From 96605fcd47ab4e20829a555ed5450cf99263d431 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sat, 10 Oct 2015 09:03:07 -0400 Subject: Fixed #2404 -- handle a certificate with an unknown public key --- src/cryptography/hazmat/backends/openssl/x509.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'src') diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py index 80f32e29..eefcb20f 100644 --- a/src/cryptography/hazmat/backends/openssl/x509.py +++ b/src/cryptography/hazmat/backends/openssl/x509.py @@ -260,7 +260,9 @@ class _Certificate(object): def public_key(self): pkey = self._backend._lib.X509_get_pubkey(self._x509) - self._backend.openssl_assert(pkey != self._backend._ffi.NULL) + if pkey == self._backend._ffi.NULL: + raise ValueError("Certificate public key is of an unkonwn type") + pkey = self._backend._ffi.gc(pkey, self._backend._lib.EVP_PKEY_free) return self._backend._evp_pkey_to_public_key(pkey) -- cgit v1.2.3 From 8453d642da4aed6f3f151536539614db1dc743e3 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sat, 10 Oct 2015 10:07:34 -0400 Subject: handle errors --- src/cryptography/hazmat/backends/openssl/x509.py | 2 ++ 1 file changed, 2 insertions(+) (limited to 'src') diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py index eefcb20f..93aea27a 100644 --- a/src/cryptography/hazmat/backends/openssl/x509.py +++ b/src/cryptography/hazmat/backends/openssl/x509.py @@ -261,6 +261,8 @@ class _Certificate(object): def public_key(self): pkey = self._backend._lib.X509_get_pubkey(self._x509) if pkey == self._backend._ffi.NULL: + # Remove errors from the stack. + self._backend._consume_errors() raise ValueError("Certificate public key is of an unkonwn type") pkey = self._backend._ffi.gc(pkey, self._backend._lib.EVP_PKEY_free) -- cgit v1.2.3 From 79bee4ac1bed42e8df47dcaa11c83e1a55bd0b6f Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Sun, 11 Oct 2015 02:27:31 -0400 Subject: typo --- src/cryptography/hazmat/backends/openssl/x509.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src') diff --git a/src/cryptography/hazmat/backends/openssl/x509.py b/src/cryptography/hazmat/backends/openssl/x509.py index 93aea27a..cfde4a73 100644 --- a/src/cryptography/hazmat/backends/openssl/x509.py +++ b/src/cryptography/hazmat/backends/openssl/x509.py @@ -263,7 +263,7 @@ class _Certificate(object): if pkey == self._backend._ffi.NULL: # Remove errors from the stack. self._backend._consume_errors() - raise ValueError("Certificate public key is of an unkonwn type") + raise ValueError("Certificate public key is of an unknown type") pkey = self._backend._ffi.gc(pkey, self._backend._lib.EVP_PKEY_free) -- cgit v1.2.3