diff options
| -rw-r--r-- | docs/hazmat/backends/interfaces.rst | 45 | ||||
| -rw-r--r-- | src/cryptography/hazmat/backends/interfaces.py | 20 | ||||
| -rw-r--r-- | src/cryptography/hazmat/backends/multibackend.py | 63 | ||||
| -rw-r--r-- | src/cryptography/hazmat/backends/openssl/backend.py | 45 | ||||
| -rw-r--r-- | src/cryptography/hazmat/primitives/serialization.py | 26 | ||||
| -rw-r--r-- | src/cryptography/utils.py | 3 | ||||
| -rw-r--r-- | tests/hazmat/backends/test_multibackend.py | 88 | ||||
| -rw-r--r-- | tests/hazmat/backends/test_openssl.py | 44 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_serialization.py | 67 |
9 files changed, 40 insertions, 361 deletions
diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst index e4c43d9e..8620d9a7 100644 --- a/docs/hazmat/backends/interfaces.rst +++ b/docs/hazmat/backends/interfaces.rst @@ -468,51 +468,6 @@ A specific ``backend`` may provide one or more of these interfaces. serialized data contains. :raises ValueError: If the data could not be deserialized. -.. class:: TraditionalOpenSSLSerializationBackend - - .. versionadded:: 0.3 - - A backend with methods for working with OpenSSL's "traditional" PKCS #1 - style key serialization. - - .. method:: load_openssl_pem_private_key(data, password) - - :param bytes data: PEM data to deserialize. - - :param bytes password: The password to use if this data is encrypted. - Should be None if the data is not encrypted. - - :return: A new instance of the appropriate type of private key that the - serialized data contains. - - :raises ValueError: If the data could not be deserialized correctly. - - :raises cryptography.exceptions.UnsupportedAlgorithm: If the data is - encrypted with an unsupported algorithm. - - -.. class:: PKCS8SerializationBackend - - .. versionadded:: 0.5 - - A backend with methods for working with PKCS #8 key serialization. - - .. method:: load_pkcs8_pem_private_key(data, password) - - :param bytes data: PEM data to deserialize. - - :param bytes password: The password to use if this data is encrypted. - Should be None if the data is not encrypted. - - :return: A new instance of the appropriate private key or public key - that the serialized data contains. - - :raises ValueError: If the data could not be deserialized correctly. - - :raises cryptography.exceptions.UnsupportedAlgorithm: If the data is - encrypted with an unsupported algorithm. - - .. class:: X509Backend .. versionadded:: 0.7 diff --git a/src/cryptography/hazmat/backends/interfaces.py b/src/cryptography/hazmat/backends/interfaces.py index 8fc78309..4dc879ac 100644 --- a/src/cryptography/hazmat/backends/interfaces.py +++ b/src/cryptography/hazmat/backends/interfaces.py @@ -233,26 +233,6 @@ class PEMSerializationBackend(object): @six.add_metaclass(abc.ABCMeta) -class TraditionalOpenSSLSerializationBackend(object): - @abc.abstractmethod - def load_traditional_openssl_pem_private_key(self, data, password): - """ - Load a private key from PEM encoded data, using password if the data - is encrypted. - """ - - -@six.add_metaclass(abc.ABCMeta) -class PKCS8SerializationBackend(object): - @abc.abstractmethod - def load_pkcs8_pem_private_key(self, data, password): - """ - Load a private key from PKCS8 encoded data, using password if the data - is encrypted. - """ - - -@six.add_metaclass(abc.ABCMeta) class X509Backend(object): @abc.abstractmethod def load_pem_x509_certificate(self, data): diff --git a/src/cryptography/hazmat/backends/multibackend.py b/src/cryptography/hazmat/backends/multibackend.py index ffc569f4..27ee8e7f 100644 --- a/src/cryptography/hazmat/backends/multibackend.py +++ b/src/cryptography/hazmat/backends/multibackend.py @@ -4,15 +4,12 @@ from __future__ import absolute_import, division, print_function -import warnings - from cryptography import utils from cryptography.exceptions import UnsupportedAlgorithm, _Reasons