2 files changed, 56 insertions, 75 deletions

diff --git a/cryptography/hazmat/bindings/openssl/binding.py b/cryptography/hazmat/bindings/openssl/binding.py
index 3b874466..2419044f 100644
--- a/cryptography/hazmat/bindings/openssl/binding.py
+++ b/cryptography/hazmat/bindings/openssl/binding.py
@@ -13,9 +13,8 @@
 
 from __future__ import absolute_import, division, print_function
 
-import sys
+from cryptography.hazmat.bindings.utils import build_ffi
 
-import cffi
 
 _OSX_PRE_INCLUDE = """
 #ifdef __APPLE__
@@ -39,20 +38,6 @@ _OSX_POST_INCLUDE = """
 class Binding(object):
     """
     OpenSSL API wrapper.
-
-    Modules listed in the ``_modules`` listed should have the following
-    attributes:
-
-    * ``INCLUDES``: A string containg C includes.
-    * ``TYPES``: A string containing C declarations for types.
-    * ``FUNCTIONS``: A string containing C declarations for functions.
-    * ``MACROS``: A string containing C declarations for any macros.
-    * ``CUSTOMIZATIONS``: A string containing arbitrary top-level C code, this
-        can be used to do things like test for a define and provide an
-        alternate implementation based on that.
-    * ``CONDITIONAL_NAMES``: A dict mapping strings of condition names from the
-        library to a list of names which will not be present without the
-        condition.
     """
     _module_prefix = "cryptography.hazmat.bindings.openssl."
     _modules = [
@@ -93,61 +78,13 @@ class Binding(object):
         if cls.ffi is not None and cls.lib is not None:
             return
 
-        ffi = cffi.FFI()
-        includes = []
-        functions = []
-        macros = []
-        customizations = []
-        for name in cls._modules:
-            module_name = cls._module_prefix + name
-            __import__(module_name)
-            module = sys.modules[module_name]
-
-            ffi.cdef(module.TYPES)
-
-            macros.append(module.MACROS)
-            functions.append(module.FUNCTIONS)
-            includes.append(module.INCLUDES)
-            customizations.append(module.CUSTOMIZATIONS)
-
-        # loop over the functions & macros after declaring all the types
-        # so we can set interdependent types in different files and still
-        # have them all defined before we parse the funcs & macros
-        for func in functions:
-            ffi.cdef(func)
-        for macro in macros:
-            ffi.cdef(macro)
-
-        # We include functions here so that if we got any of their definitions
-        # wrong, the underlying C compiler will explode. In C you are allowed
-        # to re-declare a function if it has the same signature. That is:
-        #   int foo(int);
-        #   int foo(int);
-        # is legal, but the following will fail to compile:
-        #   int foo(int);
-        #   int foo(short);
-
-        lib = ffi.verify(
-            source="\n".join(
-                [_OSX_PRE_INCLUDE] +
-                includes +
-                [_OSX_POST_INCLUDE] +
-                functions +
-                customizations
-            ),
-            libraries=["crypto", "ssl"],
-        )
-
-        for name in cls._modules:
-            module_name = cls._module_prefix + name
-            module = sys.modules[module_name]
-            for condition, names in module.CONDITIONAL_NAMES.items():
-                if not getattr(lib, condition):
-                    for name in names:
-                        delattr(lib, name)
-
-        res = lib.Cryptography_add_osrandom_engine()
+        cls.ffi, cls.lib = build_ffi(cls._module_prefix, cls._modules,
+                                     _OSX_PRE_INCLUDE, _OSX_POST_INCLUDE,
+                                     ["crypto", "ssl"])
+        res = cls.lib.Cryptography_add_osrandom_engine()
         assert res == 1
 
-        cls.ffi = ffi
-        cls.lib = lib
+    @classmethod
+    def is_available(cls):
+        # OpenSSL is the only binding so for now it must always be available
+        return True
diff --git a/cryptography/hazmat/bindings/openssl/err.py b/cryptography/hazmat/bindings/openssl/err.py
index 6b2a77b1..1b66bd2a 100644
--- a/cryptography/hazmat/bindings/openssl/err.py
+++ b/cryptography/hazmat/bindings/openssl/err.py
@@ -22,23 +22,67 @@ struct ERR_string_data_st {
 };
 typedef struct ERR_string_data_st ERR_STRING_DATA;
 
