Add a test for bad type value passed to load_certificate_request and fix the behavior. Also incidental additional error handling fix for untested code.
diff --git a/OpenSSL/crypto.py b/OpenSSL/crypto.py
index 65bc8e8..437d111 100644
--- a/OpenSSL/crypto.py
+++ b/OpenSSL/crypto.py
@@ -1944,10 +1944,11 @@
elif type == FILETYPE_ASN1:
req = _lib.d2i_X509_REQ_bio(bio, _ffi.NULL)
else:
- 1/0
+ raise ValueError("type argument must be FILETYPE_PEM or FILETYPE_ASN1")
if req == _ffi.NULL:
- 1/0
+ # TODO: This is untested.
+ _raise_current_error()
x509req = X509Req.__new__(X509Req)
x509req._req = _ffi.gc(req, _lib.X509_REQ_free)
diff --git a/OpenSSL/test/test_crypto.py b/OpenSSL/test/test_crypto.py
index d451c9c..a87a5e8 100644
--- a/OpenSSL/test/test_crypto.py
+++ b/OpenSSL/test/test_crypto.py
@@ -2468,6 +2468,20 @@
+class LoadCertificateTests(TestCase):
+ """
+ Tests for :py:obj:`load_certificate_request`.
+ """
+ def test_badFileType(self):
+ """
+ If the file type passed to :py:obj:`load_certificate_request` is
+ neither :py:obj:`FILETYPE_PEM` nor :py:obj:`FILETYPE_ASN1` then
+ :py:class:`ValueError` is raised.
+ """
+ self.assertRaises(ValueError, load_certificate_request, object(), b"")
+
+
+
class PKCS7Tests(TestCase):
"""
Tests for :py:obj:`PKCS7Type`.