diff options
| -rw-r--r-- | cryptography/hazmat/backends/interfaces.py | 21 | ||||
| -rw-r--r-- | cryptography/hazmat/bindings/openssl/bignum.py | 2 | ||||
| -rw-r--r-- | cryptography/hazmat/primitives/interfaces.py | 63 | ||||
| -rw-r--r-- | docs/hazmat/primitives/asymmetric/dsa.rst | 16 | ||||
| -rw-r--r-- | docs/installation.rst | 13 |
5 files changed, 73 insertions, 42 deletions
diff --git a/cryptography/hazmat/backends/interfaces.py b/cryptography/hazmat/backends/interfaces.py index 20c21118..e4c1df34 100644 --- a/cryptography/hazmat/backends/interfaces.py +++ b/cryptography/hazmat/backends/interfaces.py @@ -18,7 +18,8 @@ import abc import six -class CipherBackend(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class CipherBackend(object): @abc.abstractmethod def cipher_supported(self, cipher, mode): """ @@ -38,7 +39,8 @@ class CipherBackend(six.with_metaclass(abc.ABCMeta)): """ -class HashBackend(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class HashBackend(object): @abc.abstractmethod def hash_supported(self, algorithm): """ @@ -52,7 +54,8 @@ class HashBackend(six.with_metaclass(abc.ABCMeta)): """ -class HMACBackend(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class HMACBackend(object): @abc.abstractmethod def hmac_supported(self, algorithm): """ @@ -67,7 +70,8 @@ class HMACBackend(six.with_metaclass(abc.ABCMeta)): """ -class PBKDF2HMACBackend(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class PBKDF2HMACBackend(object): @abc.abstractmethod def pbkdf2_hmac_supported(self, algorithm): """ @@ -83,7 +87,8 @@ class PBKDF2HMACBackend(six.with_metaclass(abc.ABCMeta)): """ -class RSABackend(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class RSABackend(object): @abc.abstractmethod def generate_rsa_private_key(self, public_exponent, key_size): """ @@ -113,7 +118,8 @@ class RSABackend(six.with_metaclass(abc.ABCMeta)): """ -class DSABackend(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class DSABackend(object): @abc.abstractmethod def generate_dsa_parameters(self, key_size): """ @@ -128,7 +134,8 @@ class DSABackend(six.with_metaclass(abc.ABCMeta)): """ -class OpenSSLSerializationBackend(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class OpenSSLSerializationBackend(object): @abc.abstractmethod def load_openssl_pem_private_key(self, data, password): """ diff --git a/cryptography/hazmat/bindings/openssl/bignum.py b/cryptography/hazmat/bindings/openssl/bignum.py index d505b177..94c2914e 100644 --- a/cryptography/hazmat/bindings/openssl/bignum.py +++ b/cryptography/hazmat/bindings/openssl/bignum.py @@ -68,6 +68,7 @@ BIGNUM *BN_bin2bn(const unsigned char *, int, BIGNUM *); int BN_num_bits(const BIGNUM *); +int BN_cmp(const BIGNUM *, const BIGNUM *); int BN_add(BIGNUM *, const BIGNUM *, const BIGNUM *); int BN_sub(BIGNUM *, const BIGNUM *, const BIGNUM *); int BN_mul(BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *); @@ -92,7 +93,6 @@ MACROS = """ int BN_zero(BIGNUM *); int BN_one(BIGNUM *); int BN_mod(BIGNUM *, const BIGNUM *, const BIGNUM *, BN_CTX *); -BIGNUM *BN_cmp(const BIGNUM *, const BIGNUM *); """ CUSTOMIZATIONS = """ diff --git a/cryptography/hazmat/primitives/interfaces.py b/cryptography/hazmat/primitives/interfaces.py index eab48b4d..e70338ba 100644 --- a/cryptography/hazmat/primitives/interfaces.py +++ b/cryptography/hazmat/primitives/interfaces.py @@ -18,7 +18,8 @@ import abc import six -class CipherAlgorithm(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class CipherAlgorithm(object): @abc.abstractproperty def name(self): """ @@ -32,7 +33,8 @@ class CipherAlgorithm(six.with_metaclass(abc.ABCMeta)): """ -class BlockCipherAlgorithm(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class BlockCipherAlgorithm(object): @abc.abstractproperty def block_size(self): """ @@ -40,7 +42,8 @@ class BlockCipherAlgorithm(six.with_metaclass(abc.ABCMeta)): """ -class Mode(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class