aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--.gitignore2
-rw-r--r--CHANGELOG.rst4
-rw-r--r--MANIFEST.in3
-rw-r--r--setup.py75
-rw-r--r--src/_cffi_src/__init__.py0
-rw-r--r--src/_cffi_src/build_commoncrypto.py29
-rw-r--r--src/_cffi_src/build_constant_time.py26
-rw-r--r--src/_cffi_src/build_openssl.py98
-rw-r--r--src/_cffi_src/build_padding.py26
-rw-r--r--src/_cffi_src/commoncrypto/__init__.py5
-rw-r--r--src/_cffi_src/commoncrypto/cf.py (renamed from src/cryptography/hazmat/bindings/commoncrypto/cf.py)0
-rw-r--r--src/_cffi_src/commoncrypto/common_cryptor.py (renamed from src/cryptography/hazmat/bindings/commoncrypto/common_cryptor.py)0
-rw-r--r--src/_cffi_src/commoncrypto/common_digest.py (renamed from src/cryptography/hazmat/bindings/commoncrypto/common_digest.py)0
-rw-r--r--src/_cffi_src/commoncrypto/common_hmac.py (renamed from src/cryptography/hazmat/bindings/commoncrypto/common_hmac.py)0
-rw-r--r--src/_cffi_src/commoncrypto/common_key_derivation.py (renamed from src/cryptography/hazmat/bindings/commoncrypto/common_key_derivation.py)0
-rw-r--r--src/_cffi_src/commoncrypto/common_symmetric_key_wrap.py (renamed from src/cryptography/hazmat/bindings/commoncrypto/common_symmetric_key_wrap.py)0
-rw-r--r--src/_cffi_src/commoncrypto/secimport.py (renamed from src/cryptography/hazmat/bindings/commoncrypto/secimport.py)0
-rw-r--r--src/_cffi_src/commoncrypto/secitem.py (renamed from src/cryptography/hazmat/bindings/commoncrypto/secitem.py)0
-rw-r--r--src/_cffi_src/commoncrypto/seckey.py (renamed from src/cryptography/hazmat/bindings/commoncrypto/seckey.py)0
-rw-r--r--src/_cffi_src/commoncrypto/seckeychain.py (renamed from src/cryptography/hazmat/bindings/commoncrypto/seckeychain.py)0
-rw-r--r--src/_cffi_src/commoncrypto/sectransform.py (renamed from src/cryptography/hazmat/bindings/commoncrypto/sectransform.py)0
-rw-r--r--src/_cffi_src/hazmat_src/constant_time.c (renamed from src/cryptography/hazmat/primitives/src/constant_time.c)0
-rw-r--r--src/_cffi_src/hazmat_src/constant_time.h (renamed from src/cryptography/hazmat/primitives/src/constant_time.h)0
-rw-r--r--src/_cffi_src/hazmat_src/padding.c (renamed from src/cryptography/hazmat/primitives/src/padding.c)0
-rw-r--r--src/_cffi_src/hazmat_src/padding.h (renamed from src/cryptography/hazmat/primitives/src/padding.h)0
-rw-r--r--src/_cffi_src/openssl/__init__.py5
-rw-r--r--src/_cffi_src/openssl/aes.py (renamed from src/cryptography/hazmat/bindings/openssl/aes.py)0
-rw-r--r--src/_cffi_src/openssl/asn1.py (renamed from src/cryptography/hazmat/bindings/openssl/asn1.py)0
-rw-r--r--src/_cffi_src/openssl/bignum.py (renamed from src/cryptography/hazmat/bindings/openssl/bignum.py)0
-rw-r--r--src/_cffi_src/openssl/bio.py (renamed from src/cryptography/hazmat/bindings/openssl/bio.py)0
-rw-r--r--src/_cffi_src/openssl/cmac.py (renamed from src/cryptography/hazmat/bindings/openssl/cmac.py)0
-rw-r--r--src/_cffi_src/openssl/cms.py (renamed from src/cryptography/hazmat/bindings/openssl/cms.py)0
-rw-r--r--src/_cffi_src/openssl/conf.py (renamed from src/cryptography/hazmat/bindings/openssl/conf.py)0
-rw-r--r--src/_cffi_src/openssl/crypto.py (renamed from src/cryptography/hazmat/bindings/openssl/crypto.py)0
-rw-r--r--src/_cffi_src/openssl/dh.py (renamed from src/cryptography/hazmat/bindings/openssl/dh.py)0
-rw-r--r--src/_cffi_src/openssl/dsa.py (renamed from src/cryptography/hazmat/bindings/openssl/dsa.py)0
-rw-r--r--src/_cffi_src/openssl/ec.py (renamed from src/cryptography/hazmat/bindings/openssl/ec.py)0
-rw-r--r--src/_cffi_src/openssl/ecdh.py (renamed from src/cryptography/hazmat/bindings/openssl/ecdh.py)0
-rw-r--r--src/_cffi_src/openssl/ecdsa.py (renamed from src/cryptography/hazmat/bindings/openssl/ecdsa.py)0
-rw-r--r--src/_cffi_src/openssl/engine.py (renamed from src/cryptography/hazmat/bindings/openssl/engine.py)0
-rw-r--r--src/_cffi_src/openssl/err.py (renamed from src/cryptography/hazmat/bindings/openssl/err.py)0
-rw-r--r--src/_cffi_src/openssl/evp.py (renamed from src/cryptography/hazmat/bindings/openssl/evp.py)0
-rw-r--r--src/_cffi_src/openssl/hmac.py (renamed from src/cryptography/hazmat/bindings/openssl/hmac.py)0
-rw-r--r--src/_cffi_src/openssl/nid.py (renamed from src/cryptography/hazmat/bindings/openssl/nid.py)0
-rw-r--r--src/_cffi_src/openssl/objects.py (renamed from src/cryptography/hazmat/bindings/openssl/objects.py)0
-rw-r--r--src/_cffi_src/openssl/opensslv.py (renamed from src/cryptography/hazmat/bindings/openssl/opensslv.py)0
-rw-r--r--src/_cffi_src/openssl/osrandom_engine.py (renamed from src/cryptography/hazmat/bindings/openssl/osrandom_engine.py)0
-rw-r--r--src/_cffi_src/openssl/pem.py (renamed from src/cryptography/hazmat/bindings/openssl/pem.py)0
-rw-r--r--src/_cffi_src/openssl/pkcs12.py (renamed from src/cryptography/hazmat/bindings/openssl/pkcs12.py)0
-rw-r--r--src/_cffi_src/openssl/pkcs7.py (renamed from src/cryptography/hazmat/bindings/openssl/pkcs7.py)0
-rw-r--r--src/_cffi_src/openssl/rand.py (renamed from src/cryptography/hazmat/bindings/openssl/rand.py)0
-rw-r--r--src/_cffi_src/openssl/rsa.py (renamed from src/cryptography/hazmat/bindings/openssl/rsa.py)0
-rw-r--r--src/_cffi_src/openssl/src/osrandom_engine.c (renamed from src/cryptography/hazmat/bindings/openssl/src/osrandom_engine.c)0
