From f83e25c81bb186ed8a96d4a569d5068546a24349 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 21 Feb 2015 18:34:00 -0600 Subject: Support for traditional OpenSSL and PKCS8 RSA private key serialization --- docs/hazmat/primitives/asymmetric/rsa.rst | 62 +++++++++++++++++++ .../hazmat/primitives/asymmetric/serialization.rst | 70 +++++++++++++++++++++- 2 files changed, 131 insertions(+), 1 deletion(-) (limited to 'docs/hazmat') diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst index fd97d75b..66bb37c9 100644 --- a/docs/hazmat/primitives/asymmetric/rsa.rst +++ b/docs/hazmat/primitives/asymmetric/rsa.rst @@ -80,6 +80,37 @@ password. If the key is encrypted we can pass a ``bytes`` object as the There is also support for :func:`loading public keys in the SSH format `. +Key serialization +~~~~~~~~~~~~~~~~~ + +If you have a previously loaded or generated key that has the +:class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization` +interface you can use +:meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization.dump` +to serialize the key. + +.. doctest:: + + >>> from cryptography.hazmat.primitives import serialization + >>> pem = private_key.dump( + ... serialization.PKCS8(serialization.Encoding.PEM), + ... serialization.BestAvailable(b'passwordgoeshere') + ... ) + >>> pem.splitlines()[0] + '-----BEGIN ENCRYPTED PRIVATE KEY-----' + +It is also possible to serialize without encryption using +:class:`~cryptography.hazmat.primitives.serialization.NoEncryption`. + +.. doctest:: + + >>> pem = private_key.dump( + ... serialization.TraditionalOpenSSL(serialization.Encoding.PEM), + ... serialization.NoEncryption() + ... ) + >>> pem.splitlines()[0] + '-----BEGIN RSA PRIVATE KEY-----' + Signing ~~~~~~~ @@ -485,6 +516,37 @@ Key interfaces instance. +.. class:: RSAPrivateKeyWithSerialization + + .. versionadded:: 0.8 + + Extends :class:`RSAPrivateKey`. + + .. method:: private_numbers() + + Create a + :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateNumbers` + object. + + :returns: An + :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateNumbers` + instance. + + .. method:: dump(serializer, encryption_type) + + Dump the key to PEM encoded bytes using the serializer provided. + + :param serializer: An instance of + :class:`~cryptography.hazmat.primitives.serialization.TraditionalOpenSSL` + or :class:`~cryptography.hazmat.primitives.serialization.PKCS8` + + :param encryption_type: An instance of an object conforming to the + :class:`~cryptography.hazmat.primitives.serialization.KeySerializationEncryption` + interface. + + :return bytes: Serialized key. + + .. class:: RSAPublicKey .. versionadded:: 0.2 diff --git a/docs/hazmat/primitives/asymmetric/serialization.rst b/docs/hazmat/primitives/asymmetric/serialization.rst index 87f3c0b0..68eaf021 100644 --- a/docs/hazmat/primitives/asymmetric/serialization.rst +++ b/docs/hazmat/primitives/asymmetric/serialization.rst @@ -3,7 +3,7 @@ Key Serialization ================= -.. currentmodule:: cryptography.hazmat.primitives.serialization +.. module:: cryptography.hazmat.primitives.serialization .. testsetup:: @@ -282,3 +282,71 @@ DSA keys look almost identical but begin with ``ssh-dss`` rather than :raises cryptography.exceptions.UnsupportedAlgorithm: If the serialized key is of a type that is not supported. + +Serializers +~~~~~~~~~~~ + +Instances of these classes can be passed to methods like +:meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization.dump`. + +.. class:: PKCS8(encoding) + + .. versionadded:: 0.8 + + A serializer for the PKCS #8 format. + + :param encoding: A value from the + :class:`~cryptography.hazmat.primitives.serialization.Encoding` enum. + +.. class:: TraditionalOpenSSL(encoding) + + .. versionadded:: 0.8 + + A serializer for the traditional OpenSSL (sometimes known as PKCS #1) + format. + + :param encoding: A value from the + :class:`~cryptography.hazmat.primitives.serialization.Encoding` enum. + + +Serialization Encryption Types +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +.. class:: KeySerializationEncryption + + Objects with this interface are usable as encryption types with methods + like + :meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization.dump`. + All other classes in this section represent the available choices for + encryption and have this interface. + +.. class:: BestAvailable + + Encrypt using the best available encryption for a given key's backend. + This is a curated encryption choice and the algorithm may change over + time. + + :param bytes password: The password to use for encryption. + +.. class:: NoEncryption + + Do not encrypt. + + +Utility Classes +~~~~~~~~~~~~~~~ + +.. class:: Encoding + + .. versionadded:: 0.8 + + An enumeration for encoding types. Used by :class:`PKCS8` and + :class:`TraditionalOpenSSL`. + + .. attribute:: PEM + + For PEM format. This is a base64 format with delimiters. + + .. attribute:: DER + + For DER format. This is a binary format. -- cgit v1.2.3 From 199dc276cd1b45a799b511090b37237df49d68a3 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 23 Feb 2015 20:45:21 -0600 Subject: address review comments --- docs/hazmat/primitives/asymmetric/rsa.rst | 20 +++++--- .../hazmat/primitives/asymmetric/serialization.rst | 60 +++++++++------------- 2 files changed, 36 insertions(+), 44 deletions(-) (limited to 'docs/hazmat') diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst index 66bb37c9..ab2fe4e5 100644 --- a/docs/hazmat/primitives/asymmetric/rsa.rst +++ b/docs/hazmat/primitives/asymmetric/rsa.rst @@ -93,8 +93,9 @@ to serialize the key. >>> from cryptography.hazmat.primitives import serialization >>> pem = private_key.dump( - ... serialization.PKCS8(serialization.Encoding.PEM), - ... serialization.BestAvailable(b'passwordgoeshere') + ... encoding=serialization.Encoding.PEM, + ... fmt=serialization.Format.PKCS8, + ... encryption_type=serialization.BestAvailableEncryption(b'mypassword') ... ) >>> pem.splitlines()[0] '-----BEGIN ENCRYPTED PRIVATE KEY-----' @@ -105,8 +106,9 @@ It is also possible to serialize without encryption using .. doctest:: >>> pem = private_key.dump( - ... serialization.TraditionalOpenSSL(serialization.Encoding.PEM), - ... serialization.NoEncryption() + ... encoding=serialization.Encoding.PEM, + ... fmt=serialization.Format.PKCS8, + ... encryption_type=serialization.NoEncryption() ... ) >>> pem.splitlines()[0] '-----BEGIN RSA PRIVATE KEY-----' @@ -532,13 +534,15 @@ Key interfaces :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateNumbers` instance. - .. method:: dump(serializer, encryption_type) + .. method:: dump(encoding, fmt, encryption_type) Dump the key to PEM encoded bytes using the serializer provided. - :param serializer: An instance of - :class:`~cryptography.hazmat.primitives.serialization.TraditionalOpenSSL` - or :class:`~cryptography.hazmat.primitives.serialization.PKCS8` + :param encoding: A value from the + :class:`~cryptography.hazmat.primitives.serialization.Encoding` enum. + + :param fmt: A value from the + :class:`~cryptography.hazmat.primitives.serialization.Format` enum. :param encryption_type: An instance of an object conforming to the :class:`~cryptography.hazmat.primitives.serialization.KeySerializationEncryption` diff --git a/docs/hazmat/primitives/asymmetric/serialization.rst b/docs/hazmat/primitives/asymmetric/serialization.rst index 68eaf021..b429766d 100644 --- a/docs/hazmat/primitives/asymmetric/serialization.rst +++ b/docs/hazmat/primitives/asymmetric/serialization.rst @@ -75,12 +75,12 @@ methods. .. doctest:: >>> from cryptography.hazmat.backends import default_backend - >>> from cryptography.hazmat.primitives.asymmetric import dsa, rsa + >>> from cryptography.hazmat.primitives.asymmetric import rsa >>> from cryptography.hazmat.primitives.serialization import load_pem_private_key >>> key = load_pem_private_key(pem_data, password=None, backend=default_backend()) >>> if isinstance(key, rsa.RSAPrivateKey): ... signature = sign_with_rsa_key(key, message) - ... elif isinstance(key, dsa.DSAPrivateKey): + ... elif isinstance(key, interfaces.DSAPrivateKey): ... signature = sign_with_dsa_key(key, message) ... else: ... raise TypeError @@ -283,30 +283,37 @@ DSA keys look almost identical but begin with ``ssh-dss`` rather than :raises cryptography.exceptions.UnsupportedAlgorithm: If the serialized key is of a type that is not supported. -Serializers -~~~~~~~~~~~ - -Instances of these classes can be passed to methods like -:meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization.dump`. +Serialization Formats +~~~~~~~~~~~~~~~~~~~~~ -.. class:: PKCS8(encoding) +.. class:: Format .. versionadded:: 0.8 - A serializer for the PKCS #8 format. + An enumeration for key formats. + + .. attribute:: TraditionalOpenSSL + + Frequently known as PKCS#1 format. - :param encoding: A value from the - :class:`~cryptography.hazmat.primitives.serialization.Encoding` enum. + .. attribute:: PKCS8 -.. class:: TraditionalOpenSSL(encoding) +Serialization Encodings +~~~~~~~~~~~~~~~~~~~~~~~ + +.. class:: Encoding .. versionadded:: 0.8 - A serializer for the traditional OpenSSL (sometimes known as PKCS #1) - format. + An enumeration for encoding types. + + .. attribute:: PEM - :param encoding: A value from the - :class:`~cryptography.hazmat.primitives.serialization.Encoding` enum. + For PEM format. This is a base64 format with delimiters. + + .. attribute:: DER + + For DER format. This is a binary format. Serialization Encryption Types @@ -320,7 +327,7 @@ Serialization Encryption Types All other classes in this section represent the available choices for encryption and have this interface. -.. class:: BestAvailable +.. class:: BestAvailableEncryption(password) Encrypt using the best available encryption for a given key's backend. This is a curated encryption choice and the algorithm may change over @@ -331,22 +338,3 @@ Serialization Encryption Types .. class:: NoEncryption Do not encrypt. - - -Utility Classes -~~~~~~~~~~~~~~~ - -.. class:: Encoding - - .. versionadded:: 0.8 - - An enumeration for encoding types. Used by :class:`PKCS8` and - :class:`TraditionalOpenSSL`. - - .. attribute:: PEM - - For PEM format. This is a base64 format with delimiters. - - .. attribute:: DER - - For DER format. This is a binary format. -- cgit v1.2.3 From 4d236049529bc1ab1b301756a6c9be7a30ce8f8a Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 23 Feb 2015 21:54:36 -0600 Subject: fix docs --- docs/hazmat/primitives/asymmetric/rsa.rst | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'docs/hazmat') diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst index ab2fe4e5..ac58b9d2 100644 --- a/docs/hazmat/primitives/asymmetric/rsa.rst +++ b/docs/hazmat/primitives/asymmetric/rsa.rst @@ -95,7 +95,7 @@ to serialize the key. >>> pem = private_key.dump( ... encoding=serialization.Encoding.PEM, ... fmt=serialization.Format.PKCS8, - ... encryption_type=serialization.BestAvailableEncryption(b'mypassword') + ... encryption_algorithm=serialization.BestAvailableEncryption(b'mypassword') ... ) >>> pem.splitlines()[0] '-----BEGIN ENCRYPTED PRIVATE KEY-----' @@ -107,8 +107,8 @@ It is also possible to serialize without encryption using >>> pem = private_key.dump( ... encoding=serialization.Encoding.PEM, - ... fmt=serialization.Format.PKCS8, - ... encryption_type=serialization.NoEncryption() + ... fmt=serialization.Format.TraditionalOpenSSL, + ... encryption_algorithm=serialization.NoEncryption() ... ) >>> pem.splitlines()[0] '-----BEGIN RSA PRIVATE KEY-----' @@ -534,7 +534,7 @@ Key interfaces :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateNumbers` instance. - .. method:: dump(encoding, fmt, encryption_type) + .. method:: dump(encoding, fmt, encryption_algorithm) Dump the key to PEM encoded bytes using the serializer provided. @@ -544,7 +544,7 @@ Key interfaces :param fmt: A value from the :class:`~cryptography.hazmat.primitives.serialization.Format` enum. - :param encryption_type: An instance of an object conforming to the + :param encryption_algorithm: An instance of an object conforming to the :class:`~cryptography.hazmat.primitives.serialization.KeySerializationEncryption` interface. -- cgit v1.2.3 From 