From cc5d1bf129c7e1a41906101fd1cb142b74765303 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Mon, 7 Jul 2014 13:56:48 -0500
Subject: add PKCS8SerializationBackend support to MultiBackend

---
 cryptography/exceptions.py                   |  1 +
 cryptography/hazmat/backends/multibackend.py | 15 ++++++++++++++-
 tests/hazmat/backends/test_multibackend.py   | 17 ++++++++++++++++-
 3 files changed, 31 insertions(+), 2 deletions(-)

diff --git a/cryptography/exceptions.py b/cryptography/exceptions.py
index c64b67f4..3ccfaf51 100644
--- a/cryptography/exceptions.py
+++ b/cryptography/exceptions.py
@@ -22,6 +22,7 @@ class _Reasons(object):
     UNSUPPORTED_MGF = object()
     UNSUPPORTED_PUBLIC_KEY_ALGORITHM = object()
     UNSUPPORTED_ELLIPTIC_CURVE = object()
+    UNSUPPORTED_KEY_FORMAT = object()
 
 
 class UnsupportedAlgorithm(Exception):
diff --git a/cryptography/hazmat/backends/multibackend.py b/cryptography/hazmat/backends/multibackend.py
index 800c3503..c06d2431 100644
--- a/cryptography/hazmat/backends/multibackend.py
+++ b/cryptography/hazmat/backends/multibackend.py
@@ -17,7 +17,7 @@ from cryptography import utils
 from cryptography.exceptions import UnsupportedAlgorithm, _Reasons
 from cryptography.hazmat.backends.interfaces import (
     CMACBackend, CipherBackend, DSABackend, EllipticCurveBackend, HMACBackend,
-    HashBackend, PBKDF2HMACBackend, RSABackend
+    HashBackend, PBKDF2HMACBackend, PKCS8SerializationBackend, RSABackend
 )
 
 
@@ -26,6 +26,7 @@ from cryptography.hazmat.backends.interfaces import (
 @utils.register_interface(HashBackend)
 @utils.register_interface(HMACBackend)
 @utils.register_interface(PBKDF2HMACBackend)
+@utils.register_interface(PKCS8SerializationBackend)
 @utils.register_interface(RSABackend)
 @utils.register_interface(DSABackend)
 @utils.register_interface(EllipticCurveBackend)
@@ -302,3 +303,15 @@ class MultiBackend(object):
             "This backend does not support this elliptic curve.",
             _Reasons.UNSUPPORTED_ELLIPTIC_CURVE
         )
+
+    def load_pkcs8_pem_private_key(self, data, password):
+        for b in self._filtered_backends(PKCS8SerializationBackend):
+            try:
+                return b.load_pkcs8_pem_private_key(data, password)
+            except UnsupportedAlgorithm:
+                continue
+
+        raise UnsupportedAlgorithm(
+            "This backend does not support this key format.",
+            _Reasons.UNSUPPORTED_KEY_FORMAT
+        )
diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py
index a68fe560..19795634 100644
--- a/tests/hazmat/backends/test_multibackend.py
+++ b/tests/hazmat/backends/test_multibackend.py
@@ -19,7 +19,7 @@ from cryptography.exceptions import (
 )
 from cryptography.hazmat.backends.interfaces import (
     CMACBackend, CipherBackend, DSABackend, EllipticCurveBackend, HMACBackend,
-    HashBackend, PBKDF2HMACBackend, RSABackend
+    HashBackend, PBKDF2HMACBackend, PKCS8SerializationBackend, RSABackend
 )
 from cryptography.hazmat.backends.multibackend import MultiBackend
 from cryptography.hazmat.primitives import cmac, hashes, hmac
@@ -192,6 +192,12 @@ class DummyEllipticCurveBackend(object):
             raise UnsupportedAlgorithm(_Reasons.UNSUPPORTED_ELLIPTIC_CURVE)
 
