Merge pull request #1376 from reaperhulk/advance-dsa-deprecation-cycle

remove deprecated DSA classes/methods and update tests

3 files changed, 4 insertions, 277 deletions

diff --git a/cryptography/hazmat/backends/interfaces.py b/cryptography/hazmat/backends/interfaces.py
index 00bcc443..69d776ff 100644
--- a/cryptography/hazmat/backends/interfaces.py
+++ b/cryptography/hazmat/backends/interfaces.py
@@ -159,20 +159,6 @@ class DSABackend(object):
         """
 
     @abc.abstractmethod
-    def create_dsa_signature_ctx(self, private_key, algorithm):
-        """
-        Returns an object conforming to the AsymmetricSignatureContext
-        interface.
-        """
-
-    @abc.abstractmethod
-    def create_dsa_verification_ctx(self, public_key, signature, algorithm):
-        """
-        Returns an object conforming to the AsymmetricVerificationContext
-        interface.
-        """
-
-    @abc.abstractmethod
     def dsa_hash_supported(self, algorithm):
         """
         Return True if the hash algorithm is supported by the backend for DSA.
diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py
index a0a7ac18..eadea50e 100644
--- a/cryptography/hazmat/backends/openssl/backend.py
+++ b/cryptography/hazmat/backends/openssl/backend.py
@@ -35,8 +35,7 @@ from cryptography.hazmat.backends.openssl.ciphers import (
 )
 from cryptography.hazmat.backends.openssl.cmac import _CMACContext
 from cryptography.hazmat.backends.openssl.dsa import (
-    _DSAParameters, _DSAPrivateKey, _DSAPublicKey,
-    _DSASignatureContext, _DSAVerificationContext
+    _DSAParameters, _DSAPrivateKey, _DSAPublicKey
 )
 from cryptography.hazmat.backends.openssl.ec import (
     _EllipticCurvePrivateKey, _EllipticCurvePublicKey
@@ -594,14 +593,9 @@ class Backend(object):
         ctx = self._lib.DSA_new()
         assert ctx != self._ffi.NULL
         ctx = self._ffi.gc(ctx, self._lib.DSA_free)
-        if isinstance(parameters, dsa.DSAParameters):
-            ctx.p = self._int_to_bn(parameters.p)
-            ctx.q = self._int_to_bn(parameters.q)
-            ctx.g = self._int_to_bn(parameters.g)
-        else:
-            ctx.p = self._lib.BN_dup(parameters._dsa_cdata.p)
-            ctx.q = self._lib.BN_dup(parameters._dsa_cdata.q)
-            ctx.g = self._lib.BN_dup(parameters._dsa_cdata.g)
+        ctx.p = self._lib.BN_dup(parameters._dsa_cdata.p)
+        ctx.q = self._lib.BN_dup(parameters._dsa_cdata.q)
+        ctx.g = self._lib.BN_dup(parameters._dsa_cdata.g)
 
         self._lib.DSA_generate_key(ctx)
 
@@ -611,29 +605,6 @@ class Backend(object):
         parameters = self.generate_dsa_parameters(key_size)
         return self.generate_dsa_private_key(parameters)
 
-    def create_dsa_signature_ctx(self, private_key, algorithm):
-        warnings.warn(
-            "create_dsa_signature_ctx is deprecated and will be removed in "
-            "a future version.",
-            utils.DeprecatedIn05,
-            stacklevel=2
-        )
-        dsa_cdata = self._dsa_cdata_from_private_key(private_key)
-        key = _DSAPrivateKey(self, dsa_cdata)
-        return _DSASignatureContext(self, key, algorithm)
-
-    def create_dsa_verification_ctx(self, public_key, signature,
-                                    algorithm):
-        warnings.warn(
-            "create_dsa_verification_ctx is deprecated and will be removed in "
-            "a future version.",
-            utils.DeprecatedIn05,
-            stacklevel=2
-        )
-        dsa_cdata = self._dsa_cdata_from_public_key(public_key)
-        key = _DSAPublicKey(self, dsa_cdata)
-        return _DSAVerificationContext(self, key, signature, algorithm)
-
     def load_dsa_private_numbers(self, numbers):
         dsa._check_dsa_private_numbers(numbers)
         parameter_numbers = numbers.public_numbers.parameter_numbers
@@ -675,29 +646,6 @@ class Backend(object):
 
         return _DSAParameters(self, dsa_cdata)
 
