From 0d6203f25ad15d5e369e23c8a30ba9d2e42eaf1e Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 16 Feb 2015 13:17:14 -0600 Subject: move asymmetric signature/verification interfaces --- CHANGELOG.rst | 6 +++ docs/hazmat/primitives/asymmetric/dsa.rst | 4 +- docs/hazmat/primitives/asymmetric/ec.rst | 4 +- docs/hazmat/primitives/asymmetric/index.rst | 32 ++++++++++++++ docs/hazmat/primitives/asymmetric/rsa.rst | 4 +- docs/hazmat/primitives/interfaces.rst | 28 +----------- src/cryptography/hazmat/backends/openssl/dsa.py | 10 +++-- src/cryptography/hazmat/backends/openssl/ec.py | 10 +++-- src/cryptography/hazmat/backends/openssl/rsa.py | 10 +++-- .../hazmat/primitives/asymmetric/__init__.py | 35 +++++++++++++++ .../hazmat/primitives/interfaces/__init__.py | 50 +++++++++------------- 11 files changed, 119 insertions(+), 74 deletions(-) diff --git a/CHANGELOG.rst b/CHANGELOG.rst index 87e7f39a..6439a4c8 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -34,6 +34,12 @@ Changelog :class:`~cryptography.hazmat.primitives.asymmetric.padding.AsymmetricPadding` was moved from :mod:`~cryptography.hazmat.primitives.interfaces` to :mod:`~cryptography.hazmat.primitives.asymmetric.padding`. +* + :class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricSignatureContext` + and + :class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricVerificationContext` + were moved from :mod:`~cryptography.hazmat.primitives.interfaces` to + :mod:`~cryptography.hazmat.primitives.asymmetric`. * :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParameters`, :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParametersWithNumbers`, :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`, diff --git a/docs/hazmat/primitives/asymmetric/dsa.rst b/docs/hazmat/primitives/asymmetric/dsa.rst index 36bc801f..3a47da45 100644 --- a/docs/hazmat/primitives/asymmetric/dsa.rst +++ b/docs/hazmat/primitives/asymmetric/dsa.rst @@ -275,7 +275,7 @@ Key interfaces provider. :returns: - :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricSignatureContext` + :class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricSignatureContext` .. attribute:: key_size @@ -338,7 +338,7 @@ Key interfaces provider. :returns: - :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricVerificationContext` + :class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricVerificationContext` .. class:: DSAPublicKeyWithNumbers diff --git a/docs/hazmat/primitives/asymmetric/ec.rst b/docs/hazmat/primitives/asymmetric/ec.rst index 5b114710..f55247c3 100644 --- a/docs/hazmat/primitives/asymmetric/ec.rst +++ b/docs/hazmat/primitives/asymmetric/ec.rst @@ -304,7 +304,7 @@ Key Interfaces :class:`EllipticCurveSignatureAlgorithm` provider. :returns: - :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricSignatureContext` + :class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricSignatureContext` .. method:: public_key() @@ -344,7 +344,7 @@ Key Interfaces :class:`EllipticCurveSignatureAlgorithm` provider. :returns: - :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricSignatureContext` + :class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricVerificationContext` .. attribute:: curve diff --git a/docs/hazmat/primitives/asymmetric/index.rst b/docs/hazmat/primitives/asymmetric/index.rst index 43761fde..203f589a 100644 --- a/docs/hazmat/primitives/asymmetric/index.rst +++ b/docs/hazmat/primitives/asymmetric/index.rst @@ -32,4 +32,36 @@ and Elliptic Curve. serialization utils +.. module:: cryptography.hazmat.primitives.asymmetric + +Signature Interfaces +~~~~~~~~~~~~~~~~~~~~ + +.. class:: AsymmetricSignatureContext + + .. versionadded:: 0.2 + + .. method:: update(data) + + :param bytes data: The data you want to sign. + + .. method:: finalize() + + :return bytes signature: The signature. + + +.. class:: AsymmetricVerificationContext + + .. versionadded:: 0.2 + + .. method:: update(data) + + :param bytes data: The data you wish to verify using