9 files changed, 200 insertions, 90 deletions
diff --git a/AUTHORS.rst b/AUTHORS.rst
index c233bc86..08e8e920 100644
--- a/AUTHORS.rst
+++ b/AUTHORS.rst
@@ -19,3 +19,4 @@ PGP key fingerprints are enclosed in parentheses.
 * Mohammed Attia <skeuomorf@gmail.com> (854A F9C5 9FF5 6E38 B17D 9587 2D70 E1ED 5290 D357)
 * Michael Hart <michael.hart1994@gmail.com>
 * Mark Adams <mark@markadams.me> (A18A 7DD3 283C CF2A B0CE FE0E C7A0 5E3F C972 098C)
+* Gregory Haynes <greg@greghaynes.net> (6FB6 44BF 9FD0 EBA2 1CE9  471F B08F 42F9 0DC6 599F)
diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst
index 10c20dba..6a8f3fb8 100644
--- a/docs/development/test-vectors.rst
+++ b/docs/development/test-vectors.rst
@@ -37,24 +37,25 @@ Asymmetric ciphers
 Custom Asymmetric Vectors
 ~~~~~~~~~~~~~~~~~~~~~~~~~
 
-* ``ec_private_key.pem`` - Contains an Elliptic Curve key generated by OpenSSL
-  from the curve ``secp256r1``.
-* ``ec_private_key_encrypted.pem`` - Contains the same Elliptic Curve key as
-  ``ec_private_key.pem``, except that it is encrypted with AES-128 with the
-  password "123456".
-* ``ec_public_key.pem`` - Contains the public key corresponding to
-  ``ec_private_key.pem``, generated using OpenSSL.
-* ``rsa_private_key.pem`` - Contains an RSA 2048 bit key generated using
-  OpenSSL, protected by the secret "123456" with DES3 encryption.
-* ``rsa_public_key.pem`` - Contains an RSA 2048 bit public generated using
-  OpenSSL from ``rsa_private_key.pem``.
-* ``dsaparam.pem`` - Contains 2048-bit DSA parameters generated using OpenSSL;
-  contains no keys.
-* ``dsa_private_key.pem`` - Contains a DSA 2048 bit key generated using
-  OpenSSL from the parameters in ``dsaparam.pem``, protected by the secret
-  "123456" with DES3 encryption.
-* ``dsa_public_key.pem`` - Contains a DSA 2048 bit key generated using OpenSSL
-  from ``dsa_private_key.pem``.
+* ``asymmetric/PEM_Serialization/ec_private_key.pem`` - Contains an Elliptic
+  Curve key generated by OpenSSL from the curve ``secp256r1``.
+* ``asymmetric/PEM_Serialization/ec_private_key_encrypted.pem`` - Contains the
+  same Elliptic Curve key as ``ec_private_key.pem``, except that it is
+  encrypted with AES-128 with the password "123456".
+* ``asymmetric/PEM_Serialization/ec_public_key.pem`` - Contains the public key
+  corresponding to ``ec_private_key.pem``, generated using OpenSSL.
+* ``asymmetric/PEM_Serialization/rsa_private_key.pem`` - Contains an RSA 2048
+  bit key generated using OpenSSL, protected by the secret "123456" with DES3
+  encryption.
+* ``asymmetric/PEM_Serialization/rsa_public_key.pem`` - Contains an RSA 2048
+  bit public generated using OpenSSL from ``rsa_private_key.pem``.
+* ``asymmetric/PEM_Serialization/dsaparam.pem`` - Contains 2048-bit DSA
+  parameters generated using OpenSSL; contains no keys.
+* ``asymmetric/PEM_Serialization/dsa_private_key.pem`` - Contains a DSA 2048
+  bit key generated using OpenSSL from the parameters in ``dsaparam.pem``,
+  protected by the secret "123456" with DES3 encryption.
+* ``asymmetric/PEM_Serialization/dsa_public_key.pem`` - Contains a DSA 2048 bit
+  key generated using OpenSSL from ``dsa_private_key.pem``.
