks. This License does not grant permission to use the trade
+      names, trademarks, service marks, or product names of the Licensor,
+      except as required for reasonable and customary use in describing the
+      origin of the Work and reproducing the content of the NOTICE file.
+
+   7. Disclaimer of Warranty. Unless required by applicable law or
+      agreed to in writing, Licensor provides the Work (and each
+      Contributor provides its Contributions) on an "AS IS" BASIS,
+      WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+      implied, including, without limitation, any warranties or conditions
+      of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
+      PARTICULAR PURPOSE. You are solely responsible for determining the
+      appropriateness of using or redistributing the Work and assume any
+      risks associated with Your exercise of permissions under this License.
+
+   8. Limitation of Liability. In no event and under no legal theory,
+      whether in tort (including negligence), contract, or otherwise,
+      unless required by applicable law (such as deliberate and grossly
+      negligent acts) or agreed to in writing, shall any Contributor be
+      liable to You for damages, including any direct, indirect, special,
+      incidental, or consequential damages of any character arising as a
+      result of this License or out of the use or inability to use the
+      Work (including but not limited to damages for loss of goodwill,
+      work stoppage, computer failure or malfunction, or any and all
+      other commercial damages or losses), even if such Contributor
+      has been advised of the possibility of such damages.
+
+   9. Accepting Warranty or Additional Liability. While redistributing
+      the Work or Derivative Works thereof, You may choose to offer,
+      and charge a fee for, acceptance of support, warranty, indemnity,
+      or other liability obligations and/or rights consistent with this
+      License. However, in accepting such obligations, You may act only
+      on Your own behalf and on Your sole responsibility, not on behalf
+      of any other Contributor, and only if You agree to indemnify,
+      defend, and hold each Contributor harmless for any liability
+      incurred by, or claims asserted against, such Contributor by reason
+      of your accepting any such warranty or additional liability.
+
+   END OF TERMS AND CONDITIONS
+
+   APPENDIX: How to apply the Apache License to your work.
+
+      To apply the Apache License to your work, attach the following
+      boilerplate notice, with the fields enclosed by brackets "[]"
+      replaced with your own identifying information. (Don't include
+      the brackets!)  The text should be enclosed in the appropriate
+      comment syntax for the file format. We also recommend that a
+      file or class name and description of purpose be included on the
+      same "printed page" as the copyright notice for easier
+      identification within third-party archives.
+
+   Copyright [yyyy] [name of copyright owner]
+
+   Licensed under the Apache License, Version 2.0 (the "License");
+   you may not use this file except in compliance with the License.
+   You may obtain a copy of the License at
+
+       http://www.apache.org/licenses/LICENSE-2.0
+
+   Unless required by applicable law or agreed to in writing, software
+   distributed under the License is distributed on an "AS IS" BASIS,
+   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+   See the License for the specific language governing permissions and
+   limitations under the License.
diff --git a/cryptography/c/__init__.py b/cryptography/c/__init__.py
new file mode 100644
index 00000000..07927848
--- /dev/null
+++ b/cryptography/c/__init__.py
@@ -0,0 +1,4 @@
+from cryptography.c.api import api
+
+
+__all__ = ["api"]
diff --git a/cryptography/c/api.py b/cryptography/c/api.py
new file mode 100644
index 00000000..f33ddda9
--- /dev/null
+++ b/cryptography/c/api.py
@@ -0,0 +1,153 @@
+from __future__ import absolute_import, division, print_function
+
+import atexit
+from collections import namedtuple
+
+from cffi import FFI
+
+
+class API(object):
+    """OpenSSL API wrapper."""
+
+    SSLVersion = namedtuple('SSLVersion',
+        ['major', 'minor', 'fix', 'patch', 'status']
+    )
+
+    _modules = [
+        'asn1',
+        'bio',
+        'bio_filter',
+        'bio_sink',
+        'err',
+        'evp',
+        'evp_md',
+        'evp_cipher',
+        'evp_cipher_listing',
+        'hmac',
+        'obj',
+        'openssl',
+        'nid',
+        'pkcs5',
+        'rand',
+        'ssl',
+        'ssleay',
+        'stdio',
+    ]
+
+    def __init__(self):
+        self.ffi = FFI()
+        self.INCLUDES = []
+        self.TYPES = []
+        self.FUNCTIONS = []
+        self.C_CUSTOMIZATION = []
+        self.OVERRIDES = []
+        self.SETUP = []
+        self.TEARDOWN = []
+        self._import()
+        self._define()
+        self._verify()
+        self._override()
+        self._populate()
+        self._initialise()
+
+    def _import(self):
+        "import all library definitions"
+        for name in self._modules:
+            module = __import__(__name__ + '.' + name, fromlist=['*'])
+            self._import_definitions(module, 'INCLUDES')
+            self._import_definitions(module, 'TYPES')
+            self._import_definitions(module, 'FUNCTIONS')
+            self._import_definitions(module, 'C_CUSTOMIZATION')
+            self._import_definitions(module, 'OVERRIDES')
+            self._import_definitions(module, 'SETUP')
+            self._import_definitions(module, 'TEARDOWN')
+
+    def _import_definitions(self, module, name):
+        "import defintions named definitions from module"
+        container = getattr(self, name)
+        for definition in getattr(module, name, ()):
+            if definition not in container:
+                container.append(definition)
+
+    def _define(self):
+        "parse function definitions"
+        for typedef in self.TYPES:
+            self.ffi.cdef(typedef)
+        for function in self.FUNCTIONS:
+            self.ffi.cdef(function)
+
+    def _verify(self):
+        "load openssl, create function attributes"
+        self.openssl = self.ffi.verify(
+            source="\n".join(self.INCLUDES + self.C_CUSTOMIZATION),
+            # ext_package must agree with the value in setup.py
+            ext_package="tls",
+            extra_compile_args=[
+                '-Wno-deprecated-declarations',
+            ],
+            libraries=['ssl']
+        )
+
+    def _override(self):
+        """
+        Create any Python-level overrides of the cffi-based wrappers.
+        """
+        self._overrides = {}
+        for func in self.OVERRIDES:
+            name = func.__name__
+            from_openssl = getattr(self.openssl, name)
+            override = func(self.openssl, from_openssl)
+            self._overrides[name] = override
+
+    def _populate(self):
+        """
+        Bind some aliases for FFI APIs on self.
+        """
+        self.NULL = self.ffi.NULL
+        self.buffer = self.ffi.buffer
+        self.callback = self.ffi.callback
+        self.cast = self.ffi.cast
+        self.new = self.ffi.new
+        self.gc = self.ffi.gc
+        self.string = self.ffi.string
+
+    def __getattr__(self, name):
+        """
+        Try to resolve any attribute that does not exist on self as an
+        attribute of the OpenSSL FFI object (in other words, as an OpenSSL
+        API).
