15 files changed, 249 insertions, 11 deletions

diff --git a/docs/community.rst b/docs/community.rst
index bf1cd1c7..2b7cdc60 100644
--- a/docs/community.rst
+++ b/docs/community.rst
@@ -17,4 +17,4 @@ Conduct`_.
 .. _`Source code`: https://github.com/pyca/cryptography
 .. _`Issue tracker`: https://github.com/pyca/cryptography/issues
 .. _`Documentation`: https://cryptography.io/
-.. _`Python Community Code of Conduct`: http://www.python.org/psf/codeofconduct/
+.. _`Python Community Code of Conduct`: https://www.python.org/psf/codeofconduct/
diff --git a/docs/conf.py b/docs/conf.py
index b70114d8..fc16b38a 100644
--- a/docs/conf.py
+++ b/docs/conf.py
@@ -268,6 +268,6 @@ texinfo_documents = [
 # texinfo_show_urls = 'footnote'
 
 # Example configuration for intersphinx: refer to the Python standard library.
-intersphinx_mapping = {'http://docs.python.org/': None}
+intersphinx_mapping = {'https://docs.python.org/': None}
 
 epub_theme = 'epub'
diff --git a/docs/development/c-bindings.rst b/docs/development/c-bindings.rst
index 10d5fc10..993a4ab2 100644
--- a/docs/development/c-bindings.rst
+++ b/docs/development/c-bindings.rst
@@ -3,7 +3,7 @@ C bindings
 
 C bindings are bindings to C libraries, using cffi_ whenever possible.
 
-.. _cffi: http://cffi.readthedocs.org
+.. _cffi: https://cffi.readthedocs.org
 
 Bindings live in :py:mod:`cryptography.hazmat.bindings`.
 
diff --git a/docs/hazmat/backends/openssl.rst b/docs/hazmat/backends/openssl.rst
index e829798a..b48e502d 100644
--- a/docs/hazmat/backends/openssl.rst
+++ b/docs/hazmat/backends/openssl.rst
@@ -78,5 +78,5 @@ seeded from the same pool as ``/dev/random``.
 
 .. _`OpenSSL`: https://www.openssl.org/
 .. _`initializing the RNG`: https://en.wikipedia.org/wiki/OpenSSL#Predictable_keys_.28Debian-specific.29
-.. _`Yarrow`: http://en.wikipedia.org/wiki/Yarrow_algorithm
+.. _`Yarrow`: https://en.wikipedia.org/wiki/Yarrow_algorithm
 .. _`Microsoft documentation`: http://msdn.microsoft.com/en-us/library/windows/desktop/aa379942(v=vs.85).aspx
diff --git a/docs/hazmat/bindings/openssl.rst b/docs/hazmat/bindings/openssl.rst
index a6d1c484..36255b52 100644
--- a/docs/hazmat/bindings/openssl.rst
+++ b/docs/hazmat/bindings/openssl.rst
@@ -46,4 +46,4 @@ OpenSSL.
 
 .. _`CFFI`: https://cffi.readthedocs.org/
 .. _`OpenSSL`: https://www.openssl.org/
-.. _`thread safety facilities`: http://www.openssl.org/docs/crypto/threads.html
+.. _`thread safety facilities`: https://www.openssl.org/docs/crypto/threads.html
diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst
index a5cebb1d..6c96090a 100644
--- a/docs/hazmat/primitives/asymmetric/rsa.rst
+++ b/docs/hazmat/primitives/asymmetric/rsa.rst
@@ -271,4 +271,4 @@ this without having to do the math themselves.
 .. _`use 65537`: http://www.daemonology.net/blog/2009-06-11-cryptographic-right-answers.html
 .. _`at least 2048`: http://www.ecrypt.eu.org/documents/D.SPA.20.pdf
 .. _`OpenPGP`: https://en.wikipedia.org/wiki/Pretty_Good_Privacy
-.. _`Chinese Remainder Theorem`: http://en.wikipedia.org/wiki/RSA_%28cryptosystem%29#Using_the_Chinese_remainder_algorithm
+.. _`Chinese Remainder Theorem`: https://en.wikipedia.org/wiki/RSA_%28cryptosystem%29#Using_the_Chinese_remainder_algorithm
diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst
index d964f25c..d87e8d66 100644
--- a/docs/hazmat/primitives/interfaces.rst
+++ b/docs/hazmat/primitives/interfaces.rst
@@ -9,7 +9,7 @@ properties and methods of most primitive constructs. Backends may also use
 this information to influence their operation. Interfaces should also be used
 to document argument and return types.
 
