diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-12-18 13:46:51 -0600 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-12-18 13:46:51 -0600 |
| commit | 60657bbd2907e5116fac176079a3da31b2c56d3c (patch) | |
| tree | a8954344e2ede283fe6433e6b93b5773dfe2a09b | |
| parent | 9cde70ae840685f2bae6173b6beb192ae3866dc3 (diff) | |
| download | cryptography-60657bbd2907e5116fac176079a3da31b2c56d3c.tar.gz cryptography-60657bbd2907e5116fac176079a3da31b2c56d3c.tar.bz2 cryptography-60657bbd2907e5116fac176079a3da31b2c56d3c.zip | |
remove fully deprecated items from 0.6 deprecation cycle
| -rw-r--r-- | docs/hazmat/backends/interfaces.rst | 45 | ||||
| -rw-r--r-- | src/cryptography/hazmat/backends/interfaces.py | 20 | ||||
| -rw-r--r-- | src/cryptography/hazmat/backends/multibackend.py | 63 | ||||
| -rw-r--r-- | src/cryptography/hazmat/backends/openssl/backend.py | 45 | ||||
| -rw-r--r-- | src/cryptography/hazmat/primitives/serialization.py | 26 | ||||
| -rw-r--r-- | src/cryptography/utils.py | 3 | ||||
| -rw-r--r-- | tests/hazmat/backends/test_multibackend.py | 88 | ||||
| -rw-r--r-- | tests/hazmat/backends/test_openssl.py | 44 |
8 files changed, 8 insertions, 326 deletions
diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst index e4c43d9e..8620d9a7 100644 --- a/docs/hazmat/backends/interfaces.rst +++ b/docs/hazmat/backends/interfaces.rst @@ -468,51 +468,6 @@ A specific ``backend`` may provide one or more of these interfaces. serialized data contains. :raises ValueError: If the data could not be deserialized. -.. class:: TraditionalOpenSSLSerializationBackend - - .. versionadded:: 0.3 - - A backend with methods for working with OpenSSL's "traditional" PKCS #1 - style key serialization. - - .. method:: load_openssl_pem_private_key(data, password) - - :param bytes data: PEM data to deserialize. - - :param bytes password: The password to use if this data is encrypted. - Should be None if the data is not encrypted. - - :return: A new instance of the appropriate type of private key that the - serialized data contains. - - :raises ValueError: If the data could not be deserialized correctly. - - :raises cryptography.exceptions.UnsupportedAlgorithm: If the data is - encrypted with an unsupported algorithm. - - -.. class:: PKCS8SerializationBackend - - .. versionadded:: 0.5 - - A backend with methods for working with PKCS #8 key serialization. - - .. method:: load_pkcs8_pem_private_key(data, password) - - :param bytes data: PEM data to deserialize. - - :param bytes password: The password to use if this data is encrypted. - Should be None if the data is not encrypted. - - :return: A new instance of the appropriate private key or public key - that the serialized data contains. - - :raises ValueError: If the data could not be deserialized correctly. - - :raises cryptography.exceptions.UnsupportedAlgorithm: If the data is - encrypted with an unsupported algorithm. - - .. class:: X509Backend .. versionadded:: 0.7 diff --git a/src/cryptography/hazmat/backends/interfaces.py b/src/cryptography/hazmat/backends/interfaces.py index 8fc78309..4dc879ac 100644 --- a/src/cryptography/hazmat/backends/interfaces.py +++ b/src/cryptography/hazmat/backends/interfaces.py @@ -233,26 +233,6 @@ class PEMSerializationBackend(object): @six.add_metaclass(abc.ABCMeta) -class TraditionalOpenSSLSerializationBackend(object): - @abc.abstractmethod - def load_traditional_openssl_pem_private_key(self, data, password): - """ - Load a private key from PEM encoded data, using password if the data - is encrypted. - """ - - -@six.add_metaclass(abc.ABCMeta) -class PKCS8SerializationBackend(object): - @abc.abstractmethod - def load_pkcs8_pem_private_key(self, data, password): - """ - Load a private key from PKCS8 encoded data, using password if the data - is encrypted. - """ - - -@six.add_metaclass(abc.ABCMeta) class X509Backend(object): @abc.abstractmethod