[tor-commits] [bridgedb/master] Catch gimp CAPTCHA challenge decryption ValueErrors.

[isis at torproject.org]

commit a033b057422772ab01e88e9fae3a04ce554d5e06
Author: Isis Lovecruft <isis at torproject.org>
Date:   Tue Apr 8 15:18:35 2014 +0000

    Catch gimp CAPTCHA challenge decryption ValueErrors.
    
      * ADD unittest will raise a ValueError during decryption with the
        previous commit's code.
    
      * ADD exception handling to `captcha.GimpCaptcha.check()` to cover
        this case.
---
 lib/bridgedb/captcha.py           |   10 +++++++---
 lib/bridgedb/test/test_captcha.py |   10 ++++++++++
 2 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/lib/bridgedb/captcha.py b/lib/bridgedb/captcha.py
index 6ca7629..8f56552 100644
--- a/lib/bridgedb/captcha.py
+++ b/lib/bridgedb/captcha.py
@@ -203,9 +203,13 @@ class GimpCaptcha(Captcha):
             return False
         finally:
             if validHMAC:
-                decrypted = secretKey.decrypt(original)
-                if solution.lower() == decrypted.lower():
-                    return True
+                try:
+                    decrypted = secretKey.decrypt(original)
+                except Exception as error:
+                    logging.warn(error.message)
+                else:
+                    if solution.lower() == decrypted.lower():
+                        return True
             return False
 
     def createChallenge(self, answer):
diff --git a/lib/bridgedb/test/test_captcha.py b/lib/bridgedb/test/test_captcha.py
index 9cc5a89..7a6f2c4 100644
--- a/lib/bridgedb/test/test_captcha.py
+++ b/lib/bridgedb/test/test_captcha.py
@@ -321,3 +321,13 @@ class GimpCaptchaTests(unittest.TestCase):
         self.assertEquals(
             c.check(challenge, c.answer, c.secretKey, hmacKeyBad),
             False)
+
+    def test_check_badRSAkey(self):
+        """A challenge with a bad RSA secret key should return False."""
+        secretKeyBad, publicKeyBad = crypto.getRSAKey('test_gimpCaptcha_badRSAkey')
+        c = captcha.GimpCaptcha(self.sekrit, self.publik, self.hmacKey,
+                                self.cacheDir)
+        image, challenge = c.get()
+        self.assertEquals(
+            c.check(challenge, c.answer, secretKeyBad, c.hmacKey),
+            False)