Merge pull request #2375 from alex/assert-in-binding
Convert asserts in bindings as well
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index a476b1e..a8f639d 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -42,7 +42,7 @@
_Certificate, _CertificateSigningRequest, _DISTPOINT_TYPE_FULLNAME,
_DISTPOINT_TYPE_RELATIVENAME
)
-from cryptography.hazmat.bindings.openssl.binding import Binding
+from cryptography.hazmat.bindings.openssl import binding
from cryptography.hazmat.primitives import hashes, serialization
from cryptography.hazmat.primitives.asymmetric import dsa, ec, rsa
from cryptography.hazmat.primitives.asymmetric.padding import (
@@ -58,14 +58,6 @@
_MemoryBIO = collections.namedtuple("_MemoryBIO", ["bio", "char_ptr"])
-_OpenSSLError = collections.namedtuple("_OpenSSLError",
- ["code", "lib", "func", "reason"])
-
-
-class UnhandledOpenSSLError(Exception):
- def __init__(self, msg, errors):
- super(UnhandledOpenSSLError, self).__init__(msg)
- self.errors = errors
def _encode_asn1_int(backend, x):
@@ -524,7 +516,7 @@
name = "openssl"
def __init__(self):
- self._binding = Binding()
+ self._binding = binding.Binding()
self._ffi = self._binding.ffi
self._lib = self._binding.lib
@@ -541,14 +533,7 @@
self.activate_osrandom_engine()
def openssl_assert(self, ok):
- if not ok:
- errors = self._consume_errors()
- raise UnhandledOpenSSLError(
- "Unknown OpenSSL error. Please file an issue at https://github"
- ".com/pyca/cryptography/issues with information on how to "
- "reproduce this.",
- errors
- )
+ return binding._openssl_assert(self._lib, ok)
def activate_builtin_random(self):
# Obtain a new structural reference.
@@ -759,18 +744,7 @@
return self._ffi.string(err_buf, 256)[:]
def _consume_errors(self):
- errors = []
- while True:
- code = self._lib.ERR_get_error()
- if code == 0:
- break
-
- lib = self._lib.ERR_GET_LIB(code)
- func = self._lib.ERR_GET_FUNC(code)
- reason = self._lib.ERR_GET_REASON(code)
-
- errors.append(_OpenSSLError(code, lib, func, reason))
- return errors
+ return binding._consume_errors(self._lib)
def _unknown_error(self, error):
return InternalError(
diff --git a/src/cryptography/hazmat/bindings/openssl/binding.py b/src/cryptography/hazmat/bindings/openssl/binding.py
index 50d7f6d..a5635f7 100644
--- a/src/cryptography/hazmat/bindings/openssl/binding.py
+++ b/src/cryptography/hazmat/bindings/openssl/binding.py
@@ -4,6 +4,7 @@
from __future__ import absolute_import, division, print_function
+import collections
import os
import threading
import types
@@ -12,6 +13,42 @@
from cryptography.hazmat.bindings.openssl._conditional import CONDITIONAL_NAMES
+_OpenSSLError = collections.namedtuple("_OpenSSLError",
+ ["code", "lib", "func", "reason"])
+
+
+class UnhandledOpenSSLError(Exception):
+ def __init__(self, msg, errors):
+ super(UnhandledOpenSSLError, self).__init__(msg)
+ self.errors = errors
+
+
+def _consume_errors(lib):
+ errors = []
+ while True:
+ code = lib.ERR_get_error()
+ if code == 0:
+ break
+
+ err_lib = lib.ERR_GET_LIB(code)
+ err_func = lib.ERR_GET_FUNC(code)
+ err_reason = lib.ERR_GET_REASON(code)
+
+ errors.append(_OpenSSLError(code, err_lib, err_func, err_reason))
+ return errors
+
+
+def _openssl_assert(lib, ok):
+ if not ok:
+ errors = _consume_errors(lib)
+ raise UnhandledOpenSSLError(
+ "Unknown OpenSSL error. Please file an issue at https://github.com"
+ "/pyca/cryptography/issues with information on how to reproduce "
+ "this.",
+ errors
+ )
+
+
@ffi.callback("int (*)(unsigned char *, int)", error=-1)
def _osrandom_rand_bytes(buf, size):
signed = ffi.cast("char *", buf)
@@ -64,7 +101,7 @@
@classmethod
def _register_osrandom_engine(cls):
- assert cls.lib.ERR_peek_error() == 0
+ _openssl_assert(cls.lib, cls.lib.ERR_peek_error() == 0)
looked_up_engine = cls.lib.ENGINE_by_id(cls._osrandom_engine_id)
if looked_up_engine != ffi.NULL:
raise RuntimeError("osrandom engine already registered")
@@ -72,19 +109,19 @@
cls.lib.ERR_clear_error()
engine = cls.lib.ENGINE_new()
- assert engine != cls.ffi.NULL
+ _openssl_assert(cls.lib, engine != cls.ffi.NULL)
try:
result = cls.lib.ENGINE_set_id(engine, cls._osrandom_engine_id)
- assert result == 1
+ _openssl_assert(cls.lib, result == 1)
result = cls.lib.ENGINE_set_name(engine, cls._osrandom_engine_name)
- assert result == 1
+ _openssl_assert(cls.lib, result == 1)
result = cls.lib.ENGINE_set_RAND(engine, cls._osrandom_method)
- assert result == 1
+ _openssl_assert(cls.lib, result == 1)
result = cls.lib.ENGINE_add(engine)
- assert result == 1
+ _openssl_assert(cls.lib, result == 1)
finally:
result = cls.lib.ENGINE_free(engine)
- assert result == 1
+ _openssl_assert(cls.lib, result == 1)
@classmethod
def _ensure_ffi_initialized(cls):
diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py
index 5264ba5..abd707c 100644
--- a/tests/hazmat/backends/test_openssl.py
+++ b/tests/hazmat/backends/test_openssl.py
@@ -17,9 +17,10 @@
from cryptography.exceptions import InternalError, _Reasons
from cryptography.hazmat.backends.interfaces import RSABackend
from cryptography.hazmat.backends.openssl.backend import (
- Backend, UnhandledOpenSSLError, backend
+ Backend, backend
)
from cryptography.hazmat.backends.openssl.ec import _sn_to_elliptic_curve
+from cryptography.hazmat.bindings.openssl.binding import UnhandledOpenSSLError
from cryptography.hazmat.primitives import hashes, serialization
from cryptography.hazmat.primitives.asymmetric import dsa, ec, padding
from cryptography.hazmat.primitives.ciphers import (