Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / cryptography / e171c5fcf47263d4aee35c555844e4c4d7aec5f0^1..e171c5fcf47263d4aee35c555844e4c4d7aec5f0 / .
commite171c5fcf47263d4aee35c555844e4c4d7aec5f0[log] [tgz]
authorPaul Kehrer <paul.l.kehrer@gmail.com>Sun Mar 16 08:17:39 2014 -0430
committerPaul Kehrer <paul.l.kehrer@gmail.com>Sun Mar 16 08:17:39 2014 -0430
tree10fd0e14053b0b467279dd40e6c722c647bed865
parent1e7ce06edb9179cf2afc66b031767d9246242fad [diff]
parent68855e0611e70486ef1ae93a0936babb3fc80704 [diff]
Merge pull request #807 from Ayrx/add-backend-check-to-rsa

Added backend check to rsa primitives
diff --git a/cryptography/hazmat/primitives/asymmetric/rsa.py b/cryptography/hazmat/primitives/asymmetric/rsa.py
index dfb4334..cbef8e3 100644
--- a/cryptography/hazmat/primitives/asymmetric/rsa.py
+++ b/cryptography/hazmat/primitives/asymmetric/rsa.py

@@ -16,6 +16,8 @@
 import six
 
 from cryptography import utils
+from cryptography.exceptions import UnsupportedInterface
+from cryptography.hazmat.backends.interfaces import RSABackend
 from cryptography.hazmat.primitives import interfaces
 
 
@@ -41,6 +43,10 @@
         self._modulus = modulus
 
     def verifier(self, signature, padding, algorithm, backend):
+        if not isinstance(backend, RSABackend):
+            raise UnsupportedInterface(
+                "Backend object does not implement RSABackend")
+
         return backend.create_rsa_verification_ctx(self, signature, padding,
                                                    algorithm)
 
@@ -128,9 +134,17 @@
 
     @classmethod
     def generate(cls, public_exponent, key_size, backend):
+        if not isinstance(backend, RSABackend):
+            raise UnsupportedInterface(
+                "Backend object does not implement RSABackend")
+
         return backend.generate_rsa_private_key(public_exponent, key_size)
 
     def signer(self, padding, algorithm, backend):
+        if not isinstance(backend, RSABackend):
+            raise UnsupportedInterface(
+                "Backend object does not implement RSABackend")
+
         return backend.create_rsa_signature_ctx(self, padding, algorithm)
 
     @property

diff --git a/docs/hazmat/primitives/asymmetric/rsa.rst b/docs/hazmat/primitives/asymmetric/rsa.rst
index 7943981..03a7cae 100644
--- a/docs/hazmat/primitives/asymmetric/rsa.rst
+++ b/docs/hazmat/primitives/asymmetric/rsa.rst

@@ -50,6 +50,11 @@
             provider.
         :return: A new instance of ``RSAPrivateKey``.
 
+        :raises cryptography.exceptions.UnsupportedInterface: This is raised if
+            the provided ``backend`` does not implement
+            :class:`~cryptography.hazmat.backends.interfaces.RSABackend`
+
+
     .. method:: signer(padding, algorithm, backend)
 
         .. versionadded:: 0.3
@@ -90,6 +95,9 @@
         :returns:
             :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricSignatureContext`
 
+        :raises cryptography.exceptions.UnsupportedInterface: This is raised if
+            the provided ``backend`` does not implement
+            :class:`~cryptography.hazmat.backends.interfaces.RSABackend`
 
 .. class:: RSAPublicKey(public_exponent, modulus)
 
@@ -154,6 +162,10 @@
         :returns:
             :class:`~cryptography.hazmat.primitives.interfaces.AsymmetricVerificationContext`
 
+        :raises cryptography.exceptions.UnsupportedInterface: This is raised if
+            the provided ``backend`` does not implement
+            :class:`~cryptography.hazmat.backends.interfaces.RSABackend`
+
 .. _`RSA`: https://en.wikipedia.org/wiki/RSA_(cryptosystem)
 .. _`public-key`: https://en.wikipedia.org/wiki/Public-key_cryptography
 .. _`use 65537`: http://www.daemonology.net/blog/2009-06-11-cryptographic-right-answers.html

diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py
index 114dc41..155ec3a 100644
--- a/tests/hazmat/primitives/test_rsa.py
+++ b/tests/hazmat/primitives/test_rsa.py

@@ -21,6 +21,7 @@
 import pytest
 
 from cryptography import exceptions, utils
+from cryptography.exceptions import UnsupportedInterface
 from cryptography.hazmat.primitives import hashes, interfaces
 from cryptography.hazmat.primitives.asymmetric import rsa
 from cryptography.hazmat.primitives.asymmetric import padding
@@ -385,6 +386,13 @@
             rsa.RSAPublicKey(public_exponent=6, modulus=15)
 
 
+def test_rsa_generate_invalid_backend():
+    pretend_backend = object()
+
+    with pytest.raises(UnsupportedInterface):
+        rsa.RSAPrivateKey.generate(65537, 2048, pretend_backend)
+
+
 @pytest.mark.rsa
 class TestRSASignature(object):
     @pytest.mark.parametrize(
@@ -444,6 +452,14 @@
         with pytest.raises(TypeError):
             private_key.signer("notpadding", hashes.SHA1(), backend)
 
+    def test_rsa_signer_invalid_backend(self, backend):
+        pretend_backend = object()
+        private_key = rsa.RSAPrivateKey.generate(65537, 2048, backend)
+
+        with pytest.raises(UnsupportedInterface):
+            private_key.signer(
+                padding.PKCS1v15(), hashes.SHA256, pretend_backend)
+
 
 @pytest.mark.rsa
 class TestRSAVerification(object):
@@ -559,6 +575,15 @@
         with pytest.raises(TypeError):
             public_key.verifier(b"sig", "notpadding", hashes.SHA1(), backend)
 
+    def test_rsa_verifier_invalid_backend(self, backend):
+        pretend_backend = object()
+        private_key = rsa.RSAPrivateKey.generate(65537, 2048, backend)
+        public_key = private_key.public_key()
+
+        with pytest.raises(UnsupportedInterface):
+            public_key.verifier(
+                b"foo", padding.PKCS1v15(), hashes.SHA256(), pretend_backend)
+
 
 class TestMGF1(object):
     def test_invalid_hash_algorithm(self):