support byteslike in aead for key and nonce (#4695)

author: Paul Kehrer <paul.l.kehrer@gmail.com> 2019-01-15 22:52:30 -0600
committer: Alex Gaynor <alex.gaynor@gmail.com> 2019-01-15 23:52:30 -0500
commit: 82177c2c5ba1f16af2157275108cf7c39d31854a (patch)
tree: 009a3a609fd7ee0ffae12bece3cd9f24643253ab /docs/hazmat
parent: 9c2f3d6a05b117247b37323e1f8ed1cf6fa263d1 (diff)
download: cryptography-82177c2c5ba1f16af2157275108cf7c39d31854a.tar.gz
cryptography-82177c2c5ba1f16af2157275108cf7c39d31854a.tar.bz2
cryptography-82177c2c5ba1f16af2157275108cf7c39d31854a.zip
1 files changed, 18 insertions, 10 deletions
diff --git a/docs/hazmat/primitives/aead.rst b/docs/hazmat/primitives/aead.rst
index 06fecc5a..d318367b 100644
--- a/docs/hazmat/primitives/aead.rst
+++ b/docs/hazmat/primitives/aead.rst
@@ -18,7 +18,8 @@ also support providing integrity for associated data which is not encrypted.
     It is a stream cipher combined with a MAC that offers strong integrity
     guarantees.
 
-    :param bytes key: A 32-byte key. This **must** be kept secret.
+    :param key: A 32-byte key. This **must** be kept secret.
+    :type key: :term:`bytes-like`
 
     :raises cryptography.exceptions.UnsupportedAlgorithm: If the version of
         OpenSSL does not support ChaCha20Poly1305.
@@ -53,8 +54,8 @@ also support providing integrity for associated data which is not encrypted.
         ``associated_data``.  The output of this can be passed directly
         to the ``decrypt`` method.
 
-        :param bytes nonce: A 12 byte value. **NEVER REUSE A NONCE** with a
-            key.
+        :param nonce: A 12 byte value. **NEVER REUSE A NONCE** with a key.
+        :type nonce: :term:`bytes-like`
         :param bytes data: The data to encrypt.
         :param bytes associated_data: Additional data that should be
             authenticated with the key, but does not need to be encrypted. Can
@@ -69,8 +70,9 @@ also support providing integrity for associated data which is not encrypted.
         called encrypt with ``associated_data`` you must pass the same
         ``associated_data`` in decrypt or the integrity check will fail.
 
-        :param bytes nonce: A 12 byte value. **NEVER REUSE A NONCE** with a
+        :param nonce: A 12 byte value. **NEVER REUSE A NONCE** with a
             key.
+        :type nonce: :term:`bytes-like`
         :param bytes data: The data to decrypt (with tag appended).
         :param bytes associated_data: Additional data to authenticate. Can be
             ``None`` if none was passed during encryption.
@@ -88,7 +90,8 @@ also support providing integrity for associated data which is not encrypted.
     :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES` block
     cipher utilizing Galois Counter Mode (GCM).
 
-    :param bytes key: A 128, 192, or 256-bit key. This **must** be kept secret.
+    :param key: A 128, 192, or 256-bit key. This **must** be kept secret.
+    :type key: :term:`bytes-like`
 
     .. doctest::
 
@@ -123,9 +126,10 @@ also support providing integrity for associated data which is not encrypted.
         authenticating the ``associated_data``.  The output of this can be
         passed directly to the ``decrypt`` method.
 
-        :param bytes nonce: NIST `recommends a 96-bit IV length`_ for best
+        :param nonce: NIST `recommends a 96-bit IV length`_ for best
             performance but it can be up to 2\ :sup:`64` - 1 :term:`bits`.
             **NEVER REUSE A NONCE** with a key.
+        :type nonce: :term:`bytes-like`
         :param bytes data: The data to encrypt.
         :param bytes associated_data: Additional data that should be
             authenticated with the key, but is not encrypted. Can be ``None``.
@@ -139,9 +143,10 @@ also support providing integrity for associated data which is not encrypted.
         called encrypt with ``associated_data`` you must pass the same
         ``associated_data`` in decrypt or the integrity check will fail.
 
-        :param bytes nonce: NIST `recommends a 96-bit IV length`_ for best
+        :param nonce: NIST `recommends a 96-bit IV length`_ for best
             performance but it can be up to 2\ :sup:`64` - 1 :term:`bits`.
             **NEVER REUSE A NONCE** with a key.
+        :type nonce: :term:`bytes-like`
         :param bytes data: The data to decrypt (with tag appended).
         :param bytes associated_data: Additional data to authenticate. Can be
             ``None`` if none was passed during encryption.
@@ -165,7 +170,8 @@ also support providing integrity for associated data which is not encrypted.
     :class:`~cryptography.hazmat.primitives.ciphers.algorithms.AES` block
     cipher utilizing Counter with CBC-MAC (CCM) (specified in :rfc:`3610`).
 
-    :param bytes key: A 128, 192, or 256-bit key. This **must** be kept secret.
+    :param key: A 128, 192, or 256-bit key. This **must** be kept secret.
+    :type key: :term:`bytes-like`
     :param int tag_length: The length of the authentication tag. This
         defaults to 16 bytes and it is **strongly** recommended that you
         do not make it shorter unless absolutely necessary. Valid tag
@@ -207,11 +213,12 @@ also support providing integrity for associated data which is not encrypted.
         authenticating the ``associated_data``.  The output of this can be
         passed directly to the ``decrypt`` method.
 
-        :param bytes nonce: A value of between 7 and 13 bytes. The maximum
+        :param nonce: A value of between 7 and 13 bytes. The maximum
             length is determined by the length of the ciphertext you are
             encrypting and must satisfy the condition:
             ``len(data) < 2 ** (8 * (15 - len(nonce)))``
             **NEVER REUSE A NONCE** with a key.
+        :type nonce: :term:`bytes-like`
         :param bytes data: The data to encrypt.
         :param bytes associated_data: Additional data that should be
             authenticated with the key, but is not encrypted. Can be ``None``.
@@ -225,9 +232,10 @@ also support providing integrity for associated data which is not encrypted.
         called encrypt with ``associated_data`` you must pass the same
         ``associated_data`` in decrypt or the integrity check will fail.
 
-        :param bytes nonce: A value of between 7 and 13 bytes. This
+        :param nonce: A value of between 7 and 13 bytes. This
             is the same value used when you originally called encrypt.
             **NEVER REUSE A NONCE** with a key.
+        :type nonce: :term:`bytes-like`
         :param bytes data: The data to decrypt (with tag appended).
         :param bytes associated_data: Additional data to authenticate. Can be
             ``None`` if none was passed during encryption.
author	Paul Kehrer <paul.l.kehrer@gmail.com>	2019-01-15 22:52:30 -0600
committer	Alex Gaynor <alex.gaynor@gmail.com>	2019-01-15 23:52:30 -0500
commit	82177c2c5ba1f16af2157275108cf7c39d31854a (patch)
tree	009a3a609fd7ee0ffae12bece3cd9f24643253ab /docs/hazmat
parent	9c2f3d6a05b117247b37323e1f8ed1cf6fa263d1 (diff)
download	cryptography-82177c2c5ba1f16af2157275108cf7c39d31854a.tar.gz cryptography-82177c2c5ba1f16af2157275108cf7c39d31854a.tar.bz2 cryptography-82177c2c5ba1f16af2157275108cf7c39d31854a.zip