From 42b3713eede3f5b417b0ce123fdcc9c4c24009d3 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sun, 23 Feb 2014 19:13:19 -0600 Subject: add RSA verification support --- docs/exceptions.rst | 4 ++-- docs/hazmat/primitives/asymmetric/rsa.rst | 36 +++++++++++++++++++++++++++++++ docs/hazmat/primitives/interfaces.rst | 4 ++-- 3 files changed, 40 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/exceptions.rst b/docs/exceptions.rst index 0982426f..7f9ae347 100644 --- a/docs/exceptions.rst +++ b/docs/exceptions.rst @@ -10,8 +10,8 @@ Exceptions .. class:: InvalidSignature - This is raised when the verify method of a hash context's computed digest - does not match the expected digest. + This is raised when signature verification fails. This can occur with + HMAC or asymmetric key signature validation. .. class:: NotYetFinalized diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst index 682820b3..528b5324 100644 --- a/docs/hazmat/primitives/asymmetric/rsa.rst +++ b/docs/hazmat/primitives/asymmetric/rsa.rst @@ -111,6 +111,42 @@ RSA or ``modulus`` do not match the bounds specified in :rfc:`3447`. + .. method:: verifier(signature, padding, algorithm, backend) + + .. versionadded:: 0.3 + + :param bytes signature: The signature to verify. + + :param padding: An instance of a + :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricPadding` + provider. + + :param algorithm: An instance of a + :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` + provider. + + :param backend: A + :class:`~cryptography.hazmat.backends.interfaces.RSABackend` + provider. + + :returns: + :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricVerificationContext` + + .. doctest:: + + >>> from cryptography.hazmat.backends import default_backend + >>> from cryptography.hazmat.primitives import hashes + >>> from cryptography.hazmat.primitives.asymmetric import rsa, padding + >>> private_key = rsa.RSAPrivateKey.generate(65537, 2048, default_backend()) + >>> signer = private_key.signer(padding.PKCS1(), hashes.SHA256(), default_backend()) + >>> data= b"this is some data I'd like to sign" + >>> signer.update(data) + >>> signature = signer.finalize() + >>> public_key = private_key.public_key() + >>> verifier = public_key.verifier(signature, padding.PKCS1(), hashes.SHA256(), default_backend()) + >>> verifier.update(data) + >>> verifier.verify() + .. _`RSA`: https://en.wikipedia.org/wiki/RSA_(cryptosystem) .. _`public-key`: https://en.wikipedia.org/wiki/Public-key_cryptography .. _`use 65537`: http://www.daemonology.net/blog/2009-06-11-cryptographic-right-answers.html diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index 5be3dd95..53113223 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -254,8 +254,8 @@ Asymmetric Interfaces .. method:: verify() - :raises cryptography.exceptions.InvalidSignature: If signature does not - validate. + :raises :class:`~cryptography.exceptions.InvalidAsymmetricSignature`: If + the signature does not validate. .. class:: AsymmetricPadding -- cgit v1.2.3 From 4c0b4a99982138c4ab83dfffb19975a91c57d1ab Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sun, 23 Feb 2014 19:28:44 -0600 Subject: more kwargs --- docs/hazmat/primitives/asymmetric/rsa.rst | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst index 528b5324..198ed7a3 100644 --- a/docs/hazmat/primitives/asymmetric/rsa.rst +++ b/docs/hazmat/primitives/asymmetric/rsa.rst @@ -137,7 +137,11 @@ RSA >>> from cryptography.hazmat.backends import default_backend >>> from cryptography.hazmat.primitives import hashes >>> from cryptography.hazmat.primitives.asymmetric import rsa, padding - >>> private_key = rsa.RSAPrivateKey.generate(65537, 2048, default_backend()) + >>> private_key = rsa.RSAPrivateKey.generate( + ... public_exponent=65537, + ... key_size=2048, + ... backend=default_backend() + ... ) >>> signer = private_key.signer(padding.PKCS1(), hashes.SHA256(), default_backend()) >>> data= b"this is some data I'd like to sign" >>> signer.update(data) -- cgit v1.2.3 From