From ae8156f1812c28e0265ed3215291be469aa4fd05 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 26 Nov 2014 09:55:40 -1000 Subject: add X509Backend support to multibackend --- src/cryptography/exceptions.py | 1 + src/cryptography/hazmat/backends/multibackend.py | 25 +++++++++++++++++++++++- tests/hazmat/backends/test_multibackend.py | 23 +++++++++++++++++++++- 3 files changed, 47 insertions(+), 2 deletions(-) diff --git a/src/cryptography/exceptions.py b/src/cryptography/exceptions.py index 4270cb22..b0e1a993 100644 --- a/src/cryptography/exceptions.py +++ b/src/cryptography/exceptions.py @@ -14,6 +14,7 @@ class _Reasons(object): UNSUPPORTED_PUBLIC_KEY_ALGORITHM = object() UNSUPPORTED_ELLIPTIC_CURVE = object() UNSUPPORTED_SERIALIZATION = object() + UNSUPPORTED_X509 = object() class UnsupportedAlgorithm(Exception): diff --git a/src/cryptography/hazmat/backends/multibackend.py b/src/cryptography/hazmat/backends/multibackend.py index fce6c8e1..ffc569f4 100644 --- a/src/cryptography/hazmat/backends/multibackend.py +++ b/src/cryptography/hazmat/backends/multibackend.py @@ -12,7 +12,7 @@ from cryptography.hazmat.backends.interfaces import ( CMACBackend, CipherBackend, DSABackend, EllipticCurveBackend, HMACBackend, HashBackend, PBKDF2HMACBackend, PEMSerializationBackend, PKCS8SerializationBackend, RSABackend, - TraditionalOpenSSLSerializationBackend + TraditionalOpenSSLSerializationBackend, X509Backend ) @@ -27,6 +27,7 @@ from cryptography.hazmat.backends.interfaces import ( @utils.register_interface(DSABackend) @utils.register_interface(EllipticCurveBackend) @utils.register_interface(PEMSerializationBackend) +@utils.register_interface(X509Backend) class MultiBackend(object): name = "multibackend" @@ -347,3 +348,25 @@ class MultiBackend(object): "This backend does not support this key serialization.", _Reasons.UNSUPPORTED_SERIALIZATION ) + + def load_pem_x509_certificate(self, data): + for b in self._filtered_backends( + X509Backend + ): + return b.load_pem_x509_certificate(data) + + raise UnsupportedAlgorithm( + "This backend does not support X.509.", + _Reasons.UNSUPPORTED_X509 + ) + + def load_der_x509_certificate(self, data): + for b in self._filtered_backends( + X509Backend + ): + return b.load_der_x509_certificate(data) + + raise UnsupportedAlgorithm( + "This backend does not support X.509.", + _Reasons.UNSUPPORTED_X509 + ) diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py index 112247cb..03aa3cd8 100644 --- a/tests/hazmat/backends/test_multibackend.py +++ b/tests/hazmat/backends/test_multibackend.py @@ -14,7 +14,7 @@ from cryptography.hazmat.backends.interfaces import ( CMACBackend, CipherBackend, DSABackend, EllipticCurveBackend, HMACBackend, HashBackend, PBKDF2HMACBackend, PEMSerializationBackend, PKCS8SerializationBackend, RSABackend, - TraditionalOpenSSLSerializationBackend + TraditionalOpenSSLSerializationBackend, X509Backend ) from cryptography.hazmat.backends.multibackend import MultiBackend from cryptography.hazmat.primitives import cmac, hashes, hmac @@ -203,6 +203,15 @@ class DummyPEMSerializationBackend(object): pass +@utils.register_interface(X509Backend) +class DummyX509Backend(object): + def load_pem_x509_certificate(self, data): + pass + + def load_der_x509_certificate(self, data): + pass + + class TestMultiBackend(object): def test_ciphers(self): backend = MultiBackend([ @@ -522,3 +531,15 @@ class TestMultiBackend(object): backend.load_pem_private_key(b"keydata", None) with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_SERIALIZATION): backend.load_pem_public_key(b"keydata") + + def test_x509_backend(self): + backend = MultiBackend([DummyX509Backend()]) + + backend.load_pem_x509_certificate(b"certdata") + backend.load_der_x509_certificate(b"certdata") + + backend = MultiBackend([]) + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_X509): + backend.load_pem_x509_certificate(b"certdata") + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_X509): + backend.load_der_x509_certificate(b"certdata") -- cgit v1.2.3