+        """
+        return self._overrides.get(name, getattr(self.openssl, name))
+
+    def _initialise(self):
+        "initialise openssl, schedule cleanup at exit"
+        for function in self.SETUP:
+            getattr(self, function)()
+        for function in self.TEARDOWN:
+            atexit.register(getattr(self, function))
+
+    def version_info(self):
+        "Return SSL version information"
+        version = self.SSLeay()
+        major = version >> (7 * 4) & 0xFF
+        minor = version >> (5 * 4) & 0xFF
+        fix = version >> (3 * 4) & 0xFF
+        patch = version >> (1 * 4) & 0xFF
+        patch = '' if not patch else chr(96 + patch)
+        status = version & 0x0F
+        if status == 0x0F:
+            status = 'release'
+        elif status == 0x00:
+            status = 'dev'
+        else:
+            status = 'beta{}'.format(status)
+        return self.SSLVersion(major, minor, fix, patch, status)
+
+    def version(self, detail=None):
+        "Return SSL version string"
+        detail = self.SSLEAY_VERSION if detail is None else detail
+        buff = self.SSLeay_version(detail)
+        return self.string(buff)
+
+
+api = API()
diff --git a/cryptography/c/asn1.py b/cryptography/c/asn1.py
new file mode 100644
index 00000000..1979f85d
--- /dev/null
+++ b/cryptography/c/asn1.py
@@ -0,0 +1,43 @@
+INCLUDES = [
+    '#include <openssl/asn1.h>',
+]
+
+TYPES = [
+    'typedef ... ASN1_INTEGER;',
+    'typedef ... ASN1_OCTET_STRING;',
+    'typedef ... ASN1_OBJECT;',
+    'typedef ... ASN1_STRING;',
+    'typedef ... ASN1_TYPE;',
+]
+
+FUNCTIONS = [
+    'ASN1_OBJECT *ASN1_OBJECT_new(void);',
+    'void ASN1_OBJECT_free(ASN1_OBJECT *a);',
+    # ASN1 OBJECT IDENTIFIER
+    'ASN1_OBJECT *d2i_ASN1_OBJECT(ASN1_OBJECT **a, const unsigned char **pp, long length);',
+    'int i2d_ASN1_OBJECT(ASN1_OBJECT *a, unsigned char **pp);',
+    # ASN1 STRING
+    'ASN1_STRING * ASN1_STRING_new(void);',
+    'ASN1_STRING * ASN1_STRING_type_new(int type);',
+    'void ASN1_STRING_free(ASN1_STRING *a);',
+    'int ASN1_STRING_length(ASN1_STRING *x);',
+    'unsigned char * ASN1_STRING_data(ASN1_STRING *x);',
+    'ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a);',
+    'int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);',
+    'int ASN1_STRING_set(ASN1_STRING *str, const void *data, int len);',
+    'int ASN1_STRING_type(ASN1_STRING *x);',
+    'int ASN1_STRING_to_UTF8(unsigned char **out, ASN1_STRING *in);',
+    # ASN1 OCTET STRING
+    'ASN1_OCTET_STRING * ASN1_OCTET_STRING_new(void);',
+    'void ASN1_OCTET_STRING_free(ASN1_OCTET_STRING *a);',
+    'ASN1_OCTET_STRING * ASN1_OCTET_STRING_dup(ASN1_OCTET_STRING *a);',
+    'int ASN1_OCTET_STRING_cmp(ASN1_OCTET_STRING *a, ASN1_OCTET_STRING *b);',
+    'int ASN1_OCTET_STRING_set(ASN1_OCTET_STRING *str, const void *data, int len);',
+    # ASN1 INTEGER
+    'ASN1_INTEGER * ASN1_INTEGER_new(void);',
+    'void ASN1_INTEGER_free(ASN1_INTEGER *a);',
+    'ASN1_INTEGER * ASN1_INTEGER_dup(ASN1_INTEGER *a);',
+    'int ASN1_INTEGER_cmp(ASN1_INTEGER *a, ASN1_INTEGER *b);',
+    'int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);',
+    'long ASN1_INTEGER_get(ASN1_INTEGER *a);',
+]
diff --git a/cryptography/c/bio.py b/cryptography/c/bio.py
new file mode 100644
index 00000000..ea1f936e
--- /dev/null
+++ b/cryptography/c/bio.py
@@ -0,0 +1,118 @@
+INCLUDES = [
+    '#include <openssl/bio.h>',
+]
+
+TYPES = [
+    # BIO ctrl constants
+    'static const int BIO_CTRL_RESET;',
+    'static const int BIO_CTRL_EOF;',
+    'static const int BIO_CTRL_SET;',
+    'static const int BIO_CTRL_SET_CLOSE;',
+    'static const int BIO_CTRL_FLUSH;',
+    'static const int BIO_CTRL_DUP;',
+    'static const int BIO_CTRL_GET_CLOSE;',
+    'static const int BIO_CTRL_INFO;',
+    'static const int BIO_CTRL_GET;',
+    'static const int BIO_CTRL_PENDING;',
+    'static const int BIO_CTRL_WPENDING;',
+    'static const int BIO_C_FILE_SEEK;',
+    'static const int BIO_C_FILE_TELL;',
+    # BIO type constants
+    'static const int BIO_TYPE_NONE;',
+    'static const int BIO_TYPE_PROXY_CLIENT;',
+    'static const int BIO_TYPE_PROXY_SERVER;',
+    'static const int BIO_TYPE_NBIO_TEST;',
+    'static const int BIO_TYPE_BER;',
+    'static const int BIO_TYPE_BIO;',
+    'static const int BIO_TYPE_DESCRIPTOR;',
+    # BIO flags
+    'static const int BIO_FLAGS_READ;',
+    'static const int BIO_FLAGS_WRITE;',
+    'static const int BIO_FLAGS_IO_SPECIAL;',
+    'static const int BIO_FLAGS_RWS;',
+    'static const int BIO_FLAGS_SHOULD_RETRY;',
+    'typedef ... BUF_MEM;',
+    # BIO forward declaration
+    'typedef struct bio_st BIO;',
+    # BIO callbacks definition
+    'typedef void bio_info_cb(BIO *b, int oper, const char *ptr, int arg1, long arg2, long arg3);',
+    # BIO_METHOD definition
+    '''
+    struct bio_method_st {
+        int type;
+        const char *name;
+        int (*bwrite)(BIO*, const char*, int);
+        int (*bread)(BIO*, char*, int);
+        int (*bputs)(BIO*, const char*);
+        int (*bgets)(BIO*, char*, int);
+        long (*ctrl)(BIO*, int, long, void*);
+        int (*create)(BIO*);
+        int (*destroy)(BIO*);
+        long (*callback_ctrl)(BIO*, int, bio_info_cb*);
+        ...;
+    };''',
+    'typedef struct bio_method_st BIO_METHOD;',
+    # BIO definition
+    '''
+    struct bio_st {
+        BIO_METHOD *method;
+        long (*callback)(struct bio_st*, int, const char*, int, long, long);
+        char *cb_arg;
+        int init;
+        int shutdown;
+        int flags;
+        int retry_reason;
+        int num;
+        void *ptr;
+        struct bio_st *next_bio;
+        struct bio_st *prev_bio;
+        int references;
+        unsigned long num_read;
+        unsigned long num_write;
+        ...;
+    };''',
+]
+
+FUNCTIONS = [
+    # BIO create functions
+    'BIO* BIO_new(BIO_METHOD *type);',
+    'int BIO_set(BIO *a, BIO_METHOD *type);',
+    'int BIO_free(BIO *a);',
+    'void BIO_vfree(BIO *a);',
+    'void BIO_free_all(BIO *a);',
+    # BIO stacking functions
+    'BIO* BIO_push(BIO *b, BIO *append);',
+    'BIO* BIO_pop(BIO *b);',
+    'BIO* BIO_next(BIO *b);',
+    'BIO* BIO_find_type(BIO *b, int bio_type);',
+    'int BIO_method_type(BIO *b);',
+    # BIO control functions
+    'long BIO_ctrl(BIO *bp, int cmd, long larg, void *parg);',
+    'long BIO_callback_ctrl(BIO *b, int cmd, void (*fp)(struct bio_st *, int, const char *, int, long, long));',
+    'char* BIO_ptr_ctrl(BIO *bp, int cmd, long larg);',
+    'long BIO_int_ctrl(BIO *bp, int cmd, long larg, int iarg);',
+    'int BIO_reset(BIO *b);',
+    'int BIO_seek(BIO *b, int ofs);',
+    'int BIO_tell(BIO *b);',
+    'int BIO_flush(BIO *b);',
+    'int BIO_eof(BIO *b);',
+    'int BIO_set_close(BIO *b,long flag);',
+    'int BIO_get_close(BIO *b);',
+    'int BIO_pending(BIO *b);',
+    'int BIO_wpending(BIO *b);',
+    'size_t BIO_ctrl_pending(BIO *b);',
+    'size_t BIO_ctrl_wpending(BIO *b);',
+    'int BIO_get_info_callback(BIO *b,bio_info_cb **cbp);',
+    'int BIO_set_info_callback(BIO *b,bio_info_cb *cb);',
+    # BIO IO functions
+    'int BIO_read(BIO *b, void *buf, int len);',
+    'int BIO_gets(BIO *b, char *buf, int size);',
+    'int BIO_write(BIO *b, const void *buf, int len);',
+    'int BIO_puts(BIO *b, const char *buf);',
+    # BIO should functions
+    'int BIO_should_read(BIO *b);',
+    'int BIO_should_write(BIO *b);',
+    'int BIO_should_io_special(BIO *b);',
+    'int BIO_retry_type(BIO *b);',
+    'int BIO_should_retry(BIO *b);',
+]
diff --git a/cryptography/c/bio_filter.py b/cryptography/c/bio_filter.py
new file mode 100644
index 00000000..a29d8d8c
--- /dev/null
+++ b/cryptography/c/bio_filter.py
@@ -0,0 +1,42 @@
