7 files changed, 27 insertions, 2 deletions

diff --git a/docs/fernet.rst b/docs/fernet.rst
index f55a2d60..1c4918ad 100644
--- a/docs/fernet.rst
+++ b/docs/fernet.rst
@@ -34,12 +34,13 @@ symmetric (also known as "secret key") authenticated cryptography.
         they'll also be able forge arbitrary messages that will be
         authenticated and decrypted.
 
-    .. method:: encrypt(plaintext)
+    .. method:: encrypt(data)
 
-        :param bytes plaintext: The message you would like to encrypt.
+        :param bytes data: The message you would like to encrypt.
         :returns bytes: A secure message that cannot be read or altered
                         without the key. It is URL-safe base64-encoded. This is
                         referred to as a "Fernet token".
+        :raises TypeError: This exception is raised if ``data`` is not ``bytes``.
 
         .. note::
 
@@ -66,6 +67,7 @@ symmetric (also known as "secret key") authenticated cryptography.
                                                   ``ttl``, it is malformed, or
                                                   it does not have a valid
                                                   signature.
+        :raises TypeError: This exception is raised if ``token`` is not ``bytes``.
 
 
 .. class:: InvalidToken
diff --git a/docs/hazmat/primitives/constant-time.rst b/docs/hazmat/primitives/constant-time.rst
index c6fcb3a3..1394b6b3 100644
--- a/docs/hazmat/primitives/constant-time.rst
+++ b/docs/hazmat/primitives/constant-time.rst
@@ -36,6 +36,8 @@ about the timing attacks on KeyCzar and Java's ``MessageDigest.isEqual()``.
     :param bytes b: The right-hand side.
     :returns bool: ``True`` if ``a`` has the same bytes as ``b``, otherwise
                    ``False``.
+    :raises TypeError: This exception is raised if ``a`` or ``b`` is not
+                       ``bytes``.
 
 
 .. _`Coda Hale's blog post`: http://codahale.com/a-lesson-in-timing-attacks/
diff --git a/docs/hazmat/primitives/cryptographic-hashes.rst b/docs/hazmat/primitives/cryptographic-hashes.rst
index 773d97f6..7e5295c4 100644
--- a/docs/hazmat/primitives/cryptographic-hashes.rst
+++ b/docs/hazmat/primitives/cryptographic-hashes.rst
@@ -54,6 +54,7 @@ Message digests
 
         :param bytes data: The bytes to be hashed.
         :raises cryptography.exceptions.AlreadyFinalized: See :meth:`finalize`.
+        :raises TypeError: This exception is raised if ``data`` is not ``bytes``.
 
     .. method:: copy()
 
diff --git a/docs/hazmat/primitives/key-derivation-functions.rst b/docs/hazmat/primitives/key-derivation-functions.rst
index de6bf5f8..f68b12c1 100644
--- a/docs/hazmat/primitives/key-derivation-functions.rst
+++ b/docs/hazmat/primitives/key-derivation-functions.rst
@@ -88,6 +88,8 @@ Different KDFs are suitable for different tasks such as:
         provided ``backend`` does not implement
         :class:`~cryptography.hazmat.backends.interfaces.PBKDF2HMACBackend`
 
+    :raises TypeError: This exception is raised if ``salt`` is not ``bytes``.
+
     .. method:: derive(key_material)
 
         :param bytes key_material: The input key material. For PBKDF2 this
@@ -99,6 +101,9 @@ Different KDFs are suitable for different tasks such as:
                                                           called more than
                                                           once.
 
+        :raises TypeError: This exception is raised if ``key_material`` is not
+                           ``bytes``.
+
         This generates and returns a new key from the supplied password.
 