-.. _`Abstract Base Classes`: http://docs.python.org/3.2/library/abc.html
+.. _`Abstract Base Classes`: https://docs.python.org/3/library/abc.html
 
 
 Symmetric ciphers
@@ -752,5 +752,5 @@ X509
 .. _`Chinese remainder theorem`: https://en.wikipedia.org/wiki/Chinese_remainder_theorem
 .. _`DSA`: https://en.wikipedia.org/wiki/Digital_Signature_Algorithm
 .. _`CMAC`: https://en.wikipedia.org/wiki/CMAC
-.. _`ECDSA`: http://en.wikipedia.org/wiki/ECDSA
-.. _`EdDSA`: http://en.wikipedia.org/wiki/EdDSA
+.. _`ECDSA`: https://en.wikipedia.org/wiki/ECDSA
+.. _`EdDSA`: https://en.wikipedia.org/wiki/EdDSA
diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst
index 586285b7..b21ef612 100644
--- a/docs/hazmat/primitives/symmetric-encryption.rst
+++ b/docs/hazmat/primitives/symmetric-encryption.rst
@@ -510,6 +510,6 @@ Interfaces
 .. _`Communications Security Establishment`: http://www.cse-cst.gc.ca
 .. _`encrypt`: https://ssd.eff.org/tech/encryption
 .. _`CRYPTREC`: http://www.cryptrec.go.jp/english/
-.. _`significant patterns in the output`: http://en.wikipedia.org/wiki/Cipher_block_chaining#Electronic_codebook_.28ECB.29
+.. _`significant patterns in the output`: https://en.wikipedia.org/wiki/Cipher_block_chaining#Electronic_codebook_.28ECB.29
 .. _`International Data Encryption Algorithm`: https://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
 .. _`OpenPGP`: http://www.openpgp.org
diff --git a/src/cryptography/hazmat/bindings/openssl/ssl.py b/src/cryptography/hazmat/bindings/openssl/ssl.py
index 4a94ce03..87c1429c 100644
--- a/src/cryptography/hazmat/bindings/openssl/ssl.py
+++ b/src/cryptography/hazmat/bindings/openssl/ssl.py
@@ -211,6 +211,8 @@ int SSL_CTX_use_certificate_file(SSL_CTX *, const char *, int);
 int SSL_CTX_use_certificate_chain_file(SSL_CTX *, const char *);
 int SSL_CTX_use_PrivateKey(SSL_CTX *, EVP_PKEY *);
 int SSL_CTX_use_PrivateKey_file(SSL_CTX *, const char *, int);
+int SSL_CTX_check_private_key(const SSL_CTX *);
+
 void SSL_CTX_set_cert_store(SSL_CTX *, X509_STORE *);
 X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *);
 int SSL_CTX_add_client_CA(SSL_CTX *, X509 *);
diff --git a/src/cryptography/hazmat/primitives/asymmetric/dsa.py b/src/cryptography/hazmat/primitives/asymmetric/dsa.py
index 5d942e04..9b06f3e6 100644
--- a/src/cryptography/hazmat/primitives/asymmetric/dsa.py
+++ b/src/cryptography/hazmat/primitives/asymmetric/dsa.py
@@ -59,6 +59,15 @@ class DSAParameterNumbers(object):
     def parameters(self, backend):
         return backend.load_dsa_parameter_numbers(self)
 
+    def __eq__(self, other):
+        if not isinstance(other, DSAParameterNumbers):
+            return NotImplemented
+
+        return self.p == other.p and self.q == other.q and self.g == other.g
+
+    def __ne__(self, other):
+        return not self == other
+
 
 class DSAPublicNumbers(object):
     def __init__(self, y, parameter_numbers):
@@ -79,6 +88,18 @@ class DSAPublicNumbers(object):
     def public_key(self, backend):
         return backend.load_dsa_public_numbers(self)
 
