Coverage for /pythoncovmergedfiles/medio/medio/usr/local/lib/python3.8/site-packages/cryptography/hazmat/bindings/openssl/_conditional.py: 55%

Shortcuts on this page

r m x   toggle line displays

j k   next/prev highlighted chunk

0   (zero) top of page

1   (one) first highlighted chunk

38 statements  

1# This file is dual licensed under the terms of the Apache License, Version 

2# 2.0, and the BSD License. See the LICENSE file in the root of this repository 

3# for complete details. 

4 

5from __future__ import annotations 

6 

7 

8def cryptography_has_set_cert_cb() -> list[str]: 

9 return [ 

10 "SSL_CTX_set_cert_cb", 

11 "SSL_set_cert_cb", 

12 ] 

13 

14 

15def cryptography_has_ssl_st() -> list[str]: 

16 return [ 

17 "SSL_ST_BEFORE", 

18 "SSL_ST_OK", 

19 "SSL_ST_INIT", 

20 "SSL_ST_RENEGOTIATE", 

21 ] 

22 

23 

24def cryptography_has_tls_st() -> list[str]: 

25 return [ 

26 "TLS_ST_BEFORE", 

27 "TLS_ST_OK", 

28 ] 

29 

30 

31def cryptography_has_ssl_sigalgs() -> list[str]: 

32 return [ 

33 "SSL_CTX_set1_sigalgs_list", 

34 ] 

35 

36 

37def cryptography_has_psk() -> list[str]: 

38 return [ 

39 "SSL_CTX_use_psk_identity_hint", 

40 "SSL_CTX_set_psk_server_callback", 

41 "SSL_CTX_set_psk_client_callback", 

42 ] 

43 

44 

45def cryptography_has_psk_tlsv13() -> list[str]: 

46 return [ 

47 "SSL_CTX_set_psk_find_session_callback", 

48 "SSL_CTX_set_psk_use_session_callback", 

49 "Cryptography_SSL_SESSION_new", 

50 "SSL_CIPHER_find", 

51 "SSL_SESSION_set1_master_key", 

52 "SSL_SESSION_set_cipher", 

53 "SSL_SESSION_set_protocol_version", 

54 ] 

55 

56 

57def cryptography_has_custom_ext() -> list[str]: 

58 return [ 

59 "SSL_CTX_add_client_custom_ext", 

60 "SSL_CTX_add_server_custom_ext", 

61 "SSL_extension_supported", 

62 ] 

63 

64 

65def cryptography_has_tlsv13_functions() -> list[str]: 

66 return [ 

67 "SSL_VERIFY_POST_HANDSHAKE", 

68 "SSL_CTX_set_ciphersuites", 

69 "SSL_verify_client_post_handshake", 

70 "SSL_CTX_set_post_handshake_auth", 

71 "SSL_set_post_handshake_auth", 

72 "SSL_SESSION_get_max_early_data", 

73 "SSL_write_early_data", 

74 "SSL_read_early_data", 

75 "SSL_CTX_set_max_early_data", 

76 ] 

77 

78 

79def cryptography_has_engine() -> list[str]: 

80 return [ 

81 "ENGINE_by_id", 

82 "ENGINE_init", 

83 "ENGINE_finish", 

84 "ENGINE_get_default_RAND", 

85 "ENGINE_set_default_RAND", 

86 "ENGINE_unregister_RAND", 

87 "ENGINE_ctrl_cmd", 

88 "ENGINE_free", 

89 "ENGINE_get_name", 

90 "ENGINE_ctrl_cmd_string", 

91 "ENGINE_load_builtin_engines", 

92 "ENGINE_load_private_key", 

93 "ENGINE_load_public_key", 

94 "SSL_CTX_set_client_cert_engine", 

95 ] 

96 

97 

98def cryptography_has_verified_chain() -> list[str]: 

99 return [ 

100 "SSL_get0_verified_chain", 

101 ] 

102 

103 

104def cryptography_has_srtp() -> list[str]: 