a0c157f467536b556481f7c2ee950612f4f8f7e7 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 25 Feb 2014 23:05:54 -0600 Subject: fix docs, port some review comments forward to the new PR --- docs/hazmat/primitives/asymmetric/rsa.rst | 39 +++++++++++++++++-------------- 1 file changed, 21 insertions(+), 18 deletions(-) (limited to 'docs') diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst index 198ed7a3..b3119440 100644 --- a/docs/hazmat/primitives/asymmetric/rsa.rst +++ b/docs/hazmat/primitives/asymmetric/rsa.rst @@ -115,22 +115,8 @@ RSA .. versionadded:: 0.3 - :param bytes signature: The signature to verify. - - :param padding: An instance of a - :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricPadding` - provider. - - :param algorithm: An instance of a - :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` - provider. - - :param backend: A - :class:`~cryptography.hazmat.backends.interfaces.RSABackend` - provider. - - :returns: - :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricVerificationContext` + Verify data was signed by the private key associated with the public + key. .. doctest:: @@ -142,15 +128,32 @@ RSA ... key_size=2048, ... backend=default_backend() ... ) - >>> signer = private_key.signer(padding.PKCS1(), hashes.SHA256(), default_backend()) + >>> signer = private_key.signer(padding.PKCS1v15(), hashes.SHA256(), default_backend()) >>> data= b"this is some data I'd like to sign" >>> signer.update(data) >>> signature = signer.finalize() >>> public_key = private_key.public_key() - >>> verifier = public_key.verifier(signature, padding.PKCS1(), hashes.SHA256(), default_backend()) + >>> verifier = public_key.verifier(signature, padding.PKCS1v15(), hashes.SHA256(), default_backend()) >>> verifier.update(data) >>> verifier.verify() + :param bytes signature: The signature to verify. + + :param padding: An instance of a + :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricPadding` + provider. + + :param algorithm: An instance of a + :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` + provider. + + :param backend: A + :class:`~cryptography.hazmat.backends.interfaces.RSABackend` + provider. + + :returns: + :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricVerificationContext` + .. _`RSA`: https://en.wikipedia.org/wiki/RSA_(cryptosystem) .. _`public-key`: https://en.wikipedia.org/wiki/Public-key_cryptography .. _`use 65537`: http://www.daemonology.net/blog/2009-06-11-cryptographic-right-answers.html -- cgit v1.2.3 From fef1fbd1187b7fc80589553fb192210dd15a3a1c Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 26 Feb 2014 23:39:37 -0400 Subject: address some review comments --- docs/hazmat/primitives/interfaces.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index 53113223..15ad1d1b 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -254,8 +254,8 @@ Asymmetric Interfaces .. method:: verify() - :raises :class:`~cryptography.exceptions.InvalidAsymmetricSignature`: If - the signature does not validate. + :raises cryptography.exceptions.InvalidSignature: If the signature does + not validate. .. class:: AsymmetricPadding -- cgit v1.2.3 From adba07a814626d1e409cd06d6a0774dae69a2c33 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 26 Feb 2014 23:55:51 -0400 Subject: docs language improvement --- docs/hazmat/primitives/asymmetric/rsa.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst index b3119440..7943981e 100644 --- a/docs/hazmat/primitives/asymmetric/rsa.rst +++ b/docs/hazmat/primitives/asymmetric/rsa.rst @@ -115,7 +115,7 @@ RSA .. versionadded:: 0.3 - Verify data was signed by the private key associated with the public + Verify data was signed by the private key associated with this public key. .. doctest:: -- cgit v1.2.3 From d63cbd0a7686fef6fffacad626cbf3bdbd3bb058 Mon Sep 17 00:00:00 2001 From: Wouter Bolsterlee Date: Sat, 1 Mar 2014 00:45:31 +0100 Subject: Fix ":param:" syntax in KDF docs --- docs/hazmat/primitives/key-derivation-functions.