Merge pull request #1658 from reaperhulk/move-hash-interfaces

Move hash interfaces

CHANGELOG.rst

@@ -10,6 +10,10 @@ Changelog
   now load elliptic curve public keys.
 * Added
   :func:`~cryptography.hazmat.primitives.asymmetric.rsa.rsa_recover_prime_factors`
+* :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` and
+  :class:`~cryptography.hazmat.primitives.hashes.HashContext` were moved from
+  :mod:`~cryptography.hazmat.primitives.interfaces` to
+  :mod:`~cryptography.hazmat.primitives.hashes`.
 * :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParameters`,
   :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAParametersWithNumbers`,
   :class:`~cryptography.hazmat.primitives.asymmetric.dsa.DSAPrivateKey`,

docs/hazmat/backends/interfaces.rst

@@ -91,7 +91,7 @@ A specific ``backend`` may provide one or more of these interfaces.
         Check if the specified ``algorithm`` is supported by this backend.
 
         :param algorithm: An instance of a
-            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
             provider.
 
         :returns: ``True`` if the specified ``algorithm`` is supported by this
@@ -101,15 +101,15 @@ A specific ``backend`` may provide one or more of these interfaces.
     .. method:: create_hash_ctx(algorithm)
 
         Create a
-        :class:`~cryptography.hazmat.primitives.interfaces.HashContext` that
+        :class:`~cryptography.hazmat.primitives.hashes.HashContext` that
         uses the specified ``algorithm`` to calculate a message digest.
 
         :param algorithm: An instance of a
-            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
             provider.
 
         :returns:
-            :class:`~cryptography.hazmat.primitives.interfaces.HashContext`
+            :class:`~cryptography.hazmat.primitives.hashes.HashContext`
 
 
 .. class:: HMACBackend
@@ -127,7 +127,7 @@ A specific ``backend`` may provide one or more of these interfaces.
         Check if the specified ``algorithm`` is supported by this backend.
 
         :param algorithm: An instance of a
-            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
             provider.
 
         :returns: ``True`` if the specified ``algorithm`` is supported for HMAC
@@ -136,16 +136,16 @@ A specific ``backend`` may provide one or more of these interfaces.
     .. method:: create_hmac_ctx(algorithm)
 
         Create a
-        :class:`~cryptography.hazmat.primitives.interfaces.HashContext` that
+        :class:`~cryptography.hazmat.primitives.hashes.HashContext` that
         uses the specified ``algorithm`` to calculate a hash-based message
         authentication code.
 
         :param algorithm: An instance of a
-            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
             provider.
 
         :returns:
-            :class:`~cryptography.hazmat.primitives.interfaces.HashContext`
+            :class:`~cryptography.hazmat.primitives.hashes.HashContext`
 
 
 .. class:: CMACBackend
@@ -191,7 +191,7 @@ A specific ``backend`` may provide one or more of these interfaces.
         Check if the specified ``algorithm`` is supported by this backend.
 
         :param algorithm: An instance of a
-            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
             provider.
 
         :returns: ``True`` if the specified ``algorithm`` is supported for
@@ -200,7 +200,7 @@ A specific ``backend`` may provide one or more of these interfaces.
     .. method:: derive_pbkdf2_hmac(self, algorithm, length, salt, iterations, key_material)
 
         :param algorithm: An instance of a
-            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
             provider.
 
         :param int length: The desired length of the derived key. Maximum is
@@ -343,7 +343,7 @@ A specific ``backend`` may provide one or more of these interfaces.
     .. method:: dsa_hash_supported(algorithm)
 
         :param algorithm: An instance of a
-            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
             provider.
 
         :returns: ``True`` if the specified ``algorithm`` is supported by this

docs/hazmat/primitives/asymmetric/dsa.rst

@@ -267,7 +267,7 @@ Key interfaces
         :rfc:`6979`.
 
         :param algorithm: An instance of a
-            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
             provider.
 
         :param backend: A
@@ -330,7 +330,7 @@ Key interfaces
             specified in :rfc:`6979`.
 
         :param algorithm: An instance of a
-            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
             provider.
 
         :param backend: A

docs/hazmat/primitives/asymmetric/ec.rst

@@ -32,7 +32,7 @@ Elliptic Curve Signature Algorithms
     `FIPS 186-3`_, and later in `FIPS 186-4`_.
 