def load_pem_x509_certificate(self, data): diff --git a/src/cryptography/hazmat/backends/multibackend.py b/src/cryptography/hazmat/backends/multibackend.py index ffc569f4..27ee8e7f 100644 --- a/src/cryptography/hazmat/backends/multibackend.py +++ b/src/cryptography/hazmat/backends/multibackend.py @@ -4,15 +4,12 @@ from __future__ import absolute_import, division, print_function -import warnings - from cryptography import utils from cryptography.exceptions import UnsupportedAlgorithm, _Reasons from cryptography.hazmat.backends.interfaces import ( CMACBackend, CipherBackend, DSABackend, EllipticCurveBackend, HMACBackend, HashBackend, PBKDF2HMACBackend, PEMSerializationBackend, - PKCS8SerializationBackend, RSABackend, - TraditionalOpenSSLSerializationBackend, X509Backend + RSABackend, X509Backend ) @@ -21,9 +18,7 @@ from cryptography.hazmat.backends.interfaces import ( @utils.register_interface(HashBackend) @utils.register_interface(HMACBackend) @utils.register_interface(PBKDF2HMACBackend) -@utils.register_interface(PKCS8SerializationBackend) @utils.register_interface(RSABackend) -@utils.register_interface(TraditionalOpenSSLSerializationBackend) @utils.register_interface(DSABackend) @utils.register_interface(EllipticCurveBackend) @utils.register_interface(PEMSerializationBackend) @@ -251,24 +246,6 @@ class MultiBackend(object): _Reasons.UNSUPPORTED_ELLIPTIC_CURVE ) - def elliptic_curve_private_key_from_numbers(self, numbers): - warnings.warn( - "elliptic_curve_private_key_from_numbers is deprecated and will " - "be removed in a future version.", - utils.DeprecatedIn06, - stacklevel=2 - ) - for b in self._filtered_backends(EllipticCurveBackend): - try: - return b.elliptic_curve_private_key_from_numbers(numbers) - except UnsupportedAlgorithm: - continue - - raise UnsupportedAlgorithm( - "This backend does not support this elliptic curve.", - _Reasons.UNSUPPORTED_ELLIPTIC_CURVE - ) - def load_elliptic_curve_private_numbers(self, numbers): for b in self._filtered_backends(EllipticCurveBackend): try: @@ -281,24 +258,6 @@ class MultiBackend(object): _Reasons.UNSUPPORTED_ELLIPTIC_CURVE ) - def elliptic_curve_public_key_from_numbers(self, numbers): - warnings.warn( - "elliptic_curve_public_key_from_numbers is deprecated and will " - "be removed in a future version.", - utils.DeprecatedIn06, - stacklevel=2 - ) - for b in self._filtered_backends(EllipticCurveBackend): - try: - return b.elliptic_curve_public_key_from_numbers(numbers) - except UnsupportedAlgorithm: - continue - - raise UnsupportedAlgorithm( - "This backend does not support this elliptic curve.", - _Reasons.UNSUPPORTED_ELLIPTIC_CURVE - ) - def load_elliptic_curve_public_numbers(self, numbers): for b in self._filtered_backends(EllipticCurveBackend): try: @@ -329,26 +288,6 @@ class MultiBackend(object): _Reasons.UNSUPPORTED_SERIALIZATION ) - def load_pkcs8_pem_private_key(self, data, password): - for b in self._filtered_backends(PKCS8SerializationBackend): - return b.load_pkcs8_pem_private_key(data, password) - - raise UnsupportedAlgorithm( - "This backend does not support this key serialization.", - _Reasons.UNSUPPORTED_SERIALIZATION - ) - - def load_traditional_openssl_pem_private_key(self, data, password): - for b in self._filtered_backends( - TraditionalOpenSSLSerializationBackend - ): - return b.load_traditional_openssl_pem_private_key(data, password) - - raise UnsupportedAlgorithm( - "This backend does not support this key serialization.", - _Reasons.UNSUPPORTED_SERIALIZATION - ) - def load_pem_x509_certificate(self, data): for b in self._filtered_backends( X509Backend diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py index daccf5ca..34efdce9 100644 --- a/src/cryptography/hazmat/backends/openssl/backend.py +++ b/src/cryptography/hazmat/backends/openssl/backend.py @@ -6,7 +6,6 @@ from __future__ import