+INCLUDES = [
+    '#include <openssl/bio.h>',
+]
+
+TYPES = [
+    'static const int BIO_TYPE_NULL_FILTER;',
+    'static const int BIO_TYPE_SSL;',
+    'static const int BIO_TYPE_MD;',
+    'static const int BIO_TYPE_BUFFER;',
+    'static const int BIO_TYPE_CIPHER;',
+    'static const int BIO_TYPE_BASE64;',
+    'static const int BIO_TYPE_FILTER;',
+]
+
+FUNCTIONS = [
+    # BIO null
+    'BIO_METHOD *BIO_f_null(void);',
+    # BIO ssl
+    # TODO
+    # BIO message digests
+    'BIO_METHOD *BIO_f_md(void);',
+    'int BIO_set_md(BIO *b, EVP_MD *md);',
+    'int BIO_get_md(BIO *b, EVP_MD **mdp);',
+    'int BIO_set_md_ctx(BIO *b, EVP_MD_CTX **mdcp);',
+    'int BIO_get_md_ctx(BIO *b, EVP_MD_CTX **mdcp);',
+    # BIO buffer
+    'BIO_METHOD * BIO_f_buffer(void);',
+    'long BIO_get_buffer_num_lines(BIO *b);',
+    'long BIO_set_read_buffer_size(BIO *b, long size);',
+    'long BIO_set_write_buffer_size(BIO *b, long size);',
+    'long BIO_set_buffer_size(BIO *b, long size);',
+    'long BIO_set_buffer_read_data(BIO *b, void *buf, long num);',
+    # BIO cipher
+    'BIO_METHOD *   BIO_f_cipher(void);',
+    'void BIO_set_cipher(BIO *b,const EVP_CIPHER *cipher, unsigned char *key, unsigned char *iv, int enc);',
+    'int BIO_get_cipher_status(BIO *b);',
+    'int BIO_get_cipher_ctx(BIO *b, EVP_CIPHER_CTX **pctx);',
+    # BIO base64
+    'BIO_METHOD *BIO_f_base64(void);',
+    # BIO zlib
+#   'BIO_METHOD *BIO_f_zlib(void);',
+]
diff --git a/cryptography/c/bio_sink.py b/cryptography/c/bio_sink.py
new file mode 100644
index 00000000..578d7a95
--- /dev/null
+++ b/cryptography/c/bio_sink.py
@@ -0,0 +1,50 @@
+INCLUDES = [
+    '#include <openssl/bio.h>',
+]
+
+TYPES = [
+    'static const int BIO_TYPE_MEM;',
+    'static const int BIO_TYPE_FILE;',
+    'static const int BIO_TYPE_FD;',
+    'static const int BIO_TYPE_SOCKET;',
+    'static const int BIO_TYPE_CONNECT;',
+    'static const int BIO_TYPE_ACCEPT;',
+    'static const int BIO_TYPE_NULL;',
+    'static const int BIO_CLOSE;',
+    'static const int BIO_NOCLOSE;',
+    'static const int BIO_TYPE_SOURCE_SINK;',
+]
+
+FUNCTIONS = [
+    # BIO mem buffers
+    'BIO_METHOD *BIO_s_mem(void);',
+    'long BIO_set_mem_eof_return(BIO *b, int v);',
+    'long BIO_get_mem_data(BIO *b, char **pp);',
+    'long BIO_set_mem_buf(BIO *b,BUF_MEM *bm,int c);',
+    'long BIO_get_mem_ptr(BIO *b,BUF_MEM **pp);',
+    'BIO *BIO_new_mem_buf(void *buf, int len);',
+    # BIO files
+    'BIO_METHOD *BIO_s_file(void);',
+    'BIO *BIO_new_file(const char *filename, const char *mode);',
+    'BIO *BIO_new_fp(FILE *stream, int flags);',
+    'long BIO_set_fp(BIO *b, FILE *fp, int flags);',
+    'long BIO_get_fp(BIO *b, FILE **fpp);',
+    'int BIO_read_filename(BIO *b, char *name);',
+    'int BIO_write_filename(BIO *b, char *name);',
+    'int BIO_append_filename(BIO *b, char *name);',
+    'int BIO_rw_filename(BIO *b, char *name);',
+    # BIO fd
+    'BIO_METHOD *BIO_s_fd(void);',
+    'long BIO_set_fd(BIO *bp, long fd, int cmd);',
+    'long BIO_get_fd(BIO *bp, char *c);',
+    'BIO *BIO_new_fd(int fd, int close_flag);',
+    # BIO socket
+    'BIO_METHOD *BIO_s_socket(void);'
+    'BIO *BIO_new_socket(int sock, int close_flag);'
+    # BIO connect
+    # TODO
+    # BIO accept
+    # TODO
+    # BIO null
+    'BIO_METHOD *BIO_s_null(void);',
+]
diff --git a/cryptography/c/err.py b/cryptography/c/err.py
new file mode 100644
index 00000000..b59ece93
--- /dev/null
+++ b/cryptography/c/err.py
@@ -0,0 +1,47 @@
+INCLUDES = [
+    '#include <openssl/err.h>',
+    '#include <openssl/ssl.h>',
+]
+
+SETUP = [
+    'SSL_load_error_strings',
+]
+
+TEARDOWN = [
+    'ERR_free_strings',
+]
+
+TYPES = [
+'struct ERR_string_data_st { unsigned long error; const char *string; };',
+'typedef struct ERR_string_data_st ERR_STRING_DATA;',
+]
+
+FUNCTIONS = [
+    'void ERR_load_crypto_strings(void);',
+    'void ERR_free_strings(void);',
+    'void SSL_load_error_strings(void);',
+    'char* ERR_error_string(unsigned long e, char *buf);',
+    'void ERR_error_string_n(unsigned long e, char *buf, size_t len);',
+    'const char* ERR_lib_error_string(unsigned long e);',
+    'const char* ERR_func_error_string(unsigned long e);',
+    'const char* ERR_reason_error_string(unsigned long e);',
+    'void ERR_print_errors(BIO *bp);',
+    'void ERR_print_errors_fp(FILE *fp);',
+    'unsigned long ERR_get_error(void);',
+    'unsigned long ERR_peek_error(void);',
+    'unsigned long ERR_peek_last_error(void);',
+    'unsigned long ERR_get_error_line(const char **file, int *line);',
+    'unsigned long ERR_peek_error_line(const char **file, int *line);',
+    'unsigned long ERR_peek_last_error_line(const char **file, int *line);',
+    'unsigned long ERR_get_error_line_data(const char **file, int *line, const char **data, int *flags);',
+    'unsigned long ERR_peek_error_line_data(const char **file, int *line, const char **data, int *flags);',
+    'unsigned long ERR_peek_last_error_line_data(const char **file, int *line, const char **data, int *flags);',
+    'void ERR_put_error(int lib, int func, int reason, const char *file, int line);',
+    'void ERR_add_error_data(int num, ...);',
+    'void ERR_load_strings(int lib, ERR_STRING_DATA str[]);',
+    'int ERR_get_next_error_library(void);',
+    'unsigned long ERR_PACK(int lib, int func, int reason);',
+    'int ERR_GET_LIB(unsigned long e);',
+    'int ERR_GET_FUNC(unsigned long e);',
+    'int ERR_GET_REASON(unsigned long e);',
+]
diff --git a/cryptography/c/evp.py b/cryptography/c/evp.py
new file mode 100644
index 00000000..a063a222
--- /dev/null
+++ b/cryptography/c/evp.py
@@ -0,0 +1,11 @@
+INCLUDES = [
+    '#include "openssl/evp.h"',
+]
+
+TEARDOWN = [
+    'EVP_cleanup',
+]
+
+TYPES = [
+    'typedef ... ENGINE;',
+]
diff --git a/cryptography/c/evp_cipher.py b/cryptography/c/evp_cipher.py
new file mode 100644
index 00000000..4e6ae729
--- /dev/null
+++ b/cryptography/c/evp_cipher.py
@@ -0,0 +1,68 @@
+INCLUDES = [
+    '#include "openssl/evp.h"',
+]
+
+TYPES = [
+    'static const int EVP_CIPH_ECB_MODE;',
+    'static const int EVP_CIPH_CBC_MODE;',
+    'static const int EVP_CIPH_CFB_MODE;',
+    'static const int EVP_CIPH_OFB_MODE;',
+    'static const int EVP_CIPH_STREAM_CIPHER;',
+    'struct evp_cipher_ctx_st { ...; };',
+    'typedef ... EVP_CIPHER;',
+    'typedef struct evp_cipher_ctx_st EVP_CIPHER_CTX;',
+]
+
+FUNCTIONS = [
+    'void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *a);',
+    # encrypt_ex
+    'int EVP_EncryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, ENGINE *impl, unsigned char *key, unsigned char *iv);',
+    'int EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, unsigned char *in, int inl);',
+    'int EVP_EncryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);',
+    # decrypt_ex
+    'int EVP_DecryptInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, ENGINE *impl, unsigned char *key, unsigned char *iv);',
+    'int EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, unsigned char *in, int inl);',
+    'int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);',
+    # cipher_ex
+    'int EVP_CipherInit_ex(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, ENGINE *impl, unsigned char *key, unsigned char *iv, int enc);',
+    'int EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl, unsigned char *in, int inl);',
+    'int EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);',
+    # encrypt
+    'int EVP_EncryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *key, unsigned char *iv);',
+    'int EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);',
+    # decrypt
+    'int EVP_DecryptInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *key, unsigned char *iv);',
