diff options
author | Mrmaxmeier <Mrmaxmeier@gmail.com> | 2020-03-11 22:03:59 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2020-03-11 17:03:59 -0400 |
commit | 8cd3b17ec79ec2049eb9d8d6d162b417012144a2 (patch) | |
tree | b5ced288278925cb0177f7acf4d81ca847e174c6 /tests | |
parent | 675534c18ab60517985fdee424837986e58ab260 (diff) | |
download | pyopenssl-8cd3b17ec79ec2049eb9d8d6d162b417012144a2.tar.gz |
Fix PKey.check for some broken keys (#897)
* fix PKey.check for some broken keys
RSA_check_key is documented to return 1 for valid keys.
It (currently) returns 0 or -1 for invalid ones.
The previous code accepted invalid keys if RSA_check_key returns -1!
* add test
Diffstat (limited to 'tests')
-rw-r--r-- | tests/test_crypto.py | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/tests/test_crypto.py b/tests/test_crypto.py index b0e8e8b..34a9d6e 100644 --- a/tests/test_crypto.py +++ b/tests/test_crypto.py @@ -561,6 +561,12 @@ e3fJQJwX9+KsHRut6qNZDUbvRbtO1YIAwB4UJZjwAjEAtXCPURS5A4McZHnSwgTi Td8GMrwKz0557OxxtKN6uVVy4ACFMqEw0zN/KJI1vxc9 -----END CERTIFICATE-----""" +rsa_p_not_prime_pem = """ +-----BEGIN RSA PRIVATE KEY----- +MBsCAQACAS0CAQcCAQACAQ8CAQMCAQACAQACAQA= +-----END RSA PRIVATE KEY----- +""" + @pytest.fixture def x509_data(): @@ -966,6 +972,14 @@ class TestPKey(object): with pytest.raises(TypeError): pub.check() + def test_check_pr_897(self): + """ + `PKey.check` raises `OpenSSL.crypto.Error` if provided with broken key + """ + pkey = load_privatekey(FILETYPE_PEM, rsa_p_not_prime_pem) + with pytest.raises(Error): + pkey.check() + def x509_name(**attrs): """ |