add PKCS8SerializationBackend support to MultiBackend
diff --git a/cryptography/exceptions.py b/cryptography/exceptions.py
index c64b67f..3ccfaf5 100644
--- a/cryptography/exceptions.py
+++ b/cryptography/exceptions.py
@@ -22,6 +22,7 @@
UNSUPPORTED_MGF = object()
UNSUPPORTED_PUBLIC_KEY_ALGORITHM = object()
UNSUPPORTED_ELLIPTIC_CURVE = object()
+ UNSUPPORTED_KEY_FORMAT = object()
class UnsupportedAlgorithm(Exception):
diff --git a/cryptography/hazmat/backends/multibackend.py b/cryptography/hazmat/backends/multibackend.py
index 800c350..c06d243 100644
--- a/cryptography/hazmat/backends/multibackend.py
+++ b/cryptography/hazmat/backends/multibackend.py
@@ -17,7 +17,7 @@
from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
from cryptography.hazmat.backends.interfaces import (
CMACBackend, CipherBackend, DSABackend, EllipticCurveBackend, HMACBackend,
- HashBackend, PBKDF2HMACBackend, RSABackend
+ HashBackend, PBKDF2HMACBackend, PKCS8SerializationBackend, RSABackend
)
@@ -26,6 +26,7 @@
@utils.register_interface(HashBackend)
@utils.register_interface(HMACBackend)
@utils.register_interface(PBKDF2HMACBackend)
+@utils.register_interface(PKCS8SerializationBackend)
@utils.register_interface(RSABackend)
@utils.register_interface(DSABackend)
@utils.register_interface(EllipticCurveBackend)
@@ -302,3 +303,15 @@
"This backend does not support this elliptic curve.",
_Reasons.UNSUPPORTED_ELLIPTIC_CURVE
)
+
+ def load_pkcs8_pem_private_key(self, data, password):
+ for b in self._filtered_backends(PKCS8SerializationBackend):
+ try:
+ return b.load_pkcs8_pem_private_key(data, password)
+ except UnsupportedAlgorithm:
+ continue
+
+ raise UnsupportedAlgorithm(
+ "This backend does not support this key format.",
+ _Reasons.UNSUPPORTED_KEY_FORMAT
+ )
diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py
index a68fe56..1979563 100644
--- a/tests/hazmat/backends/test_multibackend.py
+++ b/tests/hazmat/backends/test_multibackend.py
@@ -19,7 +19,7 @@
)
from cryptography.hazmat.backends.interfaces import (
CMACBackend, CipherBackend, DSABackend, EllipticCurveBackend, HMACBackend,
- HashBackend, PBKDF2HMACBackend, RSABackend
+ HashBackend, PBKDF2HMACBackend, PKCS8SerializationBackend, RSABackend
)
from cryptography.hazmat.backends.multibackend import MultiBackend
from cryptography.hazmat.primitives import cmac, hashes, hmac
@@ -192,6 +192,12 @@
raise UnsupportedAlgorithm(_Reasons.UNSUPPORTED_ELLIPTIC_CURVE)
+@utils.register_interface(PKCS8SerializationBackend)
+class DummyPKCS8SerializationBackend(object):
+ def load_pkcs8_pem_private_key(self, data, password):
+ pass
+
+
class TestMultiBackend(object):
def test_ciphers(self):
backend = MultiBackend([
@@ -471,3 +477,12 @@
ec.SECT163K1()
)
)
+
+ def test_pkcs8_serialization_backend(self):
+ backend = MultiBackend([DummyPKCS8SerializationBackend()])
+
+ backend.load_pkcs8_pem_private_key(b"keydata", None)
+
+ backend = MultiBackend([])
+ with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_KEY_FORMAT):
+ backend.load_pkcs8_pem_private_key(b"keydata", None)