 
 
 X.509
diff --git a/src/cryptography/__about__.py b/src/cryptography/__about__.py
index f2700d57..ee16edd7 100644
--- a/src/cryptography/__about__.py
+++ b/src/cryptography/__about__.py
@@ -20,4 +20,4 @@ __author__ = "The cryptography developers"
 __email__ = "cryptography-dev@python.org"
 
 __license__ = "BSD or Apache License, Version 2.0"
-__copyright__ = "Copyright 2013-2014 {0}".format(__author__)
+__copyright__ = "Copyright 2013-2015 {0}".format(__author__)
diff --git a/src/cryptography/hazmat/bindings/openssl/nid.py b/src/cryptography/hazmat/bindings/openssl/nid.py
index a025d3b4..c2c0552b 100644
--- a/src/cryptography/hazmat/bindings/openssl/nid.py
+++ b/src/cryptography/hazmat/bindings/openssl/nid.py
@@ -211,6 +211,11 @@ static const int NID_organizationalUnitName;
 static const int NID_serialNumber;
 static const int NID_surname;
 static const int NID_givenName;
+static const int NID_title;
+static const int NID_generationQualifier;
+static const int NID_dnQualifier;
+static const int NID_pseudonym;
+static const int NID_domainComponent;
 static const int NID_pkcs9_emailAddress;
 """
 
diff --git a/src/cryptography/hazmat/primitives/interfaces.py b/src/cryptography/hazmat/primitives/interfaces/__init__.py
index 76616e1f..fd1b25f3 100644
--- a/src/cryptography/hazmat/primitives/interfaces.py
+++ b/src/cryptography/hazmat/primitives/interfaces/__init__.py
@@ -8,72 +8,19 @@ import abc
 
 import six
 
-
-@six.add_metaclass(abc.ABCMeta)
-class CipherAlgorithm(object):
-    @abc.abstractproperty
-    def name(self):
-        """
-        A string naming this mode (e.g. "AES", "Camellia").
-        """
-
-    @abc.abstractproperty
-    def key_size(self):
-        """
-        The size of the key being used as an integer in bits (e.g. 128, 256).
-        """
-
-
-@six.add_metaclass(abc.ABCMeta)
-class BlockCipherAlgorithm(object):
-    @abc.abstractproperty
-    def block_size(self):
-        """
-        The size of a block as an integer in bits (e.g. 64, 128).
-        """
-
-
-@six.add_metaclass(abc.ABCMeta)
-class Mode(object):
-    @abc.abstractproperty
-    def name(self):
-        """
-        A string naming this mode (e.g. "ECB", "CBC").
-        """
-
-    @abc.abstractmethod
-    def validate_for_algorithm(self, algorithm):
-        """
-        Checks that all the necessary invariants of this (mode, algorithm)
-        combination are met.
-        """
-
-
-@six.add_metaclass(abc.ABCMeta)
-class ModeWithInitializationVector(object):
-    @abc.abstractproperty
-    def initialization_vector(self):
-        """
-        The value of the initialization vector for this mode as bytes.
-        """
-
-
-@six.add_metaclass(abc.ABCMeta)
-class ModeWithNonce(object):
-    @abc.abstractproperty
-    def nonce(self):
-        """
-        The value of the nonce for this mode as bytes.
-        """
-
-
-@six.add_metaclass(abc.ABCMeta)
-class ModeWithAuthenticationTag(object):
-    @abc.abstractproperty
-    def tag(self):
-        """
-        The value of the tag supplied to the constructor of this mode.
-        """
+from cryptography.hazmat.primitives.interfaces.ciphers import (
+    BlockCipherAlgorithm, CipherAlgorithm, Mode,
+    ModeWithAuthenticationTag, ModeWithInitializationVector, ModeWithNonce
+)
+
+__all__ = [
+    "BlockCipherAlgorithm",
+    "CipherAlgorithm",
+    "Mode",
+    "ModeWithAuthenticationTag",
+    "ModeWithInitializationVector",
+    "ModeWithNonce"
+]
 
 
 @six.add_metaclass(abc.ABCMeta)
diff --git a/src/cryptography/hazmat/primitives/interfaces/ciphers.py b/src/cryptography/hazmat/primitives/interfaces/ciphers.py
new file mode 100644
index 00000000..075a9c25
--- /dev/null
+++ b/src/cryptography/hazmat/primitives/interfaces/ciphers.py
@@ -0,0 +1,76 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import absolute_import, division, print_function
+
+import abc
+
+import six
+
+
+@six.add_metaclass(abc.ABCMeta)
+class CipherAlgorithm(object):
+    @abc.abstractproperty
+    def name(self):
+        """
+        A string naming this mode (e.g. "AES", "Camellia").
+        """
+
+    @abc.abstractproperty
+    def key_size(self):
+        """
+        The size of the key being used as an integer in bits (e.g. 128, 256).
+        """
+
+
+@six.add_metaclass(abc.ABCMeta)
+class BlockCipherAlgorithm(object):
+    @abc.abstractproperty
+    def block_size(self):
+        """
+        The size of a block as an integer in bits (e.g. 64, 128).
+        """
+
+
+@six.add_metaclass(abc.ABCMeta)
+class Mode(object):
+    @abc.abstractproperty
+    def name(self):
+        """
+        A string naming this mode (e.g. "ECB", "CBC").
+        """
+
+    @abc.abstractmethod
+    def validate_for_algorithm(self, algorithm):
+        """
+        Checks that all the necessary invariants of this (mode, algorithm)
+        combination are met.
+        """
+
+
+@six.add_metaclass(abc.ABCMeta)
+class ModeWithInitializationVector(object):
+    @abc.abstractproperty
+    def initialization_vector(self):
+        """
+        The value of the initialization vector for this mode as bytes.