-rw-r--r--src/_cffi_src/openssl/src/osrandom_engine.h (renamed from src/cryptography/hazmat/bindings/openssl/src/osrandom_engine.h)0
-rw-r--r--src/_cffi_src/openssl/ssl.py (renamed from src/cryptography/hazmat/bindings/openssl/ssl.py)0
-rw-r--r--src/_cffi_src/openssl/x509.py (renamed from src/cryptography/hazmat/bindings/openssl/x509.py)0
-rw-r--r--src/_cffi_src/openssl/x509_vfy.py (renamed from src/cryptography/hazmat/bindings/openssl/x509_vfy.py)0
-rw-r--r--src/_cffi_src/openssl/x509name.py (renamed from src/cryptography/hazmat/bindings/openssl/x509name.py)0
-rw-r--r--src/_cffi_src/openssl/x509v3.py (renamed from src/cryptography/hazmat/bindings/openssl/x509v3.py)0
-rw-r--r--src/_cffi_src/utils.py (renamed from src/cryptography/hazmat/bindings/utils.py)80
-rw-r--r--src/cryptography/hazmat/bindings/commoncrypto/binding.py47
-rw-r--r--src/cryptography/hazmat/bindings/openssl/binding.py108
-rw-r--r--src/cryptography/hazmat/primitives/constant_time.py16
-rw-r--r--src/cryptography/hazmat/primitives/padding.py17
-rw-r--r--tests/hazmat/backends/test_openssl.py8
-rw-r--r--tests/hazmat/bindings/test_commoncrypto.py15
-rw-r--r--tests/hazmat/bindings/test_openssl.py19
-rw-r--r--tests/hazmat/bindings/test_utils.py30
68 files changed, 251 insertions, 362 deletions
diff --git a/.gitignore b/.gitignore
index 509eba39..8a870e05 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,7 +3,7 @@ _build/
build/
dist/
htmlcov/
-src/cryptography/_Cryptography_cffi_*
+*.so
.tox/
.cache/
.coverage
diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 7e0f8a89..eacd934f 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -6,6 +6,9 @@ Changelog
.. note:: This version is not yet released and is under active development.
+* Switched to the new `cffi`_ ``set_source`` out-of-line API mode for
+ compilation. This results in significantly faster imports and lowered
+ memory consumption.
* Support serialization of certificate signing requests using the
``public_bytes`` method of
:class:`~cryptography.x509.CertificateSigningRequest`.
@@ -442,3 +445,4 @@ Changelog
* Initial release.
.. _`master`: https://github.com/pyca/cryptography/
+.. _`cffi`: https://cffi.readthedocs.org/en/latest/
diff --git a/MANIFEST.in b/MANIFEST.in
index 8dbd0dc2..b05a869c 100644
--- a/MANIFEST.in
+++ b/MANIFEST.in
@@ -7,8 +7,7 @@ include LICENSE.BSD
include README.rst
recursive-include docs *
-recursive-include src/cryptography/hazmat/primitives/src *.c *.h
-recursive-include src/cryptography/hazmat/bindings/openssl/src *.c *.h
+recursive-include src/_cffi_src *.py *.c *.h
prune docs/_build
recursive-include tests *.py
recursive-exclude vectors *
diff --git a/setup.py b/setup.py
index 77f6dcdb..2f950b78 100644
--- a/setup.py
+++ b/setup.py
@@ -45,7 +45,7 @@ if sys.version_info < (3, 3):
requirements.append("ipaddress")
if platform.python_implementation() != "PyPy":
- requirements.append("cffi>=0.8")
+ requirements.append("cffi>=1.1.0")
# If you add a new dep here you probably need to add it in the tox.ini as well
test_requirements = [
@@ -75,52 +75,6 @@ if cc_is_available():
)
-def get_ext_modules():
- from cryptography.hazmat.bindings.commoncrypto.binding import (
- Binding as CommonCryptoBinding
- )
- from cryptography.hazmat.bindings.openssl.binding import (
- Binding as OpenSSLBinding
- )
- from cryptography.hazmat.primitives import constant_time, padding
-
- ext_modules = [
- OpenSSLBinding.ffi.verifier.get_extension(),
- constant_time._ffi.verifier.get_extension(),
- padding._ffi.verifier.get_extension()
- ]
- if cc_is_available():
- ext_modules.append(CommonCryptoBinding.ffi.verifier.get_extension())
- return ext_modules
-
-
-class CFFIBuild(build):
- """
- This class exists, instead of just providing ``ext_modules=[...]`` directly
- in ``setup()`` because importing cryptography requires we have several
- packages installed first.
-
- By doing the imports here we ensure that packages listed in
- ``setup_requires`` are already installed.
- """
-
- def finalize_options(self):
- self.distribution.ext_modules = get_ext_modules()
- build.finalize_options(self)
-
-
-class CFFIInstall(install):
- """
- As a consequence of CFFIBuild and it's late addition of ext_modules, we
- need the equivalent for the ``install`` command to install into platlib
- install-dir rather than purelib.
- """
-
- def finalize_options(self):
- self.distribution.ext_modules = get_ext_modules()
- install.finalize_options(self)
-
-
class PyTest(test):
def finalize_options(self):
test.finalize_options(self)
@@ -234,19 +188,26 @@ def keywords_with_side_effects(argv):
for i in range(1, len(argv))):
return {
"cmdclass": {
- "build": DummyCFFIBuild,
- "install": DummyCFFIInstall,
+ "build": DummyBuild,
+ "install": DummyInstall,
"test": DummyPyTest,
}
}
else:
+ cffi_modules = [
+ "src/_cffi_src/build_openssl.py:ffi",
+ "src/_cffi_src/build_constant_time.py:ffi",
+ "src/_cffi_src/build_padding.py:ffi",
+ ]
+ if cc_is_available():
+ cffi_modules.append("src/_cffi_src/build_commoncrypto.py:ffi")
+
return {
"setup_requires": requirements,
"cmdclass": {
- "build": CFFIBuild,
- "install": CFFIInstall,
"test": PyTest,
- }
+ },
+ "cffi_modules": cffi_modules
}
@@ -255,7 +216,7 @@ setup_requires_error = ("Requested setup command that needs 'setup_requires' "
"free command or option.")
