Merge branch 'master' into exception-heirarchy-refactor

Conflicts:
	cryptography/hazmat/backends/openssl/backend.py

4 files changed, 162 insertions, 9 deletions

diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst
index 682820b3..7943981e 100644
--- a/docs/hazmat/primitives/asymmetric/rsa.rst
+++ b/docs/hazmat/primitives/asymmetric/rsa.rst
@@ -111,6 +111,49 @@ RSA
                         or ``modulus`` do not match the bounds specified in
                         :rfc:`3447`.
 
+    .. method:: verifier(signature, padding, algorithm, backend)
+
+        .. versionadded:: 0.3
+
+        Verify data was signed by the private key associated with this public
+        key.
+
+        .. doctest::
+
+            >>> from cryptography.hazmat.backends import default_backend
+            >>> from cryptography.hazmat.primitives import hashes
+            >>> from cryptography.hazmat.primitives.asymmetric import rsa, padding
+            >>> private_key = rsa.RSAPrivateKey.generate(
+            ...     public_exponent=65537,
+            ...     key_size=2048,
+            ...     backend=default_backend()
+            ... )
+            >>> signer = private_key.signer(padding.PKCS1v15(), hashes.SHA256(), default_backend())
+            >>> data= b"this is some data I'd like to sign"
+            >>> signer.update(data)
+            >>> signature = signer.finalize()
+            >>> public_key = private_key.public_key()
+            >>> verifier = public_key.verifier(signature, padding.PKCS1v15(), hashes.SHA256(), default_backend())
+            >>> verifier.update(data)
+            >>> verifier.verify()
+
+        :param bytes signature: The signature to verify.
+
+        :param padding: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricPadding`
+            provider.
+
+        :param algorithm: An instance of a
+            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            provider.
+
+        :param backend: A
+            :class:`~cryptography.hazmat.backends.interfaces.RSABackend`
+            provider.
+
+        :returns:
+            :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricVerificationContext`
+
 .. _`RSA`: https://en.wikipedia.org/wiki/RSA_(cryptosystem)
 .. _`public-key`: https://en.wikipedia.org/wiki/Public-key_cryptography
 .. _`use 65537`: http://www.daemonology.net/blog/2009-06-11-cryptographic-right-answers.html
diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst
index 5be3dd95..cc2a3000 100644
--- a/docs/hazmat/primitives/interfaces.rst
+++ b/docs/hazmat/primitives/interfaces.rst
@@ -231,6 +231,113 @@ Asymmetric Interfaces
         The public exponent. Alias for :attr:`public_exponent`.
 
 
+.. class:: DSAParameters
+
+    .. versionadded:: 0.3
+
+    `DSA`_ parameters.
+
+    .. attribute:: modulus
+
+        :type: int
+
+        The prime modulus that is used in generating the DSA key pair and used
+        in the DSA signing and verification processes.
+
+    .. attribute:: subgroup_order
+
+        :type: int
+
+        The subgroup order that is used in generating the DSA key pair
+        by the generator and used in the DSA signing and verification
+        processes.
+
+    .. attribute:: generator
+
+        :type: int
+
+        The generator that is used in generating the DSA key pair and used
+        in the DSA signing and verification processes.
+
+    .. attribute:: p
+
+        :type: int
+
+        The prime modulus that is used in generating the DSA key pair and used
+        in the DSA signing and verification processes. Alias for :attr:`modulus`.
+
+    .. attribute:: q
+
+        :type: int
+
+        The subgroup order that is used in generating the DSA key pair
+        by the generator and used in the DSA signing and verification
+        processes. Alias for :attr:`subgroup_order`.
+
+    .. attribute:: g
+
+        :type: int
+
+        The generator that is used in generating the DSA key pair and used
+        in the DSA signing and verification processes. Alias for :attr:`generator`.
+
+
+.. class:: DSAPrivateKey
+
+    .. versionadded:: 0.3
+
+    A `DSA`_ private key.
+
+    .. method:: public_key()
+
+        :return: :class:`~cryptography.hazmat.primitives.interfaces.DSAPublicKey`
+
+        An DSA public key object corresponding to the values of the private key.
+
+    .. method:: parameters()
+
+        :return: :class:`~cryptography.hazmat.primitives.interfaces.DSAParameters`
+
+        The DSAParameters object associated with this private key.
+
+    .. attribute:: key_size
+
+        :type: int
+
+        The bit length of the modulus.
+
+    .. attribute:: x
+
+        :type: int
+
+        The private key.
+
+    .. attribute:: y
+
+        :type: int
+
+        The public key.
+
+
+.. class:: DSAPublicKey
+
+    .. versionadded:: 0.3
+
+    A `DSA`_ private key.
+
+    .. method:: parameters()
+
+        :return: :class:`~cryptography.hazmat.primitives.interfaces.DSAParameters`
+
+        The DSAParameters object associated with this public key.
+
+    .. attribute:: y
+
+        :type: int
+
+        The public key.
+
+
 .. class:: AsymmetricSignatureContext
 