 
+@utils.register_interface(PKCS8SerializationBackend)
+class DummyPKCS8SerializationBackend(object):
+    def load_pkcs8_pem_private_key(self, data, password):
+        pass
+
+
 class TestMultiBackend(object):
     def test_ciphers(self):
         backend = MultiBackend([
@@ -471,3 +477,12 @@ class TestMultiBackend(object):
                     ec.SECT163K1()
                 )
             )
+
+    def test_pkcs8_serialization_backend(self):
+        backend = MultiBackend([DummyPKCS8SerializationBackend()])
+
+        backend.load_pkcs8_pem_private_key(b"keydata", None)
+
+        backend = MultiBackend([])
+        with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_KEY_FORMAT):
+            backend.load_pkcs8_pem_private_key(b"keydata", None)
-- 
cgit v1.2.3


From 965dbbe2301c667b51e310b503bd25cfa5a3bac3 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Mon, 7 Jul 2014 15:15:05 -0500
Subject: change some nomenclature

---
 cryptography/exceptions.py                   | 2 +-
 cryptography/hazmat/backends/multibackend.py | 4 ++--
 tests/hazmat/backends/test_multibackend.py   | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/cryptography/exceptions.py b/cryptography/exceptions.py
index 3ccfaf51..c14763f7 100644
--- a/cryptography/exceptions.py
+++ b/cryptography/exceptions.py
@@ -22,7 +22,7 @@ class _Reasons(object):
     UNSUPPORTED_MGF = object()
     UNSUPPORTED_PUBLIC_KEY_ALGORITHM = object()
     UNSUPPORTED_ELLIPTIC_CURVE = object()
-    UNSUPPORTED_KEY_FORMAT = object()
+    UNSUPPORTED_SERIALIZATION = object()
 
 
 class UnsupportedAlgorithm(Exception):
diff --git a/cryptography/hazmat/backends/multibackend.py b/cryptography/hazmat/backends/multibackend.py
index c06d2431..6182f5cf 100644
--- a/cryptography/hazmat/backends/multibackend.py
+++ b/cryptography/hazmat/backends/multibackend.py
@@ -312,6 +312,6 @@ class MultiBackend(object):
                 continue
 
         raise UnsupportedAlgorithm(
-            "This backend does not support this key format.",
-            _Reasons.UNSUPPORTED_KEY_FORMAT
+            "This backend does not support this key serialization.",
+            _Reasons.UNSUPPORTED_SERIALIZATION
         )
diff --git a/tests/hazmat/backends/test_multibackend.py b/tests/hazmat/backends/test_multibackend.py
index 19795634..3be8371f 100644
--- a/tests/hazmat/backends/test_multibackend.py
+++ b/tests/hazmat/backends/test_multibackend.py
@@ -484,5 +484,5 @@ class TestMultiBackend(object):
         backend.load_pkcs8_pem_private_key(b"keydata", None)
 
         backend = MultiBackend([])
-        with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_KEY_FORMAT):
+        with raises_unsupported_algorithm(_Reasons.UNSUPPORTED_SERIALIZATION):
             backend.load_pkcs8_pem_private_key(b"keydata", None)
-- 
cgit v1.2.3


From 32b1a8e0268ec0585ee71b9d8d6d2413fd978be7 Mon Sep 17 00:00:00 2001
From: Paul Kehrer <paul.l.kehrer@gmail.com>
Date: Mon, 7 Jul 2014 16:23:44 -0500
Subject: remove unneeded try/catch

---
 cryptography/hazmat/backends/multibackend.py | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/cryptography/hazmat/backends/multibackend.py b/cryptography/hazmat/backends/multibackend.py
index 6182f5cf..6741f045 100644
--- a/cryptography/hazmat/backends/multibackend.py
+++ b/cryptography/hazmat/backends/multibackend.py
@@ -306,10 +306,7 @@ class MultiBackend(object):
 
     def load_pkcs8_pem_private_key(self, data, password):
         for b in self._filtered_backends(PKCS8SerializationBackend):
-            try:
-                return b.load_pkcs8_pem_private_key(data, password)
-            except UnsupportedAlgorithm:
-                continue
+            return b.load_pkcs8_pem_private_key(data, password)
 
         raise UnsupportedAlgorithm(
             "This backend does not support this key serialization.",
-- 
cgit v1.2.3