3 files changed, 99 insertions, 7 deletions

diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst
index 8866cf71..4da0d753 100644
--- a/docs/hazmat/backends/interfaces.rst
+++ b/docs/hazmat/backends/interfaces.rst
@@ -518,3 +518,88 @@ A specific ``backend`` may provide one or more of these interfaces.
 
         :returns: An instance of
             :class:`~cryptography.x509.CertificateSigningRequest`.
+
+
+.. class:: DHBackend
+
+    .. versionadded:: 0.9
+
+    A backend with methods for doing Diffie-Hellman key exchange.
+
+    .. method:: generate_dh_parameters(key_size)
+
+        :param int key_size: The bit length of the prime modulus to generate.
+
+        :return: A new instance of a
+            :class:`~cryptography.hazmat.primitives.asymmetric.dh.DHParameters`
+            provider.
+
+        :raises ValueError: If ``key_size`` is not at least 512.
+
+    .. method:: generate_dh_private_key(parameters)
+
+        :param parameters: A
+            :class:`~cryptography.hazmat.primitives.asymmetric.dh.DHParameters`
+            provider.
+
+        :return: A new instance of a
+            :class:`~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKey`
+            provider.
+
+    .. method:: generate_dh_private_key_and_parameters(self, key_size)
+
+        :param int key_size: The bit length of the prime modulus to generate.
+
+        :return: A new instance of a
+            :class:`~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKey`
+            provider.
+
+        :raises ValueError: If ``key_size`` is not at least 512.
+
+    .. method:: load_dh_private_numbers(numbers)
+
+        :param numbers: A
+            :class:`~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateNumbers`
+            instance.
+
+        :return: A new instance of a
+            :class:`~cryptography.hazmat.primitives.asymmetric.dh.DHPrivateKey`
+            provider.
+
+        :raises cryptography.exceptions.UnsupportedAlgorithm: This is raised
+            when any backend specific criteria are not met.
+
+    .. method:: load_dh_public_numbers(numbers)
+
+        :param numbers: A
+            :class:`~cryptography.hazmat.primitives.asymmetric.dh.DHPublicNumbers`
+            instance.
+
+        :return: A new instance of a
+            :class:`~cryptography.hazmat.primitives.asymmetric.dh.DHPublicKey`
+            provider.
+
+        :raises cryptography.exceptions.UnsupportedAlgorithm: This is raised
+            when any backend specific criteria are not met.
+
+    .. method:: load_dh_parameter_numbers(numbers)
+
+        :param numbers: A
+            :class:`~cryptography.hazmat.primitives.asymmetric.dh.DHParameterNumbers`
+            instance.
+
+        :return: A new instance of a
+            :class:`~cryptography.hazmat.primitives.asymmetric.dh.DHParameters`
+            provider.
+
+        :raises cryptography.exceptions.UnsupportedAlgorithm: This is raised
+            when any backend specific criteria are not met.
+
+    .. method:: dh_parameters_supported(p, g)
+
+        :param int p: The p value of the DH key.
+
+        :param int g: The g value of the DH key.
+
+        :returns: ``True`` if the given values of ``p`` and ``g`` are supported
+            by this backend, otherwise ``False``.
diff --git a/docs/hazmat/primitives/asymmetric/ec.rst b/docs/hazmat/primitives/asymmetric/ec.rst
index 6f4afe7d..71f6e6fd 100644
--- a/docs/hazmat/primitives/asymmetric/ec.rst
+++ b/docs/hazmat/primitives/asymmetric/ec.rst
@@ -251,6 +251,14 @@ All named curves are providers of :class:`EllipticCurve`.
 
     SECG curve ``secp192r1``. Also called NIST P-192.
 
+
+.. class:: SECP256K1
+
+    .. versionadded:: 0.9
+
+    SECG curve ``secp256k1``.
+
+
 Key Interfaces
 ~~~~~~~~~~~~~~
 
diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst
index 47486895..309c6fd0 100644
--- a/docs/hazmat/primitives/symmetric-encryption.rst
+++ b/docs/hazmat/primitives/symmetric-encryption.rst
@@ -240,7 +240,7 @@ Modes
 
     **This mode does not require padding.**
 
-    :param bytes nonce: Should be :doc:`random bytes </random-numbers>`. It is
+    :param bytes nonce: Should be unique, a :term:`nonce`. It is
         critical to never reuse a ``nonce`` with a given key.  Any reuse of a
         nonce with the same key compromises the security of every message
         encrypted with that key. Must be the same number of bytes as the
@@ -305,12 +305,11 @@ Modes
 
     **This mode does not require padding.**
 
-    :param bytes initialization_vector: Must be :doc:`random bytes
-        </random-numbers>`. They do not need to be kept secret and they can be
-        included in a transmitted message. NIST `recommends a 96-bit IV
-        length`_ for performance critical situations but it can be up to
-        2\ :sup:`64` - 1 bits. Do not reuse an ``initialization_vector`` with a
-        given ``key``.
+    :param bytes initialization_vector: Must be unique, a :term:`nonce`.
+        They do not need to be kept secret and they can be included in a
+        transmitted message. NIST `recommends a 96-bit IV length`_ for
+        performance critical situations but it can be up to 2\ :sup:`64` - 1
+        bits. Do not reuse an ``initialization_vector`` with a given ``key``.
 
     .. note::