absolute_import, division, print_function import collections import itertools -import warnings from contextlib import contextmanager import six @@ -17,9 +16,8 @@ from cryptography.exceptions import ( ) from cryptography.hazmat.backends.interfaces import ( CMACBackend, CipherBackend, DSABackend, EllipticCurveBackend, HMACBackend, - HashBackend, PBKDF2HMACBackend, PEMSerializationBackend, - PKCS8SerializationBackend, RSABackend, - TraditionalOpenSSLSerializationBackend, X509Backend + HashBackend, PBKDF2HMACBackend, PEMSerializationBackend, RSABackend, + X509Backend ) from cryptography.hazmat.backends.openssl.ciphers import ( _AESCTRCipherContext, _CipherContext @@ -63,9 +61,7 @@ _OpenSSLError = collections.namedtuple("_OpenSSLError", @utils.register_interface(HashBackend) @utils.register_interface(HMACBackend) @utils.register_interface(PBKDF2HMACBackend) -@utils.register_interface(PKCS8SerializationBackend) @utils.register_interface(RSABackend) -@utils.register_interface(TraditionalOpenSSLSerializationBackend) @utils.register_interface(PEMSerializationBackend) @utils.register_interface(X509Backend) class Backend(object): @@ -721,25 +717,6 @@ class Backend(object): x509 = self._ffi.gc(x509, self._lib.X509_free) return _Certificate(self, x509) - def load_traditional_openssl_pem_private_key(self, data, password): - warnings.warn( - "load_traditional_openssl_pem_private_key is deprecated and will " - "be removed in a future version, use load_pem_private_key " - "instead.", - utils.DeprecatedIn06, - stacklevel=2 - ) - return self.load_pem_private_key(data, password) - - def load_pkcs8_pem_private_key(self, data, password): - warnings.warn( - "load_pkcs8_pem_private_key is deprecated and will be removed in a" - " future version, use load_pem_private_key instead.", - utils.DeprecatedIn06, - stacklevel=2 - ) - return self.load_pem_private_key(data, password) - def _load_key(self, openssl_read_func, convert_func, data, password): mem_bio = self._bytes_to_bio(data) @@ -903,15 +880,6 @@ class Backend(object): _Reasons.UNSUPPORTED_ELLIPTIC_CURVE ) - def elliptic_curve_private_key_from_numbers(self, numbers): - warnings.warn( - "elliptic_curve_private_key_from_numbers is deprecated and will " - "be removed in a future version.", - utils.DeprecatedIn06, - stacklevel=2 - ) - return self.load_elliptic_curve_private_numbers(numbers) - def load_elliptic_curve_private_numbers(self, numbers): public = numbers.public_numbers @@ -930,15 +898,6 @@ class Backend(object): return _EllipticCurvePrivateKey(self, ec_cdata) - def elliptic_curve_public_key_from_numbers(self, numbers): - warnings.warn( - "elliptic_curve_public_key_from_numbers is deprecated and will be " - "removed in a future version.", - utils.DeprecatedIn06, - stacklevel=2 - ) - return self.load_elliptic_curve_public_numbers(numbers) - def load_elliptic_curve_public_numbers(self, numbers): curve_nid = self._elliptic_curve_to_nid(numbers.curve) diff --git a/src/cryptography/hazmat/primitives/serialization.py b/src/cryptography/hazmat/primitives/serialization.py index f080ea86..083f17e5 100644 --- a/src/cryptography/hazmat/primitives/serialization.py +++ b/src/cryptography/hazmat/primitives/serialization.py @@ -6,9 +6,7 @@ from __future__ import absolute_import, division, print_function import base64 import struct -import warnings -from cryptography import utils from cryptography.exceptions import UnsupportedAlgorithm from cryptography.hazmat.primitives.asymmetric.dsa import ( DSAParameterNumbers, DSAPublicNumbers @@ -16,30 +14,6 @@ from cryptography.hazmat.primitives.asymmetric.dsa import ( from cryptography.hazmat.primitives.asymmetric.rsa import RSAPublicNumbers -def load_pem_traditional_openssl_private_key(data, password, backend): - warnings.warn( - "load_pem_traditional_openssl_private_key is deprecated and will be " - "removed in a future version, use