Mode(object): @abc.abstractproperty def name(self): """ @@ -55,7 +58,8 @@ class Mode(six.with_metaclass(abc.ABCMeta)): """ -class ModeWithInitializationVector(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class ModeWithInitializationVector(object): @abc.abstractproperty def initialization_vector(self): """ @@ -63,7 +67,8 @@ class ModeWithInitializationVector(six.with_metaclass(abc.ABCMeta)): """ -class ModeWithNonce(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class ModeWithNonce(object): @abc.abstractproperty def nonce(self): """ @@ -71,7 +76,8 @@ class ModeWithNonce(six.with_metaclass(abc.ABCMeta)): """ -class ModeWithAuthenticationTag(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class ModeWithAuthenticationTag(object): @abc.abstractproperty def tag(self): """ @@ -79,7 +85,8 @@ class ModeWithAuthenticationTag(six.with_metaclass(abc.ABCMeta)): """ -class CipherContext(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class CipherContext(object): @abc.abstractmethod def update(self, data): """ @@ -94,7 +101,8 @@ class CipherContext(six.with_metaclass(abc.ABCMeta)): """ -class AEADCipherContext(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class AEADCipherContext(object): @abc.abstractmethod def authenticate_additional_data(self, data): """ @@ -102,7 +110,8 @@ class AEADCipherContext(six.with_metaclass(abc.ABCMeta)): """ -class AEADEncryptionContext(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class AEADEncryptionContext(object): @abc.abstractproperty def tag(self): """ @@ -111,7 +120,8 @@ class AEADEncryptionContext(six.with_metaclass(abc.ABCMeta)): """ -class PaddingContext(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class PaddingContext(object): @abc.abstractmethod def update(self, data): """ @@ -125,7 +135,8 @@ class PaddingContext(six.with_metaclass(abc.ABCMeta)): """ -class HashAlgorithm(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class HashAlgorithm(object): @abc.abstractproperty def name(self): """ @@ -145,7 +156,8 @@ class HashAlgorithm(six.with_metaclass(abc.ABCMeta)): """ -class HashContext(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class HashContext(object): @abc.abstractproperty def algorithm(self): """ @@ -171,7 +183,8 @@ class HashContext(six.with_metaclass(abc.ABCMeta)): """ -class RSAPrivateKey(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class RSAPrivateKey(object): @abc.abstractproperty def modulus(self): """ @@ -255,7 +268,8 @@ class RSAPrivateKey(six.with_metaclass(abc.ABCMeta)): """ -class RSAPublicKey(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class RSAPublicKey(object): @abc.abstractproperty def modulus(self): """ @@ -287,7 +301,8 @@ class RSAPublicKey(six.with_metaclass(abc.ABCMeta)): """ -class DSAParameters(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class DSAParameters(object): @abc.abstractproperty def modulus(self): """ @@ -333,7 +348,8 @@ class DSAParameters(six.with_metaclass(abc.ABCMeta)): """ -class DSAPrivateKey(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class DSAPrivateKey(object): @abc.abstractproperty def key_size(self): """ @@ -365,7 +381,8 @@ class DSAPrivateKey(six.with_metaclass(abc.ABCMeta)): """ -class DSAPublicKey(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class DSAPublicKey(object): @abc.abstractproperty def key_size(self): """ @@ -385,7 +402,8 @@ class DSAPublicKey(six.with_metaclass(abc.ABCMeta)): """ -class AsymmetricSignatureContext(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class AsymmetricSignatureContext(object): @abc.abstractmethod def update(self, data): """ @@ -399,7 +417,8 @@ class AsymmetricSignatureContext(six.with_metaclass(abc.ABCMeta)): """ -class AsymmetricVerificationContext(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class AsymmetricVerificationContext(object): @abc.abstractmethod def update(self, data): """ @@ -414,7 +433,8 @@ class