diff options
author | David Benjamin <davidben@google.com> | 2022-08-12 18:04:15 -0400 |
---|---|---|
committer | GitHub <noreply@github.com> | 2022-08-12 18:04:15 -0400 |
commit | 301e29a8c0c1346086ac92653c88c53d9949a7d1 (patch) | |
tree | 16f78a0a57cfd863b86c9faa258786a83a589998 /tests | |
parent | 38f9b4e524ac6479d57021bba2270df84d85b672 (diff) | |
download | pyopenssl-301e29a8c0c1346086ac92653c88c53d9949a7d1.tar.gz |
Don't test that invalid RSA keys can be imported (#1139)
* Don't test that invalid RSA keys can be imported
test_check_pr_897 asserts that an invalid key is correctly detected as
invalid. However, in doing so, it also asserts that the invalid key is
considered *valid* at parse time.
Ideally, the underlying cryptography library would just call
RSA_check_key during parsing, but it would then fail this test. Make the
test more tolerant by allow either parsing or checking to throw an
error.
* Review comments, and also update the other test
Diffstat (limited to 'tests')
-rw-r--r-- | tests/test_crypto.py | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/tests/test_crypto.py b/tests/test_crypto.py index 8ad4d68..e7b13fc 100644 --- a/tests/test_crypto.py +++ b/tests/test_crypto.py @@ -1206,10 +1206,11 @@ class TestPKey: def test_inconsistent_key(self): """ - `PKey.check` returns `Error` if the key is not consistent. + Either `load_privatekey` or `PKey.check` returns `Error` if the key is + not consistent. """ - key = load_privatekey(FILETYPE_PEM, inconsistentPrivateKeyPEM) with pytest.raises(Error): + key = load_privatekey(FILETYPE_PEM, inconsistentPrivateKeyPEM) key.check() def test_check_public_key(self): @@ -1228,10 +1229,11 @@ class TestPKey: def test_check_pr_897(self): """ - `PKey.check` raises `OpenSSL.crypto.Error` if provided with broken key + Either `load_privatekey` or `PKey.check` raises `OpenSSL.crypto.Error` + if provided with broken key """ - pkey = load_privatekey(FILETYPE_PEM, rsa_p_not_prime_pem) with pytest.raises(Error): + pkey = load_privatekey(FILETYPE_PEM, rsa_p_not_prime_pem) pkey.check() |