diff options
-rw-r--r-- | CHANGELOG.rst | 4 | ||||
-rw-r--r-- | src/cryptography/hazmat/primitives/hashes.py | 30 | ||||
-rw-r--r-- | src/cryptography/hazmat/primitives/interfaces.py | 17 | ||||
-rw-r--r-- | src/cryptography/x509/__init__.py | 11 | ||||
-rw-r--r-- | src/cryptography/x509/extensions.py | 4 | ||||
-rw-r--r-- | tests/hazmat/backends/test_openssl.py | 36 | ||||
-rw-r--r-- | tests/hazmat/primitives/test_hash_vectors.py | 46 | ||||
-rw-r--r-- | tests/hazmat/primitives/test_hashes.py | 26 | ||||
-rw-r--r-- | tests/hazmat/primitives/test_hmac_vectors.py | 16 | ||||
-rw-r--r-- | tests/hazmat/primitives/test_mac.py | 15 | ||||
-rw-r--r-- | tests/hazmat/primitives/utils.py | 12 |
11 files changed, 9 insertions, 208 deletions
diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 9ce4b96a..886d5307 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -6,6 +6,10 @@ Changelog .. note:: This version is not yet released and is under active development. +* **BACKWARDS INCOMPATIBLE:** ``Whirlpool``, ``RIPEMD160``, and + ``UnsupportedExtension`` have been removed in accordance with our + :doc:`/api-stability` policy. + 2.0 - 2017-07-17 ~~~~~~~~~~~~~~~~ diff --git a/src/cryptography/hazmat/primitives/hashes.py b/src/cryptography/hazmat/primitives/hashes.py index e1172d9d..1764e9ce 100644 --- a/src/cryptography/hazmat/primitives/hashes.py +++ b/src/cryptography/hazmat/primitives/hashes.py @@ -143,36 +143,6 @@ class SHA512(object): @utils.register_interface(HashAlgorithm) -class RIPEMD160(object): - name = "ripemd160" - digest_size = 20 - block_size = 64 - - -RIPEMD160 = utils.deprecated( - RIPEMD160, - __name__, - "The RIPEMD160 hash was deprecated in version 1.9.", - utils.DeprecatedIn19 -) - - -@utils.register_interface(HashAlgorithm) -class Whirlpool(object): - name = "whirlpool" - digest_size = 64 - block_size = 64 - - -Whirlpool = utils.deprecated( - Whirlpool, - __name__, - "The Whirlpool hash was deprecated in version 1.9.", - utils.DeprecatedIn19 -) - - -@utils.register_interface(HashAlgorithm) class MD5(object): name = "md5" digest_size = 16 diff --git a/src/cryptography/hazmat/primitives/interfaces.py b/src/cryptography/hazmat/primitives/interfaces.py deleted file mode 100644 index c9fdb3bf..00000000 --- a/src/cryptography/hazmat/primitives/interfaces.py +++ /dev/null @@ -1,17 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -from cryptography import utils -from cryptography.hazmat.primitives.mac import MACContext as _MACContext - - -MACContext = utils.deprecated( - _MACContext, - __name__, - "MACContext was moved to cryptography.hazmat.primitives.mac.MACContext " - "in version 1.9.", - utils.DeprecatedIn19 -) diff --git a/src/cryptography/x509/__init__.py b/src/cryptography/x509/__init__.py index b1a32ef6..3b747302 100644 --- a/src/cryptography/x509/__init__.py +++ b/src/cryptography/x509/__init__.py @@ -4,7 +4,6 @@ from __future__ import absolute_import, division, print_function -from cryptography import utils from cryptography.x509 import certificate_transparency from cryptography.x509.base import ( Certificate, CertificateBuilder, CertificateRevocationList, @@ -25,7 +24,7 @@ from cryptography.x509.extensions import ( NameConstraints, NoticeReference, OCSPNoCheck, PolicyConstraints, PolicyInformation, PrecertificateSignedCertificateTimestamps, ReasonFlags, SubjectAlternativeName, SubjectKeyIdentifier, UnrecognizedExtension, - UnsupportedExtension, UserNotice + UserNotice ) from cryptography.x509.general_name import ( DNSName, DirectoryName, GeneralName, IPAddress, OtherName, RFC822Name, @@ -110,13 +109,6 @@ OID_INVALIDITY_DATE = CRLEntryExtensionOID.INVALIDITY_DATE OID_CA_ISSUERS = AuthorityInformationAccessOID.CA_ISSUERS OID_OCSP = AuthorityInformationAccessOID.OCSP -UnsupportedExtension = utils.deprecated( - UnsupportedExtension, - __name__, - "UnsupportedExtension is no longer necessary, it is never raised", - utils.DeprecatedIn19 -) - __all__ = [ "certificate_transparency", "load_pem_x509_certificate", @@ -128,7 +120,6 @@ __all__ = [ "random_serial_number", "InvalidVersion", "DuplicateExtension", - "UnsupportedExtension", "ExtensionNotFound", "UnsupportedGeneralNameType", "NameAttribute", diff --git a/src/cryptography/x509/extensions.py b/src/cryptography/x509/extensions.py index 1b64f4a5..d90465b2 100644 --- a/src/cryptography/x509/extensions.py +++ b/src/cryptography/x509/extensions.py @@ -54,10 +54,6 @@ class DuplicateExtension(Exception): self.oid = oid -class UnsupportedExtension(Exception): - pass - - class ExtensionNotFound(Exception): def __init__(self, msg, oid): super(ExtensionNotFound, self).__init__(msg) diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index d8e7fe47..3a73a370 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -365,24 +365,6 @@ class TestOpenSSLRSA(object): ), ) is True - def test_rsa_padding_unsupported_oaep_ripemd160_sha1(self): - assert backend.rsa_padding_supported( - padding.OAEP( - mgf=padding.MGF1(algorithm=hashes.RIPEMD160()), - algorithm=hashes.SHA1(), - label=None - ), - ) is False - - def test_rsa_padding_unsupported_oaep_sha1_ripemd160(self): - assert backend.rsa_padding_supported( - padding.OAEP( - mgf=padding.MGF1(algorithm=hashes.SHA1()), - algorithm=hashes.RIPEMD160(), - label=None - ), - ) is False - def test_rsa_padding_unsupported_mgf(self): assert backend.rsa_padding_supported( padding.OAEP( @@ -428,26 +410,14 @@ class TestOpenSSLRSA(object): ) ) - def test_unsupported_mgf1_hash_algorithm_ripemd160_decrypt(self): - private_key = RSA_KEY_512.private_key(backend) - with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_PADDING): - private_key.decrypt( - b"0" * 64, - padding.OAEP( - mgf=padding.MGF1(algorithm=hashes.RIPEMD160()), - algorithm=hashes.RIPEMD160(), - label=None - ) - ) - - def test_unsupported_mgf1_hash_algorithm_whirlpool_decrypt(self): + def test_unsupported_mgf1_hash_algorithm_md5_decrypt(self): private_key = RSA_KEY_512.private_key(backend) with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_PADDING): private_key.decrypt( b"0" * 64, padding.OAEP( - mgf=padding.MGF1(algorithm=hashes.Whirlpool()), - algorithm=hashes.Whirlpool(), + mgf=padding.MGF1(algorithm=hashes.MD5()), + algorithm=hashes.MD5(), label=None ) ) diff --git a/tests/hazmat/primitives/test_hash_vectors.py b/tests/hazmat/primitives/test_hash_vectors.py index 8757df24..2db9e906 100644 --- a/tests/hazmat/primitives/test_hash_vectors.py +++ b/tests/hazmat/primitives/test_hash_vectors.py @@ -11,7 +11,7 @@ import pytest from cryptography.hazmat.backends.interfaces import HashBackend from cryptography.hazmat.primitives import hashes -from .utils import generate_hash_test, generate_long_string_hash_test +from .utils import generate_hash_test from ...utils import load_hash_vectors @@ -101,50 +101,6 @@ class TestSHA512(object): @pytest.mark.supported( - only_if=lambda backend: backend.hash_supported(hashes.RIPEMD160()), - skip_message="Does not support RIPEMD160", -) -@pytest.mark.requires_backend_interface(interface=HashBackend) -class TestRIPEMD160(object): - test_RIPEMD160 = generate_hash_test( - load_hash_vectors, - os.path.join("hashes", "ripemd160"), - [ - "ripevectors.txt", - ], - hashes.RIPEMD160(), - ) - - test_RIPEMD160_long_string = generate_long_string_hash_test( - hashes.RIPEMD160(), - "52783243c1697bdbe16d37f97f68f08325dc1528", - ) - - -@pytest.mark.supported( - only_if=lambda backend: backend.hash_supported(hashes.Whirlpool()), - skip_message="Does not support Whirlpool", -) -@pytest.mark.requires_backend_interface(interface=HashBackend) -class