diff options
| -rw-r--r-- | .travis.yml | 2 | ||||
| -rw-r--r-- | src/cryptography/hazmat/backends/openssl/backend.py | 9 | ||||
| -rw-r--r-- | tests/hazmat/primitives/test_pkcs12.py | 36 |
3 files changed, 36 insertions, 11 deletions
diff --git a/.travis.yml b/.travis.yml index eac49d98..1cb3f655 100644 --- a/.travis.yml +++ b/.travis.yml @@ -58,7 +58,7 @@ matrix: - python: 3.8 env: TOXENV=py38 OPENSSL=1.1.1d - python: 3.8 - env: TOXENV=py38 OPENSSL=1.1.1d OPENSSL_CONFIG_FLAGS=no-engine + env: TOXENV=py38 OPENSSL=1.1.1d OPENSSL_CONFIG_FLAGS="no-engine no-rc2" - python: 3.8 env: TOXENV=py38 LIBRESSL=2.7.5 - python: 3.8 diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py index 7e9fa202..96fa9ff6 100644 --- a/src/cryptography/hazmat/backends/openssl/backend.py +++ b/src/cryptography/hazmat/backends/openssl/backend.py @@ -94,6 +94,11 @@ from cryptography.x509 import ocsp _MemoryBIO = collections.namedtuple("_MemoryBIO", ["bio", "char_ptr"]) +# Not actually supported, just used as a marker for some serialization tests. +class _RC2(object): + pass + + @utils.register_interface(CipherBackend) @utils.register_interface(CMACBackend) @utils.register_interface(DERSerializationBackend) @@ -292,6 +297,10 @@ class Backend(object): type(None), GetCipherByName("rc4") ) + # We don't actually support RC2, this is just used by some tests. + self.register_cipher_adapter( + _RC2, type(None), GetCipherByName("rc2") + ) self.register_cipher_adapter( ChaCha20, type(None), diff --git a/tests/hazmat/primitives/test_pkcs12.py b/tests/hazmat/primitives/test_pkcs12.py index f084d578..0bb76e25 100644 --- a/tests/hazmat/primitives/test_pkcs12.py +++ b/tests/hazmat/primitives/test_pkcs12.py @@ -10,6 +10,7 @@ import pytest from cryptography import x509 from cryptography.hazmat.backends.interfaces import DERSerializationBackend +from cryptography.hazmat.backends.openssl.backend import _RC2 from cryptography.hazmat.primitives.serialization import load_pem_private_key from cryptography.hazmat.primitives.serialization.pkcs12 import ( load_key_and_certificates @@ -20,16 +21,7 @@ from .utils import load_vectors_from_file @pytest.mark.requires_backend_interface(interface=DERSerializationBackend) class TestPKCS12(object): - @pytest.mark.parametrize( - ("filename", "password"), - [ - ("cert-key-aes256cbc.p12", b"cryptography"), - ("cert-none-key-none.p12", b"cryptography"), - ("cert-rc2-key-3des.p12", b"cryptography"), - ("no-password.p12", None), - ] - ) - def test_load_pkcs12_ec_keys(self, filename, password, backend): + def _test_load_pkcs12_ec_keys(self, filename, password, backend): cert = load_vectors_from_file( os.path.join("x509", "custom", "ca", "ca.pem"), lambda pemfile: x509.load_pem_x509_certificate( @@ -52,6 +44,30 @@ class TestPKCS12(object): assert parsed_key.private_numbers() == key.private_numbers() assert parsed_more_certs == [] + @pytest.mark.parametrize( + ("filename", "password"), + [ + ("cert-key-aes256cbc.p12", b"cryptography"), + ("cert-none-key-none.p12", b"cryptography"), + ] + ) + def test_load_pkcs12_ec_keys(self, filename, password, backend): + self._test_load_pkcs12_ec_keys(filename, password, backend) + + @pytest.mark.parametrize( + ("filename", "password"), + [ + ("cert-rc2-key-3des.p12", b"cryptography"), + ("no-password.p12", None), + ] + ) + @pytest.mark.supported( + only_if=lambda backend: backend.cipher_supported(_RC2(), None), + skip_message="Does not support RC2" + ) + def test_load_pkcs12_ec_keys_rc2(self, filename, password, backend): + self._test_load_pkcs12_ec_keys(filename, password, backend) + def test_load_pkcs12_cert_only(self, backend): cert = load_vectors_from_file( os.path.join("x509", "custom", "ca", "ca.pem"), |