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/hazmat/primitives/key-derivation-functions.rst b/docs/hazmat/primitives/key-derivation-functions.rst index d8a0e241..851dbb0b 100644 --- a/docs/hazmat/primitives/key-derivation-functions.rst +++ b/docs/hazmat/primitives/key-derivation-functions.rst @@ -179,7 +179,7 @@ Different KDFs are suitable for different tasks such as: :param bytes info: Application specific context information. If ``None`` is explicitly passed an empty byte string will be used. - :params backend: A + :param backend: A :class:`~cryptography.hazmat.backends.interfaces.HMACBackend` provider. -- cgit v1.2.3 From 58ee8c55acc585fb90a99f6102fa4a7d56072b27 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sat, 1 Mar 2014 09:50:14 -0800 Subject: Docs as well --- docs/hazmat/primitives/twofactor.rst | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/hazmat/primitives/twofactor.rst b/docs/hazmat/primitives/twofactor.rst index 3df1a147..784b8ed1 100644 --- a/docs/hazmat/primitives/twofactor.rst +++ b/docs/hazmat/primitives/twofactor.rst @@ -47,8 +47,8 @@ codes (HMAC). provider. :raises ValueError: This is raised if the provided ``key`` is shorter than 128 bits or if the ``length`` parameter is not 6, 7 or 8. - :raises UnsupportedAlgorithm: This is raised if the provided ``algorithm`` - is not :class:`~cryptography.hazmat.primitives.hashes.SHA1()`, + :raises ValueError: This is raised if the provided ``algorithm`` is not + :class:`~cryptography.hazmat.primitives.hashes.SHA1()`, :class:`~cryptography.hazmat.primitives.hashes.SHA256()` or :class:`~cryptography.hazmat.primitives.hashes.SHA512()`. @@ -142,8 +142,8 @@ similar to the following code. provider. :raises ValueError: This is raised if the provided ``key`` is shorter than 128 bits or if the ``length`` parameter is not 6, 7 or 8. - :raises UnsupportedAlgorithm: This is raised if the provided ``algorithm`` - is not :class:`~cryptography.hazmat.primitives.hashes.SHA1()`, + :raises ValueError: This is raised if the provided ``algorithm`` is not + :class:`~cryptography.hazmat.primitives.hashes.SHA1()`, :class:`~cryptography.hazmat.primitives.hashes.SHA256()` or :class:`~cryptography.hazmat.primitives.hashes.SHA512()`. -- cgit v1.2.3 From 9b1a82e42bdd546220225430aa06e3b732fb0155 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sat, 1 Mar 2014 09:57:25 -0800 Subject: Switch to TypeError --- docs/hazmat/primitives/twofactor.rst | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/hazmat/primitives/twofactor.rst b/docs/hazmat/primitives/twofactor.rst index 784b8ed1..0e781439 100644 --- a/docs/hazmat/primitives/twofactor.rst +++ b/docs/hazmat/primitives/twofactor.rst @@ -47,7 +47,7 @@ codes (HMAC). provider. :raises ValueError: This is raised if the provided ``key`` is shorter than 128 bits or if the ``length`` parameter is not 6, 7 or 8. - :raises ValueError: This is raised if the provided ``algorithm`` is not + :raises TypeError: This is raised if the provided ``algorithm`` is not :class:`~cryptography.hazmat.primitives.hashes.SHA1()`, :class:`~cryptography.hazmat.primitives.hashes.SHA256()` or :class:`~cryptography.hazmat.primitives.hashes.SHA512()`. @@ -142,7 +142,7 @@ similar to the following code. provider. :raises ValueError: This is raised if the provided ``key`` is shorter than 128 bits or if the ``length`` parameter is not 6, 7 or 8. - :raises ValueError: This is raised if the provided ``algorithm`` is not + :raises TypeError: This is raised if the provided ``algorithm`` is not :class:`~cryptography.hazmat.primitives.hashes.SHA1()`, :class:`~cryptography.hazmat.primitives.hashes.SHA256()` or :class:`~cryptography.hazmat.primitives.hashes.SHA512()`. -- cgit v1.2.3 From 75e72ea9772dd3ae54bc1386f074370d43e356b8 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sat, 1 Mar 2014 12:18:27 -0800 Subject: Added vectors for scrypt from the draft RFC --- docs/development/test-vectors.rst | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst index c96b6d89..8b27e9d9 100644 --- a/docs/development/test-vectors.rst +++ b/docs/development/test-vectors.rst @@ -15,10 +15,12 @@ Asymmetric Ciphers * RSA PKCS #1 from the RSA FTP site (ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/ and ftp://ftp.rsa.com/pub/rsalabs/tmp/). -* OpenSSL PEM serialization vectors from the `OpenSSL test suite`_ and `GnuTLS test suite`_. +* OpenSSL PEM serialization vectors from the `OpenSSL test suite`_ and `GnuTLS + test suite`_. * PKCS #8 PEM serialization vectors from - * GnuTLS: `encpkcs8.pem`_, `enc2pkcs8.pem`_, `unencpkcs8.pem`_, `pkcs12_s2k_pem.c`_. + * GnuTLS: `encpkcs8.pem`_, `enc2pkcs8.pem`_, `unencpkcs8.pem`_, + `pkcs12_s2k_pem.c`_. * `Botan's ECC private keys`_. Hashes @@ -43,6 +45,7 @@ Key Derivation Functions * HKDF (SHA1, SHA256) from :rfc:`5869`. * PBKDF2 (HMAC-SHA1) from :rfc:`6070`. +* scrypt from the `draft RFC`_. Recipes ~~~~~~~ @@ -67,7 +70,8 @@ Two Factor Authentication ~~~~~~~~~~~~~~~~~~~~~~~~~ * HOTP from :rfc:`4226` -* TOTP from :rfc:`6238` (Note that an `errata`_ for the test vectors in RFC 6238 exists) +* TOTP from :rfc:`6238` (Note that an `errata`_ for the test vectors in RFC + 6238 exists) Creating Test Vectors @@ -103,6 +107,7 @@ header format (substituting the correct information): .. _`OpenSSL's test vectors`: https://github.com/openssl/openssl/blob/97cf1f6c2854a3a955fd7dd3a1f113deba00c9ef/crypto/evp/evptests.txt#L232 .. _`RIPEMD website`: http://homes.esat.kuleuven.be/~bosselae/ripemd160.html .. _`Whirlpool website`: http://www.larc.usp.br/~pbarreto/WhirlpoolPage.html +.. _`draft RFC`: https://tools.ietf.org/html/draft-josefsson-scrypt-kdf-01 .. _`Specification repository`: https://github.com/fernet/spec .. _`errata`: http://www.rfc-editor.org/errata_search.php?rfc=6238 .. _`OpenSSL test suite`: http://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=test/testrsa.pem;h=aad21067a8f7cb93a52a511eb9162fd83be39135;hb=66e8211c0b1347970096e04b18aa52567c325200 -- cgit v1.2.3 From 537f1e032b950f9cb8450b525b488c9740abea1e Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sat, 1 Mar 2014 16:33:02 -0800 Subject: Scrypt is a word --- docs/spelling_wordlist.txt | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt index 7200855d..bf5ae05e 100644 --- a/docs/spelling_wordlist.txt +++ b/docs/spelling_wordlist.txt @@ -28,6 +28,7 @@ pickleable plaintext pseudorandom Schneier +scrypt testability unencrypted unpadded -- cgit v1.2.3 From e7da0ab09dd7cf7261b0b2798edf15c76f2c6013 Mon Sep 17 00:00:00 2001 From: Alex Stapleton Date: Sun, 2 Mar 2014 14:04:33 +0000 Subject: DSA test vector docs --- docs/development/test-vectors.rst | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) (limited to 'docs') diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst index 8b27e9d9..f18a5f2e 100644 --- a/docs/development/test-vectors.rst +++ b/docs/development/test-vectors.rst @@ -15,8 +15,10 @@ Asymmetric Ciphers * RSA PKCS #1 from the RSA FTP site (ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/ and ftp://ftp.rsa.com/pub/rsalabs/tmp/). -* OpenSSL PEM serialization vectors from the `OpenSSL test suite`_ and `GnuTLS - test suite`_. +* DSA test vectors from `FIPS 186-2`_ and `FIPS 186-3`_. +* OpenSSL PEM RSA serialization vectors from the `OpenSSL example key`_ and + `GnuTLS key parsing tests`_. +* OpenSSL PEM DSA serialization vectors from the `GnuTLS example keys`_. * PKCS #8 PEM serialization vectors from * GnuTLS: `encpkcs8.pem`_, `enc2pkcs8.pem`_, `unencpkcs8.pem`_, @@ -110,10 +112,13 @@ header format (substituting the correct information): .. _`draft RFC`: https://tools.ietf.org/html/draft-josefsson-scrypt-kdf-01 .. _`Specification repository`: https://github.com/fernet/spec .. _`errata`: http://www.rfc-editor.org/errata_search.php?rfc=6238 -.. _`OpenSSL test suite`: http://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=test/testrsa.pem;h=aad21067a8f7cb93a52a511eb9162fd83be39135;hb=66e8211c0b1347970096e04b18aa52567c325200 -.. _`GnuTLS test suite`: https://gitorious.org/gnutls/gnutls/commit/f16ef39ef0303b02d7fa590a37820440c466ce8d +.. _`OpenSSL