Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / 8a312c2ccc99351f1a05dc607a574669944ea4cd^2..8a312c2ccc99351f1a05dc607a574669944ea4cd / .
commit8a312c2ccc99351f1a05dc607a574669944ea4cd[log] [tgz]
authorAlex Stapleton <alexs@prol.etari.at>Tue Apr 22 16:07:22 2014 +0100
committerAlex Stapleton <alexs@prol.etari.at>Tue Apr 22 16:07:22 2014 +0100
tree57563ee8ee4e3f0ced7f7edfa32755928f2e9fd5
parent9f1ece7cd28d7342e57eb57bd6f611851e1e099f [diff]
parent7ef2f8f6c8cd073ab612de78601a6249dce930f6 [diff]
Merge pull request #952 from reaperhulk/fix-missing-coverage

Fix a bug/coverage miss in the DSA sig vector loader
diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py
index 7d73c41..4c487e4 100644
--- a/cryptography/hazmat/backends/openssl/backend.py
+++ b/cryptography/hazmat/backends/openssl/backend.py

@@ -1255,7 +1255,8 @@
 class _CMACContext(object):
     def __init__(self, backend, algorithm, ctx=None):
         if not backend.cmac_algorithm_supported(algorithm):
-            raise UnsupportedAlgorithm("This backend does not support CMAC")
+            raise UnsupportedAlgorithm("This backend does not support CMAC",
+                                       _Reasons.UNSUPPORTED_CIPHER)
 
         self._backend = backend
         self._key = algorithm.key
@@ -1264,20 +1265,9 @@
 
         if ctx is None:
             registry = self._backend._cipher_registry
-            try:
-                adapter = registry[type(algorithm), CBC]
-            except KeyError:
-                raise UnsupportedAlgorithm(
-                    "cipher {0} is not supported by this backend".format(
-                        algorithm.name), _Reasons.UNSUPPORTED_CIPHER
-                )
+            adapter = registry[type(algorithm), CBC]
 
             evp_cipher = adapter(self._backend, algorithm, CBC)
-            if evp_cipher == self._backend._ffi.NULL:
-                raise UnsupportedAlgorithm(
-                    "cipher {0} is not supported by this backend".format(
-                        algorithm.name), _Reasons.UNSUPPORTED_CIPHER
-                )
 
             ctx = self._backend._lib.CMAC_CTX_new()
 

diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py
index c589506..9853736 100644
--- a/tests/hazmat/backends/test_openssl.py
+++ b/tests/hazmat/backends/test_openssl.py

@@ -23,6 +23,7 @@
 from cryptography.hazmat.primitives.ciphers import Cipher
 from cryptography.hazmat.primitives.ciphers.algorithms import AES
 from cryptography.hazmat.primitives.ciphers.modes import CBC
+from cryptography.hazmat.primitives.interfaces import BlockCipherAlgorithm
 
 from ...utils import raises_unsupported_algorithm
 
@@ -291,3 +292,18 @@
 
     def test_unsupported_mgf1_hash_algorithm(self):
         assert backend.mgf1_hash_supported(DummyHash()) is False
+
+
+@pytest.mark.skipif(
+    backend._lib.OPENSSL_VERSION_NUMBER <= 0x10001000,
+    reason="Requires an OpenSSL version >= 1.0.1"
+)
+class TestOpenSSLCMAC(object):
+    def test_unsupported_cipher(self):
+        @utils.register_interface(BlockCipherAlgorithm)
+        class FakeAlgorithm(object):
+            def __init__(self):
+                self.block_size = 64
+
+        with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_CIPHER):
+            backend.create_cmac_ctx(FakeAlgorithm())