+    def __eq__(self, other):
+        if not isinstance(other, DSAPublicNumbers):
+            return NotImplemented
+
+        return (
+            self.y == other.y and
+            self.parameter_numbers == other.parameter_numbers
+        )
+
+    def __ne__(self, other):
+        return not self == other
+
 
 class DSAPrivateNumbers(object):
     def __init__(self, x, public_numbers):
@@ -97,3 +118,14 @@ class DSAPrivateNumbers(object):
 
     def private_key(self, backend):
         return backend.load_dsa_private_numbers(self)
+
+    def __eq__(self, other):
+        if not isinstance(other, DSAPrivateNumbers):
+            return NotImplemented
+
+        return (
+            self.x == other.x and self.public_numbers == other.public_numbers
+        )
+
+    def __ne__(self, other):
+        return not self == other
diff --git a/src/cryptography/hazmat/primitives/asymmetric/ec.py b/src/cryptography/hazmat/primitives/asymmetric/ec.py
index d9c41c19..202f1c97 100644
--- a/src/cryptography/hazmat/primitives/asymmetric/ec.py
+++ b/src/cryptography/hazmat/primitives/asymmetric/ec.py
@@ -161,6 +161,20 @@ class EllipticCurvePublicNumbers(object):
     x = utils.read_only_property("_x")
     y = utils.read_only_property("_y")
 
+    def __eq__(self, other):
+        if not isinstance(other, EllipticCurvePublicNumbers):
+            return NotImplemented
+
+        return (
+            self.x == other.x and
+            self.y == other.y and
+            self.curve.name == other.curve.name and
+            self.curve.key_size == other.curve.key_size
+        )
+
+    def __ne__(self, other):
+        return not self == other
+
 
 class EllipticCurvePrivateNumbers(object):
     def __init__(self, private_value, public_numbers):
@@ -184,3 +198,15 @@ class EllipticCurvePrivateNumbers(object):
 
     private_value = utils.read_only_property("_private_value")
     public_numbers = utils.read_only_property("_public_numbers")
+
+    def __eq__(self, other):
+        if not isinstance(other, EllipticCurvePrivateNumbers):
+            return NotImplemented
+
+        return (
+            self.private_value == other.private_value and
+            self.public_numbers == other.public_numbers
+        )
+
+    def __ne__(self, other):
+        return not self == other
diff --git a/src/cryptography/hazmat/primitives/asymmetric/rsa.py b/src/cryptography/hazmat/primitives/asymmetric/rsa.py
index 6aeed006..0cc6b22b 100644
--- a/src/cryptography/hazmat/primitives/asymmetric/rsa.py
+++ b/src/cryptography/hazmat/primitives/asymmetric/rsa.py
@@ -160,6 +160,23 @@ class RSAPrivateNumbers(object):
     def private_key(self, backend):
         return backend.load_rsa_private_numbers(self)
 
+    def __eq__(self, other):
+        if not isinstance(other, RSAPrivateNumbers):
+            return NotImplemented
+
+        return (
+            self.p == other.p and
+            self.q == other.q and
+            self.d == other.d and
+            self.dmp1 == other.dmp1 and
+            self.dmq1 == other.dmq1 and
+            self.iqmp == other.iqmp and
+            self.public_numbers == other.public_numbers
+        )
+
+    def __ne__(self, other):
+        return not self == other
+
 
 class RSAPublicNumbers(object):
     def __init__(self, e, n):
@@ -180,3 +197,12 @@ class RSAPublicNumbers(object):
 
     def __repr__(self):
         return "<RSAPublicNumbers(e={0}, n={1})>".format(self._e, self._n)
+
+    def __eq__(self, other):
+        if not isinstance(other, RSAPublicNumbers):
+            return NotImplemented
+
+        return self.e == other.e and self.n == other.n
+
+    def __ne__(self, other):
+        return not self == other
diff --git a/tests/hazmat/primitives/test_dsa.py b/tests/hazmat/primitives/test_dsa.py
index f818f73b..8c0fb80c 100644
--- a/tests/hazmat/primitives/test_dsa.py
+++ b/tests/hazmat/primitives/test_dsa.py
@@ -705,3 +705,67 @@ class TestDSANumbers(object):
 
