diff options
author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2019-03-19 09:23:54 +0800 |
---|---|---|
committer | Alex Gaynor <alex.gaynor@gmail.com> | 2019-03-18 21:23:54 -0400 |
commit | f2c2dfd7ce179b1763a98747282ea2ce019d6c1a (patch) | |
tree | 38570dd473bce7562aaf8ae725f10eb2331a76fc | |
parent | c05b44b6d229e66cb16d4697d96918e1d0dccb41 (diff) | |
download | cryptography-f2c2dfd7ce179b1763a98747282ea2ce019d6c1a.tar.gz cryptography-f2c2dfd7ce179b1763a98747282ea2ce019d6c1a.tar.bz2 cryptography-f2c2dfd7ce179b1763a98747282ea2ce019d6c1a.zip |
add new branch for unsupported openssh serialization (#4813)
we don't support ed448 openssh keys so we'll use that to test this
branch. if we ever do support ed448 keys we can always just call this
private method directly to keep coverage.
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/backend.py | 7 | ||||
-rw-r--r-- | tests/hazmat/primitives/test_serialization.py | 11 |
2 files changed, 15 insertions, 3 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py index 779d2ee1..74dedbe0 100644 --- a/src/cryptography/hazmat/backends/openssl/backend.py +++ b/src/cryptography/hazmat/backends/openssl/backend.py @@ -1892,8 +1892,7 @@ class Backend(object): ssh._ssh_write_string(b"ssh-ed25519") + ssh._ssh_write_string(raw_bytes) ) - else: - assert isinstance(key, ec.EllipticCurvePublicKey) + elif isinstance(key, ec.EllipticCurvePublicKey): public_numbers = key.public_numbers() try: curve_name = { @@ -1916,6 +1915,10 @@ class Backend(object): ssh._ssh_write_string(curve_name) + ssh._ssh_write_string(point) ) + else: + raise ValueError( + "OpenSSH encoding is not supported for this key type" + ) def _parameter_bytes(self, encoding, format, cdata): if encoding is serialization.Encoding.OpenSSH: diff --git a/tests/hazmat/primitives/test_serialization.py b/tests/hazmat/primitives/test_serialization.py index f7d186e8..6c86927a 100644 --- a/tests/hazmat/primitives/test_serialization.py +++ b/tests/hazmat/primitives/test_serialization.py @@ -16,7 +16,9 @@ from cryptography.hazmat.backends.interfaces import ( DERSerializationBackend, DSABackend, EllipticCurveBackend, PEMSerializationBackend, RSABackend ) -from cryptography.hazmat.primitives.asymmetric import dsa, ec, ed25519, rsa +from cryptography.hazmat.primitives.asymmetric import ( + dsa, ec, ed25519, ed448, rsa +) from cryptography.hazmat.primitives.serialization import ( BestAvailableEncryption, Encoding, NoEncryption, PrivateFormat, PublicFormat, @@ -1585,3 +1587,10 @@ class TestEd448Serialization(object): assert public_key.public_bytes( encoding, PublicFormat.SubjectPublicKeyInfo ) == data + + def test_openssh_serialization_unsupported(self, backend): + key = ed448.Ed448PrivateKey.generate().public_key() + with pytest.raises(ValueError): + key.public_bytes( + Encoding.OpenSSH, PublicFormat.OpenSSH + ) |