~stepankk/pyopenssl/bug-845445

« back to all changes in this revision

Viewing changes to leakcheck/crypto.py

Fix exception propagation and some error handling related to the privatekey passphrase callback.

Show diffs side-by-side

added added

removed removed

Lines of Context:
3
3
 
4
4
import sys
5
5
 
6
 
from OpenSSL.crypto import TYPE_DSA, Error, PKey, X509
7
 
 
8
 
class Checker_X509_get_pubkey(object):
9
 
    """
10
 
    Leak checks for L{X509.get_pubkey}.
11
 
    """
 
6
from OpenSSL.crypto import (
 
7
    FILETYPE_PEM, TYPE_DSA, Error, PKey, X509, load_privatekey)
 
8
 
 
9
 
 
10
 
 
11
class BaseChecker(object):
12
12
    def __init__(self, iterations):
13
13
        self.iterations = iterations
14
14
 
15
15
 
 
16
 
 
17
class Checker_X509_get_pubkey(BaseChecker):
 
18
    """
 
19
    Leak checks for L{X509.get_pubkey}.
 
20
    """
16
21
    def check_exception(self):
17
22
        """
18
23
        Call the method repeatedly such that it will raise an exception.
40
45
                    cert.get_pubkey()
41
46
 
42
47
 
 
48
 
 
49
class Checker_load_privatekey(BaseChecker):
 
50
    """
 
51
    Leak checks for :py:obj:`load_privatekey`.
 
52
    """
 
53
    ENCRYPTED_PEM = """\
 
54
-----BEGIN RSA PRIVATE KEY-----
 
55
Proc-Type: 4,ENCRYPTED
 
56
DEK-Info: BF-CBC,3763C340F9B5A1D0
 
57
 
 
58
a/DO10mLjHLCAOG8/Hc5Lbuh3pfjvcTZiCexShP+tupkp0VxW2YbZjML8uoXrpA6
 
59
fSPUo7cEC+r96GjV03ZIVhjmsxxesdWMpfkzXRpG8rUbWEW2KcCJWdSX8bEkuNW3
 
60
uvAXdXZwiOrm56ANDo/48gj27GcLwnlA8ld39+ylAzkUJ1tcMVzzTjfcyd6BMFpR
 
61
Yjg23ikseug6iWEsZQormdl0ITdYzmFpM+YYsG7kmmmi4UjCEYfb9zFaqJn+WZT2
 
62
qXxmo2ZPFzmEVkuB46mf5GCqMwLRN2QTbIZX2+Dljj1Hfo5erf5jROewE/yzcTwO
 
63
FCB5K3c2kkTv2KjcCAimjxkE+SBKfHg35W0wB0AWkXpVFO5W/TbHg4tqtkpt/KMn
 
64
/MPnSxvYr/vEqYMfW4Y83c45iqK0Cyr2pwY60lcn8Kk=
 
65
-----END RSA PRIVATE KEY-----
 
66
"""
 
67
    def check_load_privatekey_callback(self):
 
68
        """
 
69
        Call the function with an encrypted PEM and a passphrase callback.
 
70
        """
 
71
        for i in xrange(self.iterations * 10):
 
72
            load_privatekey(
 
73
                FILETYPE_PEM, self.ENCRYPTED_PEM, lambda *args: "hello, secret")
 
74
 
 
75
 
 
76
    def check_load_privatekey_callback_incorrect(self):
 
77
        """
 
78
        Call the function with an encrypted PEM and a passphrase callback which
 
79
        returns the wrong passphrase.
 
80
        """
 
81
        for i in xrange(self.iterations * 10):
 
82
            try:
 
83
                load_privatekey(
 
84
                    FILETYPE_PEM, self.ENCRYPTED_PEM,
 
85
                    lambda *args: "hello, public")
 
86
            except Error:
 
87
                pass
 
88
 
 
89
 
 
90
    def check_load_privatekey_callback_wrong_type(self):
 
91
        """
 
92
        Call the function with an encrypted PEM and a passphrase callback which
 
93
        returns a non-string.
 
94
        """
 
95
        for i in xrange(self.iterations * 10):
 
96
            try:
 
97
                load_privatekey(
 
98
                    FILETYPE_PEM, self.ENCRYPTED_PEM,
 
99
                    lambda *args: {})
 
100
            except ValueError:
 
101
                pass
 
102
 
 
103
 
43
104
def vmsize():
44
105
    return [x for x in file('/proc/self/status').readlines() if 'VmSize' in x]
45
106