diff options
Diffstat (limited to 'src')
4 files changed, 38 insertions, 21 deletions
diff --git a/src/cryptography/hazmat/primitives/interfaces/__init__.py b/src/cryptography/hazmat/primitives/interfaces/__init__.py index acd56458..6b4241bd 100644 --- a/src/cryptography/hazmat/primitives/interfaces/__init__.py +++ b/src/cryptography/hazmat/primitives/interfaces/__init__.py @@ -15,6 +15,7 @@ from cryptography.hazmat.primitives.asymmetric import ( padding, rsa ) from cryptography.hazmat.primitives.ciphers import modes +from cryptography.hazmat.primitives.kdf import KeyDerivationFunction from cryptography.hazmat.primitives.padding import PaddingContext @@ -347,22 +348,15 @@ AsymmetricVerificationContext = utils.deprecated( utils.DeprecatedIn08 ) - -@six.add_metaclass(abc.ABCMeta) -class KeyDerivationFunction(object): - @abc.abstractmethod - def derive(self, key_material): - """ - Deterministically generates and returns a new key based on the existing - key material. - """ - - @abc.abstractmethod - def verify(self, key_material, expected_key): - """ - Checks whether the key generated by the key material matches the - expected derived key. Raises an exception if they do not match. - """ +KeyDerivationFunction = utils.deprecated( + KeyDerivationFunction, + __name__, + ( + "The KeyDerivationFunction interface has moved to the " + "cryptography.hazmat.primitives.kdf module" + ), + utils.DeprecatedIn08 +) @six.add_metaclass(abc.ABCMeta) diff --git a/src/cryptography/hazmat/primitives/kdf/__init__.py b/src/cryptography/hazmat/primitives/kdf/__init__.py index 4b540884..2d0724e5 100644 --- a/src/cryptography/hazmat/primitives/kdf/__init__.py +++ b/src/cryptography/hazmat/primitives/kdf/__init__.py @@ -3,3 +3,24 @@ # for complete details. from __future__ import absolute_import, division, print_function + +import abc + +import six + + +@six.add_metaclass(abc.ABCMeta) +class KeyDerivationFunction(object): + @abc.abstractmethod + def derive(self, key_material): + """ + Deterministically generates and returns a new key based on the existing + key material. + """ + + @abc.abstractmethod + def verify(self, key_material, expected_key): + """ + Checks whether the key generated by the key material matches the + expected derived key. Raises an exception if they do not match. + """ diff --git a/src/cryptography/hazmat/primitives/kdf/hkdf.py b/src/cryptography/hazmat/primitives/kdf/hkdf.py index 3d4c9fb1..65b7091a 100644 --- a/src/cryptography/hazmat/primitives/kdf/hkdf.py +++ b/src/cryptography/hazmat/primitives/kdf/hkdf.py @@ -11,10 +11,11 @@ from cryptography.exceptions import ( AlreadyFinalized, InvalidKey, UnsupportedAlgorithm, _Reasons ) from cryptography.hazmat.backends.interfaces import HMACBackend -from cryptography.hazmat.primitives import constant_time, hmac, interfaces +from cryptography.hazmat.primitives import constant_time, hmac +from cryptography.hazmat.primitives.kdf import KeyDerivationFunction -@utils.register_interface(interfaces.KeyDerivationFunction) +@utils.register_interface(KeyDerivationFunction) class HKDF(object): def __init__(self, algorithm, length, salt, info, backend): if not isinstance(backend, HMACBackend): @@ -53,7 +54,7 @@ class HKDF(object): raise InvalidKey -@utils.register_interface(interfaces.KeyDerivationFunction) +@utils.register_interface(KeyDerivationFunction) class HKDFExpand(object): def __init__(self, algorithm, length, info, backend): if not isinstance(backend, HMACBackend): diff --git a/src/cryptography/hazmat/primitives/kdf/pbkdf2.py b/src/cryptography/hazmat/primitives/kdf/pbkdf2.py index 3d565be2..f8ce7a3b 100644 --- a/src/cryptography/hazmat/primitives/kdf/pbkdf2.py +++ b/src/cryptography/hazmat/primitives/kdf/pbkdf2.py @@ -9,10 +9,11 @@ from cryptography.exceptions import ( AlreadyFinalized, InvalidKey, UnsupportedAlgorithm, _Reasons ) from cryptography.hazmat.backends.interfaces import PBKDF2HMACBackend -from cryptography.hazmat.primitives import constant_time, interfaces +from cryptography.hazmat.primitives import constant_time +from cryptography.hazmat.primitives.kdf import KeyDerivationFunction -@utils.register_interface(interfaces.KeyDerivationFunction) +@utils.register_interface(KeyDerivationFunction) class PBKDF2HMAC(object): def __init__(self, algorithm, length, salt, iterations, backend): if not isinstance(backend, PBKDF2HMACBackend): |