G01_0350/venv_win32/Lib/site-packages/cryptography/hazmat/backends/interfaces.py

# This file is dual licensed under the terms of the Apache License, Version
# 2.0, and the BSD License. See the LICENSE file in the root of this repository
# for complete details.


import abc
import typing


if typing.TYPE_CHECKING:
    from cryptography.hazmat.primitives.asymmetric.types import (
        PRIVATE_KEY_TYPES,
    )
    from cryptography.hazmat.primitives import hashes
    from cryptography.x509.base import (
        Certificate,
        CertificateBuilder,
        CertificateRevocationList,
        CertificateRevocationListBuilder,
        CertificateSigningRequest,
        CertificateSigningRequestBuilder,
        RevokedCertificate,
        RevokedCertificateBuilder,
    )
    from cryptography.x509.name import Name


class CipherBackend(metaclass=abc.ABCMeta):
    @abc.abstractmethod
    def cipher_supported(self, cipher, mode):
        """
        Return True if the given cipher and mode are supported.
        """

    @abc.abstractmethod
    def create_symmetric_encryption_ctx(self, cipher, mode):
        """
        Get a CipherContext that can be used for encryption.
        """

    @abc.abstractmethod
    def create_symmetric_decryption_ctx(self, cipher, mode):
        """
        Get a CipherContext that can be used for decryption.
        """


class HashBackend(metaclass=abc.ABCMeta):
    @abc.abstractmethod
    def hash_supported(self, algorithm):
        """
        Return True if the hash algorithm is supported by this backend.
        """

    @abc.abstractmethod
    def create_hash_ctx(self, algorithm):
        """
        Create a HashContext for calculating a message digest.
        """


class HMACBackend(metaclass=abc.ABCMeta):
    @abc.abstractmethod
    def hmac_supported(self, algorithm):
        """
        Return True if the hash algorithm is supported for HMAC by this
        backend.
        """

    @abc.abstractmethod
    def create_hmac_ctx(self, key, algorithm):
        """
        Create a context for calculating a message authentication code.
        """


class CMACBackend(metaclass=abc.ABCMeta):
    @abc.abstractmethod
    def cmac_algorithm_supported(self, algorithm):
        """
        Returns True if the block cipher is supported for CMAC by this backend
        """

    @abc.abstractmethod
    def create_cmac_ctx(self, algorithm):
        """
        Create a context for calculating a message authentication code.
        """


class PBKDF2HMACBackend(metaclass=abc.ABCMeta):
    @abc.abstractmethod
    def pbkdf2_hmac_supported(self, algorithm):
        """
        Return True if the hash algorithm is supported for PBKDF2 by this
        backend.
        """

    @abc.abstractmethod
    def derive_pbkdf2_hmac(
        self, algorithm, length, salt, iterations, key_material
    ):
        """
        Return length bytes derived from provided PBKDF2 parameters.
        """


class RSABackend(metaclass=abc.ABCMeta):
    @abc.abstractmethod
    def generate_rsa_private_key(self, public_exponent, key_size):
        """
        Generate an RSAPrivateKey instance with public_exponent and a modulus
        of key_size bits.
        """

    @abc.abstractmethod
    def rsa_padding_supported(self, padding):
        """
        Returns True if the backend supports the given padding options.
        """

    @abc.abstractmethod
    def generate_rsa_parameters_supported(self, public_exponent, key_size):
        """
        Returns True if the backend supports the given parameters for key
        generation.
        """

    @abc.abstractmethod
    def load_rsa_private_numbers(self, numbers):
        """
        Returns an RSAPrivateKey provider.
        """

    @abc.abstractmethod
    def load_rsa_public_numbers(self, numbers):
        """
        Returns an RSAPublicKey provider.
        """


class DSABackend(metaclass=abc.ABCMeta):
    @abc.abstractmethod
    def generate_dsa_parameters(self, key_size):
        """
        Generate a DSAParameters instance with a modulus of key_size bits.
        """