-class DummyCFFIBuild(build):
+class DummyBuild(build):
"""
This class makes it very obvious when ``keywords_with_side_effects()`` has
incorrectly interpreted the command line arguments to ``setup.py build`` as
@@ -266,7 +227,7 @@ class DummyCFFIBuild(build):
raise RuntimeError(setup_requires_error)
-class DummyCFFIInstall(install):
+class DummyInstall(install):
"""
This class makes it very obvious when ``keywords_with_side_effects()`` has
incorrectly interpreted the command line arguments to ``setup.py install``
@@ -327,7 +288,9 @@ setup(
],
package_dir={"": "src"},
- packages=find_packages(where="src", exclude=["tests", "tests.*"]),
+ packages=find_packages(
+ where="src", exclude=["_cffi_src", "_cffi_src.*", "tests", "tests.*"]
+ ),
include_package_data=True,
install_requires=requirements,
@@ -335,7 +298,7 @@ setup(
# for cffi
zip_safe=False,
- ext_package="cryptography",
+ ext_package="cryptography.hazmat.bindings",
entry_points={
"cryptography.backends": backends,
},
diff --git a/src/_cffi_src/__init__.py b/src/_cffi_src/__init__.py
new file mode 100644
index 00000000..e69de29b
--- /dev/null
+++ b/src/_cffi_src/__init__.py
diff --git a/src/_cffi_src/build_commoncrypto.py b/src/_cffi_src/build_commoncrypto.py
new file mode 100644
index 00000000..1c2692a7
--- /dev/null
+++ b/src/_cffi_src/build_commoncrypto.py
@@ -0,0 +1,29 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import absolute_import, division, print_function
+
+from _cffi_src.utils import build_ffi_for_binding
+
+
+ffi = build_ffi_for_binding(
+ module_name="_commoncrypto",
+ module_prefix="_cffi_src.commoncrypto.",
+ modules=[
+ "cf",
+ "common_digest",
+ "common_hmac",
+ "common_key_derivation",
+ "common_cryptor",
+ "common_symmetric_key_wrap",
+ "secimport",
+ "secitem",
+ "seckey",
+ "seckeychain",
+ "sectransform",
+ ],
+ extra_link_args=[
+ "-framework", "Security", "-framework", "CoreFoundation"
+ ],
+)
diff --git a/src/_cffi_src/build_constant_time.py b/src/_cffi_src/build_constant_time.py
new file mode 100644
index 00000000..eae0f21a
--- /dev/null
+++ b/src/_cffi_src/build_constant_time.py
@@ -0,0 +1,26 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import absolute_import, division, print_function
+
+import os
+
+from _cffi_src.utils import build_ffi
+
+
+with open(os.path.join(
+ os.path.dirname(__file__), "hazmat_src/constant_time.h"
+)) as f:
+ types = f.read()
+
+with open(os.path.join(
+ os.path.dirname(__file__), "hazmat_src/constant_time.c"
+)) as f:
+ functions = f.read()
+
+ffi = build_ffi(
+ module_name="_constant_time",
+ cdef_source=types,
+ verify_source=functions
+)
diff --git a/src/_cffi_src/build_openssl.py b/src/_cffi_src/build_openssl.py
new file mode 100644
index 00000000..4c30fe48
--- /dev/null
+++ b/src/_cffi_src/build_openssl.py
@@ -0,0 +1,98 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import absolute_import, division, print_function
+
+import os
+import sys
+
+from _cffi_src.utils import (
+ build_ffi_for_binding
+)
+
+
+def _get_openssl_libraries(platform):
+ # OpenSSL goes by a different library name on different operating systems.
+ if platform != "win32":
+ # In some circumstances, the order in which these libs are
+ # specified on the linker command-line is significant;
+ # libssl must come before libcrypto
+ # (http://marc.info/?l=openssl-users&m=135361825921871)
+ return ["ssl", "crypto"]
+ else:
+ link_type = os.environ.get("PYCA_WINDOWS_LINK_TYPE", "static")
+ return _get_openssl_windows_libraries(link_type)
+
+
+def _get_openssl_windows_libraries(link_type):
+ if link_type == "dynamic":
+ return ["libeay32", "ssleay32", "advapi32"]
+ elif link_type == "static" or link_type == "":
+ return ["libeay32mt", "ssleay32mt", "advapi32",
+ "crypt32", "gdi32", "user32", "ws2_32"]
+ else:
+ raise ValueError(
+ "PYCA_WINDOWS_LINK_TYPE must be 'static' or 'dynamic'"
+ )
+
+
+_OSX_PRE_INCLUDE = """
+#ifdef __APPLE__
+#include <AvailabilityMacros.h>
+#define __ORIG_DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER \
+ DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER
+#undef DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER
+#define DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER
+#endif
+"""
+
+_OSX_POST_INCLUDE = """
+#ifdef __APPLE__
+#undef DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER
+#define DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER \
+ __ORIG_DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER
+#endif
+"""
+
+
+ffi = build_ffi_for_binding(
+ module_name="_openssl",
+ module_prefix="_cffi_src.openssl.",
+ modules=[
+ "aes",
+ "asn1",
+ "bignum",
+ "bio",
+ "cmac",
+ "cms",
+ "conf",
+ "crypto",
+ "dh",
+ "dsa",
+ "ec",
+ "ecdh",
+ "ecdsa",
+ "engine",
+ "err",
+ "evp",
+ "hmac",
+ "nid",
+ "objects",
+ "opensslv",
+ "osrandom_engine",
+ "pem",
+ "pkcs7",
+ "pkcs12",
+ "rand",
+ "rsa",
+ "ssl",
+ "x509",
+ "x509name",
+ "x509v3",
+ "x509_vfy"
+ ],
+ pre_include=_OSX_PRE_INCLUDE,
+ post_include=_OSX_POST_INCLUDE,
+ libraries=_get_openssl_libraries(sys.platform)
+)
diff --git a/src/_cffi_src/build_padding.py b/src/_cffi_src/build_padding.py
new file mode 100644
index 00000000..3eeac2e2
--- /dev/null
+++ b/src/_cffi_src/build_padding.py