     :param algorithm: An instance of a
-        :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
         provider.
 
     .. doctest::
@@ -282,7 +282,7 @@ Key Interfaces
 
     .. attribute:: algorithm
 
-        :type: :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+        :type: :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
 
         The digest algorithm to be used with the signature scheme.
 

docs/hazmat/primitives/asymmetric/rsa.rst

@@ -252,7 +252,7 @@ Mask generation functions
     in :class:`PSS` padding. It takes a hash algorithm and a salt length.
 
     :param algorithm: An instance of a
-        :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
         provider.
 
 Numbers
@@ -429,7 +429,7 @@ Key interfaces
             provider.
 
         :param algorithm: An instance of a
-            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
             provider.
 
         :returns:
@@ -499,7 +499,7 @@ Key interfaces
             provider.
 
         :param algorithm: An instance of a
-            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
             provider.
 
         :returns:

docs/hazmat/primitives/cryptographic-hashes.rst

@@ -12,9 +12,9 @@ Message digests
     results (with a high probability) in different digests.
 
     This is an implementation of
-    :class:`~cryptography.hazmat.primitives.interfaces.HashContext` meant to
+    :class:`~cryptography.hazmat.primitives.hashes.HashContext` meant to
     be used with
-    :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+    :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
     implementations to provide an incremental interface to calculating
     various message digests.
 
@@ -39,7 +39,7 @@ Message digests
     `Lifetimes of cryptographic hash functions`_.
 
     :param algorithm: A
-        :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
         provider such as those described in
         :ref:`below <cryptographic-hash-algorithms>`.
     :param backend: A
@@ -146,4 +146,48 @@ MD5
     message digest and has practical known collision attacks.
 
 
+Interfaces
+~~~~~~~~~~
+
+.. class:: HashAlgorithm
+
+    .. attribute:: name
+
+        :type: str
+
+        The standard name for the hash algorithm, for example: ``"sha256"`` or
+        ``"whirlpool"``.
+
+    .. attribute:: digest_size
+
+        :type: int
+
+        The size of the resulting digest in bytes.
+
+    .. attribute:: block_size
+
+        :type: int
+
+        The internal block size of the hash algorithm in bytes.
+
+
+.. class:: HashContext
+
+    .. attribute:: algorithm
+
+        A :class:`HashAlgorithm` that will be used by this context.
+
+    .. method:: update(data)
+
+        :param bytes data: The data you want to hash.
+
+    .. method:: finalize()
+
+        :return: The final digest as bytes.
+
+    .. method:: copy()
+
+        :return: A :class:`HashContext` that is a copy of the current context.
+
+
 .. _`Lifetimes of cryptographic hash functions`: http://valerieaurora.org/hash.html

docs/hazmat/primitives/interfaces.rst

@@ -160,52 +160,6 @@ In 0.8 the EC key interfaces were moved to the
 :mod:`cryptography.hazmat.primitives.asymmetric.ec` module.
 
 
-Hash algorithms
----------------
-
-.. class:: HashAlgorithm
-
-    .. attribute:: name
-
-        :type: str
-
-        The standard name for the hash algorithm, for example: ``"sha256"`` or
-        ``"whirlpool"``.
-
-    .. attribute:: digest_size
-
-        :type: int
-
-        The size of the resulting digest in bytes.
-
-    .. attribute:: block_size
-
-        :type: int
-
-        The internal block size of the hash algorithm in bytes.
-
-
-.. class:: HashContext
-
-    .. attribute:: algorithm
-
-        A :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` that
-        will be used by this context.
-
-    .. method:: update(data)
-
-        :param bytes data: The data you want to hash.
-
-    .. method:: finalize()
-
-        :return: The final digest as bytes.
-
-    .. method:: copy()
-
-        :return: A :class:`~cryptography.hazmat.primitives.interfaces.HashContext`
-             that is a copy of the current context.
-
-
 Key derivation functions
 ------------------------
 

docs/hazmat/primitives/key-derivation-functions.rst

@@ -69,7 +69,7 @@ Different KDFs are suitable for different tasks such as:
         >>> kdf.verify(b"my great password", key)
 
     :param algorithm: An instance of a
-        :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
         provider.
     :param int length: The desired length of the derived key. Maximum is
         (2\ :sup:`32` - 1) * ``algorithm.digest_size``.
@@ -169,7 +169,7 @@ Different KDFs are suitable for different tasks such as:
         >>> hkdf.verify(b"input key", key)
 
     :param algorithm: An instance of a
-        :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
         provider.
 
