diff options
| author | Alex Gaynor <alex.gaynor@gmail.com> | 2014-10-15 10:07:36 -0700 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2014-10-15 10:07:36 -0700 |
| commit | 1e77fa07b28b71aee203d62b9a3fd1afe74bfd13 (patch) | |
| tree | bc082bccb0615b685243206d7e5d4c1d4ad27e87 /cryptography | |
| parent | b38ae0a5e3117eaa5c73e0bd1a34e5a5981b162b (diff) | |
| download | cryptography-1e77fa07b28b71aee203d62b9a3fd1afe74bfd13.tar.gz cryptography-1e77fa07b28b71aee203d62b9a3fd1afe74bfd13.tar.bz2 cryptography-1e77fa07b28b71aee203d62b9a3fd1afe74bfd13.zip | |
Handle PKCS12 decrypt failures with OpenSSL 1.0.1j
Don't know why this changed, but it did.
Diffstat (limited to 'cryptography')
| -rw-r--r-- | cryptography/hazmat/backends/openssl/backend.py | 15 | ||||
| -rw-r--r-- | cryptography/hazmat/bindings/openssl/err.py | 6 |
2 files changed, 17 insertions, 4 deletions
diff --git a/cryptography/hazmat/backends/openssl/backend.py b/cryptography/hazmat/backends/openssl/backend.py index a449a55e..6fad6fc7 100644 --- a/cryptography/hazmat/backends/openssl/backend.py +++ b/cryptography/hazmat/backends/openssl/backend.py @@ -742,10 +742,17 @@ class Backend(object): if not errors: raise ValueError("Could not unserialize key data.") - elif errors[0][1:] == ( - self._lib.ERR_LIB_EVP, - self._lib.EVP_F_EVP_DECRYPTFINAL_EX, - self._lib.EVP_R_BAD_DECRYPT + elif errors[0][1:] in ( + ( + self._lib.ERR_LIB_EVP, + self._lib.EVP_F_EVP_DECRYPTFINAL_EX, + self._lib.EVP_R_BAD_DECRYPT + ), + ( + self._lib.ERR_LIB_PKCS12, + self._lib.PKCS12_F_PKCS12_PBE_CRYPT, + self._lib.PKCS12_R_PKCS12_CIPHERFINAL_ERROR, + ) ): raise ValueError("Bad decrypt. Incorrect password?") diff --git a/cryptography/hazmat/bindings/openssl/err.py b/cryptography/hazmat/bindings/openssl/err.py index 232060a2..431cc057 100644 --- a/cryptography/hazmat/bindings/openssl/err.py +++ b/cryptography/hazmat/bindings/openssl/err.py @@ -34,6 +34,7 @@ static const int ERR_LIB_EC; static const int ERR_LIB_PEM; static const int ERR_LIB_ASN1; static const int ERR_LIB_RSA; +static const int ERR_LIB_PKCS12; static const int ASN1_F_ASN1_ENUMERATED_TO_BN; static const int ASN1_F_ASN1_EX_C2I; @@ -76,6 +77,7 @@ static const int ASN1_F_OID_MODULE_INIT; static const int ASN1_F_PARSE_TAGGING; static const int ASN1_F_PKCS5_PBE_SET; static const int ASN1_F_X509_CINF_NEW; + static const int ASN1_R_BOOLEAN_IS_WRONG_LENGTH; static const int ASN1_R_BUFFER_TOO_SMALL; static const int ASN1_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER; @@ -222,6 +224,10 @@ static const int PEM_R_SHORT_HEADER; static const int PEM_R_UNSUPPORTED_CIPHER; static const int PEM_R_UNSUPPORTED_ENCRYPTION; +static const int PKCS12_F_PKCS12_PBE_CRYPT; + +static const int PKCS12_R_PKCS12_CIPHERFINAL_ERROR; + static const int RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE; static const int RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY; static const int RSA_R_BLOCK_TYPE_IS_NOT_01; |