Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / 86dd8345a9bd8f826b950b4574072427676f43b3^1..86dd8345a9bd8f826b950b4574072427676f43b3 / .
commit86dd8345a9bd8f826b950b4574072427676f43b3[log] [tgz]
authorPaul Kehrer <paul.l.kehrer@gmail.com>Mon Sep 08 13:30:00 2014 -0500
committerPaul Kehrer <paul.l.kehrer@gmail.com>Mon Sep 08 13:30:00 2014 -0500
tree5156d0a8cf6f69b4ee3f784cb15fed45d3c44770
parente9d027a99b7b945e4254e2ddd407c34d500cd22d [diff]
parent99e61ea62b4d9dafe0a1535a167f0773da94bb68 [diff]
Merge pull request #1276 from alex/pem-loading-backend

Added PEMSerializationBackend interface
diff --git a/cryptography/hazmat/backends/interfaces.py b/cryptography/hazmat/backends/interfaces.py
index 75d9af6..3761e25 100644
--- a/cryptography/hazmat/backends/interfaces.py
+++ b/cryptography/hazmat/backends/interfaces.py

@@ -273,6 +273,16 @@
 
 
 @six.add_metaclass(abc.ABCMeta)
+class PEMSerializationBackend(object):
+    @abc.abstractmethod
+    def load_pem_private_key(self, data, password):
+        """
+        Loads a private key from PEM encoded data, using the provided password
+        if the data is encrypted.
+        """
+
+
+@six.add_metaclass(abc.ABCMeta)
 class TraditionalOpenSSLSerializationBackend(object):
     @abc.abstractmethod
     def load_traditional_openssl_pem_private_key(self, data, password):

diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst
index 63f8406..f8341d1 100644
--- a/docs/hazmat/backends/interfaces.rst
+++ b/docs/hazmat/backends/interfaces.rst

@@ -578,6 +578,23 @@
             :class:`~cryptography.hazmat.primitives.interfaces.EllipticCurvePublicKey`
             provider.
 
+.. class:: PEMSerializationBackend
+
+    .. versionadded:: 0.6
+
+    A backend with methods for working with any PEM encoded keys.
+
+    .. method:: load_pem_private_key(data, password)
+
+        :param bytes data: PEM data to load.
+        :param bytes password: The password to use if the data is encrypted.
+            Should be ``None`` if the data is not encrypted.
+        :return: A new instance of the appropriate type of private key that the
+            serialized data contains.
+        :raises ValueError: If the data could not be deserialized.
+        :raises cryptography.exceptions.UnsupportedAlgorithm: If the data is
+            encrypted with an unsupported algorithm.
+
 .. class:: TraditionalOpenSSLSerializationBackend
 
     .. versionadded:: 0.3
@@ -592,8 +609,8 @@
         :param bytes password: The password to use if this data is encrypted.
             Should be None if the data is not encrypted.
 
-        :return: A new instance of the appropriate private key or public key
-            that the serialized data contains.
+        :return: A new instance of the appropriate type of private key that the
+            serialized data contains.
 
         :raises ValueError: If the data could not be deserialized correctly.