diff options
-rw-r--r-- | src/cryptography/hazmat/backends/openssl/ec.py | 2 | ||||
-rw-r--r-- | tests/hazmat/primitives/test_dsa.py | 5 | ||||
-rw-r--r-- | tests/hazmat/primitives/test_ec.py | 9 | ||||
-rw-r--r-- | tests/hazmat/primitives/test_rsa.py | 17 |
4 files changed, 33 insertions, 0 deletions
diff --git a/src/cryptography/hazmat/backends/openssl/ec.py b/src/cryptography/hazmat/backends/openssl/ec.py index 7d3afb94..b8692e49 100644 --- a/src/cryptography/hazmat/backends/openssl/ec.py +++ b/src/cryptography/hazmat/backends/openssl/ec.py @@ -119,6 +119,8 @@ class _ECDSASignatureContext(object): @utils.register_interface(AsymmetricVerificationContext) class _ECDSAVerificationContext(object): def __init__(self, backend, public_key, signature, algorithm): + if not isinstance(signature, bytes): + raise TypeError("signature must be bytes.") self._backend = backend self._public_key = public_key self._signature = signature diff --git a/tests/hazmat/primitives/test_dsa.py b/tests/hazmat/primitives/test_dsa.py index b6b0de94..53e41883 100644 --- a/tests/hazmat/primitives/test_dsa.py +++ b/tests/hazmat/primitives/test_dsa.py @@ -583,6 +583,11 @@ class TestDSAVerification(object): with pytest.raises(InvalidSignature): verifier.verify() + def test_signature_not_bytes(self, backend): + public_key = DSA_KEY_1024.public_numbers.public_key(backend) + with pytest.raises(TypeError): + public_key.verifier(1234, hashes.SHA1()) + def test_use_after_finalize(self, backend): public_key = DSA_KEY_1024.public_numbers.public_key(backend) verifier = public_key.verifier(b'fakesig', hashes.SHA1()) diff --git a/tests/hazmat/primitives/test_ec.py b/tests/hazmat/primitives/test_ec.py index 20465a2d..f2e340be 100644 --- a/tests/hazmat/primitives/test_ec.py +++ b/tests/hazmat/primitives/test_ec.py @@ -710,3 +710,12 @@ class TestEllipticCurvePEMPublicKeySerialization(object): key.public_bytes( serialization.Encoding.PEM, serialization.PublicFormat.PKCS1 ) + + +@pytest.mark.requires_backend_interface(interface=EllipticCurveBackend) +class TestECDSAVerification(object): + def test_signature_not_bytes(self, backend): + key = ec.generate_private_key(ec.SECP192R1(), backend) + public_key = key.public_key() + with pytest.raises(TypeError): + public_key.verifier(1234, ec.ECDSA(hashes.SHA256())) diff --git a/tests/hazmat/primitives/test_rsa.py b/tests/hazmat/primitives/test_rsa.py index 0c5f7042..0b83fd65 100644 --- a/tests/hazmat/primitives/test_rsa.py +++ b/tests/hazmat/primitives/test_rsa.py @@ -679,6 +679,23 @@ class TestRSAVerification(object): with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_PADDING): public_key.verifier(b"sig", DummyPadding(), hashes.SHA1()) + @pytest.mark.supported( + only_if=lambda backend: backend.rsa_padding_supported( + padding.PKCS1v15() + ), + skip_message="Does not support PKCS1v1.5." + ) + def test_signature_not_bytes(self, backend): + public_key = RSA_KEY_512.public_numbers.public_key(backend) + signature = 1234 + + with pytest.raises(TypeError): + public_key.verifier( + signature, + padding.PKCS1v15(), + hashes.SHA1() + ) + def test_padding_incorrect_type(self, backend): private_key = RSA_KEY_512.private_key(backend) public_key = private_key.public_key() |