+    'int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);',
+    # cipher
+    'int EVP_CipherInit(EVP_CIPHER_CTX *ctx, const EVP_CIPHER *type, unsigned char *key, unsigned char *iv, int enc);',
+    'int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);',
+    # control
+    'int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);',
+    'int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);',
+    'int EVP_CIPHER_CTX_ctrl(EVP_CIPHER_CTX *ctx, int type, int arg, void *ptr);',
+    'int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);',
+    'const EVP_CIPHER *EVP_get_cipherbyname(const char *name);',
+    # cipher macros
+    'const EVP_CIPHER *EVP_get_cipherbynid(int n);',
+    'const EVP_CIPHER *EVP_get_cipherbyobj(const ASN1_OBJECT *o);',
+    'int EVP_CIPHER_nid(const EVP_CIPHER *cipher);',
+    'int EVP_CIPHER_block_size(const EVP_CIPHER *cipher);',
+    'int EVP_CIPHER_key_length(const EVP_CIPHER *cipher);',
+    'int EVP_CIPHER_iv_length(const EVP_CIPHER *cipher);',
+    'unsigned long EVP_CIPHER_flags(const EVP_CIPHER *cipher);',
+    'unsigned long EVP_CIPHER_mode(const EVP_CIPHER *cipher);',
+    'int EVP_CIPHER_type(const EVP_CIPHER *ctx);',
+    # ctx macros
+    'const EVP_CIPHER *EVP_CIPHER_CTX_cipher(const EVP_CIPHER_CTX *ctx);',
+    'int EVP_CIPHER_CTX_nid(const EVP_CIPHER_CTX *ctx);',
+    'int EVP_CIPHER_CTX_block_size(const EVP_CIPHER_CTX *ctx);',
+    'int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx);',
+    'int EVP_CIPHER_CTX_iv_length(const EVP_CIPHER_CTX *ctx);',
+    'void *EVP_CIPHER_CTX_get_app_data(const EVP_CIPHER_CTX *ctx);',
+    'void EVP_CIPHER_CTX_set_app_data(EVP_CIPHER_CTX *ctx, void *data);',
+    'int EVP_CIPHER_CTX_type(const EVP_CIPHER_CTX *ctx);',
+    'unsigned long EVP_CIPHER_CTX_flags(const EVP_CIPHER_CTX *ctx);',
+    'unsigned long EVP_CIPHER_CTX_mode(const EVP_CIPHER_CTX *ctx);',
+    'int EVP_CIPHER_param_to_asn1(EVP_CIPHER_CTX *c, ASN1_TYPE *type);',
+    'int EVP_CIPHER_asn1_to_param(EVP_CIPHER_CTX *c, ASN1_TYPE *type);',
+]
diff --git a/cryptography/c/evp_cipher_listing.py b/cryptography/c/evp_cipher_listing.py
new file mode 100644
index 00000000..5a0812c2
--- /dev/null
+++ b/cryptography/c/evp_cipher_listing.py
@@ -0,0 +1,82 @@
+INCLUDES = [
+    '#include "openssl/evp.h"',
+]
+
+FUNCTIONS = [
+    'const EVP_CIPHER *EVP_enc_null(void);',
+    'const EVP_CIPHER *EVP_des_ecb(void);',
+    'const EVP_CIPHER *EVP_des_ede(void);',
+    'const EVP_CIPHER *EVP_des_ede3(void);',
+    'const EVP_CIPHER *EVP_des_ede_ecb(void);',
+    'const EVP_CIPHER *EVP_des_ede3_ecb(void);',
+    'const EVP_CIPHER *EVP_des_cfb64(void);',
+    'const EVP_CIPHER *EVP_des_cfb1(void);',
+    'const EVP_CIPHER *EVP_des_cfb8(void);',
+    'const EVP_CIPHER *EVP_des_ede_cfb64(void);',
+    'const EVP_CIPHER *EVP_des_ede3_cfb64(void);',
+    'const EVP_CIPHER *EVP_des_ede3_cfb1(void);',
+    'const EVP_CIPHER *EVP_des_ede3_cfb8(void);',
+    'const EVP_CIPHER *EVP_des_ofb(void);',
+    'const EVP_CIPHER *EVP_des_ede_ofb(void);',
+    'const EVP_CIPHER *EVP_des_ede3_ofb(void);',
+    'const EVP_CIPHER *EVP_des_cbc(void);',
+    'const EVP_CIPHER *EVP_des_ede_cbc(void);',
+    'const EVP_CIPHER *EVP_des_ede3_cbc(void);',
+    'const EVP_CIPHER *EVP_desx_cbc(void);',
+    'const EVP_CIPHER *EVP_rc4(void);',
+    'const EVP_CIPHER *EVP_rc4_40(void);',
+    'const EVP_CIPHER *EVP_rc2_ecb(void);',
+    'const EVP_CIPHER *EVP_rc2_cbc(void);',
+    'const EVP_CIPHER *EVP_rc2_40_cbc(void);',
+    'const EVP_CIPHER *EVP_rc2_64_cbc(void);',
+    'const EVP_CIPHER *EVP_rc2_cfb64(void);',
+    'const EVP_CIPHER *EVP_rc2_ofb(void);',
+    'const EVP_CIPHER *EVP_bf_ecb(void);',
+    'const EVP_CIPHER *EVP_bf_cbc(void);',
+    'const EVP_CIPHER *EVP_bf_cfb64(void);',
+    'const EVP_CIPHER *EVP_bf_ofb(void);',
+    'const EVP_CIPHER *EVP_cast5_ecb(void);',
+    'const EVP_CIPHER *EVP_cast5_cbc(void);',
+    'const EVP_CIPHER *EVP_cast5_cfb64(void);',
+    'const EVP_CIPHER *EVP_cast5_ofb(void);',
+#   'const EVP_CIPHER *EVP_rc5_32_12_16_ecb(void);',
+#   'const EVP_CIPHER *EVP_rc5_32_12_16_cbc(void);',
+#   'const EVP_CIPHER *EVP_rc5_32_12_16_cfb64(void);',
+#   'const EVP_CIPHER *EVP_rc5_32_12_16_ofb(void);',
+    'const EVP_CIPHER *EVP_aes_128_ecb(void);',
+    'const EVP_CIPHER *EVP_aes_128_cbc(void);',
+    'const EVP_CIPHER *EVP_aes_128_cfb1(void);',
+    'const EVP_CIPHER *EVP_aes_128_cfb8(void);',
+    'const EVP_CIPHER *EVP_aes_128_cfb128(void);',
+    'const EVP_CIPHER *EVP_aes_128_ofb(void);',
+    'const EVP_CIPHER *EVP_aes_192_ecb(void);',
+    'const EVP_CIPHER *EVP_aes_192_cbc(void);',
+    'const EVP_CIPHER *EVP_aes_192_cfb1(void);',
+    'const EVP_CIPHER *EVP_aes_192_cfb8(void);',
+    'const EVP_CIPHER *EVP_aes_192_cfb128(void);',
+    'const EVP_CIPHER *EVP_aes_192_ofb(void);',
+    'const EVP_CIPHER *EVP_aes_256_ecb(void);',
+    'const EVP_CIPHER *EVP_aes_256_cbc(void);',
+    'const EVP_CIPHER *EVP_aes_256_cfb1(void);',
+    'const EVP_CIPHER *EVP_aes_256_cfb8(void);',
+    'const EVP_CIPHER *EVP_aes_256_cfb128(void);',
+    'const EVP_CIPHER *EVP_aes_256_ofb(void);',
+#   'const EVP_CIPHER *EVP_camellia_128_ecb(void);',
+#   'const EVP_CIPHER *EVP_camellia_128_cbc(void);',
+#   'const EVP_CIPHER *EVP_camellia_128_cfb1(void);',
+#   'const EVP_CIPHER *EVP_camellia_128_cfb8(void);',
+#   'const EVP_CIPHER *EVP_camellia_128_cfb128(void);',
+#   'const EVP_CIPHER *EVP_camellia_128_ofb(void);',
+#   'const EVP_CIPHER *EVP_camellia_192_ecb(void);',
+#   'const EVP_CIPHER *EVP_camellia_192_cbc(void);',
+#   'const EVP_CIPHER *EVP_camellia_192_cfb1(void);',
+#   'const EVP_CIPHER *EVP_camellia_192_cfb8(void);',
+#   'const EVP_CIPHER *EVP_camellia_192_cfb128(void);',
+#   'const EVP_CIPHER *EVP_camellia_192_ofb(void);',
+#   'const EVP_CIPHER *EVP_camellia_256_ecb(void);',
+#   'const EVP_CIPHER *EVP_camellia_256_cbc(void);',
+#   'const EVP_CIPHER *EVP_camellia_256_cfb1(void);',
+#   'const EVP_CIPHER *EVP_camellia_256_cfb8(void);',
+#   'const EVP_CIPHER *EVP_camellia_256_cfb128(void);',
+#   'const EVP_CIPHER *EVP_camellia_256_ofb(void);',
+]
diff --git a/cryptography/c/evp_md.py b/cryptography/c/evp_md.py
new file mode 100644
index 00000000..ce3583e5
--- /dev/null
+++ b/cryptography/c/evp_md.py
@@ -0,0 +1,56 @@
+INCLUDES = [
+    '#include "openssl/evp.h"',
+]
+
+TYPES = [
+    'static const int EVP_MAX_MD_SIZE;',
+    'static const int EVP_MAX_KEY_LENGTH;',
+    'static const int EVP_MAX_IV_LENGTH;',
+    'static const int EVP_MAX_BLOCK_LENGTH;',
+    'struct env_md_ctx_st { ...; };',
+    'typedef ... EVP_MD;',
+    'typedef struct env_md_ctx_st EVP_MD_CTX;',
+]
+
+FUNCTIONS = [
+    'void EVP_cleanup(void);',
+    'void EVP_MD_CTX_init(EVP_MD_CTX *ctx);',
+    'EVP_MD_CTX *EVP_MD_CTX_create(void);',
+    'int EVP_DigestInit_ex(EVP_MD_CTX *ctx, const EVP_MD *type, ENGINE *impl);',
+    'int EVP_DigestUpdate(EVP_MD_CTX *ctx, const void *d, size_t cnt);',
+    'int EVP_DigestFinal_ex(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);',
+    'int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);',
+    'void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);',
+    'int EVP_MD_CTX_copy_ex(EVP_MD_CTX *out,const EVP_MD_CTX *in);',
+    'int EVP_DigestInit(EVP_MD_CTX *ctx, const EVP_MD *type);',
+    'int EVP_DigestFinal(EVP_MD_CTX *ctx, unsigned char *md, unsigned int *s);',
+    'int EVP_MD_CTX_copy(EVP_MD_CTX *out,EVP_MD_CTX *in);',
+    'const EVP_MD *EVP_get_digestbyname(const char *name);',
+    'const EVP_MD *EVP_get_digestbynid(int n);',
+    'const EVP_MD *EVP_get_digestbyobj(const ASN1_OBJECT *o);',
+    'const EVP_MD *EVP_md_null(void);',
+#   'const EVP_MD *EVP_md2(void);',
+    'const EVP_MD *EVP_md4(void);',
