Convert stuff
diff --git a/cryptography/hazmat/backends/multibackend.py b/cryptography/hazmat/backends/multibackend.py
index de1fff7..cca82a5 100644
--- a/cryptography/hazmat/backends/multibackend.py
+++ b/cryptography/hazmat/backends/multibackend.py
@@ -14,7 +14,9 @@
from __future__ import absolute_import, division, print_function
from cryptography import utils
-from cryptography.exceptions import UnsupportedAlgorithm
+from cryptography.exceptions import (
+ UnsupportedAlgorithm, UnsupportedCipher, UnsupportedHash
+)
from cryptography.hazmat.backends.interfaces import (
CipherBackend, HashBackend, HMACBackend, PBKDF2HMACBackend, RSABackend
)
@@ -46,17 +48,17 @@
for b in self._filtered_backends(CipherBackend):
try:
return b.create_symmetric_encryption_ctx(algorithm, mode)
- except UnsupportedAlgorithm:
+ except UnsupportedCipher:
pass
- raise UnsupportedAlgorithm
+ raise UnsupportedCipher
def create_symmetric_decryption_ctx(self, algorithm, mode):
for b in self._filtered_backends(CipherBackend):
try:
return b.create_symmetric_decryption_ctx(algorithm, mode)
- except UnsupportedAlgorithm:
+ except UnsupportedCipher:
pass
- raise UnsupportedAlgorithm
+ raise UnsupportedCipher
def hash_supported(self, algorithm):
return any(
@@ -68,9 +70,9 @@
for b in self._filtered_backends(HashBackend):
try:
return b.create_hash_ctx(algorithm)
- except UnsupportedAlgorithm:
+ except UnsupportedHash:
pass
- raise UnsupportedAlgorithm
+ raise UnsupportedHash
def hmac_supported(self, algorithm):
return any(
@@ -82,9 +84,9 @@
for b in self._filtered_backends(HMACBackend):
try:
return b.create_hmac_ctx(key, algorithm)
- except UnsupportedAlgorithm:
+ except UnsupportedHash:
pass
- raise UnsupportedAlgorithm
+ raise UnsupportedHash
def pbkdf2_hmac_supported(self, algorithm):
return any(
@@ -99,9 +101,9 @@
return b.derive_pbkdf2_hmac(
algorithm, length, salt, iterations, key_material
)
- except UnsupportedAlgorithm:
+ except UnsupportedHash:
pass
- raise UnsupportedAlgorithm
+ raise UnsupportedHash
def generate_rsa_private_key(self, public_exponent, key_size):
for b in self._filtered_backends(RSABackend):
diff --git a/cryptography/hazmat/primitives/kdf/pbkdf2.py b/cryptography/hazmat/primitives/kdf/pbkdf2.py
index 71b8821..3942778 100644
--- a/cryptography/hazmat/primitives/kdf/pbkdf2.py
+++ b/cryptography/hazmat/primitives/kdf/pbkdf2.py
@@ -17,7 +17,7 @@
from cryptography import utils
from cryptography.exceptions import (
- InvalidKey, UnsupportedAlgorithm, AlreadyFinalized
+ InvalidKey, UnsupportedHash, AlreadyFinalized
)
from cryptography.hazmat.primitives import constant_time, interfaces
@@ -26,7 +26,7 @@
class PBKDF2HMAC(object):
def __init__(self, algorithm, length, salt, iterations, backend):
if not backend.pbkdf2_hmac_supported(algorithm):
- raise UnsupportedAlgorithm(
+ raise UnsupportedHash(
"{0} is not supported for PBKDF2 by this backend".format(
algorithm.name)
)
diff --git a/docs/exceptions.rst b/docs/exceptions.rst
index 7f9ae34..48c4bca 100644
--- a/docs/exceptions.rst
+++ b/docs/exceptions.rst
@@ -25,11 +25,24 @@
This is raised when additional data is added to a context after update
has already been called.
+.. class:: UnsupportedCipher
-.. class:: UnsupportedAlgorithm
+ .. versionadded:: 0.3
- This is raised when a backend doesn't support the requested algorithm (or
- combination of algorithms).
+ This is raised when a backend doesn't support the requested cipher
+ algorithm and mode combination.
+
+.. class:: UnsupportedHash
+
+ .. versionadded:: 0.3
+
+ This is raised when a backend doesn't support the requested hash algorithm.
+
+.. class:: UnsupportedPadding
+
+ .. versionadded:: 0.3
+
+ This is raised when the requested padding is not supported by the backend.
