From 199dc276cd1b45a799b511090b37237df49d68a3 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Mon, 23 Feb 2015 20:45:21 -0600
Subject: address review comments
---
src/cryptography/hazmat/backends/openssl/rsa.py | 27 +++++++++++++---------
.../hazmat/primitives/asymmetric/rsa.py | 15 ++++++++----
.../hazmat/primitives/interfaces/__init__.py | 5 ++--
.../hazmat/primitives/serialization.py | 23 ++++--------------
src/cryptography/utils.py | 1 -
5 files changed, 34 insertions(+), 37 deletions(-)
(limited to 'src')
diff --git a/src/cryptography/hazmat/backends/openssl/rsa.py b/src/cryptography/hazmat/backends/openssl/rsa.py
index 1357889f..efc1a577 100644
--- a/src/cryptography/hazmat/backends/openssl/rsa.py
+++ b/src/cryptography/hazmat/backends/openssl/rsa.py
@@ -22,8 +22,8 @@ from cryptography.hazmat.primitives.asymmetric.rsa import (
RSAPublicKeyWithNumbers
)
from cryptography.hazmat.primitives.serialization import (
- BestAvailable, Encoding, KeySerializationEncryption, NoEncryption, PKCS8,
- TraditionalOpenSSL
+ BestAvailableEncryption, Encoding, Format, KeySerializationEncryption,
+ NoEncryption
)
@@ -565,18 +565,23 @@ class _RSAPrivateKey(object):
)
)
- def dump(self, serializer, encryption_algorithm):
- if isinstance(serializer, PKCS8):
+ def dump(self, encoding, fmt, encryption_algorithm):
+ if not isinstance(encoding, Encoding):
+ raise TypeError("encoding must be an item from the Encoding enum")
+
+ if not isinstance(fmt, Format):
+ raise TypeError("format must be an item from the Format enum")
+
+ # This is a temporary check until we land DER serialization.
+ if encoding != Encoding.PEM:
+ raise ValueError("Only PEM encoding is supported by this backend")
+
+ if fmt == Format.PKCS8:
write_bio = self._backend._lib.PEM_write_bio_PKCS8PrivateKey
key = self._evp_pkey
- elif isinstance(serializer, TraditionalOpenSSL):
+ elif fmt == Format.TraditionalOpenSSL:
write_bio = self._backend._lib.PEM_write_bio_RSAPrivateKey
key = self._rsa_cdata
- else:
- raise TypeError("serializer must be PKCS8 or TraditionalOpenSSL")
-
- if serializer.encoding != Encoding.PEM:
- raise ValueError("Only PEM encoding is supported by this backend")
if not isinstance(encryption_algorithm, KeySerializationEncryption):
raise TypeError(
@@ -588,7 +593,7 @@ class _RSAPrivateKey(object):
password = b""
passlen = 0
evp_cipher = self._backend._ffi.NULL
- elif isinstance(encryption_algorithm, BestAvailable):
+ elif isinstance(encryption_algorithm, BestAvailableEncryption):
# This is a curated value that we will update over time.
evp_cipher = self._backend._lib.EVP_get_cipherbyname(
b"aes-256-cbc"
diff --git a/src/cryptography/hazmat/primitives/asymmetric/rsa.py b/src/cryptography/hazmat/primitives/asymmetric/rsa.py
index e994a9cc..918717f3 100644
--- a/src/cryptography/hazmat/primitives/asymmetric/rsa.py
+++ b/src/cryptography/hazmat/primitives/asymmetric/rsa.py
@@ -50,14 +50,21 @@ class RSAPrivateKeyWithSerialization(RSAPrivateKey):
"""
@abc.abstractmethod
- def dump(self, serializer, encryption_algorithm):
+ def dump(self, encoding, fmt, encryption_algorithm):
"""
- Returns the PEM encoded key.
+ Returns the dumped key.
"""
-# DeprecatedIn08
-RSAPrivateKeyWithNumbers = RSAPrivateKeyWithSerialization
+RSAPrivateKeyWithNumbers = utils.deprecated(
+ RSAPrivateKeyWithSerialization,
+ __name__,
+ (
+ "The RSAPrivateKeyWithNumbers interface has been renamed to "
+ "RSAPrivateKeyWithSerialization"
+ ),
+ utils.DeprecatedIn08
+)
@six.add_metaclass(abc.ABCMeta)
diff --git a/src/cryptography/hazmat/primitives/interfaces/__init__.py b/src/cryptography/hazmat/primitives/interfaces/__init__.py
index 6b4241bd..f9ffae06 100644
--- a/src/cryptography/hazmat/primitives/interfaces/__init__.py
+++ b/src/cryptography/hazmat/primitives/interfaces/__init__.py
@@ -289,11 +289,12 @@ RSAPrivateKey = utils.deprecated(
)
RSAPrivateKeyWithNumbers = utils.deprecated(
- rsa.RSAPrivateKeyWithNumbers,
+ rsa.RSAPrivateKeyWithSerialization,
__name__,
(
"The RSAPrivateKeyWithNumbers interface has moved to the "
- "cryptography.hazmat.primitives.asymmetric.rsa module"
+ "cryptography.hazmat.primitives.asymmetric.rsa module and has been "
+ "renamed RSAPrivateKeyWithSerialization"
),
utils.DeprecatedIn08
)
diff --git a/src/cryptography/hazmat/primitives/serialization.py b/src/cryptography/hazmat/primitives/serialization.py
index 9bfbc6b7..0d564221 100644
--- a/src/cryptography/hazmat/primitives/serialization.py
+++ b/src/cryptography/hazmat/primitives/serialization.py
@@ -174,24 +174,9 @@ class Encoding(Enum):
DER = "DER"
-class PKCS8(object):
- def __init__(self, encoding):
- if not isinstance(encoding, Encoding):
- raise TypeError(
- "Encoding must be an element from the Encoding enum"
- )
-
- self.encoding = encoding
-
-
-class TraditionalOpenSSL(object):
- def __init__(self, encoding):
- if not isinstance(encoding, Encoding):
- raise TypeError(
- "Encoding must be an element from the Encoding enum"
- )
-
- self.encoding = encoding
+class Format(Enum):
+ PKCS8 = "PKCS8"
+ TraditionalOpenSSL = "TraditionalOpenSSL"
@six.add_metaclass(abc.ABCMeta)
@@ -200,7 +185,7 @@ class KeySerializationEncryption(object):
@utils.register_interface(KeySerializationEncryption)
-class BestAvailable(object):
+class BestAvailableEncryption(object):
def __init__(self, password):
if not isinstance(password, bytes) or len(password) == 0:
raise ValueError("Password must be 1 or more bytes.")
diff --git a/src/cryptography/utils.py b/src/cryptography/utils.py
index 77b6d253..78dcc1ca 100644
--- a/src/cryptography/utils.py
+++ b/src/cryptography/utils.py
@@ -12,7 +12,6 @@ import warnings
# DeprecatedIn07 objects exist. This comment exists to remind developers to
# look for them when it's time for the ninth release cycle deprecation dance.
-# DeprecatedIn08 objects also exist.
DeprecatedIn08 = PendingDeprecationWarning
--
cgit v1.2.3