diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2013-11-03 11:29:15 -0800 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2013-11-03 11:29:15 -0800 |
| commit | 0857c3f03e2784cac9e2a35f5579e9c4c8dc824a (patch) | |
| tree | 0c35ab424fabdefe73bad4fea70edddc7fea1509 | |
| parent | d4e98f8d552843c371600c88e1cdab94678081a9 (diff) | |
| download | cryptography-0857c3f03e2784cac9e2a35f5579e9c4c8dc824a.tar.gz cryptography-0857c3f03e2784cac9e2a35f5579e9c4c8dc824a.tar.bz2 cryptography-0857c3f03e2784cac9e2a35f5579e9c4c8dc824a.zip | |
Replaced an assertion in the OpenSSL backend with a proper exception
| -rw-r--r-- | cryptography/hazmat/bindings/openssl/backend.py | 4 | ||||
| -rw-r--r-- | tests/hazmat/bindings/test_openssl.py | 22 |
2 files changed, 22 insertions, 4 deletions
diff --git a/cryptography/hazmat/bindings/openssl/backend.py b/cryptography/hazmat/bindings/openssl/backend.py index 32adfed9..b610caa2 100644 --- a/cryptography/hazmat/bindings/openssl/backend.py +++ b/cryptography/hazmat/bindings/openssl/backend.py @@ -135,7 +135,9 @@ class _CipherContext(object): raise UnsupportedAlgorithm evp_cipher = adapter(self._backend, cipher, mode) - assert evp_cipher != self._backend.ffi.NULL + if evp_cipher == self._backend.ffi.NULL: + raise UnsupportedAlgorithm + if isinstance(mode, interfaces.ModeWithInitializationVector): iv_nonce = mode.initialization_vector elif isinstance(mode, interfaces.ModeWithNonce): diff --git a/tests/hazmat/bindings/test_openssl.py b/tests/hazmat/bindings/test_openssl.py index 9ce882e4..fcd54ddd 100644 --- a/tests/hazmat/bindings/test_openssl.py +++ b/tests/hazmat/bindings/test_openssl.py @@ -11,11 +11,15 @@ # See the License for the specific language governing permissions and # limitations under the License. +import binascii + import pytest -from cryptography.hazmat.bindings.openssl.backend import backend -from cryptography.hazmat.primitives.block.ciphers import AES -from cryptography.hazmat.primitives.block.modes import CBC +from cryptography.exceptions import UnsupportedAlgorithm +from cryptography.hazmat.bindings.openssl.backend import backend, Backend +from cryptography.hazmat.primitives.block import BlockCipher +from cryptography.hazmat.primitives.block.ciphers import AES, TripleDES +from cryptography.hazmat.primitives.block.modes import CBC, ECB class TestOpenSSL(object): @@ -39,3 +43,15 @@ class TestOpenSSL(object): def test_register_duplicate_cipher_adapter(self): with pytest.raises(ValueError): backend.ciphers.register_cipher_adapter(AES, CBC, None) + + def test_nonexistant_cipher(self): + b = Backend() + # TODO: this test assumes that 3DES-ECB doesn't exist + b.ciphers.register_cipher_adapter( + TripleDES, ECB, lambda backend, cipher, mode: backend.ffi.NULL + ) + cipher = BlockCipher( + TripleDES(binascii.unhexlify(b"0" * 16)), ECB(), backend=b + ) + with pytest.raises(UnsupportedAlgorithm): + cipher.encryptor() |