Merge pull request #1326 from alex/pem-serialization-backend

Start moving everything to the new API

4 files changed, 59 insertions, 9 deletions

diff --git a/cryptography/hazmat/backends/multibackend.py b/cryptography/hazmat/backends/multibackend.py
index 6893cad6..221f1a1e 100644
--- a/cryptography/hazmat/backends/multibackend.py
+++ b/cryptography/hazmat/backends/multibackend.py
@@ -17,8 +17,9 @@ from cryptography import utils
 from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
 from cryptography.hazmat.backends.interfaces import (
     CMACBackend, CipherBackend, DSABackend, EllipticCurveBackend, HMACBackend,
-    HashBackend, PBKDF2HMACBackend, PKCS8SerializationBackend,
-    RSABackend, TraditionalOpenSSLSerializationBackend
+    HashBackend, PBKDF2HMACBackend, PEMSerializationBackend,
+    PKCS8SerializationBackend, RSABackend,
+    TraditionalOpenSSLSerializationBackend
 )
 
 
@@ -32,6 +33,7 @@ from cryptography.hazmat.backends.interfaces import (
 @utils.register_interface(TraditionalOpenSSLSerializationBackend)
 @utils.register_interface(DSABackend)
 @utils.register_interface(EllipticCurveBackend)
+@utils.register_interface(PEMSerializationBackend)
 class MultiBackend(object):
     name = "multibackend"
 
@@ -318,6 +320,15 @@ class MultiBackend(object):
             _Reasons.UNSUPPORTED_ELLIPTIC_CURVE
         )
 
+    def load_pem_private_key(self, data, password):
+        for b in self._filtered_backends(PEMSerializationBackend):
+            return b.load_pem_private_key(data, password)
+
+        raise UnsupportedAlgorithm(
+            "This backend does not support this key serialization.",
+            _Reasons.UNSUPPORTED_SERIALIZATION
+        )
+
     def load_pkcs8_pem_private_key(self, data, password):
         for b in self._filtered_backends(PKCS8SerializationBackend):
             return b.load_pkcs8_pem_private_key(data, password)
diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py
index 01e61283..d1d18a10 100644
--- a/cryptography/hazmat/backends/openssl/backend.py
+++ b/cryptography/hazmat/backends/openssl/backend.py
@@ -25,7 +25,8 @@ from cryptography.exceptions import (
 )
 from cryptography.hazmat.backends.interfaces import (
     CMACBackend, CipherBackend, DSABackend, EllipticCurveBackend, HMACBackend,
-    HashBackend, PBKDF2HMACBackend, PKCS8SerializationBackend, RSABackend,
+    HashBackend, PBKDF2HMACBackend, PEMSerializationBackend,
+    PKCS8SerializationBackend, RSABackend,
     TraditionalOpenSSLSerializationBackend
 )
 from cryptography.hazmat.backends.openssl.ciphers import (
@@ -74,6 +75,7 @@ _OpenSSLError = collections.namedtuple("_OpenSSLError",
 @utils.register_interface(PKCS8SerializationBackend)
 @utils.register_interface(RSABackend)
 @utils.register_interface(TraditionalOpenSSLSerializationBackend)
+@utils.register_interface(PEMSerializationBackend)
 class Backend(object):
     """
     OpenSSL API binding interfaces.
@@ -770,12 +772,7 @@ class Backend(object):
     def create_cmac_ctx(self, algorithm):
         return _CMACContext(self, algorithm)
 
-    def load_traditional_openssl_pem_private_key(self, data, password):
-        # OpenSSLs API for loading PKCS#8 certs can also load the traditional
-        # format so we just use that for both of them.
-        return self.load_pkcs8_pem_private_key(data, password)
-
-    def load_pkcs8_pem_private_key(self, data, password):
+    def load_pem_private_key(self, data, password):
         return self._load_key(
             self._lib.PEM_read_bio_PrivateKey,
             self._evp_pkey_to_private_key,
@@ -783,6 +780,25 @@ class Backend(object):
             password,
         )
 
+    def load_traditional_openssl_pem_private_key(self, data, password):
+        warnings.warn(
+            "load_traditional_openssl_pem_private_key is deprecated and will "
+            "be removed in a future version, use load_pem_private_key "
+            "instead.",
+            utils.DeprecatedIn06,
+            stacklevel=2
+        )
+        return self.load_pem_private_key(data, password)
+
+    def load_pkcs8_pem_private_key(self, data, password):
+        warnings.warn(
+            "load_pkcs8_pem_private_key is deprecated and will be removed in a"
+            " future version, use load_pem_private_key instead.",
+            utils.DeprecatedIn06,
+            stacklevel=2
+        )
+        return self.load_pem_private_key(data, password)
+
     def _load_key(self, openssl_read_func, convert_func, data, password):
         mem_bio = self._bytes_to_bio(data)
 
diff --git a/cryptography/hazmat/primitives/serialization.py b/cryptography/hazmat/primitives/serialization.py
index 55b8640e..cf1ca8ec 100644
--- a/cryptography/hazmat/primitives/serialization.py
+++ b/cryptography/hazmat/primitives/serialization.py
@@ -13,12 +13,34 @@
 
 from __future__ import absolute_import, division, print_function
 
+import warnings
+
+from cryptography import utils
+
 
 def load_pem_traditional_openssl_private_key(data, password, backend):
+    warnings.warn(
+        "load_pem_traditional_openssl_private_key is deprecated and will be "
+        "removed in a future version, use load_pem_private_key instead.",
+        utils.DeprecatedIn06,
+        stacklevel=2
+    )
+
     return backend.load_traditional_openssl_pem_private_key(
         data, password
     )
 
 
 def load_pem_pkcs8_private_key(data, password, backend):
+    warnings.warn(
+        "load_pem_pkcs8_private_key is deprecated and will be removed in a "
+        "future version, use load_pem_private_key instead.",
+        utils.DeprecatedIn06,
+        stacklevel=2
+    )
+
     return backend.load_pkcs8_pem_private_key(data, password)
+
+
+def load_pem_private_key(data, password, backend):
+    return backend.load_pem_private_key(data, password)
diff --git a/cryptography/utils.py b/cryptography/utils.py
index 9c574085..f4c2e3cb 100644
--- a/cryptography/utils.py
+++ b/cryptography/utils.py
@@ -17,6 +17,7 @@ import sys
 
 
 DeprecatedIn05 = DeprecationWarning
+DeprecatedIn06 = PendingDeprecationWarning
 
 
 def register_interface(iface):