def test_failedGeneration(self):
"""
L{PKeyType.generate_key} takes two arguments, the first giving the key
type as one of L{TYPE_RSA} or L{TYPE_DSA} and the second giving the
number of bits to generate. If an invalid type is specified or
generation fails, L{Error} is raised. If an invalid number of bits is
specified, L{ValueError} or L{Error} is raised.
"""
key = PKey()
self.assertRaises(TypeError, key.generate_key)
self.assertRaises(TypeError, key.generate_key, 1, 2, 3)
self.assertRaises(TypeError, key.generate_key, "foo", "bar")
self.assertRaises(Error, key.generate_key, -1, 0)
self.assertRaises(ValueError, key.generate_key, TYPE_RSA, -1)
self.assertRaises(ValueError, key.generate_key, TYPE_RSA, 0)
# XXX RSA generation for small values of bits is fairly buggy in a wide
# range of OpenSSL versions. I need to figure out what the safe lower
# bound for a reasonable number of OpenSSL versions is and explicitly
# check for that in the wrapper. The failure behavior is typically an
# infinite loop inside OpenSSL.
# self.assertRaises(Error, key.generate_key, TYPE_RSA, 2)
# XXX DSA generation seems happy with any number of bits. The DSS
# says bits must be between 512 and 1024 inclusive. OpenSSL's DSA
# generator doesn't seem to care about the upper limit at all. For
# the lower limit, it uses 512 if anything smaller is specified.
# So, it doesn't seem possible to make generate_key fail for
# TYPE_DSA with a bits argument which is at least an int.
# self.assertRaises(Error, key.generate_key, TYPE_DSA, -7)
评论列表
文章目录
