diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/cryptography/hazmat/backends/openssl/rsa.py | 27 | ||||
| -rw-r--r-- | src/cryptography/hazmat/primitives/asymmetric/rsa.py | 15 | ||||
| -rw-r--r-- | src/cryptography/hazmat/primitives/interfaces/__init__.py | 5 | ||||
| -rw-r--r-- | src/cryptography/hazmat/primitives/serialization.py | 23 | ||||
| -rw-r--r-- | src/cryptography/utils.py | 1 |
5 files changed, 34 insertions, 37 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/rsa.py b/src/cryptography/hazmat/backends/openssl/rsa.py index 1357889f..efc1a577 100644 --- a/src/cryptography/hazmat/backends/openssl/rsa.py +++ b/src/cryptography/hazmat/backends/openssl/rsa.py @@ -22,8 +22,8 @@ from cryptography.hazmat.primitives.asymmetric.rsa import ( RSAPublicKeyWithNumbers ) from cryptography.hazmat.primitives.serialization import ( - BestAvailable, Encoding, KeySerializationEncryption, NoEncryption, PKCS8, - TraditionalOpenSSL + BestAvailableEncryption, Encoding, Format, KeySerializationEncryption, + NoEncryption ) @@ -565,18 +565,23 @@ class _RSAPrivateKey(object): ) ) - def dump(self, serializer, encryption_algorithm): - if isinstance(serializer, PKCS8): + def dump(self, encoding, fmt, encryption_algorithm): + if not isinstance(encoding, Encoding): + raise TypeError("encoding must be an item from the Encoding enum") + + if not isinstance(fmt, Format): + raise TypeError("format must be an item from the Format enum") + + # This is a temporary check until we land DER serialization. + if encoding != Encoding.PEM: + raise ValueError("Only PEM encoding is supported by this backend") + + if fmt == Format.PKCS8: write_bio = self._backend._lib.PEM_write_bio_PKCS8PrivateKey key = self._evp_pkey - elif isinstance(serializer, TraditionalOpenSSL): + elif fmt == Format.TraditionalOpenSSL: write_bio = self._backend._lib.PEM_write_bio_RSAPrivateKey key = self._rsa_cdata - else: - raise TypeError("serializer must be PKCS8 or TraditionalOpenSSL") - - if serializer.encoding != Encoding.PEM: - raise ValueError("Only PEM encoding is supported by this backend") if not isinstance(encryption_algorithm, KeySerializationEncryption): raise TypeError( @@ -588,7 +593,7 @@ class _RSAPrivateKey(object): password = b"" passlen = 0 evp_cipher = self._backend._ffi.NULL - elif isinstance(encryption_algorithm, BestAvailable): + elif isinstance(encryption_algorithm, BestAvailableEncryption): # This is a curated value that we will update over time. evp_cipher = self._backend._lib.EVP_get_cipherbyname( b"aes-256-cbc" diff --git a/src/cryptography/hazmat/primitives/asymmetric/rsa.py b/src/cryptography/hazmat/primitives/asymmetric/rsa.py index e994a9cc..918717f3 100644 --- a/src/cryptography/hazmat/primitives/asymmetric/rsa.py +++ b/src/cryptography/hazmat/primitives/asymmetric/rsa.py @@ -50,14 +50,21 @@ class RSAPrivateKeyWithSerialization(RSAPrivateKey): """ @abc.abstractmethod - def dump(self, serializer, encryption_algorithm): + def dump(self, encoding, fmt, encryption_algorithm): """ - Returns the PEM encoded key. + Returns the dumped key. """ -# DeprecatedIn08 -RSAPrivateKeyWithNumbers = RSAPrivateKeyWithSerialization +RSAPrivateKeyWithNumbers = utils.deprecated( + RSAPrivateKeyWithSerialization, + __name__, + ( + "The RSAPrivateKeyWithNumbers interface has been renamed to " + "RSAPrivateKeyWithSerialization" + ), + utils.DeprecatedIn08 +) @six.add_metaclass(abc.ABCMeta) diff --git a/src/cryptography/hazmat/primitives/interfaces/__init__.py b/src/cryptography/hazmat/primitives/interfaces/__init__.py index 6b4241bd..f9ffae06 100644 --- a/src/cryptography/hazmat/primitives/interfaces/__init__.py +++ b/src/cryptography/hazmat/primitives/interfaces/__init__.py @@ -289,11 +289,12 @@ RSAPrivateKey = utils.deprecated( ) RSAPrivateKeyWithNumbers = utils.deprecated( - rsa.RSAPrivateKeyWithNumbers, + rsa.RSAPrivateKeyWithSerialization, __name__, ( "The RSAPrivateKeyWithNumbers interface has moved to the " - "cryptography.hazmat.primitives.asymmetric.rsa module" + "cryptography.hazmat.primitives.asymmetric.rsa module and has been " + "renamed RSAPrivateKeyWithSerialization" ), utils.DeprecatedIn08 ) diff --git a/src/cryptography/hazmat/primitives/serialization.py b/src/cryptography/hazmat/primitives/serialization.py index 9bfbc6b7..0d564221 100644 --- a/src/cryptography/hazmat/primitives/serialization.py +++ b/src/cryptography/hazmat/primitives/serialization.py @@ -174,24 +174,9 @@ class Encoding(Enum): DER = "DER" -class PKCS8(object): - def __init__(self, encoding): - if not isinstance(encoding, Encoding): - raise TypeError( - "Encoding must be an element from the Encoding enum" - ) - - self.encoding = encoding - - -class TraditionalOpenSSL(object): - def __init__(self, encoding): - if not isinstance(encoding, Encoding): - raise TypeError( - "Encoding must be an element from the Encoding enum" - ) - - self.encoding = encoding +class Format(Enum): + PKCS8 = "PKCS8" + TraditionalOpenSSL = "TraditionalOpenSSL" @six.add_metaclass(abc.ABCMeta) @@ -200,7 +185,7 @@ class KeySerializationEncryption(object): @utils.register_interface(KeySerializationEncryption) -class BestAvailable(object): +class BestAvailableEncryption(object): def __init__(self, password): if not isinstance(password, bytes) or len(password) == 0: raise ValueError("Password must be 1 or more bytes.") diff --git a/src/cryptography/utils.py b/src/cryptography/utils.py index 77b6d253..78dcc1ca 100644 --- a/src/cryptography/utils.py +++ b/src/cryptography/utils.py @@ -12,7 +12,6 @@ import warnings # DeprecatedIn07 objects exist. This comment exists to remind developers to # look for them when it's time for the ninth release cycle deprecation dance. -# DeprecatedIn08 objects also exist. DeprecatedIn08 = PendingDeprecationWarning |