From b808f8cc91e302d4120eefa80c946a7cdcf9a155 Mon Sep 17 00:00:00 2001 From: Julian Krause Date: Thu, 26 Dec 2013 21:47:39 -0800 Subject: Remove verify from Hash. --- cryptography/hazmat/primitives/hashes.py | 11 ++-------- cryptography/hazmat/primitives/interfaces.py | 7 ------- docs/hazmat/primitives/cryptographic-hashes.rst | 8 -------- tests/hazmat/primitives/test_hashes.py | 27 +------------------------ 4 files changed, 3 insertions(+), 50 deletions(-) diff --git a/cryptography/hazmat/primitives/hashes.py b/cryptography/hazmat/primitives/hashes.py index c71377d7..bee188b3 100644 --- a/cryptography/hazmat/primitives/hashes.py +++ b/cryptography/hazmat/primitives/hashes.py @@ -16,8 +16,8 @@ from __future__ import absolute_import, division, print_function import six from cryptography import utils -from cryptography.exceptions import AlreadyFinalized, InvalidSignature -from cryptography.hazmat.primitives import constant_time, interfaces +from cryptography.exceptions import AlreadyFinalized +from cryptography.hazmat.primitives import interfaces @utils.register_interface(interfaces.HashContext) @@ -55,13 +55,6 @@ class Hash(object): self._ctx = None return digest - def verify(self, digest): - if isinstance(digest, six.text_type): - raise TypeError("Unicode-objects must be encoded before verifying") - hash_digest = self.finalize() - if not constant_time.bytes_eq(digest, hash_digest): - raise InvalidSignature("Digest did not match hash digest.") - @utils.register_interface(interfaces.HashAlgorithm) class SHA1(object): diff --git a/cryptography/hazmat/primitives/interfaces.py b/cryptography/hazmat/primitives/interfaces.py index 371701a4..e87c9ca9 100644 --- a/cryptography/hazmat/primitives/interfaces.py +++ b/cryptography/hazmat/primitives/interfaces.py @@ -162,10 +162,3 @@ class HashContext(six.with_metaclass(abc.ABCMeta)): """ Return a HashContext that is a copy of the current context. """ - - @abc.abstractmethod - def verify(self, signature): - """ - Compare hash digest to signature and raises InvalidSignature - if they are not equal. - """ diff --git a/docs/hazmat/primitives/cryptographic-hashes.rst b/docs/hazmat/primitives/cryptographic-hashes.rst index f00dd3f5..38347378 100644 --- a/docs/hazmat/primitives/cryptographic-hashes.rst +++ b/docs/hazmat/primitives/cryptographic-hashes.rst @@ -70,14 +70,6 @@ Message Digests :return bytes: The message digest as bytes. - .. method:: verify(digest) - - Finalize the current context and securely compare that digest to ``digest``. - - :param bytes digest: Received hash digest - :raises cryptography.exceptions.AlreadyFinalized: See :meth:`finalize` - :raises cryptography.exceptions.InvalidSignature: If hash digest does not match digest - .. _cryptographic-hash-algorithms: diff --git a/tests/hazmat/primitives/test_hashes.py b/tests/hazmat/primitives/test_hashes.py index 69d0773a..45faaab2 100644 --- a/tests/hazmat/primitives/test_hashes.py +++ b/tests/hazmat/primitives/test_hashes.py @@ -20,9 +20,7 @@ import pytest import six from cryptography import utils -from cryptography.exceptions import ( - AlreadyFinalized, UnsupportedAlgorithm, InvalidSignature -) +from cryptography.exceptions import AlreadyFinalized, UnsupportedAlgorithm from cryptography.hazmat.primitives import hashes, interfaces from .utils import generate_base_hash_test @@ -66,29 +64,6 @@ class TestHashContext(object): with pytest.raises(AlreadyFinalized): h.finalize() - def test_verify(self, backend): - h = hashes.Hash(hashes.SHA1(), backend=backend) - digest = h.finalize() - - h = hashes.Hash(hashes.SHA1(), backend=backend) - h.verify(digest) - - with pytest.raises(AlreadyFinalized): - h.verify(b'') - - def test_invalid_verify(self, backend): - h = hashes.Hash(hashes.SHA1(), backend=backend) - with pytest.raises(InvalidSignature): - h.verify(b'') - - with pytest.raises(AlreadyFinalized): - h.verify(b'') - - def test_verify_reject_unicode(self, backend): - h = hashes.Hash(hashes.SHA1(), backend=backend) - with pytest.raises(TypeError): - h.verify(six.u('')) - def test_unsupported_hash(self, backend): with pytest.raises(UnsupportedAlgorithm): hashes.Hash(UnsupportedDummyHash(), backend) -- cgit v1.2.3