From 301e29a8c0c1346086ac92653c88c53d9949a7d1 Mon Sep 17 00:00:00 2001 From: David Benjamin Date: Fri, 12 Aug 2022 18:04:15 -0400 Subject: Don't test that invalid RSA keys can be imported (#1139) * Don't test that invalid RSA keys can be imported test_check_pr_897 asserts that an invalid key is correctly detected as invalid. However, in doing so, it also asserts that the invalid key is considered *valid* at parse time. Ideally, the underlying cryptography library would just call RSA_check_key during parsing, but it would then fail this test. Make the test more tolerant by allow either parsing or checking to throw an error. * Review comments, and also update the other test --- tests/test_crypto.py | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/tests/test_crypto.py b/tests/test_crypto.py index 8ad4d68..e7b13fc 100644 --- a/tests/test_crypto.py +++ b/tests/test_crypto.py @@ -1206,10 +1206,11 @@ class TestPKey: def test_inconsistent_key(self): """ - `PKey.check` returns `Error` if the key is not consistent. + Either `load_privatekey` or `PKey.check` returns `Error` if the key is + not consistent. """ - key = load_privatekey(FILETYPE_PEM, inconsistentPrivateKeyPEM) with pytest.raises(Error): + key = load_privatekey(FILETYPE_PEM, inconsistentPrivateKeyPEM) key.check() def test_check_public_key(self): @@ -1228,10 +1229,11 @@ class TestPKey: def test_check_pr_897(self): """ - `PKey.check` raises `OpenSSL.crypto.Error` if provided with broken key + Either `load_privatekey` or `PKey.check` raises `OpenSSL.crypto.Error` + if provided with broken key """ - pkey = load_privatekey(FILETYPE_PEM, rsa_p_not_prime_pem) with pytest.raises(Error): + pkey = load_privatekey(FILETYPE_PEM, rsa_p_not_prime_pem) pkey.check() -- cgit v1.2.1