DH serialization (#3297)

* DH keys support serialization * Add DH serialization documentation * Add tests for DH keys serialization in DER encoding * update version to 1.8 * Allow only SubjectPublicKeyInfo serialization * Remove support in TraditionalOpenSSL format * Fix pep8 * Refactor dh serialization tests
author: Aviv Palivoda <palaviv@gmail.com> 2017-02-07 15:24:56 +0200
committer: Paul Kehrer <paul.l.kehrer@gmail.com> 2017-02-07 21:24:56 +0800
commit: 6723a12712836cae4908f2918e88a3db9b12fe1c (patch)
tree: 0b8326a903d00138b48c0685dfbd9a47e17f2fe4 /docs
parent: 523b132b27905e79f393d9999ff232ab61500a9d (diff)
download: cryptography-6723a12712836cae4908f2918e88a3db9b12fe1c.tar.gz
cryptography-6723a12712836cae4908f2918e88a3db9b12fe1c.tar.bz2
cryptography-6723a12712836cae4908f2918e88a3db9b12fe1c.zip
2 files changed, 60 insertions, 0 deletions
diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst
index fb72240d..97479983 100644
--- a/docs/development/test-vectors.rst
+++ b/docs/development/test-vectors.rst
@@ -98,6 +98,19 @@ Key exchange
   Diffie-Hellman vector pairs that were generated using OpenSSL
   DH_generate_parameters_ex and DH_generate_key.
 
+* ``vectors/cryptography_vectors/asymmetric/DH/dhp.pem``,
+  ``vectors/cryptography_vectors/asymmetric/DH/dhkey.pem`` and
+  ``vectors/cryptography_vectors/asymmetric/DH/dhpub.pem`` contains
+  Diffie-Hellman parameters and key respectively. The keys were
+  generated using OpenSSL following `DHKE`_ guide.
+  ``vectors/cryptography_vectors/asymmetric/DH/dhkey.txt`` contains
+  all parameter in text.
+  ``vectors/cryptography_vectors/asymmetric/DH/dhp.der``,
+  ``vectors/cryptography_vectors/asymmetric/DH/dhkey.der`` and
+  ``vectors/cryptography_vectors/asymmetric/DH/dhpub.der`` contains
+  are the above parameters and keys in DER format.
+
+
 X.509
 ~~~~~
 
@@ -471,3 +484,4 @@ header format (substituting the correct information):
 .. _`test/evptests.txt`: https://github.com/openssl/openssl/blob/2d0b44126763f989a4cbffbffe9d0c7518158bb7/test/evptests.txt
 .. _`unknown signature OID`: https://bugzilla.mozilla.org/show_bug.cgi?id=405966
 .. _`botan`: https://github.com/randombit/botan/blob/57789bdfc55061002b2727d0b32587612829a37c/src/tests/data/pubkey/dh.vec
+.. _`DHKE`: https://sandilands.info/sgordon/diffie-hellman-secret-key-exchange-with-openssl
diff --git a/docs/hazmat/primitives/asymmetric/dh.rst b/docs/hazmat/primitives/asymmetric/dh.rst
index 463df90a..4cb5ccd4 100644
--- a/docs/hazmat/primitives/asymmetric/dh.rst
+++ b/docs/hazmat/primitives/asymmetric/dh.rst
@@ -145,6 +145,33 @@ Key interfaces
 
         :return bytes: The agreed key. The bytes are ordered in 'big' endian.
 
+    .. method:: private_bytes(encoding, format, encryption_algorithm)
+
+        .. versionadded:: 1.8
+
+        Allows serialization of the key to bytes. Encoding (
+        :attr:`~cryptography.hazmat.primitives.serialization.Encoding.PEM` or
+        :attr:`~cryptography.hazmat.primitives.serialization.Encoding.DER`),
+        format (
+        :attr:`~cryptography.hazmat.primitives.serialization.PrivateFormat.PKCS8`)
+        and encryption algorithm (such as
+        :class:`~cryptography.hazmat.primitives.serialization.BestAvailableEncryption`
+        or :class:`~cryptography.hazmat.primitives.serialization.NoEncryption`)
+        are chosen to define the exact serialization.
+
+        :param encoding: A value from the
+            :class:`~cryptography.hazmat.primitives.serialization.Encoding` enum.
+
+        :param format: A value from the
+            :class:`~cryptography.hazmat.primitives.serialization.PrivateFormat`
+            enum.
+
+        :param encryption_algorithm: An instance of an object conforming to the
+            :class:`~cryptography.hazmat.primitives.serialization.KeySerializationEncryption`
+            interface.
+
+        :return bytes: Serialized key.
+
 
 .. class:: DHPublicKey
 
@@ -173,6 +200,25 @@ Key interfaces
 
         :return: A :class:`~cryptography.hazmat.primitives.asymmetric.dh.DHPublicNumbers`.
 
+    .. method:: public_bytes(encoding, format)
+
+        .. versionadded:: 1.8
+
+        Allows serialization of the key to bytes. Encoding (
+        :attr:`~cryptography.hazmat.primitives.serialization.Encoding.PEM` or
+        :attr:`~cryptography.hazmat.primitives.serialization.Encoding.DER`) and
+        format (
+        :attr:`~cryptography.hazmat.primitives.serialization.PublicFormat.SubjectPublicKeyInfo`)
+        are chosen to define the exact serialization.
+
+        :param encoding: A value from the
+            :class:`~cryptography.hazmat.primitives.serialization.Encoding` enum.
+
+        :param format: A value from the
+            :class:`~cryptography.hazmat.primitives.serialization.PublicFormat` enum.
+
+        :return bytes: Serialized key.
+
 
 Numbers
 ~~~~~~~
author	Aviv Palivoda <palaviv@gmail.com>	2017-02-07 15:24:56 +0200
committer	Paul Kehrer <paul.l.kehrer@gmail.com>	2017-02-07 21:24:56 +0800
commit	6723a12712836cae4908f2918e88a3db9b12fe1c (patch)
tree	0b8326a903d00138b48c0685dfbd9a47e17f2fe4 /docs
parent	523b132b27905e79f393d9999ff232ab61500a9d (diff)
download	cryptography-6723a12712836cae4908f2918e88a3db9b12fe1c.tar.gz cryptography-6723a12712836cae4908f2918e88a3db9b12fe1c.tar.bz2 cryptography-6723a12712836cae4908f2918e88a3db9b12fe1c.zip