diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-04-22 10:01:05 -0500 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-04-22 10:01:05 -0500 |
| commit | 9f1ece7cd28d7342e57eb57bd6f611851e1e099f (patch) | |
| tree | 32386922cbda8a6ae144cae320ee3c41ab839c41 | |
| parent | 7bde89fac2473b54d6b4d1082c3f62f0cb07985f (diff) | |
| parent | f09a3d6cfa198f89eca0e012fb9f9ae0a2d9591a (diff) | |
| download | cryptography-9f1ece7cd28d7342e57eb57bd6f611851e1e099f.tar.gz cryptography-9f1ece7cd28d7342e57eb57bd6f611851e1e099f.tar.bz2 cryptography-9f1ece7cd28d7342e57eb57bd6f611851e1e099f.zip | |
Merge pull request #953 from Ayrx/fix-cmac-missing-coverage
Added missing tests for CMAC 100% coverage
| -rw-r--r-- | cryptography/hazmat/backends/openssl/backend.py | 16 | ||||
| -rw-r--r-- | tests/hazmat/backends/test_openssl.py | 16 |
2 files changed, 19 insertions, 13 deletions
diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py index 7d73c413..4c487e4d 100644 --- a/cryptography/hazmat/backends/openssl/backend.py +++ b/cryptography/hazmat/backends/openssl/backend.py @@ -1255,7 +1255,8 @@ class _RSAVerificationContext(object): class _CMACContext(object): def __init__(self, backend, algorithm, ctx=None): if not backend.cmac_algorithm_supported(algorithm): - raise UnsupportedAlgorithm("This backend does not support CMAC") + raise UnsupportedAlgorithm("This backend does not support CMAC", + _Reasons.UNSUPPORTED_CIPHER) self._backend = backend self._key = algorithm.key @@ -1264,20 +1265,9 @@ class _CMACContext(object): if ctx is None: registry = self._backend._cipher_registry - try: - adapter = registry[type(algorithm), CBC] - except KeyError: - raise UnsupportedAlgorithm( - "cipher {0} is not supported by this backend".format( - algorithm.name), _Reasons.UNSUPPORTED_CIPHER - ) + adapter = registry[type(algorithm), CBC] evp_cipher = adapter(self._backend, algorithm, CBC) - if evp_cipher == self._backend._ffi.NULL: - raise UnsupportedAlgorithm( - "cipher {0} is not supported by this backend".format( - algorithm.name), _Reasons.UNSUPPORTED_CIPHER - ) ctx = self._backend._lib.CMAC_CTX_new() diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py index c589506f..98537360 100644 --- a/tests/hazmat/backends/test_openssl.py +++ b/tests/hazmat/backends/test_openssl.py @@ -23,6 +23,7 @@ from cryptography.hazmat.primitives.asymmetric import dsa, padding, rsa from cryptography.hazmat.primitives.ciphers import Cipher from cryptography.hazmat.primitives.ciphers.algorithms import AES from cryptography.hazmat.primitives.ciphers.modes import CBC +from cryptography.hazmat.primitives.interfaces import BlockCipherAlgorithm from ...utils import raises_unsupported_algorithm @@ -291,3 +292,18 @@ class TestOpenSSLRSA(object): def test_unsupported_mgf1_hash_algorithm(self): assert backend.mgf1_hash_supported(DummyHash()) is False + + +@pytest.mark.skipif( + backend._lib.OPENSSL_VERSION_NUMBER <= 0x10001000, + reason="Requires an OpenSSL version >= 1.0.1" +) +class TestOpenSSLCMAC(object): + def test_unsupported_cipher(self): + @utils.register_interface(BlockCipherAlgorithm) + class FakeAlgorithm(object): + def __init__(self): + self.block_size = 64 + + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_CIPHER): + backend.create_cmac_ctx(FakeAlgorithm()) |