         with pytest.raises(TypeError):
             dsa.DSAPrivateNumbers(x=None, public_numbers=public_numbers)
+
+
+class TestDSANumberEquality(object):
+    def test_parameter_numbers_eq(self):
+        param = dsa.DSAParameterNumbers(1, 2, 3)
+        assert param == dsa.DSAParameterNumbers(1, 2, 3)
+
+    def test_parameter_numbers_ne(self):
+        param = dsa.DSAParameterNumbers(1, 2, 3)
+        assert param != dsa.DSAParameterNumbers(1, 2, 4)
+        assert param != dsa.DSAParameterNumbers(1, 1, 3)
+        assert param != dsa.DSAParameterNumbers(2, 2, 3)
+        assert param != object()
+
+    def test_public_numbers_eq(self):
+        pub = dsa.DSAPublicNumbers(1, dsa.DSAParameterNumbers(1, 2, 3))
+        assert pub == dsa.DSAPublicNumbers(1, dsa.DSAParameterNumbers(1, 2, 3))
+
+    def test_public_numbers_ne(self):
+        pub = dsa.DSAPublicNumbers(1, dsa.DSAParameterNumbers(1, 2, 3))
+        assert pub != dsa.DSAPublicNumbers(2, dsa.DSAParameterNumbers(1, 2, 3))
+        assert pub != dsa.DSAPublicNumbers(1, dsa.DSAParameterNumbers(2, 2, 3))
+        assert pub != dsa.DSAPublicNumbers(1, dsa.DSAParameterNumbers(1, 3, 3))
+        assert pub != dsa.DSAPublicNumbers(1, dsa.DSAParameterNumbers(1, 2, 4))
+        assert pub != object()
+
+    def test_private_numbers_eq(self):
+        pub = dsa.DSAPublicNumbers(1, dsa.DSAParameterNumbers(1, 2, 3))
+        priv = dsa.DSAPrivateNumbers(1, pub)
+        assert priv == dsa.DSAPrivateNumbers(
+            1, dsa.DSAPublicNumbers(
+                1, dsa.DSAParameterNumbers(1, 2, 3)
+            )
+        )
+
+    def test_private_numbers_ne(self):
+        pub = dsa.DSAPublicNumbers(1, dsa.DSAParameterNumbers(1, 2, 3))
+        priv = dsa.DSAPrivateNumbers(1, pub)
+        assert priv != dsa.DSAPrivateNumbers(
+            2, dsa.DSAPublicNumbers(
+                1, dsa.DSAParameterNumbers(1, 2, 3)
+            )
+        )
+        assert priv != dsa.DSAPrivateNumbers(
+            1, dsa.DSAPublicNumbers(
+                2, dsa.DSAParameterNumbers(1, 2, 3)
+            )
+        )
+        assert priv != dsa.DSAPrivateNumbers(
+            1, dsa.DSAPublicNumbers(
+                1, dsa.DSAParameterNumbers(2, 2, 3)
+            )
+        )
+        assert priv != dsa.DSAPrivateNumbers(
+            1, dsa.DSAPublicNumbers(
+                1, dsa.DSAParameterNumbers(1, 3, 3)
+            )
+        )
+        assert priv != dsa.DSAPrivateNumbers(
+            1, dsa.DSAPublicNumbers(
+                1, dsa.DSAParameterNumbers(1, 2, 4)
+            )
+        )
+        assert priv != object()
diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py
index a006f01f..84c447c1 100644
--- a/tests/hazmat/primitives/test_ec.py
+++ b/tests/hazmat/primitives/test_ec.py
@@ -360,3 +360,40 @@ class TestECDSAVectors(object):
         numbers = ec.EllipticCurvePrivateNumbers(1, pub_numbers)
         assert numbers.private_key(b) == b"private_key"
         assert pub_numbers.public_key(b) == b"public_key"
+
+
+class TestECNumbersEquality(object):
+    def test_public_numbers_eq(self):
+        pub = ec.EllipticCurvePublicNumbers(1, 2, ec.SECP192R1())
+        assert pub == ec.EllipticCurvePublicNumbers(1, 2, ec.SECP192R1())
+
+    def test_public_numbers_ne(self):
+        pub = ec.EllipticCurvePublicNumbers(1, 2, ec.SECP192R1())
+        assert pub != ec.EllipticCurvePublicNumbers(1, 2, ec.SECP384R1())
+        assert pub != ec.EllipticCurvePublicNumbers(1, 3, ec.SECP192R1())
+        assert pub != ec.EllipticCurvePublicNumbers(2, 2, ec.SECP192R1())
+        assert pub != object()
+
+    def test_private_numbers_eq(self):
+        pub = ec.EllipticCurvePublicNumbers(1, 2, ec.SECP192R1())
+        priv = ec.EllipticCurvePrivateNumbers(1, pub)
+        assert priv == ec.EllipticCurvePrivateNumbers(
+            1, ec.EllipticCurvePublicNumbers(1, 2, ec.SECP192R1())
+        )
+
+    def test_private_numbers_ne(self):
+        pub = ec.EllipticCurvePublicNumbers(1, 2, ec.SECP192R1())
+        priv = ec.EllipticCurvePrivateNumbers(1, pub)
+        assert priv != ec.EllipticCurvePrivateNumbers(
+            2, ec.EllipticCurvePublicNumbers(1, 2, ec.SECP192R1())
+        )
+        assert priv != ec.EllipticCurvePrivateNumbers(
+            1, ec.EllipticCurvePublicNumbers(2, 2, ec.SECP192R1())
+        )
+        assert priv != ec.EllipticCurvePrivateNumbers(
+            1, ec.EllipticCurvePublicNumbers(1, 3, ec.SECP192R1())
+        )
+        assert priv != ec.EllipticCurvePrivateNumbers(
+            1, ec.EllipticCurvePublicNumbers(1, 2, ec.SECP521R1())
+        )
+        assert priv != object()
diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
index 581976ae..095ed037 100644
--- a/tests/hazmat/primitives/test_rsa.py
+++ b/tests/hazmat/primitives/test_rsa.py
@@ -18,7 +18,9 @@ from cryptography.exceptions import (
 from cryptography.hazmat.backends.interfaces import RSABackend
 from cryptography.hazmat.primitives import hashes, interfaces
 from cryptography.hazmat.primitives.asymmetric import padding, rsa
-from cryptography.hazmat.primitives.asymmetric.rsa import RSAPublicNumbers
+from cryptography.hazmat.primitives.asymmetric.rsa import (
+    RSAPrivateNumbers, RSAPublicNumbers
+)
 
