| David Reid | 30722b9 | 2013-11-07 13:03:39 -0800 | [diff] [blame] | 1 | .. hazmat:: |
| 2 | |
| 3 | Interfaces |
| 4 | ========== |
| 5 | |
| 6 | |
| 7 | ``cryptography`` uses `Abstract Base Classes`_ as interfaces to describe the |
| David Reid | bd18bcd | 2013-11-07 13:13:30 -0800 | [diff] [blame] | 8 | properties and methods of most primitive constructs. Backends may also use |
| 9 | this information to influence their operation. Interfaces should also be used |
| David Reid | 30722b9 | 2013-11-07 13:03:39 -0800 | [diff] [blame] | 10 | to document argument and return types. |
| 11 | |
| David Reid | 9ed25e4 | 2013-11-07 13:15:27 -0800 | [diff] [blame] | 12 | .. _`Abstract Base Classes`: http://docs.python.org/3.2/library/abc.html |
| David Reid | 30722b9 | 2013-11-07 13:03:39 -0800 | [diff] [blame] | 13 | |
| 14 | |
| David Reid | 0a394df | 2013-11-15 16:19:50 -0800 | [diff] [blame] | 15 | Symmetric Ciphers |
| 16 | ~~~~~~~~~~~~~~~~~ |
| David Reid | 30722b9 | 2013-11-07 13:03:39 -0800 | [diff] [blame] | 17 | |
| 18 | .. currentmodule:: cryptography.hazmat.primitives.interfaces |
| 19 | |
| David Reid | 0a394df | 2013-11-15 16:19:50 -0800 | [diff] [blame] | 20 | |
| 21 | .. class:: CipherAlgorithm |
| 22 | |
| 23 | A named symmetric encryption algorithm. |
| 24 | |
| 25 | .. attribute:: name |
| 26 | |
| 27 | :type: str |
| 28 | |
| 29 | The standard name for the mode, for example, "AES", "Camellia", or |
| 30 | "Blowfish". |
| 31 | |
| 32 | .. attribute:: key_size |
| 33 | |
| 34 | :type: int |
| 35 | |
| 36 | The number of bits in the key being used. |
| 37 | |
| 38 | |
| 39 | Cipher Modes |
| 40 | ------------ |
| 41 | |
| David Reid | 30722b9 | 2013-11-07 13:03:39 -0800 | [diff] [blame] | 42 | Interfaces used by the symmetric cipher modes described in |
| 43 | :ref:`Symmetric Encryption Modes <symmetric-encryption-modes>`. |
| 44 | |
| 45 | .. class:: Mode |
| 46 | |
| 47 | A named cipher mode. |
| 48 | |
| 49 | .. attribute:: name |
| 50 | |
| 51 | :type: str |
| 52 | |
| 53 | This should be the standard shorthand name for the mode, for example |
| 54 | Cipher-Block Chaining mode is "CBC". |
| 55 | |
| 56 | The name may be used by a backend to influence the operation of a |
| 57 | cipher in conjunction with the algorithm's name. |
| 58 | |
| Alex Gaynor | 9626b5a | 2013-11-19 16:49:26 -0800 | [diff] [blame^] | 59 | .. method:: validate_for_algorithm(algorithm) |
| 60 | |
| 61 | :param CipherAlgorithm algorithm: |
| 62 | |
| 63 | Checks that the combination of this mode with the provided algorithm |
| 64 | meets any necessary invariants. This should raise an exception if they |
| 65 | are not met. |
| 66 | |
| 67 | For example, the :class:`~cryptography.hazmat.primitives.modes.CBC` |
| 68 | mode uses this method to check that the provided initialization |
| 69 | vector's length matches the block size of the algorithm. |
| 70 | |
| David Reid | 30722b9 | 2013-11-07 13:03:39 -0800 | [diff] [blame] | 71 | |
| 72 | .. class:: ModeWithInitializationVector |
| 73 | |
| 74 | A cipher mode with an initialization vector. |
| 75 | |
| 76 | .. attribute:: initialization_vector |
| 77 | |
| 78 | :type: bytes |
| 79 | |
| 80 | Exact requirements of the initialization are described by the |
| 81 | documentation of individual modes. |
| 82 | |
| 83 | |
| 84 | .. class:: ModeWithNonce |
| 85 | |
| 86 | A cipher mode with a nonce. |
| 87 | |
| 88 | .. attribute:: nonce |
| 89 | |
| 90 | :type: bytes |
| 91 | |
| 92 | Exact requirements of the nonce are described by the documentation of |
| 93 | individual modes. |