10 files changed, 78 insertions, 9 deletions

diff --git a/docs/hazmat/backends/openssl.rst b/docs/hazmat/backends/openssl.rst
index e829798a..b48e502d 100644
--- a/docs/hazmat/backends/openssl.rst
+++ b/docs/hazmat/backends/openssl.rst
@@ -78,5 +78,5 @@ seeded from the same pool as ``/dev/random``.
 
 .. _`OpenSSL`: https://www.openssl.org/
 .. _`initializing the RNG`: https://en.wikipedia.org/wiki/OpenSSL#Predictable_keys_.28Debian-specific.29
-.. _`Yarrow`: http://en.wikipedia.org/wiki/Yarrow_algorithm
+.. _`Yarrow`: https://en.wikipedia.org/wiki/Yarrow_algorithm
 .. _`Microsoft documentation`: http://msdn.microsoft.com/en-us/library/windows/desktop/aa379942(v=vs.85).aspx
diff --git a/docs/hazmat/bindings/openssl.rst b/docs/hazmat/bindings/openssl.rst
index a6d1c484..36255b52 100644
--- a/docs/hazmat/bindings/openssl.rst
+++ b/docs/hazmat/bindings/openssl.rst
@@ -46,4 +46,4 @@ OpenSSL.
 
 .. _`CFFI`: https://cffi.readthedocs.org/
 .. _`OpenSSL`: https://www.openssl.org/
-.. _`thread safety facilities`: http://www.openssl.org/docs/crypto/threads.html
+.. _`thread safety facilities`: https://www.openssl.org/docs/crypto/threads.html
diff --git a/docs/hazmat/primitives/asymmetric/dsa.rst b/docs/hazmat/primitives/asymmetric/dsa.rst
index 43741ede..df3c99fc 100644
--- a/docs/hazmat/primitives/asymmetric/dsa.rst
+++ b/docs/hazmat/primitives/asymmetric/dsa.rst
@@ -80,7 +80,8 @@ provider.
     >>> signature = signer.finalize()
 
 The ``signature`` is a ``bytes`` object, whose contents is DER encoded as
-described in :rfc:`6979`.
+described in :rfc:`6979`. This can be decoded using
+:func:`~cryptography.hazmat.primitives.asymmetric.utils.decode_rfc6979_signature`.
 
