commit 270933c1a2afa0aa60409946bb7319d85fd60059
author Alex Gaynor <alex.gaynor@gmail.com> Fri Nov 10 23:19:05 2017 -0500
committer Paul Kehrer <paul.l.kehrer@gmail.com> Sat Nov 11 12:19:05 2017 +0800
tree f5ff261a2dd5be46e812785d67f9322596b19792
parent d2d800058f93f78e46afe504b5709b865b7af35d

Use a different warning class so users get warnings (#4014)

* Use a different warning class so users get warnings

* fixed tests

* do our own warning class

* typo

* flake8

docs/api-stability.rst

diff --git a/docs/api-stability.rst b/docs/api-stability.rst
index 7ba1d42..2bb5384 100644
--- a/docs/api-stability.rst
+++ b/docs/api-stability.rst
@@ -42,9 +42,9 @@
 
 * In ``cryptography X.Y`` the feature exists.
 * In ``cryptography X.Y+1`` using that feature will emit a
-  ``PendingDeprecationWarning``.
+  ``UserWarning``.
 * In ``cryptography X.Y+2`` using that feature will emit a
-  ``DeprecationWarning``.
+  ``UserWarning``.
 * In ``cryptography X.Y+3`` the feature will be removed or changed.
 
 In short, code that runs without warnings will always continue to work for a

src/cryptography/utils.py

diff --git a/src/cryptography/utils.py b/src/cryptography/utils.py
index 382905c..baa7b7a 100644
--- a/src/cryptography/utils.py
+++ b/src/cryptography/utils.py
@@ -11,11 +11,17 @@
 import warnings
 
 
+# We use a UserWarning subclass, instead of DeprecationWarning, because CPython
+# decided deprecation warnings should be invisble be default.
+class CryptographyDeprecationWarning(UserWarning):
+    pass
+
+
 # Several APIs were deprecated with no specific end-of-life date because of the
 # ubiquity of their use. They should not be removed until we agree on when that
 # cycle ends.
-PersistentlyDeprecated = DeprecationWarning
-DeprecatedIn21 = DeprecationWarning
+PersistentlyDeprecated = CryptographyDeprecationWarning
+DeprecatedIn21 = CryptographyDeprecationWarning
 
 
 def _check_bytes(name, value):

tests/hazmat/primitives/test_asym_utils.py

diff --git a/tests/hazmat/primitives/test_asym_utils.py b/tests/hazmat/primitives/test_asym_utils.py
index 4835f09..fc9e9fd 100644
--- a/tests/hazmat/primitives/test_asym_utils.py
+++ b/tests/hazmat/primitives/test_asym_utils.py
@@ -10,12 +10,15 @@
     Prehashed, decode_dss_signature, decode_rfc6979_signature,
     encode_dss_signature, encode_rfc6979_signature,
 )
+from cryptography.utils import CryptographyDeprecationWarning
 
 
 def test_deprecated_rfc6979_signature():
-    sig = pytest.deprecated_call(encode_rfc6979_signature, 1, 1)
+    with pytest.warns(CryptographyDeprecationWarning):
+        sig = encode_rfc6979_signature(1, 1)
     assert sig == b"0\x06\x02\x01\x01\x02\x01\x01"
-    decoded = pytest.deprecated_call(decode_rfc6979_signature, sig)
+    with pytest.warns(CryptographyDeprecationWarning):
+        decoded = decode_rfc6979_signature(sig)
     assert decoded == (1, 1)
 
 

tests/hazmat/primitives/test_dsa.py

diff --git a/tests/hazmat/primitives/test_dsa.py b/tests/hazmat/primitives/test_dsa.py
index 89303fe..f08de6a 100644
--- a/tests/hazmat/primitives/test_dsa.py
+++ b/tests/hazmat/primitives/test_dsa.py
@@ -18,6 +18,7 @@
 from cryptography.hazmat.primitives.asymmetric.utils import (
     Prehashed, encode_dss_signature
 )
+from cryptography.utils import CryptographyDeprecationWarning
 
 from .fixtures_dsa import (
     DSA_KEY_1024, DSA_KEY_2048, DSA_KEY_3072
@@ -574,9 +575,8 @@
             y=vector['y']
         ).public_key(backend)
         sig = encode_dss_signature(vector['r'], vector['s'])
-        verifier = pytest.deprecated_call(
-            public_key.verifier, sig, algorithm()
-        )
+        with pytest.warns(CryptographyDeprecationWarning):
+            verifier = public_key.verifier(sig, algorithm())
 