+        """
+
+
+@six.add_metaclass(abc.ABCMeta)
+class ModeWithNonce(object):
+    @abc.abstractproperty
+    def nonce(self):
+        """
+        The value of the nonce for this mode as bytes.
+        """
+
+
+@six.add_metaclass(abc.ABCMeta)
+class ModeWithAuthenticationTag(object):
+    @abc.abstractproperty
+    def tag(self):
+        """
+        The value of the tag supplied to the constructor of this mode.
+        """
diff --git a/src/cryptography/utils.py b/src/cryptography/utils.py
index ac2f787d..72f9a347 100644
--- a/src/cryptography/utils.py
+++ b/src/cryptography/utils.py
@@ -7,12 +7,17 @@ from __future__ import absolute_import, division, print_function
 import abc
 import inspect
 import sys
+import warnings
 
 
 # DeprecatedIn07 objects exist. This comment exists to remind developers to
 # look for them when it's time for the ninth release cycle deprecation dance.
 
 
+def read_only_property(name):
+    return property(lambda self: getattr(self, name))
+
+
 def register_interface(iface):
     def register_decorator(klass):
         verify_interface(iface, klass)
@@ -21,10 +26,6 @@ def register_interface(iface):
     return register_decorator
 
 
-def read_only_property(name):
-    return property(lambda self: getattr(self, name))
-
-
 class InterfaceNotImplemented(Exception):
     pass
 
@@ -55,3 +56,35 @@ if sys.version_info >= (2, 7):
 else:
     def bit_length(x):
         return len(bin(x)) - (2 + (x <= 0))
+
+
+class _DeprecatedValue(object):
+    def __init__(self, value, message, warning_class):
+        self.value = value
+        self.message = message
+        self.warning_class = warning_class
+
+
+class _ModuleWithDeprecations(object):
+    def __init__(self, module):
+        self.__dict__["_module"] = module
+
+    def __getattr__(self, attr):
+        obj = getattr(self._module, attr)
+        if isinstance(obj, _DeprecatedValue):
+            warnings.warn(obj.message, obj.warning_class, stacklevel=2)
+            obj = obj.value
+        return obj
+
+    def __setattr__(self, attr, value):
+        setattr(self._module, attr, value)
+
+    def __dir__(self):
+        return ["_module"] + dir(self._module)
+
+
+def deprecated(value, module_name, message, warning_class):
+    module = sys.modules[module_name]
+    if not isinstance(module, _ModuleWithDeprecations):
+        sys.modules[module_name] = module = _ModuleWithDeprecations(module)
+    return _DeprecatedValue(value, message, warning_class)
diff --git a/tests/test_warnings.py b/tests/test_warnings.py
new file mode 100644
index 00000000..9946baa7
--- /dev/null
+++ b/tests/test_warnings.py
@@ -0,0 +1,47 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import absolute_import, division, print_function
+
+import sys
+import types
+import warnings
+
+from cryptography.utils import deprecated
+
+
+class TestDeprecated(object):
+    def test_deprecated(self, monkeypatch):
+        mod = types.ModuleType("TestDeprecated/test_deprecated")
+        monkeypatch.setitem(sys.modules, mod.__name__, mod)
+        mod.X = deprecated(
+            value=1,
+            module_name=mod.__name__,
+            message="deprecated message text",
+            warning_class=DeprecationWarning
+        )
+        mod.Y = deprecated(
+            value=2,
+            module_name=mod.__name__,
+            message="more deprecated text",
+            warning_class=PendingDeprecationWarning,
+        )
+        mod = sys.modules[mod.__name__]
+        mod.Z = 3
+
+        with warnings.catch_warnings(record=True) as log:
+            warnings.simplefilter("always", PendingDeprecationWarning)
+            warnings.simplefilter("always", DeprecationWarning)
+            assert mod.X == 1
+            assert mod.Y == 2
+            assert mod.Z == 3
+
+        [msg1, msg2] = log
+        assert msg1.category is DeprecationWarning
+        assert msg1.message.args == ("deprecated message text",)
+
+        assert msg2.category is PendingDeprecationWarning
+        assert msg2.message.args == ("more deprecated text",)
+
+        assert "Y" in dir(mod)
diff --git a/vectors/cryptography_vectors/__about__.py b/vectors/cryptography_vectors/__about__.py
index aa6fce09..f17d7b8e 100644
--- a/vectors/cryptography_vectors/__about__.py
+++ b/vectors/cryptography_vectors/__about__.py
@@ -20,4 +20,4 @@ __author__ = "The cryptography developers"
 __email__ = "cryptography-dev@python.org"
 
 __license__ = "BSD or Apache License, Version 2.0"
-__copyright__ = "Copyright 2013-2014 %s" % __author__
+__copyright__ = "Copyright 2013-2015 %s" % __author__