example key`: http://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=test/testrsa.pem;h=aad21067a8f7cb93a52a511eb9162fd83be39135;hb=66e8211c0b1347970096e04b18aa52567c325200 +.. _`GnuTLS key parsing tests`: https://gitorious.org/gnutls/gnutls/commit/f16ef39ef0303b02d7fa590a37820440c466ce8d .. _`encpkcs8.pem`: https://gitorious.org/gnutls/gnutls/source/f8d943b38bf74eaaa11d396112daf43cb8aa82ae:tests/pkcs8-decode/encpkcs8.pem .. _`enc2pkcs8.pem`: https://gitorious.org/gnutls/gnutls/source/f8d943b38bf74eaaa11d396112daf43cb8aa82ae:tests/pkcs8-decode/enc2pkcs8.pem .. _`unencpkcs8.pem`: https://gitorious.org/gnutls/gnutls/source/f8d943b38bf74eaaa11d396112daf43cb8aa82ae:tests/pkcs8-decode/unencpkcs8.pem .. _`pkcs12_s2k_pem.c`: https://gitorious.org/gnutls/gnutls/source/f8d943b38bf74eaaa11d396112daf43cb8aa82ae:tests/pkcs12_s2k_pem.c .. _`Botan's ECC private keys`: https://github.com/randombit/botan/tree/4917f26a2b154e841cd27c1bcecdd41d2bdeb6ce/src/tests/data/ecc +.. _`FIPS 186-2`: http://csrc.nist.gov/groups/STM/cavp/documents/dss/186-2dsatestvectors.zip +.. _`FIPS 186-3`: http://csrc.nist.gov/groups/STM/cavp/documents/dss/186-3dsatestvectors.zip +.. _`GnuTLS example keys`: https://gitorious.org/gnutls/gnutls/commit/ad2061deafdd7db78fd405f9d143b0a7c579da7b -- cgit v1.2.3 From f7914109e7518272032fcf5cdea8276bc6511d94 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sun, 23 Feb 2014 22:03:47 -0600 Subject: add vector source data for IDEA ECB to docs --- docs/development/test-vectors.rst | 3 +++ 1 file changed, 3 insertions(+) (limited to 'docs') diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst index f18a5f2e..ab60fdbd 100644 --- a/docs/development/test-vectors.rst +++ b/docs/development/test-vectors.rst @@ -67,6 +67,7 @@ Symmetric Ciphers * CAST5 (ECB) from :rfc:`2144`. * CAST5 (CBC, CFB, OFB) generated by this project. See: :doc:`/development/custom-vectors/cast5` +* IDEA (ECB) from the `NESSIE IDEA vectors`_ created by `NESSIE`_. Two Factor Authentication ~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -122,3 +123,5 @@ header format (substituting the correct information): .. _`FIPS 186-2`: http://csrc.nist.gov/groups/STM/cavp/documents/dss/186-2dsatestvectors.zip .. _`FIPS 186-3`: http://csrc.nist.gov/groups/STM/cavp/documents/dss/186-3dsatestvectors.zip .. _`GnuTLS example keys`: https://gitorious.org/gnutls/gnutls/commit/ad2061deafdd7db78fd405f9d143b0a7c579da7b +.. _`NESSIE IDEA vectors`: https://www.cosic.esat.kuleuven.be/nessie/testvectors/bc/idea/Idea-128-64.verified.test-vectors +.. _`NESSIE`: https://en.wikipedia.org/wiki/NESSIE -- cgit v1.2.3 From 9ab901df604177ea331b59b94d513af50af8f8e1 Mon Sep 17 00:00:00 2001 From: Ayrx Date: Tue, 4 Mar 2014 01:12:07 +0800 Subject: Updated documentation for HOTP and TOTP TypeError --- docs/hazmat/primitives/twofactor.rst | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'docs') diff --git a/docs/hazmat/primitives/twofactor.rst b/docs/hazmat/primitives/twofactor.rst index 0e781439..3912d483 100644 --- a/docs/hazmat/primitives/twofactor.rst +++ b/docs/hazmat/primitives/twofactor.rst @@ -50,7 +50,8 @@ codes (HMAC). :raises TypeError: This is raised if the provided ``algorithm`` is not :class:`~cryptography.hazmat.primitives.hashes.SHA1()`, :class:`~cryptography.hazmat.primitives.hashes.SHA256()` or - :class:`~cryptography.hazmat.primitives.hashes.SHA512()`. + :class:`~cryptography.hazmat.primitives.hashes.SHA512()` or if the + ``length`` parameter is not an integer. .. method:: generate(counter) @@ -145,7 +146,8 @@ similar to the following code. :raises TypeError: This is raised if the provided ``algorithm`` is not :class:`~cryptography.hazmat.primitives.hashes.SHA1()`, :class:`~cryptography.hazmat.primitives.hashes.SHA256()` or - :class:`~cryptography.hazmat.primitives.hashes.SHA512()`. + :class:`~cryptography.hazmat.primitives.hashes.SHA512()` or if the + ``length`` parameter is not an integer. .. method:: generate(time) -- cgit v1.2.3 From b416715b8ee96c445587d444a4684bc7817e4638 