Remove provider language from docs (#3072)

8 files changed, 54 insertions, 68 deletions

diff --git a/docs/hazmat/primitives/cryptographic-hashes.rst b/docs/hazmat/primitives/cryptographic-hashes.rst
index ff31b779..d0414efa 100644
--- a/docs/hazmat/primitives/cryptographic-hashes.rst
+++ b/docs/hazmat/primitives/cryptographic-hashes.rst
@@ -40,11 +40,11 @@ Message digests
 
     :param algorithm: A
         :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
-        provider such as those described in
+        instance such as those described in
         :ref:`below <cryptographic-hash-algorithms>`.
     :param backend: A
         :class:`~cryptography.hazmat.backends.interfaces.HashBackend`
-        provider.
+        instance.
 
     :raises cryptography.exceptions.UnsupportedAlgorithm: This is raised if the
         provided ``backend`` does not implement
diff --git a/docs/hazmat/primitives/key-derivation-functions.rst b/docs/hazmat/primitives/key-derivation-functions.rst
index 0415ccfe..558c9d16 100644
--- a/docs/hazmat/primitives/key-derivation-functions.rst
+++ b/docs/hazmat/primitives/key-derivation-functions.rst
@@ -68,9 +68,8 @@ Different KDFs are suitable for different tasks such as:
         ... )
         >>> kdf.verify(b"my great password", key)
 
-    :param algorithm: An instance of a
-        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
-        provider.
+    :param algorithm: An instance of
+        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`.
     :param int length: The desired length of the derived key. Maximum is
         (2\ :sup:`32` - 1) * ``algorithm.digest_size``.
     :param bytes salt: A salt. `NIST SP 800-132`_ recommends 128-bits or
@@ -80,9 +79,8 @@ Different KDFs are suitable for different tasks such as:
         takes. Higher numbers help mitigate brute force attacks against derived
         keys. See OWASP's `Password Storage Cheat Sheet`_ for more
         detailed recommendations if you intend to use this for password storage.
-    :param backend: A
-        :class:`~cryptography.hazmat.backends.interfaces.PBKDF2HMACBackend`
-        provider.
+    :param backend: An instance of
+        :class:`~cryptography.hazmat.backends.interfaces.PBKDF2HMACBackend`.
 
     :raises cryptography.exceptions.UnsupportedAlgorithm: This is raised if the
         provided ``backend`` does not implement
@@ -168,9 +166,8 @@ Different KDFs are suitable for different tasks such as:
         ... )
         >>> hkdf.verify(b"input key", key)
 
-    :param algorithm: An instance of a
-        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
-        provider.
+    :param algorithm: An instance of
+        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`.
 
     :param int length: The desired length of the derived key. Maximum is
         ``255 * (algorithm.digest_size // 8)``.
@@ -188,9 +185,8 @@ Different KDFs are suitable for different tasks such as:
     :param bytes info: Application specific context information.  If ``None``
         is explicitly passed an empty byte string will be used.
 
-    :param backend: A
-        :class:`~cryptography.hazmat.backends.interfaces.HMACBackend`
-        provider.
+    :param backend: An instance of
+        :class:`~cryptography.hazmat.backends.interfaces.HMACBackend`.
 
     :raises cryptography.exceptions.UnsupportedAlgorithm: This is raised if the
         provided ``backend`` does not implement
@@ -269,9 +265,8 @@ Different KDFs are suitable for different tasks such as:
         ... )
         >>> hkdf.verify(key_material, key)
 
-    :param algorithm: An instance of a
-        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
-        provider.
+    :param algorithm: An instance of
+        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`.
 
     :param int length: The desired length of the derived key. Maximum is
         ``255 * (algorithm.digest_size // 8)``.
@@ -279,9 +274,8 @@ Different KDFs are suitable for different tasks such as:
     :param bytes info: Application specific context information.  If ``None``
         is explicitly passed an empty byte string will be used.
 
-    :param backend: A
-        :class:`~cryptography.hazmat.backends.interfaces.HMACBackend`
-        provider.
+    :param backend: An instance of
+        :class:`~cryptography.hazmat.backends.interfaces.HMACBackend`.
 
     :raises cryptography.exceptions.UnsupportedAlgorithm: This is raised if the
         provided ``backend`` does not implement
@@ -361,9 +355,8 @@ Different KDFs are suitable for different tasks such as:
         ... )
         >>> ckdf.verify(b"input key", key)
 
-    :param algorithm: An instance of a
-        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
-        provider
+    :param algorithm: An instance of
+        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`.
 
