Merge pull request #1666 from reaperhulk/move-asym-interfaces

move asymmetric signature/verification interfaces

12 files changed, 122 insertions, 74 deletions

diff --git a/CHANGELOG.rst b/CHANGELOG.rst
index 87e7f39a..6439a4c8 100644
--- a/CHANGELOG.rst
+++ b/CHANGELOG.rst
@@ -34,6 +34,12 @@ Changelog
   :class:`~cryptography.hazmat.primitives.asymmetric.padding.AsymmetricPadding`
   was moved from :mod:`~cryptography.hazmat.primitives.interfaces` to
   :mod:`~cryptography.hazmat.primitives.asymmetric.padding`.
+*
+  :class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricSignatureContext`
+  and
+  :class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricVerificationContext`
+  were moved from :mod:`~cryptography.hazmat.primitives.interfaces` to
+  :mod:`~cryptography.hazmat.primitives.asymmetric`.
 * :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParameters`,
   :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParametersWithNumbers`,
   :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`,
diff --git a/docs/hazmat/primitives/asymmetric/dsa.rst b/docs/hazmat/primitives/asymmetric/dsa.rst
index 36bc801f..3a47da45 100644
--- a/docs/hazmat/primitives/asymmetric/dsa.rst
+++ b/docs/hazmat/primitives/asymmetric/dsa.rst
@@ -275,7 +275,7 @@ Key interfaces
             provider.
 
         :returns:
-            :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricSignatureContext`
+            :class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricSignatureContext`
 
     .. attribute:: key_size
 
@@ -338,7 +338,7 @@ Key interfaces
             provider.
 
         :returns:
-            :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricVerificationContext`
+            :class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricVerificationContext`
 
 
 .. class:: DSAPublicKeyWithNumbers
diff --git a/docs/hazmat/primitives/asymmetric/ec.rst b/docs/hazmat/primitives/asymmetric/ec.rst
index 5b114710..f55247c3 100644
--- a/docs/hazmat/primitives/asymmetric/ec.rst
+++ b/docs/hazmat/primitives/asymmetric/ec.rst
@@ -304,7 +304,7 @@ Key Interfaces
             :class:`EllipticCurveSignatureAlgorithm` provider.
 
         :returns:
-            :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricSignatureContext`
+            :class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricSignatureContext`
 
     .. method:: public_key()
 
@@ -344,7 +344,7 @@ Key Interfaces
             :class:`EllipticCurveSignatureAlgorithm` provider.
 
         :returns:
-            :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricSignatureContext`
+            :class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricVerificationContext`
 
      .. attribute:: curve
 
diff --git a/docs/hazmat/primitives/asymmetric/index.rst b/docs/hazmat/primitives/asymmetric/index.rst
index 43761fde..59f00c5d 100644
--- a/docs/hazmat/primitives/asymmetric/index.rst
+++ b/docs/hazmat/primitives/asymmetric/index.rst
@@ -30,6 +30,8 @@ and Elliptic Curve.
     ec
     rsa
     serialization
+    interfaces
     utils
 
+
 .. _`proof of identity`: https://en.wikipedia.org/wiki/Public-key_infrastructure
diff --git a/docs/hazmat/primitives/asymmetric/interfaces.rst b/docs/hazmat/primitives/asymmetric/interfaces.rst
new file mode 100644
index 00000000..4932faa5
--- /dev/null
+++ b/docs/hazmat/primitives/asymmetric/interfaces.rst
@@ -0,0 +1,33 @@
+.. hazmat::
+
+.. module:: cryptography.hazmat.primitives.asymmetric
+
+Signature Interfaces
+====================
+
+.. class:: AsymmetricSignatureContext
+
+    .. versionadded:: 0.2
+
+    .. method:: update(data)
+
+        :param bytes data: The data you want to sign.
+
+    .. method:: finalize()
+
+        :return bytes signature: The signature.
+
+
+.. class:: AsymmetricVerificationContext
+
+    .. versionadded:: 0.2
+
+    .. method:: update(data)
+
+        :param bytes data: The data you wish to verify using the signature.
+
+    .. method:: verify()
+
+        :raises cryptography.exceptions.InvalidSignature: If the signature does
+            not validate.
+
diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst
index 19b716e6..fd97d75b 100644
--- a/docs/hazmat/primitives/asymmetric/rsa.rst
+++ b/docs/hazmat/primitives/asymmetric/rsa.rst
@@ -439,7 +439,7 @@ Key interfaces
             provider.
 
         :returns:
-            :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricSignatureContext`
+            :class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricSignatureContext`
 
     .. method:: decrypt(ciphertext, padding)
 
@@ -509,7 +509,7 @@ Key interfaces
             provider.
 