-    def _dsa_cdata_from_public_key(self, public_key):
-        ctx = self._lib.DSA_new()
-        assert ctx != self._ffi.NULL
-        ctx = self._ffi.gc(ctx, self._lib.DSA_free)
-        parameters = public_key.parameters()
-        ctx.p = self._int_to_bn(parameters.p)
-        ctx.q = self._int_to_bn(parameters.q)
-        ctx.g = self._int_to_bn(parameters.g)
-        ctx.pub_key = self._int_to_bn(public_key.y)
-        return ctx
-
-    def _dsa_cdata_from_private_key(self, private_key):
-        ctx = self._lib.DSA_new()
-        assert ctx != self._ffi.NULL
-        ctx = self._ffi.gc(ctx, self._lib.DSA_free)
-        parameters = private_key.parameters()
-        ctx.p = self._int_to_bn(parameters.p)
-        ctx.q = self._int_to_bn(parameters.q)
-        ctx.g = self._int_to_bn(parameters.g)
-        ctx.priv_key = self._int_to_bn(private_key.x)
-        ctx.pub_key = self._int_to_bn(private_key.y)
-        return ctx
-
     def dsa_hash_supported(self, algorithm):
         if self._lib.OPENSSL_VERSION_NUMBER < 0x1000000f:
             return isinstance(algorithm, hashes.SHA1)
diff --git a/cryptography/hazmat/primitives/asymmetric/dsa.py b/cryptography/hazmat/primitives/asymmetric/dsa.py
index 04b22720..18076338 100644
--- a/cryptography/hazmat/primitives/asymmetric/dsa.py
+++ b/cryptography/hazmat/primitives/asymmetric/dsa.py
@@ -13,14 +13,9 @@
 
 from __future__ import absolute_import, division, print_function
 
-import warnings
-
 import six
 
 from cryptography import utils
-from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
-from cryptography.hazmat.backends.interfaces import DSABackend
-from cryptography.hazmat.primitives import interfaces
 
 
 def generate_parameters(key_size, backend):
@@ -55,208 +50,6 @@ def _check_dsa_private_numbers(numbers):
         raise ValueError("y must be equal to (g ** x % p).")
 
