Add _Reasons.UNSUPPORTED_MGF
diff --git a/cryptography/exceptions.py b/cryptography/exceptions.py
index 4b4d4c3..d2782be 100644
--- a/cryptography/exceptions.py
+++ b/cryptography/exceptions.py
@@ -19,6 +19,7 @@
UNSUPPORTED_HASH = object()
UNSUPPORTED_CIPHER = object()
UNSUPPORTED_PADDING = object()
+ UNSUPPORTED_MGF = object()
class UnsupportedAlgorithm(Exception):
diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py
index 753717d..3293741 100644
--- a/cryptography/hazmat/backends/openssl/backend.py
+++ b/cryptography/hazmat/backends/openssl/backend.py
@@ -731,7 +731,8 @@
elif isinstance(padding, PSS):
if not isinstance(padding._mgf, MGF1):
raise UnsupportedAlgorithm(
- "Only MGF1 is supported by this backend"
+ "Only MGF1 is supported by this backend",
+ _Reasons.UNSUPPORTED_MGF
)
# Size of key in bytes - 2 is the maximum
@@ -915,7 +916,8 @@
elif isinstance(padding, PSS):
if not isinstance(padding._mgf, MGF1):
raise UnsupportedAlgorithm(
- "Only MGF1 is supported by this backend"
+ "Only MGF1 is supported by this backend",
+ _Reasons.UNSUPPORTED_MGF
)
# Size of key in bytes - 2 is the maximum
diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
index 5d94e79..32f5494 100644
--- a/tests/hazmat/primitives/test_rsa.py
+++ b/tests/hazmat/primitives/test_rsa.py
@@ -630,7 +630,7 @@
key_size=512,
backend=backend
)
- with pytest.raises(UnsupportedAlgorithm):
+ with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_MGF):
private_key.signer(padding.PSS(mgf=DummyMGF()), hashes.SHA1(),
backend)
@@ -881,7 +881,7 @@
backend=backend
)
public_key = private_key.public_key()
- with pytest.raises(UnsupportedAlgorithm):
+ with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_MGF):
public_key.verifier(b"sig", padding.PSS(mgf=DummyMGF()),
hashes.SHA1(), backend)