Add DSABackend

4 files changed, 49 insertions, 4 deletions

diff --git a/cryptography/hazmat/backends/interfaces.py b/cryptography/hazmat/backends/interfaces.py
index 27b609ed..20c21118 100644
--- a/cryptography/hazmat/backends/interfaces.py
+++ b/cryptography/hazmat/backends/interfaces.py
@@ -113,6 +113,21 @@ class RSABackend(six.with_metaclass(abc.ABCMeta)):
         """
 
 
+class DSABackend(six.with_metaclass(abc.ABCMeta)):
+    @abc.abstractmethod
+    def generate_dsa_parameters(self, key_size):
+        """
+        Generate a DSAParameters instance with a modulus of key_size bits.
+        """
+
+    @abc.abstractmethod
+    def generate_dsa_private_key(self, parameters):
+        """
+        Generate an DSAPrivateKey instance with parameters as
+        a DSAParameters object.
+        """
+
+
 class OpenSSLSerializationBackend(six.with_metaclass(abc.ABCMeta)):
     @abc.abstractmethod
     def load_openssl_pem_private_key(self, data, password):
diff --git a/cryptography/hazmat/backends/multibackend.py b/cryptography/hazmat/backends/multibackend.py
index aa649dd3..86cded85 100644
--- a/cryptography/hazmat/backends/multibackend.py
+++ b/cryptography/hazmat/backends/multibackend.py
@@ -16,7 +16,8 @@ from __future__ import absolute_import, division, print_function
 from cryptography import utils
 from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
 from cryptography.hazmat.backends.interfaces import (
-    CipherBackend, HMACBackend, HashBackend, PBKDF2HMACBackend, RSABackend
+    CipherBackend, DSABackend, HMACBackend, HashBackend, PBKDF2HMACBackend,
+    RSABackend
 )
 
 
@@ -25,6 +26,7 @@ from cryptography.hazmat.backends.interfaces import (
 @utils.register_interface(HMACBackend)
 @utils.register_interface(PBKDF2HMACBackend)
 @utils.register_interface(RSABackend)
+@utils.register_interface(DSABackend)
 class MultiBackend(object):
     name = "multibackend"
 
@@ -142,3 +144,15 @@ class MultiBackend(object):
                                                  padding, algorithm)
         raise UnsupportedAlgorithm("RSA is not supported by the backend",
                                    _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM)
+
+    def generate_dsa_parameters(self, key_size):
+        for b in self._filtered_backends(DSABackend):
+            return b.generate_dsa_parameters(key_size)
+        raise UnsupportedAlgorithm("DSA is not supported by the backend",
+                                   _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM)
+
+    def generate_dsa_private_key(self, parameters):
+        for b in self._filtered_backends(DSABackend):
+            return b.generate_dsa_private_key(parameters)
+        raise UnsupportedAlgorithm("DSA is not supported by the backend",
+                                   _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM)
diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py
index f161bd4e..82b7949e 100644
--- a/cryptography/hazmat/backends/openssl/backend.py
+++ b/cryptography/hazmat/backends/openssl/backend.py
@@ -25,7 +25,8 @@ from cryptography.exceptions import (
     UnsupportedAlgorithm, _Reasons
 )
 from cryptography.hazmat.backends.interfaces import (
-    CipherBackend, HMACBackend, HashBackend, PBKDF2HMACBackend, RSABackend
+    CipherBackend, DSABackend, HMACBackend, HashBackend, PBKDF2HMACBackend,
+    RSABackend
 )
 from cryptography.hazmat.bindings.openssl.binding import Binding
 from cryptography.hazmat.primitives import hashes, interfaces
@@ -46,6 +47,7 @@ _OpenSSLError = collections.namedtuple("_OpenSSLError",
 
 
 @utils.register_interface(CipherBackend)
+@utils.register_interface(DSABackend)
 @utils.register_interface(HashBackend)
 @utils.register_interface(HMACBackend)
 @utils.register_interface(PBKDF2HMACBackend)
@@ -420,8 +422,8 @@ class Backend(object):
             raise ValueError(
                 "Key size must be 1024 or 2048 or 3072 bits")
 
-        if backend._lib.OPENSSL_VERSION_NUMBER < 0x1000000f \
-                and key_size > 1024:
+        if (self._lib.OPENSSL_VERSION_NUMBER < 0x1000000f and
+                key_size > 1024):
             raise ValueError(
                 "Key size must be 1024 because OpenSSL < 1.0.0 doesn't "
                 "support larger key sizes")
diff --git a/cryptography/hazmat/primitives/asymmetric/dsa.py b/cryptography/hazmat/primitives/asymmetric/dsa.py
index e32e05c0..4c2de36a 100644
--- a/cryptography/hazmat/primitives/asymmetric/dsa.py
+++ b/cryptography/hazmat/primitives/asymmetric/dsa.py
@@ -16,6 +16,8 @@ from __future__ import absolute_import, division, print_function
 import six
 
 from cryptography import utils
+from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
+from cryptography.hazmat.backends.interfaces import DSABackend
 from cryptography.hazmat.primitives import interfaces
 
 
@@ -51,6 +53,12 @@ class DSAParameters(object):
 
     @classmethod
     def generate(cls, key_size, backend):
+        if not isinstance(backend, DSABackend):
+            raise UnsupportedAlgorithm(
+                "Backend object does not implement DSABackend",
+                _Reasons.BACKEND_MISSING_INTERFACE
+            )
+
         return backend.generate_dsa_parameters(key_size)
 
     @property
@@ -102,6 +110,12 @@ class DSAPrivateKey(object):
 
     @classmethod
     def generate(cls, parameters, backend):
+        if not isinstance(backend, DSABackend):
+            raise UnsupportedAlgorithm(
+                "Backend object does not implement DSABackend",
+                _Reasons.BACKEND_MISSING_INTERFACE
+            )
+
         return backend.generate_dsa_private_key(parameters)
 
     @property