Fix PKey.check for some broken keys (#897)

* fix PKey.check for some broken keys RSA_check_key is documented to return 1 for valid keys. It (currently) returns 0 or -1 for invalid ones. The previous code accepted invalid keys if RSA_check_key returns -1! * add test
author: Mrmaxmeier <Mrmaxmeier@gmail.com> 2020-03-11 22:03:59 +0100
committer: GitHub <noreply@github.com> 2020-03-11 17:03:59 -0400
commit: 8cd3b17ec79ec2049eb9d8d6d162b417012144a2 (patch)
tree: b5ced288278925cb0177f7acf4d81ca847e174c6 /tests
parent: 675534c18ab60517985fdee424837986e58ab260 (diff)
download: pyopenssl-8cd3b17ec79ec2049eb9d8d6d162b417012144a2.tar.gz
1 files changed, 14 insertions, 0 deletions
diff --git a/tests/test_crypto.py b/tests/test_crypto.py
index b0e8e8b..34a9d6e 100644
--- a/tests/test_crypto.py
+++ b/tests/test_crypto.py
@@ -561,6 +561,12 @@ e3fJQJwX9+KsHRut6qNZDUbvRbtO1YIAwB4UJZjwAjEAtXCPURS5A4McZHnSwgTi
 Td8GMrwKz0557OxxtKN6uVVy4ACFMqEw0zN/KJI1vxc9
 -----END CERTIFICATE-----"""
 
+rsa_p_not_prime_pem = """
+-----BEGIN RSA PRIVATE KEY-----
+MBsCAQACAS0CAQcCAQACAQ8CAQMCAQACAQACAQA=
+-----END RSA PRIVATE KEY-----
+"""
+
 
 @pytest.fixture
 def x509_data():
@@ -966,6 +972,14 @@ class TestPKey(object):
         with pytest.raises(TypeError):
             pub.check()
 
+    def test_check_pr_897(self):
+        """
+        `PKey.check` raises `OpenSSL.crypto.Error` if provided with broken key
+        """
+        pkey = load_privatekey(FILETYPE_PEM, rsa_p_not_prime_pem)
+        with pytest.raises(Error):
+            pkey.check()
+
 
 def x509_name(**attrs):
     """
author	Mrmaxmeier <Mrmaxmeier@gmail.com>	2020-03-11 22:03:59 +0100
committer	GitHub <noreply@github.com>	2020-03-11 17:03:59 -0400
commit	8cd3b17ec79ec2049eb9d8d6d162b417012144a2 (patch)
tree	b5ced288278925cb0177f7acf4d81ca847e174c6 /tests
parent	675534c18ab60517985fdee424837986e58ab260 (diff)
download	pyopenssl-8cd3b17ec79ec2049eb9d8d6d162b417012144a2.tar.gz