 Verification
 ~~~~~~~~~~~~
diff --git a/docs/hazmat/primitives/asymmetric/ec.rst b/docs/hazmat/primitives/asymmetric/ec.rst
index fd20cbb2..13ab7c11 100644
--- a/docs/hazmat/primitives/asymmetric/ec.rst
+++ b/docs/hazmat/primitives/asymmetric/ec.rst
@@ -53,7 +53,9 @@ Elliptic Curve Signature Algorithms
         >>> signature = signer.finalize()
 
     The ``signature`` is a ``bytes`` object, whose contents is DER encoded as
-    described in :rfc:`6979`.
+    described in :rfc:`6979`. This can be decoded using
+    :func:`~cryptography.hazmat.primitives.asymmetric.utils.decode_rfc6979_signature`.
+
 
 
 .. class:: EllipticCurvePrivateNumbers(private_value, public_numbers)
diff --git a/docs/hazmat/primitives/asymmetric/index.rst b/docs/hazmat/primitives/asymmetric/index.rst
index 6a5228ba..24f0f5b1 100644
--- a/docs/hazmat/primitives/asymmetric/index.rst
+++ b/docs/hazmat/primitives/asymmetric/index.rst
@@ -11,3 +11,4 @@ Asymmetric algorithms
     rsa
     padding
     serialization
+    utils
diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst
index a5cebb1d..6c96090a 100644
--- a/docs/hazmat/primitives/asymmetric/rsa.rst
+++ b/docs/hazmat/primitives/asymmetric/rsa.rst
@@ -271,4 +271,4 @@ this without having to do the math themselves.
 .. _`use 65537`: http://www.daemonology.net/blog/2009-06-11-cryptographic-right-answers.html
 .. _`at least 2048`: http://www.ecrypt.eu.org/documents/D.SPA.20.pdf
 .. _`OpenPGP`: https://en.wikipedia.org/wiki/Pretty_Good_Privacy
-.. _`Chinese Remainder Theorem`: http://en.wikipedia.org/wiki/RSA_%28cryptosystem%29#Using_the_Chinese_remainder_algorithm
+.. _`Chinese Remainder Theorem`: https://en.wikipedia.org/wiki/RSA_%28cryptosystem%29#Using_the_Chinese_remainder_algorithm
diff --git a/docs/hazmat/primitives/asymmetric/serialization.rst b/docs/hazmat/primitives/asymmetric/serialization.rst
index b0b37b80..a9392c7b 100644
--- a/docs/hazmat/primitives/asymmetric/serialization.rst
+++ b/docs/hazmat/primitives/asymmetric/serialization.rst
@@ -195,3 +195,42 @@ KEY-----`` or ``-----BEGIN DSA PRIVATE KEY-----``.
     :raises UnsupportedAlgorithm: If the serialized key is of a type that
         is not supported by the backend or if the key is encrypted with a
         symmetric cipher that is not supported by the backend.
+
+OpenSSH Public Key
+~~~~~~~~~~~~~~~~~~
+
+The format used by OpenSSH to store public keys, as specified in :rfc:`4253`.
+
+Currently, only RSA public keys are supported. Any other type of key will
+result in an exception being thrown.
+
+An example RSA key in OpenSSH format (line breaks added for formatting
+purposes)::
+
+    ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDu/XRP1kyK6Cgt36gts9XAk
+    FiiuJLW6RU0j3KKVZSs1I7Z3UmU9/9aVh/rZV43WQG8jaR6kkcP4stOR0DEtll
+    PDA7ZRBnrfiHpSQYQ874AZaAoIjgkv7DBfsE6gcDQLub0PFjWyrYQUJhtOLQEK
+    vY/G0vt2iRL3juawWmCFdTK3W3XvwAdgGk71i6lHt+deOPNEPN2H58E4odrZ2f
+    sxn/adpDqfb2sM0kPwQs0aWvrrKGvUaustkivQE4XWiSFnB0oJB/lKK/CKVKuy
+    ///ImSCGHQRvhwariN2tvZ6CBNSLh3iQgeB0AkyJlng7MXB2qYq/Ci2FUOryCX
+    2MzHvnbv testkey@localhost
+
+.. function:: load_ssh_public_key(data, backend)
+
+    .. versionadded:: 0.7
+
+    Deserialize a public key from OpenSSH (:rfc:`4253`) encoded data to an
+    instance of the public key type for the specified backend.
+
+    :param bytes data: The OpenSSH encoded key data.
+
+    :param backend: An
+        :class:`~cryptography.hazmat.backends.interfaces.RSABackend` provider.
+
+    :returns: A new instance of a public key type.
+
+    :raises ValueError: If the OpenSSH data could not be properly decoded or
+        if the key is not in the proper format.
+
+    :raises UnsupportedAlgorithm: If the serialized key is of a type that is
+        not supported.
diff --git a/docs/hazmat/primitives/asymmetric/utils.rst b/docs/hazmat/primitives/asymmetric/utils.rst
new file mode 100644
index 00000000..6b348801
--- /dev/null
+++ b/docs/hazmat/primitives/asymmetric/utils.rst
@@ -0,0 +1,26 @@
+.. hazmat::
+
+Asymmetric Utilities
+====================
+
+.. currentmodule:: cryptography.hazmat.primitives.asymmetric.utils
+
+
+.. function:: decode_rfc6979_signature(signature)
+
+    Takes in :rfc:`6979` signatures generated by the DSA/ECDSA signers and
+    returns a tuple ``(r, s)``.
+
+    :param bytes signature: The signature to decode.
+
+    :returns: The decoded tuple ``(r, s)``.
+
+.. function:: encode_rfc6979_signature(r, s)
+
+    Creates an :rfc:`6979` byte string from raw signature values.
+
+    :param int r: The raw signature value ``r``.
+
+    :param int s: The raw signature value ``s``.
+
+    :return bytes: The encoded signature.
diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst
index d964f25c..d87e8d66 100644
--- a/docs/hazmat/primitives/interfaces.rst
+++ b/docs/hazmat/primitives/interfaces.rst
@@ -9,7 +9,7 @@ properties and methods of most primitive constructs. Backends may also use
 this information to influence their operation. Interfaces should also be used
 to document argument and return types.
 
-.. _`Abstract Base Classes`: http://docs.python.org/3.2/library/abc.html
+.. _`Abstract Base Classes`: https://docs.python.org/3/library/abc.html
 
 
 Symmetric ciphers
@@ -752,5 +752,5 @@ X509
 .. _`Chinese remainder theorem`: https://en.wikipedia.org/wiki/Chinese_remainder_theorem
 .. _`DSA`: https://en.wikipedia.org/wiki/Digital_Signature_Algorithm
 .. _`CMAC`: https://en.wikipedia.org/wiki/CMAC
-.. _`ECDSA`: http://en.wikipedia.org/wiki/ECDSA
-.. _`EdDSA`: http://en.wikipedia.org/wiki/EdDSA
+.. _`ECDSA`: https://en.wikipedia.org/wiki/ECDSA
+.. _`EdDSA`: https://en.wikipedia.org/wiki/EdDSA
diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst
index 586285b7..b21ef612 100644
--- a/docs/hazmat/primitives/symmetric-encryption.rst
+++ b/docs/hazmat/primitives/symmetric-encryption.rst
@@ -510,6 +510,6 @@ Interfaces
 .. _`Communications Security Establishment`: http://www.cse-cst.gc.ca
 .. _`encrypt`: https://ssd.eff.org/tech/encryption
 .. _`CRYPTREC`: http://www.cryptrec.go.jp/english/
-.. _`significant patterns in the output`: http://en.wikipedia.org/wiki/Cipher_block_chaining#Electronic_codebook_.28ECB.29
+.. _`significant patterns in the output`: https://en.wikipedia.org/wiki/Cipher_block_chaining#Electronic_codebook_.28ECB.29
 .. _`International Data Encryption Algorithm`: https://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
 .. _`OpenPGP`: http://www.openpgp.org