aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.travis.yml2
-rw-r--r--src/cryptography/hazmat/backends/openssl/backend.py9
-rw-r--r--tests/hazmat/primitives/test_pkcs12.py36
3 files changed, 36 insertions, 11 deletions
diff --git a/.travis.yml b/.travis.yml
index eac49d98..1cb3f655 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -58,7 +58,7 @@ matrix:
- python: 3.8
env: TOXENV=py38 OPENSSL=1.1.1d
- python: 3.8
- env: TOXENV=py38 OPENSSL=1.1.1d OPENSSL_CONFIG_FLAGS=no-engine
+ env: TOXENV=py38 OPENSSL=1.1.1d OPENSSL_CONFIG_FLAGS="no-engine no-rc2"
- python: 3.8
env: TOXENV=py38 LIBRESSL=2.7.5
- python: 3.8
diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py
index 7e9fa202..96fa9ff6 100644
--- a/src/cryptography/hazmat/backends/openssl/backend.py
+++ b/src/cryptography/hazmat/backends/openssl/backend.py
@@ -94,6 +94,11 @@ from cryptography.x509 import ocsp
_MemoryBIO = collections.namedtuple("_MemoryBIO", ["bio", "char_ptr"])
+# Not actually supported, just used as a marker for some serialization tests.
+class _RC2(object):
+ pass
+
+
@utils.register_interface(CipherBackend)
@utils.register_interface(CMACBackend)
@utils.register_interface(DERSerializationBackend)
@@ -292,6 +297,10 @@ class Backend(object):
type(None),
GetCipherByName("rc4")
)
+ # We don't actually support RC2, this is just used by some tests.
+ self.register_cipher_adapter(
+ _RC2, type(None), GetCipherByName("rc2")
+ )
self.register_cipher_adapter(
ChaCha20,
type(None),
diff --git a/tests/hazmat/primitives/test_pkcs12.py b/tests/hazmat/primitives/test_pkcs12.py
index f084d578..0bb76e25 100644
--- a/tests/hazmat/primitives/test_pkcs12.py
+++ b/tests/hazmat/primitives/test_pkcs12.py
@@ -10,6 +10,7 @@ import pytest
from cryptography import x509
from cryptography.hazmat.backends.interfaces import DERSerializationBackend
+from cryptography.hazmat.backends.openssl.backend import _RC2
from cryptography.hazmat.primitives.serialization import load_pem_private_key
from cryptography.hazmat.primitives.serialization.pkcs12 import (
load_key_and_certificates
@@ -20,16 +21,7 @@ from .utils import load_vectors_from_file
@pytest.mark.requires_backend_interface(interface=DERSerializationBackend)
class TestPKCS12(object):
- @pytest.mark.parametrize(
- ("filename", "password"),
- [
- ("cert-key-aes256cbc.p12", b"cryptography"),
- ("cert-none-key-none.p12", b"cryptography"),
- ("cert-rc2-key-3des.p12", b"cryptography"),
- ("no-password.p12", None),
- ]
- )
- def test_load_pkcs12_ec_keys(self, filename, password, backend):
+ def _test_load_pkcs12_ec_keys(self, filename, password, backend):
cert = load_vectors_from_file(
os.path.join("x509", "custom", "ca", "ca.pem"),
lambda pemfile: x509.load_pem_x509_certificate(
@@ -52,6 +44,30 @@ class TestPKCS12(object):
assert parsed_key.private_numbers() == key.private_numbers()
assert parsed_more_certs == []
+ @pytest.mark.parametrize(
+ ("filename", "password"),
+ [
+ ("cert-key-aes256cbc.p12", b"cryptography"),
+ ("cert-none-key-none.p12", b"cryptography"),
+ ]
+ )
+ def test_load_pkcs12_ec_keys(self, filename, password, backend):
+ self._test_load_pkcs12_ec_keys(filename, password, backend)
+
+ @pytest.mark.parametrize(
+ ("filename", "password"),
+ [
+ ("cert-rc2-key-3des.p12", b"cryptography"),
+ ("no-password.p12", None),
+ ]
+ )
+ @pytest.mark.supported(
+ only_if=lambda backend: backend.cipher_supported(_RC2(), None),
+ skip_message="Does not support RC2"
+ )
+ def test_load_pkcs12_ec_keys_rc2(self, filename, password, backend):
+ self._test_load_pkcs12_ec_keys(filename, password, backend)
+
def test_load_pkcs12_cert_only(self, backend):
cert = load_vectors_from_file(
os.path.join("x509", "custom", "ca", "ca.pem"),