aboutsummaryrefslogtreecommitdiffstats
path: root/tests/hazmat/primitives/test_serialization.py
diff options
context:
space:
mode:
authorMark Adams <mark@markadams.me>2014-12-14 00:16:03 -0600
committerMark Adams <mark@markadams.me>2014-12-14 00:30:39 -0600
commit4724d61be546f900298c7594d3bdb942b39a919f (patch)
treea19791b43dfaf648d310447605e90243cad59a70 /tests/hazmat/primitives/test_serialization.py
parentdfa57bf7821a63c65ef0f83234c79f611fab46db (diff)
downloadcryptography-4724d61be546f900298c7594d3bdb942b39a919f.tar.gz
cryptography-4724d61be546f900298c7594d3bdb942b39a919f.tar.bz2
cryptography-4724d61be546f900298c7594d3bdb942b39a919f.zip
Added better parsing for RFC 4251 string and mpint values.
Also moved several of the SSH key splitting and validation checks up into the load_ssh_public_key method since they will apply to more than just RSA. Added additional checks to make sure the key doesn't contain extraneous data
Diffstat (limited to 'tests/hazmat/primitives/test_serialization.py')
-rw-r--r--tests/hazmat/primitives/test_serialization.py45
1 files changed, 45 insertions, 0 deletions
diff --git a/tests/hazmat/primitives/test_serialization.py b/tests/hazmat/primitives/test_serialization.py
index ffe3d7df..9180b9aa 100644
--- a/tests/hazmat/primitives/test_serialization.py
+++ b/tests/hazmat/primitives/test_serialization.py
@@ -697,6 +697,51 @@ class TestSSHSerialization(object):
with pytest.raises(ValueError):
load_ssh_public_key(ssh_key, backend)
+ def test_load_ssh_public_key_rsa_too_short(self, backend):
+ ssh_key = b'ssh-rsa'
+
+ with pytest.raises(ValueError):
+ load_ssh_public_key(ssh_key, backend)
+
+ def test_load_ssh_public_key_rsa_key_types_dont_match(self, backend):
+ ssh_key = textwrap.dedent("""\
+ ssh-bad AAAAB3NzaC1yc2EAAAADAQABAAABAQDDu/XRP1kyK6Cgt36gts9XAk
+ FiiuJLW6RU0j3KKVZSs1I7Z3UmU9/9aVh/rZV43WQG8jaR6kkcP4stOR0DEtll
+ PDA7ZRBnrfiHpSQYQ874AZaAoIjgkv7DBfsE6gcDQLub0PFjWyrYQUJhtOLQEK
+ vY/G0vt2iRL3juawWmCFdTK3W3XvwAdgGk71i6lHt+deOPNEPN2H58E4odrZ2f
+ sxn/adpDqfb2sM0kPwQs0aWvrrKGvUaustkivQE4XWiSFnB0oJB/lKK/CKVKuy
+ ///ImSCGHQRvhwariN2tvZ6CBNSLh3iQgeB0AkyJlng7MXB2qYq/Ci2FUOryCX
+ 2MzHvnbv testkey@localhost extra""").encode() # ssh-bad
+
+ with pytest.raises(ValueError):
+ load_ssh_public_key(ssh_key, backend)
+
+ def test_load_ssh_public_key_rsa_extra_string_after_comment(self, backend):
+ ssh_key = textwrap.dedent("""\
+ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDu/XRP1kyK6Cgt36gts9XAk
+ FiiuJLW6RU0j3KKVZSs1I7Z3UmU9/9aVh/rZV43WQG8jaR6kkcP4stOR0DEtll
+ PDA7ZRBnrfiHpSQYQ874AZaAoIjgkv7DBfsE6gcDQLub0PFjWyrYQUJhtOLQEK
+ vY/G0vt2iRL3juawWmCFdTK3W3XvwAdgGk71i6lHt+deOPNEPN2H58E4odrZ2f
+ sxn/adpDqfb2sM0kPwQs0aWvrrKGvUaustkivQE4XWiSFnB0oJB/lKK/CKVKuy
+ ///ImSCGHQRvhwariN2tvZ6CBNSLh3iQgeB0AkyJlng7MXB2qYq/Ci2FUOryCX
+ 2MzHvnbv testkey@localhost extra""").encode() # Extra appended
+
+ with pytest.raises(ValueError):
+ load_ssh_public_key(ssh_key, backend)
+
+ def test_load_ssh_public_key_rsa_extra_data_after_modulo(self, backend):
+ ssh_key = textwrap.dedent("""\
+ ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDu/XRP1kyK6Cgt36gts9XAk
+ FiiuJLW6RU0j3KKVZSs1I7Z3UmU9/9aVh/rZV43WQG8jaR6kkcP4stOR0DEtll
+ PDA7ZRBnrfiHpSQYQ874AZaAoIjgkv7DBfsE6gcDQLub0PFjWyrYQUJhtOLQEK
+ vY/G0vt2iRL3juawWmCFdTK3W3XvwAdgGk71i6lHt+deOPNEPN2H58E4odrZ2f
+ sxn/adpDqfb2sM0kPwQs0aWvrrKGvUaustkivQE4XWiSFnB0oJB/lKK/CKVKuy
+ ///ImSCGHQRvhwariN2tvZ6CBNSLh3iQgeB0AkyJlng7MXB2qYq/Ci2FUOryCX
+ 2MzHvnbvAQ== testkey@localhost""").encode() # Extra 0x01 appended
+
+ with pytest.raises(ValueError):
+ load_ssh_public_key(ssh_key, backend)
+
def test_load_ssh_public_key_rsa(self, backend):
ssh_key = textwrap.dedent("""\
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDDu/XRP1kyK6Cgt36gts9XAk