From 344a3b7b92de9bf6ee64d49d8fa5041f97b1e90b Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Fri, 18 Apr 2014 10:12:00 -0500 Subject: Add very early CMS bindings. These will need expansion. --- cryptography/hazmat/bindings/openssl/binding.py | 1 + cryptography/hazmat/bindings/openssl/cms.py | 95 +++++++++++++++++++++++++ 2 files changed, 96 insertions(+) create mode 100644 cryptography/hazmat/bindings/openssl/cms.py diff --git a/cryptography/hazmat/bindings/openssl/binding.py b/cryptography/hazmat/bindings/openssl/binding.py index acf9d42c..cc40a108 100644 --- a/cryptography/hazmat/bindings/openssl/binding.py +++ b/cryptography/hazmat/bindings/openssl/binding.py @@ -49,6 +49,7 @@ class Binding(object): "bignum", "bio", "cmac", + "cms", "conf", "crypto", "dh", diff --git a/cryptography/hazmat/bindings/openssl/cms.py b/cryptography/hazmat/bindings/openssl/cms.py new file mode 100644 index 00000000..acb6991b --- /dev/null +++ b/cryptography/hazmat/bindings/openssl/cms.py @@ -0,0 +1,95 @@ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +from __future__ import absolute_import, division, print_function + +INCLUDES = """ +#ifndef OPENSSL_NO_CMS +#include +#endif +""" + +TYPES = """ +static const long Cryptography_HAS_CMS; + +typedef ... CMS_ContentInfo; +typedef ... CMS_SignerInfo; +typedef ... CMS_CertificateChoices; +typedef ... CMS_RevocationInfoChoice; +typedef ... CMS_RecipientInfo; +typedef ... CMS_ReceiptRequest; +typedef ... CMS_Receipt; +""" + +FUNCTIONS = """ +""" + +MACROS = """ +BIO *BIO_new_CMS(BIO *, CMS_ContentInfo *); +int i2d_CMS_bio_stream(BIO *, CMS_ContentInfo *, BIO *, int); +int PEM_write_bio_CMS_stream(BIO *, CMS_ContentInfo *, BIO *, int); +int CMS_final(CMS_ContentInfo *, BIO *, BIO *, unsigned int); +CMS_ContentInfo *CMS_sign(X509 *, EVP_PKEY *, Cryptography_STACK_OF_X509 *, + BIO *, unsigned int); +int CMS_verify(CMS_ContentInfo *, Cryptography_STACK_OF_X509 *, X509_STORE *, + BIO *, BIO *, unsigned int); +CMS_ContentInfo *CMS_encrypt(Cryptography_STACK_OF_X509 *, BIO *, + const EVP_CIPHER *, unsigned int); +int CMS_decrypt(CMS_ContentInfo *, EVP_PKEY *, X509 *, BIO *, BIO *, + unsigned int); +CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *, X509 *, EVP_PKEY *, + const EVP_MD *, unsigned int); +""" + +CUSTOMIZATIONS = """ +#ifndef OPENSSL_NO_CMS +static const long Cryptography_HAS_CMS = 1; +#else +static const long Cryptography_HAS_CMS = 0; +typedef void CMS_ContentInfo; +typedef void CMS_SignerInfo; +typedef void CMS_CertificateChoices; +typedef void CMS_RevocationInfoChoice; +typedef void CMS_RecipientInfo; +typedef void CMS_ReceiptRequest; +typedef void CMS_Receipt; +BIO *(*BIO_new_CMS)(BIO *, CMS_ContentInfo *) = NULL; +int (*i2d_CMS_bio_stream)(BIO *, CMS_ContentInfo *, BIO *, int) = NULL; +int (*PEM_write_bio_CMS_stream)(BIO *, CMS_ContentInfo *, BIO *, int) = NULL; +int (*CMS_final)(CMS_ContentInfo *, BIO *, BIO *, unsigned int) = NULL; +CMS_ContentInfo *(*CMS_sign)(X509 *, EVP_PKEY *, Cryptography_STACK_OF_X509 *, + BIO *, unsigned int) = NULL; +int (*CMS_verify)(CMS_ContentInfo *, Cryptography_STACK_OF_X509 *, + X509_STORE *, BIO *, BIO *, unsigned int) = NULL; +CMS_ContentInfo *(*CMS_encrypt)(Cryptography_STACK_OF_X509 *, BIO *, + const EVP_CIPHER *, unsigned int) = NULL; +int (*CMS_decrypt)(CMS_ContentInfo *, EVP_PKEY *, X509 *, BIO *, BIO *, + unsigned int) = NULL; +CMS_SignerInfo *(*CMS_add1_signer)(CMS_ContentInfo *, X509 *, EVP_PKEY *, + const EVP_MD *, unsigned int) = NULL; +#endif +""" + +CONDITIONAL_NAMES = { + "Cryptography_HAS_CMS": [ + "BIO_new_CMS", + "i2d_CMS_bio_stream", + "PEM_write_bio_CMS_stream", + "CMS_final", + "CMS_sign", + "CMS_verify", + "CMS_encrypt", + "CMS_decrypt", + "CMS_add1_signer", + ] +} -- cgit v1.2.3 From 7fcbb68b327fd9d6ba4bb9a29c1d3c9b75bc467a Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Fri, 18 Apr 2014 10:25:26 -0500 Subject: CMS was added as an option in 0.9.8h, always exclude if older --- cryptography/hazmat/bindings/openssl/cms.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cryptography/hazmat/bindings/openssl/cms.py b/cryptography/hazmat/bindings/openssl/cms.py index acb6991b..62600cb5 100644 --- a/cryptography/hazmat/bindings/openssl/cms.py +++ b/cryptography/hazmat/bindings/openssl/cms.py @@ -14,7 +14,7 @@ from __future__ import absolute_import, division, print_function INCLUDES = """ -#ifndef OPENSSL_NO_CMS +#ifndef OPENSSL_NO_CMS && OPENSSL_VERSION_NUMBER >= 0x0090808fL #include #endif """ @@ -52,7 +52,7 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *, X509 *, EVP_PKEY *, """ CUSTOMIZATIONS = """ -#ifndef OPENSSL_NO_CMS +#ifndef OPENSSL_NO_CMS && OPENSSL_VERSION_NUMBER >= 0x0090808fL static const long Cryptography_HAS_CMS = 1; #else static const long Cryptography_HAS_CMS = 0; -- cgit v1.2.3 From cc17d36560e6a3f2db1305559f9e9cacd091a05a Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Fri, 18 Apr 2014 13:50:16 -0500 Subject: proper syntax for a preprocessor directive helps --- cryptography/hazmat/bindings/openssl/cms.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cryptography/hazmat/bindings/openssl/cms.py b/cryptography/hazmat/bindings/openssl/cms.py index 62600cb5..4888e5e3 100644 --- a/cryptography/hazmat/bindings/openssl/cms.py +++ b/cryptography/hazmat/bindings/openssl/cms.py @@ -14,7 +14,7 @@ from __future__ import absolute_import, division, print_function INCLUDES = """ -#ifndef OPENSSL_NO_CMS && OPENSSL_VERSION_NUMBER >= 0x0090808fL +#if !defined(OPENSSL_NO_CMS) && OPENSSL_VERSION_NUMBER >= 0x0090808fL #include #endif """ @@ -52,7 +52,7 @@ CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *, X509 *, EVP_PKEY *, """ CUSTOMIZATIONS = """ -#ifndef OPENSSL_NO_CMS && OPENSSL_VERSION_NUMBER >= 0x0090808fL +#if !defined(OPENSSL_NO_CMS) && OPENSSL_VERSION_NUMBER >= 0x0090808fL static const long Cryptography_HAS_CMS = 1; #else static const long Cryptography_HAS_CMS = 0; -- cgit v1.2.3 From a3652a8d3893d1f8f638613ae8b2198342b251ba Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 19 Apr 2014 12:12:08 -0500 Subject: make the cms binding work properly on windows --- cryptography/hazmat/bindings/openssl/cms.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/cryptography/hazmat/bindings/openssl/cms.py b/cryptography/hazmat/bindings/openssl/cms.py index 4888e5e3..a3760f2c 100644 --- a/cryptography/hazmat/bindings/openssl/cms.py +++ b/cryptography/hazmat/bindings/openssl/cms.py @@ -15,6 +15,11 @@ from __future__ import absolute_import, division, print_function INCLUDES = """ #if !defined(OPENSSL_NO_CMS) && OPENSSL_VERSION_NUMBER >= 0x0090808fL +// The next define should really be in the OpenSSL header, but it is missing. +// Failing to include this on Windows causes compilation failures. +#if defined(OPENSSL_SYS_WINDOWS) +#include +#endif #include #endif """ -- cgit v1.2.3