         verifier.update(vector['msg'])
         if vector['result'] == "F":
@@ -687,7 +687,8 @@
             ),
             x=vector['x']
         ).private_key(backend)
-        signer = pytest.deprecated_call(private_key.signer, algorithm())
+        with pytest.warns(CryptographyDeprecationWarning):
+            signer = private_key.signer(algorithm())
         signer.update(vector['msg'])
         signature = signer.finalize()
         assert signature

tests/hazmat/primitives/test_ec.py

diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py
index f493869..4f08f18 100644
--- a/tests/hazmat/primitives/test_ec.py
+++ b/tests/hazmat/primitives/test_ec.py
@@ -20,6 +20,7 @@
 from cryptography.hazmat.primitives.asymmetric.utils import (
     Prehashed, encode_dss_signature
 )
+from cryptography.utils import CryptographyDeprecationWarning
 
 from .fixtures_ec import EC_KEY_SECP384R1
 from ...doubles import DummyKeySerializationEncryption
@@ -350,13 +351,13 @@
         pkey = key.public_key()
         assert pkey
 
-        signer = pytest.deprecated_call(key.signer, ec.ECDSA(hash_type()))
+        with pytest.warns(CryptographyDeprecationWarning):
+            signer = key.signer(ec.ECDSA(hash_type()))
         signer.update(b"YELLOW SUBMARINE")
         signature = signer.finalize()
 
-        verifier = pytest.deprecated_call(
-            pkey.verifier, signature, ec.ECDSA(hash_type())
-        )
+        with pytest.warns(CryptographyDeprecationWarning):
+            verifier = pkey.verifier(signature, ec.ECDSA(hash_type()))
         verifier.update(b"YELLOW SUBMARINE")
         verifier.verify()
 

tests/hazmat/primitives/test_rsa.py

diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
index fc956ec..0982042 100644
--- a/tests/hazmat/primitives/test_rsa.py
+++ b/tests/hazmat/primitives/test_rsa.py
@@ -24,6 +24,7 @@
 from cryptography.hazmat.primitives.asymmetric.rsa import (
     RSAPrivateNumbers, RSAPublicNumbers
 )
+from cryptography.utils import CryptographyDeprecationWarning
 
 from .fixtures_rsa import (
     RSA_KEY_1024, RSA_KEY_1025, RSA_KEY_1026, RSA_KEY_1027, RSA_KEY_1028,
@@ -383,11 +384,8 @@
                 n=private["modulus"]
             )
         ).private_key(backend)
-        signer = pytest.deprecated_call(
-            private_key.signer,
-            padding.PKCS1v15(),
-            hashes.SHA1()
-        )
+        with pytest.warns(CryptographyDeprecationWarning):
+            signer = private_key.signer(padding.PKCS1v15(), hashes.SHA1())
         signer.update(binascii.unhexlify(example["message"]))
         signature = signer.finalize()
         assert binascii.hexlify(signature) == example["signature"]
@@ -714,12 +712,12 @@
             e=public["public_exponent"],
             n=public["modulus"]
         ).public_key(backend)
-        verifier = pytest.deprecated_call(
-            public_key.verifier,
-            binascii.unhexlify(example["signature"]),
-            padding.PKCS1v15(),
-            hashes.SHA1()
-        )
+        with pytest.warns(CryptographyDeprecationWarning):
+            verifier = public_key.verifier(
+                binascii.unhexlify(example["signature"]),
+                padding.PKCS1v15(),
+                hashes.SHA1()
+            )
         verifier.update(binascii.unhexlify(example["message"]))
         verifier.verify()
 

tests/x509/test_x509.py

diff --git a/tests/x509/test_x509.py b/tests/x509/test_x509.py
index 97b5a74..27e284a 100644
--- a/tests/x509/test_x509.py
+++ b/tests/x509/test_x509.py
@@ -577,7 +577,7 @@
             backend
         )
 
-        with pytest.deprecated_call():
+        with pytest.warns(utils.CryptographyDeprecationWarning):
             assert cert.serial == 2
             assert cert.serial_number == 2
 
@@ -588,7 +588,7 @@
             backend
         )
 
-        with pytest.deprecated_call():
+        with pytest.warns(utils.CryptographyDeprecationWarning):
             cert.serial
 
     def test_load_der_cert(self, backend):