     :param int length: The desired length of the derived key in bytes.
         Maximum is ``hashlen * (2^32 -1)``.
@@ -371,9 +364,8 @@ Different KDFs are suitable for different tasks such as:
     :param bytes otherinfo: Application specific context information.
         If ``None`` is explicitly passed an empty byte string will be used.
 
-    :param backend: A
-        :class:`~cryptography.hazmat.backends.interfaces.HashBackend`
-        provider.
+    :param backend: An instance of
+        :class:`~cryptography.hazmat.backends.interfaces.HashBackend`.
 
     :raises cryptography.exceptions.UnsupportedAlgorithm: This is raised
         if the provided ``backend`` does not implement
@@ -448,9 +440,8 @@ Different KDFs are suitable for different tasks such as:
         ... )
         >>> ckdf.verify(b"input key", key)
 
-    :param algorithm: An instance of a
-        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
-        provider
+    :param algorithm: An instance of
+        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`.
 
     :param int length: The desired length of the derived key in bytes. Maximum
         is ``hashlen * (2^32 -1)``.
@@ -466,9 +457,8 @@ Different KDFs are suitable for different tasks such as:
     :param bytes otherinfo: Application specific context information.
         If ``None`` is explicitly passed an empty byte string will be used.
 
-    :param backend: A
-        :class:`~cryptography.hazmat.backends.interfaces.HMACBackend`
-        provider.
+    :param backend: An instance of
+        :class:`~cryptography.hazmat.backends.interfaces.HMACBackend`.
 
     :raises cryptography.exceptions.UnsupportedAlgorithm: This is raised if the
         provided ``backend`` does not implement
@@ -549,9 +539,8 @@ Different KDFs are suitable for different tasks such as:
         ... )
         >>> xkdf.verify(b"input key", key)
 
-    :param algorithm: An instance of a
-        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
-        provider
+    :param algorithm: An instance of
+        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`.
 
     :param int length: The desired length of the derived key in bytes.
         Maximum is ``hashlen * (2^32 -1)``.
@@ -561,7 +550,7 @@ Different KDFs are suitable for different tasks such as:
 
     :param backend: A cryptography backend
         :class:`~cryptography.hazmat.backends.interfaces.HashBackend`
-        provider.
+        instance.
 
     :raises cryptography.exceptions.UnsupportedAlgorithm: This is raised
         if the provided ``backend`` does not implement
@@ -654,9 +643,8 @@ Different KDFs are suitable for different tasks such as:
         ... )
         >>> kdf.verify(b"input key", key)
 
-    :param algorithm: An instance of a
-        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
-        provider
+    :param algorithm: An instance of
+        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`.
 
     :param mode: The desired mode of the PRF. A value from the
       :class:`~cryptography.hazmat.primitives.kdf.kbkdf.Mode` enum.
@@ -684,7 +672,7 @@ Different KDFs are suitable for different tasks such as:
 
     :param backend: A cryptography backend
         :class:`~cryptography.hazmat.backends.interfaces.HashBackend`
-        provider.
+        instance.
 
     :raises cryptography.exceptions.UnsupportedAlgorithm: This is raised
         if the provided ``backend`` does not implement
diff --git a/docs/hazmat/primitives/keywrap.rst b/docs/hazmat/primitives/keywrap.rst
index e4f9ffeb..95cae8d7 100644
--- a/docs/hazmat/primitives/keywrap.rst
+++ b/docs/hazmat/primitives/keywrap.rst
@@ -24,7 +24,7 @@ protections offered by key wrapping are also offered by using authenticated
 
     :param backend: A
         :class:`~cryptography.hazmat.backends.interfaces.CipherBackend`
-        provider that supports
+        instance that supports
         :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES`.
 
     :return bytes: The wrapped key as bytes.
@@ -42,7 +42,7 @@ protections offered by key wrapping are also offered by using authenticated
 
     :param backend: A
         :class:`~cryptography.hazmat.backends.interfaces.CipherBackend`
-        provider that supports
+        instance that supports
         :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES`.
 
