rename add_data to authenticate_additional_data for clarity (hopefully)
diff --git a/cryptography/hazmat/bindings/openssl/backend.py b/cryptography/hazmat/bindings/openssl/backend.py
index 527706b..1a53401 100644
--- a/cryptography/hazmat/bindings/openssl/backend.py
+++ b/cryptography/hazmat/bindings/openssl/backend.py
@@ -336,7 +336,7 @@
assert res == 1
return self._backend.ffi.buffer(buf)[:outlen[0]]
- def add_data(self, data):
+ def authenticate_additional_data(self, data):
outlen = self._backend.ffi.new("int *")
res = self._backend.lib.EVP_CipherUpdate(
self._ctx, self._backend.ffi.NULL, outlen, data, len(data)
diff --git a/cryptography/hazmat/primitives/ciphers/base.py b/cryptography/hazmat/primitives/ciphers/base.py
index 7c31589..c8c4533 100644
--- a/cryptography/hazmat/primitives/ciphers/base.py
+++ b/cryptography/hazmat/primitives/ciphers/base.py
@@ -98,12 +98,12 @@
self._ctx = None
return data
- def add_data(self, data):
+ def authenticate_additional_data(self, data):
if self._ctx is None:
raise AlreadyFinalized("Context was already finalized")
if self._updated:
raise AlreadyUpdated("Update has been called on this context")
- self._ctx.add_data(data)
+ self._ctx.authenticate_additional_data(data)
@property
def tag(self):
diff --git a/cryptography/hazmat/primitives/interfaces.py b/cryptography/hazmat/primitives/interfaces.py
index f216686..c0548df 100644
--- a/cryptography/hazmat/primitives/interfaces.py
+++ b/cryptography/hazmat/primitives/interfaces.py
@@ -86,9 +86,9 @@
"""
@abc.abstractmethod
- def add_data(self, data):
+ def authenticate_additional_data(self, data):
"""
- add_data takes bytes and returns nothing.
+ authenticate_additional_data takes bytes and returns nothing.
"""
diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst
index 3ed8c9e..d123d15 100644
--- a/docs/hazmat/primitives/symmetric-encryption.rst
+++ b/docs/hazmat/primitives/symmetric-encryption.rst
@@ -123,13 +123,13 @@
When calling ``encryptor()`` or ``decryptor()`` on a ``Cipher`` object
with an AEAD mode you will receive a return object conforming to the
``AEADCipherContext`` interface, in addition to the ``CipherContext``
- interface. ``AEADCipherContext`` contains an additional method ``add_data``
- for adding additional authenticated by non-encrypted data. You should call
- this before calls to ``update``. When you are done call ``finalize()`` to
- finish the operation. Once this is complete you can obtain the tag value
- from the ``tag`` property.
+ interface. ``AEADCipherContext`` contains an additional method
+ ``authenticate_additional_data`` for adding additional authenticated but
+ unencrypted data. You should call this before calls to ``update``. When you
+ are done call ``finalize()`` to finish the operation. Once this is complete
+ you can obtain the tag value from the ``tag`` property.
- .. method:: add_data(data)
+ .. method:: authenticate_additional_data(data)
:param bytes data: The data you wish to authenticate but not encrypt.
:raises: :class:`~cryptography.exceptions.AlreadyFinalized`
@@ -339,12 +339,12 @@
>>> from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
>>> cipher = Cipher(algorithms.AES(key), modes.GCM(iv))
>>> encryptor = cipher.encryptor()
- >>> encryptor.add_data(b"authenticated but not encrypted payload")
+ >>> encryptor.authenticate_additional_data(b"authenticated but not encrypted payload")
>>> ct = encryptor.update(b"a secret message") + encryptor.finalize()
>>> tag = encryptor.tag
>>> cipher = Cipher(algorithms.AES(key), modes.GCM(iv, tag))
>>> decryptor = cipher.decryptor()
- >>> decryptor.add_data(b"authenticated but not encrypted payload")
+ >>> decryptor.authenticate_additional_data(b"authenticated but not encrypted payload")
>>> decryptor.update(ct) + decryptor.finalize()
'a secret message'
diff --git a/tests/hazmat/primitives/utils.py b/tests/hazmat/primitives/utils.py
index 39f5ae8..b6f9e0f 100644
--- a/tests/hazmat/primitives/utils.py
+++ b/tests/hazmat/primitives/utils.py
@@ -93,7 +93,7 @@
backend
)
decryptor = cipher.decryptor()
- decryptor.add_data(binascii.unhexlify(aad))
+ decryptor.authenticate_additional_data(binascii.unhexlify(aad))
actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext))
with pytest.raises(InvalidTag):
decryptor.finalize()
@@ -104,7 +104,7 @@
backend
)
encryptor = cipher.encryptor()
- encryptor.add_data(binascii.unhexlify(aad))
+ encryptor.authenticate_additional_data(binascii.unhexlify(aad))
actual_ciphertext = encryptor.update(binascii.unhexlify(plaintext))
actual_ciphertext += encryptor.finalize()
tag_len = len(params["tag"])
@@ -116,7 +116,7 @@
backend
)
decryptor = cipher.decryptor()
- decryptor.add_data(binascii.unhexlify(aad))
+ decryptor.authenticate_additional_data(binascii.unhexlify(aad))
actual_plaintext = decryptor.update(binascii.unhexlify(ciphertext))
actual_plaintext += decryptor.finalize()
assert actual_plaintext == binascii.unhexlify(plaintext)
@@ -336,10 +336,10 @@
with pytest.raises(NotYetFinalized):
encryptor.tag
with pytest.raises(AlreadyUpdated):
- encryptor.add_data(b"b" * 16)
+ encryptor.authenticate_additional_data(b"b" * 16)
encryptor.finalize()
with pytest.raises(AlreadyFinalized):
- encryptor.add_data(b"b" * 16)
+ encryptor.authenticate_additional_data(b"b" * 16)
with pytest.raises(AlreadyFinalized):
encryptor.update(b"b" * 16)
with pytest.raises(AlreadyFinalized):