stop using backend methods for chacha (#3765)

src/cryptography/hazmat/backends/openssl/aead.py

@@ -11,6 +11,15 @@ _ENCRYPT = 1
 _DECRYPT = 0
 
 
+def _aead_cipher_name(cls, key_length):
+    from cryptography.hazmat.primitives.ciphers.aead import (
+        ChaCha20Poly1305
+    )
+    assert cls is ChaCha20Poly1305
+    assert key_length == 32 or key_length is None
+    return b"chacha20-poly1305"
+
+
 def _aead_setup(backend, cipher_name, key, nonce, tag, tag_len, operation):
     evp_cipher = backend._lib.EVP_get_cipherbyname(cipher_name)
     backend.openssl_assert(evp_cipher != backend._ffi.NULL)
@@ -69,8 +78,9 @@ def _process_data(backend, ctx, data):
     return backend._ffi.buffer(buf, outlen[0])[:]
 
 
-def _encrypt(backend, cipher_name, key, nonce, data, associated_data,
+def _encrypt(backend, cipher_cls, key, nonce, data, associated_data,
              tag_length):
+    cipher_name = _aead_cipher_name(cipher_cls, len(key))
     ctx = _aead_setup(
         backend, cipher_name, key, nonce, None, tag_length, _ENCRYPT
     )
@@ -91,12 +101,13 @@ def _encrypt(backend, cipher_name, key, nonce, data, associated_data,
     return processed_data + tag
 
 
-def _decrypt(backend, cipher_name, key, nonce, data, associated_data,
+def _decrypt(backend, cipher_cls, key, nonce, data, associated_data,
              tag_length):
     if len(data) < tag_length:
         raise InvalidTag
     tag = data[-tag_length:]
     data = data[:-tag_length]
+    cipher_name = _aead_cipher_name(cipher_cls, len(key))
     ctx = _aead_setup(
         backend, cipher_name, key, nonce, tag, tag_length, _DECRYPT
     )

src/cryptography/hazmat/backends/openssl/backend.py

@@ -1924,24 +1924,10 @@ class Backend(object):
         self.openssl_assert(res == 1)
         return self._ffi.buffer(buf)[:]
 
-    def chacha20poly1305_encrypt(self, key, nonce, data, associated_data):
-        return aead._encrypt(
-            self, b"chacha20-poly1305", key, nonce, data, associated_data, 16
-        )
-
-    def chacha20poly1305_decrypt(self, key, nonce, data, associated_data):
-        return aead._decrypt(
-            self, b"chacha20-poly1305", key, nonce, data, associated_data, 16
-        )
-
     def aead_cipher_supported(self, cls):
-        from cryptography.hazmat.primitives.ciphers.aead import (
-            ChaCha20Poly1305
-        )
-        assert cls is ChaCha20Poly1305
+        cipher_name = aead._aead_cipher_name(cls, None)
         return (
-            self._lib.EVP_get_cipherbyname(b"chacha20-poly1305") !=
-            self._ffi.NULL
+            self._lib.EVP_get_cipherbyname(cipher_name) != self._ffi.NULL
         )
 
 

src/cryptography/hazmat/primitives/ciphers/aead.py

@@ -7,6 +7,7 @@ from __future__ import absolute_import, division, print_function
 import os
 
 from cryptography import exceptions, utils
+from cryptography.hazmat.backends.openssl import aead
 from cryptography.hazmat.backends.openssl.backend import backend
 
 
@@ -33,8 +34,8 @@ class ChaCha20Poly1305(object):
             associated_data = b""
 
         self._check_params(nonce, data, associated_data)
-        return backend.chacha20poly1305_encrypt(
-            self._key, nonce, data, associated_data
+        return aead._encrypt(
+            backend, type(self), self._key, nonce, data, associated_data, 16
         )
 
     def decrypt(self, nonce, data, associated_data):
@@ -42,8 +43,8 @@ class ChaCha20Poly1305(object):
             associated_data = b""
 
         self._check_params(nonce, data, associated_data)
-        return backend.chacha20poly1305_decrypt(
-            self._key, nonce, data, associated_data
+        return aead._decrypt(
+            backend, type(self), self._key, nonce, data, associated_data, 16
         )
 
     def _check_params(self, nonce, data, associated_data):