Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / 4bd9a076a858ea28579fe80252a9e48654d78b90^! / .
commit4bd9a076a858ea28579fe80252a9e48654d78b90[log] [tgz]
authorPaul Kehrer <paul.l.kehrer@gmail.com>Thu Mar 09 09:21:25 2017 -0400
committerAlex Gaynor <alex.gaynor@gmail.com>Thu Mar 09 08:21:25 2017 -0500
tree39527a4494a2274e383ef9412cb94670b1d3decc
parentd5e05f27f03046c671d23f09f84cddb8237df0f8 [diff]
reverts a change to our exceptions (#3429)

Trying to be too specific about why key loading fails is very difficult
when you're using the same logic across DH, EC, RSA, and DSA. This makes
it less fancy.
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index 41b86d6..7c53d86 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py

@@ -1210,23 +1210,6 @@
                 _Reasons.UNSUPPORTED_CIPHER
             )
 
-        elif errors[0][1:] in (
-            (
-                self._lib.ERR_LIB_ASN1,
-                self._lib.ASN1_F_ASN1_CHECK_TLEN,
-                self._lib.ASN1_R_WRONG_TAG
-            ),
-            (
-                self._lib.ERR_LIB_PEM,
-                self._lib.PEM_F_PEM_READ_BIO,
-                self._lib.PEM_R_NO_START_LINE
-            ),
-        ):
-            raise UnsupportedAlgorithm(
-                "Unsupported public key algorithm.",
-                _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
-            )
-
         elif any(
             error[1:] == (
                 self._lib.ERR_LIB_EVP,
@@ -1235,10 +1218,7 @@
             )
             for error in errors
         ):
-            raise UnsupportedAlgorithm(
-                "Unsupported public key algorithm.",
-                _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
-            )
+            raise ValueError("Unsupported public key algorithm.")
 
         else:
             assert errors[0][1] in (

diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py
index f561c79..4feab1e 100644
--- a/tests/hazmat/backends/test_openssl.py
+++ b/tests/hazmat/backends/test_openssl.py

@@ -617,7 +617,7 @@
 
 @pytest.mark.skipif(
     backend._lib.Cryptography_HAS_EVP_PKEY_DHX == 1,
-    reason="Requires OpenSSL without EVP_PKEY_DHX (1.0.2-)")
+    reason="Requires OpenSSL without EVP_PKEY_DHX (< 1.0.2)")
 @pytest.mark.requires_backend_interface(interface=DHBackend)
 class TestOpenSSLDHSerialization(object):
 
@@ -662,8 +662,7 @@
             key_path,
             lambda pemfile: pemfile.read(), mode="rb"
         )
-        with raises_unsupported_algorithm(
-                _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM):
+        with pytest.raises(ValueError):
             loader_func(key_bytes, None, backend)
 
     @pytest.mark.parametrize(
@@ -685,6 +684,5 @@
             key_path,
             lambda pemfile: pemfile.read(), mode="rb"
         )
-        with raises_unsupported_algorithm(
-                _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM):
+        with pytest.raises(ValueError):
             loader_func(key_bytes, backend)

diff --git a/tests/hazmat/primitives/test_serialization.py b/tests/hazmat/primitives/test_serialization.py
index bc16b5f..f4b953e 100644
--- a/tests/hazmat/primitives/test_serialization.py
+++ b/tests/hazmat/primitives/test_serialization.py

@@ -236,12 +236,10 @@
         """).encode()
         bad_der = base64.b64decode(b"".join(key_data.splitlines()))
 
-        with raises_unsupported_algorithm(
-                _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM):
+        with pytest.raises(ValueError):
             load_pem_private_key(bad_der, None, backend)
 
-        with raises_unsupported_algorithm(
-                _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM):
+        with pytest.raises(ValueError):
             load_pem_private_key(
                 bad_der, b"this password will not be used", backend
             )
@@ -577,14 +575,12 @@
     def test_wrong_private_format(self, backend):
         key_data = b"---- NOT A KEY ----\n"
 
-        with raises_unsupported_algorithm(
-                _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM):
+        with pytest.raises(ValueError):
             load_pem_private_key(
                 key_data, None, backend
             )
 
-        with raises_unsupported_algorithm(
-                _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM):
+        with pytest.raises(ValueError):
             load_pem_private_key(
                 key_data, b"this password will not be used", backend
             )
@@ -592,8 +588,7 @@
     def test_wrong_public_format(self, backend):
         key_data = b"---- NOT A KEY ----\n"
 
-        with raises_unsupported_algorithm(
-                _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM):
+        with pytest.raises(ValueError):
             load_pem_public_key(key_data, backend)
 
     def test_corrupt_traditional_format(self, backend):
@@ -725,14 +720,12 @@
 
         password = b"this password is wrong"
 
-        with raises_unsupported_algorithm(
-                _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM):
+        with pytest.raises(ValueError):
             load_pem_private_key(
                 key_data, None, backend
             )
 
-        with raises_unsupported_algorithm(
-                _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM):
+        with pytest.raises(ValueError):
             load_pem_private_key(
                 key_data, password, backend
             )
@@ -852,9 +845,7 @@
         ]
     )
     def test_load_bad_oid_key(self, key_file, password, backend):
-        with raises_unsupported_algorithm(
-            _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
-        ):
+        with pytest.raises(ValueError):
             load_vectors_from_file(
                 os.path.join(
                     "asymmetric", "PKCS8", key_file),