1 files changed, 36 insertions, 41 deletions
diff --git a/tests/hazmat/backends/test_openssl.py b/tests/hazmat/backends/test_openssl.py
index 0b55a485..52bee7b3 100644
--- a/tests/hazmat/backends/test_openssl.py
+++ b/tests/hazmat/backends/test_openssl.py
@@ -21,15 +21,17 @@ from cryptography.hazmat.backends.openssl.backend import (
 from cryptography.hazmat.backends.openssl.ec import _sn_to_elliptic_curve
 from cryptography.hazmat.primitives import hashes, serialization
 from cryptography.hazmat.primitives.asymmetric import dsa, ec, padding
-from cryptography.hazmat.primitives.ciphers import (
-    BlockCipherAlgorithm, Cipher, CipherAlgorithm
-)
+from cryptography.hazmat.primitives.ciphers import Cipher
 from cryptography.hazmat.primitives.ciphers.algorithms import AES
-from cryptography.hazmat.primitives.ciphers.modes import CBC, CTR, Mode
+from cryptography.hazmat.primitives.ciphers.modes import CBC, CTR
 
 from ..primitives.fixtures_dsa import DSA_KEY_2048
 from ..primitives.fixtures_rsa import RSA_KEY_2048, RSA_KEY_512
 from ..primitives.test_ec import _skip_curve_unsupported
+from ...doubles import (
+    DummyAsymmetricPadding, DummyCipherAlgorithm, DummyHashAlgorithm, DummyMode
+)
+from ...test_x509 import _load_cert
 from ...utils import load_vectors_from_file, raises_unsupported_algorithm
 
 
@@ -47,32 +49,6 @@ class TestLibreSkip(object):
             skip_if_libre_ssl(u"LibreSSL 2.1.6")
 
 
-@utils.register_interface(Mode)
-class DummyMode(object):
-    name = "dummy-mode"
-
-    def validate_for_algorithm(self, algorithm):
-        pass
-
-
-@utils.register_interface(CipherAlgorithm)
-class DummyCipher(object):
-    name = "dummy-cipher"
-    key_size = None
-
-
-@utils.register_interface(padding.AsymmetricPadding)
-class DummyPadding(object):
-    name = "dummy-cipher"
-
-
-@utils.register_interface(hashes.HashAlgorithm)
-class DummyHash(object):
-    name = "dummy-hash"
-    block_size = None
-    digest_size = None
-
-
 class DummyMGF(object):
     _salt_length = 0
 
@@ -111,12 +87,12 @@ class TestOpenSSL(object):
     def test_nonexistent_cipher(self, mode):
         b = Backend()
         b.register_cipher_adapter(
-            DummyCipher,
+            DummyCipherAlgorithm,
             type(mode),
             lambda backend, cipher, mode: backend._ffi.NULL
         )
         cipher = Cipher(
-            DummyCipher(), mode, backend=b,
+            DummyCipherAlgorithm(), mode, backend=b,
         )
         with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_CIPHER):
             cipher.encryptor()
@@ -268,7 +244,8 @@ class TestOpenSSLRandomEngine(object):
             subprocess.check_call(
                 [sys.executable, "-c", engine_printer],
                 env=env,
-                stdout=out
+                stdout=out,
+                stderr=subprocess.PIPE,
             )
 
         osrandom_engine_name = backend._ffi.string(
@@ -382,11 +359,11 @@ class TestOpenSSLRSA(object):
 
     def test_rsa_padding_unsupported_pss_mgf1_hash(self):
         assert backend.rsa_padding_supported(
-            padding.PSS(mgf=padding.MGF1(DummyHash()), salt_length=0)
+            padding.PSS(mgf=padding.MGF1(DummyHashAlgorithm()), salt_length=0)
         ) is False
 
     def test_rsa_padding_unsupported(self):
-        assert backend.rsa_padding_supported(DummyPadding()) is False
+        assert backend.rsa_padding_supported(DummyAsymmetricPadding()) is False
 
     def test_rsa_padding_supported_pkcs1v15(self):
         assert backend.rsa_padding_supported(padding.PKCS1v15()) is True
@@ -461,12 +438,8 @@ class TestOpenSSLRSA(object):
 )
 class TestOpenSSLCMAC(object):
     def test_unsupported_cipher(self):
-        @utils.register_interface(BlockCipherAlgorithm)
-        class FakeAlgorithm(object):
-            block_size = 64
-
         with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_CIPHER):
-            backend.create_cmac_ctx(FakeAlgorithm())
+            backend.create_cmac_ctx(DummyCipherAlgorithm())
 
 
 class TestOpenSSLCreateX509CSR(object):
@@ -497,7 +470,9 @@ class TestOpenSSLSignX509Certificate(object):
         private_key = RSA_KEY_2048.private_key(backend)
 
         with pytest.raises(TypeError):
-            backend.create_x509_certificate(object(), private_key, DummyHash())
+            backend.create_x509_certificate(
+                object(), private_key, DummyHashAlgorithm()
+            )
 
     @pytest.mark.skipif(
         backend._lib.OPENSSL_VERSION_NUMBER >= 0x10001000,
@@ -682,3 +657,23 @@ class TestRSAPEMSerialization(object):
                 serialization.PrivateFormat.PKCS8,
                 serialization.BestAvailableEncryption(password)
             )
+
+
+class TestGOSTCertificate(object):
+    @pytest.mark.skipif(
+        backend._lib.OPENSSL_VERSION_NUMBER < 0x1000000f,
+        reason="Requires a newer OpenSSL. Must be >= 1.0.0"
+    )
+    def test_numeric_string_x509_name_entry(self):
+        cert = _load_cert(
+            os.path.join("x509", "e-trust.ru.der"),
+            x509.load_der_x509_certificate,
+            backend
+        )
+        with pytest.raises(ValueError) as exc:
+            cert.subject
+
+        # We assert on the message in this case because if the certificate
+        # fails to load it will also raise a ValueError and this test could
+        # erroneously pass.
+        assert str(exc.value) == "Unsupported ASN1 string type. Type: 18"