diff options
-rw-r--r-- | src/OpenSSL/crypto.py | 6 | ||||
-rw-r--r-- | tests/test_crypto.py | 14 |
2 files changed, 20 insertions, 0 deletions
diff --git a/src/OpenSSL/crypto.py b/src/OpenSSL/crypto.py index ef2dcdf..5803ae9 100644 --- a/src/OpenSSL/crypto.py +++ b/src/OpenSSL/crypto.py @@ -1837,6 +1837,9 @@ def dump_privatekey(type, pkey, cipher=None, passphrase=None): """ bio = _new_mem_buf() + if not isinstance(pkey, PKey): + raise TypeError("pkey must be a PKey") + if cipher is not None: if passphrase is None: raise TypeError( @@ -1857,6 +1860,9 @@ def dump_privatekey(type, pkey, cipher=None, passphrase=None): elif type == FILETYPE_ASN1: result_code = _lib.i2d_PrivateKey_bio(bio, pkey._pkey) elif type == FILETYPE_TEXT: + if _lib.EVP_PKEY_id(pkey._pkey) != _lib.EVP_PKEY_RSA: + raise TypeError("Only RSA keys are supported for FILETYPE_TEXT") + rsa = _ffi.gc( _lib.EVP_PKEY_get1_RSA(pkey._pkey), _lib.RSA_free diff --git a/tests/test_crypto.py b/tests/test_crypto.py index 4197f11..916186b 100644 --- a/tests/test_crypto.py +++ b/tests/test_crypto.py @@ -2631,6 +2631,20 @@ class TestFunction(object): with pytest.raises(TypeError): dump_privatekey(FILETYPE_PEM, key, cipher=GOOD_CIPHER) + def test_dump_privatekey_not_rsa_key(self): + """ + `dump_privatekey` raises `TypeError` if called with a key that is + not RSA. + """ + key = PKey() + key.generate_key(TYPE_DSA, 512) + with pytest.raises(TypeError): + dump_privatekey(FILETYPE_TEXT, key) + + def test_dump_privatekey_invalid_pkey(self): + with pytest.raises(TypeError): + dump_privatekey(FILETYPE_TEXT, object()) + def test_dump_privatekey_unknown_cipher(self): """ `dump_privatekey` raises `ValueError` if called with an unrecognized |