summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
Diffstat (limited to 'test')
-rw-r--r--test/openssl/test_pkey_dsa.rb54
-rw-r--r--test/openssl/test_pkey_ec.rb68
-rw-r--r--test/openssl/test_pkey_rsa.rb47
-rw-r--r--test/openssl/utils.rb8
4 files changed, 170 insertions, 7 deletions
diff --git a/test/openssl/test_pkey_dsa.rb b/test/openssl/test_pkey_dsa.rb
index 725937464d..ba3bfb5b4a 100644
--- a/test/openssl/test_pkey_dsa.rb
+++ b/test/openssl/test_pkey_dsa.rb
@@ -23,7 +23,7 @@ class OpenSSL::TestPKeyDSA < Test::Unit::TestCase
end
def test_sys_sign_verify
- key = OpenSSL::PKey::DSA.new(256)
+ key = OpenSSL::TestUtils::TEST_KEY_DSA256
data = 'Sign me!'
digest = OpenSSL::Digest::SHA1.digest(data)
sig = key.syssign(digest)
@@ -45,7 +45,7 @@ if (OpenSSL::OPENSSL_VERSION_NUMBER > 0x10000000)
end
def test_digest_state_irrelevant_verify
- key = OpenSSL::PKey::DSA.new(256)
+ key = OpenSSL::TestUtils::TEST_KEY_DSA256
digest1 = OpenSSL::Digest::DSS1.new
digest2 = OpenSSL::Digest::DSS1.new
data = 'Sign me!'
@@ -128,7 +128,7 @@ YNMbNw==
end
def test_export_format_is_DSA_PUBKEY_pem
- key = OpenSSL::PKey::DSA.new(256)
+ key = OpenSSL::TestUtils::TEST_KEY_DSA256
pem = key.public_key.to_pem
pem.gsub!(/^-+(\w|\s)+-+$/, "") # eliminate --------BEGIN...-------
asn1 = OpenSSL::ASN1.decode(Base64.decode64(pem))
@@ -156,10 +156,56 @@ YNMbNw==
assert_equal(key.pub_key, pub_key.value)
end
+ def test_read_private_key_der
+ key = OpenSSL::TestUtils::TEST_KEY_DSA256
+ der = key.to_der
+ key2 = OpenSSL::PKey.read(der)
+ assert(key2.private?)
+ assert_equal(der, key2.to_der)
+ end
+
+ def test_read_private_key_pem
+ key = OpenSSL::TestUtils::TEST_KEY_DSA256
+ pem = key.to_pem
+ key2 = OpenSSL::PKey.read(pem)
+ assert(key2.private?)
+ assert_equal(pem, key2.to_pem)
+ end
+
+ def test_read_public_key_der
+ key = OpenSSL::TestUtils::TEST_KEY_DSA256.public_key
+ der = key.to_der
+ key2 = OpenSSL::PKey.read(der)
+ assert(!key2.private?)
+ assert_equal(der, key2.to_der)
+ end
+
+ def test_read_public_key_pem
+ key = OpenSSL::TestUtils::TEST_KEY_DSA256.public_key
+ pem = key.to_pem
+ key2 = OpenSSL::PKey.read(pem)
+ assert(!key2.private?)
+ assert_equal(pem, key2.to_pem)
+ end
+
+ def test_read_private_key_pem_pw
+ key = OpenSSL::TestUtils::TEST_KEY_DSA256
+ pem = key.to_pem(OpenSSL::Cipher.new('AES-128-CBC'), 'secret')
+ #callback form for password
+ key2 = OpenSSL::PKey.read(pem) do
+ 'secret'
+ end
+ assert(key2.private?)
+ # pass password directly
+ key2 = OpenSSL::PKey.read(pem, 'secret')
+ assert(key2.private?)
+ #omit pem equality check, will be different due to cipher iv
+ end
+
private
def check_sign_verify(digest)
- key = OpenSSL::PKey::DSA.new(256)
+ key = OpenSSL::TestUtils::TEST_KEY_DSA256
data = 'Sign me!'
sig = key.sign(digest, data)
assert(key.verify(digest, sig, data))
diff --git a/test/openssl/test_pkey_ec.rb b/test/openssl/test_pkey_ec.rb
new file mode 100644
index 0000000000..b80e1e56ec
--- /dev/null
+++ b/test/openssl/test_pkey_ec.rb
@@ -0,0 +1,68 @@
+require_relative 'utils'
+
+if defined?(OpenSSL)
+
+class OpenSSL::TestPKeyEC < Test::Unit::TestCase
+ def test_new
+ group = OpenSSL::PKey::EC::Group.new('prime256v1')
+ ec = OpenSSL::PKey::EC.new(group)
+ ec.generate_key
+ assert(ec.private_key?)
+ assert(ec.public_key?)
+ end
+
+ def test_read_private_key_der
+ ec = OpenSSL::TestUtils::TEST_KEY_EC_P256V1
+ der = ec.to_der
+ ec2 = OpenSSL::PKey.read(der)
+ assert(ec2.private_key?)
+ assert_equal(der, ec2.to_der)
+ end
+
+ def test_read_private_key_pem
+ ec = OpenSSL::TestUtils::TEST_KEY_EC_P256V1
+ pem = ec.to_pem
+ ec2 = OpenSSL::PKey.read(pem)
+ assert(ec2.private_key?)
