diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-01-28 19:23:01 -0600 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-01-28 19:23:01 -0600 |
| commit | 5c8ea70ca7a36a0e090640b329bd9931232b7b23 (patch) | |
| tree | 734b78893c5261d0166b77200453ebc6b47012bc | |
| parent | 91a6892dde4b2370047547097ac47763a62ed5f0 (diff) | |
| download | cryptography-5c8ea70ca7a36a0e090640b329bd9931232b7b23.tar.gz cryptography-5c8ea70ca7a36a0e090640b329bd9931232b7b23.tar.bz2 cryptography-5c8ea70ca7a36a0e090640b329bd9931232b7b23.zip | |
add some unicode checks for salt on init and key_material on derive
| -rw-r--r-- | cryptography/hazmat/primitives/kdf/pbkdf2.py | 13 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_pbkdf2.py | 10 |
2 files changed, 23 insertions, 0 deletions
diff --git a/cryptography/hazmat/primitives/kdf/pbkdf2.py b/cryptography/hazmat/primitives/kdf/pbkdf2.py index a496cc27..fec1d5c2 100644 --- a/cryptography/hazmat/primitives/kdf/pbkdf2.py +++ b/cryptography/hazmat/primitives/kdf/pbkdf2.py @@ -13,6 +13,8 @@ from __future__ import absolute_import, division, print_function +import six + from cryptography import utils from cryptography.exceptions import ( InvalidKey, UnsupportedAlgorithm, AlreadyFinalized @@ -31,6 +33,11 @@ class PBKDF2HMAC(object): self._called = False self.algorithm = algorithm self._length = length + if isinstance(salt, six.text_type): + raise TypeError( + "Unicode-objects must be encoded before using them as key " + "material." + ) self._salt = salt self.iterations = iterations self._backend = backend @@ -40,6 +47,12 @@ class PBKDF2HMAC(object): raise AlreadyFinalized("PBKDF2 instances can only be called once") else: self._called = True + + if isinstance(key_material, six.text_type): + raise TypeError( + "Unicode-objects must be encoded before using them as key " + "material." + ) return self._backend.derive_pbkdf2_hmac( self.algorithm, self._length, diff --git a/tests/hazmat/primitives/test_pbkdf2.py b/tests/hazmat/primitives/test_pbkdf2.py index 41123557..6ad225a8 100644 --- a/tests/hazmat/primitives/test_pbkdf2.py +++ b/tests/hazmat/primitives/test_pbkdf2.py @@ -14,6 +14,7 @@ from __future__ import absolute_import, division, print_function import pytest +import six from cryptography import utils from cryptography.exceptions import ( @@ -57,3 +58,12 @@ class TestPBKDF2HMAC(object): kdf = PBKDF2HMAC(hashes.SHA1(), 20, b"salt", 10, default_backend()) with pytest.raises(InvalidKey): kdf.verify(b"password2", key) + + def test_unicode_error_with_salt(self): + with pytest.raises(TypeError): + PBKDF2HMAC(hashes.SHA1(), 20, six.u("salt"), 10, default_backend()) + + def test_unicode_error_with_key_material(self): + kdf = PBKDF2HMAC(hashes.SHA1(), 20, b"salt", 10, default_backend()) + with pytest.raises(TypeError): + kdf.derive(six.u("unicode here")) |