From cc5d1bf129c7e1a41906101fd1cb142b74765303 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 7 Jul 2014 13:56:48 -0500 Subject: add PKCS8SerializationBackend support to MultiBackend --- cryptography/exceptions.py | 1 + cryptography/hazmat/backends/multibackend.py | 15 ++++++++++++++- tests/hazmat/backends/test_multibackend.py | 17 ++++++++++++++++- 3 files changed, 31 insertions(+), 2 deletions(-) diff --git a/cryptography/exceptions.py b/cryptography/exceptions.py index c64b67f4..3ccfaf51 100644 --- a/cryptography/exceptions.py +++ b/cryptography/exceptions.py @@ -22,6 +22,7 @@ class _Reasons(object): UNSUPPORTED_MGF = object() UNSUPPORTED_PUBLIC_KEY_ALGORITHM = object() UNSUPPORTED_ELLIPTIC_CURVE = object() + UNSUPPORTED_KEY_FORMAT = object() class UnsupportedAlgorithm(Exception): diff --git a/cryptography/hazmat/backends/multibackend.py b/cryptography/hazmat/backends/multibackend.py index 800c3503..c06d2431 100644 --- a/cryptography/hazmat/backends/multibackend.py +++ b/cryptography/hazmat/backends/multibackend.py @@ -17,7 +17,7 @@ from cryptography import utils from cryptography.exceptions import UnsupportedAlgorithm, _Reasons from cryptography.hazmat.backends.interfaces import ( CMACBackend, CipherBackend, DSABackend, EllipticCurveBackend, HMACBackend, - HashBackend, PBKDF2HMACBackend, RSABackend + HashBackend, PBKDF2HMACBackend, PKCS8SerializationBackend, RSABackend ) @@ -26,6 +26,7 @@ from cryptography.hazmat.backends.interfaces import ( @utils.register_interface(HashBackend) @utils.register_interface(HMACBackend) @utils.register_interface(PBKDF2HMACBackend) +@utils.register_interface(PKCS8SerializationBackend) @utils.register_interface(RSABackend) @utils.register_interface(DSABackend) @utils.register_interface(EllipticCurveBackend) @@ -302,3 +303,15 @@ class MultiBackend(object): "This backend does not support this elliptic curve.", _Reasons.UNSUPPORTED_ELLIPTIC_CURVE ) + + def load_pkcs8_pem_private_key(self, data, password): + for b in self._filtered_backends(PKCS8SerializationBackend): + try: + return b.load_pkcs8_pem_private_key(data, password) + except UnsupportedAlgorithm: + continue + + raise UnsupportedAlgorithm( + "This backend does not support this key format.", + _Reasons.UNSUPPORTED_KEY_FORMAT + ) diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py index a68fe560..19795634 100644 --- a/tests/hazmat/backends/test_multibackend.py +++ b/tests/hazmat/backends/test_multibackend.py @@ -19,7 +19,7 @@ from cryptography.exceptions import ( ) from cryptography.hazmat.backends.interfaces import ( CMACBackend, CipherBackend, DSABackend, EllipticCurveBackend, HMACBackend, - HashBackend, PBKDF2HMACBackend, RSABackend + HashBackend, PBKDF2HMACBackend, PKCS8SerializationBackend, RSABackend ) from cryptography.hazmat.backends.multibackend import MultiBackend from cryptography.hazmat.primitives import cmac, hashes, hmac @@ -192,6 +192,12 @@ class DummyEllipticCurveBackend(object): raise UnsupportedAlgorithm(_Reasons.UNSUPPORTED_ELLIPTIC_CURVE) +@utils.register_interface(PKCS8SerializationBackend) +class DummyPKCS8SerializationBackend(object): + def load_pkcs8_pem_private_key(self, data, password): + pass + + class TestMultiBackend(object): def test_ciphers(self): backend = MultiBackend([ @@ -471,3 +477,12 @@ class TestMultiBackend(object): ec.SECT163K1() ) ) + + def test_pkcs8_serialization_backend(self): + backend = MultiBackend([DummyPKCS8SerializationBackend()]) + + backend.load_pkcs8_pem_private_key(b"keydata", None) + + backend = MultiBackend([]) + with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_KEY_FORMAT): + backend.load_pkcs8_pem_private_key(b"keydata", None) -- cgit v1.2.3