from cryptography.hazmat.backends.interfaces import ( CMACBackend, CipherBackend, DSABackend, EllipticCurveBackend, HMACBackend, HashBackend, PBKDF2HMACBackend, PEMSerializationBackend, - PKCS8SerializationBackend, RSABackend, - TraditionalOpenSSLSerializationBackend, X509Backend + RSABackend, X509Backend ) @@ -21,9 +18,7 @@ from cryptography.hazmat.backends.interfaces import ( @utils.register_interface(HashBackend) @utils.register_interface(HMACBackend) @utils.register_interface(PBKDF2HMACBackend) -@utils.register_interface(PKCS8SerializationBackend) @utils.register_interface(RSABackend) -@utils.register_interface(TraditionalOpenSSLSerializationBackend) @utils.register_interface(DSABackend) @utils.register_interface(EllipticCurveBackend) @utils.register_interface(PEMSerializationBackend) @@ -251,24 +246,6 @@ class MultiBackend(object): _Reasons.UNSUPPORTED_ELLIPTIC_CURVE ) - def elliptic_curve_private_key_from_numbers(self, numbers): - warnings.warn( - "elliptic_curve_private_key_from_numbers is deprecated and will " - "be removed in a future version.", - utils.DeprecatedIn06, - stacklevel=2 - ) - for b in self._filtered_backends(EllipticCurveBackend): - try: - return b.elliptic_curve_private_key_from_numbers(numbers) - except UnsupportedAlgorithm: - continue - - raise UnsupportedAlgorithm( - "This backend does not support this elliptic curve.", - _Reasons.UNSUPPORTED_ELLIPTIC_CURVE - ) - def load_elliptic_curve_private_numbers(self, numbers): for b in self._filtered_backends(EllipticCurveBackend): try: @@ -281,24 +258,6 @@ class MultiBackend(object): _Reasons.UNSUPPORTED_ELLIPTIC_CURVE ) - def elliptic_curve_public_key_from_numbers(self, numbers): - warnings.warn( - "elliptic_curve_public_key_from_numbers is deprecated and will " - "be removed in a future version.", - utils.DeprecatedIn06, - stacklevel=2 - ) - for b in self._filtered_backends(EllipticCurveBackend): - try: - return b.elliptic_curve_public_key_from_numbers(numbers) - except UnsupportedAlgorithm: - continue - - raise UnsupportedAlgorithm( - "This backend does not support this elliptic curve.", - _Reasons.UNSUPPORTED_ELLIPTIC_CURVE - ) - def load_elliptic_curve_public_numbers(self, numbers): for b in self._filtered_backends(EllipticCurveBackend): try: @@ -329,26 +288,6 @@ class MultiBackend(object): _Reasons.UNSUPPORTED_SERIALIZATION ) - def load_pkcs8_pem_private_key(self, data, password): - for b in self._filtered_backends(PKCS8SerializationBackend): - return b.load_pkcs8_pem_private_key(data, password) - - raise UnsupportedAlgorithm( - "This backend does not support this key serialization.", - _Reasons.UNSUPPORTED_SERIALIZATION - ) - - def load_traditional_openssl_pem_private_key(self, data, password): - for b in self._filtered_backends( - TraditionalOpenSSLSerializationBackend - ): - return b.load_traditional_openssl_pem_private_key(data, password) - - raise UnsupportedAlgorithm( - "This backend does not support this key serialization.", - _Reasons.UNSUPPORTED_SERIALIZATION - ) - def load_pem_x509_certificate(self, data): for b in self._filtered_backends( X509Backend diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py index daccf5ca..34efdce9 100644 --- a/src/cryptography/hazmat/backends/openssl/backend.py +++ b/src/cryptography/hazmat/backends/openssl/backend.py @@ -6,7 +6,6 @@ from __future__ import absolute_import, division, print_function import collections import itertools -import warnings from contextlib import contextmanager import six @@ -17,9 +16,8 @@ from cryptography.exceptions import ( ) from cryptography.hazmat.backends.interfaces import ( CMACBackend, CipherBackend, DSABackend, EllipticCurveBackend, HMACBackend, - HashBackend, PBKDF2HMACBackend, PEMSerializationBackend, - PKCS8SerializationBackend, RSABackend, - TraditionalOpenSSLSerializationBackend, X509Backend + HashBackend, PBKDF2HMACBackend, PEMSerializationBackend, RSABackend, + X509Backend ) from cryptography.hazmat.backends.openssl.ciphers import ( _AESCTRCipherContext, _CipherContext @@ -63,9 +61,7 @@ _OpenSSLError = collections.namedtuple("_OpenSSLError", @utils.register_interface(HashBackend) @utils.register_interface(HMACBackend) @utils.register_interface(PBKDF2HMACBackend) -@utils.register_interface(PKCS8SerializationBackend) @utils.register_interface(RSABackend) -@utils.register_interface(TraditionalOpenSSLSerializationBackend) @utils.register_interface(PEMSerializationBackend) @utils.register_interface(X509Backend) class Backend(object): @@ -721,25 +717,6 @@ class Backend(object): x509 = self._ffi.gc(x509, self._lib.X509_free) return _Certificate(self, x509) - def load_traditional_openssl_pem_private_key(self, data, password): - warnings.warn( - "load_traditional_openssl_pem_private_key is deprecated and will " - "be removed in a future version, use load_pem_private_key " - "instead.", - utils.DeprecatedIn06, - stacklevel=2 - ) - return self.load_pem_private_key(data, password) - - def load_pkcs8_pem_private_key(self, data, password): - warnings.warn( - "load_pkcs8_pem_private_key is deprecated and will be removed in a" - " future version, use load_pem_private_key instead.", - utils.DeprecatedIn06, - stacklevel=2 - ) - return self.load_pem_private_key(data, password) - def _load_key(self, openssl_read_func, convert_func, data, password): mem_bio = self._bytes_to_bio(data) @@ -903,15 +880,6 @@ class Backend(object): _Reasons.UNSUPPORTED_ELLIPTIC_CURVE ) - def elliptic_curve_private_key_from_numbers(self, numbers): - warnings.warn( - "elliptic_curve_private_key_from_numbers is deprecated and will " - "be removed in a future version.", - utils.DeprecatedIn06, - stacklevel=2 - ) - return self.load_elliptic_curve_private_numbers(numbers) - def load_elliptic_curve_private_numbers(self, numbers): public = numbers.public_numbers @@ -930,15 +898,6 @@ class Backend(object): return _EllipticCurvePrivateKey(self, ec_cdata) - def elliptic_curve_public_key_from_numbers(self, numbers): - warnings.warn( - "elliptic_curve_public_key_from_numbers is deprecated and will be " - "removed in a future version.", - utils.DeprecatedIn06, - stacklevel=2 - ) - return self.load_elliptic_curve_public_numbers(numbers) - def load_elliptic_curve_public_numbers(self, numbers): curve_nid = self._elliptic_curve_to_nid(numbers.curve) diff --git a/src/cryptography/hazmat/primitives/serialization.py b/src/cryptography/hazmat/primitives/serialization.py index f080ea86..083f17e5 100644 --- a/src/cryptography/hazmat/primitives/serialization.py +++ b/src/cryptography/hazmat/primitives/serialization.py @@ -6,9 +6,7 @@ from __future__ import absolute_import, division, print_function import base64 import struct -import warnings -from cryptography import utils from cryptography.exceptions import UnsupportedAlgorithm from cryptography.hazmat.primitives.asymmetric.dsa import ( DSAParameterNumbers, DSAPublicNumbers @@ -16,30 +14,6 @@ from cryptography.hazmat.primitives.asymmetric.dsa import ( from cryptography.hazmat.primitives.asymmetric.rsa import RSAPublicNumbers -def load_pem_traditional_openssl_private_key(data, password, backend): - warnings.warn( - "load_pem_traditional_openssl_private_key is deprecated and will be " - "removed in a future version, use load_pem_private_key instead.", - utils.DeprecatedIn06, - stacklevel=2 - ) - - return backend.load_traditional_openssl_pem_private_key( - data, password - ) - - -def load_pem_pkcs8_private_key(data, password, backend): - warnings.warn( - "load_pem_pkcs8_private_key is deprecated and will be removed in a " - "future version, use load_pem_private_key instead.", - utils.DeprecatedIn06, - stacklevel=2 - ) - - return backend.load_pkcs8_pem_private_key(data, password) - - def load_pem_private_key(data, password, backend): return