From ab973321f6012626e63420603c34e2975f42f237 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Fri, 11 Mar 2016 23:40:12 -0400
Subject: raise type error rather than internalerror w/ unsupported asn1 in
 subject

---
 src/cryptography/hazmat/backends/openssl/decode_asn1.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/cryptography/hazmat/backends/openssl/decode_asn1.py b/src/cryptography/hazmat/backends/openssl/decode_asn1.py
index 140d3de4..67586c22 100644
--- a/src/cryptography/hazmat/backends/openssl/decode_asn1.py
+++ b/src/cryptography/hazmat/backends/openssl/decode_asn1.py
@@ -709,7 +709,11 @@ def _asn1_string_to_ascii(backend, asn1_string):
 def _asn1_string_to_utf8(backend, asn1_string):
     buf = backend._ffi.new("unsigned char **")
     res = backend._lib.ASN1_STRING_to_UTF8(buf, asn1_string)
-    backend.openssl_assert(res >= 0)
+    if res == -1:
+        raise TypeError(
+            "Unsupported ASN1 string type. Type: {0}".format(asn1_string.type)
+        )
+
     backend.openssl_assert(buf[0] != backend._ffi.NULL)
     buf = backend._ffi.gc(
         buf, lambda buffer: backend._lib.OPENSSL_free(buffer[0])
-- 
cgit v1.2.3


From 83457cf270fef19446d7bead3b0eb86f6d04c4f5 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Sat, 12 Mar 2016 12:44:24 -0400
Subject: move NUMERICSTRING certificate test to test_openssl & make it more
 specific

---
 src/cryptography/hazmat/backends/openssl/decode_asn1.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/cryptography/hazmat/backends/openssl/decode_asn1.py b/src/cryptography/hazmat/backends/openssl/decode_asn1.py
index 67586c22..26f56d12 100644
--- a/src/cryptography/hazmat/backends/openssl/decode_asn1.py
+++ b/src/cryptography/hazmat/backends/openssl/decode_asn1.py
@@ -710,7 +710,7 @@ def _asn1_string_to_utf8(backend, asn1_string):
     buf = backend._ffi.new("unsigned char **")
     res = backend._lib.ASN1_STRING_to_UTF8(buf, asn1_string)
     if res == -1:
-        raise TypeError(
+        raise ValueError(
             "Unsupported ASN1 string type. Type: {0}".format(asn1_string.type)
         )
 
-- 
cgit v1.2.3