aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--AUTHORS.rst1
-rw-r--r--docs/development/test-vectors.rst37
-rw-r--r--src/cryptography/__about__.py2
-rw-r--r--src/cryptography/hazmat/bindings/openssl/nid.py5
-rw-r--r--src/cryptography/hazmat/primitives/interfaces/__init__.py (renamed from src/cryptography/hazmat/primitives/interfaces.py)79
-rw-r--r--src/cryptography/hazmat/primitives/interfaces/ciphers.py76
-rw-r--r--src/cryptography/utils.py41
-rw-r--r--tests/test_warnings.py47
-rw-r--r--vectors/cryptography_vectors/__about__.py2
9 files changed, 200 insertions, 90 deletions
diff --git a/AUTHORS.rst b/AUTHORS.rst
index c233bc86..08e8e920 100644
--- a/AUTHORS.rst
+++ b/AUTHORS.rst
@@ -19,3 +19,4 @@ PGP key fingerprints are enclosed in parentheses.
* Mohammed Attia <skeuomorf@gmail.com> (854A F9C5 9FF5 6E38 B17D 9587 2D70 E1ED 5290 D357)
* Michael Hart <michael.hart1994@gmail.com>
* Mark Adams <mark@markadams.me> (A18A 7DD3 283C CF2A B0CE FE0E C7A0 5E3F C972 098C)
+* Gregory Haynes <greg@greghaynes.net> (6FB6 44BF 9FD0 EBA2 1CE9 471F B08F 42F9 0DC6 599F)
diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst
index 10c20dba..6a8f3fb8 100644
--- a/docs/development/test-vectors.rst
+++ b/docs/development/test-vectors.rst
@@ -37,24 +37,25 @@ Asymmetric ciphers
Custom Asymmetric Vectors
~~~~~~~~~~~~~~~~~~~~~~~~~
-* ``ec_private_key.pem`` - Contains an Elliptic Curve key generated by OpenSSL
- from the curve ``secp256r1``.
-* ``ec_private_key_encrypted.pem`` - Contains the same Elliptic Curve key as
- ``ec_private_key.pem``, except that it is encrypted with AES-128 with the
- password "123456".
-* ``ec_public_key.pem`` - Contains the public key corresponding to
- ``ec_private_key.pem``, generated using OpenSSL.
-* ``rsa_private_key.pem`` - Contains an RSA 2048 bit key generated using
- OpenSSL, protected by the secret "123456" with DES3 encryption.
-* ``rsa_public_key.pem`` - Contains an RSA 2048 bit public generated using
- OpenSSL from ``rsa_private_key.pem``.
-* ``dsaparam.pem`` - Contains 2048-bit DSA parameters generated using OpenSSL;
- contains no keys.
-* ``dsa_private_key.pem`` - Contains a DSA 2048 bit key generated using
- OpenSSL from the parameters in ``dsaparam.pem``, protected by the secret
- "123456" with DES3 encryption.
-* ``dsa_public_key.pem`` - Contains a DSA 2048 bit key generated using OpenSSL
- from ``dsa_private_key.pem``.
+* ``asymmetric/PEM_Serialization/ec_private_key.pem`` - Contains an Elliptic
+ Curve key generated by OpenSSL from the curve ``secp256r1``.
+* ``asymmetric/PEM_Serialization/ec_private_key_encrypted.pem`` - Contains the
+ same Elliptic Curve key as ``ec_private_key.pem``, except that it is
+ encrypted with AES-128 with the password "123456".
+* ``asymmetric/PEM_Serialization/ec_public_key.pem`` - Contains the public key
+ corresponding to ``ec_private_key.pem``, generated using OpenSSL.
+* ``asymmetric/PEM_Serialization/rsa_private_key.pem`` - Contains an RSA 2048
+ bit key generated using OpenSSL, protected by the secret "123456" with DES3
+ encryption.
+* ``asymmetric/PEM_Serialization/rsa_public_key.pem`` - Contains an RSA 2048
+ bit public generated using OpenSSL from ``rsa_private_key.pem``.
+* ``asymmetric/PEM_Serialization/dsaparam.pem`` - Contains 2048-bit DSA
+ parameters generated using OpenSSL; contains no keys.
+* ``asymmetric/PEM_Serialization/dsa_private_key.pem`` - Contains a DSA 2048
+ bit key generated using OpenSSL from the parameters in ``dsaparam.pem``,
+ protected by the secret "123456" with DES3 encryption.
+* ``asymmetric/PEM_Serialization/dsa_public_key.pem`` - Contains a DSA 2048 bit
+ key generated using OpenSSL from ``dsa_private_key.pem``.