the signature. + + .. method:: verify() + + :raises cryptography.exceptions.InvalidSignature: If the signature does + not validate. + + .. _`proof of identity`: https://en.wikipedia.org/wiki/Public-key_infrastructure diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst index 19b716e6..fd97d75b 100644 --- a/docs/hazmat/primitives/asymmetric/rsa.rst +++ b/docs/hazmat/primitives/asymmetric/rsa.rst @@ -439,7 +439,7 @@ Key interfaces provider. :returns: - :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricSignatureContext` + :class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricSignatureContext` .. method:: decrypt(ciphertext, padding) @@ -509,7 +509,7 @@ Key interfaces provider. :returns: - :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricVerificationContext` + :class:`~cryptography.hazmat.primitives.asymmetric.AsymmetricVerificationContext` .. method:: encrypt(plaintext, padding) diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index 2d403525..6029d1a9 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -17,32 +17,8 @@ to document argument and return types. Asymmetric interfaces --------------------- -.. class:: AsymmetricSignatureContext - - .. versionadded:: 0.2 - - .. method:: update(data) - - :param bytes data: The data you want to sign. - - .. method:: finalize() - - :return bytes signature: The signature. - - -.. class:: AsymmetricVerificationContext - - .. versionadded:: 0.2 - - .. method:: update(data) - - :param bytes data: The data you wish to verify using the signature. - - .. method:: verify() - - :raises cryptography.exceptions.InvalidSignature: If the signature does - not validate. - +In 0.8 the asymmetric signature and verification interfaces were moved to the +:mod:`cryptography.hazmat.primitives.asymmetric` module. In 0.8 the asymmetric padding interface was moved to the :mod:`cryptography.hazmat.primitives.asymmetric.padding` module. diff --git a/src/cryptography/hazmat/backends/openssl/dsa.py b/src/cryptography/hazmat/backends/openssl/dsa.py index 9488e260..d2972e4a 100644 --- a/src/cryptography/hazmat/backends/openssl/dsa.py +++ b/src/cryptography/hazmat/backends/openssl/dsa.py @@ -7,8 +7,10 @@ from __future__ import absolute_import, division, print_function from cryptography import utils from cryptography.exceptions import InvalidSignature from cryptography.hazmat.backends.openssl.utils import _truncate_digest -from cryptography.hazmat.primitives import hashes, interfaces -from cryptography.hazmat.primitives.asymmetric import dsa +from cryptography.hazmat.primitives import hashes +from cryptography.hazmat.primitives.asymmetric import ( + AsymmetricSignatureContext, AsymmetricVerificationContext, dsa +) from cryptography.hazmat.primitives.interfaces import ( DSAParametersWithNumbers, DSAPrivateKeyWithNumbers, DSAPublicKeyWithNumbers ) @@ -27,7 +29,7 @@ def _truncate_digest_for_dsa(dsa_cdata, digest, backend): return _truncate_digest(digest, order_bits) -@utils.register_interface(interfaces.AsymmetricVerificationContext) +@utils.register_interface(AsymmetricVerificationContext) class _DSAVerificationContext(object): def __init__(self, backend, public_key, signature, algorithm): self._backend = backend @@ -61,7 +63,7 @@ class _DSAVerificationContext(object): raise InvalidSignature -@utils.register_interface(interfaces.AsymmetricSignatureContext) +@utils.register_interface(AsymmetricSignatureContext) class _DSASignatureContext(object): def __init__(self, backend, private_key, algorithm): self._backend = backend diff --git a/src/cryptography/hazmat/backends/openssl/ec.py b/src/cryptography/hazmat/backends/openssl/ec.py index d050c6b2..52c93da9 100644 --- a/src/cryptography/hazmat/backends/openssl/ec.py +++ b/src/cryptography/hazmat/backends/openssl/ec.py @@ -9,8 +9,10 @@ from cryptography.exceptions import ( InvalidSignature, UnsupportedAlgorithm, _Reasons ) from cryptography.hazmat.backends.openssl.utils import _truncate_digest -from