@@ -0,0 +1,26 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import absolute_import, division, print_function
+
+import os
+
+from _cffi_src.utils import build_ffi
+
+
+with open(os.path.join(
+ os.path.dirname(__file__), "hazmat_src/padding.h"
+)) as f:
+ types = f.read()
+
+with open(os.path.join(
+ os.path.dirname(__file__), "hazmat_src/padding.c"
+)) as f:
+ functions = f.read()
+
+ffi = build_ffi(
+ module_name="_padding",
+ cdef_source=types,
+ verify_source=functions
+)
diff --git a/src/_cffi_src/commoncrypto/__init__.py b/src/_cffi_src/commoncrypto/__init__.py
new file mode 100644
index 00000000..4b540884
--- /dev/null
+++ b/src/_cffi_src/commoncrypto/__init__.py
@@ -0,0 +1,5 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import absolute_import, division, print_function
diff --git a/src/cryptography/hazmat/bindings/commoncrypto/cf.py b/src/_cffi_src/commoncrypto/cf.py
index 77d2d7cc..77d2d7cc 100644
--- a/src/cryptography/hazmat/bindings/commoncrypto/cf.py
+++ b/src/_cffi_src/commoncrypto/cf.py
diff --git a/src/cryptography/hazmat/bindings/commoncrypto/common_cryptor.py b/src/_cffi_src/commoncrypto/common_cryptor.py
index fc6eef91..fc6eef91 100644
--- a/src/cryptography/hazmat/bindings/commoncrypto/common_cryptor.py
+++ b/src/_cffi_src/commoncrypto/common_cryptor.py
diff --git a/src/cryptography/hazmat/bindings/commoncrypto/common_digest.py b/src/_cffi_src/commoncrypto/common_digest.py
index a76fc508..a76fc508 100644
--- a/src/cryptography/hazmat/bindings/commoncrypto/common_digest.py
+++ b/src/_cffi_src/commoncrypto/common_digest.py
diff --git a/src/cryptography/hazmat/bindings/commoncrypto/common_hmac.py b/src/_cffi_src/commoncrypto/common_hmac.py
index fcd0c0f4..fcd0c0f4 100644
--- a/src/cryptography/hazmat/bindings/commoncrypto/common_hmac.py
+++ b/src/_cffi_src/commoncrypto/common_hmac.py
diff --git a/src/cryptography/hazmat/bindings/commoncrypto/common_key_derivation.py b/src/_cffi_src/commoncrypto/common_key_derivation.py
index 19525852..19525852 100644
--- a/src/cryptography/hazmat/bindings/commoncrypto/common_key_derivation.py
+++ b/src/_cffi_src/commoncrypto/common_key_derivation.py
diff --git a/src/cryptography/hazmat/bindings/commoncrypto/common_symmetric_key_wrap.py b/src/_cffi_src/commoncrypto/common_symmetric_key_wrap.py
index ea9e459d..ea9e459d 100644
--- a/src/cryptography/hazmat/bindings/commoncrypto/common_symmetric_key_wrap.py
+++ b/src/_cffi_src/commoncrypto/common_symmetric_key_wrap.py
diff --git a/src/cryptography/hazmat/bindings/commoncrypto/secimport.py b/src/_cffi_src/commoncrypto/secimport.py
index 41a799f9..41a799f9 100644
--- a/src/cryptography/hazmat/bindings/commoncrypto/secimport.py
+++ b/src/_cffi_src/commoncrypto/secimport.py
diff --git a/src/cryptography/hazmat/bindings/commoncrypto/secitem.py b/src/_cffi_src/commoncrypto/secitem.py
index dd255430..dd255430 100644
--- a/src/cryptography/hazmat/bindings/commoncrypto/secitem.py
+++ b/src/_cffi_src/commoncrypto/secitem.py
diff --git a/src/cryptography/hazmat/bindings/commoncrypto/seckey.py b/src/_cffi_src/commoncrypto/seckey.py
index 01d42e6a..01d42e6a 100644
--- a/src/cryptography/hazmat/bindings/commoncrypto/seckey.py
+++ b/src/_cffi_src/commoncrypto/seckey.py
diff --git a/src/cryptography/hazmat/bindings/commoncrypto/seckeychain.py b/src/_cffi_src/commoncrypto/seckeychain.py
index 6a2cb4be..6a2cb4be 100644
--- a/src/cryptography/hazmat/bindings/commoncrypto/seckeychain.py
+++ b/src/_cffi_src/commoncrypto/seckeychain.py
diff --git a/src/cryptography/hazmat/bindings/commoncrypto/sectransform.py b/src/_cffi_src/commoncrypto/sectransform.py
index bed94953..bed94953 100644
--- a/src/cryptography/hazmat/bindings/commoncrypto/sectransform.py
+++ b/src/_cffi_src/commoncrypto/sectransform.py
diff --git a/src/cryptography/hazmat/primitives/src/constant_time.c b/src/_cffi_src/hazmat_src/constant_time.c
index 0a48fe83..0a48fe83 100644
--- a/src/cryptography/hazmat/primitives/src/constant_time.c
+++ b/src/_cffi_src/hazmat_src/constant_time.c
diff --git a/src/cryptography/hazmat/primitives/src/constant_time.h b/src/_cffi_src/hazmat_src/constant_time.h
index 593479f6..593479f6 100644
--- a/src/cryptography/hazmat/primitives/src/constant_time.h
+++ b/src/_cffi_src/hazmat_src/constant_time.h
diff --git a/src/cryptography/hazmat/primitives/src/padding.c b/src/_cffi_src/hazmat_src/padding.c
index 570bad9f..570bad9f 100644
--- a/src/cryptography/hazmat/primitives/src/padding.c
+++ b/src/_cffi_src/hazmat_src/padding.c
diff --git a/src/cryptography/hazmat/primitives/src/padding.h b/src/_cffi_src/hazmat_src/padding.h
index 4d218b1a..4d218b1a 100644
--- a/src/cryptography/hazmat/primitives/src/padding.h
+++ b/src/_cffi_src/hazmat_src/padding.h
diff --git a/src/_cffi_src/openssl/__init__.py b/src/_cffi_src/openssl/__init__.py
new file mode 100644
index 00000000..4b540884
--- /dev/null
+++ b/src/_cffi_src/openssl/__init__.py
@@ -0,0 +1,5 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import absolute_import, division, print_function
diff --git a/src/cryptography/hazmat/bindings/openssl/aes.py b/src/_cffi_src/openssl/aes.py
index 15da9b62..15da9b62 100644
--- a/src/cryptography/hazmat/bindings/openssl/aes.py
