diff options
| author | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-03-20 19:07:45 -0400 |
|---|---|---|
| committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2014-03-20 19:07:45 -0400 |
| commit | b8666f76d91b42cd88eb5601ce40482c72d036e4 (patch) | |
| tree | d3fafeb33f2d21bebc99981ef7f6f404b0d55631 /cryptography | |
| parent | cdd0d2f045816f007a44d56691a023dd25bcb47a (diff) | |
| download | cryptography-b8666f76d91b42cd88eb5601ce40482c72d036e4.tar.gz cryptography-b8666f76d91b42cd88eb5601ce40482c72d036e4.tar.bz2 cryptography-b8666f76d91b42cd88eb5601ce40482c72d036e4.zip | |
improve exception msgs, change how test_pss_signing_sha2 works
Diffstat (limited to 'cryptography')
| -rw-r--r-- | cryptography/hazmat/backends/openssl/backend.py | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py index e3f421a5..d2744cf3 100644 --- a/cryptography/hazmat/backends/openssl/backend.py +++ b/cryptography/hazmat/backends/openssl/backend.py @@ -734,7 +734,8 @@ class _RSASignatureContext(object): # PSS signature length (salt length is checked later) key_size_bytes = int(math.ceil(private_key.key_size / 8.0)) if key_size_bytes - algorithm.digest_size - 2 < 0: - raise ValueError("Digest too large for key size.") + raise ValueError("Digest too large for key size. Use a larger " + "key.") if not self._backend.mgf1_hash_supported(padding._mgf._algorithm): raise UnsupportedHash( @@ -830,7 +831,8 @@ class _RSASignatureContext(object): assert errors[0].lib == self._backend._lib.ERR_LIB_RSA assert (errors[0].reason == self._backend._lib.RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE) - raise ValueError("Salt length too long for key size") + raise ValueError("Salt length too long for key size. Try using " + "MAX_LENGTH instead.") return self._backend._ffi.buffer(buf)[:] @@ -872,7 +874,8 @@ class _RSASignatureContext(object): assert errors[0].lib == self._backend._lib.ERR_LIB_RSA assert (errors[0].reason == self._backend._lib.RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE) - raise ValueError("Salt length too long for key size") + raise ValueError("Salt length too long for key size. Try using " + "MAX_LENGTH instead.") sig_buf = self._backend._ffi.new("char[]", pkey_size) sig_len = self._backend._lib.RSA_private_encrypt( @@ -913,7 +916,10 @@ class _RSAVerificationContext(object): # PSS signature length (salt length is checked later) key_size_bytes = int(math.ceil(public_key.key_size / 8.0)) if key_size_bytes - algorithm.digest_size - 2 < 0: - raise ValueError("Digest too large for key size.") + raise ValueError( + "Digest too large for key size. Check that you have the " + "correct key and digest algorithm." + ) if not self._backend.mgf1_hash_supported(padding._mgf._algorithm): raise UnsupportedHash( |