cryptography.hazmat.primitives import hashes, interfaces -from cryptography.hazmat.primitives.asymmetric import ec +from cryptography.hazmat.primitives import hashes +from cryptography.hazmat.primitives.asymmetric import ( + AsymmetricSignatureContext, AsymmetricVerificationContext, ec +) def _truncate_digest_for_ecdsa(ec_key_cdata, digest, backend): @@ -80,7 +82,7 @@ def _sn_to_elliptic_curve(backend, sn): ) -@utils.register_interface(interfaces.AsymmetricSignatureContext) +@utils.register_interface(AsymmetricSignatureContext) class _ECDSASignatureContext(object): def __init__(self, backend, private_key, algorithm): self._backend = backend @@ -114,7 +116,7 @@ class _ECDSASignatureContext(object): return self._backend._ffi.buffer(sigbuf)[:siglen_ptr[0]] -@utils.register_interface(interfaces.AsymmetricVerificationContext) +@utils.register_interface(AsymmetricVerificationContext) class _ECDSAVerificationContext(object): def __init__(self, backend, public_key, signature, algorithm): self._backend = backend diff --git a/src/cryptography/hazmat/backends/openssl/rsa.py b/src/cryptography/hazmat/backends/openssl/rsa.py index a4bb283d..00ddcda3 100644 --- a/src/cryptography/hazmat/backends/openssl/rsa.py +++ b/src/cryptography/hazmat/backends/openssl/rsa.py @@ -10,8 +10,10 @@ from cryptography import utils from cryptography.exceptions import ( AlreadyFinalized, InvalidSignature, UnsupportedAlgorithm, _Reasons ) -from cryptography.hazmat.primitives import hashes, interfaces -from cryptography.hazmat.primitives.asymmetric import rsa +from cryptography.hazmat.primitives import hashes +from cryptography.hazmat.primitives.asymmetric import ( + AsymmetricSignatureContext, AsymmetricVerificationContext, rsa +) from cryptography.hazmat.primitives.asymmetric.padding import ( AsymmetricPadding, MGF1, OAEP, PKCS1v15, PSS ) @@ -144,7 +146,7 @@ def _handle_rsa_enc_dec_error(backend, key): raise ValueError("Decryption failed.") -@utils.register_interface(interfaces.AsymmetricSignatureContext) +@utils.register_interface(AsymmetricSignatureContext) class _RSASignatureContext(object): def __init__(self, backend, private_key, padding, algorithm): self._backend = backend @@ -331,7 +333,7 @@ class _RSASignatureContext(object): return self._backend._ffi.buffer(sig_buf)[:sig_len] -@utils.register_interface(interfaces.AsymmetricVerificationContext) +@utils.register_interface(AsymmetricVerificationContext) class _RSAVerificationContext(object): def __init__(self, backend, public_key, signature, padding, algorithm): self._backend = backend diff --git a/src/cryptography/hazmat/primitives/asymmetric/__init__.py b/src/cryptography/hazmat/primitives/asymmetric/__init__.py index 4b540884..494a7a13 100644 --- a/src/cryptography/hazmat/primitives/asymmetric/__init__.py +++ b/src/cryptography/hazmat/primitives/asymmetric/__init__.py @@ -3,3 +3,38 @@ # for complete details. from __future__ import absolute_import, division, print_function + +import abc + +import six + + +@six.add_metaclass(abc.ABCMeta) +class AsymmetricSignatureContext(object): + @abc.abstractmethod + def update(self, data): + """ + Processes the provided bytes and returns nothing. + """ + + @abc.abstractmethod + def finalize(self): + """ + Returns the signature as bytes. + """ + + +@six.add_metaclass(abc.ABCMeta) +class AsymmetricVerificationContext(object): + @abc.abstractmethod + def update(self, data): + """ + Processes the provided bytes and returns nothing. + """ + + @abc.abstractmethod + def verify(self): + """ + Raises an exception if the bytes provided to update do not match the + signature or the signature does not match the public key. + """ diff --git a/src/cryptography/hazmat/primitives/interfaces/__init__.py b/src/cryptography/hazmat/primitives/interfaces/__init__.py index 75426aa8..acd56458 100644 --- a/src/cryptography/hazmat/primitives/interfaces/__init__.py +++ b/src/cryptography/hazmat/primitives/interfaces/__init__.py @@ -11,7 +11,8 @@ import six from cryptography import