+    'const EVP_MD *EVP_md5(void);',
+    'const EVP_MD *EVP_sha(void);',
+    'const EVP_MD *EVP_sha1(void);',
+    'const EVP_MD *EVP_dss(void);',
+    'const EVP_MD *EVP_dss1(void);',
+    'const EVP_MD *EVP_ecdsa(void);',
+    'const EVP_MD *EVP_sha224(void);',
+    'const EVP_MD *EVP_sha256(void);',
+    'const EVP_MD *EVP_sha384(void);',
+    'const EVP_MD *EVP_sha512(void);',
+#   'const EVP_MD *EVP_mdc(void);',
+    'const EVP_MD *EVP_ripemd160(void);',
+#   'const EVP_MD *EVP_dsa_sha(void);',
+#   'const EVP_MD *EVP_dsa_sha1(void);',
+    'int EVP_MD_type(const EVP_MD *md);',
+    'int EVP_MD_pkey_type(const EVP_MD *md);',
+    'int EVP_MD_size(const EVP_MD *md);',
+    'int EVP_MD_block_size(const EVP_MD *md);',
+    'const EVP_MD *EVP_MD_CTX_md(const EVP_MD_CTX *ctx);',
+    'int EVP_MD_CTX_size(const EVP_MD_CTX *ctx);',
+    'int EVP_MD_CTX_block_size(const EVP_MD_CTX *ctx);',
+    'int EVP_MD_CTX_type(const EVP_MD_CTX *ctx);',
+]
diff --git a/cryptography/c/hmac.py b/cryptography/c/hmac.py
new file mode 100644
index 00000000..aec734a8
--- /dev/null
+++ b/cryptography/c/hmac.py
@@ -0,0 +1,21 @@
+INCLUDES = [
+    '#include <openssl/hmac.h>',
+]
+
+TYPES = [
+    'struct hmac_ctx_st { ...; };',
+    'typedef struct hmac_ctx_st HMAC_CTX;',
+]
+
+FUNCTIONS = [
+    'unsigned char *HMAC(const EVP_MD *evp_md, const void *key,'
+        'int key_len, const unsigned char *d, int n,'
+        'unsigned char *md, unsigned int *md_len);',
+    'void HMAC_CTX_init(HMAC_CTX *ctx);',
+    'void HMAC_Init(HMAC_CTX *ctx, const void *key, int key_len, const EVP_MD *md);',
+    'void HMAC_Init_ex(HMAC_CTX *ctx, const void *key, int key_len, const EVP_MD *md, ENGINE *impl);',
+    'void HMAC_Update(HMAC_CTX *ctx, const unsigned char *data, int len);',
+    'void HMAC_Final(HMAC_CTX *ctx, unsigned char *md, unsigned int *len);',
+    'void HMAC_CTX_cleanup(HMAC_CTX *ctx);',
+    'void HMAC_cleanup(HMAC_CTX *ctx);',
+]
diff --git a/cryptography/c/nid.py b/cryptography/c/nid.py
new file mode 100644
index 00000000..6d55a058
--- /dev/null
+++ b/cryptography/c/nid.py
@@ -0,0 +1,23 @@
+TYPES = [
+    'static const int NID_undef;',
+    'static const int NID_dsa;',
+    'static const int NID_dsaWithSHA;',
+    'static const int NID_dsaWithSHA1;',
+#   'static const int NID_md2;',
+    'static const int NID_md4;',
+    'static const int NID_md5;',
+    'static const int NID_mdc2;',
+    'static const int NID_ripemd160;',
+    'static const int NID_sha;',
+    'static const int NID_sha1;',
+    'static const int NID_sha256;',
+    'static const int NID_sha384;',
+    'static const int NID_sha512;',
+    'static const int NID_sha224;',
+    'static const int NID_sha;',
+    'static const int NID_ecdsa_with_SHA1;',
+    'static const int NID_ecdsa_with_SHA224;',
+    'static const int NID_ecdsa_with_SHA256;',
+    'static const int NID_ecdsa_with_SHA384;',
+    'static const int NID_ecdsa_with_SHA512;',
+]
diff --git a/cryptography/c/obj.py b/cryptography/c/obj.py
new file mode 100644
index 00000000..6b5bf67e
--- /dev/null
+++ b/cryptography/c/obj.py
@@ -0,0 +1,33 @@
+INCLUDES = [
+    '#include <openssl/objects.h>',
+]
+
+TYPES = [
+    'static const int OBJ_NAME_TYPE_UNDEF;',
+    'static const int OBJ_NAME_TYPE_MD_METH;',
+    'static const int OBJ_NAME_TYPE_CIPHER_METH;',
+    'static const int OBJ_NAME_TYPE_PKEY_METH;',
+    'static const int OBJ_NAME_TYPE_COMP_METH;',
+    'static const int OBJ_NAME_TYPE_NUM;',
+    'struct obj_name_st { int type; int alias; const char *name; const char *data; ...; };',
+    'typedef struct obj_name_st OBJ_NAME;',
+]
+
+FUNCTIONS = [
+    'ASN1_OBJECT *OBJ_nid2obj(int n);',
+    'const char *OBJ_nid2ln(int n);',
+    'const char *OBJ_nid2sn(int n);',
+    'int OBJ_obj2nid(const ASN1_OBJECT *o);',
+    'int OBJ_ln2nid(const char *ln);',
+    'int OBJ_sn2nid(const char *sn);',
+    'int OBJ_txt2nid(const char *s);',
+    'ASN1_OBJECT * OBJ_txt2obj(const char *s, int no_name);',
+    'int OBJ_obj2txt(char *buf, int buf_len, const ASN1_OBJECT *a, int no_name);',
+    'int OBJ_cmp(const ASN1_OBJECT *a,const ASN1_OBJECT *b);',
+    'ASN1_OBJECT * OBJ_dup(const ASN1_OBJECT *o);',
+    'int OBJ_create(const char *oid,const char *sn,const char *ln);',
+    'void OBJ_cleanup(void);',
+    'int OBJ_NAME_init(void);',
+    'void OBJ_NAME_do_all(int type,void (*fn)(const OBJ_NAME *,void *arg), void *arg);',
+    'void OBJ_NAME_do_all_sorted(int type,void (*fn)(const OBJ_NAME *,void *arg), void *arg);',
+]
diff --git a/cryptography/c/openssl.py b/cryptography/c/openssl.py
new file mode 100644
index 00000000..0fc9d706
--- /dev/null
+++ b/cryptography/c/openssl.py
@@ -0,0 +1,14 @@
+INCLUDES = [
+    '#include "openssl/ssl.h"',
+]
+
+SETUP = [
+    'OpenSSL_add_all_digests',
+    'OpenSSL_add_all_ciphers',
+]
+
+FUNCTIONS = [
+    "void OpenSSL_add_all_algorithms(void);",
+    "void OpenSSL_add_all_ciphers(void);",
+    "void OpenSSL_add_all_digests(void);",
+]
diff --git a/cryptography/c/pkcs5.py b/cryptography/c/pkcs5.py
new file mode 100644
index 00000000..423f5e64
--- /dev/null
+++ b/cryptography/c/pkcs5.py
@@ -0,0 +1,13 @@
+INCLUDES = [
+    '#include "openssl/evp.h"',
+]
+
+FUNCTIONS = [
+    'int PKCS5_PBKDF2_HMAC_SHA1(const char *pass, int passlen,'
+        'const unsigned char *salt, int saltlen, int iter,'
+        'int keylen, unsigned char *out);',
+    'int EVP_BytesToKey(const EVP_CIPHER *type,const EVP_MD *md,'
+        'const unsigned char *salt,'
+        'const unsigned char *data, int datal, int count,'
+        'unsigned char *key,unsigned char *iv);',
+]
diff --git a/cryptography/c/rand.py b/cryptography/c/rand.py
new file mode 100644
index 00000000..ce7cd1bc
--- /dev/null
+++ b/cryptography/c/rand.py
@@ -0,0 +1,18 @@
+INCLUDES = [
+    '#include <openssl/rand.h>',
+]
+
+FUNCTIONS = [
+    'void RAND_seed(const void *buf, int num);',
+    'void RAND_add(const void *buf, int num, double entropy);',
+    'int RAND_status(void);',
+    'int RAND_egd(const char *path);',
+    'int RAND_egd_bytes(const char *path, int bytes);',
+    'int RAND_query_egd_bytes(const char *path, unsigned char *buf, int bytes);',
+    'const char *RAND_file_name(char *buf, size_t num);',
+    'int RAND_load_file(const char *filename, long max_bytes);',
+    'int RAND_write_file(const char *filename);',
+    'void RAND_cleanup(void);',
+    'int RAND_bytes(unsigned char *buf, int num);',
+    'int RAND_pseudo_bytes(unsigned char *buf, int num);',
+]
diff --git a/cryptography/c/ssl.py b/cryptography/c/ssl.py
new file mode 100644
index 00000000..25dd006a
--- /dev/null
+++ b/cryptography/c/ssl.py
@@ -0,0 +1,108 @@
+from functools import wraps
+
+INCLUDES = [
+    '#include "openssl/ssl.h"',
+]
+
+SETUP = [
+    'SSL_library_init',
+]
+
+TYPES = [
+    # Internally invented symbol to tell us if SSLv2 is supported
+    'static const int OPENTLS_NO_SSL2;',
+
+    'typedef ... SSL_METHOD;',
+    'typedef ... SSL_CTX;',
+]
+
+FUNCTIONS = [
+    'int SSL_library_init(void);',
+
+    # methods
+    'const SSL_METHOD *SSLv3_method(void);',
+    'const SSL_METHOD *SSLv3_server_method(void);',
+    'const SSL_METHOD *SSLv3_client_method(void);',
+    'const SSL_METHOD *TLSv1_method(void);',
+    'const SSL_METHOD *TLSv1_server_method(void);',
+    'const SSL_METHOD *TLSv1_client_method(void);',
+    'const SSL_METHOD *SSLv23_method(void);',
+    'const SSL_METHOD *SSLv23_server_method(void);',
+    'const SSL_METHOD *SSLv23_client_method(void);',
+
+    # SSLv2 support is compiled out of some versions of OpenSSL.  These will
+    # get special support when we generate the bindings so that if they are
+    # available they will be wrapped, but if they are not they won't cause
+    # problems (like link errors).
