Merge branch 'master' into add-crt-coefficients

* master:
  Also clean up this syntax
  Fixed a missing word in the RSA docs
  Fix comments in padding.py to be accurate
  add versionadded to cast5
  A few style nits in the docs
  add CAST5 support to changelog
  Changed .... lines to ~~~~ and s/Gnu\/Linux/Linux/
  Pypy is not a real word either apparently.
  Added Pypy note and fixed libffi's "spelling"
  Added Debian mention, extra missing packages
  Added a docs section on Linux installation
  remove some extra linebreaks
  add cast5 docs
  Syntax highlight the go code. Be mad Rob Pike.
  add cbc, cfb, ofb support to CAST5 (aka CAST128) for openssl & cc
  re-add CAST5 ECB support (OpenSSL & CC backends). fixes #417
  Switch this to a warning block
  Be clear about HKDF's applicability for password storage

Conflicts:
	docs/hazmat/primitives/rsa.rst

2 files changed, 106 insertions, 1 deletions

diff --git a/tests/hazmat/primitives/test_cast5.py b/tests/hazmat/primitives/test_cast5.py
new file mode 100644
index 00000000..682b4496
--- /dev/null
+++ b/tests/hazmat/primitives/test_cast5.py
@@ -0,0 +1,92 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+from __future__ import absolute_import, division, print_function
+
+import binascii
+import os
+
+import pytest
+
+from cryptography.hazmat.primitives.ciphers import algorithms, modes
+
+from .utils import generate_encrypt_test
+from ...utils import load_nist_vectors
+
+
+@pytest.mark.supported(
+    only_if=lambda backend: backend.cipher_supported(
+        algorithms.CAST5("\x00" * 16), modes.ECB()
+    ),
+    skip_message="Does not support CAST5 ECB",
+)
+@pytest.mark.cipher
+class TestCAST5_ECB(object):
+    test_ECB = generate_encrypt_test(
+        load_nist_vectors,
+        os.path.join("ciphers", "CAST5"),
+        ["cast5-ecb.txt"],
+        lambda key, **kwargs: algorithms.CAST5(binascii.unhexlify((key))),
+        lambda **kwargs: modes.ECB(),
+    )
+
+
+@pytest.mark.supported(
+    only_if=lambda backend: backend.cipher_supported(
+        algorithms.CAST5("\x00" * 16), modes.CBC("\x00" * 8)
+    ),
+    skip_message="Does not support CAST5 CBC",
+)
+@pytest.mark.cipher
+class TestCAST5_CBC(object):
+    test_CBC = generate_encrypt_test(
+        load_nist_vectors,
+        os.path.join("ciphers", "CAST5"),
+        ["cast5-cbc.txt"],
+        lambda key, **kwargs: algorithms.CAST5(binascii.unhexlify((key))),
+        lambda iv, **kwargs: modes.CBC(binascii.unhexlify(iv))
+    )
+
+
+@pytest.mark.supported(
+    only_if=lambda backend: backend.cipher_supported(
+        algorithms.CAST5("\x00" * 16), modes.OFB("\x00" * 8)
+    ),
+    skip_message="Does not support CAST5 OFB",
+)
+@pytest.mark.cipher
+class TestCAST5_OFB(object):
+    test_OFB = generate_encrypt_test(
+        load_nist_vectors,
+        os.path.join("ciphers", "CAST5"),
+        ["cast5-ofb.txt"],
+        lambda key, **kwargs: algorithms.CAST5(binascii.unhexlify((key))),
+        lambda iv, **kwargs: modes.OFB(binascii.unhexlify(iv))
+    )
+
+
+@pytest.mark.supported(
+    only_if=lambda backend: backend.cipher_supported(
+        algorithms.CAST5("\x00" * 16), modes.CFB("\x00" * 8)
+    ),
+    skip_message="Does not support CAST5 CFB",
+)
+@pytest.mark.cipher
+class TestCAST5_CFB(object):
+    test_CFB = generate_encrypt_test(
+        load_nist_vectors,
+        os.path.join("ciphers", "CAST5"),
+        ["cast5-cfb.txt"],
+        lambda key, **kwargs: algorithms.CAST5(binascii.unhexlify((key))),
+        lambda iv, **kwargs: modes.CFB(binascii.unhexlify(iv))
+    )
diff --git a/tests/hazmat/primitives/test_ciphers.py b/tests/hazmat/primitives/test_ciphers.py
index 6a7b2f93..50cadf64 100644
--- a/tests/hazmat/primitives/test_ciphers.py
+++ b/tests/hazmat/primitives/test_ciphers.py
@@ -18,7 +18,7 @@ import binascii
 import pytest
 
 from cryptography.hazmat.primitives.ciphers.algorithms import (
-    AES, Camellia, TripleDES, Blowfish, ARC4
+    AES, Camellia, TripleDES, Blowfish, ARC4, CAST5
 )
 
 
@@ -80,6 +80,19 @@ class TestBlowfish(object):
             Blowfish(binascii.unhexlify(b"0" * 6))
 
 
+class TestCAST5(object):
+    @pytest.mark.parametrize(("key", "keysize"), [
+        (b"0" * (keysize // 4), keysize) for keysize in range(40, 129, 8)
+    ])
+    def test_key_size(self, key, keysize):
+        cipher = CAST5(binascii.unhexlify(key))
+        assert cipher.key_size == keysize
+
+    def test_invalid_key_size(self):
+        with pytest.raises(ValueError):
+            CAST5(binascii.unhexlify(b"0" * 34))
+
+
 class TestARC4(object):
     @pytest.mark.parametrize(("key", "keysize"), [
         (b"0" * 10, 40),