.. class:: InvalidKey
@@ -43,7 +56,3 @@
This is raised when the verify method of a one time password function's
computed token does not match the expected token.
-
-.. class:: UnsupportedPadding
-
- This is raised when the chosen padding is not supported by the backend.
diff --git a/docs/faq.rst b/docs/faq.rst
index cbbb74a..4bce417 100644
--- a/docs/faq.rst
+++ b/docs/faq.rst
@@ -14,5 +14,7 @@
If you prefer NaCl's design, we highly recommend `PyNaCl`_.
+Also, we have a version control system.
+
.. _`NaCl`: http://nacl.cr.yp.to/
.. _`PyNaCl`: https://pynacl.readthedocs.org
diff --git a/docs/hazmat/backends/interfaces.rst b/docs/hazmat/backends/interfaces.rst
index af19fbc..a7a9661 100644
--- a/docs/hazmat/backends/interfaces.rst
+++ b/docs/hazmat/backends/interfaces.rst
@@ -258,7 +258,7 @@
style key serialization.
.. method:: load_openssl_pem_private_key(data, password)
-
+
:param bytes data: PEM data to deserialize.
:param bytes password: The password to use if this data is encrypted.
diff --git a/docs/hazmat/primitives/cryptographic-hashes.rst b/docs/hazmat/primitives/cryptographic-hashes.rst
index 6c56aca..86b8585 100644
--- a/docs/hazmat/primitives/cryptographic-hashes.rst
+++ b/docs/hazmat/primitives/cryptographic-hashes.rst
@@ -29,7 +29,7 @@
'l\xa1=R\xcap\xc8\x83\xe0\xf0\xbb\x10\x1eBZ\x89\xe8bM\xe5\x1d\xb2\xd29%\x93\xafj\x84\x11\x80\x90'
If the backend doesn't support the requested ``algorithm`` an
- :class:`~cryptography.exceptions.UnsupportedAlgorithm` will be raised.
+ :class:`~cryptography.exceptions.UnsupportedHash` will be raised.
Keep in mind that attacks against cryptographic hashes only get stronger
with time, and that often algorithms that were once thought to be strong,
diff --git a/docs/hazmat/primitives/hmac.rst b/docs/hazmat/primitives/hmac.rst
index 0118be7..1a2838f 100644
--- a/docs/hazmat/primitives/hmac.rst
+++ b/docs/hazmat/primitives/hmac.rst
@@ -35,7 +35,7 @@
'#F\xdaI\x8b"e\xc4\xf1\xbb\x9a\x8fc\xff\xf5\xdex.\xbc\xcd/+\x8a\x86\x1d\x84\'\xc3\xa6\x1d\xd8J'
If the backend doesn't support the requested ``algorithm`` an
- :class:`~cryptography.exceptions.UnsupportedAlgorithm` will be raised.
+ :class:`~cryptography.exceptions.UnsupportedHash` will be raised.
To check that a given signature is correct use the :meth:`verify` method.
You will receive an exception if the signature is wrong:
diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst
index 2306c5b..2bc25c5 100644
--- a/docs/hazmat/primitives/symmetric-encryption.rst
+++ b/docs/hazmat/primitives/symmetric-encryption.rst
@@ -61,7 +61,7 @@
provider.
If the backend doesn't support the requested combination of ``cipher``
- and ``mode`` an :class:`~cryptography.exceptions.UnsupportedAlgorithm`
+ and ``mode`` an :class:`~cryptography.exceptions.UnsupportedCipher`
will be raised.
.. method:: decryptor()
@@ -71,7 +71,7 @@
provider.
If the backend doesn't support the requested combination of ``cipher``
- and ``mode`` an :class:`cryptography.exceptions.UnsupportedAlgorithm`
+ and ``mode`` an :class:`cryptography.exceptions.UnsupportedCipher`
will be raised.