+    'SSL_METHOD *SSLv2_method(void);',
+    'SSL_METHOD *SSLv2_server_method(void);',
+    'SSL_METHOD *SSLv2_client_method(void);',
+
+    # context
+    'SSL_CTX *SSL_CTX_new(SSL_METHOD *method);',
+    'void SSL_CTX_free(SSL_CTX *ctx);',
+]
+
+C_CUSTOMIZATION = [
+    """
+#ifdef OPENSSL_NO_SSL2
+static const int OPENTLS_NO_SSL2 = 1;
+SSL_METHOD* (*SSLv2_method)(void) = NULL;
+SSL_METHOD* (*SSLv2_client_method)(void) = NULL;
+SSL_METHOD* (*SSLv2_server_method)(void) = NULL;
+#else
+static const int OPENTLS_NO_SSL2 = 0;
+#endif
+"""]
+
+
+def _not_implemented_override(wrapped):
+    """
+    Decorator to help define an override which just raises NotImplementedError,
+    useful to define friendly versions of APIs which are not actually available
+    in the version of OpenSSL currently in use.
+
+    wrapped is the Python function which will override the cffi-defined
+    wrapper.
+
+    This returns a factory to create the override function.  It expects to be
+    called by the tls.c.api setup machinery.  See tls/c/__init__.py.
+    """
+    @wraps(wrapped)
+    def _not_implemented_factory(api, from_openssl):
+        """
+        If SSLv2 is not supported by the OpenSSL library represented by the
+        given api object, create an override function which raises
+        NotImplementedError instead of trying to call the requested API (which
+        would probably result in a null pointer dereference).
+        """
+        if api.OPENTLS_NO_SSL2:
+            # SSLv2 is unsupported, give back the safe wrapper
+            @wraps(wrapped)
+            def not_implemented(*args, **kwargs):
+                raise NotImplementedError()
+            return not_implemented
+        else:
+            # SSLv2 is supported, give back the original function
+            return from_openssl
+
+    return _not_implemented_factory
+
+
+@_not_implemented_override
+def SSLv2_method():
+    pass
+
+
+@_not_implemented_override
+def SSLv2_client_method():
+    pass
+
+
+@_not_implemented_override
+def SSLv2_server_method():
+    pass
+
+OVERRIDES = [
+    SSLv2_method, SSLv2_client_method, SSLv2_server_method,
+]
diff --git a/cryptography/c/ssleay.py b/cryptography/c/ssleay.py
new file mode 100644
index 00000000..a75d664c
--- /dev/null
+++ b/cryptography/c/ssleay.py
@@ -0,0 +1,16 @@
+INCLUDES = [
+    '#include "openssl/ssl.h"',
+]
+
+TYPES = [
+    'static const int SSLEAY_VERSION;',
+    'static const int SSLEAY_CFLAGS;',
+    'static const int SSLEAY_BUILT_ON;',
+    'static const int SSLEAY_PLATFORM;',
+    'static const int SSLEAY_DIR;',
+]
+
+FUNCTIONS = [
+    "long SSLeay(void);",
+    "const char* SSLeay_version(int);",
+]
diff --git a/cryptography/c/stdio.py b/cryptography/c/stdio.py
new file mode 100644
index 00000000..553b6fc9
--- /dev/null
+++ b/cryptography/c/stdio.py
@@ -0,0 +1,12 @@
+INCLUDES = [
+    '#include <stdio.h>',
+]
+
+TYPES = [
+]
+
+FUNCTIONS = [
+    'FILE *fdopen(int fildes, const char *mode);',
+    'FILE *fopen(const char *restrict filename, const char *restrict mode);',
+    'FILE *freopen(const char *restrict filename, const char *restrict mode, FILE *restrict stream);',
+]
diff --git a/docs/Makefile b/docs/Makefile
new file mode 100644
index 00000000..323aeca1
--- /dev/null
+++ b/docs/Makefile
@@ -0,0 +1,153 @@
+# Makefile for Sphinx documentation
+#
+
+# You can set these variables from the command line.
+SPHINXOPTS    =
+SPHINXBUILD   = sphinx-build
+PAPER         =
+BUILDDIR      = _build
+
+# Internal variables.
+PAPEROPT_a4     = -D latex_paper_size=a4
+PAPEROPT_letter = -D latex_paper_size=letter
+ALLSPHINXOPTS   = -d $(BUILDDIR)/doctrees $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) .
+# the i18n builder cannot share the environment and doctrees with the others
+I18NSPHINXOPTS  = $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) .
+
+.PHONY: help clean html dirhtml singlehtml pickle json htmlhelp qthelp devhelp epub latex latexpdf text man changes linkcheck doctest gettext
+
+help:
+	@echo "Please use \`make <target>' where <target> is one of"
+	@echo "  html       to make standalone HTML files"
+	@echo "  dirhtml    to make HTML files named index.html in directories"
+	@echo "  singlehtml to make a single large HTML file"
+	@echo "  pickle     to make pickle files"
+	@echo "  json       to make JSON files"
+	@echo "  htmlhelp   to make HTML files and a HTML help project"
+	@echo "  qthelp     to make HTML files and a qthelp project"
+	@echo "  devhelp    to make HTML files and a Devhelp project"
+	@echo "  epub       to make an epub"
+	@echo "  latex      to make LaTeX files, you can set PAPER=a4 or PAPER=letter"
+	@echo "  latexpdf   to make LaTeX files and run them through pdflatex"
+	@echo "  text       to make text files"
+	@echo "  man        to make manual pages"
+	@echo "  texinfo    to make Texinfo files"
+	@echo "  info       to make Texinfo files and run them through makeinfo"
+	@echo "  gettext    to make PO message catalogs"
+	@echo "  changes    to make an overview of all changed/added/deprecated items"
+	@echo "  linkcheck  to check all external links for integrity"
+	@echo "  doctest    to run all doctests embedded in the documentation (if enabled)"
+
+clean:
+	-rm -rf $(BUILDDIR)/*
+
+html:
+	$(SPHINXBUILD) -b html $(ALLSPHINXOPTS) $(BUILDDIR)/html
+	@echo
+	@echo "Build finished. The HTML pages are in $(BUILDDIR)/html."
+
+dirhtml:
+	$(SPHINXBUILD) -b dirhtml $(ALLSPHINXOPTS) $(BUILDDIR)/dirhtml
+	@echo
+	@echo "Build finished. The HTML pages are in $(BUILDDIR)/dirhtml."
+
+singlehtml:
+	$(SPHINXBUILD) -b singlehtml $(ALLSPHINXOPTS) $(BUILDDIR)/singlehtml
+	@echo
+	@echo "Build finished. The HTML page is in $(BUILDDIR)/singlehtml."
+
+pickle:
+	$(SPHINXBUILD) -b pickle $(ALLSPHINXOPTS) $(BUILDDIR)/pickle
+	@echo
+	@echo "Build finished; now you can process the pickle files."
+
+json:
+	$(SPHINXBUILD) -b json $(ALLSPHINXOPTS) $(BUILDDIR)/json
+	@echo
+	@echo "Build finished; now you can process the JSON files."
+
+htmlhelp:
+	$(SPHINXBUILD) -b htmlhelp $(ALLSPHINXOPTS) $(BUILDDIR)/htmlhelp
+	@echo
+	@echo "Build finished; now you can run HTML Help Workshop with the" \
+	      ".hhp project file in $(BUILDDIR)/htmlhelp."
+
+qthelp:
+	$(SPHINXBUILD) -b qthelp $(ALLSPHINXOPTS) $(BUILDDIR)/qthelp
+	@echo
+	@echo "Build finished; now you can run "qcollectiongenerator" with the" \
+	      ".qhcp project file in $(BUILDDIR)/qthelp, like this:"
+	@echo "# qcollectiongenerator $(BUILDDIR)/qthelp/Cryptography.qhcp"
+	@echo "To view the help file:"
+	@echo "# assistant -collectionFile $(BUILDDIR)/qthelp/Cryptography.qhc"
+
+devhelp:
+	$(SPHINXBUILD) -b devhelp $(ALLSPHINXOPTS) $(BUILDDIR)/devhelp
+	@echo
+	@echo "Build finished."
+	@echo "To view the help file:"
+	@echo "# mkdir -p $$HOME/.local/share/devhelp/Cryptography"
+	@echo "# ln -s $(BUILDDIR)/devhelp $$HOME/.local/share/devhelp/Cryptography"
+	@echo "# devhelp"
+
+epub:
+	$(SPHINXBUILD) -b epub $(ALLSPHINXOPTS) $(BUILDDIR)/epub
+	@echo
+	@echo "Build finished. The epub file is in $(BUILDDIR)/epub."
+
+latex:
+	$(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex
+	@echo
+	@echo "Build finished; the LaTeX files are in $(BUILDDIR)/latex."
+	@echo "Run \`make' in that directory to run these through (pdf)latex" \
+	      "(use \`make latexpdf' here to do that automatically)."
+
+latexpdf:
+	$(SPHINXBUILD) -b latex $(ALLSPHINXOPTS) $(BUILDDIR)/latex
+	@echo "Running LaTeX files through pdflatex..."