 
-@utils.register_interface(interfaces.DSAParameters)
-class DSAParameters(object):
-    def __init__(self, modulus, subgroup_order, generator):
-        warnings.warn(
-            "The DSAParameters class is deprecated and will be removed in a "
-            "future version.",
-            utils.DeprecatedIn05,
-            stacklevel=2
-        )
-        _check_dsa_parameters(
-            DSAParameterNumbers(
-                p=modulus,
-                q=subgroup_order,
-                g=generator
-            )
-        )
-
-        self._modulus = modulus
-        self._subgroup_order = subgroup_order
-        self._generator = generator
-
-    @classmethod
-    def generate(cls, key_size, backend):
-        warnings.warn(
-            "generate is deprecated and will be removed in a future version.",
-            utils.DeprecatedIn05,
-            stacklevel=2
-        )
-        if not isinstance(backend, DSABackend):
-            raise UnsupportedAlgorithm(
-                "Backend object does not implement DSABackend.",
-                _Reasons.BACKEND_MISSING_INTERFACE
-            )
-
-        parameters = backend.generate_dsa_parameters(key_size)
-        numbers = parameters.parameter_numbers()
-        return cls(
-            modulus=numbers.p,
-            subgroup_order=numbers.q,
-            generator=numbers.g
-        )
-
-    @property
-    def modulus(self):
-        return self._modulus
-
-    @property
-    def subgroup_order(self):
-        return self._subgroup_order
-
-    @property
-    def generator(self):
-        return self._generator
-
-    @property
-    def p(self):
-        return self.modulus
-
-    @property
-    def q(self):
-        return self.subgroup_order
-
-    @property
-    def g(self):
-        return self.generator
-
-
-@utils.register_interface(interfaces.DSAPrivateKey)
-class DSAPrivateKey(object):
-    def __init__(self, modulus, subgroup_order, generator, x, y):
-        warnings.warn(
-            "The DSAPrivateKey class is deprecated and will be removed in a "
-            "future version.",
-            utils.DeprecatedIn05,
-            stacklevel=2
-        )
-        if (
-            not isinstance(x, six.integer_types) or
-            not isinstance(y, six.integer_types)
-        ):
-            raise TypeError("DSAPrivateKey arguments must be integers.")
-
-        _check_dsa_private_numbers(
-            DSAPrivateNumbers(
-                public_numbers=DSAPublicNumbers(
-                    parameter_numbers=DSAParameterNumbers(
-                        p=modulus,
-                        q=subgroup_order,
-                        g=generator
-                    ),
-                    y=y
-                ),
-                x=x
-            )
-        )
-
-        self._modulus = modulus
-        self._subgroup_order = subgroup_order
-        self._generator = generator
-        self._x = x
-        self._y = y
-
-    @classmethod
-    def generate(cls, parameters, backend):
-        warnings.warn(
-            "generate is deprecated and will be removed in a future version.",
-            utils.DeprecatedIn05,
-            stacklevel=2
-        )
-        if not isinstance(backend, DSABackend):
-            raise UnsupportedAlgorithm(
-                "Backend object does not implement DSABackend.",
-                _Reasons.BACKEND_MISSING_INTERFACE
-            )
-
-        key = backend.generate_dsa_private_key(parameters)
-        private_numbers = key.private_numbers()
-        return cls(
-            modulus=private_numbers.public_numbers.parameter_numbers.p,
-            subgroup_order=private_numbers.public_numbers.parameter_numbers.q,
-            generator=private_numbers.public_numbers.parameter_numbers.g,
-            x=private_numbers.x,
-            y=private_numbers.public_numbers.y
-        )
-
-    def signer(self, algorithm, backend):
-        if not isinstance(backend, DSABackend):
-            raise UnsupportedAlgorithm(
-                "Backend object does not implement DSABackend.",
-                _Reasons.BACKEND_MISSING_INTERFACE
-            )
-
-        return backend.create_dsa_signature_ctx(self, algorithm)
-
-    @property
-    def key_size(self):
-        return utils.bit_length(self._modulus)
-
-    def public_key(self):
-        return DSAPublicKey(self._modulus, self._subgroup_order,
-                            self._generator, self.y)
-
-    @property
-    def x(self):
-        return self._x
-
-    @property
-    def y(self):
-        return self._y
-
-    def parameters(self):
-        return DSAParameters(self._modulus, self._subgroup_order,
-                             self._generator)
-
-
-@utils.register_interface(interfaces.DSAPublicKey)
-class DSAPublicKey(object):
-    def __init__(self, modulus, subgroup_order, generator, y):
-        warnings.warn(
-            "The DSAPublicKey class is deprecated and will be removed in a "
-            "future version.",
-            utils.DeprecatedIn05,
-            stacklevel=2
-        )
-        _check_dsa_parameters(
-            DSAParameterNumbers(
-                p=modulus,
-                q=subgroup_order,
-                g=generator
-            )
-        )
-        if not isinstance(y, six.integer_types):
-            raise TypeError("y must be an integer.")
-
-        self._modulus = modulus
-        self._subgroup_order = subgroup_order
-        self._generator = generator
-        self._y = y
-
-    def verifier(self, signature, algorithm, backend):
-        if not isinstance(backend, DSABackend):
-            raise UnsupportedAlgorithm(
-                "Backend object does not implement DSABackend.",
-                _Reasons.BACKEND_MISSING_INTERFACE
-            )
-
-        return backend.create_dsa_verification_ctx(self, signature,
-                                                   algorithm)
-
-    @property
-    def key_size(self):
-        return utils.bit_length(self._modulus)
-
-    @property
-    def y(self):
-        return self._y
-
-    def parameters(self):
-        return DSAParameters(self._modulus, self._subgroup_order,
-                             self._generator)
-
-
 class DSAParameterNumbers(object):
     def __init__(self, p, q, g):
         if (