+static const int ASN1_R_BAD_PASSWORD_READ;
+
 static const int ERR_LIB_EVP;
 static const int ERR_LIB_PEM;
 
-static const int EVP_F_EVP_ENCRYPTFINAL_EX;
 static const int EVP_F_EVP_DECRYPTFINAL_EX;
+static const int EVP_F_EVP_ENCRYPTFINAL_EX;
 
 static const int EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH;
 
-static const int PEM_F_PEM_READ_BIO_PRIVATEKEY;
 static const int PEM_F_D2I_PKCS8PRIVATEKEY_BIO;
+static const int PEM_F_D2I_PKCS8PRIVATEKEY_BIO;
+static const int PEM_F_D2I_PKCS8PRIVATEKEY_FP;
+static const int PEM_F_DO_PK8PKEY;
+static const int PEM_F_DO_PK8PKEY_FP;
+static const int PEM_F_LOAD_IV;
+static const int PEM_F_PEM_ASN1_READ;
+static const int PEM_F_PEM_ASN1_READ_BIO;
+static const int PEM_F_PEM_ASN1_WRITE;
+static const int PEM_F_PEM_ASN1_WRITE_BIO;
+static const int PEM_F_PEM_DEF_CALLBACK;
+static const int PEM_F_PEM_DO_HEADER;
+static const int PEM_F_PEM_F_PEM_WRITE_PKCS8PRIVATEKEY;
+static const int PEM_F_PEM_GET_EVP_CIPHER_INFO;
+static const int PEM_F_PEM_PK8PKEY;
+static const int PEM_F_PEM_READ;
+static const int PEM_F_PEM_READ_BIO;
+static const int PEM_F_PEM_READ_BIO_PRIVATEKEY;
+static const int PEM_F_PEM_READ_BIO_PRIVATEKEY;
+static const int PEM_F_PEM_READ_PRIVATEKEY;
+static const int PEM_F_PEM_SEALFINAL;
+static const int PEM_F_PEM_SEALINIT;
+static const int PEM_F_PEM_SIGNFINAL;
+static const int PEM_F_PEM_WRITE;
+static const int PEM_F_PEM_WRITE_BIO;
+static const int PEM_F_PEM_X509_INFO_READ;
+static const int PEM_F_PEM_X509_INFO_READ_BIO;
+static const int PEM_F_PEM_X509_INFO_WRITE_BIO;
 
+static const int PEM_R_BAD_BASE64_DECODE;
+static const int PEM_R_BAD_DECRYPT;
+static const int PEM_R_BAD_END_LINE;
+static const int PEM_R_BAD_IV_CHARS;
 static const int PEM_R_BAD_PASSWORD_READ;
-static const int ASN1_R_BAD_PASSWORD_READ;
+static const int PEM_R_BAD_PASSWORD_READ;
+static const int PEM_R_ERROR_CONVERTING_PRIVATE_KEY;
+static const int PEM_R_NOT_DEK_INFO;
+static const int PEM_R_NOT_ENCRYPTED;
+static const int PEM_R_NOT_PROC_TYPE;
+static const int PEM_R_NO_START_LINE;
+static const int PEM_R_PROBLEMS_GETTING_PASSWORD;
+static const int PEM_R_PUBLIC_KEY_NO_RSA;
+static const int PEM_R_READ_KEY;
+static const int PEM_R_SHORT_HEADER;
+static const int PEM_R_UNSUPPORTED_CIPHER;
+static const int PEM_R_UNSUPPORTED_ENCRYPTION;
 """
 
 FUNCTIONS = """
 void ERR_load_crypto_strings(void);
+void ERR_load_SSL_strings(void);
 void ERR_free_strings(void);
 char* ERR_error_string(unsigned long, char *);
 void ERR_error_string_n(unsigned long, char *, size_t);