aboutsummaryrefslogtreecommitdiffstats
path: root/cryptography/hazmat
diff options
context:
space:
mode:
Diffstat (limited to 'cryptography/hazmat')
-rw-r--r--cryptography/hazmat/backends/__init__.py (renamed from cryptography/hazmat/bindings/__init__.py)2
-rw-r--r--cryptography/hazmat/backends/interfaces.py (renamed from cryptography/hazmat/bindings/interfaces.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/__init__.py (renamed from cryptography/hazmat/bindings/openssl/__init__.py)2
-rw-r--r--cryptography/hazmat/backends/openssl/asn1.py (renamed from cryptography/hazmat/bindings/openssl/asn1.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/backend.py (renamed from cryptography/hazmat/bindings/openssl/backend.py)4
-rw-r--r--cryptography/hazmat/backends/openssl/bignum.py (renamed from cryptography/hazmat/bindings/openssl/bignum.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/bio.py (renamed from cryptography/hazmat/bindings/openssl/bio.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/conf.py (renamed from cryptography/hazmat/bindings/openssl/conf.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/crypto.py (renamed from cryptography/hazmat/bindings/openssl/crypto.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/dh.py (renamed from cryptography/hazmat/bindings/openssl/dh.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/dsa.py (renamed from cryptography/hazmat/bindings/openssl/dsa.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/engine.py (renamed from cryptography/hazmat/bindings/openssl/engine.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/err.py (renamed from cryptography/hazmat/bindings/openssl/err.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/evp.py (renamed from cryptography/hazmat/bindings/openssl/evp.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/hmac.py (renamed from cryptography/hazmat/bindings/openssl/hmac.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/nid.py (renamed from cryptography/hazmat/bindings/openssl/nid.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/opensslv.py (renamed from cryptography/hazmat/bindings/openssl/opensslv.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/pem.py (renamed from cryptography/hazmat/bindings/openssl/pem.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/pkcs12.py (renamed from cryptography/hazmat/bindings/openssl/pkcs12.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/pkcs7.py (renamed from cryptography/hazmat/bindings/openssl/pkcs7.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/rand.py (renamed from cryptography/hazmat/bindings/openssl/rand.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/rsa.py (renamed from cryptography/hazmat/bindings/openssl/rsa.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/ssl.py (renamed from cryptography/hazmat/bindings/openssl/ssl.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/x509.py (renamed from cryptography/hazmat/bindings/openssl/x509.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/x509name.py (renamed from cryptography/hazmat/bindings/openssl/x509name.py)0
-rw-r--r--cryptography/hazmat/backends/openssl/x509v3.py (renamed from cryptography/hazmat/bindings/openssl/x509v3.py)0
-rw-r--r--cryptography/hazmat/primitives/constant_time.py53
27 files changed, 57 insertions, 4 deletions
diff --git a/cryptography/hazmat/bindings/__init__.py b/cryptography/hazmat/backends/__init__.py
index bd158198..215aa4d3 100644
--- a/cryptography/hazmat/bindings/__init__.py
+++ b/cryptography/hazmat/backends/__init__.py
@@ -11,7 +11,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-from cryptography.hazmat.bindings import openssl
+from cryptography.hazmat.backends import openssl
_ALL_BACKENDS = [
diff --git a/cryptography/hazmat/bindings/interfaces.py b/cryptography/hazmat/backends/interfaces.py
index 912476bb..912476bb 100644
--- a/cryptography/hazmat/bindings/interfaces.py
+++ b/cryptography/hazmat/backends/interfaces.py