X.509
diff --git a/src/cryptography/__about__.py b/src/cryptography/__about__.py
index f2700d57..ee16edd7 100644
--- a/src/cryptography/__about__.py
+++ b/src/cryptography/__about__.py
@@ -20,4 +20,4 @@ __author__ = "The cryptography developers"
__email__ = "cryptography-dev@python.org"
__license__ = "BSD or Apache License, Version 2.0"
-__copyright__ = "Copyright 2013-2014 {0}".format(__author__)
+__copyright__ = "Copyright 2013-2015 {0}".format(__author__)
diff --git a/src/cryptography/hazmat/bindings/openssl/nid.py b/src/cryptography/hazmat/bindings/openssl/nid.py
index a025d3b4..c2c0552b 100644
--- a/src/cryptography/hazmat/bindings/openssl/nid.py
+++ b/src/cryptography/hazmat/bindings/openssl/nid.py
@@ -211,6 +211,11 @@ static const int NID_organizationalUnitName;
static const int NID_serialNumber;
static const int NID_surname;
static const int NID_givenName;
+static const int NID_title;
+static const int NID_generationQualifier;
+static const int NID_dnQualifier;
+static const int NID_pseudonym;
+static const int NID_domainComponent;
static const int NID_pkcs9_emailAddress;
"""
diff --git a/src/cryptography/hazmat/primitives/interfaces.py b/src/cryptography/hazmat/primitives/interfaces/__init__.py
index 76616e1f..fd1b25f3 100644
--- a/src/cryptography/hazmat/primitives/interfaces.py
+++ b/src/cryptography/hazmat/primitives/interfaces/__init__.py
@@ -8,72 +8,19 @@ import abc
import six
-
-@six.add_metaclass(abc.ABCMeta)
-class CipherAlgorithm(object):
- @abc.abstractproperty
- def name(self):
- """
- A string naming this mode (e.g. "AES", "Camellia").
- """
-
- @abc.abstractproperty
- def key_size(self):
- """
- The size of the key being used as an integer in bits (e.g. 128, 256).
- """
-
-
-@six.add_metaclass(abc.ABCMeta)
-class BlockCipherAlgorithm(object):
- @abc.abstractproperty
- def block_size(self):
- """
- The size of a block as an integer in bits (e.g. 64, 128).
- """
-
-
-@six.add_metaclass(abc.ABCMeta)
-class Mode(object):
- @abc.abstractproperty
- def name(self):
- """
- A string naming this mode (e.g. "ECB", "CBC").
- """
-
- @abc.abstractmethod
- def validate_for_algorithm(self, algorithm):
- """
- Checks that all the necessary invariants of this (mode, algorithm)
- combination are met.
- """
-
-
-@six.add_metaclass(abc.ABCMeta)
-class ModeWithInitializationVector(object):
- @abc.abstractproperty
- def initialization_vector(self):
- """
- The value of the initialization vector for this mode as bytes.
- """
-
-
-@six.add_metaclass(abc.ABCMeta)
-class ModeWithNonce(object):
- @abc.abstractproperty
- def nonce(self):
- """
- The value of the nonce for this mode as bytes.
- """
-
-
-@six.add_metaclass(abc.ABCMeta)
-class ModeWithAuthenticationTag(object):
- @abc.abstractproperty
- def tag(self):
- """
- The value of the tag supplied to the constructor of this mode.
- """
+from cryptography.hazmat.primitives.interfaces.ciphers import (
+ BlockCipherAlgorithm, CipherAlgorithm, Mode,
+ ModeWithAuthenticationTag, ModeWithInitializationVector, ModeWithNonce
+)
+
+__all__ = [
+ "BlockCipherAlgorithm",
+ "CipherAlgorithm",
+ "Mode",
+ "ModeWithAuthenticationTag",
+ "ModeWithInitializationVector",
+ "ModeWithNonce"
+]
@six.add_metaclass(abc.ABCMeta)
diff --git a/src/cryptography/hazmat/primitives/interfaces/ciphers.py b/src/cryptography/hazmat/primitives/interfaces/ciphers.py
new file mode 100644
index 00000000..075a9c25
--- /dev/null
+++ b/src/cryptography/hazmat/primitives/interfaces/ciphers.py
@@ -0,0 +1,76 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import absolute_import, division, print_function
+
+import abc
+
+import six
+
+
+@six.add_metaclass(abc.ABCMeta)
+class CipherAlgorithm(object):
+ @abc.abstractproperty
+ def name(self):
+ """
+ A string naming this mode (e.g. "AES", "Camellia").
+ """
+
+ @abc.abstractproperty
+ def key_size(self):
+ """
+ The size of the key being used as an integer in bits (e.g. 128, 256).
+ """
+
+
+@six.add_metaclass(abc.ABCMeta)
+class BlockCipherAlgorithm(object):
+ @abc.abstractproperty
+ def block_size(self):
+ """
+ The size of a block as an integer in bits (e.g. 64, 128).
+ """
+
+
+@six.add_metaclass(abc.ABCMeta)
+class Mode(object):
+ @abc.abstractproperty
+ def name(self):
+ """
+ A string naming this mode (e.g. "ECB", "CBC").
+ """
+
+ @abc.abstractmethod
+ def validate_for_algorithm(self, algorithm):
+ """
+ Checks that all the necessary invariants of this (mode, algorithm)
+ combination are met.
