Merge pull request #416 from dreid/improved-aead-examples
Try making the AEAD examples less dense.
diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py
index 4906646..284fa98 100644
--- a/cryptography/hazmat/backends/openssl/backend.py
+++ b/cryptography/hazmat/backends/openssl/backend.py
@@ -22,7 +22,7 @@
)
from cryptography.hazmat.primitives import interfaces
from cryptography.hazmat.primitives.ciphers.algorithms import (
- AES, Blowfish, Camellia, CAST5, TripleDES, ARC4,
+ AES, Blowfish, Camellia, TripleDES, ARC4,
)
from cryptography.hazmat.primitives.ciphers.modes import (
CBC, CTR, ECB, OFB, CFB, GCM,
@@ -108,11 +108,6 @@
GetCipherByName("bf-{mode.name}")
)
self.register_cipher_adapter(
- CAST5,
- ECB,
- GetCipherByName("cast5-ecb")
- )
- self.register_cipher_adapter(
ARC4,
type(None),
GetCipherByName("rc4")
diff --git a/cryptography/hazmat/bindings/openssl/binding.py b/cryptography/hazmat/bindings/openssl/binding.py
index 2a1e118..8a4e1dd 100644
--- a/cryptography/hazmat/bindings/openssl/binding.py
+++ b/cryptography/hazmat/bindings/openssl/binding.py
@@ -13,9 +13,8 @@
from __future__ import absolute_import, division, print_function
-from cryptography.hazmat.bindings.utils import (
- build_ffi, binding_available
-)
+from cryptography.hazmat.bindings.utils import build_ffi
+
_OSX_PRE_INCLUDE = """
#ifdef __APPLE__
@@ -84,4 +83,5 @@
@classmethod
def is_available(cls):
- return binding_available(cls._ensure_ffi_initialized)
+ # OpenSSL is the only binding so for now it must always be available
+ return True
diff --git a/cryptography/hazmat/bindings/utils.py b/cryptography/hazmat/bindings/utils.py
index 40fd07f..69290eb 100644
--- a/cryptography/hazmat/bindings/utils.py
+++ b/cryptography/hazmat/bindings/utils.py
@@ -87,11 +87,3 @@
delattr(lib, name)
return ffi, lib
-
-
-def binding_available(initializer):
- try:
- initializer()
- return True
- except cffi.VerificationError:
- return False
diff --git a/cryptography/hazmat/primitives/ciphers/algorithms.py b/cryptography/hazmat/primitives/ciphers/algorithms.py
index a5cfce9..19cf192 100644
--- a/cryptography/hazmat/primitives/ciphers/algorithms.py
+++ b/cryptography/hazmat/primitives/ciphers/algorithms.py
@@ -90,21 +90,6 @@
return len(self.key) * 8
-@utils.register_interface(interfaces.BlockCipherAlgorithm)
-@utils.register_interface(interfaces.CipherAlgorithm)
-class CAST5(object):
- name = "CAST5"
- block_size = 64
- key_sizes = frozenset(range(40, 129, 8))
-
- def __init__(self, key):
- self.key = _verify_key_size(self, key)
-
- @property
- def key_size(self):
- return len(self.key) * 8
-
-
@utils.register_interface(interfaces.CipherAlgorithm)
class ARC4(object):
name = "RC4"
diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst
index 59aff99..a683bb9 100644
--- a/docs/hazmat/primitives/symmetric-encryption.rst
+++ b/docs/hazmat/primitives/symmetric-encryption.rst
@@ -189,15 +189,6 @@
``56`` bits long), they can simply be concatenated to
produce the full key. This must be kept secret.
-.. class:: CAST5(key)
-
- CAST5 (also known as CAST-128) is a block cipher approved for use in the
- Canadian government by their Communications Security Establishment. It is a
- variable key length cipher and supports keys from 40-128 bits in length.
-
- :param bytes key: The secret key, 40-128 bits in length (in increments of
- 8). This must be kept secret.
-
Weak Ciphers
------------
diff --git a/tests/hazmat/bindings/test_bindings.py b/tests/hazmat/bindings/test_bindings.py
deleted file mode 100644
index 7af1d58..0000000
--- a/tests/hazmat/bindings/test_bindings.py
+++ /dev/null
@@ -1,32 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-from __future__ import absolute_import, division, print_function
-
-import cffi
-
-from cryptography.hazmat.bindings.utils import binding_available
-from cryptography.hazmat.bindings.openssl.binding import Binding
-
-
-def dummy_initializer():
- ffi = cffi.FFI()
- ffi.verify(source="#include <fake_header.h>")
-
-
-def test_binding_available():
- assert binding_available(Binding._ensure_ffi_initialized) is True
-
-
-def test_binding_unavailable():
- assert binding_available(dummy_initializer) is False
diff --git a/tests/hazmat/primitives/test_cast5.py b/tests/hazmat/primitives/test_cast5.py
deleted file mode 100644
index d65a86b..0000000
--- a/tests/hazmat/primitives/test_cast5.py
+++ /dev/null
@@ -1,41 +0,0 @@
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-from __future__ import absolute_import, division, print_function
-
-import binascii
-import os
-
-import pytest
-
-from cryptography.hazmat.primitives.ciphers import algorithms, modes
-
-from .utils import generate_encrypt_test
-from ...utils import load_nist_vectors
-
-
-@pytest.mark.supported(
- only_if=lambda backend: backend.cipher_supported(
- algorithms.CAST5("\x00" * 16), modes.ECB()
- ),
- skip_message="Does not support CAST5 ECB",
-)
-@pytest.mark.cipher
-class TestCAST5(object):
- test_ECB = generate_encrypt_test(
- load_nist_vectors,
- os.path.join("ciphers", "CAST5"),
- ["cast5-ecb.txt"],
- lambda key, **kwargs: algorithms.CAST5(binascii.unhexlify((key))),
- lambda **kwargs: modes.ECB(),
- )
diff --git a/tests/hazmat/primitives/test_ciphers.py b/tests/hazmat/primitives/test_ciphers.py
index 653f7ce..6a7b2f9 100644
--- a/tests/hazmat/primitives/test_ciphers.py
+++ b/tests/hazmat/primitives/test_ciphers.py
@@ -18,7 +18,7 @@
import pytest
from cryptography.hazmat.primitives.ciphers.algorithms import (
- AES, Camellia, TripleDES, Blowfish, CAST5, ARC4
+ AES, Camellia, TripleDES, Blowfish, ARC4
)
@@ -80,19 +80,6 @@
Blowfish(binascii.unhexlify(b"0" * 6))
-class TestCAST5(object):
- @pytest.mark.parametrize(("key", "keysize"), [
- (b"0" * (keysize // 4), keysize) for keysize in range(40, 129, 8)
- ])
- def test_key_size(self, key, keysize):
- cipher = CAST5(binascii.unhexlify(key))
- assert cipher.key_size == keysize
-
- def test_invalid_key_size(self):
- with pytest.raises(ValueError):
- CAST5(binascii.unhexlify(b"0" * 34))
-
-
class TestARC4(object):
@pytest.mark.parametrize(("key", "keysize"), [
(b"0" * 10, 40),