Merge pull request #215 from alex/unsupported-cipher

Document and implement the public API for when the backend doesn't suppo...
author: David Reid <dreid@dreid.org> 2013-11-02 23:16:33 -0700
committer: David Reid <dreid@dreid.org> 2013-11-02 23:16:33 -0700
commit: d4e98f8d552843c371600c88e1cdab94678081a9 (patch)
tree: 5699ddce355497cbb6890e9c55013d64e7cfc9d8
parent: 178f6f19a611219f27a0b4e1837134b308de08d2 (diff)
parent: 3949f1171084c2e1cfe43f638857ea0e0f8f246d (diff)
download: cryptography-d4e98f8d552843c371600c88e1cdab94678081a9.tar.gz
cryptography-d4e98f8d552843c371600c88e1cdab94678081a9.tar.bz2
cryptography-d4e98f8d552843c371600c88e1cdab94678081a9.zip
6 files changed, 53 insertions, 3 deletions
diff --git a/cryptography/exceptions.py b/cryptography/exceptions.py
new file mode 100644
index 00000000..391bed82
--- /dev/null
+++ b/cryptography/exceptions.py
@@ -0,0 +1,16 @@
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+
+class UnsupportedAlgorithm(Exception):
+    pass
diff --git a/cryptography/hazmat/bindings/openssl/backend.py b/cryptography/hazmat/bindings/openssl/backend.py
index fc73dd39..32adfed9 100644
--- a/cryptography/hazmat/bindings/openssl/backend.py
+++ b/cryptography/hazmat/bindings/openssl/backend.py
@@ -18,6 +18,7 @@ import sys
 
 import cffi
 
+from cryptography.exceptions import UnsupportedAlgorithm
 from cryptography.hazmat.primitives import interfaces
 from cryptography.hazmat.primitives.block.ciphers import (
     AES, Blowfish, Camellia, CAST5, TripleDES,
@@ -128,9 +129,12 @@ class _CipherContext(object):
         ctx = self._backend.ffi.gc(ctx, self._backend.lib.EVP_CIPHER_CTX_free)
 
         registry = self._backend.ciphers._cipher_registry
-        evp_cipher = registry[type(cipher), type(mode)](
-            self._backend, cipher, mode
-        )
+        try:
+            adapter = registry[type(cipher), type(mode)]
+        except KeyError:
+            raise UnsupportedAlgorithm
+
+        evp_cipher = adapter(self._backend, cipher, mode)
         assert evp_cipher != self._backend.ffi.NULL
         if isinstance(mode, interfaces.ModeWithInitializationVector):
             iv_nonce = mode.initialization_vector
diff --git a/docs/exceptions.rst b/docs/exceptions.rst
new file mode 100644
index 00000000..6ac11b3c
--- /dev/null
+++ b/docs/exceptions.rst
@@ -0,0 +1,9 @@
+Exceptions
+==========
+
+.. currentmodule:: cryptography.exceptions
+
+.. class:: UnsupportedAlgorithm
+
+    This is raised when a backend doesn't support the requested algorithm (or
+    combination of algorithms).
diff --git a/docs/hazmat/primitives/symmetric-encryption.rst b/docs/hazmat/primitives/symmetric-encryption.rst
index b8b1c839..c1c8d247 100644
--- a/docs/hazmat/primitives/symmetric-encryption.rst
+++ b/docs/hazmat/primitives/symmetric-encryption.rst
@@ -42,12 +42,21 @@ where the encrypter and decrypter both use the same key.
             :class:`~cryptography.hazmat.primitives.interfaces.CipherContext`
             provider.
 
+        If the backend doesn't support the requested combination of ``cipher``
+        and ``mode`` an :class:`cryptography.exceptions.UnsupportedAlgorithm`
+        will be raised.
+
     .. method:: decryptor()
 
         :return: A decrypting
             :class:`~cryptography.hazmat.primitives.interfaces.CipherContext`
             provider.
 
+        If the backend doesn't support the requested combination of ``cipher``
+        and ``mode`` an :class:`cryptography.exceptions.UnsupportedAlgorithm`
+        will be raised.
+
+
 .. currentmodule:: cryptography.hazmat.primitives.interfaces
 
 .. class:: CipherContext
diff --git a/docs/index.rst b/docs/index.rst
index 4fd5d3be..eb30b5dd 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -31,6 +31,7 @@ Contents
     :maxdepth: 2
 
     architecture
+    exceptions
     contributing
     security
     community
diff --git a/tests/hazmat/primitives/test_block.py b/tests/hazmat/primitives/test_block.py
index e0ed6697..dd9c54c9 100644
--- a/tests/hazmat/primitives/test_block.py
+++ b/tests/hazmat/primitives/test_block.py
@@ -17,6 +17,7 @@ import binascii
 
 import pytest
 
+from cryptography.exceptions import UnsupportedAlgorithm
 from cryptography.hazmat.primitives import interfaces
 from cryptography.hazmat.primitives.block import BlockCipher, ciphers, modes
 
@@ -84,3 +85,13 @@ class TestBlockCipherContext(object):
         assert len(pt) == 80
         assert pt == b"a" * 80
         decryptor.finalize()
+
+    def test_nonexistant_cipher(self, backend):
+        cipher = BlockCipher(
+            object(), object(), backend
+        )
+        with pytest.raises(UnsupportedAlgorithm):
+            cipher.encryptor()
+
+        with pytest.raises(UnsupportedAlgorithm):
+            cipher.decryptor()
author	David Reid <dreid@dreid.org>	2013-11-02 23:16:33 -0700
committer	David Reid <dreid@dreid.org>	2013-11-02 23:16:33 -0700
commit	d4e98f8d552843c371600c88e1cdab94678081a9 (patch)
tree	5699ddce355497cbb6890e9c55013d64e7cfc9d8
parent	178f6f19a611219f27a0b4e1837134b308de08d2 (diff)
parent	3949f1171084c2e1cfe43f638857ea0e0f8f246d (diff)
download	cryptography-d4e98f8d552843c371600c88e1cdab94678081a9.tar.gz cryptography-d4e98f8d552843c371600c88e1cdab94678081a9.tar.bz2 cryptography-d4e98f8d552843c371600c88e1cdab94678081a9.zip