Merge pull request #1371 from reaperhulk/advance-rsa-deprecation-cycle

Advance RSA deprecation cycle

3 files changed, 1 insertions, 312 deletions

diff --git a/cryptography/hazmat/backends/interfaces.py b/cryptography/hazmat/backends/interfaces.py
index f471b948..00bcc443 100644
--- a/cryptography/hazmat/backends/interfaces.py
+++ b/cryptography/hazmat/backends/interfaces.py
@@ -112,39 +112,6 @@ class RSABackend(object):
         """
 
     @abc.abstractmethod
-    def create_rsa_signature_ctx(self, private_key, padding, algorithm):
-        """
-        Returns an object conforming to the AsymmetricSignatureContext
-        interface.
-        """
-
-    @abc.abstractmethod
-    def create_rsa_verification_ctx(self, public_key, signature, padding,
-                                    algorithm):
-        """
-        Returns an object conforming to the AsymmetricVerificationContext
-        interface.
-        """
-
-    @abc.abstractmethod
-    def mgf1_hash_supported(self, algorithm):
-        """
-        Return True if the hash algorithm is supported for MGF1 in PSS.
-        """
-
-    @abc.abstractmethod
-    def decrypt_rsa(self, private_key, ciphertext, padding):
-        """
-        Returns decrypted bytes.
-        """
-
-    @abc.abstractmethod
-    def encrypt_rsa(self, public_key, plaintext, padding):
-        """
-        Returns encrypted bytes.
-        """
-
-    @abc.abstractmethod
     def rsa_padding_supported(self, padding):
         """
         Returns True if the backend supports the given padding options.
diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py
index 9a36674a..a0a7ac18 100644
--- a/cryptography/hazmat/backends/openssl/backend.py
+++ b/cryptography/hazmat/backends/openssl/backend.py
@@ -44,8 +44,7 @@ from cryptography.hazmat.backends.openssl.ec import (
 from cryptography.hazmat.backends.openssl.hashes import _HashContext
 from cryptography.hazmat.backends.openssl.hmac import _HMACContext
 from cryptography.hazmat.backends.openssl.rsa import (
-    _RSAPrivateKey, _RSAPublicKey, _RSASignatureContext,
-    _RSAVerificationContext
+    _RSAPrivateKey, _RSAPublicKey
 )
 from cryptography.hazmat.bindings.openssl.binding import Binding
 from cryptography.hazmat.primitives import hashes
@@ -551,69 +550,6 @@ class Backend(object):
             pem_password_cb
         )
 
-    def _rsa_cdata_from_private_key(self, private_key):
-        ctx = self._lib.RSA_new()
-        assert ctx != self._ffi.NULL
-        ctx = self._ffi.gc(ctx, self._lib.RSA_free)
-
-        ctx.p = self._int_to_bn(private_key.p)
-        ctx.q = self._int_to_bn(private_key.q)
-        ctx.d = self._int_to_bn(private_key.d)
-        ctx.e = self._int_to_bn(private_key.e)
-        ctx.n = self._int_to_bn(private_key.n)
-        ctx.dmp1 = self._int_to_bn(private_key.dmp1)
-        ctx.dmq1 = self._int_to_bn(private_key.dmq1)
-        ctx.iqmp = self._int_to_bn(private_key.iqmp)
-        res = self._lib.RSA_blinding_on(ctx, self._ffi.NULL)
-        assert res == 1
-
-        return ctx
-
-    def _rsa_cdata_from_public_key(self, public_key):
-        ctx = self._lib.RSA_new()
-        assert ctx != self._ffi.NULL
-        ctx = self._ffi.gc(ctx, self._lib.RSA_free)
-
-        ctx.e = self._int_to_bn(public_key.e)
-        ctx.n = self._int_to_bn(public_key.n)
-        res = self._lib.RSA_blinding_on(ctx, self._ffi.NULL)
-        assert res == 1
-
-        return ctx
-
-    def create_rsa_signature_ctx(self, private_key, padding, algorithm):
-        warnings.warn(
-            "create_rsa_signature_ctx is deprecated and will be removed in a "
-            "future version.",
-            utils.DeprecatedIn05,
-            stacklevel=2
-        )
-        rsa_cdata = self._rsa_cdata_from_private_key(private_key)
-        key = _RSAPrivateKey(self, rsa_cdata)
-        return _RSASignatureContext(self, key, padding, algorithm)
-
-    def create_rsa_verification_ctx(self, public_key, signature, padding,
-                                    algorithm):
-        warnings.warn(
-            "create_rsa_verification_ctx is deprecated and will be removed in "
-            "a future version.",
-            utils.DeprecatedIn05,
-            stacklevel=2
-        )
-        rsa_cdata = self._rsa_cdata_from_public_key(public_key)
-        key = _RSAPublicKey(self, rsa_cdata)
-        return _RSAVerificationContext(self, key, signature, padding,
-                                       algorithm)
-
-    def mgf1_hash_supported(self, algorithm):
-        warnings.warn(
-            "mgf1_hash_supported is deprecated and will be removed in "
-            "a future version.",
-            utils.DeprecatedIn05,
-            stacklevel=2
-        )
-        return self._mgf1_hash_supported(algorithm)
-
     def _mgf1_hash_supported(self, algorithm):
         if self._lib.Cryptography_HAS_MGF1_MD:
             return self.hash_supported(algorithm)
@@ -774,28 +710,6 @@ class Backend(object):
         else:
             return True
 