Mon Sep 17 00:00:00 2001 From: Mohammed Attia Date: Tue, 4 Mar 2014 03:29:56 +0200 Subject: Added documentation for the DSA interfaces --- docs/hazmat/primitives/interfaces.rst | 107 ++++++++++++++++++++++++++++++++++ 1 file changed, 107 insertions(+) (limited to 'docs') diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index 15ad1d1b..b119bc5b 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -231,6 +231,113 @@ Asymmetric Interfaces The public exponent. Alias for :attr:`public_exponent`. +.. class:: DSAParams + + .. versionadded:: 0.3 + + `DSA`_ parameters. + + .. attribute:: modulus + + :type: int + + The prime modulus that's used in generating the DSA keypair and used + in the DSA signing and verification processes. + + .. attribute:: subgroup_order + + :type: int + + The subgroup order that's used in generating the DSA keypair + by the generator and used in the DSA signing and verification + processes. + + .. attribute:: generator + + :type: int + + The generator that is used in generating the DSA keypair and used + in the DSA signing and verification processes." + + .. attribute:: p + + :type: int + + The prime modulus that's used in generating the DSA keypair and used + in the DSA signing and verification processes. Alias for modulus. + + .. attribute:: q + + :type: int + + The subgroup order that's used in generating the DSA keypair + by the generator and used in the DSA signing and verification + processes. Alias for subgroup_order. + + .. attribute:: g + + :type: int + + The generator that is used in generating the DSA keypair and used + in the DSA signing and verification processes. Alias for generator. + + +.. class:: DSAPrivateKey + + .. versionadded:: 0.3 + + An `DSA`_ private key. + + .. method:: public_key() + + :return: :class:`~cryptography.hazmat.primitives.interfaces.DSAPublicKey` + + An DSA public key object corresponding to the values of the private key. + + .. method:: parameters() + + :return: :class:`~cryptography.hazmat.primitives.interfaces.DSAParams` + + The DSAParams object associated with this private key. + + .. attribute:: key_size + + :type: int + + The bit length of the modulus. + + .. attribute:: x + + :type: int + + The private key. + + .. attribute:: y + + :type: int + + The public key. + + +.. class:: DSAPublicKey + + .. versionadded:: 0.3 + + An `DSA`_ private key. + + .. method:: parameters() + + :return: :class:`~cryptography.hazmat.primitives.interfaces.DSAParams` + + The DSAParams object associated with this public key. + + .. attribute:: y + + :type: int + + The public key. + + .. class:: AsymmetricSignatureContext .. versionadded:: 0.2 -- cgit v1.2.3 From 7032451fb442f3e4c5dd590c54aa7532b1197f5c Mon Sep 17 00:00:00 2001 From: Mohammed Attia Date: Tue, 4 Mar 2014 03:34:39 +0200 Subject: Annotate aliases in the DSA documentation --- docs/hazmat/primitives/interfaces.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'docs') diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index b119bc5b..bbaeb5e7 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -264,7 +264,7 @@ Asymmetric Interfaces :type: int The prime modulus that's used in generating the DSA keypair and used - in the DSA signing and verification processes. Alias for modulus. + in the DSA signing and verification processes. Alias for :attr:`modulus`. .. attribute:: q @@ -272,14 +272,14 @@ Asymmetric Interfaces The subgroup order that's used in generating the DSA keypair by the generator and used in the DSA signing and verification - processes. Alias for subgroup_order. + processes. Alias for :attr:`subgroup_order`. .. attribute:: g :type: int The generator that is used in generating the DSA keypair and used - in the DSA signing and verification processes. Alias for generator. + in the DSA signing and verification processes. Alias for :attr:`generator`. .. class:: DSAPrivateKey -- cgit v1.2.3 From 604c78f75ca1c0a5b6a340dd5067182487f1b65d Mon Sep 17 00:00:00 2001 From: Mohammed Attia Date: Tue, 4 Mar 2014 03:56:08 +0200 