Don't overwrite the error raised by the callback.
diff --git a/OpenSSL/test/test_crypto.py b/OpenSSL/test/test_crypto.py
index 56638e8..4438f8c 100644
--- a/OpenSSL/test/test_crypto.py
+++ b/OpenSSL/test/test_crypto.py
@@ -1990,6 +1990,18 @@
self.assertTrue(isinstance(key, PKeyType))
+ def test_load_privatekey_passphrase_exception(self):
+ """
+ If the passphrase callback raises an exception, that exception is raised
+ by :py:obj:`load_privatekey`.
+ """
+ def cb(ignored):
+ raise ArithmeticError
+
+ self.assertRaises(ArithmeticError,
+ load_privatekey, FILETYPE_PEM, encryptedPrivateKeyPEM, cb)
+
+
def test_load_privatekey_wrongPassphraseCallback(self):
"""
:py:obj:`load_privatekey` raises :py:obj:`OpenSSL.crypto.Error` when it is passed an
@@ -2021,22 +2033,6 @@
self.assertEqual(called, [False])
- def test_load_privatekey_passphrase_exception(self):
- """
- An exception raised by the passphrase callback passed to
- :py:obj:`load_privatekey` causes :py:obj:`OpenSSL.crypto.Error` to be raised.
-
- This isn't as nice as just letting the exception pass through. The
- behavior might be changed to that eventually.
- """
- def broken(ignored):
- raise RuntimeError("This is not working.")
- self.assertRaises(
- Error,
- load_privatekey,
- FILETYPE_PEM, encryptedPrivateKeyPEM, broken)
-
-
def test_dump_privatekey_wrong_args(self):
"""
:py:obj:`dump_privatekey` raises :py:obj:`TypeError` if called with the wrong number
@@ -2171,6 +2167,19 @@
self.assertEqual(loadedKey.bits(), key.bits())
+ def test_dump_privatekey_passphrase_exception(self):
+ """
+ L{dump_privatekey} should not overwrite the exception raised
+ by the passphrase callback.
+ """
+ def cb(ignored):
+ raise ArithmeticError
+
+ key = load_privatekey(FILETYPE_PEM, cleartextPrivateKeyPEM)
+ self.assertRaises(ArithmeticError,
+ dump_privatekey, FILETYPE_PEM, key, "blowfish", cb)
+
+
def test_load_pkcs7_data(self):
"""
:py:obj:`load_pkcs7_data` accepts a PKCS#7 string and returns an instance of