let's talk about bits baby (#3956)

author: Paul Kehrer <paul.l.kehrer@gmail.com> 2017-10-11 19:49:57 +0800
committer: Alex Gaynor <alex.gaynor@gmail.com> 2017-10-11 07:49:57 -0400
commit: 1aac78c4d036d20e8892f3861ea947cadf6ab739 (patch)
tree: bb432229f698e613a554f23b9ec95b8ff2d20a8a /docs/hazmat/primitives/twofactor.rst
parent: a3facfae09c881b8a1953ffd7b192debc58bb5a0 (diff)
download: cryptography-1aac78c4d036d20e8892f3861ea947cadf6ab739.tar.gz
cryptography-1aac78c4d036d20e8892f3861ea947cadf6ab739.tar.bz2
cryptography-1aac78c4d036d20e8892f3861ea947cadf6ab739.zip
1 files changed, 13 insertions, 12 deletions
diff --git a/docs/hazmat/primitives/twofactor.rst b/docs/hazmat/primitives/twofactor.rst
index 9f11332f..3b4f3961 100644
--- a/docs/hazmat/primitives/twofactor.rst
+++ b/docs/hazmat/primitives/twofactor.rst
@@ -24,8 +24,9 @@ codes (HMAC).
 
     HOTP objects take a ``key``, ``length`` and ``algorithm`` parameter. The
     ``key`` should be :doc:`randomly generated bytes </random-numbers>` and is
-    recommended to be 160 bits in length. The ``length`` parameter controls the
-    length of the generated one time password and must be >= 6 and <= 8.
+    recommended to be 160 :term:`bits` in length. The ``length`` parameter
+    controls the length of the generated one time password and must be >= 6
+    and <= 8.
 
     This is an implementation of :rfc:`4226`.
 
@@ -41,8 +42,8 @@ codes (HMAC).
         >>> hotp.verify(hotp_value, 0)
 
     :param bytes key: Per-user secret key. This value must be kept secret
-                      and be at least 128 bits. It is recommended that the
-                      key be 160 bits.
+                      and be at least 128 :term:`bits`. It is recommended that
+                      the key be 160 bits.
     :param int length: Length of generated one time password as ``int``.
     :param cryptography.hazmat.primitives.hashes.HashAlgorithm algorithm: A
         :class:`~cryptography.hazmat.primitives.hashes`
@@ -51,17 +52,17 @@ codes (HMAC).
         :class:`~cryptography.hazmat.backends.interfaces.HMACBackend`
         instance.
     :param enforce_key_length: A boolean flag defaulting to True that toggles
-        whether a minimum key length of 128 bits is enforced. This exists to
-        work around the fact that as documented in `Issue #2915`_, the
-        Google Authenticator PAM module by default generates 80 bit keys. If
-        this flag is set to False, the application develop should implement
+        whether a minimum key length of 128 :term:`bits` is enforced. This
+        exists to work around the fact that as documented in `Issue #2915`_,
+        the Google Authenticator PAM module by default generates 80 bit keys.
+        If this flag is set to False, the application develop should implement
         additional checks of the key length before passing it into
         :class:`~cryptography.hazmat.primitives.twofactor.hotp.HOTP`.
 
         .. versionadded:: 1.5
 
     :raises ValueError: This is raised if the provided ``key`` is shorter than
-        128 bits or if the ``length`` parameter is not 6, 7 or 8.
+        128 :term:`bits` or if the ``length`` parameter is not 6, 7 or 8.
     :raises TypeError: This is raised if the provided ``algorithm`` is not
         :class:`~cryptography.hazmat.primitives.hashes.SHA1()`,
         :class:`~cryptography.hazmat.primitives.hashes.SHA256()` or
@@ -163,7 +164,7 @@ similar to the following code.
         >>> totp.verify(totp_value, time_value)
 
     :param bytes key: Per-user secret key. This value must be kept secret
-                      and be at least 128 bits. It is recommended that the
+                      and be at least 128 :term:`bits`. It is recommended that the
                       key be 160 bits.
     :param int length: Length of generated one time password as ``int``.
     :param cryptography.hazmat.primitives.hashes.HashAlgorithm algorithm: A
@@ -174,7 +175,7 @@ similar to the following code.
         :class:`~cryptography.hazmat.backends.interfaces.HMACBackend`
         instance.
     :param enforce_key_length: A boolean flag defaulting to True that toggles
-        whether a minimum key length of 128 bits is enforced. This exists to
+        whether a minimum key length of 128 :term:`bits` is enforced. This exists to
         work around the fact that as documented in `Issue #2915`_, the
         Google Authenticator PAM module by default generates 80 bit keys. If
         this flag is set to False, the application develop should implement
@@ -183,7 +184,7 @@ similar to the following code.
 
         .. versionadded:: 1.5
     :raises ValueError: This is raised if the provided ``key`` is shorter than
-        128 bits or if the ``length`` parameter is not 6, 7 or 8.
+        128 :term:`bits` or if the ``length`` parameter is not 6, 7 or 8.
     :raises TypeError: This is raised if the provided ``algorithm`` is not
         :class:`~cryptography.hazmat.primitives.hashes.SHA1()`,
         :class:`~cryptography.hazmat.primitives.hashes.SHA256()` or
author	Paul Kehrer <paul.l.kehrer@gmail.com>	2017-10-11 19:49:57 +0800
committer	Alex Gaynor <alex.gaynor@gmail.com>	2017-10-11 07:49:57 -0400
commit	1aac78c4d036d20e8892f3861ea947cadf6ab739 (patch)
tree	bb432229f698e613a554f23b9ec95b8ff2d20a8a /docs/hazmat/primitives/twofactor.rst
parent	a3facfae09c881b8a1953ffd7b192debc58bb5a0 (diff)
download	cryptography-1aac78c4d036d20e8892f3861ea947cadf6ab739.tar.gz cryptography-1aac78c4d036d20e8892f3861ea947cadf6ab739.tar.bz2 cryptography-1aac78c4d036d20e8892f3861ea947cadf6ab739.zip