 from .fixtures_rsa import (
     RSA_KEY_1024, RSA_KEY_1025, RSA_KEY_1026, RSA_KEY_1027, RSA_KEY_1028,
@@ -1647,3 +1649,52 @@ class TestRSANumbers(object):
     def test_public_number_repr(self):
         num = RSAPublicNumbers(1, 1)
         assert repr(num) == "<RSAPublicNumbers(e=1, n=1)>"
+
+
+class TestRSANumbersEquality(object):
+    def test_public_numbers_eq(self):
+        num = RSAPublicNumbers(1, 2)
+        num2 = RSAPublicNumbers(1, 2)
+        assert num == num2
+
+    def test_public_numbers_ne(self):
+        num = RSAPublicNumbers(1, 2)
+        assert num != RSAPublicNumbers(2, 2)
+        assert num != RSAPublicNumbers(1, 3)
+        assert num != object()
+
+    def test_private_numbers_eq(self):
+        pub = RSAPublicNumbers(1, 2)
+        num = RSAPrivateNumbers(1, 2, 3, 4, 5, 6, pub)
+        pub2 = RSAPublicNumbers(1, 2)
+        num2 = RSAPrivateNumbers(1, 2, 3, 4, 5, 6, pub2)
+        assert num == num2
+
+    def test_private_numbers_ne(self):
+        pub = RSAPublicNumbers(1, 2)
+        num = RSAPrivateNumbers(1, 2, 3, 4, 5, 6, pub)
+        assert num != RSAPrivateNumbers(
+            1, 2, 3, 4, 5, 7, RSAPublicNumbers(1, 2)
+        )
+        assert num != RSAPrivateNumbers(
+            1, 2, 3, 4, 4, 6, RSAPublicNumbers(1, 2)
+        )
+        assert num != RSAPrivateNumbers(
+            1, 2, 3, 5, 5, 6, RSAPublicNumbers(1, 2)
+        )
+        assert num != RSAPrivateNumbers(
+            1, 2, 4, 4, 5, 6, RSAPublicNumbers(1, 2)
+        )
+        assert num != RSAPrivateNumbers(
+            1, 3, 3, 4, 5, 6, RSAPublicNumbers(1, 2)
+        )
+        assert num != RSAPrivateNumbers(
+            2, 2, 3, 4, 5, 6, RSAPublicNumbers(1, 2)
+        )
+        assert num != RSAPrivateNumbers(
+            1, 2, 3, 4, 5, 6, RSAPublicNumbers(2, 2)
+        )
+        assert num != RSAPrivateNumbers(
+            1, 2, 3, 4, 5, 6, RSAPublicNumbers(1, 3)
+        )
+        assert num != object()