load_pem_private_key instead.", - utils.DeprecatedIn06, - stacklevel=2 - ) - - return backend.load_traditional_openssl_pem_private_key( - data, password - ) - - -def load_pem_pkcs8_private_key(data, password, backend): - warnings.warn( - "load_pem_pkcs8_private_key is deprecated and will be removed in a " - "future version, use load_pem_private_key instead.", - utils.DeprecatedIn06, - stacklevel=2 - ) - - return backend.load_pkcs8_pem_private_key(data, password) - - def load_pem_private_key(data, password, backend): return backend.load_pem_private_key(data, password) diff --git a/src/cryptography/utils.py b/src/cryptography/utils.py index 78f73464..ac2f787d 100644 --- a/src/cryptography/utils.py +++ b/src/cryptography/utils.py @@ -9,7 +9,8 @@ import inspect import sys -DeprecatedIn06 = DeprecationWarning +# DeprecatedIn07 objects exist. This comment exists to remind developers to +# look for them when it's time for the ninth release cycle deprecation dance. def register_interface(iface): diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py index 03aa3cd8..43ecbf83 100644 --- a/tests/hazmat/backends/test_multibackend.py +++ b/tests/hazmat/backends/test_multibackend.py @@ -4,8 +4,6 @@ from __future__ import absolute_import, division, print_function -import pytest - from cryptography import utils from cryptography.exceptions import ( UnsupportedAlgorithm, _Reasons @@ -13,8 +11,7 @@ from cryptography.exceptions import ( from cryptography.hazmat.backends.interfaces import ( CMACBackend, CipherBackend, DSABackend, EllipticCurveBackend, HMACBackend, HashBackend, PBKDF2HMACBackend, PEMSerializationBackend, - PKCS8SerializationBackend, RSABackend, - TraditionalOpenSSLSerializationBackend, X509Backend + RSABackend, X509Backend ) from cryptography.hazmat.backends.multibackend import MultiBackend from cryptography.hazmat.primitives import cmac, hashes, hmac @@ -169,31 +166,11 @@ class DummyEllipticCurveBackend(object): if not self.elliptic_curve_supported(numbers.public_numbers.curve): raise UnsupportedAlgorithm(_Reasons.UNSUPPORTED_ELLIPTIC_CURVE) - def elliptic_curve_private_key_from_numbers(self, numbers): - if not self.elliptic_curve_supported(numbers.public_numbers.curve): - raise UnsupportedAlgorithm(_Reasons.UNSUPPORTED_ELLIPTIC_CURVE) - - def elliptic_curve_public_key_from_numbers(self, numbers): - if not self.elliptic_curve_supported(numbers.curve): - raise UnsupportedAlgorithm(_Reasons.UNSUPPORTED_ELLIPTIC_CURVE) - def load_elliptic_curve_public_numbers(self, numbers): if not self.elliptic_curve_supported(numbers.curve): raise UnsupportedAlgorithm(_Reasons.UNSUPPORTED_ELLIPTIC_CURVE) -@utils.register_interface(PKCS8SerializationBackend) -class DummyPKCS8SerializationBackend(object): - def load_pkcs8_pem_private_key(self, data, password): - pass - - -@utils.register_interface(TraditionalOpenSSLSerializationBackend) -class DummyTraditionalOpenSSLSerializationBackend(object): - def load_traditional_openssl_pem_private_key(self, data, password): - pass - - @utils.register_interface(PEMSerializationBackend) class DummyPEMSerializationBackend(object): def load_pem_private_key(self, data, password): @@ -457,69 +434,6 @@ class TestMultiBackend(object): ) ) - def test_deprecated_elliptic_curve(self): - backend = MultiBackend([ - DummyEllipticCurveBackend([ - ec.SECT283K1 - ]) - ]) - - assert backend.elliptic_curve_signature_algorithm_supported( - ec.ECDSA(hashes.SHA256()), - ec.SECT163K1() - ) is False - - pub_numbers = ec.EllipticCurvePublicNumbers(2, 3, ec.SECT283K1()) - numbers = ec.EllipticCurvePrivateNumbers(1, pub_numbers) - - pytest.deprecated_call( - backend.elliptic_curve_private_key_from_numbers, - numbers - ) - pytest.deprecated_call( - backend.elliptic_curve_public_key_from_numbers, - pub_numbers - ) - - with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_ELLIPTIC_CURVE): - backend.elliptic_curve_private_key_from_numbers( - ec.EllipticCurvePrivateNumbers( - 