    @abc.abstractmethod
    def generate_dsa_private_key(self, parameters):
        """
        Generate a DSAPrivateKey instance with parameters as a DSAParameters
        object.
        """

    @abc.abstractmethod
    def generate_dsa_private_key_and_parameters(self, key_size):
        """
        Generate a DSAPrivateKey instance using key size only.
        """

    @abc.abstractmethod
    def dsa_hash_supported(self, algorithm):
        """
        Return True if the hash algorithm is supported by the backend for DSA.
        """

    @abc.abstractmethod
    def dsa_parameters_supported(self, p, q, g):
        """
        Return True if the parameters are supported by the backend for DSA.
        """

    @abc.abstractmethod
    def load_dsa_private_numbers(self, numbers):
        """
        Returns a DSAPrivateKey provider.
        """

    @abc.abstractmethod
    def load_dsa_public_numbers(self, numbers):
        """
        Returns a DSAPublicKey provider.
        """

    @abc.abstractmethod
    def load_dsa_parameter_numbers(self, numbers):
        """
        Returns a DSAParameters provider.
        """


class EllipticCurveBackend(metaclass=abc.ABCMeta):
    @abc.abstractmethod
    def elliptic_curve_signature_algorithm_supported(
        self, signature_algorithm, curve
    ):
        """
        Returns True if the backend supports the named elliptic curve with the
        specified signature algorithm.
        """

    @abc.abstractmethod
    def elliptic_curve_supported(self, curve):
        """
        Returns True if the backend supports the named elliptic curve.
        """

    @abc.abstractmethod
    def generate_elliptic_curve_private_key(self, curve):
        """
        Return an object conforming to the EllipticCurvePrivateKey interface.
        """

    @abc.abstractmethod
    def load_elliptic_curve_public_numbers(self, numbers):
        """
        Return an EllipticCurvePublicKey provider using the given numbers.
        """

    @abc.abstractmethod
    def load_elliptic_curve_private_numbers(self, numbers):
        """
        Return an EllipticCurvePrivateKey provider using the given numbers.
        """

    @abc.abstractmethod
    def elliptic_curve_exchange_algorithm_supported(self, algorithm, curve):
        """
        Returns whether the exchange algorithm is supported by this backend.
        """

    @abc.abstractmethod
    def derive_elliptic_curve_private_key(self, private_value, curve):
        """
        Compute the private key given the private value and curve.
        """


class PEMSerializationBackend(metaclass=abc.ABCMeta):
    @abc.abstractmethod
    def load_pem_private_key(self, data, password):
        """
        Loads a private key from PEM encoded data, using the provided password
        if the data is encrypted.
        """

    @abc.abstractmethod
    def load_pem_public_key(self, data):
        """
        Loads a public key from PEM encoded data.
        """

    @abc.abstractmethod
    def load_pem_parameters(self, data):
        """
        Load encryption parameters from PEM encoded data.
        """


class DERSerializationBackend(metaclass=abc.ABCMeta):
    @abc.abstractmethod
    def load_der_private_key(self, data, password):
        """
        Loads a private key from DER encoded data. Uses the provided password
        if the data is encrypted.
        """

    @abc.abstractmethod
    def load_der_public_key(self, data):
        """
        Loads a public key from DER encoded data.
        """

    @abc.abstractmethod
    def load_der_parameters(self, data):
        """
        Load encryption parameters from DER encoded data.
        """


class X509Backend(metaclass=abc.ABCMeta):
    @abc.abstractmethod
    def create_x509_csr(
        self,
        builder: "CertificateSigningRequestBuilder",
        private_key: "PRIVATE_KEY_TYPES",
        algorithm: typing.Optional["hashes.HashAlgorithm"],
    ) -> "CertificateSigningRequest":
        """
        Create and sign an X.509 CSR from a CSR builder object.
        """

    @abc.abstractmethod
    def create_x509_certificate(
        self,
        builder: "CertificateBuilder",
        private_key: "PRIVATE_KEY_TYPES",
        algorithm: typing.Optional["hashes.HashAlgorithm"],
    ) -> "Certificate":
        """
        Create and sign an X.509 certificate from a CertificateBuilder object.
        """