AsymmetricVerificationContext(six.with_metaclass(abc.ABCMeta)): """ -class AsymmetricPadding(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class AsymmetricPadding(object): @abc.abstractproperty def name(self): """ @@ -422,7 +442,8 @@ class AsymmetricPadding(six.with_metaclass(abc.ABCMeta)): """ -class KeyDerivationFunction(six.with_metaclass(abc.ABCMeta)): +@six.add_metaclass(abc.ABCMeta) +class KeyDerivationFunction(object): @abc.abstractmethod def derive(self, key_material): """ diff --git a/docs/hazmat/primitives/asymmetric/dsa.rst b/docs/hazmat/primitives/asymmetric/dsa.rst index 1a6a6e0e..2819bbdb 100644 --- a/docs/hazmat/primitives/asymmetric/dsa.rst +++ b/docs/hazmat/primitives/asymmetric/dsa.rst @@ -37,13 +37,13 @@ DSA Generate a new ``DSAParameters`` instance using ``backend``. - :param int key_size: The length of the modulus in bits. It should be - either "1024, 2048 or 3072". For keys generated in 2014 this should + :param int key_size: The length of the modulus in bits. It should be + either "1024, 2048 or 3072". For keys generated in 2014 this should be `at least 2048`_ (See page 41). - Note that some applications (such as SSH) have not yet gained support + Note that some applications (such as SSH) have not yet gained support for larger key sizes specified in FIPS 186-3 and are still restricted to only the 1024-bit keys specified in FIPS 186-2. - + :return: A new instance of ``DSAParameters`` :raises cryptography.exceptions.UnsupportedAlgorithm: This is raised if @@ -92,7 +92,7 @@ DSA :raises cryptography.exceptions.UnsupportedAlgorithm: This is raised if the provided ``backend`` does not implement :class:`~cryptography.hazmat.backends.interfaces.DSABackend` - + :raises ValueError: This is raised if the key size is not (1024 or 2048 or 3072) or if the OpenSSL version is older than 1.0.0 and the key size is larger than 1024 because older OpenSSL versions don't support a key size larger than 1024. @@ -115,11 +115,11 @@ DSA :raises TypeError: This is raised when the arguments are not all integers. :raises ValueError: This is raised when the values of ``modulus``, - ``subgroup_order``,``generator``, or ``y`` + ``subgroup_order``, ``generator``, or ``y`` do not match the bounds specified in `FIPS 186-4`_. -.. _`DSA`: https://en.wikipedia.org/wiki/Digital_Signature_Algorithm +.. _`DSA`: https://en.wikipedia.org/wiki/Digital_Signature_Algorithm .. _`public-key`: https://en.wikipedia.org/wiki/Public-key_cryptography -.. _`FIPS 186-4`: http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf +.. _`FIPS 186-4`: http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf .. _`at least 2048`: http://www.ecrypt.eu.org/documents/D.SPA.20.pdf diff --git a/docs/installation.rst b/docs/installation.rst index c6a2a5c0..ac4c13cd 100644 --- a/docs/installation.rst +++ b/docs/installation.rst @@ -94,19 +94,22 @@ Using your own OpenSSL on OS X ------------------------------ To link cryptography against a custom version of OpenSSL you'll need to set -``ARCHFLAGS``, ``LDFLAGS``, and ``CFLAGS``. OpenSSL can be installed via -`Homebrew`_: +``ARCHFLAGS``, ``LDFLAGS``, and ``CFLAGS``. OpenSSL can be installed via `Homebrew`_ or `MacPorts`_: + +`Homebrew`_ .. code-block:: console $ brew install openssl + $ env ARCHFLAGS="-arch x86_64" LDFLAGS="-L/usr/local/opt/openssl/lib" CFLAGS="-I/usr/local/opt/openssl/include" pip install cryptography -Then install cryptography linking against the brewed version: +or `MacPorts`_: .. code-block:: console - $ env ARCHFLAGS="-arch x86_64" LDFLAGS="-L/usr/local/opt/openssl/lib" CFLAGS="-I/usr/local/opt/openssl/include" pip install cryptography - + $ sudo port install openssl + $ env ARCHFLAGS="-arch x86_64" LDFLAGS="-L/opt/local/lib" CFLAGS="-I/opt/local/include" pip install cryptography .. _`Homebrew`: http://brew.sh +.. _`MacPorts`: http://www.macports.org .. _`pre-compiled binaries`: https://www.openssl.org/related/binaries.html |