Subject: Define DSA in the documentation --- docs/hazmat/primitives/interfaces.rst | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index bbaeb5e7..2ea4b583 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -442,3 +442,4 @@ Key Derivation Functions .. _`RSA`: https://en.wikipedia.org/wiki/RSA_(cryptosystem) .. _`Chinese remainder theorem`: https://en.wikipedia.org/wiki/Chinese_remainder_theorem +.. _`DSA`: https://en.wikipedia.org/wiki/Digital_Signature_Algorithm -- cgit v1.2.3 From cb9a6c24ea2165b25e4129a440871ce7bcab3de4 Mon Sep 17 00:00:00 2001 From: Mohammed Attia Date: Tue, 4 Mar 2014 04:16:35 +0200 Subject: Change keypair to key pair to pass the sphinx spelling test --- docs/hazmat/primitives/interfaces.rst | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'docs') diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index 2ea4b583..c1a2d23a 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -241,14 +241,14 @@ Asymmetric Interfaces :type: int - The prime modulus that's used in generating the DSA keypair and used + The prime modulus that's used in generating the DSA key pair and used in the DSA signing and verification processes. .. attribute:: subgroup_order :type: int - The subgroup order that's used in generating the DSA keypair + The subgroup order that's used in generating the DSA key pair by the generator and used in the DSA signing and verification processes. @@ -256,21 +256,21 @@ Asymmetric Interfaces :type: int - The generator that is used in generating the DSA keypair and used + The generator that is used in generating the DSA key pair and used in the DSA signing and verification processes." .. attribute:: p :type: int - The prime modulus that's used in generating the DSA keypair and used + The prime modulus that's used in generating the DSA key pair and used in the DSA signing and verification processes. Alias for :attr:`modulus`. .. attribute:: q :type: int - The subgroup order that's used in generating the DSA keypair + The subgroup order that's used in generating the DSA key pair by the generator and used in the DSA signing and verification processes. Alias for :attr:`subgroup_order`. @@ -278,7 +278,7 @@ Asymmetric Interfaces :type: int - The generator that is used in generating the DSA keypair and used + The generator that is used in generating the DSA key pair and used in the DSA signing and verification processes. Alias for :attr:`generator`. -- cgit v1.2.3 From 7f0039cbdffb976b006ccceaa06a6051421b6b03 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 3 Mar 2014 22:32:11 -0400 Subject: add vector sources --- docs/development/test-vectors.rst | 1 + 1 file changed, 1 insertion(+) (limited to 'docs') diff --git a/docs/development/test-vectors.rst b/docs/development/test-vectors.rst index f18a5f2e..419dcc82 100644 --- a/docs/development/test-vectors.rst +++ b/docs/development/test-vectors.rst @@ -15,6 +15,7 @@ Asymmetric Ciphers * RSA PKCS #1 from the RSA FTP site (ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-1/ and ftp://ftp.rsa.com/pub/rsalabs/tmp/). +* RSA FIPS 186-2 and PKCS1 v1.5 vulnerability test vectors from `NIST CAVP`_. * DSA test vectors from `FIPS 186-2`_ and `FIPS 186-3`_. * OpenSSL PEM RSA serialization vectors from the `OpenSSL example key`_ and `GnuTLS key parsing tests`_. -- cgit v1.2.3 From 92ddd7636b85a2b452019af46026ceda85c7ca35 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Mon, 3 Mar 2014 19:39:40 -0800 Subject: On the suggestion of @zooko, note that we have not been audited --- docs/index.rst | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'docs') diff --git a/docs/index.rst b/docs/index.rst index 176405b5..02f7ba32 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -91,4 +91,10 @@ The ``cryptography`` open source project community +.. note:: + + ``cryptography`` has not been subjected to an external audit of its code or + documentation. If you're interested in discussing an audit please + :doc:`getting in touch `. + .. _`pre-compiled binaries`: https://www.openssl.org/related/binaries.html -- cgit v1.2.3 From 0df8c97126467390cff8457537d2e5648a82fc57 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Mon, 3 Mar 2014 19:43:50 -0800 Subject: grammar. an thing. --- docs/index.