+++ b/src/_cffi_src/openssl/aes.py
diff --git a/src/cryptography/hazmat/bindings/openssl/asn1.py b/src/_cffi_src/openssl/asn1.py
index c18708c5..c18708c5 100644
--- a/src/cryptography/hazmat/bindings/openssl/asn1.py
+++ b/src/_cffi_src/openssl/asn1.py
diff --git a/src/cryptography/hazmat/bindings/openssl/bignum.py b/src/_cffi_src/openssl/bignum.py
index d974e04e..d974e04e 100644
--- a/src/cryptography/hazmat/bindings/openssl/bignum.py
+++ b/src/_cffi_src/openssl/bignum.py
diff --git a/src/cryptography/hazmat/bindings/openssl/bio.py b/src/_cffi_src/openssl/bio.py
index 6cc1bcb2..6cc1bcb2 100644
--- a/src/cryptography/hazmat/bindings/openssl/bio.py
+++ b/src/_cffi_src/openssl/bio.py
diff --git a/src/cryptography/hazmat/bindings/openssl/cmac.py b/src/_cffi_src/openssl/cmac.py
index c01a449f..c01a449f 100644
--- a/src/cryptography/hazmat/bindings/openssl/cmac.py
+++ b/src/_cffi_src/openssl/cmac.py
diff --git a/src/cryptography/hazmat/bindings/openssl/cms.py b/src/_cffi_src/openssl/cms.py
index a43df5d9..a43df5d9 100644
--- a/src/cryptography/hazmat/bindings/openssl/cms.py
+++ b/src/_cffi_src/openssl/cms.py
diff --git a/src/cryptography/hazmat/bindings/openssl/conf.py b/src/_cffi_src/openssl/conf.py
index cab246f0..cab246f0 100644
--- a/src/cryptography/hazmat/bindings/openssl/conf.py
+++ b/src/_cffi_src/openssl/conf.py
diff --git a/src/cryptography/hazmat/bindings/openssl/crypto.py b/src/_cffi_src/openssl/crypto.py
index 641e95a8..641e95a8 100644
--- a/src/cryptography/hazmat/bindings/openssl/crypto.py
+++ b/src/_cffi_src/openssl/crypto.py
diff --git a/src/cryptography/hazmat/bindings/openssl/dh.py b/src/_cffi_src/openssl/dh.py
index b66e7196..b66e7196 100644
--- a/src/cryptography/hazmat/bindings/openssl/dh.py
+++ b/src/_cffi_src/openssl/dh.py
diff --git a/src/cryptography/hazmat/bindings/openssl/dsa.py b/src/_cffi_src/openssl/dsa.py
index 99a685df..99a685df 100644
--- a/src/cryptography/hazmat/bindings/openssl/dsa.py
+++ b/src/_cffi_src/openssl/dsa.py
diff --git a/src/cryptography/hazmat/bindings/openssl/ec.py b/src/_cffi_src/openssl/ec.py
index c5052d36..c5052d36 100644
--- a/src/cryptography/hazmat/bindings/openssl/ec.py
+++ b/src/_cffi_src/openssl/ec.py
diff --git a/src/cryptography/hazmat/bindings/openssl/ecdh.py b/src/_cffi_src/openssl/ecdh.py
index 6c7e010c..6c7e010c 100644
--- a/src/cryptography/hazmat/bindings/openssl/ecdh.py
+++ b/src/_cffi_src/openssl/ecdh.py
diff --git a/src/cryptography/hazmat/bindings/openssl/ecdsa.py b/src/_cffi_src/openssl/ecdsa.py
index db21025c..db21025c 100644
--- a/src/cryptography/hazmat/bindings/openssl/ecdsa.py
+++ b/src/_cffi_src/openssl/ecdsa.py
diff --git a/src/cryptography/hazmat/bindings/openssl/engine.py b/src/_cffi_src/openssl/engine.py
index 3ebfa6c1..3ebfa6c1 100644
--- a/src/cryptography/hazmat/bindings/openssl/engine.py
+++ b/src/_cffi_src/openssl/engine.py
diff --git a/src/cryptography/hazmat/bindings/openssl/err.py b/src/_cffi_src/openssl/err.py
index 0ee19c9e..0ee19c9e 100644
--- a/src/cryptography/hazmat/bindings/openssl/err.py
+++ b/src/_cffi_src/openssl/err.py
diff --git a/src/cryptography/hazmat/bindings/openssl/evp.py b/src/_cffi_src/openssl/evp.py
index 93aa83de..93aa83de 100644
--- a/src/cryptography/hazmat/bindings/openssl/evp.py
+++ b/src/_cffi_src/openssl/evp.py
diff --git a/src/cryptography/hazmat/bindings/openssl/hmac.py b/src/_cffi_src/openssl/hmac.py
index 86bbdfc2..86bbdfc2 100644
--- a/src/cryptography/hazmat/bindings/openssl/hmac.py
+++ b/src/_cffi_src/openssl/hmac.py
diff --git a/src/cryptography/hazmat/bindings/openssl/nid.py b/src/_cffi_src/openssl/nid.py
index c2c0552b..c2c0552b 100644
--- a/src/cryptography/hazmat/bindings/openssl/nid.py
+++ b/src/_cffi_src/openssl/nid.py
diff --git a/src/cryptography/hazmat/bindings/openssl/objects.py b/src/_cffi_src/openssl/objects.py
index 9c480b37..9c480b37 100644
--- a/src/cryptography/hazmat/bindings/openssl/objects.py
+++ b/src/_cffi_src/openssl/objects.py
diff --git a/src/cryptography/hazmat/bindings/openssl/opensslv.py b/src/_cffi_src/openssl/opensslv.py
index e6c5f269..e6c5f269 100644
--- a/src/cryptography/hazmat/bindings/openssl/opensslv.py
+++ b/src/_cffi_src/openssl/opensslv.py
diff --git a/src/cryptography/hazmat/bindings/openssl/osrandom_engine.py b/src/_cffi_src/openssl/osrandom_engine.py
index a8479b07..a8479b07 100644
--- a/src/cryptography/hazmat/bindings/openssl/osrandom_engine.py
+++ b/src/_cffi_src/openssl/osrandom_engine.py
diff --git a/src/cryptography/hazmat/bindings/openssl/pem.py b/src/_cffi_src/openssl/pem.py
index 8ec3fefd..8ec3fefd 100644
--- a/src/cryptography/hazmat/bindings/openssl/pem.py
+++ b/src/_cffi_src/openssl/pem.py
diff --git a/src/cryptography/hazmat/bindings/openssl/pkcs12.py b/src/_cffi_src/openssl/pkcs12.py
index fa7564ac..fa7564ac 100644
--- a/src/cryptography/hazmat/bindings/openssl/pkcs12.py
+++ b/src/_cffi_src/openssl/pkcs12.py
diff --git a/src/cryptography/hazmat/bindings/openssl/pkcs7.py b/src/_cffi_src/openssl/pkcs7.py
index df82afef..df82afef 100644
--- a/src/cryptography/hazmat/bindings/openssl/pkcs7.py
+++ b/src/_cffi_src/openssl/pkcs7.py
diff --git a/src/cryptography/hazmat/bindings/openssl/rand.py b/src/_cffi_src/openssl/rand.py
index 6330482c..6330482c 100644