+	$(MAKE) -C $(BUILDDIR)/latex all-pdf
+	@echo "pdflatex finished; the PDF files are in $(BUILDDIR)/latex."
+
+text:
+	$(SPHINXBUILD) -b text $(ALLSPHINXOPTS) $(BUILDDIR)/text
+	@echo
+	@echo "Build finished. The text files are in $(BUILDDIR)/text."
+
+man:
+	$(SPHINXBUILD) -b man $(ALLSPHINXOPTS) $(BUILDDIR)/man
+	@echo
+	@echo "Build finished. The manual pages are in $(BUILDDIR)/man."
+
+texinfo:
+	$(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo
+	@echo
+	@echo "Build finished. The Texinfo files are in $(BUILDDIR)/texinfo."
+	@echo "Run \`make' in that directory to run these through makeinfo" \
+	      "(use \`make info' here to do that automatically)."
+
+info:
+	$(SPHINXBUILD) -b texinfo $(ALLSPHINXOPTS) $(BUILDDIR)/texinfo
+	@echo "Running Texinfo files through makeinfo..."
+	make -C $(BUILDDIR)/texinfo info
+	@echo "makeinfo finished; the Info files are in $(BUILDDIR)/texinfo."
+
+gettext:
+	$(SPHINXBUILD) -b gettext $(I18NSPHINXOPTS) $(BUILDDIR)/locale
+	@echo
+	@echo "Build finished. The message catalogs are in $(BUILDDIR)/locale."
+
+changes:
+	$(SPHINXBUILD) -b changes $(ALLSPHINXOPTS) $(BUILDDIR)/changes
+	@echo
+	@echo "The overview file is in $(BUILDDIR)/changes."
+
+linkcheck:
+	$(SPHINXBUILD) -b linkcheck $(ALLSPHINXOPTS) $(BUILDDIR)/linkcheck
+	@echo
+	@echo "Link check complete; look for any errors in the above output " \
+	      "or in $(BUILDDIR)/linkcheck/output.txt."
+
+doctest:
+	$(SPHINXBUILD) -b doctest $(ALLSPHINXOPTS) $(BUILDDIR)/doctest
+	@echo "Testing of doctests in the sources finished, look at the " \
+	      "results in $(BUILDDIR)/doctest/output.txt."
diff --git a/docs/conf.py b/docs/conf.py
new file mode 100644
index 00000000..183145f9
--- /dev/null
+++ b/docs/conf.py
@@ -0,0 +1,246 @@
+# -*- coding: utf-8 -*-
+#
+# Cryptography documentation build configuration file, created by
+# sphinx-quickstart on Tue Aug  6 19:19:14 2013.
+#
+# This file is execfile()d with the current directory set to its containing dir.
+#
+# Note that not all possible configuration values are present in this
+# autogenerated file.
+#
+# All configuration values have a default; values that are commented out
+# serve to show the default.
+
+import sys, os
+
+# If extensions (or modules to document with autodoc) are in another directory,
+# add these directories to sys.path here. If the directory is relative to the
+# documentation root, use os.path.abspath to make it absolute, like shown here.
+#sys.path.insert(0, os.path.abspath('.'))
+
+# -- General configuration -----------------------------------------------------
+
+# If your documentation needs a minimal Sphinx version, state it here.
+#needs_sphinx = '1.0'
+
+# Add any Sphinx extension module names here, as strings. They can be extensions
+# coming with Sphinx (named 'sphinx.ext.*') or your custom ones.
+extensions = ['sphinx.ext.autodoc', 'sphinx.ext.intersphinx', 'sphinx.ext.viewcode']
+
+# Add any paths that contain templates here, relative to this directory.
+templates_path = ['_templates']
+
+# The suffix of source filenames.
+source_suffix = '.rst'
+
+# The encoding of source files.
+#source_encoding = 'utf-8-sig'
+
+# The master toctree document.
+master_doc = 'index'
+
+# General information about the project.
+project = u'Cryptography'
+copyright = u'2013, Individual Contributors'
+
+# The version info for the project you're documenting, acts as replacement for
+# |version| and |release|, also used in various other places throughout the
+# built documents.
+#
+# The short X.Y version.
+version = '0.1dev'
+# The full version, including alpha/beta/rc tags.
+release = '0.1dev'
+
+# The language for content autogenerated by Sphinx. Refer to documentation
+# for a list of supported languages.
+#language = None
+
+# There are two options for replacing |today|: either, you set today to some
+# non-false value, then it is used:
+#today = ''
+# Else, today_fmt is used as the format for a strftime call.
+#today_fmt = '%B %d, %Y'
+
+# List of patterns, relative to source directory, that match files and
+# directories to ignore when looking for source files.
+exclude_patterns = ['_build']
+
+# The reST default role (used for this markup: `text`) to use for all documents.
+#default_role = None
+
+# If true, '()' will be appended to :func: etc. cross-reference text.
+#add_function_parentheses = True
+
+# If true, the current module name will be prepended to all description
+# unit titles (such as .. function::).
+#add_module_names = True
+
+# If true, sectionauthor and moduleauthor directives will be shown in the
+# output. They are ignored by default.
+#show_authors = False
+
+# The name of the Pygments (syntax highlighting) style to use.
+pygments_style = 'sphinx'
+
+# A list of ignored prefixes for module index sorting.
+#modindex_common_prefix = []
+
+
+# -- Options for HTML output ---------------------------------------------------
+
+# The theme to use for HTML and HTML Help pages.  See the documentation for
+# a list of builtin themes.
+html_theme = 'default'
+
+# Theme options are theme-specific and customize the look and feel of a theme
+# further.  For a list of options available for each theme, see the
+# documentation.
+#html_theme_options = {}
+
+# Add any paths that contain custom themes here, relative to this directory.
+#html_theme_path = []
+
+# The name for this set of Sphinx documents.  If None, it defaults to
+# "<project> v<release> documentation".
+#html_title = None
+
+# A shorter title for the navigation bar.  Default is the same as html_title.
+#html_short_title = None
+
+# The name of an image file (relative to this directory) to place at the top
+# of the sidebar.
+#html_logo = None
+
+# The name of an image file (within the static path) to use as favicon of the
+# docs.  This file should be a Windows icon file (.ico) being 16x16 or 32x32
+# pixels large.
+#html_favicon = None
+
+# Add any paths that contain custom static files (such as style sheets) here,
+# relative to this directory. They are copied after the builtin static files,
+# so a file named "default.css" will overwrite the builtin "default.css".
+html_static_path = ['_static']
+
+# If not '', a 'Last updated on:' timestamp is inserted at every page bottom,
+# using the given strftime format.
+#html_last_updated_fmt = '%b %d, %Y'
+
+# If true, SmartyPants will be used to convert quotes and dashes to
+# typographically correct entities.
+#html_use_smartypants = True
+
+# Custom sidebar templates, maps document names to template names.
+#html_sidebars = {}
+
+# Additional templates that should be rendered to pages, maps page names to
+# template names.
+#html_additional_pages = {}
+
+# If false, no module index is generated.
+#html_domain_indices = True
+
+# If false, no index is generated.
+#html_use_index = True
+
+# If true, the index is split into individual pages for each letter.
+#html_split_index = False
+
+# If true, links to the reST sources are added to the pages.
+#html_show_sourcelink = True
+
+# If true, "Created using Sphinx" is shown in the HTML footer. Default is True.
+#html_show_sphinx = True
+
+# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True.
+#html_show_copyright = True
+
+# If true, an OpenSearch description file will be output, and all pages will
+# contain a <link> tag referring to it.  The value of this option must be the
+# base URL from which the finished HTML is served.
+#html_use_opensearch = ''
+
+# This is the file name suffix for HTML files (e.g. ".xhtml").
+#html_file_suffix = None
+
+# Output file base name for HTML help builder.
+htmlhelp_basename = 'Cryptographydoc'
+
+
+# -- Options for LaTeX output --------------------------------------------------
+
+latex_elements = {
+# The paper size ('letterpaper' or 'a4paper').
+#'papersize': 'letterpaper',
+
+# The font size ('10pt', '11pt' or '12pt').
+#'pointsize': '10pt',
+
+# Additional stuff for the LaTeX preamble.
+#'preamble': '',
+}
+
+# Grouping the document tree into LaTeX files. List of tuples
+# (source start file, target name, title, author, documentclass [howto/manual]).
+latex_documents = [
+  ('index', 'Cryptography.tex', u'Cryptography Documentation',
+   u'Individual Contributors', 'manual'),
+]
+
+# The name of an image file (relative to this directory) to place at the top of
+# the title page.
+#latex_logo = None
+
+# For "manual" documents, if this is true, then toplevel headings are parts,
+# not chapters.
+#latex_use_parts = False
+
+# If true, show page references after internal links.
+#latex_show_pagerefs = False
+
+# If true, show URL addresses after external links.
+#latex_show_urls = False
+
+# Documents to append as an appendix to all manuals.
+#latex_appendices = []
+
+# If false, no module index is generated.
+#latex_domain_indices = True
+
+
+# -- Options for manual page output --------------------------------------------
+
+# One entry per manual page. List of tuples
+# (source start file, name, description, authors, manual section).
+man_pages = [
+    ('index', 'cryptography', u'Cryptography Documentation',
+     [u'Individual Contributors'], 1)
+]
+
+# If true, show URL addresses after external links.