     :return bytes: The unwrapped key as bytes.
diff --git a/docs/hazmat/primitives/mac/cmac.rst b/docs/hazmat/primitives/mac/cmac.rst
index e04a849f..e170db31 100644
--- a/docs/hazmat/primitives/mac/cmac.rst
+++ b/docs/hazmat/primitives/mac/cmac.rst
@@ -22,7 +22,7 @@ A subset of CMAC with the AES-128 algorithm is described in :rfc:`4493`.
     .. versionadded:: 0.4
 
     CMAC objects take a
-    :class:`~cryptography.hazmat.primitives.ciphers.BlockCipherAlgorithm` provider.
+    :class:`~cryptography.hazmat.primitives.ciphers.BlockCipherAlgorithm` instance.
 
     .. doctest::
 
@@ -40,7 +40,7 @@ A subset of CMAC with the AES-128 algorithm is described in :rfc:`4493`.
 
     If ``algorithm`` isn't a
     :class:`~cryptography.hazmat.primitives.ciphers.BlockCipherAlgorithm`
-    provider then ``TypeError`` will be raised.
+    instance then ``TypeError`` will be raised.
 
     To check that a given signature is correct use the :meth:`verify` method.
     You will receive an exception if the signature is wrong:
@@ -54,12 +54,10 @@ A subset of CMAC with the AES-128 algorithm is described in :rfc:`4493`.
         ...
         cryptography.exceptions.InvalidSignature: Signature did not match digest.
 
-    :param algorithm: An
-        :class:`~cryptography.hazmat.primitives.ciphers.BlockCipherAlgorithm`
-        provider.
-    :param backend: An
-        :class:`~cryptography.hazmat.backends.interfaces.CMACBackend`
-        provider.
+    :param algorithm: An instance of
+        :class:`~cryptography.hazmat.primitives.ciphers.BlockCipherAlgorithm`.
+    :param backend: An instance of
+        :class:`~cryptography.hazmat.backends.interfaces.CMACBackend`.
     :raises TypeError: This is raised if the provided ``algorithm`` is not an instance of
         :class:`~cryptography.hazmat.primitives.ciphers.BlockCipherAlgorithm`
     :raises cryptography.exceptions.UnsupportedAlgorithm: This is raised if the
diff --git a/docs/hazmat/primitives/mac/hmac.rst b/docs/hazmat/primitives/mac/hmac.rst
index 2515ac91..e00c4de2 100644
--- a/docs/hazmat/primitives/mac/hmac.rst
+++ b/docs/hazmat/primitives/mac/hmac.rst
@@ -18,7 +18,7 @@ of a message.
 .. class:: HMAC(key, algorithm, backend)
 
     HMAC objects take a ``key`` and a
-    :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` provider.
+    :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` instance.
     The ``key`` should be :doc:`randomly generated bytes </random-numbers>` and
     is recommended to be equal in length to the ``digest_size`` of the hash
     function chosen. You must keep the ``key`` secret.
@@ -39,7 +39,7 @@ of a message.
     raised.
 
     If ``algorithm`` isn't a
-    :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` provider
+    :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` instance
     then ``TypeError`` will be raised.
 
     To check that a given signature is correct use the :meth:`verify` method.
@@ -57,11 +57,11 @@ of a message.
     :param bytes key: Secret key as ``bytes``.
     :param algorithm: An
         :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
-        provider such as those described in
+        instance such as those described in
         :ref:`Cryptographic Hashes <cryptographic-hash-algorithms>`.
     :param backend: An
         :class:`~cryptography.hazmat.backends.interfaces.HMACBackend`
-        provider.
+        instance.
 
     :raises cryptography.exceptions.UnsupportedAlgorithm: This is raised if the
         provided ``backend`` does not implement
diff --git a/docs/hazmat/primitives/padding.rst b/docs/hazmat/primitives/padding.rst
index 0b76327e..b346b59e 100644
--- a/docs/hazmat/primitives/padding.rst
+++ b/docs/hazmat/primitives/padding.rst
@@ -45,13 +45,13 @@ multiple of the block size.
 
         :returns: A padding
             :class:`~cryptography.hazmat.primitives.padding.PaddingContext`
-            provider.
+            instance.
 
     .. method:: unpadder()
 
         :returns: An unpadding
             :class:`~cryptography.hazmat.primitives.padding.PaddingContext`
-            provider.
+            instance.
 
 
 .. class:: ANSIX923(block_size)
@@ -88,13 +88,13 @@ multiple of the block size.
 
