diff options
| -rw-r--r-- | docs/api-stability.rst | 4 | ||||
| -rw-r--r-- | src/cryptography/utils.py | 10 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_asym_utils.py | 7 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_dsa.py | 9 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_ec.py | 9 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_rsa.py | 20 | ||||
| -rw-r--r-- | tests/x509/test_x509.py | 4 |
7 files changed, 36 insertions, 27 deletions
diff --git a/docs/api-stability.rst b/docs/api-stability.rst index 7ba1d426..2bb53841 100644 --- a/docs/api-stability.rst +++ b/docs/api-stability.rst @@ -42,9 +42,9 @@ entirely. In that case, here's how the process will work: * In ``cryptography X.Y`` the feature exists. * In ``cryptography X.Y+1`` using that feature will emit a - ``PendingDeprecationWarning``. + ``UserWarning``. * In ``cryptography X.Y+2`` using that feature will emit a - ``DeprecationWarning``. + ``UserWarning``. * In ``cryptography X.Y+3`` the feature will be removed or changed. In short, code that runs without warnings will always continue to work for a diff --git a/src/cryptography/utils.py b/src/cryptography/utils.py index 382905c0..baa7b7a1 100644 --- a/src/cryptography/utils.py +++ b/src/cryptography/utils.py @@ -11,11 +11,17 @@ import sys import warnings +# We use a UserWarning subclass, instead of DeprecationWarning, because CPython +# decided deprecation warnings should be invisble be default. +class CryptographyDeprecationWarning(UserWarning): + pass + + # Several APIs were deprecated with no specific end-of-life date because of the # ubiquity of their use. They should not be removed until we agree on when that # cycle ends. -PersistentlyDeprecated = DeprecationWarning -DeprecatedIn21 = DeprecationWarning +PersistentlyDeprecated = CryptographyDeprecationWarning +DeprecatedIn21 = CryptographyDeprecationWarning def _check_bytes(name, value): diff --git a/tests/hazmat/primitives/test_asym_utils.py b/tests/hazmat/primitives/test_asym_utils.py index 4835f091..fc9e9fd8 100644 --- a/tests/hazmat/primitives/test_asym_utils.py +++ b/tests/hazmat/primitives/test_asym_utils.py @@ -10,12 +10,15 @@ from cryptography.hazmat.primitives.asymmetric.utils import ( Prehashed, decode_dss_signature, decode_rfc6979_signature, encode_dss_signature, encode_rfc6979_signature, ) +from cryptography.utils import CryptographyDeprecationWarning def test_deprecated_rfc6979_signature(): - sig = pytest.deprecated_call(encode_rfc6979_signature, 1, 1) + with pytest.warns(CryptographyDeprecationWarning): + sig = encode_rfc6979_signature(1, 1) assert sig == b"0\x06\x02\x01\x01\x02\x01\x01" - decoded = pytest.deprecated_call(decode_rfc6979_signature, sig) + with pytest.warns(CryptographyDeprecationWarning): + decoded = decode_rfc6979_signature(sig) assert decoded == (1, 1) diff --git a/tests/hazmat/primitives/test_dsa.py b/tests/hazmat/primitives/test_dsa.py index 89303fed..f08de6a1 100644 --- a/tests/hazmat/primitives/test_dsa.py +++ b/tests/hazmat/primitives/test_dsa.py @@ -18,6 +18,7 @@ from cryptography.hazmat.primitives.asymmetric import dsa from cryptography.hazmat.primitives.asymmetric.utils import ( Prehashed, encode_dss_signature ) +from cryptography.utils import CryptographyDeprecationWarning from .fixtures_dsa import ( DSA_KEY_1024, DSA_KEY_2048, DSA_KEY_3072 @@ -574,9 +575,8 @@ class TestDSAVerification(object): y=vector['y'] ).public_key(backend) sig = encode_dss_signature(vector['r'], vector['s']) - verifier = pytest.deprecated_call( - public_key.verifier, sig, algorithm() - ) + with pytest.warns(CryptographyDeprecationWarning): + verifier = public_key.verifier(sig, algorithm()) verifier.update(vector['msg']) if vector['result'] == "F": @@ -687,7 +687,8 @@ class TestDSASignature(object): ), x=vector['x'] ).private_key(backend) - signer = pytest.deprecated_call(private_key.signer, algorithm()) + with pytest.warns(CryptographyDeprecationWarning): + signer = private_key.signer(algorithm()) signer.update(vector['msg']) signature = signer.finalize() assert signature diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py index f493869d..4f08f184 100644 --- a/tests/hazmat/primitives/test_ec.py +++ b/tests/hazmat/primitives/test_ec.py @@ -20,6 +20,7 @@ from cryptography.hazmat.primitives.asymmetric import ec from cryptography.hazmat.primitives.asymmetric.utils import ( Prehashed, encode_dss_signature ) +from cryptography.utils import CryptographyDeprecationWarning from .fixtures_ec import EC_KEY_SECP384R1 from ...doubles import DummyKeySerializationEncryption @@ -350,13 +351,13 @@ class TestECDSAVectors(object): pkey = key.public_key() assert pkey - signer = pytest.deprecated_call(key.signer, ec.ECDSA(hash_type())) + with pytest.warns(CryptographyDeprecationWarning): + signer = key.signer(ec.ECDSA(hash_type())) signer.update(b"YELLOW SUBMARINE") signature = signer.finalize() - verifier = pytest.deprecated_call( - pkey.verifier, signature, ec.ECDSA(hash_type()) - ) + with pytest.warns(CryptographyDeprecationWarning): + verifier = pkey.verifier(signature, ec.ECDSA(hash_type())) verifier.update(b"YELLOW SUBMARINE") verifier.verify() diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py index fc956ecb..09820429 100644 --- a/tests/hazmat/primitives/test_rsa.py +++ b/tests/hazmat/primitives/test_rsa.py @@ -24,6 +24,7 @@ from cryptography.hazmat.primitives.asymmetric import ( from cryptography.hazmat.primitives.asymmetric.rsa import ( RSAPrivateNumbers, RSAPublicNumbers ) +from cryptography.utils import CryptographyDeprecationWarning from .fixtures_rsa import ( RSA_KEY_1024, RSA_KEY_1025, RSA_KEY_1026, RSA_KEY_1027, RSA_KEY_1028, @@ -383,11 +384,8 @@ class TestRSASignature(object): n=private["modulus"] ) ).private_key(backend) - signer = pytest.deprecated_call( - private_key.signer, - padding.PKCS1v15(), - hashes.SHA1() - ) + with pytest.warns(CryptographyDeprecationWarning): + signer = private_key.signer(padding.PKCS1v15(), hashes.SHA1()) signer.update(binascii.unhexlify(example["message"])) signature = signer.finalize() assert binascii.hexlify(signature) == example["signature"] @@ -714,12 +712,12 @@ class TestRSAVerification(object): e=public["public_exponent"], n=public["modulus"] ).public_key(backend) - verifier = pytest.deprecated_call( - public_key.verifier, - binascii.unhexlify(example["signature"]), - padding.PKCS1v15(), - hashes.SHA1() - ) + with pytest.warns(CryptographyDeprecationWarning): + verifier = public_key.verifier( + binascii.unhexlify(example["signature"]), + padding.PKCS1v15(), + hashes.SHA1() + ) verifier.update(binascii.unhexlify(example["message"])) verifier.verify() diff --git a/tests/x509/test_x509.py b/tests/x509/test_x509.py index 97b5a749..27e284a3 100644 --- a/tests/x509/test_x509.py +++ b/tests/x509/test_x509.py @@ -577,7 +577,7 @@ class TestRSACertificate(object): backend ) - with pytest.deprecated_call(): + with pytest.warns(utils.CryptographyDeprecationWarning): assert cert.serial == 2 assert cert.serial_number == 2 @@ -588,7 +588,7 @@ class TestRSACertificate(object): backend ) - with pytest.deprecated_call(): + with pytest.warns(utils.CryptographyDeprecationWarning): cert.serial def test_load_der_cert(self, backend): |