8aad028501ef434071d3969bce41c4e6375b4c61 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 23 Feb 2015 22:03:09 -0600 Subject: rename dump to as_bytes --- docs/hazmat/primitives/asymmetric/rsa.rst | 10 +++++----- docs/hazmat/primitives/asymmetric/serialization.rst | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) (limited to 'docs/hazmat') diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst index ac58b9d2..80d48497 100644 --- a/docs/hazmat/primitives/asymmetric/rsa.rst +++ b/docs/hazmat/primitives/asymmetric/rsa.rst @@ -86,13 +86,13 @@ Key serialization If you have a previously loaded or generated key that has the :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization` interface you can use -:meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization.dump` +:meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization.as_bytes` to serialize the key. .. doctest:: >>> from cryptography.hazmat.primitives import serialization - >>> pem = private_key.dump( + >>> pem = private_key.as_bytes( ... encoding=serialization.Encoding.PEM, ... fmt=serialization.Format.PKCS8, ... encryption_algorithm=serialization.BestAvailableEncryption(b'mypassword') @@ -105,7 +105,7 @@ It is also possible to serialize without encryption using .. doctest:: - >>> pem = private_key.dump( + >>> pem = private_key.as_bytes( ... encoding=serialization.Encoding.PEM, ... fmt=serialization.Format.TraditionalOpenSSL, ... encryption_algorithm=serialization.NoEncryption() @@ -534,9 +534,9 @@ Key interfaces :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateNumbers` instance. - .. method:: dump(encoding, fmt, encryption_algorithm) + .. method:: as_bytes(encoding, fmt, encryption_algorithm) - Dump the key to PEM encoded bytes using the serializer provided. + Serialize the key to bytes. :param encoding: A value from the :class:`~cryptography.hazmat.primitives.serialization.Encoding` enum. diff --git a/docs/hazmat/primitives/asymmetric/serialization.rst b/docs/hazmat/primitives/asymmetric/serialization.rst index b429766d..abf036ac 100644 --- a/docs/hazmat/primitives/asymmetric/serialization.rst +++ b/docs/hazmat/primitives/asymmetric/serialization.rst @@ -323,7 +323,7 @@ Serialization Encryption Types Objects with this interface are usable as encryption types with methods like - :meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization.dump`. + :meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization.as_bytes`. All other classes in this section represent the available choices for encryption and have this interface. -- cgit v1.2.3 From 6177cbe2fad1422899a2c26cb53abbbf97886485 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Fri, 27 Feb 2015 17:05:52 -0600 Subject: address review feedback --- docs/hazmat/primitives/asymmetric/rsa.rst | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'docs/hazmat') diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst index 80d48497..17e13c28 100644 --- a/docs/hazmat/primitives/asymmetric/rsa.rst +++ b/docs/hazmat/primitives/asymmetric/rsa.rst @@ -94,7 +94,7 @@ to serialize the key. >>> from cryptography.hazmat.primitives import serialization >>> pem = private_key.as_bytes( ... encoding=serialization.Encoding.PEM, - ... fmt=serialization.Format.PKCS8, + ... format=serialization.Format.PKCS8, ... encryption_algorithm=serialization.BestAvailableEncryption(b'mypassword') ... ) >>> pem.splitlines()[0] @@ -107,7 +107,7 @@ It is also possible to serialize without encryption using >>> pem = private_key.as_bytes( ... encoding=serialization.Encoding.PEM, - ... fmt=serialization.Format.TraditionalOpenSSL, + ... format=serialization.Format.TraditionalOpenSSL, ... encryption_algorithm=serialization.NoEncryption() ... ) >>> pem.splitlines()[0] @@ -534,14 +534,18 @@ Key interfaces :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateNumbers` instance. - .. method:: as_bytes(encoding, fmt, encryption_algorithm) + .. method:: as_bytes(encoding, format, encryption_algorithm) - Serialize the key to bytes. + Allows serialization of the key to bytes. Encoding (PEM or