diff --git a/cryptography/hazmat/bindings/openssl/__init__.py b/cryptography/hazmat/backends/openssl/__init__.py
index 44267efd..a8dfad06 100644
--- a/cryptography/hazmat/bindings/openssl/__init__.py
+++ b/cryptography/hazmat/backends/openssl/__init__.py
@@ -11,7 +11,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-from cryptography.hazmat.bindings.openssl.backend import backend
+from cryptography.hazmat.backends.openssl.backend import backend
__all__ = ["backend"]
diff --git a/cryptography/hazmat/bindings/openssl/asn1.py b/cryptography/hazmat/backends/openssl/asn1.py
index 719a523c..719a523c 100644
--- a/cryptography/hazmat/bindings/openssl/asn1.py
+++ b/cryptography/hazmat/backends/openssl/asn1.py
diff --git a/cryptography/hazmat/bindings/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py
index f19c8cca..bd092bec 100644
--- a/cryptography/hazmat/bindings/openssl/backend.py
+++ b/cryptography/hazmat/backends/openssl/backend.py
@@ -20,7 +20,7 @@ import cffi
from cryptography import utils
from cryptography.exceptions import UnsupportedAlgorithm, InvalidTag
-from cryptography.hazmat.bindings.interfaces import (
+from cryptography.hazmat.backends.interfaces import (
CipherBackend, HashBackend, HMACBackend
)
from cryptography.hazmat.primitives import interfaces
@@ -102,7 +102,7 @@ class Backend(object):
macros = []
customizations = []
for name in cls._modules:
- module_name = "cryptography.hazmat.bindings.openssl." + name
+ module_name = "cryptography.hazmat.backends.openssl." + name
__import__(module_name)
module = sys.modules[module_name]
diff --git a/cryptography/hazmat/bindings/openssl/bignum.py b/cryptography/hazmat/backends/openssl/bignum.py
index 1b0fe5ab..1b0fe5ab 100644
--- a/cryptography/hazmat/bindings/openssl/bignum.py
+++ b/cryptography/hazmat/backends/openssl/bignum.py
diff --git a/cryptography/hazmat/bindings/openssl/bio.py b/cryptography/hazmat/backends/openssl/bio.py
index c23dd0d8..c23dd0d8 100644
--- a/cryptography/hazmat/bindings/openssl/bio.py
+++ b/cryptography/hazmat/backends/openssl/bio.py
diff --git a/cryptography/hazmat/bindings/openssl/conf.py b/cryptography/hazmat/backends/openssl/conf.py
index 4846252c..4846252c 100644
--- a/cryptography/hazmat/bindings/openssl/conf.py
+++ b/cryptography/hazmat/backends/openssl/conf.py
diff --git a/cryptography/hazmat/bindings/openssl/crypto.py b/cryptography/hazmat/backends/openssl/crypto.py
index 773d9b14..773d9b14 100644
--- a/cryptography/hazmat/bindings/openssl/crypto.py
+++ b/cryptography/hazmat/backends/openssl/crypto.py
diff --git a/cryptography/hazmat/bindings/openssl/dh.py b/cryptography/hazmat/backends/openssl/dh.py
index b8fbf368..b8fbf368 100644
--- a/cryptography/hazmat/bindings/openssl/dh.py
+++ b/cryptography/hazmat/backends/openssl/dh.py
diff --git a/cryptography/hazmat/bindings/openssl/dsa.py b/cryptography/hazmat/backends/openssl/dsa.py
index e6c369a6..e6c369a6 100644
--- a/cryptography/hazmat/bindings/openssl/dsa.py
+++ b/cryptography/hazmat/backends/openssl/dsa.py
diff --git a/cryptography/hazmat/bindings/openssl/engine.py b/cryptography/hazmat/backends/openssl/engine.py
index 1f377665..1f377665 100644
--- a/cryptography/hazmat/bindings/openssl/engine.py
+++ b/cryptography/hazmat/backends/openssl/engine.py
diff --git a/cryptography/hazmat/bindings/openssl/err.py b/cryptography/hazmat/backends/openssl/err.py
index f31c2405..f31c2405 100644
--- a/cryptography/hazmat/bindings/openssl/err.py
+++ b/cryptography/hazmat/backends/openssl/err.py
diff --git a/cryptography/hazmat/bindings/openssl/evp.py b/cryptography/hazmat/backends/openssl/evp.py
index 8cb44610..8cb44610 100644
--- a/cryptography/hazmat/bindings/openssl/evp.py
+++ b/cryptography/hazmat/backends/openssl/evp.py
diff --git a/cryptography/hazmat/bindings/openssl/hmac.py b/cryptography/hazmat/backends/openssl/hmac.py
index 10e67141..10e67141 100644
--- a/cryptography/hazmat/bindings/openssl/hmac.py
+++ b/cryptography/hazmat/backends/openssl/hmac.py