-    def decrypt_rsa(self, private_key, ciphertext, padding):
-        warnings.warn(
-            "decrypt_rsa is deprecated and will be removed in a future "
-            "version.",
-            utils.DeprecatedIn05,
-            stacklevel=2
-        )
-        rsa_cdata = self._rsa_cdata_from_private_key(private_key)
-        key = _RSAPrivateKey(self, rsa_cdata)
-        return key.decrypt(ciphertext, padding)
-
-    def encrypt_rsa(self, public_key, plaintext, padding):
-        warnings.warn(
-            "encrypt_rsa is deprecated and will be removed in a future "
-            "version.",
-            utils.DeprecatedIn05,
-            stacklevel=2
-        )
-        rsa_cdata = self._rsa_cdata_from_public_key(public_key)
-        key = _RSAPublicKey(self, rsa_cdata)
-        return key.encrypt(plaintext, padding)
-
     def cmac_algorithm_supported(self, algorithm):
         return (
             self._lib.Cryptography_HAS_CMAC == 1
diff --git a/cryptography/hazmat/primitives/asymmetric/rsa.py b/cryptography/hazmat/primitives/asymmetric/rsa.py
index 398b3763..c192811d 100644
--- a/cryptography/hazmat/primitives/asymmetric/rsa.py
+++ b/cryptography/hazmat/primitives/asymmetric/rsa.py
@@ -13,11 +13,8 @@
 
 from __future__ import absolute_import, division, print_function
 
-import warnings
-
 import six
 
-from cryptography import utils
 from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
 from cryptography.hazmat.backends.interfaces import RSABackend
 
@@ -94,65 +91,6 @@ def _check_public_key_components(e, n):
         raise ValueError("e must be odd.")
 
 
-class RSAPublicKey(object):
-    def __init__(self, public_exponent, modulus):
-        warnings.warn(
-            "The RSAPublicKey class is deprecated and will be removed in a "
-            "future version.",
-            utils.DeprecatedIn05,
-            stacklevel=2
-        )
-        if (
-            not isinstance(public_exponent, six.integer_types) or
-            not isinstance(modulus, six.integer_types)
-        ):
-            raise TypeError("RSAPublicKey arguments must be integers.")
-
-        _check_public_key_components(public_exponent, modulus)
-
-        self._public_exponent = public_exponent
-        self._modulus = modulus
-
-    def verifier(self, signature, padding, algorithm, backend):
-        if not isinstance(backend, RSABackend):
-            raise UnsupportedAlgorithm(
-                "Backend object does not implement RSABackend.",
-                _Reasons.BACKEND_MISSING_INTERFACE
-            )
-
-        return backend.create_rsa_verification_ctx(self, signature, padding,
-                                                   algorithm)
-
-    def encrypt(self, plaintext, padding, backend):
-        if not isinstance(backend, RSABackend):
-            raise UnsupportedAlgorithm(
-                "Backend object does not implement RSABackend.",
-                _Reasons.BACKEND_MISSING_INTERFACE
-            )
-
-        return backend.encrypt_rsa(self, plaintext, padding)
-
-    @property
-    def key_size(self):
-        return utils.bit_length(self.modulus)
-
-    @property
-    def public_exponent(self):
-        return self._public_exponent
-
-    @property
-    def modulus(self):
-        return self._modulus
-
-    @property
-    def e(self):
-        return self.public_exponent
-
-    @property
-    def n(self):
-        return self.modulus
-
-
 def _modinv(e, m):
     """
     Modular Multiplicative Inverse. Returns x such that: (x*e) mod m == 1
@@ -189,136 +127,6 @@ def rsa_crt_dmq1(private_exponent, q):
     return private_exponent % (q - 1)
 