    @abc.abstractmethod
    def create_x509_crl(
        self,
        builder: "CertificateRevocationListBuilder",
        private_key: "PRIVATE_KEY_TYPES",
        algorithm: typing.Optional["hashes.HashAlgorithm"],
    ) -> "CertificateRevocationList":
        """
        Create and sign an X.509 CertificateRevocationList from a
        CertificateRevocationListBuilder object.
        """

    @abc.abstractmethod
    def create_x509_revoked_certificate(
        self, builder: "RevokedCertificateBuilder"
    ) -> "RevokedCertificate":
        """
        Create a RevokedCertificate object from a RevokedCertificateBuilder
        object.
        """

    @abc.abstractmethod
    def x509_name_bytes(self, name: "Name") -> bytes:
        """
        Compute the DER encoded bytes of an X509 Name object.
        """


class DHBackend(metaclass=abc.ABCMeta):
    @abc.abstractmethod
    def generate_dh_parameters(self, generator, key_size):
        """
        Generate a DHParameters instance with a modulus of key_size bits.
        Using the given generator. Often 2 or 5.
        """

    @abc.abstractmethod
    def generate_dh_private_key(self, parameters):
        """
        Generate a DHPrivateKey instance with parameters as a DHParameters
        object.
        """

    @abc.abstractmethod
    def generate_dh_private_key_and_parameters(self, generator, key_size):
        """
        Generate a DHPrivateKey instance using key size only.
        Using the given generator. Often 2 or 5.
        """

    @abc.abstractmethod
    def load_dh_private_numbers(self, numbers):
        """
        Load a DHPrivateKey from DHPrivateNumbers
        """

    @abc.abstractmethod
    def load_dh_public_numbers(self, numbers):
        """
        Load a DHPublicKey from DHPublicNumbers.
        """

    @abc.abstractmethod
    def load_dh_parameter_numbers(self, numbers):
        """
        Load DHParameters from DHParameterNumbers.
        """

    @abc.abstractmethod
    def dh_parameters_supported(self, p, g, q=None):
        """
        Returns whether the backend supports DH with these parameter values.
        """

    @abc.abstractmethod
    def dh_x942_serialization_supported(self):
        """
        Returns True if the backend supports the serialization of DH objects
        with subgroup order (q).
        """


class ScryptBackend(metaclass=abc.ABCMeta):
    @abc.abstractmethod
    def derive_scrypt(self, key_material, salt, length, n, r, p):
        """
        Return bytes derived from provided Scrypt parameters.
        """

    @abc.abstractmethod
    def scrypt_supported(self):
        """
        Return True if Scrypt is supported.
        """


# This is the catch-all for future backend methods and inherits all the
# other interfaces as well so we can just use Backend for typing.
class Backend(
    CipherBackend,
    CMACBackend,
    DERSerializationBackend,
    DHBackend,
    DSABackend,
    EllipticCurveBackend,
    HashBackend,
    HMACBackend,
    PBKDF2HMACBackend,
    RSABackend,
    PEMSerializationBackend,
    ScryptBackend,
    X509Backend,
    metaclass=abc.ABCMeta,
):
    @abc.abstractmethod
    def load_pem_pkcs7_certificates(self, data):
        """
        Returns a list of x509.Certificate
        """

    @abc.abstractmethod
    def load_der_pkcs7_certificates(self, data):
        """
        Returns a list of x509.Certificate
        """

    @abc.abstractmethod
    def pkcs7_sign(self, builder, encoding, options):
        """
        Returns bytes
        """

    @abc.abstractmethod
    def load_key_and_certificates_from_pkcs12(self, data, password):
        """
        Returns a tuple of (key, cert, [certs])
        """

    @abc.abstractmethod
    def serialize_key_and_certificates_to_pkcs12(
        self, name, key, cert, cas, encryption_algorithm
    ):
        """
        Returns bytes
        """