* ext/openssl/ossl.c

  ext/openssl/ossl_pkey_rsa.c
  ext/openssl/ossl_pkey_dsa.c
  ext/openssl/ossl_pkey_ec.c: Forbid export passwords that are less
  than four characters long, as OpenSSL itself does not allow this.
  Issue found by Eric Hodel.
* ext/openssl/ossl_pkey_ec.c: Add export as an alias of to_pem,
  following the PKey interface contract.
* test/openssl/test_pkey_dsa.rb
  test/openssl/test_pkey_rsa.rb
  test/openssl/test_pkey_ec.rb: Add tests that assert correct
  behaviour when dealing with passwords that are less than four
  characters long.
  [ruby-core: 42281][ruby-trunk - Bug #5951]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36001 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

1 files changed, 9 insertions, 0 deletions

diff --git a/test/openssl/test_pkey_dsa.rb b/test/openssl/test_pkey_dsa.rb
index 4bf64a51be..555637e7a4 100644
--- a/test/openssl/test_pkey_dsa.rb
+++ b/test/openssl/test_pkey_dsa.rb
@@ -218,6 +218,15 @@ YNMbNw==
     assert_equal([], OpenSSL.errors)
   end
 
+  def test_export_password_length
+    key = OpenSSL::TestUtils::TEST_KEY_DSA256
+    assert_raise(OpenSSL::OpenSSLError) do
+      key.export(OpenSSL::Cipher.new('AES-128-CBC'), 'sec')
+    end
+    pem = key.export(OpenSSL::Cipher.new('AES-128-CBC'), 'secr')
+    assert(pem)
+  end
+
   private
 
   def check_sign_verify(digest)