 
-class RSAPrivateKey(object):
-    def __init__(self, p, q, private_exponent, dmp1, dmq1, iqmp,
-                 public_exponent, modulus):
-        warnings.warn(
-            "The RSAPrivateKey class is deprecated and will be removed in a "
-            "future version.",
-            utils.DeprecatedIn05,
-            stacklevel=2
-        )
-        if (
-            not isinstance(p, six.integer_types) or
-            not isinstance(q, six.integer_types) or
-            not isinstance(dmp1, six.integer_types) or
-            not isinstance(dmq1, six.integer_types) or
-            not isinstance(iqmp, six.integer_types) or
-            not isinstance(private_exponent, six.integer_types) or
-            not isinstance(public_exponent, six.integer_types) or
-            not isinstance(modulus, six.integer_types)
-        ):
-            raise TypeError("RSAPrivateKey arguments must be integers.")
-
-        _check_private_key_components(p, q, private_exponent, dmp1, dmq1, iqmp,
-                                      public_exponent, modulus)
-
-        self._p = p
-        self._q = q
-        self._dmp1 = dmp1
-        self._dmq1 = dmq1
-        self._iqmp = iqmp
-        self._private_exponent = private_exponent
-        self._public_exponent = public_exponent
-        self._modulus = modulus
-
-    @classmethod
-    def generate(cls, public_exponent, key_size, backend):
-        warnings.warn(
-            "generate is deprecated and will be removed in a future version.",
-            utils.DeprecatedIn05,
-            stacklevel=2
-        )
-        if not isinstance(backend, RSABackend):
-            raise UnsupportedAlgorithm(
-                "Backend object does not implement RSABackend.",
-                _Reasons.BACKEND_MISSING_INTERFACE
-            )
-
-        _verify_rsa_parameters(public_exponent, key_size)
-        key = backend.generate_rsa_private_key(public_exponent, key_size)
-        private_numbers = key.private_numbers()
-        return RSAPrivateKey(
-            p=private_numbers.p,
-            q=private_numbers.q,
-            dmp1=private_numbers.dmp1,
-            dmq1=private_numbers.dmq1,
-            iqmp=private_numbers.iqmp,
-            private_exponent=private_numbers.d,
-            public_exponent=private_numbers.public_numbers.e,
-            modulus=private_numbers.public_numbers.n
-        )
-
-    def signer(self, padding, algorithm, backend):
-        if not isinstance(backend, RSABackend):
-            raise UnsupportedAlgorithm(
-                "Backend object does not implement RSABackend.",
-                _Reasons.BACKEND_MISSING_INTERFACE
-            )
-
-        return backend.create_rsa_signature_ctx(self, padding, algorithm)
-
-    def decrypt(self, ciphertext, padding, backend):
-        if not isinstance(backend, RSABackend):
-            raise UnsupportedAlgorithm(
-                "Backend object does not implement RSABackend.",
-                _Reasons.BACKEND_MISSING_INTERFACE
-            )
-
-        return backend.decrypt_rsa(self, ciphertext, padding)
-
-    @property
-    def key_size(self):
-        return utils.bit_length(self.modulus)
-
-    def public_key(self):
-        return RSAPublicKey(self.public_exponent, self.modulus)
-
-    @property
-    def p(self):
-        return self._p
-
-    @property
-    def q(self):
-        return self._q
-
-    @property
-    def private_exponent(self):
-        return self._private_exponent
-
-    @property
-    def public_exponent(self):
-        return self._public_exponent
-
-    @property
-    def modulus(self):
-        return self._modulus
-
-    @property
-    def d(self):
-        return self.private_exponent
-
-    @property
-    def dmp1(self):
-        return self._dmp1
-
-    @property
-    def dmq1(self):
-        return self._dmq1
-
-    @property
-    def iqmp(self):
-        return self._iqmp
-
-    @property
-    def e(self):
-        return self.public_exponent
-
-    @property
-    def n(self):
-        return self.modulus
-
-
 class RSAPrivateNumbers(object):
     def __init__(self, p, q, d, dmp1, dmq1, iqmp,
                  public_numbers):