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'docs') diff --git a/docs/index.rst b/docs/index.rst index 02f7ba32..a25f4470 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -95,6 +95,6 @@ The ``cryptography`` open source project ``cryptography`` has not been subjected to an external audit of its code or documentation. If you're interested in discussing an audit please - :doc:`getting in touch `. + :doc:`get in touch `. .. _`pre-compiled binaries`: https://www.openssl.org/related/binaries.html -- cgit v1.2.3 From 7a1738a1b8b3da2a215f2ea3aff73a67eaaab406 Mon Sep 17 00:00:00 2001 From: Mohammed Attia Date: Tue, 4 Mar 2014 19:17:24 +0200 Subject: Typo fixes --- docs/hazmat/primitives/interfaces.rst | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'docs') diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index c1a2d23a..d94aee83 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -241,14 +241,14 @@ Asymmetric Interfaces :type: int - The prime modulus that's used in generating the DSA key pair and used + The prime modulus that is used in generating the DSA key pair and used in the DSA signing and verification processes. .. attribute:: subgroup_order :type: int - The subgroup order that's used in generating the DSA key pair + The subgroup order that is used in generating the DSA key pair by the generator and used in the DSA signing and verification processes. @@ -257,20 +257,20 @@ Asymmetric Interfaces :type: int The generator that is used in generating the DSA key pair and used - in the DSA signing and verification processes." + in the DSA signing and verification processes. .. attribute:: p :type: int - The prime modulus that's used in generating the DSA key pair and used + The prime modulus that is used in generating the DSA key pair and used in the DSA signing and verification processes. Alias for :attr:`modulus`. .. attribute:: q :type: int - The subgroup order that's used in generating the DSA key pair + The subgroup order that is used in generating the DSA key pair by the generator and used in the DSA signing and verification processes. Alias for :attr:`subgroup_order`. @@ -286,7 +286,7 @@ Asymmetric Interfaces .. versionadded:: 0.3 - An `DSA`_ private key. + A `DSA`_ private key. .. method:: public_key() @@ -323,7 +323,7 @@ Asymmetric Interfaces .. versionadded:: 0.3 - An `DSA`_ private key. + A `DSA`_ private key. .. method:: parameters() -- cgit v1.2.3 From 71acc67e71013f8660a16d78520da22ec379e259 Mon Sep 17 00:00:00 2001 From: Mohammed Attia Date: Tue, 4 Mar 2014 19:20:45 +0200 Subject: Change DSAParams to DSAParameters --- docs/hazmat/primitives/interfaces.rst | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'docs') diff --git a/docs/hazmat/primitives/interfaces.rst b/docs/hazmat/primitives/interfaces.rst index d94aee83..cc2a3000 100644 --- a/docs/hazmat/primitives/interfaces.rst +++ b/docs/hazmat/primitives/interfaces.rst @@ -231,7 +231,7 @@ Asymmetric Interfaces The public exponent. Alias for :attr:`public_exponent`. -.. class:: DSAParams +.. class:: DSAParameters .. versionadded:: 0.3 @@ -296,9 +296,9 @@ Asymmetric Interfaces .. method:: parameters() - :return: :class:`~cryptography.hazmat.primitives.interfaces.DSAParams` + :return: :class:`~cryptography.hazmat.primitives.interfaces.DSAParameters` - The DSAParams object associated with this private key. + The DSAParameters object associated with this private key. .. attribute:: key_size @@ -327,9 +327,9 @@ Asymmetric Interfaces .. method:: parameters() - :return: :class:`~cryptography.hazmat.primitives.interfaces.DSAParams` + :return: :class:`~cryptography.hazmat.primitives.interfaces.DSAParameters` - The DSAParams object associated with this public key. + The DSAParameters object associated with this public key. .. attribute:: y -- cgit v1.2.3