diff options
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | OpenSSL/crypto/pkey.c | 5 | ||||
-rw-r--r-- | OpenSSL/test/test_crypto.py | 14 |
3 files changed, 25 insertions, 0 deletions
@@ -1,3 +1,9 @@ +2011-11-01 Jean-Paul Calderone <exarkun@twistedmatrix.com> + + * OpenSSL/crypto/pkey.c: Raise TypeError when trying to check a + PKey instance which has no private component, instead of crashing. + Based on fix by <lp:~dataway>. + 2011-09-14 Žiga Seilnacht <lp:ziga-seilnacht> * OpenSSL/crypto/crypto.c: Allow exceptions from passphrase diff --git a/OpenSSL/crypto/pkey.c b/OpenSSL/crypto/pkey.c index 27ea4d4..b9472ec 100644 --- a/OpenSSL/crypto/pkey.c +++ b/OpenSSL/crypto/pkey.c @@ -124,6 +124,11 @@ crypto_PKey_check(crypto_PKeyObj *self, PyObject *args) { return NULL; } + if (self->only_public) { + PyErr_SetString(PyExc_TypeError, "public key only"); + return NULL; + } + if (self->pkey->type == EVP_PKEY_RSA) { RSA *rsa; rsa = EVP_PKEY_get1_RSA(self->pkey); diff --git a/OpenSSL/test/test_crypto.py b/OpenSSL/test/test_crypto.py index e0d7b27..62b9429 100644 --- a/OpenSSL/test/test_crypto.py +++ b/OpenSSL/test/test_crypto.py @@ -630,6 +630,20 @@ class PKeyTests(TestCase): self.assertRaises(TypeError, PKey().check, 1) + def test_check_public_key(self): + """ + :py:meth:`PKeyType.check` raises :py:exc:`TypeError` if only the public + part of the key is available. + """ + # A trick to get a public-only key + key = PKey() + key.generate_key(TYPE_RSA, 512) + cert = X509() + cert.set_pubkey(key) + pub = cert.get_pubkey() + self.assertRaises(TypeError, pub.check) + + class X509NameTests(TestCase): """ |