--- a/src/cryptography/hazmat/bindings/openssl/rand.py
+++ b/src/_cffi_src/openssl/rand.py
diff --git a/src/cryptography/hazmat/bindings/openssl/rsa.py b/src/_cffi_src/openssl/rsa.py
index 8bac7895..8bac7895 100644
--- a/src/cryptography/hazmat/bindings/openssl/rsa.py
+++ b/src/_cffi_src/openssl/rsa.py
diff --git a/src/cryptography/hazmat/bindings/openssl/src/osrandom_engine.c b/src/_cffi_src/openssl/src/osrandom_engine.c
index 27894712..27894712 100644
--- a/src/cryptography/hazmat/bindings/openssl/src/osrandom_engine.c
+++ b/src/_cffi_src/openssl/src/osrandom_engine.c
diff --git a/src/cryptography/hazmat/bindings/openssl/src/osrandom_engine.h b/src/_cffi_src/openssl/src/osrandom_engine.h
index 11a3159e..11a3159e 100644
--- a/src/cryptography/hazmat/bindings/openssl/src/osrandom_engine.h
+++ b/src/_cffi_src/openssl/src/osrandom_engine.h
diff --git a/src/cryptography/hazmat/bindings/openssl/ssl.py b/src/_cffi_src/openssl/ssl.py
index fa0aefc8..fa0aefc8 100644
--- a/src/cryptography/hazmat/bindings/openssl/ssl.py
+++ b/src/_cffi_src/openssl/ssl.py
diff --git a/src/cryptography/hazmat/bindings/openssl/x509.py b/src/_cffi_src/openssl/x509.py
index 534f5b08..534f5b08 100644
--- a/src/cryptography/hazmat/bindings/openssl/x509.py
+++ b/src/_cffi_src/openssl/x509.py
diff --git a/src/cryptography/hazmat/bindings/openssl/x509_vfy.py b/src/_cffi_src/openssl/x509_vfy.py
index 02631409..02631409 100644
--- a/src/cryptography/hazmat/bindings/openssl/x509_vfy.py
+++ b/src/_cffi_src/openssl/x509_vfy.py
diff --git a/src/cryptography/hazmat/bindings/openssl/x509name.py b/src/_cffi_src/openssl/x509name.py
index be5b3a75..be5b3a75 100644
--- a/src/cryptography/hazmat/bindings/openssl/x509name.py
+++ b/src/_cffi_src/openssl/x509name.py
diff --git a/src/cryptography/hazmat/bindings/openssl/x509v3.py b/src/_cffi_src/openssl/x509v3.py
index e9bc461a..e9bc461a 100644
--- a/src/cryptography/hazmat/bindings/openssl/x509v3.py
+++ b/src/_cffi_src/openssl/x509v3.py
diff --git a/src/cryptography/hazmat/bindings/utils.py b/src/_cffi_src/utils.py
index 52c6f8b6..b1ad74d4 100644
--- a/src/cryptography/hazmat/bindings/utils.py
+++ b/src/_cffi_src/utils.py
@@ -4,44 +4,12 @@
from __future__ import absolute_import, division, print_function
-import binascii
import sys
-import threading
from cffi import FFI
-from cffi.verifier import Verifier
-class LazyLibrary(object):
- def __init__(self, ffi):
- self._ffi = ffi
- self._lib = None
- self._lock = threading.Lock()
-
- def __getattr__(self, name):
- if self._lib is None:
- with self._lock:
- if self._lib is None:
- self._lib = self._ffi.verifier.load_library()
-
- return getattr(self._lib, name)
-
-
-def load_library_for_binding(ffi, module_prefix, modules):
- lib = ffi.verifier.load_library()
-
- for name in modules:
- module_name = module_prefix + name
- module = sys.modules[module_name]
- for condition, names in module.CONDITIONAL_NAMES.items():
- if not getattr(lib, condition):
- for name in names:
- delattr(lib, name)
-
- return lib
-
-
-def build_ffi_for_binding(module_prefix, modules, pre_include="",
+def build_ffi_for_binding(module_name, module_prefix, modules, pre_include="",
post_include="", libraries=[], extra_compile_args=[],
extra_link_args=[]):
"""
@@ -64,9 +32,8 @@ def build_ffi_for_binding(module_prefix, modules, pre_include="",
macros = []
customizations = []
for name in modules:
- module_name = module_prefix + name
- __import__(module_name)
- module = sys.modules[module_name]
+ __import__(module_prefix + name)
+ module = sys.modules[module_prefix + name]
types.append(module.TYPES)
macros.append(module.MACROS)
@@ -90,6 +57,7 @@ def build_ffi_for_binding(module_prefix, modules, pre_include="",
customizations
)
ffi = build_ffi(
+ module_name,
cdef_source="\n".join(types + functions + macros),
verify_source=verify_source,
libraries=libraries,
@@ -100,47 +68,15 @@ def build_ffi_for_binding(module_prefix, modules, pre_include="",
return ffi
-def build_ffi(cdef_source, verify_source, libraries=[], extra_compile_args=[],
- extra_link_args=[]):
+def build_ffi(module_name, cdef_source, verify_source, libraries=[],
+ extra_compile_args=[], extra_link_args=[]):
ffi = FFI()
ffi.cdef(cdef_source)
-
- ffi.verifier = Verifier(
- ffi,
+ ffi.set_source(
+ module_name,
verify_source,
- tmpdir='',
- modulename=_create_modulename(cdef_source, verify_source, sys.version),
libraries=libraries,
- ext_package="cryptography",
extra_compile_args=extra_compile_args,
extra_link_args=extra_link_args,
)
-
- ffi.verifier.compile_module = _compile_module
- ffi.verifier._compile_module = _compile_module
-
return ffi
-
-
-def _compile_module(*args, **kwargs):
- raise RuntimeError(
- "Attempted implicit compile of a cffi module. All cffi modules should "
- "be pre-compiled at installation time."
- )
-
-
-def _create_modulename(cdef_sources, source, sys_version):
- """
- cffi creates a modulename internally that incorporates the cffi version.
- This will cause cryptography's wheels to break when the version of cffi
- the user has does not match what was used when building the wheel. To
- resolve this we build our own modulename that uses most of the same code
- from cffi but elides the version key.