.. _symmetric-encryption-algorithms:
diff --git a/tests/hazmat/backends/test_commoncrypto.py b/tests/hazmat/backends/test_commoncrypto.py
index 7cc0f72..7feb0c7 100644
--- a/tests/hazmat/backends/test_commoncrypto.py
+++ b/tests/hazmat/backends/test_commoncrypto.py
@@ -14,7 +14,7 @@
import pytest
from cryptography import utils
-from cryptography.exceptions import UnsupportedAlgorithm, InternalError
+from cryptography.exceptions import UnsupportedCipher, InternalError
from cryptography.hazmat.bindings.commoncrypto.binding import Binding
from cryptography.hazmat.primitives import interfaces
from cryptography.hazmat.primitives.ciphers.algorithms import AES
@@ -61,5 +61,5 @@
cipher = Cipher(
DummyCipher(), GCM(b"fake_iv_here"), backend=b,
)
- with pytest.raises(UnsupportedAlgorithm):
+ with pytest.raises(UnsupportedCipher):
cipher.encryptor()
diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py
index 6316818..87ef044 100644
--- a/tests/hazmat/backends/test_multibackend.py
+++ b/tests/hazmat/backends/test_multibackend.py
@@ -14,7 +14,9 @@
import pytest
from cryptography import utils
-from cryptography.exceptions import UnsupportedAlgorithm
+from cryptography.exceptions import (
+ UnsupportedAlgorithm, UnsupportedCipher, UnsupportedHash
+)
from cryptography.hazmat.backends.interfaces import (
CipherBackend, HashBackend, HMACBackend, PBKDF2HMACBackend, RSABackend
)
@@ -34,11 +36,11 @@
def create_symmetric_encryption_ctx(self, algorithm, mode):
if not self.cipher_supported(algorithm, mode):
- raise UnsupportedAlgorithm
+ raise UnsupportedCipher
def create_symmetric_decryption_ctx(self, algorithm, mode):
if not self.cipher_supported(algorithm, mode):
- raise UnsupportedAlgorithm
+ raise UnsupportedCipher
@utils.register_interface(HashBackend)
@@ -51,7 +53,7 @@
def create_hash_ctx(self, algorithm):
if not self.hash_supported(algorithm):
- raise UnsupportedAlgorithm
+ raise UnsupportedHash
@utils.register_interface(HMACBackend)
@@ -64,7 +66,7 @@
def create_hmac_ctx(self, key, algorithm):
if not self.hmac_supported(algorithm):
- raise UnsupportedAlgorithm
+ raise UnsupportedHash
@utils.register_interface(PBKDF2HMACBackend)
@@ -78,7 +80,7 @@
def derive_pbkdf2_hmac(self, algorithm, length, salt, iterations,
key_material):
if not self.pbkdf2_hmac_supported(algorithm):
- raise UnsupportedAlgorithm
+ raise UnsupportedHash
@utils.register_interface(RSABackend)
@@ -119,9 +121,9 @@
modes.CBC(b"\x00" * 16),
backend=backend
)
- with pytest.raises(UnsupportedAlgorithm):
+ with pytest.raises(UnsupportedCipher):
cipher.encryptor()
- with pytest.raises(UnsupportedAlgorithm):
+ with pytest.raises(UnsupportedCipher):
cipher.decryptor()
def test_hashes(self):
@@ -132,7 +134,7 @@
hashes.Hash(hashes.MD5(), backend=backend)
- with pytest.raises(UnsupportedAlgorithm):
+ with pytest.raises(UnsupportedHash):
hashes.Hash(hashes.SHA1(), backend=backend)
def test_hmac(self):
@@ -143,7 +145,7 @@
hmac.HMAC(b"", hashes.MD5(), backend=backend)
- with pytest.raises(UnsupportedAlgorithm):
+ with pytest.raises(UnsupportedHash):
hmac.HMAC(b"", hashes.SHA1(), backend=backend)
def test_pbkdf2(self):
@@ -154,7 +156,7 @@
backend.derive_pbkdf2_hmac(hashes.MD5(), 10, b"", 10, b"")
- with pytest.raises(UnsupportedAlgorithm):
+ with pytest.raises(UnsupportedHash):
backend.derive_pbkdf2_hmac(hashes.SHA1(), 10, b"", 10, b"")
def test_rsa(self):
diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py
index 42c1b39..c679218 100644
--- a/tests/hazmat/backends/test_openssl.py
+++ b/tests/hazmat/backends/test_openssl.py
@@ -14,7 +14,9 @@
import pytest
from cryptography import utils
-from cryptography.exceptions import UnsupportedAlgorithm, InternalError
+from cryptography.exceptions import (
+ UnsupportedCipher, UnsupportedHash, InternalError
+)
from cryptography.hazmat.backends.openssl.backend import backend, Backend