utils from cryptography.hazmat.primitives import ciphers, hashes from cryptography.hazmat.primitives.asymmetric import ( - dsa, ec, padding, rsa + AsymmetricSignatureContext, AsymmetricVerificationContext, dsa, ec, + padding, rsa ) from cryptography.hazmat.primitives.ciphers import modes from cryptography.hazmat.primitives.padding import PaddingContext @@ -326,36 +327,25 @@ AsymmetricPadding = utils.deprecated( utils.DeprecatedIn08 ) +AsymmetricSignatureContext = utils.deprecated( + AsymmetricSignatureContext, + __name__, + ( + "The AsymmetricPadding interface has moved to the " + "cryptography.hazmat.primitives.asymmetric module" + ), + utils.DeprecatedIn08 +) -@six.add_metaclass(abc.ABCMeta) -class AsymmetricSignatureContext(object): - @abc.abstractmethod - def update(self, data): - """ - Processes the provided bytes and returns nothing. - """ - - @abc.abstractmethod - def finalize(self): - """ - Returns the signature as bytes. - """ - - -@six.add_metaclass(abc.ABCMeta) -class AsymmetricVerificationContext(object): - @abc.abstractmethod - def update(self, data): - """ - Processes the provided bytes and returns nothing. - """ - - @abc.abstractmethod - def verify(self): - """ - Raises an exception if the bytes provided to update do not match the - signature or the signature does not match the public key. - """ +AsymmetricVerificationContext = utils.deprecated( + AsymmetricVerificationContext, + __name__, + ( + "The AsymmetricVerificationContext interface has moved to the " + "cryptography.hazmat.primitives.asymmetric module" + ), + utils.DeprecatedIn08 +) @six.add_metaclass(abc.ABCMeta) -- cgit v1.2.3 From 25bbc150752de98b459f061ce4b90628f2108dbd Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 16 Feb 2015 18:24:16 -0600 Subject: move asymmetric signature interface docs --- docs/hazmat/primitives/asymmetric/index.rst | 32 +---------------------- docs/hazmat/primitives/asymmetric/interfaces.rst | 33 ++++++++++++++++++++++++ 2 files changed, 34 insertions(+), 31 deletions(-) create mode 100644 docs/hazmat/primitives/asymmetric/interfaces.rst diff --git a/docs/hazmat/primitives/asymmetric/index.rst b/docs/hazmat/primitives/asymmetric/index.rst index 203f589a..59f00c5d 100644 --- a/docs/hazmat/primitives/asymmetric/index.rst +++ b/docs/hazmat/primitives/asymmetric/index.rst @@ -30,38 +30,8 @@ and Elliptic Curve. ec rsa serialization + interfaces utils -.. module:: cryptography.hazmat.primitives.asymmetric - -Signature Interfaces -~~~~~~~~~~~~~~~~~~~~ - -.. class:: AsymmetricSignatureContext - - .. versionadded:: 0.2 - - .. method:: update(data) - - :param bytes data: The data you want to sign. - - .. method:: finalize() - - :return bytes signature: The signature. - - -.. class:: AsymmetricVerificationContext - - .. versionadded:: 0.2 - - .. method:: update(data) - - :param bytes data: The data you wish to verify using the signature. - - .. method:: verify() - - :raises cryptography.exceptions.InvalidSignature: If the signature does - not validate. - .. _`proof of identity`: https://en.wikipedia.org/wiki/Public-key_infrastructure diff --git a/docs/hazmat/primitives/asymmetric/interfaces.rst b/docs/hazmat/primitives/asymmetric/interfaces.rst new file mode 100644 index 00000000..4932faa5 --- /dev/null +++ b/docs/hazmat/primitives/asymmetric/interfaces.rst @@ -0,0 +1,33 @@ +.. hazmat:: + +.. module:: cryptography.hazmat.primitives.asymmetric + +Signature Interfaces +==================== + +.. class:: AsymmetricSignatureContext + + .. versionadded:: 0.2 + + .. method:: update(data) + + :param bytes data: The data you want to sign. + + .. method:: finalize() + + :return bytes signature: The signature. + + +.. class:: AsymmetricVerificationContext + + .. versionadded:: 0.2 + + .. method:: update(data) + + :param bytes data: The data you wish to verify using the signature. + + .. method:: verify() + + :raises cryptography.exceptions.InvalidSignature: If the signature does + not validate. + -- cgit v1.2.3