- """
- key = '\x00'.join([sys_version[:3], source, cdef_sources])
- key = key.encode('utf-8')
- k1 = hex(binascii.crc32(key[0::2]) & 0xffffffff)
- k1 = k1.lstrip('0x').rstrip('L')
- k2 = hex(binascii.crc32(key[1::2]) & 0xffffffff)
- k2 = k2.lstrip('0').rstrip('L')
- return '_Cryptography_cffi_{0}{1}'.format(k1, k2)
diff --git a/src/cryptography/hazmat/bindings/commoncrypto/binding.py b/src/cryptography/hazmat/bindings/commoncrypto/binding.py
index 54c7603d..1695c041 100644
--- a/src/cryptography/hazmat/bindings/commoncrypto/binding.py
+++ b/src/cryptography/hazmat/bindings/commoncrypto/binding.py
@@ -4,54 +4,15 @@
from __future__ import absolute_import, division, print_function
-import threading
-
-from cryptography.hazmat.bindings.utils import (
- build_ffi_for_binding, load_library_for_binding,
-)
+from cryptography.hazmat.bindings._commoncrypto import ffi, lib
class Binding(object):
"""
CommonCrypto API wrapper.
"""
- _module_prefix = "cryptography.hazmat.bindings.commoncrypto."
- _modules = [
- "cf",
- "common_digest",
- "common_hmac",
- "common_key_derivation",
- "common_cryptor",
- "common_symmetric_key_wrap",
- "secimport",
- "secitem",
- "seckey",
- "seckeychain",
- "sectransform",
- ]
-
- ffi = build_ffi_for_binding(
- module_prefix=_module_prefix,
- modules=_modules,
- extra_link_args=[
- "-framework", "Security", "-framework", "CoreFoundation"
- ],
- )
- lib = None
- _init_lock = threading.Lock()
+ lib = lib
+ ffi = ffi
def __init__(self):
- self._ensure_ffi_initialized()
-
- @classmethod
- def _ensure_ffi_initialized(cls):
- if cls.lib is not None:
- return
-
- with cls._init_lock:
- if cls.lib is None:
- cls.lib = load_library_for_binding(
- cls.ffi,
- module_prefix=cls._module_prefix,
- modules=cls._modules,
- )
+ pass
diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py
index 5ccee974..e0a83972 100644
--- a/src/cryptography/hazmat/bindings/openssl/binding.py
+++ b/src/cryptography/hazmat/bindings/openssl/binding.py
@@ -4,128 +4,34 @@
from __future__ import absolute_import, division, print_function
-import os
-import sys
import threading
-from cryptography.hazmat.bindings.utils import (
- build_ffi_for_binding, load_library_for_binding,
-)
-
-
-_OSX_PRE_INCLUDE = """
-#ifdef __APPLE__
-#include <AvailabilityMacros.h>
-#define __ORIG_DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER \
- DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER
-#undef DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER
-#define DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER
-#endif
-"""
-
-_OSX_POST_INCLUDE = """
-#ifdef __APPLE__
-#undef DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER
-#define DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER \
- __ORIG_DEPRECATED_IN_MAC_OS_X_VERSION_10_7_AND_LATER
-#endif
-"""
-
-
-def _get_libraries(platform):
- # OpenSSL goes by a different library name on different operating systems.
- if platform != "win32":
- # In some circumstances, the order in which these libs are
- # specified on the linker command-line is significant;
- # libssl must come before libcrypto
- # (http://marc.info/?l=openssl-users&m=135361825921871)
- return ["ssl", "crypto"]
- else:
- link_type = os.environ.get("PYCA_WINDOWS_LINK_TYPE", "static")
- return _get_windows_libraries(link_type)
-
-
-def _get_windows_libraries(link_type):
- if link_type == "dynamic":
- return ["libeay32", "ssleay32", "advapi32"]
- elif link_type == "static" or link_type == "":
- return ["libeay32mt", "ssleay32mt", "advapi32",
- "crypt32", "gdi32", "user32", "ws2_32"]
- else:
- raise ValueError(
- "PYCA_WINDOWS_LINK_TYPE must be 'static' or 'dynamic'"
- )
+from cryptography.hazmat.bindings._openssl import ffi, lib
class Binding(object):
"""
OpenSSL API wrapper.
"""
- _module_prefix = "cryptography.hazmat.bindings.openssl."
- _modules = [
- "aes",
- "asn1",
- "bignum",
- "bio",
- "cmac",
- "cms",
- "conf",
- "crypto",
- "dh",
- "dsa",
- "ec",
- "ecdh",
- "ecdsa",
- "engine",
- "err",
- "evp",
- "hmac",
- "nid",
- "objects",
- "opensslv",
- "osrandom_engine",
- "pem",
- "pkcs7",
- "pkcs12",
- "rand",
- "rsa",
- "ssl",
- "x509",
- "x509name",
- "x509v3",
- "x509_vfy"
- ]
-
+ lib = lib
+ ffi = ffi
+ _lib_loaded = False
_locks = None
_lock_cb_handle = None
_init_lock = threading.Lock()
_lock_init_lock = threading.Lock()
- ffi = build_ffi_for_binding(
- module_prefix=_module_prefix,
- modules=_modules,
- pre_include=_OSX_PRE_INCLUDE,
- post_include=_OSX_POST_INCLUDE,
- libraries=_get_libraries(sys.platform)
- )
- lib = None
-
def __init__(self):
self._ensure_ffi_initialized()
@classmethod
def _ensure_ffi_initialized(cls):
- if cls.lib is not None:
+ if cls._lib_loaded:
return
with cls._init_lock:
- if cls.lib is None:
- cls.lib = load_library_for_binding(
- cls.ffi,
- cls._module_prefix,
- cls._modules,
- )
-
+ if not cls._lib_loaded:
+ cls._lib_loaded = True
res = cls.lib.Cryptography_add_osrandom_engine()
assert res != 0
diff --git a/src/cryptography/hazmat/primitives/constant_time.py b/src/cryptography/hazmat/primitives/constant_time.py
index bf85bde1..5a682ca9 100644
--- a/src/cryptography/hazmat/primitives/constant_time.py
+++ b/src/cryptography/hazmat/primitives/constant_time.py
@@ -5,20 +5,8 @@
from __future__ import absolute_import, division, print_function
import hmac
-import os
-from cryptography.hazmat.bindings.utils import LazyLibrary, build_ffi
-
-
-with open(os.path.join(os.path.dirname(__file__), "src/constant_time.h")) as f:
- TYPES = f.read()
-
-with open(os.path.join(os.path.dirname(__file__), "src/constant_time.c")) as f:
- FUNCTIONS = f.read()
-
-
-_ffi = build_ffi(cdef_source=TYPES, verify_source=FUNCTIONS)
-_lib = LazyLibrary(_ffi)
+from cryptography.hazmat.bindings._constant_time import lib
if hasattr(hmac, "compare_digest"):
@@ -33,6 +21,6 @@ else:
if not isinstance(a, bytes) or not isinstance(b, bytes):
raise TypeError("a and b must be bytes.")