backend.load_pem_private_key(data, password) diff --git a/src/cryptography/utils.py b/src/cryptography/utils.py index 78f73464..ac2f787d 100644 --- a/src/cryptography/utils.py +++ b/src/cryptography/utils.py @@ -9,7 +9,8 @@ import inspect import sys -DeprecatedIn06 = DeprecationWarning +# DeprecatedIn07 objects exist. This comment exists to remind developers to +# look for them when it's time for the ninth release cycle deprecation dance. def register_interface(iface): diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py index 03aa3cd8..43ecbf83 100644 --- a/tests/hazmat/backends/test_multibackend.py +++ b/tests/hazmat/backends/test_multibackend.py @@ -4,8 +4,6 @@ from __future__ import absolute_import, division, print_function -import pytest - from cryptography import utils from cryptography.exceptions import ( UnsupportedAlgorithm, _Reasons @@ -13,8 +11,7 @@ from cryptography.exceptions import ( from cryptography.hazmat.backends.interfaces import ( CMACBackend, CipherBackend, DSABackend, EllipticCurveBackend, HMACBackend, HashBackend, PBKDF2HMACBackend, PEMSerializationBackend, - PKCS8SerializationBackend, RSABackend, - TraditionalOpenSSLSerializationBackend, X509Backend + RSABackend, X509Backend ) from cryptography.hazmat.backends.multibackend import MultiBackend from cryptography.hazmat.primitives import cmac, hashes, hmac @@ -169,31 +166,11 @@ class DummyEllipticCurveBackend(object): if not self.elliptic_curve_supported(numbers.public_numbers.curve): raise UnsupportedAlgorithm(_Reasons.UNSUPPORTED_ELLIPTIC_CURVE) - def elliptic_curve_private_key_from_numbers(self, numbers): - if not self.elliptic_curve_supported(numbers.public_numbers.curve): - raise UnsupportedAlgorithm(_Reasons.UNSUPPORTED_ELLIPTIC_CURVE) - - def elliptic_curve_public_key_from_numbers(self, numbers): - if not self.elliptic_curve_supported(numbers.curve): - raise UnsupportedAlgorithm(_Reasons.UNSUPPORTED_ELLIPTIC_CURVE) - def load_elliptic_curve_public_numbers(self, numbers): if not self.elliptic_curve_supported(numbers.curve): raise UnsupportedAlgorithm(_Reasons.UNSUPPORTED_ELLIPTIC_CURVE) -@utils.register_interface(PKCS8SerializationBackend) -class DummyPKCS8SerializationBackend(object): - def load_pkcs8_pem_private_key(self, data, password): - pass - - -@utils.register_interface(TraditionalOpenSSLSerializationBackend) -class DummyTraditionalOpenSSLSerializationBackend(object): - def load_traditional_openssl_pem_private_key(self, data, password): - pass - - @utils.register_interface(PEMSerializationBackend) class DummyPEMSerializationBackend(object): def load_pem_private_key(self, data, password): @@ -457,69 +434,6 @@ class TestMultiBackend(object): ) ) - def test_deprecated_elliptic_curve(self): - backend = MultiBackend([ - DummyEllipticCurveBackend([ - ec.SECT283K1 - ]) - ]) - - assert backend.elliptic_curve_signature_algorithm_supported( - ec.ECDSA(hashes.SHA256()), - ec.SECT163K1() - ) is False - - pub_numbers = ec.EllipticCurvePublicNumbers(2, 3, ec.SECT283K1()) - numbers = ec.EllipticCurvePrivateNumbers(1, pub_numbers) - - pytest.deprecated_call( - backend.elliptic_curve_private_key_from_numbers, - numbers - ) - pytest.deprecated_call( - backend.elliptic_curve_public_key_from_numbers, - pub_numbers - ) - - with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_ELLIPTIC_CURVE): - backend.elliptic_curve_private_key_from_numbers( - ec.EllipticCurvePrivateNumbers( - 1, - ec.EllipticCurvePublicNumbers( - 2, - 3, - ec.SECT163K1() - ) - ) - ) - - with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_ELLIPTIC_CURVE): - backend.elliptic_curve_public_key_from_numbers( - ec.EllipticCurvePublicNumbers( - 2, - 3, - ec.SECT163K1() - ) - ) - - def test_pkcs8_serialization_backend(self): - backend = MultiBackend([DummyPKCS8SerializationBackend()]) - - backend.load_pkcs8_pem_private_key(b"keydata", None) - - backend = MultiBackend([]) - with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_SERIALIZATION): - backend.load_pkcs8_pem_private_key(b"keydata", None) - - def test_traditional_openssl_serialization_backend(self): - backend = MultiBackend([DummyTraditionalOpenSSLSerializationBackend()]) - - backend.load_traditional_openssl_pem_private_key(b"keydata", None) - - backend = MultiBackend([]) - with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_SERIALIZATION): - backend.load_traditional_openssl_pem_private_key(b"keydata", None) - def test_pem_serialization_backend(self): backend = MultiBackend([DummyPEMSerializationBackend()]) diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index dfd0abe1..b6bb5491 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -15,20 +15,18 @@ import pytest from cryptography import utils from cryptography.exceptions import InternalError, _Reasons -from cryptography.hazmat.backends.interfaces import EllipticCurveBackend from cryptography.hazmat.backends.openssl.backend import ( Backend, backend ) from cryptography.hazmat.backends.openssl.ec import _sn_to_elliptic_curve from cryptography.hazmat.primitives import hashes, interfaces -from cryptography.hazmat.primitives.asymmetric import dsa, ec, padding +from cryptography.hazmat.primitives.asymmetric import dsa, padding from cryptography.hazmat.primitives.ciphers import Cipher from cryptography.hazmat.primitives.ciphers.algorithms import AES from cryptography.hazmat.primitives.ciphers.modes import CBC, CTR from cryptography.hazmat.primitives.interfaces import BlockCipherAlgorithm from ..primitives.fixtures_rsa import RSA_KEY_512 -from ..primitives.test_ec import _skip_curve_unsupported from ...utils import load_vectors_from_file, raises_unsupported_algorithm @@ -458,7 +456,7 @@ class TestOpenSSLSerialisationWithOpenSSL(object): "key1.pem" ), lambda pemfile: ( - backend.load_traditional_openssl_pem_private_key( + backend.load_pem_private_key( pemfile.read().encode(), password ) ) @@ -481,41 +479,3 @@ class TestOpenSSLEllipticCurve(object): def test_sn_to_elliptic_curve_not_supported(self): with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_ELLIPTIC_CURVE): _sn_to_elliptic_curve(backend, b"fake") - - -@pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) -class TestDeprecatedECBackendMethods(object): - def test_elliptic_curve_private_key_from_numbers(self): - d = 5634846038258869671139984276180670841223409490498798721258 - y = 4131560123026307384858369684985976479488628761329758810693 - x = 3402090428547195623222463880060959356423657484435591627791 - curve = ec.SECP192R1() - _skip_curve_unsupported(backend, curve) - pub_numbers = ec.EllipticCurvePublicNumbers( - x=x, - y=y, - curve=curve - ) - numbers = ec.EllipticCurvePrivateNumbers( - private_value=d, - public_numbers=pub_numbers - ) - pytest.deprecated_call( - backend.elliptic_curve_private_key_from_numbers, - numbers - ) - - def test_elliptic_curve_public_key_from_numbers(self): - y = 4131560123026307384858369684985976479488628761329758810693 - x = 3402090428547195623222463880060959356423657484435591627791 - curve = ec.SECP192R1() - _skip_curve_unsupported(backend, curve) - pub_numbers = ec.EllipticCurvePublicNumbers( - x=x, - y=y, - curve=curve - ) - pytest.deprecated_call( - backend.elliptic_curve_public_key_from_numbers, - pub_numbers - ) diff --git a/tests/hazmat/primitives/test_serialization.py b/tests/hazmat/primitives/test_serialization.py index 91db318c..341ccf80 100644 --- a/tests/hazmat/primitives/test_serialization.py +++ b/tests/hazmat/primitives/test_serialization.py @@ -11,9 +11,7 @@ import pytest from cryptography.exceptions import UnsupportedAlgorithm, _Reasons from cryptography.hazmat.backends.interfaces import ( - DSABackend, EllipticCurveBackend, PEMSerializationBackend, - PKCS8SerializationBackend, RSABackend, - TraditionalOpenSSLSerializationBackend + DSABackend, EllipticCurveBackend, PEMSerializationBackend, RSABackend ) from cryptography.hazmat.primitives import interfaces from cryptography.hazmat.primitives.asymmetric import ec @@ -22,8 +20,7 @@ from cryptography.hazmat.primitives.asymmetric.dsa import ( ) from cryptography.hazmat.primitives.asymmetric.rsa import RSAPublicNumbers from cryptography.hazmat.primitives.serialization import ( - load_pem_pkcs8_private_key, load_pem_private_key, load_pem_public_key, - load_pem_traditional_openssl_private_key, load_ssh_public_key + load_pem_private_key, load_pem_public_key, load_ssh_public_key ) @@ -138,7 +135,7 @@ class TestPEMSerialization(object): @pytest.mark.requires_backend_interface( - interface=TraditionalOpenSSLSerializationBackend + interface=PEMSerializationBackend ) class TestTraditionalOpenSSLSerialization(object): @pytest.mark.parametrize( @@ -154,7 +151,7 @@ class TestTraditionalOpenSSLSerialization(object): key = load_vectors_from_file( os.path.join( "asymmetric", "Traditional_OpenSSL_Serialization", key_file), - lambda pemfile: load_pem_traditional_openssl_private_key( + lambda pemfile: load_pem_private_key( pemfile.read().encode(), password, backend ) ) @@ -176,7 +173,7 @@ class TestTraditionalOpenSSLSerialization(object): key = load_vectors_from_file( os.path.join( "asymmetric", "Traditional_OpenSSL_Serialization", key_file), - lambda pemfile: load_pem_traditional_openssl_private_key( + lambda pemfile: load_pem_private_key( pemfile.read().encode(), password, backend ) ) @@ -188,7 +185,7 @@ class TestTraditionalOpenSSLSerialization(object): pkey = load_vectors_from_file( os.path.join( "asymmetric", "Traditional_OpenSSL_Serialization", "key1.pem"), - lambda pemfile: load_pem_traditional_openssl_private_key( + lambda pemfile: load_pem_private_key( pemfile.read().encode(), b"123456", backend ) ) @@ -235,7 +232,7 @@ class TestTraditionalOpenSSLSerialization(object): with pytest.raises(TypeError): load_vectors_from_file( key_file, - lambda pemfile: load_pem_traditional_openssl_private_key( + lambda pemfile: load_pem_private_key( pemfile.read().encode(), password, backend ) ) @@ -251,7 +248,7 @@ class TestTraditionalOpenSSLSerialization(object): with pytest.raises(ValueError): load_vectors_from_file( key_file, - lambda pemfile: load_pem_traditional_openssl_private_key( + lambda pemfile: load_pem_private_key( pemfile.read().encode(), password, backend ) ) @@ -267,7 +264,7 @@ class TestTraditionalOpenSSLSerialization(object): with pytest.raises(TypeError): load_vectors_from_file( key_file, - lambda pemfile: load_pem_traditional_openssl_private_key( + lambda pemfile: load_pem_private_key( pemfile.read().encode(), password, backend ) ) @@ -276,12 +273,12 @@ class TestTraditionalOpenSSLSerialization(object): key_data = b"---- NOT A KEY ----\n" with pytest.raises(ValueError): - load_pem_traditional_openssl_private_key( + load_pem_private_key( key_data, None, backend ) with pytest.raises(ValueError): - load_pem_traditional_openssl_private_key( + load_pem_private_key( key_data, b"this password will not be used", backend ) @@ -299,12 +296,12 @@ class TestTraditionalOpenSSLSerialization(object): """).encode() with pytest.raises(ValueError): - load_pem_traditional_openssl_private_key( + load_pem_private_key( key_data, None, backend ) with pytest.raises(ValueError): - load_pem_traditional_openssl_private_key( + load_pem_private_key( key_data, b"this password will not be used", backend ) @@ -328,12 +325,12 @@ class TestTraditionalOpenSSLSerialization(object): password = b"this password is wrong" with pytest.raises(ValueError): - load_pem_traditional_openssl_private_key( + load_pem_private_key( key_data, None, backend ) with pytest.raises(ValueError): - load_pem_traditional_openssl_private_key( + load_pem_private_key( key_data, password, backend ) @@ -356,12 +353,12 @@ class TestTraditionalOpenSSLSerialization(object): password = b"password" with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_CIPHER): - load_pem_traditional_openssl_private_key( + load_pem_private_key( key_data, password, backend ) -@pytest.mark.requires_backend_interface(interface=PKCS8SerializationBackend) +@pytest.mark.requires_backend_interface(interface=PEMSerializationBackend) class TestPKCS8Serialization(object): @pytest.mark.parametrize( ("key_file", "password"), @@ -385,7 +382,7 @@ class TestPKCS8Serialization(object): key = load_vectors_from_file( os.path.join( "asymmetric", "PKCS8", key_file), - lambda pemfile: load_pem_pkcs8_private_key( + lambda pemfile: load_pem_private_key( pemfile.read().encode(), password, backend ) ) @@ -408,7 +405,7 @@ class TestPKCS8Serialization(object): key = load_vectors_from_file( os.path.join( "asymmetric", "PKCS8", key_file), - lambda pemfile: load_pem_pkcs8_private_key( + lambda pemfile: load_pem_private_key( pemfile.read().encode(), password, backend ) ) @@ -425,7 +422,7 @@ class TestPKCS8Serialization(object): with pytest.raises(TypeError): load_vectors_from_file( key_file, - lambda pemfile: load_pem_pkcs8_private_key( + lambda pemfile: load_pem_private_key( pemfile.read().encode(), password, backend ) ) @@ -438,7 +435,7 @@ class TestPKCS8Serialization(object): with pytest.raises(ValueError): load_vectors_from_file( key_file, - lambda pemfile: load_pem_pkcs8_private_key( + lambda pemfile: load_pem_private_key( pemfile.read().encode(), password, backend ) ) @@ -454,7 +451,7 @@ class TestPKCS8Serialization(object): with pytest.raises(TypeError): load_vectors_from_file( key_file, - lambda pemfile: load_pem_pkcs8_private_key( + lambda pemfile: load_pem_private_key( pemfile.read().encode(), password, backend ) ) @@ -463,12 +460,12 @@ class TestPKCS8Serialization(object): key_data = b"---- NOT A KEY ----\n" with pytest.raises(ValueError): - load_pem_pkcs8_private_key( + load_pem_private_key( key_data, None, backend ) with pytest.raises(ValueError): - load_pem_pkcs8_private_key( + load_pem_private_key( key_data, b"this password will not be used", backend ) @@ -493,12 +490,12 @@ class TestPKCS8Serialization(object): """).encode() with pytest.raises(ValueError): - load_pem_pkcs8_private_key( + load_pem_private_key( key_data, None, backend ) with pytest.raises(ValueError): - load_pem_pkcs8_private_key( + load_pem_private_key( key_data, b"this password will not be used", backend ) @@ -527,12 +524,12 @@ class TestPKCS8Serialization(object): password = b"this password is wrong" with pytest.raises(ValueError): - load_pem_pkcs8_private_key( + load_pem_private_key( key_data, None, backend ) with pytest.raises(ValueError): - load_pem_pkcs8_private_key( + load_pem_private_key( key_data, password, backend ) @@ -540,7 +537,7 @@ class TestPKCS8Serialization(object): pkey = load_vectors_from_file( os.path.join( "asymmetric", "PKCS8", "enc-rsa-pkcs8.pem"), - lambda pemfile: load_pem_pkcs8_private_key( + lambda pemfile: load_pem_private_key( pemfile.read().encode(), b"foobar", backend ) ) @@ -606,7 +603,7 @@ class TestPKCS8Serialization(object): key = load_vectors_from_file( os.path.join( "asymmetric", "PKCS8", key_file), - lambda pemfile: load_pem_traditional_openssl_private_key( + lambda pemfile: load_pem_private_key( pemfile.read().encode(), password, backend ) ) @@ -665,7 +662,7 @@ class TestPKCS8Serialization(object): load_vectors_from_file( os.path.join( "asymmetric", "PKCS8", key_file), - lambda pemfile: load_pem_traditional_openssl_private_key( + lambda pemfile: load_pem_private_key( pemfile.read().encode(), password, backend ) ) @@ -681,7 +678,7 @@ class TestPKCS8Serialization(object): load_vectors_from_file( os.path.join( "asymmetric", "PKCS8", key_file), - lambda pemfile: load_pem_traditional_openssl_private_key( + lambda pemfile: load_pem_private_key( pemfile.read().encode(), password, backend ) ) |