         :returns:
-            :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricVerificationContext`
+            :class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricVerificationContext`
 
     .. method:: encrypt(plaintext, padding)
 
diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst
index 2d403525..6029d1a9 100644
--- a/docs/hazmat/primitives/interfaces.rst
+++ b/docs/hazmat/primitives/interfaces.rst
@@ -17,32 +17,8 @@ to document argument and return types.
 Asymmetric interfaces
 ---------------------
 
-.. class:: AsymmetricSignatureContext
-
-    .. versionadded:: 0.2
-
-    .. method:: update(data)
-
-        :param bytes data: The data you want to sign.
-
-    .. method:: finalize()
-
-        :return bytes signature: The signature.
-
-
-.. class:: AsymmetricVerificationContext
-
-    .. versionadded:: 0.2
-
-    .. method:: update(data)
-
-        :param bytes data: The data you wish to verify using the signature.
-
-    .. method:: verify()
-
-        :raises cryptography.exceptions.InvalidSignature: If the signature does
-            not validate.
-
+In 0.8 the asymmetric signature and verification interfaces were moved to the
+:mod:`cryptography.hazmat.primitives.asymmetric` module.
 
 In 0.8 the asymmetric padding interface was moved to the
 :mod:`cryptography.hazmat.primitives.asymmetric.padding` module.
diff --git a/src/cryptography/hazmat/backends/openssl/dsa.py b/src/cryptography/hazmat/backends/openssl/dsa.py
index 9488e260..d2972e4a 100644
--- a/src/cryptography/hazmat/backends/openssl/dsa.py
+++ b/src/cryptography/hazmat/backends/openssl/dsa.py
@@ -7,8 +7,10 @@ from __future__ import absolute_import, division, print_function
 from cryptography import utils
 from cryptography.exceptions import InvalidSignature
 from cryptography.hazmat.backends.openssl.utils import _truncate_digest
-from cryptography.hazmat.primitives import hashes, interfaces
-from cryptography.hazmat.primitives.asymmetric import dsa
+from cryptography.hazmat.primitives import hashes
+from cryptography.hazmat.primitives.asymmetric import (
+    AsymmetricSignatureContext, AsymmetricVerificationContext, dsa
+)
 from cryptography.hazmat.primitives.interfaces import (
     DSAParametersWithNumbers, DSAPrivateKeyWithNumbers, DSAPublicKeyWithNumbers
 )
@@ -27,7 +29,7 @@ def _truncate_digest_for_dsa(dsa_cdata, digest, backend):
     return _truncate_digest(digest, order_bits)
 
 
-@utils.register_interface(interfaces.AsymmetricVerificationContext)
+@utils.register_interface(AsymmetricVerificationContext)
 class _DSAVerificationContext(object):
     def __init__(self, backend, public_key, signature, algorithm):
         self._backend = backend
@@ -61,7 +63,7 @@ class _DSAVerificationContext(object):
             raise InvalidSignature
 
 
-@utils.register_interface(interfaces.AsymmetricSignatureContext)
+@utils.register_interface(AsymmetricSignatureContext)
 class _DSASignatureContext(object):
     def __init__(self, backend, private_key, algorithm):
         self._backend = backend
diff --git a/src/cryptography/hazmat/backends/openssl/ec.py b/src/cryptography/hazmat/backends/openssl/ec.py
index d050c6b2..52c93da9 100644
--- a/src/cryptography/hazmat/backends/openssl/ec.py
+++ b/src/cryptography/hazmat/backends/openssl/ec.py
@@ -9,8 +9,10 @@ from cryptography.exceptions import (
     InvalidSignature, UnsupportedAlgorithm, _Reasons
 )
 from cryptography.hazmat.backends.openssl.utils import _truncate_digest
-from cryptography.hazmat.primitives import hashes, interfaces
-from cryptography.hazmat.primitives.asymmetric import ec
+from cryptography.hazmat.primitives import hashes
+from cryptography.hazmat.primitives.asymmetric import (
+    AsymmetricSignatureContext, AsymmetricVerificationContext, ec
+)
 
 
 def _truncate_digest_for_ecdsa(ec_key_cdata, digest, backend):
@@ -80,7 +82,7 @@ def _sn_to_elliptic_curve(backend, sn):
         )
 
 
-@utils.register_interface(interfaces.AsymmetricSignatureContext)
+@utils.register_interface(AsymmetricSignatureContext)
 class _ECDSASignatureContext(object):
     def __init__(self, backend, private_key, algorithm):
         self._backend = backend
@@ -114,7 +116,7 @@ class _ECDSASignatureContext(object):
         return self._backend._ffi.buffer(sigbuf)[:siglen_ptr[0]]
 
 
-@utils.register_interface(interfaces.AsymmetricVerificationContext)
+@utils.register_interface(AsymmetricVerificationContext)
 class _ECDSAVerificationContext(object):
     def __init__(self, backend, public_key, signature, algorithm):
         self._backend = backend
diff --git a/src/cryptography/hazmat/backends/openssl/rsa.py b/src/cryptography/hazmat/backends/openssl/rsa.py
index a4bb283d..00ddcda3 100644
--- a/src/cryptography/hazmat/backends/openssl/rsa.py
+++ b/src/cryptography/hazmat/backends/openssl/rsa.py
@@ -10,8 +10,10 @@ from cryptography import utils
 from cryptography.exceptions import (
     AlreadyFinalized, InvalidSignature, UnsupportedAlgorithm, _Reasons
 )
-from cryptography.hazmat.primitives import hashes, interfaces
-from cryptography.hazmat.primitives.asymmetric import rsa
+from cryptography.hazmat.primitives import hashes
+from cryptography.hazmat.primitives.asymmetric import (
+    AsymmetricSignatureContext, AsymmetricVerificationContext, rsa
+)
 from cryptography.hazmat.primitives.asymmetric.padding import (
     AsymmetricPadding, MGF1, OAEP, PKCS1v15, PSS
 )
@@ -144,7 +146,7 @@ def _handle_rsa_enc_dec_error(backend, key):
         raise ValueError("Decryption failed.")
 