- return _lib.Cryptography_constant_time_bytes_eq(
+ return lib.Cryptography_constant_time_bytes_eq(
a, len(a), b, len(b)
) == 1
diff --git a/src/cryptography/hazmat/primitives/padding.py b/src/cryptography/hazmat/primitives/padding.py
index 6247f7b5..f6491eb7 100644
--- a/src/cryptography/hazmat/primitives/padding.py
+++ b/src/cryptography/hazmat/primitives/padding.py
@@ -6,24 +6,11 @@ from __future__ import absolute_import, division, print_function
import abc
-import os
-
import six
from cryptography import utils
from cryptography.exceptions import AlreadyFinalized
-from cryptography.hazmat.bindings.utils import LazyLibrary, build_ffi
-
-
-with open(os.path.join(os.path.dirname(__file__), "src/padding.h")) as f:
- TYPES = f.read()
-
-with open(os.path.join(os.path.dirname(__file__), "src/padding.c")) as f:
- FUNCTIONS = f.read()
-
-
-_ffi = build_ffi(cdef_source=TYPES, verify_source=FUNCTIONS)
-_lib = LazyLibrary(_ffi)
+from cryptography.hazmat.bindings._padding import lib
@six.add_metaclass(abc.ABCMeta)
@@ -124,7 +111,7 @@ class _PKCS7UnpaddingContext(object):
if len(self._buffer) != self.block_size // 8:
raise ValueError("Invalid padding bytes.")
- valid = _lib.Cryptography_check_pkcs7_padding(
+ valid = lib.Cryptography_check_pkcs7_padding(
self._buffer, self.block_size // 8
)
diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py
index 867c5dd6..b35e7670 100644
--- a/tests/hazmat/backends/test_openssl.py
+++ b/tests/hazmat/backends/test_openssl.py
@@ -482,14 +482,18 @@ class TestOpenSSLSerialisationWithOpenSSL(object):
)
+class DummyLibrary(object):
+ Cryptography_HAS_EC = 0
+
+
class TestOpenSSLEllipticCurve(object):
def test_elliptic_curve_supported(self, monkeypatch):
- monkeypatch.setattr(backend._lib, "Cryptography_HAS_EC", 0)
+ monkeypatch.setattr(backend, "_lib", DummyLibrary())
assert backend.elliptic_curve_supported(None) is False
def test_elliptic_curve_signature_algorithm_supported(self, monkeypatch):
- monkeypatch.setattr(backend._lib, "Cryptography_HAS_EC", 0)
+ monkeypatch.setattr(backend, "_lib", DummyLibrary())
assert backend.elliptic_curve_signature_algorithm_supported(
None, None
diff --git a/tests/hazmat/bindings/test_commoncrypto.py b/tests/hazmat/bindings/test_commoncrypto.py
index a86a1fab..b0a2dc43 100644
--- a/tests/hazmat/bindings/test_commoncrypto.py
+++ b/tests/hazmat/bindings/test_commoncrypto.py
@@ -6,22 +6,21 @@ from __future__ import absolute_import, division, print_function
import pytest
-from cryptography.hazmat.backends import _available_backends
-from cryptography.hazmat.bindings.commoncrypto.binding import Binding
+
+ccbinding = pytest.importorskip(
+ "cryptography.hazmat.bindings.commoncrypto.binding"
+)
-@pytest.mark.skipif("commoncrypto" not in
- [i.name for i in _available_backends()],
- reason="CommonCrypto not available")
class TestCommonCrypto(object):
def test_binding_loads(self):
- binding = Binding()
+ binding = ccbinding.Binding()
assert binding
assert binding.lib
assert binding.ffi
def test_binding_returns_same_lib(self):
- binding = Binding()
- binding2 = Binding()
+ binding = ccbinding.Binding()
+ binding2 = ccbinding.Binding()
assert binding.lib == binding2.lib
assert binding.ffi == binding2.ffi
diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py
index 8cc81cdc..e6d6fc45 100644
--- a/tests/hazmat/bindings/test_openssl.py
+++ b/tests/hazmat/bindings/test_openssl.py
@@ -6,9 +6,7 @@ from __future__ import absolute_import, division, print_function
import pytest
-from cryptography.hazmat.bindings.openssl.binding import (
- Binding, _get_libraries, _get_windows_libraries
-)
+from cryptography.hazmat.bindings.openssl.binding import Binding
class TestOpenSSL(object):
@@ -133,18 +131,3 @@ class TestOpenSSL(object):
expected_options = current_options | b.lib.SSL_OP_ALL
assert resp == expected_options
assert b.lib.SSL_get_mode(ssl) == expected_options
-
- def test_libraries(self, monkeypatch):
- assert _get_libraries("darwin") == ["ssl", "crypto"]
- monkeypatch.setenv('PYCA_WINDOWS_LINK_TYPE', 'static')
- assert "ssleay32mt" in _get_libraries("win32")
-
- def test_windows_static_dynamic_libraries(self):
- assert "ssleay32mt" in _get_windows_libraries("static")
-
- assert "ssleay32mt" in _get_windows_libraries("")
-
- assert "ssleay32" in _get_windows_libraries("dynamic")
-
- with pytest.raises(ValueError):
- _get_windows_libraries("notvalid")
diff --git a/tests/hazmat/bindings/test_utils.py b/tests/hazmat/bindings/test_utils.py
deleted file mode 100644
index 13d5d1cb..00000000
--- a/tests/hazmat/bindings/test_utils.py
+++ /dev/null
@@ -1,30 +0,0 @@
-# This file is dual licensed under the terms of the Apache License, Version
-# 2.0, and the BSD License. See the LICENSE file in the root of this repository
-# for complete details.
-
-from __future__ import absolute_import, division, print_function
-
-import binascii
-import os
-
-import pytest
-
-from cryptography.hazmat.bindings import utils
-
-
-def test_create_modulename():
- cdef_source = "cdef sources go here"
- source = "source code"
- name = utils._create_modulename(cdef_source, source, "2.7")
- assert name == "_Cryptography_cffi_bcba7f4bx4a14b588"
- name = utils._create_modulename(cdef_source, source, "3.2")
- assert name == "_Cryptography_cffi_a7462526x4a14b588"
-
-
-def test_implicit_compile_explodes():
- # This uses a random comment to make sure each test gets its own hash
- random_comment = binascii.hexlify(os.urandom(24))
- ffi = utils.build_ffi("/* %s */" % random_comment, "")
-
- with pytest.raises(RuntimeError):
- ffi.verifier.load_library()
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-02 10:53:27 +0000