DER), format + (TraditionalOpenSSL or PKCS8) and encryption algorithm (such as + :class:`~cryptography.hazmat.primitives.serialization.BestAvailableEncryption` + or :class:`~cryptography.hazmat.primitives.serialization.NoEncryption`) + are chosen to define the exact serialization. :param encoding: A value from the :class:`~cryptography.hazmat.primitives.serialization.Encoding` enum. - :param fmt: A value from the + :param format: A value from the :class:`~cryptography.hazmat.primitives.serialization.Format` enum. :param encryption_algorithm: An instance of an object conforming to the -- cgit v1.2.3 From 45be3546398e5516b58c53780a32d7dac36ca79e Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Fri, 27 Feb 2015 22:55:54 -0600 Subject: add more docs stuff from review that I missed --- docs/hazmat/primitives/asymmetric/rsa.rst | 2 +- docs/hazmat/primitives/asymmetric/serialization.rst | 9 +++++++-- 2 files changed, 8 insertions(+), 3 deletions(-) (limited to 'docs/hazmat') diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst index 17e13c28..4fba8e12 100644 --- a/docs/hazmat/primitives/asymmetric/rsa.rst +++ b/docs/hazmat/primitives/asymmetric/rsa.rst @@ -83,7 +83,7 @@ There is also support for :func:`loading public keys in the SSH format Key serialization ~~~~~~~~~~~~~~~~~ -If you have a previously loaded or generated key that has the +If you have a key that you've loaded or generated which implements the :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization` interface you can use :meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization.as_bytes` diff --git a/docs/hazmat/primitives/asymmetric/serialization.rst b/docs/hazmat/primitives/asymmetric/serialization.rst index abf036ac..209c57c5 100644 --- a/docs/hazmat/primitives/asymmetric/serialization.rst +++ b/docs/hazmat/primitives/asymmetric/serialization.rst @@ -80,7 +80,7 @@ methods. >>> key = load_pem_private_key(pem_data, password=None, backend=default_backend()) >>> if isinstance(key, rsa.RSAPrivateKey): ... signature = sign_with_rsa_key(key, message) - ... elif isinstance(key, interfaces.DSAPrivateKey): + ... elif isinstance(key, dsa.DSAPrivateKey): ... signature = sign_with_dsa_key(key, message) ... else: ... raise TypeError @@ -294,10 +294,15 @@ Serialization Formats .. attribute:: TraditionalOpenSSL - Frequently known as PKCS#1 format. + Frequently known as PKCS#1 format. Still a widely used format, but + generally considered legacy. .. attribute:: PKCS8 + A more modern format for serializing keys which allows for better + encryption. Choose this unless you have explicit legacy compatibility + requirements. + Serialization Encodings ~~~~~~~~~~~~~~~~~~~~~~~ -- cgit v1.2.3 From 35194c99aeb846b2d85d6303dbe4f11b21eadaa6 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 28 Feb 2015 14:34:21 -0600 Subject: linkify some things per review, fix an import --- docs/hazmat/primitives/asymmetric/rsa.rst | 10 ++++++++-- docs/hazmat/primitives/asymmetric/serialization.rst | 2 +- 2 files changed, 9 insertions(+), 3 deletions(-) (limited to 'docs/hazmat') diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst index 4fba8e12..adb5cbfc 100644 --- a/docs/hazmat/primitives/asymmetric/rsa.rst +++ b/docs/hazmat/primitives/asymmetric/rsa.rst @@ -536,8 +536,14 @@ Key interfaces .. method:: as_bytes(encoding, format, encryption_algorithm) - Allows serialization of the key to bytes. Encoding (PEM or DER), format - (TraditionalOpenSSL or PKCS8) and encryption algorithm (such as + Allows serialization of the key to bytes. Encoding ( + :attr:`~cryptography.hazmat.primitives.serialization.Encoding.PEM` or + :attr:`~cryptography.hazmat.primitives.serialization.Encoding.DER`), + format ( + :attr:`~cryptography.hazmat.primitives.serialization.Format.TraditionalOpenSSL` + or + :attr:`~cryptography.hazmat.primitives.serialization.Format.PKCS8`) and + encryption algorithm (such as :class:`~cryptography.hazmat.primitives.serialization.BestAvailableEncryption` or :class:`~cryptography.hazmat.primitives.serialization.NoEncryption`) are chosen to define the