     .. versionadded:: 0.2
@@ -254,8 +361,8 @@ Asymmetric Interfaces
 
     .. method:: verify()
 
-        :raises cryptography.exceptions.InvalidSignature: If signature does not
-            validate.
+        :raises cryptography.exceptions.InvalidSignature: If the signature does
+            not validate.
 
 
 .. class:: AsymmetricPadding
@@ -335,3 +442,4 @@ Key Derivation Functions
 
 .. _`RSA`: https://en.wikipedia.org/wiki/RSA_(cryptosystem)
 .. _`Chinese remainder theorem`: https://en.wikipedia.org/wiki/Chinese_remainder_theorem
+.. _`DSA`: https://en.wikipedia.org/wiki/Digital_Signature_Algorithm
diff --git a/docs/hazmat/primitives/key-derivation-functions.rst b/docs/hazmat/primitives/key-derivation-functions.rst
index d8a0e241..851dbb0b 100644
--- a/docs/hazmat/primitives/key-derivation-functions.rst
+++ b/docs/hazmat/primitives/key-derivation-functions.rst
@@ -179,7 +179,7 @@ Different KDFs are suitable for different tasks such as:
     :param bytes info: Application specific context information.  If ``None``
         is explicitly passed an empty byte string will be used.
 
-    :params backend: A
+    :param backend: A
         :class:`~cryptography.hazmat.backends.interfaces.HMACBackend`
         provider.
 
diff --git a/docs/hazmat/primitives/twofactor.rst b/docs/hazmat/primitives/twofactor.rst
index 3df1a147..3912d483 100644
--- a/docs/hazmat/primitives/twofactor.rst
+++ b/docs/hazmat/primitives/twofactor.rst
@@ -47,10 +47,11 @@ codes (HMAC).
         provider.
     :raises ValueError: This is raised if the provided ``key`` is shorter than
         128 bits or if the ``length`` parameter is not 6, 7 or 8.
-    :raises UnsupportedAlgorithm: This is raised if the provided ``algorithm``
-        is not :class:`~cryptography.hazmat.primitives.hashes.SHA1()`,
+    :raises TypeError: This is raised if the provided ``algorithm`` is not
+        :class:`~cryptography.hazmat.primitives.hashes.SHA1()`,
         :class:`~cryptography.hazmat.primitives.hashes.SHA256()` or
-        :class:`~cryptography.hazmat.primitives.hashes.SHA512()`.
+        :class:`~cryptography.hazmat.primitives.hashes.SHA512()` or if the
+        ``length`` parameter is not an integer.
 
     .. method:: generate(counter)
 
@@ -142,10 +143,11 @@ similar to the following code.
         provider.
     :raises ValueError: This is raised if the provided ``key`` is shorter than
         128 bits or if the ``length`` parameter is not 6, 7 or 8.
-    :raises UnsupportedAlgorithm: This is raised if the provided ``algorithm``
-        is not :class:`~cryptography.hazmat.primitives.hashes.SHA1()`,
+    :raises TypeError: This is raised if the provided ``algorithm`` is not
+        :class:`~cryptography.hazmat.primitives.hashes.SHA1()`,
         :class:`~cryptography.hazmat.primitives.hashes.SHA256()` or
-        :class:`~cryptography.hazmat.primitives.hashes.SHA512()`.
+        :class:`~cryptography.hazmat.primitives.hashes.SHA512()` or if the
+        ``length`` parameter is not an integer.
 
     .. method:: generate(time)