from cryptography.hazmat.primitives import interfaces, hashes
from cryptography.hazmat.primitives.ciphers import Cipher
@@ -68,7 +70,7 @@
cipher = Cipher(
DummyCipher(), mode, backend=b,
)
- with pytest.raises(UnsupportedAlgorithm):
+ with pytest.raises(UnsupportedCipher):
cipher.encryptor()
def test_consume_errors(self):
@@ -130,7 +132,7 @@
def test_derive_pbkdf2_raises_unsupported_on_old_openssl(self):
if backend.pbkdf2_hmac_supported(hashes.SHA256()):
pytest.skip("Requires an older OpenSSL")
- with pytest.raises(UnsupportedAlgorithm):
+ with pytest.raises(UnsupportedHash):
backend.derive_pbkdf2_hmac(hashes.SHA256(), 10, b"", 1000, b"")
# This test is not in the next class because to check if it's really
diff --git a/tests/hazmat/primitives/test_block.py b/tests/hazmat/primitives/test_block.py
index f758ffa..8ff00fd 100644
--- a/tests/hazmat/primitives/test_block.py
+++ b/tests/hazmat/primitives/test_block.py
@@ -18,9 +18,7 @@
import pytest
from cryptography import utils
-from cryptography.exceptions import (
- UnsupportedAlgorithm, AlreadyFinalized,
-)
+from cryptography.exceptions import UnsupportedCipher, AlreadyFinalized
from cryptography.hazmat.primitives import interfaces
from cryptography.hazmat.primitives.ciphers import (
Cipher, algorithms, modes
@@ -116,10 +114,10 @@
cipher = Cipher(
DummyCipher(), mode, backend
)
- with pytest.raises(UnsupportedAlgorithm):
+ with pytest.raises(UnsupportedCipher):
cipher.encryptor()
- with pytest.raises(UnsupportedAlgorithm):
+ with pytest.raises(UnsupportedCipher):
cipher.decryptor()
def test_incorrectly_padded(self, backend):
diff --git a/tests/hazmat/primitives/test_hashes.py b/tests/hazmat/primitives/test_hashes.py
index 9ca2fee..fc53d63 100644
--- a/tests/hazmat/primitives/test_hashes.py
+++ b/tests/hazmat/primitives/test_hashes.py
@@ -20,7 +20,7 @@
import six
from cryptography import utils
-from cryptography.exceptions import AlreadyFinalized, UnsupportedAlgorithm
+from cryptography.exceptions import AlreadyFinalized, UnsupportedHash
from cryptography.hazmat.primitives import hashes, interfaces
from .utils import generate_base_hash_test
@@ -65,7 +65,7 @@
h.finalize()
def test_unsupported_hash(self, backend):
- with pytest.raises(UnsupportedAlgorithm):
+ with pytest.raises(UnsupportedHash):
hashes.Hash(UnsupportedDummyHash(), backend)
diff --git a/tests/hazmat/primitives/test_hmac.py b/tests/hazmat/primitives/test_hmac.py
index dd9cdaa..88bed52 100644
--- a/tests/hazmat/primitives/test_hmac.py
+++ b/tests/hazmat/primitives/test_hmac.py
@@ -21,7 +21,7 @@
from cryptography import utils
from cryptography.exceptions import (
- AlreadyFinalized, UnsupportedAlgorithm, InvalidSignature
+ AlreadyFinalized, UnsupportedHash, InvalidSignature
)
from cryptography.hazmat.primitives import hashes, hmac, interfaces
@@ -102,5 +102,5 @@
h.verify(six.u(''))
def test_unsupported_hash(self, backend):
- with pytest.raises(UnsupportedAlgorithm):
+ with pytest.raises(UnsupportedHash):
hmac.HMAC(b"key", UnsupportedDummyHash(), backend)
diff --git a/tests/hazmat/primitives/test_pbkdf2hmac.py b/tests/hazmat/primitives/test_pbkdf2hmac.py
index 6ad225a..f895935 100644
--- a/tests/hazmat/primitives/test_pbkdf2hmac.py
+++ b/tests/hazmat/primitives/test_pbkdf2hmac.py
@@ -18,7 +18,7 @@
from cryptography import utils
from cryptography.exceptions import (
- InvalidKey, UnsupportedAlgorithm, AlreadyFinalized
+ InvalidKey, UnsupportedHash, AlreadyFinalized
)
from cryptography.hazmat.primitives import hashes, interfaces
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
@@ -48,7 +48,7 @@
kdf.verify(b"password", key)
def test_unsupported_algorithm(self):
- with pytest.raises(UnsupportedAlgorithm):
+ with pytest.raises(UnsupportedHash):
PBKDF2HMAC(DummyHash(), 20, b"salt", 10, default_backend())
def test_invalid_key(self):