Merge pull request #1236 from reaperhulk/fix-1234

add TraditionalOpenSSLSerializationBackend to MultiBackend

2 files changed, 31 insertions, 2 deletions

diff --git a/cryptography/hazmat/backends/multibackend.py b/cryptography/hazmat/backends/multibackend.py
index 6741f045..35e2a093 100644
--- a/cryptography/hazmat/backends/multibackend.py
+++ b/cryptography/hazmat/backends/multibackend.py
@@ -17,7 +17,8 @@ from cryptography import utils
 from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
 from cryptography.hazmat.backends.interfaces import (
     CMACBackend, CipherBackend, DSABackend, EllipticCurveBackend, HMACBackend,
-    HashBackend, PBKDF2HMACBackend, PKCS8SerializationBackend, RSABackend
+    HashBackend, PBKDF2HMACBackend, PKCS8SerializationBackend,
+    RSABackend, TraditionalOpenSSLSerializationBackend
 )
 
 
@@ -28,6 +29,7 @@ from cryptography.hazmat.backends.interfaces import (
 @utils.register_interface(PBKDF2HMACBackend)
 @utils.register_interface(PKCS8SerializationBackend)
 @utils.register_interface(RSABackend)
+@utils.register_interface(TraditionalOpenSSLSerializationBackend)
 @utils.register_interface(DSABackend)
 @utils.register_interface(EllipticCurveBackend)
 class MultiBackend(object):
@@ -312,3 +314,14 @@ class MultiBackend(object):
             "This backend does not support this key serialization.",
             _Reasons.UNSUPPORTED_SERIALIZATION
         )
+
+    def load_traditional_openssl_pem_private_key(self, data, password):
+        for b in self._filtered_backends(
+            TraditionalOpenSSLSerializationBackend
+        ):
+            return b.load_traditional_openssl_pem_private_key(data, password)
+
+        raise UnsupportedAlgorithm(
+            "This backend does not support this key serialization.",
+            _Reasons.UNSUPPORTED_SERIALIZATION
+        )
diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py
index 3be8371f..de5f1fde 100644
--- a/tests/hazmat/backends/test_multibackend.py
+++ b/tests/hazmat/backends/test_multibackend.py
@@ -19,7 +19,8 @@ from cryptography.exceptions import (
 )
 from cryptography.hazmat.backends.interfaces import (
     CMACBackend, CipherBackend, DSABackend, EllipticCurveBackend, HMACBackend,
-    HashBackend, PBKDF2HMACBackend, PKCS8SerializationBackend, RSABackend
+    HashBackend, PBKDF2HMACBackend, PKCS8SerializationBackend, RSABackend,
+    TraditionalOpenSSLSerializationBackend
 )
 from cryptography.hazmat.backends.multibackend import MultiBackend
 from cryptography.hazmat.primitives import cmac, hashes, hmac
@@ -198,6 +199,12 @@ class DummyPKCS8SerializationBackend(object):
         pass
 
 
+@utils.register_interface(TraditionalOpenSSLSerializationBackend)
+class DummyTraditionalOpenSSLSerializationBackend(object):
+    def load_traditional_openssl_pem_private_key(self, data, password):
+        pass
+
+
 class TestMultiBackend(object):
     def test_ciphers(self):
         backend = MultiBackend([
@@ -486,3 +493,12 @@ class TestMultiBackend(object):
         backend = MultiBackend([])
         with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_SERIALIZATION):
             backend.load_pkcs8_pem_private_key(b"keydata", None)
+
+    def test_traditional_openssl_serialization_backend(self):
+        backend = MultiBackend([DummyTraditionalOpenSSLSerializationBackend()])
+
+        backend.load_traditional_openssl_pem_private_key(b"keydata", None)
+
+        backend = MultiBackend([])
+        with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_SERIALIZATION):
+            backend.load_traditional_openssl_pem_private_key(b"keydata", None)