exact serialization. diff --git a/docs/hazmat/primitives/asymmetric/serialization.rst b/docs/hazmat/primitives/asymmetric/serialization.rst index 209c57c5..36ba241b 100644 --- a/docs/hazmat/primitives/asymmetric/serialization.rst +++ b/docs/hazmat/primitives/asymmetric/serialization.rst @@ -75,7 +75,7 @@ methods. .. doctest:: >>> from cryptography.hazmat.backends import default_backend - >>> from cryptography.hazmat.primitives.asymmetric import rsa + >>> from cryptography.hazmat.primitives.asymmetric import dsa, rsa >>> from cryptography.hazmat.primitives.serialization import load_pem_private_key >>> key = load_pem_private_key(pem_data, password=None, backend=default_backend()) >>> if isinstance(key, rsa.RSAPrivateKey): -- cgit v1.2.3 From 223a8f02a37a87b3c7366441647013cf9a18b061 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sat, 28 Feb 2015 18:54:10 -0600 Subject: change as_bytes to private_bytes, link more things --- docs/hazmat/primitives/asymmetric/rsa.rst | 8 ++++---- docs/hazmat/primitives/asymmetric/serialization.rst | 11 +++++++---- 2 files changed, 11 insertions(+), 8 deletions(-) (limited to 'docs/hazmat') diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst index adb5cbfc..924696db 100644 --- a/docs/hazmat/primitives/asymmetric/rsa.rst +++ b/docs/hazmat/primitives/asymmetric/rsa.rst @@ -86,13 +86,13 @@ Key serialization If you have a key that you've loaded or generated which implements the :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization` interface you can use -:meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization.as_bytes` +:meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization.private_bytes` to serialize the key. .. doctest:: >>> from cryptography.hazmat.primitives import serialization - >>> pem = private_key.as_bytes( + >>> pem = private_key.private_bytes( ... encoding=serialization.Encoding.PEM, ... format=serialization.Format.PKCS8, ... encryption_algorithm=serialization.BestAvailableEncryption(b'mypassword') @@ -105,7 +105,7 @@ It is also possible to serialize without encryption using .. doctest:: - >>> pem = private_key.as_bytes( + >>> pem = private_key.private_bytes( ... encoding=serialization.Encoding.PEM, ... format=serialization.Format.TraditionalOpenSSL, ... encryption_algorithm=serialization.NoEncryption() @@ -534,7 +534,7 @@ Key interfaces :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateNumbers` instance. - .. method:: as_bytes(encoding, format, encryption_algorithm) + .. method:: private_bytes(encoding, format, encryption_algorithm) Allows serialization of the key to bytes. Encoding ( :attr:`~cryptography.hazmat.primitives.serialization.Encoding.PEM` or diff --git a/docs/hazmat/primitives/asymmetric/serialization.rst b/docs/hazmat/primitives/asymmetric/serialization.rst index 36ba241b..4940ebd4 100644 --- a/docs/hazmat/primitives/asymmetric/serialization.rst +++ b/docs/hazmat/primitives/asymmetric/serialization.rst @@ -290,7 +290,8 @@ Serialization Formats .. versionadded:: 0.8 - An enumeration for key formats. + An enumeration for key formats. Used with + :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization.private_bytes`. .. attribute:: TraditionalOpenSSL @@ -310,7 +311,8 @@ Serialization Encodings .. versionadded:: 0.8 - An enumeration for encoding types. + An enumeration for encoding types. Used with + :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization.private_bytes`. .. attribute:: PEM @@ -328,9 +330,10 @@ Serialization Encryption Types Objects with this interface are usable as encryption types with methods like - :meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization.as_bytes`. + :meth:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization.private_bytes`. All other classes in this section represent the available choices for - encryption and have this interface. + encryption and have this interface. They are used with + :class:`~cryptography.hazmat.primitives.asymmetric.rsa.RSAPrivateKeyWithSerialization.private_bytes`. .. class:: BestAvailableEncryption(password) -- cgit v1.2.3