1# This file is dual licensed under the terms of the Apache License, Version 
    2# 2.0, and the BSD License. See the LICENSE file in the root of this repository 
    3# for complete details. 
    4 
    5from __future__ import annotations 
    6 
    7 
    8def cryptography_has_set_cert_cb() -> list[str]: 
    9    return [ 
    10        "SSL_CTX_set_cert_cb", 
    11        "SSL_set_cert_cb", 
    12    ] 
    13 
    14 
    15def cryptography_has_ssl_st() -> list[str]: 
    16    return [ 
    17        "SSL_ST_BEFORE", 
    18        "SSL_ST_OK", 
    19        "SSL_ST_INIT", 
    20        "SSL_ST_RENEGOTIATE", 
    21    ] 
    22 
    23 
    24def cryptography_has_tls_st() -> list[str]: 
    25    return [ 
    26        "TLS_ST_BEFORE", 
    27        "TLS_ST_OK", 
    28    ] 
    29 
    30 
    31def cryptography_has_ssl_sigalgs() -> list[str]: 
    32    return [ 
    33        "SSL_CTX_set1_sigalgs_list", 
    34    ] 
    35 
    36 
    37def cryptography_has_psk() -> list[str]: 
    38    return [ 
    39        "SSL_CTX_use_psk_identity_hint", 
    40        "SSL_CTX_set_psk_server_callback", 
    41        "SSL_CTX_set_psk_client_callback", 
    42    ] 
    43 
    44 
    45def cryptography_has_psk_tlsv13() -> list[str]: 
    46    return [ 
    47        "SSL_CTX_set_psk_find_session_callback", 
    48        "SSL_CTX_set_psk_use_session_callback", 
    49        "Cryptography_SSL_SESSION_new", 
    50        "SSL_CIPHER_find", 
    51        "SSL_SESSION_set1_master_key", 
    52        "SSL_SESSION_set_cipher", 
    53        "SSL_SESSION_set_protocol_version", 
    54    ] 
    55 
    56 
    57def cryptography_has_custom_ext() -> list[str]: 
    58    return [ 
    59        "SSL_CTX_add_client_custom_ext", 
    60        "SSL_CTX_add_server_custom_ext", 
    61        "SSL_extension_supported", 
    62    ] 
    63 
    64 
    65def cryptography_has_tlsv13_functions() -> list[str]: 
    66    return [ 
    67        "SSL_CTX_set_ciphersuites", 
    68    ] 
    69 
    70 
    71def cryptography_has_tlsv13_hs_functions() -> list[str]: 
    72    return [ 
    73        "SSL_VERIFY_POST_HANDSHAKE", 
    74        "SSL_verify_client_post_handshake", 
    75        "SSL_CTX_set_post_handshake_auth", 
    76        "SSL_set_post_handshake_auth", 
    77        "SSL_SESSION_get_max_early_data", 
    78        "SSL_write_early_data", 
    79        "SSL_read_early_data", 
    80        "SSL_CTX_set_max_early_data", 
    81    ] 
    82 
    83 
    84def cryptography_has_ssl_verify_client_post_handshake() -> list[str]: 
    85    return [ 
    86        "SSL_verify_client_post_handshake", 
    87    ] 
    88 
    89 
    90def cryptography_has_engine() -> list[str]: 
    91    return [ 
    92        "ENGINE_by_id", 
    93        "ENGINE_init", 
    94        "ENGINE_finish", 
    95        "ENGINE_get_default_RAND", 
    96        "ENGINE_set_default_RAND", 
    97        "ENGINE_unregister_RAND", 
    98        "ENGINE_ctrl_cmd", 
    99        "ENGINE_free", 
    100        "ENGINE_get_name", 
    101        "ENGINE_ctrl_cmd_string", 
    102        "ENGINE_load_builtin_engines", 
    103        "ENGINE_load_private_key", 
    104        "ENGINE_load_public_key", 
    105        "SSL_CTX_set_client_cert_engine", 
    106    ] 
    107 
    108 
    109def cryptography_has_verified_chain() -> list[str]: 
    110    return [ 
    111        "SSL_get0_verified_chain", 
    112    ] 
    113 
    114 
    115def cryptography_has_srtp() -> list[str]: 
    116    return [ 
    117        "SSL_CTX_set_tlsext_use_srtp", 
    118        "SSL_set_tlsext_use_srtp", 
