Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / python / pyopenssl / 23478b35f2815ce9813105c2d5a8f718e580bc74^! / .
commit23478b35f2815ce9813105c2d5a8f718e580bc74[log] [tgz]
authorJean-Paul Calderone <exarkun@twistedmatrix.com>Wed Feb 20 13:31:38 2013 -0800
committerJean-Paul Calderone <exarkun@twistedmatrix.com>Wed Feb 20 13:31:38 2013 -0800
treed9f76caaaa7415d4ead9287c9d16aa8c4300d98f
parente41f05c8c91d3a60f0d7f6fbe21153fbc5c352ce [diff]
Add format type check as well; and use passphrase helper to support passphrases in dump_privatekey.
diff --git a/OpenSSL/crypto.py b/OpenSSL/crypto.py
index 3333b66..f986117 100644
--- a/OpenSSL/crypto.py
+++ b/OpenSSL/crypto.py

@@ -882,9 +882,12 @@
     # TODO incomplete
     bio = _api.BIO_new(_api.BIO_s_mem())
 
+    helper = _PassphraseHelper(type, passphrase)
     if type == FILETYPE_PEM:
         result_code = _api.PEM_write_bio_PrivateKey(
-            bio, pkey._pkey, _api.NULL, _api.NULL, 0, _api.NULL, _api.NULL)
+            bio, pkey._pkey, _api.NULL, _api.NULL, 0,
+            helper.callback, helper.callback_args)
+        helper.raise_if_problem()
     elif type == FILETYPE_ASN1:
         result_code = _api.i2d_PrivateKey_bio(bio, pkey._pkey)
     elif type == FILETYPE_TEXT:
@@ -904,7 +907,9 @@
 
 
 class _PassphraseHelper(object):
-    def __init__(self, passphrase):
+    def __init__(self, type, passphrase):
+        if type != FILETYPE_PEM and passphrase is not None:
+            raise ValueError("only FILETYPE_PEM key format supports encryption")
         self._passphrase = passphrase
         self._problems = []
 
@@ -973,7 +978,7 @@
     # TODO incomplete
     bio = _api.BIO_new_mem_buf(buffer, len(buffer))
 
-    helper = _PassphraseHelper(passphrase)
+    helper = _PassphraseHelper(type, passphrase)
     if type == FILETYPE_PEM:
         evp_pkey = _api.PEM_read_bio_PrivateKey(
             bio, _api.NULL, helper.callback, helper.callback_args)