From 585c99c9b967f0774ddf9ed4d9f9cd7a23c962a3 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 4 Feb 2014 16:10:10 -0800 Subject: Document which backends implement which itnerfaces. Fixes #538 --- docs/hazmat/backends/interfaces.rst | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst index 49e4c88c..5131ca12 100644 --- a/docs/hazmat/backends/interfaces.rst +++ b/docs/hazmat/backends/interfaces.rst @@ -19,6 +19,11 @@ A specific ``backend`` may provide one or more of these interfaces. A backend which provides methods for using ciphers for encryption and decryption. + The following backends implement this interface: + + * :doc:`/hazmat/backends/openssl` + * :doc:`/hazmat/backends/commoncrypto` + .. method:: cipher_supported(cipher, mode) Check if a ``cipher`` and ``mode`` combination is supported by @@ -76,6 +81,11 @@ A specific ``backend`` may provide one or more of these interfaces. A backend with methods for using cryptographic hash functions. + The following backends implement this interface: + + * :doc:`/hazmat/backends/openssl` + * :doc:`/hazmat/backends/commoncrypto` + .. method:: hash_supported(algorithm) Check if the specified ``algorithm`` is supported by this backend. @@ -107,6 +117,11 @@ A specific ``backend`` may provide one or more of these interfaces. A backend with methods for using cryptographic hash functions as message authentication codes. + The following backends implement this interface: + + * :doc:`/hazmat/backends/openssl` + * :doc:`/hazmat/backends/commoncrypto` + .. method:: hmac_supported(algorithm) Check if the specified ``algorithm`` is supported by this backend. @@ -139,6 +154,11 @@ A specific ``backend`` may provide one or more of these interfaces. A backend with methods for using PBKDF2 using HMAC as a PRF. + The following backends implement this interface: + + * :doc:`/hazmat/backends/openssl` + * :doc:`/hazmat/backends/commoncrypto` + .. method:: pbkdf2_hmac_supported(algorithm) Check if the specified ``algorithm`` is supported by this backend. @@ -171,4 +191,3 @@ A specific ``backend`` may provide one or more of these interfaces. the derived key. This is typically a password. :return bytes: Derived key. - -- cgit v1.2.3 From ae9451f145b1850ac6d0fd4891932f24c49c3c21 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 4 Feb 2014 17:16:37 -0800 Subject: More clearly describe the behavior of constant_time.bytes_eq --- docs/hazmat/primitives/constant-time.rst | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/hazmat/primitives/constant-time.rst b/docs/hazmat/primitives/constant-time.rst index 632e7c68..7924efca 100644 --- a/docs/hazmat/primitives/constant-time.rst +++ b/docs/hazmat/primitives/constant-time.rst @@ -19,8 +19,10 @@ about the timing attacks on KeyCzar and Java's ``MessageDigest.isEqual()``. .. function:: bytes_eq(a, b) - Compare ``a`` and ``b`` to one another in constant time if they are of the - same length. + Compares ``a`` and ``b`` with one another. If ``a`` and ``b`` have + different lengths, this returns ``False`` immediately. Otherwise it + compares them in a way that takes the same amount of time, regardless of + how many characters are the same between the two. .. doctest:: -- cgit v1.2.3 From e6c41b078b1f394d74f9287a15c74e5dfbf78616 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 4 Feb 2014 17:19:52 -0800 Subject: Some reST markup nonsense --- docs/hazmat/primitives/constant-time.rst | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/hazmat/primitives/constant-time.rst b/docs/hazmat/primitives/constant-time.rst index 7924efca..c6fcb3a3 100644 --- a/docs/hazmat/primitives/constant-time.rst +++ b/docs/hazmat/primitives/constant-time.rst @@ -32,9 +32,10 @@ about the timing attacks on KeyCzar and Java's ``MessageDigest.isEqual()``. >>> constant_time.bytes_eq(b"foo", b"bar") False - :param a bytes: The left-hand side. - :param b bytes: The right-hand side. - :returns boolean: True if ``a`` has the same bytes as ``b``. + :param bytes a: The left-hand side. + :param bytes b: The right-hand side. + :returns bool: ``True`` if ``a`` has the same bytes as ``b``, otherwise + ``False``. .. _`Coda Hale's blog post`: http://codahale.com/a-lesson-in-timing-attacks/ -- cgit v1.2.3