    119        "SSL_get_selected_srtp_profile", 
    120    ] 
    121 
    122 
    123def cryptography_has_op_no_renegotiation() -> list[str]: 
    124    return [ 
    125        "SSL_OP_NO_RENEGOTIATION", 
    126    ] 
    127 
    128 
    129def cryptography_has_dtls_get_data_mtu() -> list[str]: 
    130    return [ 
    131        "DTLS_get_data_mtu", 
    132    ] 
    133 
    134 
    135def cryptography_has_ssl_cookie() -> list[str]: 
    136    return [ 
    137        "SSL_OP_COOKIE_EXCHANGE", 
    138        "DTLSv1_listen", 
    139        "SSL_CTX_set_cookie_generate_cb", 
    140        "SSL_CTX_set_cookie_verify_cb", 
    141    ] 
    142 
    143 
    144def cryptography_has_prime_checks() -> list[str]: 
    145    return [ 
    146        "BN_prime_checks_for_size", 
    147    ] 
    148 
    149 
    150def cryptography_has_unexpected_eof_while_reading() -> list[str]: 
    151    return ["SSL_R_UNEXPECTED_EOF_WHILE_READING"] 
    152 
    153 
    154def cryptography_has_ssl_op_ignore_unexpected_eof() -> list[str]: 
    155    return [ 
    156        "SSL_OP_IGNORE_UNEXPECTED_EOF", 
    157    ] 
    158 
    159 
    160def cryptography_has_get_extms_support() -> list[str]: 
    161    return ["SSL_get_extms_support"] 
    162 
    163 
    164def cryptography_has_ssl_get0_group_name() -> list[str]: 
    165    return ["SSL_get0_group_name"] 
    166 
    167 
    168# This is a mapping of 
    169# {condition: function-returning-names-dependent-on-that-condition} so we can 
    170# loop over them and delete unsupported names at runtime. It will be removed 
    171# when cffi supports #if in cdef. We use functions instead of just a dict of 
    172# lists so we can use coverage to measure which are used. 
    173CONDITIONAL_NAMES = { 
    174    "Cryptography_HAS_SET_CERT_CB": cryptography_has_set_cert_cb, 
    175    "Cryptography_HAS_SSL_ST": cryptography_has_ssl_st, 
    176    "Cryptography_HAS_TLS_ST": cryptography_has_tls_st, 
    177    "Cryptography_HAS_SIGALGS": cryptography_has_ssl_sigalgs, 
    178    "Cryptography_HAS_PSK": cryptography_has_psk, 
    179    "Cryptography_HAS_PSK_TLSv1_3": cryptography_has_psk_tlsv13, 
    180    "Cryptography_HAS_CUSTOM_EXT": cryptography_has_custom_ext, 
    181    "Cryptography_HAS_TLSv1_3_FUNCTIONS": cryptography_has_tlsv13_functions, 
    182    "Cryptography_HAS_TLSv1_3_HS_FUNCTIONS": ( 
    183        cryptography_has_tlsv13_hs_functions 
    184    ), 
    185    "Cryptography_HAS_SSL_VERIFY_CLIENT_POST_HANDSHAKE": ( 
    186        cryptography_has_ssl_verify_client_post_handshake 
    187    ), 
    188    "Cryptography_HAS_ENGINE": cryptography_has_engine, 
    189    "Cryptography_HAS_VERIFIED_CHAIN": cryptography_has_verified_chain, 
    190    "Cryptography_HAS_SRTP": cryptography_has_srtp, 
    191    "Cryptography_HAS_OP_NO_RENEGOTIATION": ( 
    192        cryptography_has_op_no_renegotiation 
    193    ), 
    194    "Cryptography_HAS_DTLS_GET_DATA_MTU": cryptography_has_dtls_get_data_mtu, 
    195    "Cryptography_HAS_SSL_COOKIE": cryptography_has_ssl_cookie, 
    196    "Cryptography_HAS_PRIME_CHECKS": cryptography_has_prime_checks, 
    197    "Cryptography_HAS_UNEXPECTED_EOF_WHILE_READING": ( 
    198        cryptography_has_unexpected_eof_while_reading 
    199    ), 
    200    "Cryptography_HAS_SSL_OP_IGNORE_UNEXPECTED_EOF": ( 
    201        cryptography_has_ssl_op_ignore_unexpected_eof 
    202    ), 
    203    "Cryptography_HAS_GET_EXTMS_SUPPORT": cryptography_has_get_extms_support, 
    204    "Cryptography_HAS_SSL_GET0_GROUP_NAME": ( 
    205        cryptography_has_ssl_get0_group_name 
    206    ), 
    207}