diff --git a/cryptography/hazmat/bindings/openssl/nid.py b/cryptography/hazmat/backends/openssl/nid.py
index 9816dde4..9816dde4 100644
--- a/cryptography/hazmat/bindings/openssl/nid.py
+++ b/cryptography/hazmat/backends/openssl/nid.py
diff --git a/cryptography/hazmat/bindings/openssl/opensslv.py b/cryptography/hazmat/backends/openssl/opensslv.py
index d463776c..d463776c 100644
--- a/cryptography/hazmat/bindings/openssl/opensslv.py
+++ b/cryptography/hazmat/backends/openssl/opensslv.py
diff --git a/cryptography/hazmat/bindings/openssl/pem.py b/cryptography/hazmat/backends/openssl/pem.py
index cef7839f..cef7839f 100644
--- a/cryptography/hazmat/bindings/openssl/pem.py
+++ b/cryptography/hazmat/backends/openssl/pem.py
diff --git a/cryptography/hazmat/bindings/openssl/pkcs12.py b/cryptography/hazmat/backends/openssl/pkcs12.py
index d91d100f..d91d100f 100644
--- a/cryptography/hazmat/bindings/openssl/pkcs12.py
+++ b/cryptography/hazmat/backends/openssl/pkcs12.py
diff --git a/cryptography/hazmat/bindings/openssl/pkcs7.py b/cryptography/hazmat/backends/openssl/pkcs7.py
index 60ea3c52..60ea3c52 100644
--- a/cryptography/hazmat/bindings/openssl/pkcs7.py
+++ b/cryptography/hazmat/backends/openssl/pkcs7.py
diff --git a/cryptography/hazmat/bindings/openssl/rand.py b/cryptography/hazmat/backends/openssl/rand.py
index 848ee05a..848ee05a 100644
--- a/cryptography/hazmat/bindings/openssl/rand.py
+++ b/cryptography/hazmat/backends/openssl/rand.py
diff --git a/cryptography/hazmat/bindings/openssl/rsa.py b/cryptography/hazmat/backends/openssl/rsa.py
index ad0d37b4..ad0d37b4 100644
--- a/cryptography/hazmat/bindings/openssl/rsa.py
+++ b/cryptography/hazmat/backends/openssl/rsa.py
diff --git a/cryptography/hazmat/bindings/openssl/ssl.py b/cryptography/hazmat/backends/openssl/ssl.py
index 04611309..04611309 100644
--- a/cryptography/hazmat/bindings/openssl/ssl.py
+++ b/cryptography/hazmat/backends/openssl/ssl.py
diff --git a/cryptography/hazmat/bindings/openssl/x509.py b/cryptography/hazmat/backends/openssl/x509.py
index b2ee672e..b2ee672e 100644
--- a/cryptography/hazmat/bindings/openssl/x509.py
+++ b/cryptography/hazmat/backends/openssl/x509.py
diff --git a/cryptography/hazmat/bindings/openssl/x509name.py b/cryptography/hazmat/backends/openssl/x509name.py
index 896f0ae4..896f0ae4 100644
--- a/cryptography/hazmat/bindings/openssl/x509name.py
+++ b/cryptography/hazmat/backends/openssl/x509name.py
diff --git a/cryptography/hazmat/bindings/openssl/x509v3.py b/cryptography/hazmat/backends/openssl/x509v3.py
index bc26236c..bc26236c 100644
--- a/cryptography/hazmat/bindings/openssl/x509v3.py
+++ b/cryptography/hazmat/backends/openssl/x509v3.py
diff --git a/cryptography/hazmat/primitives/constant_time.py b/cryptography/hazmat/primitives/constant_time.py
new file mode 100644
index 00000000..a8351504
--- /dev/null
+++ b/cryptography/hazmat/primitives/constant_time.py
@@ -0,0 +1,53 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from __future__ import absolute_import, division, print_function
+
+import cffi
+
+import six
+
+
+_ffi = cffi.FFI()
+_ffi.cdef("""
+bool Cryptography_constant_time_bytes_eq(uint8_t *, size_t, uint8_t *, size_t);
+""")
+_lib = _ffi.verify("""
+#include <stdbool.h>
+
+bool Cryptography_constant_time_bytes_eq(uint8_t *a, size_t len_a, uint8_t *b,
+ size_t len_b) {
+ size_t i = 0;
+ uint8_t mismatch = 0;
+ if (len_a != len_b) {
+ return false;
+ }
+ for (i = 0; i < len_a; i++) {
+ mismatch |= a[i] ^ b[i];
+ }
+
+ /* Make sure any bits set are copied to the lowest bit */
+ mismatch |= mismatch >> 4;
+ mismatch |= mismatch >> 2;
+ mismatch |= mismatch >> 1;
+ /* Now check the low bit to see if it's set */
+ return (mismatch & 1) == 0;
+}
+""")
+
+
+def bytes_eq(a, b):
+ if isinstance(a, six.text_type) or isinstance(b, six.text_type):
+ raise TypeError("Unicode-objects must be encoded before comparing")
+
+ return _lib.Cryptography_constant_time_bytes_eq(a, len(a), b, len(b)) == 1
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-09 17:37:58 +0000