+ """
+
+
+@six.add_metaclass(abc.ABCMeta)
+class ModeWithInitializationVector(object):
+ @abc.abstractproperty
+ def initialization_vector(self):
+ """
+ The value of the initialization vector for this mode as bytes.
+ """
+
+
+@six.add_metaclass(abc.ABCMeta)
+class ModeWithNonce(object):
+ @abc.abstractproperty
+ def nonce(self):
+ """
+ The value of the nonce for this mode as bytes.
+ """
+
+
+@six.add_metaclass(abc.ABCMeta)
+class ModeWithAuthenticationTag(object):
+ @abc.abstractproperty
+ def tag(self):
+ """
+ The value of the tag supplied to the constructor of this mode.
+ """
diff --git a/src/cryptography/utils.py b/src/cryptography/utils.py
index ac2f787d..72f9a347 100644
--- a/src/cryptography/utils.py
+++ b/src/cryptography/utils.py
@@ -7,12 +7,17 @@ from __future__ import absolute_import, division, print_function
import abc
import inspect
import sys
+import warnings
# DeprecatedIn07 objects exist. This comment exists to remind developers to
# look for them when it's time for the ninth release cycle deprecation dance.
+def read_only_property(name):
+ return property(lambda self: getattr(self, name))
+
+
def register_interface(iface):
def register_decorator(klass):
verify_interface(iface, klass)
@@ -21,10 +26,6 @@ def register_interface(iface):
return register_decorator
-def read_only_property(name):
- return property(lambda self: getattr(self, name))
-
-
class InterfaceNotImplemented(Exception):
pass
@@ -55,3 +56,35 @@ if sys.version_info >= (2, 7):
else:
def bit_length(x):
return len(bin(x)) - (2 + (x <= 0))
+
+
+class _DeprecatedValue(object):
+ def __init__(self, value, message, warning_class):
+ self.value = value
+ self.message = message
+ self.warning_class = warning_class
+
+
+class _ModuleWithDeprecations(object):
+ def __init__(self, module):
+ self.__dict__["_module"] = module
+
+ def __getattr__(self, attr):
+ obj = getattr(self._module, attr)
+ if isinstance(obj, _DeprecatedValue):
+ warnings.warn(obj.message, obj.warning_class, stacklevel=2)
+ obj = obj.value
+ return obj
+
+ def __setattr__(self, attr, value):
+ setattr(self._module, attr, value)
+
+ def __dir__(self):
+ return ["_module"] + dir(self._module)
+
+
+def deprecated(value, module_name, message, warning_class):
+ module = sys.modules[module_name]
+ if not isinstance(module, _ModuleWithDeprecations):
+ sys.modules[module_name] = module = _ModuleWithDeprecations(module)
+ return _DeprecatedValue(value, message, warning_class)
diff --git a/tests/test_warnings.py b/tests/test_warnings.py
new file mode 100644
index 00000000..9946baa7
--- /dev/null
+++ b/tests/test_warnings.py
@@ -0,0 +1,47 @@
+# This file is dual licensed under the terms of the Apache License, Version
+# 2.0, and the BSD License. See the LICENSE file in the root of this repository
+# for complete details.
+
+from __future__ import absolute_import, division, print_function
+
+import sys
+import types
+import warnings
+
+from cryptography.utils import deprecated
+
+
+class TestDeprecated(object):
+ def test_deprecated(self, monkeypatch):
+ mod = types.ModuleType("TestDeprecated/test_deprecated")
+ monkeypatch.setitem(sys.modules, mod.__name__, mod)
+ mod.X = deprecated(
+ value=1,
+ module_name=mod.__name__,
+ message="deprecated message text",
+ warning_class=DeprecationWarning
+ )
+ mod.Y = deprecated(
+ value=2,
+ module_name=mod.__name__,
+ message="more deprecated text",
+ warning_class=PendingDeprecationWarning,
+ )
+ mod = sys.modules[mod.__name__]
+ mod.Z = 3
+
+ with warnings.catch_warnings(record=True) as log:
+ warnings.simplefilter("always", PendingDeprecationWarning)
+ warnings.simplefilter("always", DeprecationWarning)
+ assert mod.X == 1
+ assert mod.Y == 2
+ assert mod.Z == 3
+
+ [msg1, msg2] = log
+ assert msg1.category is DeprecationWarning
+ assert msg1.message.args == ("deprecated message text",)
+
+ assert msg2.category is PendingDeprecationWarning
+ assert msg2.message.args == ("more deprecated text",)
+
+ assert "Y" in dir(mod)
diff --git a/vectors/cryptography_vectors/__about__.py b/vectors/cryptography_vectors/__about__.py
index aa6fce09..f17d7b8e 100644
--- a/vectors/cryptography_vectors/__about__.py
+++ b/vectors/cryptography_vectors/__about__.py
@@ -20,4 +20,4 @@ __author__ = "The cryptography developers"
__email__ = "cryptography-dev@python.org"
__license__ = "BSD or Apache License, Version 2.0"
-__copyright__ = "Copyright 2013-2014 %s" % __author__
+__copyright__ = "Copyright 2013-2015 %s" % __author__