     .. method:: verify(key_material, expected_key)
@@ -191,10 +196,15 @@ Different KDFs are suitable for different tasks such as:
         provided ``backend`` does not implement
         :class:`~cryptography.hazmat.backends.interfaces.HMACBackend`
 
+    :raises TypeError: This exception is raised if ``salt`` or ``info`` is not
+                       ``bytes``.
+
     .. method:: derive(key_material)
 
         :param bytes key_material: The input key material.
         :return bytes: The derived key.
+        :raises TypeError: This exception is raised if ``key_material`` is not
+                           ``bytes``.
 
         Derives a new key from the input key material by performing both the
         extract and expand operations.
@@ -277,6 +287,7 @@ Different KDFs are suitable for different tasks such as:
         provided ``backend`` does not implement
         :class:`~cryptography.hazmat.backends.interfaces.HMACBackend`
     :raises TypeError: This is raised if the provided ``info`` is a unicode object
+    :raises TypeError: This exception is raised if ``info`` is not ``bytes``.
 
     .. method:: derive(key_material)
 
@@ -285,6 +296,8 @@ Different KDFs are suitable for different tasks such as:
 
         :raises TypeError: This is raised if the provided ``key_material`` is
             a unicode object
+        :raises TypeError: This exception is raised if ``key_material`` is not
+                           ``bytes``.
 
         Derives a new key from the input key material by performing both the
         extract and expand operations.
diff --git a/docs/hazmat/primitives/mac/cmac.rst b/docs/hazmat/primitives/mac/cmac.rst
index 1fde1398..23b1fea2 100644
--- a/docs/hazmat/primitives/mac/cmac.rst
+++ b/docs/hazmat/primitives/mac/cmac.rst
@@ -68,6 +68,7 @@ A subset of CMAC with the AES-128 algorithm is described in :rfc:`4493`.
 
         :param bytes data: The bytes to hash and authenticate.
         :raises cryptography.exceptions.AlreadyFinalized: See :meth:`finalize`
+        :raises TypeError: This exception is raised if ``data`` is not ``bytes``.
 
     .. method:: copy()
 
@@ -89,6 +90,8 @@ A subset of CMAC with the AES-128 algorithm is described in :rfc:`4493`.
         :raises cryptography.exceptions.AlreadyFinalized: See :meth:`finalize`
         :raises cryptography.exceptions.InvalidSignature: If signature does not
                                                                   match digest
+        :raises TypeError: This exception is raised if ``signature`` is not
+                           ``bytes``.
 
         .. method:: finalize()
 
diff --git a/docs/hazmat/primitives/mac/hmac.rst b/docs/hazmat/primitives/mac/hmac.rst
index e20a4034..d56927b9 100644
--- a/docs/hazmat/primitives/mac/hmac.rst
+++ b/docs/hazmat/primitives/mac/hmac.rst
@@ -69,6 +69,7 @@ of a message.
 
         :param bytes msg: The bytes to hash and authenticate.
         :raises cryptography.exceptions.AlreadyFinalized: See :meth:`finalize`
+        :raises TypeError: This exception is raised if ``msg`` is not ``bytes``.
 
     .. method:: copy()
 
@@ -90,6 +91,8 @@ of a message.
         :raises cryptography.exceptions.AlreadyFinalized: See :meth:`finalize`
         :raises cryptography.exceptions.InvalidSignature: If signature does not
                                                           match digest
+        :raises TypeError: This exception is raised if ``signature`` is not
+                           ``bytes``.
 
     .. method:: finalize()
 
diff --git a/docs/hazmat/primitives/padding.rst b/docs/hazmat/primitives/padding.rst
index 4092ac00..0322f9d2 100644
--- a/docs/hazmat/primitives/padding.rst
+++ b/docs/hazmat/primitives/padding.rst
@@ -70,6 +70,7 @@ multiple of the block size.
         :return bytes: Returns the data that was padded or unpadded.
         :raises TypeError: Raised if data is not bytes.
         :raises cryptography.exceptions.AlreadyFinalized: See :meth:`finalize`.
+        :raises TypeError: This exception is raised if ``data`` is not ``bytes``.
 
     .. method:: finalize()