diff options
author | Alex Gaynor <alex.gaynor@gmail.com> | 2018-07-15 20:48:57 -0400 |
---|---|---|
committer | Paul Kehrer <paul.l.kehrer@gmail.com> | 2018-07-16 06:18:57 +0530 |
commit | b09b9ecd695187f323c509aecdf517cadcf728d1 (patch) | |
tree | c295740f84703c77f4cfee6866bac18db6246114 /tests/hazmat/primitives | |
parent | bb23c6c7cbb3f62f1b1b2480f9dc07c6beba3398 (diff) | |
download | cryptography-b09b9ecd695187f323c509aecdf517cadcf728d1.tar.gz cryptography-b09b9ecd695187f323c509aecdf517cadcf728d1.tar.bz2 cryptography-b09b9ecd695187f323c509aecdf517cadcf728d1.zip |
Change the exception we raise in keywrap unwrapping on invalid length (#4337)
I believe this can reasonably be considered backwards compatible since other invalid inputs already lead to InvalidUnwrap, and clients shouldn't be distinguishing between these two conditions, and ValueError wasn't documented anyways.
Diffstat (limited to 'tests/hazmat/primitives')
-rw-r--r-- | tests/hazmat/primitives/test_keywrap.py | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/tests/hazmat/primitives/test_keywrap.py b/tests/hazmat/primitives/test_keywrap.py index 9b1e43e4..c74b144b 100644 --- a/tests/hazmat/primitives/test_keywrap.py +++ b/tests/hazmat/primitives/test_keywrap.py @@ -108,11 +108,11 @@ class TestAESKeyWrap(object): def test_unwrap_invalid_wrapped_key_length(self, backend): # Keys to unwrap must be at least 24 bytes - with pytest.raises(ValueError): + with pytest.raises(keywrap.InvalidUnwrap): keywrap.aes_key_unwrap(b"sixteen_byte_key", b"\x00" * 16, backend) # Keys to unwrap must be a multiple of 8 bytes - with pytest.raises(ValueError): + with pytest.raises(keywrap.InvalidUnwrap): keywrap.aes_key_unwrap(b"sixteen_byte_key", b"\x00" * 27, backend) @@ -189,7 +189,9 @@ class TestAESKeyWrapWithPadding(object): def test_unwrap_invalid_wrapped_key_length(self, backend): # Keys to unwrap must be at least 16 bytes - with pytest.raises(ValueError, match='Must be at least 16 bytes'): + with pytest.raises( + keywrap.InvalidUnwrap, match='Must be at least 16 bytes' + ): keywrap.aes_key_unwrap_with_padding( b"sixteen_byte_key", b"\x00" * 15, backend ) |