TestWhirlpool(object): - test_whirlpool = generate_hash_test( - load_hash_vectors, - os.path.join("hashes", "whirlpool"), - [ - "iso-test-vectors.txt", - ], - hashes.Whirlpool(), - ) - - test_whirlpool_long_string = generate_long_string_hash_test( - hashes.Whirlpool(), - ("0c99005beb57eff50a7cf005560ddf5d29057fd86b2" - "0bfd62deca0f1ccea4af51fc15490eddc47af32bb2b" - "66c34ff9ad8c6008ad677f77126953b226e4ed8b01"), - ) - - -@pytest.mark.supported( only_if=lambda backend: backend.hash_supported(hashes.MD5()), skip_message="Does not support MD5", ) diff --git a/tests/hazmat/primitives/test_hashes.py b/tests/hazmat/primitives/test_hashes.py index 0e817666..60950aed 100644 --- a/tests/hazmat/primitives/test_hashes.py +++ b/tests/hazmat/primitives/test_hashes.py @@ -110,32 +110,6 @@ class TestSHA512(object): @pytest.mark.supported( - only_if=lambda backend: backend.hash_supported(hashes.RIPEMD160()), - skip_message="Does not support RIPEMD160", -) -@pytest.mark.requires_backend_interface(interface=HashBackend) -class TestRIPEMD160(object): - test_RIPEMD160 = generate_base_hash_test( - hashes.RIPEMD160(), - digest_size=20, - block_size=64, - ) - - -@pytest.mark.supported( - only_if=lambda backend: backend.hash_supported(hashes.Whirlpool()), - skip_message="Does not support Whirlpool", -) -@pytest.mark.requires_backend_interface(interface=HashBackend) -class TestWhirlpool(object): - test_Whirlpool = generate_base_hash_test( - hashes.Whirlpool(), - digest_size=64, - block_size=64, - ) - - -@pytest.mark.supported( only_if=lambda backend: backend.hash_supported(hashes.MD5()), skip_message="Does not support MD5", ) diff --git a/tests/hazmat/primitives/test_hmac_vectors.py b/tests/hazmat/primitives/test_hmac_vectors.py index 8704e724..70c929ad 100644 --- a/tests/hazmat/primitives/test_hmac_vectors.py +++ b/tests/hazmat/primitives/test_hmac_vectors.py @@ -107,19 +107,3 @@ class TestHMACSHA512(object): ], hashes.SHA512(), ) - - -@pytest.mark.supported( - only_if=lambda backend: backend.hmac_supported(hashes.RIPEMD160()), - skip_message="Does not support RIPEMD160", -) -@pytest.mark.requires_backend_interface(interface=HMACBackend) -class TestHMACRIPEMD160(object): - test_hmac_ripemd160 = generate_hmac_test( - load_hash_vectors, - "HMAC", - [ - "rfc-2286-ripemd160.txt", - ], - hashes.RIPEMD160(), - ) diff --git a/tests/hazmat/primitives/test_mac.py b/tests/hazmat/primitives/test_mac.py deleted file mode 100644 index 7263212a..00000000 --- a/tests/hazmat/primitives/test_mac.py +++ /dev/null @@ -1,15 +0,0 @@ -# This file is dual licensed under the terms of the Apache License, Version -# 2.0, and the BSD License. See the LICENSE file in the root of this repository -# for complete details. - -from __future__ import absolute_import, division, print_function - -import pytest - -from cryptography import utils - - -def test_deprecated_maccontext(): - with pytest.warns(utils.DeprecatedIn19): - from cryptography.hazmat.primitives.interfaces import MACContext - assert MACContext diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py index b8200123..16a26819 100644 --- a/tests/hazmat/primitives/utils.py +++ b/tests/hazmat/primitives/utils.py @@ -189,18 +189,6 @@ def base_hash_test(backend, algorithm, digest_size, block_size): assert copy.finalize() == m.finalize() -def generate_long_string_hash_test(hash_factory, md): - def test_long_string_hash(self, backend): - long_string_hash_test(backend, hash_factory, md) - return test_long_string_hash - - -def long_string_hash_test(backend, algorithm, md): - m = hashes.Hash(algorithm, backend=backend) - m.update(b"a" * 1000000) - assert m.finalize() == binascii.unhexlify(md.lower().encode("ascii")) - - def generate_base_hmac_test(hash_cls): def test_base_hmac(self, backend): base_hmac_test(backend, hash_cls) |