Merge branch 'master' into reorder_libs

2 files changed, 54 insertions, 3 deletions

diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py
index 3be8371f..168ed688 100644
--- a/tests/hazmat/backends/test_multibackend.py
+++ b/tests/hazmat/backends/test_multibackend.py
@@ -19,7 +19,8 @@ from cryptography.exceptions import (
 )
 from cryptography.hazmat.backends.interfaces import (
     CMACBackend, CipherBackend, DSABackend, EllipticCurveBackend, HMACBackend,
-    HashBackend, PBKDF2HMACBackend, PKCS8SerializationBackend, RSABackend
+    HashBackend, PBKDF2HMACBackend, PKCS8SerializationBackend, RSABackend,
+    TraditionalOpenSSLSerializationBackend
 )
 from cryptography.hazmat.backends.multibackend import MultiBackend
 from cryptography.hazmat.primitives import cmac, hashes, hmac
@@ -143,6 +144,12 @@ class DummyDSABackend(object):
     def dsa_parameters_supported(self, p, q, g):
         pass
 
+    def load_dsa_private_numbers(self, numbers):
+        pass
+
+    def load_dsa_public_numbers(self, numbers):
+        pass
+
 
 @utils.register_interface(CMACBackend)
 class DummyCMACBackend(object):
@@ -198,6 +205,12 @@ class DummyPKCS8SerializationBackend(object):
         pass
 
 
+@utils.register_interface(TraditionalOpenSSLSerializationBackend)
+class DummyTraditionalOpenSSLSerializationBackend(object):
+    def load_traditional_openssl_pem_private_key(self, data, password):
+        pass
+
+
 class TestMultiBackend(object):
     def test_ciphers(self):
         backend = MultiBackend([
@@ -358,6 +371,8 @@ class TestMultiBackend(object):
         backend.create_dsa_signature_ctx("private_key", hashes.SHA1())
         backend.dsa_hash_supported(hashes.SHA1())
         backend.dsa_parameters_supported(1, 2, 3)
+        backend.load_dsa_private_numbers("numbers")
+        backend.load_dsa_public_numbers("numbers")
 
         backend = MultiBackend([])
         with raises_unsupported_algorithm(
@@ -397,6 +412,16 @@ class TestMultiBackend(object):
         ):
             backend.dsa_parameters_supported('p', 'q', 'g')
 
+        with raises_unsupported_algorithm(
+            _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
+        ):
+            backend.load_dsa_private_numbers("numbers")
+
+        with raises_unsupported_algorithm(
+            _Reasons.UNSUPPORTED_PUBLIC_KEY_ALGORITHM
+        ):
+            backend.load_dsa_public_numbers("numbers")
+
     def test_cmac(self):
         backend = MultiBackend([
             DummyCMACBackend([algorithms.AES])
@@ -486,3 +511,12 @@ class TestMultiBackend(object):
         backend = MultiBackend([])
         with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_SERIALIZATION):
             backend.load_pkcs8_pem_private_key(b"keydata", None)
+
+    def test_traditional_openssl_serialization_backend(self):
+        backend = MultiBackend([DummyTraditionalOpenSSLSerializationBackend()])
+
+        backend.load_traditional_openssl_pem_private_key(b"keydata", None)
+
+        backend = MultiBackend([])
+        with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_SERIALIZATION):
+            backend.load_traditional_openssl_pem_private_key(b"keydata", None)
diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py
index 696a0f73..cf70f109 100644
--- a/tests/hazmat/backends/test_openssl.py
+++ b/tests/hazmat/backends/test_openssl.py
@@ -13,6 +13,7 @@
 
 from __future__ import absolute_import, division, print_function
 
+import os
 import subprocess
 import sys
 import textwrap
@@ -33,7 +34,7 @@ from cryptography.hazmat.primitives.ciphers.algorithms import AES
 from cryptography.hazmat.primitives.ciphers.modes import CBC, CTR
 from cryptography.hazmat.primitives.interfaces import BlockCipherAlgorithm
 
-from ...utils import raises_unsupported_algorithm
+from ...utils import load_vectors_from_file, raises_unsupported_algorithm
 
 
 @utils.register_interface(interfaces.Mode)
@@ -464,7 +465,7 @@ class TestOpenSSLCMAC(object):
 
 
 class TestOpenSSLSerialisationWithOpenSSL(object):
-    def test_password_too_long(self):
+    def test_pem_password_cb_buffer_too_small(self):
         ffi_cb, cb = backend._pem_password_cb(b"aa")
         assert cb(None, 1, False, None) == 0
 
@@ -473,6 +474,22 @@ class TestOpenSSLSerialisationWithOpenSSL(object):
         with raises_unsupported_algorithm(None):
             backend._evp_pkey_to_private_key(key)
 
+    def test_very_long_pem_serialization_password(self):
+        password = "x" * 1024
+
+        with pytest.raises(ValueError):
+            load_vectors_from_file(
+                os.path.join(
+                    "asymmetric", "Traditional_OpenSSL_Serialization",
+                    "key1.pem"
+                ),
+                lambda pemfile: (
+                    backend.load_traditional_openssl_pem_private_key(
+                        pemfile.read().encode(), password
+                    )
+                )
+            )
+
 
 class TestOpenSSLNoEllipticCurve(object):
     def test_elliptic_curve_supported(self, monkeypatch):