         :returns: A padding
             :class:`~cryptography.hazmat.primitives.padding.PaddingContext`
-            provider
+            instance.
 
     .. method:: unpadder()
 
         :returns: An unpadding
             :class:`~cryptography.hazmat.primitives.padding.PaddingContext`
-            provider.
+            instance.
 
 
 .. class:: PaddingContext
diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst
index 7b00d110..67ca334b 100644
--- a/docs/hazmat/primitives/symmetric-encryption.rst
+++ b/docs/hazmat/primitives/symmetric-encryption.rst
@@ -43,14 +43,14 @@ in an "encrypt-then-MAC" formulation as `described by Colin Percival`_.
 
     :param algorithms: A
         :class:`~cryptography.hazmat.primitives.ciphers.CipherAlgorithm`
-        provider such as those described
+        instance such as those described
         :ref:`below <symmetric-encryption-algorithms>`.
     :param mode: A :class:`~cryptography.hazmat.primitives.ciphers.modes.Mode`
-        provider such as those described
+        instance such as those described
         :ref:`below <symmetric-encryption-modes>`.
     :param backend: A
         :class:`~cryptography.hazmat.backends.interfaces.CipherBackend`
-        provider.
+        instance.
 
     :raises cryptography.exceptions.UnsupportedAlgorithm: This is raised if the
         provided ``backend`` does not implement
@@ -60,7 +60,7 @@ in an "encrypt-then-MAC" formulation as `described by Colin Percival`_.
 
         :return: An encrypting
             :class:`~cryptography.hazmat.primitives.ciphers.CipherContext`
-            provider.
+            instance.
 
         If the backend doesn't support the requested combination of ``cipher``
         and ``mode`` an :class:`~cryptography.exceptions.UnsupportedAlgorithm`
@@ -70,7 +70,7 @@ in an "encrypt-then-MAC" formulation as `described by Colin Percival`_.
 
         :return: A decrypting
             :class:`~cryptography.hazmat.primitives.ciphers.CipherContext`
-            provider.
+            instance.
 
         If the backend doesn't support the requested combination of ``cipher``
         and ``mode`` an :class:`~cryptography.exceptions.UnsupportedAlgorithm`
@@ -473,7 +473,7 @@ Interfaces
     :class:`~cryptography.hazmat.primitives.ciphers.modes.GCM`) the result will
     conform to the ``AEADCipherContext`` and ``CipherContext`` interfaces. If
     it is an encryption context it will additionally be an
-    ``AEADEncryptionContext`` provider. ``AEADCipherContext`` contains an
+    ``AEADEncryptionContext`` instance. ``AEADCipherContext`` contains an
     additional method :meth:`authenticate_additional_data` for adding
     additional authenticated but unencrypted data (see note below). You should
     call this before calls to ``update``. When you are done call ``finalize``
diff --git a/docs/hazmat/primitives/twofactor.rst b/docs/hazmat/primitives/twofactor.rst
index abee80de..34ca16b7 100644
--- a/docs/hazmat/primitives/twofactor.rst
+++ b/docs/hazmat/primitives/twofactor.rst
@@ -46,10 +46,10 @@ codes (HMAC).
     :param int length: Length of generated one time password as ``int``.
     :param cryptography.hazmat.primitives.hashes.HashAlgorithm algorithm: A
         :class:`~cryptography.hazmat.primitives.hashes`
-        provider.
+        instance.
     :param backend: A
         :class:`~cryptography.hazmat.backends.interfaces.HMACBackend`
-        provider.
+        instance.
     :param enforce_key_length: A boolean flag defaulting to True that toggles
         whether a minimum key length of 128 bits is enforced. This exists to
         work around the fact that as documented in `Issue #2915`_, the
@@ -168,11 +168,11 @@ similar to the following code.
     :param int length: Length of generated one time password as ``int``.
     :param cryptography.hazmat.primitives.hashes.HashAlgorithm algorithm: A
         :class:`~cryptography.hazmat.primitives.hashes`
-        provider.
+        instance.
     :param int time_step: The time step size. The recommended size is 30.
     :param backend: A
         :class:`~cryptography.hazmat.backends.interfaces.HMACBackend`
-        provider.
+        instance.
     :param enforce_key_length: A boolean flag defaulting to True that toggles
         whether a minimum key length of 128 bits is enforced. This exists to
         work around the fact that as documented in `Issue #2915`_, the