+#man_show_urls = False
+
+
+# -- Options for Texinfo output ------------------------------------------------
+
+# Grouping the document tree into Texinfo files. List of tuples
+# (source start file, target name, title, author,
+#  dir menu entry, description, category)
+texinfo_documents = [
+  ('index', 'Cryptography', u'Cryptography Documentation',
+   u'Individual Contributors', 'Cryptography', 'One line description of project.',
+   'Miscellaneous'),
+]
+
+# Documents to append as an appendix to all manuals.
+#texinfo_appendices = []
+
+# If false, no module index is generated.
+#texinfo_domain_indices = True
+
+# How to display URL addresses: 'footnote', 'no', or 'inline'.
+#texinfo_show_urls = 'footnote'
+
+
+# Example configuration for intersphinx: refer to the Python standard library.
+intersphinx_mapping = {'http://docs.python.org/': None}
diff --git a/docs/index.rst b/docs/index.rst
new file mode 100644
index 00000000..86ce214c
--- /dev/null
+++ b/docs/index.rst
@@ -0,0 +1,22 @@
+.. Cryptography documentation master file, created by
+   sphinx-quickstart on Tue Aug  6 19:19:14 2013.
+   You can adapt this file completely to your liking, but it should at least
+   contain the root `toctree` directive.
+
+Welcome to Cryptography's documentation!
+========================================
+
+Contents:
+
+.. toctree::
+   :maxdepth: 2
+
+
+
+Indices and tables
+==================
+
+* :ref:`genindex`
+* :ref:`modindex`
+* :ref:`search`
+
diff --git a/docs/make.bat b/docs/make.bat
new file mode 100644
index 00000000..905288d8
--- /dev/null
+++ b/docs/make.bat
@@ -0,0 +1,190 @@
+@ECHO OFF
+
+REM Command file for Sphinx documentation
+
+if "%SPHINXBUILD%" == "" (
+	set SPHINXBUILD=sphinx-build
+)
+set BUILDDIR=_build
+set ALLSPHINXOPTS=-d %BUILDDIR%/doctrees %SPHINXOPTS% .
+set I18NSPHINXOPTS=%SPHINXOPTS% .
+if NOT "%PAPER%" == "" (
+	set ALLSPHINXOPTS=-D latex_paper_size=%PAPER% %ALLSPHINXOPTS%
+	set I18NSPHINXOPTS=-D latex_paper_size=%PAPER% %I18NSPHINXOPTS%
+)
+
+if "%1" == "" goto help
+
+if "%1" == "help" (
+	:help
+	echo.Please use `make ^<target^>` where ^<target^> is one of
+	echo.  html       to make standalone HTML files
+	echo.  dirhtml    to make HTML files named index.html in directories
+	echo.  singlehtml to make a single large HTML file
+	echo.  pickle     to make pickle files
+	echo.  json       to make JSON files
+	echo.  htmlhelp   to make HTML files and a HTML help project
+	echo.  qthelp     to make HTML files and a qthelp project
+	echo.  devhelp    to make HTML files and a Devhelp project
+	echo.  epub       to make an epub
+	echo.  latex      to make LaTeX files, you can set PAPER=a4 or PAPER=letter
+	echo.  text       to make text files
+	echo.  man        to make manual pages
+	echo.  texinfo    to make Texinfo files
+	echo.  gettext    to make PO message catalogs
+	echo.  changes    to make an overview over all changed/added/deprecated items
+	echo.  linkcheck  to check all external links for integrity
+	echo.  doctest    to run all doctests embedded in the documentation if enabled
+	goto end
+)
+
+if "%1" == "clean" (
+	for /d %%i in (%BUILDDIR%\*) do rmdir /q /s %%i
+	del /q /s %BUILDDIR%\*
+	goto end
+)
+
+if "%1" == "html" (
+	%SPHINXBUILD% -b html %ALLSPHINXOPTS% %BUILDDIR%/html
+	if errorlevel 1 exit /b 1
+	echo.
+	echo.Build finished. The HTML pages are in %BUILDDIR%/html.
+	goto end
+)
+
+if "%1" == "dirhtml" (
+	%SPHINXBUILD% -b dirhtml %ALLSPHINXOPTS% %BUILDDIR%/dirhtml
+	if errorlevel 1 exit /b 1
+	echo.
+	echo.Build finished. The HTML pages are in %BUILDDIR%/dirhtml.
+	goto end
+)
+
+if "%1" == "singlehtml" (
+	%SPHINXBUILD% -b singlehtml %ALLSPHINXOPTS% %BUILDDIR%/singlehtml
+	if errorlevel 1 exit /b 1
+	echo.
+	echo.Build finished. The HTML pages are in %BUILDDIR%/singlehtml.
+	goto end
+)
+
+if "%1" == "pickle" (
+	%SPHINXBUILD% -b pickle %ALLSPHINXOPTS% %BUILDDIR%/pickle
+	if errorlevel 1 exit /b 1
+	echo.
+	echo.Build finished; now you can process the pickle files.
+	goto end
+)
+
+if "%1" == "json" (
+	%SPHINXBUILD% -b json %ALLSPHINXOPTS% %BUILDDIR%/json
+	if errorlevel 1 exit /b 1
+	echo.
+	echo.Build finished; now you can process the JSON files.
+	goto end
+)
+
+if "%1" == "htmlhelp" (
+	%SPHINXBUILD% -b htmlhelp %ALLSPHINXOPTS% %BUILDDIR%/htmlhelp
+	if errorlevel 1 exit /b 1
+	echo.
+	echo.Build finished; now you can run HTML Help Workshop with the ^
+.hhp project file in %BUILDDIR%/htmlhelp.
+	goto end
+)
+
+if "%1" == "qthelp" (
+	%SPHINXBUILD% -b qthelp %ALLSPHINXOPTS% %BUILDDIR%/qthelp
+	if errorlevel 1 exit /b 1
+	echo.
+	echo.Build finished; now you can run "qcollectiongenerator" with the ^
+.qhcp project file in %BUILDDIR%/qthelp, like this:
+	echo.^> qcollectiongenerator %BUILDDIR%\qthelp\Cryptography.qhcp
+	echo.To view the help file:
+	echo.^> assistant -collectionFile %BUILDDIR%\qthelp\Cryptography.ghc
+	goto end
+)
+
+if "%1" == "devhelp" (
+	%SPHINXBUILD% -b devhelp %ALLSPHINXOPTS% %BUILDDIR%/devhelp
+	if errorlevel 1 exit /b 1
+	echo.
+	echo.Build finished.
+	goto end
+)
+
+if "%1" == "epub" (
+	%SPHINXBUILD% -b epub %ALLSPHINXOPTS% %BUILDDIR%/epub
+	if errorlevel 1 exit /b 1
+	echo.
+	echo.Build finished. The epub file is in %BUILDDIR%/epub.
+	goto end
+)
+
+if "%1" == "latex" (
+	%SPHINXBUILD% -b latex %ALLSPHINXOPTS% %BUILDDIR%/latex
+	if errorlevel 1 exit /b 1
+	echo.
+	echo.Build finished; the LaTeX files are in %BUILDDIR%/latex.
+	goto end
+)
+
+if "%1" == "text" (
+	%SPHINXBUILD% -b text %ALLSPHINXOPTS% %BUILDDIR%/text
+	if errorlevel 1 exit /b 1
+	echo.
+	echo.Build finished. The text files are in %BUILDDIR%/text.
+	goto end
+)
+
+if "%1" == "man" (
+	%SPHINXBUILD% -b man %ALLSPHINXOPTS% %BUILDDIR%/man
+	if errorlevel 1 exit /b 1
+	echo.
+	echo.Build finished. The manual pages are in %BUILDDIR%/man.
+	goto end
+)
+
+if "%1" == "texinfo" (
+	%SPHINXBUILD% -b texinfo %ALLSPHINXOPTS% %BUILDDIR%/texinfo
+	if errorlevel 1 exit /b 1
+	echo.
+	echo.Build finished. The Texinfo files are in %BUILDDIR%/texinfo.
+	goto end
+)
+
+if "%1" == "gettext" (
+	%SPHINXBUILD% -b gettext %I18NSPHINXOPTS% %BUILDDIR%/locale
+	if errorlevel 1 exit /b 1
+	echo.
+	echo.Build finished. The message catalogs are in %BUILDDIR%/locale.
+	goto end
+)
+
+if "%1" == "changes" (
+	%SPHINXBUILD% -b changes %ALLSPHINXOPTS% %BUILDDIR%/changes
+	if errorlevel 1 exit /b 1
+	echo.
+	echo.The overview file is in %BUILDDIR%/changes.
+	goto end
+)
+
+if "%1" == "linkcheck" (
+	%SPHINXBUILD% -b linkcheck %ALLSPHINXOPTS% %BUILDDIR%/linkcheck
+	if errorlevel 1 exit /b 1
+	echo.
+	echo.Link check complete; look for any errors in the above output ^
+or in %BUILDDIR%/linkcheck/output.txt.
+	goto end
+)
+
+if "%1" == "doctest" (
+	%SPHINXBUILD% -b doctest %ALLSPHINXOPTS% %BUILDDIR%/doctest
+	if errorlevel 1 exit /b 1
+	echo.
+	echo.Testing of doctests in the sources finished, look at the ^
+results in %BUILDDIR%/doctest/output.txt.
+	goto end
+)
+
+:end
diff --git a/setup.py b/setup.py
new file mode 100644
index 00000000..f1c1c68e
--- /dev/null
+++ b/setup.py
@@ -0,0 +1,8 @@
+from setuptools import setup
+
+
+setup(
+    name="cryptography",
+    license="Apache Software License Verison 2.0",
+    install_requires=["cffi>=0.6"],
+)