Add a test for the failure condition of EC_KEY_new_by_curve_name
diff --git a/OpenSSL/test/test_ssl.py b/OpenSSL/test/test_ssl.py
index 5e9fd83..beb5d28 100644
--- a/OpenSSL/test/test_ssl.py
+++ b/OpenSSL/test/test_ssl.py
@@ -38,7 +38,7 @@
SESS_CACHE_NO_INTERNAL_STORE, SESS_CACHE_NO_INTERNAL)
from OpenSSL.SSL import (
_Cryptography_HAS_EC, ELLIPTIC_CURVE_DESCRIPTIONS,
- ECNotAvailable, UnknownObject)
+ ECNotAvailable, UnknownObject, UnsupportedEllipticCurve)
from OpenSSL.SSL import (
Error, SysCallError, WantReadError, WantWriteError, ZeroReturnError)
@@ -1204,7 +1204,7 @@
_lib.Cryptography_HAS_EC = has_ec
- def test_set_tmp_ecdh_curve_bad_sn(self):
+ def test_set_tmp_ecdh_curve_bad_curve_name(self):
"""
:py:obj:`Context.set_tmp_ecdh_curve` raises :py:obj:`UnknownObject` if
passed a curve_name that OpenSSL does not recognize and EC is
@@ -1223,6 +1223,26 @@
"non-existent curve name")
+ def test_set_tmp_ecdh_curve_bad_nid(self):
+ """
+ :py:obj:`Context._set_tmp_ecdh_curve_by_nid`, an implementation detail
+ of :py:obj:`Context.set_tmp_ecdh_curve`, raises
+ :py:obj:`UnsupportedEllipticCurve` raises if passed a NID that does not
+ identify a supported curve.
+ """
+ context = Context(TLSv1_METHOD)
+ try:
+ context._set_tmp_ecdh_curve_by_nid(
+ u"curve", _lib.OBJ_sn2nid(b"sha256"))
+ except UnsupportedEllipticCurve:
+ pass
+ else:
+ self.fail(
+ "_set_tmp_ecdh_curve_by_nid did not raise "
+ "UnsupportedEllipticCurve for a NID that does not "
+ "identify a supported curve.")
+
+
def test_set_tmp_ecdh_curve_not_a_curve(self):
"""
:py:obj:`Context.set_tmp_ecdh_curve` raises