     :param int length: The desired length of the derived key. Maximum is
@@ -270,7 +270,7 @@ Different KDFs are suitable for different tasks such as:
         >>> hkdf.verify(key_material, key)
 
     :param algorithm: An instance of a
-        :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
         provider.
 
     :param int length: The desired length of the derived key. Maximum is

docs/hazmat/primitives/mac/hmac.rst

@@ -18,7 +18,7 @@ of a message.
 .. class:: HMAC(key, algorithm, backend)
 
     HMAC objects take a ``key`` and a
-    :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` provider.
+    :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` provider.
     The ``key`` should be :doc:`randomly generated bytes </random-numbers>` and
     is recommended to be equal in length to the ``digest_size`` of the hash
     function chosen. You must keep the ``key`` secret.
@@ -39,7 +39,7 @@ of a message.
     raised.
 
     If ``algorithm`` isn't a
-    :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm` provider
+    :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm` provider
     then ``TypeError`` will be raised.
 
     To check that a given signature is correct use the :meth:`verify` method.
@@ -56,7 +56,7 @@ of a message.
 
     :param bytes key: Secret key as ``bytes``.
     :param algorithm: An
-        :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+        :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
         provider such as those described in
         :ref:`Cryptographic Hashes <cryptographic-hash-algorithms>`.
     :param backend: An

docs/x509.rst

@@ -103,7 +103,7 @@ X.509 Certificate Object
     .. method:: fingerprint(algorithm)
 
         :param algorithm: The
-            :class:`~cryptography.hazmat.primitives.interfaces.HashAlgorithm`
+            :class:`~cryptography.hazmat.primitives.hashes.HashAlgorithm`
             that will be used to generate the fingerprint.
 
         :return bytes: The fingerprint using the supplied hash algorithm as

src/cryptography/hazmat/backends/commoncrypto/hashes.py

@@ -6,10 +6,10 @@
 
 from cryptography import utils
 from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
-from cryptography.hazmat.primitives import interfaces
+from cryptography.hazmat.primitives import hashes
 
 
-@utils.register_interface(interfaces.HashContext)
+@utils.register_interface(hashes.HashContext)
 class _HashContext(object):
     def __init__(self, backend, algorithm, ctx=None):
         self._algorithm = algorithm

src/cryptography/hazmat/backends/commoncrypto/hmac.py

@@ -8,11 +8,11 @@
 from cryptography.exceptions import (
     InvalidSignature, UnsupportedAlgorithm, _Reasons
 )
-from cryptography.hazmat.primitives import constant_time, interfaces
+from cryptography.hazmat.primitives import constant_time, hashes, interfaces
 
 
 @utils.register_interface(interfaces.MACContext)
-@utils.register_interface(interfaces.HashContext)
+@utils.register_interface(hashes.HashContext)
 class _HMACContext(object):
     def __init__(self, backend, key, algorithm, ctx=None):
         self._algorithm = algorithm

src/cryptography/hazmat/backends/openssl/hashes.py

@@ -7,10 +7,10 @@
 
 from cryptography import utils
 from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
-from cryptography.hazmat.primitives import interfaces
+from cryptography.hazmat.primitives import hashes
 
 
-@utils.register_interface(interfaces.HashContext)
+@utils.register_interface(hashes.HashContext)
 class _HashContext(object):
     def __init__(self, backend, algorithm, ctx=None):
         self._algorithm = algorithm

src/cryptography/hazmat/backends/openssl/hmac.py

@@ -9,11 +9,11 @@
 from cryptography.exceptions import (
     InvalidSignature, UnsupportedAlgorithm, _Reasons
 )
-from cryptography.hazmat.primitives import constant_time, interfaces
+from cryptography.hazmat.primitives import constant_time, hashes, interfaces
 
 
 @utils.register_interface(interfaces.MACContext)
-@utils.register_interface(interfaces.HashContext)
+@utils.register_interface(hashes.HashContext)
 class _HMACContext(object):
     def __init__(self, backend, key, algorithm, ctx=None):
         self._algorithm = algorithm