105 return [ 

106 "SSL_CTX_set_tlsext_use_srtp", 

107 "SSL_set_tlsext_use_srtp", 

108 "SSL_get_selected_srtp_profile", 

109 ] 

110 

111 

112def cryptography_has_op_no_renegotiation() -> list[str]: 

113 return [ 

114 "SSL_OP_NO_RENEGOTIATION", 

115 ] 

116 

117 

118def cryptography_has_dtls_get_data_mtu() -> list[str]: 

119 return [ 

120 "DTLS_get_data_mtu", 

121 ] 

122 

123 

124def cryptography_has_ssl_cookie() -> list[str]: 

125 return [ 

126 "SSL_OP_COOKIE_EXCHANGE", 

127 "DTLSv1_listen", 

128 "SSL_CTX_set_cookie_generate_cb", 

129 "SSL_CTX_set_cookie_verify_cb", 

130 ] 

131 

132 

133def cryptography_has_prime_checks() -> list[str]: 

134 return [ 

135 "BN_prime_checks_for_size", 

136 ] 

137 

138 

139def cryptography_has_unexpected_eof_while_reading() -> list[str]: 

140 return ["SSL_R_UNEXPECTED_EOF_WHILE_READING"] 

141 

142 

143def cryptography_has_ssl_op_ignore_unexpected_eof() -> list[str]: 

144 return [ 

145 "SSL_OP_IGNORE_UNEXPECTED_EOF", 

146 ] 

147 

148 

149def cryptography_has_get_extms_support() -> list[str]: 

150 return ["SSL_get_extms_support"] 

151 

152 

153# This is a mapping of 

154# {condition: function-returning-names-dependent-on-that-condition} so we can 

155# loop over them and delete unsupported names at runtime. It will be removed 

156# when cffi supports #if in cdef. We use functions instead of just a dict of 

157# lists so we can use coverage to measure which are used. 

158CONDITIONAL_NAMES = { 

159 "Cryptography_HAS_SET_CERT_CB": cryptography_has_set_cert_cb, 

160 "Cryptography_HAS_SSL_ST": cryptography_has_ssl_st, 

161 "Cryptography_HAS_TLS_ST": cryptography_has_tls_st, 

162 "Cryptography_HAS_SIGALGS": cryptography_has_ssl_sigalgs, 

163 "Cryptography_HAS_PSK": cryptography_has_psk, 

164 "Cryptography_HAS_PSK_TLSv1_3": cryptography_has_psk_tlsv13, 

165 "Cryptography_HAS_CUSTOM_EXT": cryptography_has_custom_ext, 

166 "Cryptography_HAS_TLSv1_3_FUNCTIONS": cryptography_has_tlsv13_functions, 

167 "Cryptography_HAS_ENGINE": cryptography_has_engine, 

168 "Cryptography_HAS_VERIFIED_CHAIN": cryptography_has_verified_chain, 

169 "Cryptography_HAS_SRTP": cryptography_has_srtp, 

170 "Cryptography_HAS_OP_NO_RENEGOTIATION": ( 

171 cryptography_has_op_no_renegotiation 

172 ), 

173 "Cryptography_HAS_DTLS_GET_DATA_MTU": cryptography_has_dtls_get_data_mtu, 

174 "Cryptography_HAS_SSL_COOKIE": cryptography_has_ssl_cookie, 

175 "Cryptography_HAS_PRIME_CHECKS": cryptography_has_prime_checks, 

176 "Cryptography_HAS_UNEXPECTED_EOF_WHILE_READING": ( 

177 cryptography_has_unexpected_eof_while_reading 

178 ), 

179 "Cryptography_HAS_SSL_OP_IGNORE_UNEXPECTED_EOF": ( 

180 cryptography_has_ssl_op_ignore_unexpected_eof 

181 ), 

182 "Cryptography_HAS_GET_EXTMS_SUPPORT": cryptography_has_get_extms_support, 

183}