 
-@utils.register_interface(interfaces.AsymmetricSignatureContext)
+@utils.register_interface(AsymmetricSignatureContext)
 class _RSASignatureContext(object):
     def __init__(self, backend, private_key, padding, algorithm):
         self._backend = backend
@@ -331,7 +333,7 @@ class _RSASignatureContext(object):
         return self._backend._ffi.buffer(sig_buf)[:sig_len]
 
 
-@utils.register_interface(interfaces.AsymmetricVerificationContext)
+@utils.register_interface(AsymmetricVerificationContext)
 class _RSAVerificationContext(object):
     def __init__(self, backend, public_key, signature, padding, algorithm):
         self._backend = backend
diff --git a/src/cryptography/hazmat/primitives/asymmetric/__init__.py b/src/cryptography/hazmat/primitives/asymmetric/__init__.py
index 4b540884..494a7a13 100644
--- a/src/cryptography/hazmat/primitives/asymmetric/__init__.py
+++ b/src/cryptography/hazmat/primitives/asymmetric/__init__.py
@@ -3,3 +3,38 @@
 # for complete details.
 
 from __future__ import absolute_import, division, print_function
+
+import abc
+
+import six
+
+
+@six.add_metaclass(abc.ABCMeta)
+class AsymmetricSignatureContext(object):
+    @abc.abstractmethod
+    def update(self, data):
+        """
+        Processes the provided bytes and returns nothing.
+        """
+
+    @abc.abstractmethod
+    def finalize(self):
+        """
+        Returns the signature as bytes.
+        """
+
+
+@six.add_metaclass(abc.ABCMeta)
+class AsymmetricVerificationContext(object):
+    @abc.abstractmethod
+    def update(self, data):
+        """
+        Processes the provided bytes and returns nothing.
+        """
+
+    @abc.abstractmethod
+    def verify(self):
+        """
+        Raises an exception if the bytes provided to update do not match the
+        signature or the signature does not match the public key.
+        """
diff --git a/src/cryptography/hazmat/primitives/interfaces/__init__.py b/src/cryptography/hazmat/primitives/interfaces/__init__.py
index 75426aa8..acd56458 100644
--- a/src/cryptography/hazmat/primitives/interfaces/__init__.py
+++ b/src/cryptography/hazmat/primitives/interfaces/__init__.py
@@ -11,7 +11,8 @@ import six
 from cryptography import utils
 from cryptography.hazmat.primitives import ciphers, hashes
 from cryptography.hazmat.primitives.asymmetric import (
-    dsa, ec, padding, rsa
+    AsymmetricSignatureContext, AsymmetricVerificationContext, dsa, ec,
+    padding, rsa
 )
 from cryptography.hazmat.primitives.ciphers import modes
 from cryptography.hazmat.primitives.padding import PaddingContext
@@ -326,36 +327,25 @@ AsymmetricPadding = utils.deprecated(
     utils.DeprecatedIn08
 )
 
+AsymmetricSignatureContext = utils.deprecated(
+    AsymmetricSignatureContext,
+    __name__,
+    (
+        "The AsymmetricPadding interface has moved to the "
+        "cryptography.hazmat.primitives.asymmetric module"
+    ),
+    utils.DeprecatedIn08
+)
 
-@six.add_metaclass(abc.ABCMeta)
-class AsymmetricSignatureContext(object):
-    @abc.abstractmethod
-    def update(self, data):
-        """
-        Processes the provided bytes and returns nothing.
-        """
-
-    @abc.abstractmethod
-    def finalize(self):
-        """
-        Returns the signature as bytes.
-        """
-
-
-@six.add_metaclass(abc.ABCMeta)
-class AsymmetricVerificationContext(object):
-    @abc.abstractmethod
-    def update(self, data):
-        """
-        Processes the provided bytes and returns nothing.
-        """
-
-    @abc.abstractmethod
-    def verify(self):
-        """
-        Raises an exception if the bytes provided to update do not match the
-        signature or the signature does not match the public key.
-        """
+AsymmetricVerificationContext = utils.deprecated(
+    AsymmetricVerificationContext,
+    __name__,
+    (
+        "The AsymmetricVerificationContext interface has moved to the "
+        "cryptography.hazmat.primitives.asymmetric module"
+    ),
+    utils.DeprecatedIn08
+)
 
 
 @six.add_metaclass(abc.ABCMeta)