1, - ec.EllipticCurvePublicNumbers( - 2, - 3, - ec.SECT163K1() - ) - ) - ) - - with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_ELLIPTIC_CURVE): - backend.elliptic_curve_public_key_from_numbers( - ec.EllipticCurvePublicNumbers( - 2, - 3, - ec.SECT163K1() - ) - ) - - def test_pkcs8_serialization_backend(self): - backend = MultiBackend([DummyPKCS8SerializationBackend()]) - - backend.load_pkcs8_pem_private_key(b"keydata", None) - - backend = MultiBackend([]) - with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_SERIALIZATION): - backend.load_pkcs8_pem_private_key(b"keydata", None) - - def test_traditional_openssl_serialization_backend(self): - backend = MultiBackend([DummyTraditionalOpenSSLSerializationBackend()]) - - backend.load_traditional_openssl_pem_private_key(b"keydata", None) - - backend = MultiBackend([]) - with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_SERIALIZATION): - backend.load_traditional_openssl_pem_private_key(b"keydata", None) - def test_pem_serialization_backend(self): backend = MultiBackend([DummyPEMSerializationBackend()]) diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index dfd0abe1..b6bb5491 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -15,20 +15,18 @@ import pytest from cryptography import utils from cryptography.exceptions import InternalError, _Reasons -from cryptography.hazmat.backends.interfaces import EllipticCurveBackend from cryptography.hazmat.backends.openssl.backend import ( Backend, backend ) from cryptography.hazmat.backends.openssl.ec import _sn_to_elliptic_curve from cryptography.hazmat.primitives import hashes, interfaces -from cryptography.hazmat.primitives.asymmetric import dsa, ec, padding +from cryptography.hazmat.primitives.asymmetric import dsa, padding from cryptography.hazmat.primitives.ciphers import Cipher from cryptography.hazmat.primitives.ciphers.algorithms import AES from cryptography.hazmat.primitives.ciphers.modes import CBC, CTR from cryptography.hazmat.primitives.interfaces import BlockCipherAlgorithm from ..primitives.fixtures_rsa import RSA_KEY_512 -from ..primitives.test_ec import _skip_curve_unsupported from ...utils import load_vectors_from_file, raises_unsupported_algorithm @@ -458,7 +456,7 @@ class TestOpenSSLSerialisationWithOpenSSL(object): "key1.pem" ), lambda pemfile: ( - backend.load_traditional_openssl_pem_private_key( + backend.load_pem_private_key( pemfile.read().encode(), password ) ) @@ -481,41 +479,3 @@ class TestOpenSSLEllipticCurve(object): def test_sn_to_elliptic_curve_not_supported(self): with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_ELLIPTIC_CURVE): _sn_to_elliptic_curve(backend, b"fake") - - -@pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) -class TestDeprecatedECBackendMethods(object): - def test_elliptic_curve_private_key_from_numbers(self): - d = 5634846038258869671139984276180670841223409490498798721258 - y = 4131560123026307384858369684985976479488628761329758810693 - x = 3402090428547195623222463880060959356423657484435591627791 - curve = ec.SECP192R1() - _skip_curve_unsupported(backend, curve) - pub_numbers = ec.EllipticCurvePublicNumbers( - x=x, - y=y, - curve=curve - ) - numbers = ec.EllipticCurvePrivateNumbers( - private_value=d, - public_numbers=pub_numbers - ) - pytest.deprecated_call( - backend.elliptic_curve_private_key_from_numbers, - numbers - ) - - def test_elliptic_curve_public_key_from_numbers(self): - y = 4131560123026307384858369684985976479488628761329758810693 - x = 3402090428547195623222463880060959356423657484435591627791 - curve = ec.SECP192R1() - _skip_curve_unsupported(backend, curve) - pub_numbers = ec.EllipticCurvePublicNumbers( - x=x, - y=y, - curve=curve - ) - pytest.deprecated_call( - backend.elliptic_curve_public_key_from_numbers, - pub_numbers - ) |