+ assert_equal(pem, ec2.to_pem)
+ end
+
+ def test_read_public_key_der
+ ec = OpenSSL::TestUtils::TEST_KEY_EC_P256V1
+ group = OpenSSL::PKey::EC::Group.new('prime256v1')
+ ec2 = OpenSSL::PKey::EC.new(group)
+ ec2.public_key = ec.public_key
+ der = ec2.to_der
+ ec3 = OpenSSL::PKey.read(der)
+ assert(!ec3.private_key?)
+ assert_equal(der, ec3.to_der)
+ end
+
+ def test_read_public_key_pem
+ ec = OpenSSL::TestUtils::TEST_KEY_EC_P256V1
+ group = OpenSSL::PKey::EC::Group.new('prime256v1')
+ ec2 = OpenSSL::PKey::EC.new(group)
+ ec2.public_key = ec.public_key
+ pem = ec2.to_pem
+ ec3 = OpenSSL::PKey.read(pem)
+ assert(!ec3.private_key?)
+ assert_equal(pem, ec3.to_pem)
+ end
+
+ def test_read_private_key_pem_pw
+ ec = OpenSSL::TestUtils::TEST_KEY_EC_P256V1
+ pem = ec.to_pem(OpenSSL::Cipher.new('AES-128-CBC'), 'secret')
+ #callback form for password
+ ec2 = OpenSSL::PKey.read(pem) do
+ 'secret'
+ end
+ assert(ec2.private_key?)
+ # pass password directly
+ ec2 = OpenSSL::PKey.read(pem, 'secret')
+ assert(ec2.private_key?)
+ #omit pem equality check, will be different due to cipher iv
+ end
+
+end
+
+end
diff --git a/test/openssl/test_pkey_rsa.rb b/test/openssl/test_pkey_rsa.rb
index 8592f0efa0..ec49c0fb61 100644
--- a/test/openssl/test_pkey_rsa.rb
+++ b/test/openssl/test_pkey_rsa.rb
@@ -49,7 +49,7 @@ class OpenSSL::TestPKeyRSA < Test::Unit::TestCase
end
def test_sign_verify
- key = OpenSSL::PKey::RSA.new(512)
+ key = OpenSSL::TestUtils::TEST_KEY_RSA1024
digest = OpenSSL::Digest::SHA1.new
data = 'Sign me!'
sig = key.sign(digest, data)
@@ -57,7 +57,7 @@ class OpenSSL::TestPKeyRSA < Test::Unit::TestCase
end
def test_digest_state_irrelevant_sign
- key = OpenSSL::PKey::RSA.new(512)
+ key = OpenSSL::TestUtils::TEST_KEY_RSA1024
digest1 = OpenSSL::Digest::SHA1.new
digest2 = OpenSSL::Digest::SHA1.new
data = 'Sign me!'
@@ -68,7 +68,7 @@ class OpenSSL::TestPKeyRSA < Test::Unit::TestCase
end
def test_digest_state_irrelevant_verify
- key = OpenSSL::PKey::RSA.new(512)
+ key = OpenSSL::TestUtils::TEST_KEY_RSA1024
digest1 = OpenSSL::Digest::SHA1.new
digest2 = OpenSSL::Digest::SHA1.new
data = 'Sign me!'
@@ -164,6 +164,47 @@ AwEAAQ==
check_PUBKEY(asn1, key)
end
+ def test_read_private_key_der
+ der = OpenSSL::TestUtils::TEST_KEY_RSA1024.to_der
+ key = OpenSSL::PKey.read(der)
+ assert(key.private?)
+ assert_equal(der, key.to_der)
+ end
+
+ def test_read_private_key_pem
+ pem = OpenSSL::TestUtils::TEST_KEY_RSA1024.to_pem
+ key = OpenSSL::PKey.read(pem)
+ assert(key.private?)
+ assert_equal(pem, key.to_pem)
+ end
+
+ def test_read_public_key_der
+ der = OpenSSL::TestUtils::TEST_KEY_RSA1024.public_key.to_der
+ key = OpenSSL::PKey.read(der)
+ assert(!key.private?)
+ assert_equal(der, key.to_der)
+ end
+
+ def test_read_public_key_pem
+ pem = OpenSSL::TestUtils::TEST_KEY_RSA1024.public_key.to_pem
+ key = OpenSSL::PKey.read(pem)
+ assert(!key.private?)
+ assert_equal(pem, key.to_pem)
+ end
+
+ def test_read_private_key_pem_pw
+ pem = OpenSSL::TestUtils::TEST_KEY_RSA1024.to_pem(OpenSSL::Cipher.new('AES-128-CBC'), 'secret')
+ #callback form for password
+ key = OpenSSL::PKey.read(pem) do
+ 'secret'
+ end
+ assert(key.private?)
+ # pass password directly
+ key = OpenSSL::PKey.read(pem, 'secret')
+ assert(key.private?)
+ #omit pem equality check, will be different due to cipher iv
+ end
+
private
def check_PUBKEY(asn1, key)
diff --git a/test/openssl/utils.rb b/test/openssl/utils.rb
index 0b2115bbf3..bb51f57c72 100644
--- a/test/openssl/utils.rb
+++ b/test/openssl/utils.rb
@@ -80,6 +80,14 @@ Q1VB8qkJN7rA7/2HrCR3gTsWNb1YhAsnFsoeRscC+LxXoXi9OAIUBG98h4tilg6S
-----END DSA PRIVATE KEY-----
_end_of_pem_
+ TEST_KEY_EC_P256V1 = OpenSSL::PKey::EC.new <<-_end_of_pem_
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIID49FDqcf1O1eO8saTgG70UbXQw9Fqwseliit2aWhH1oAoGCCqGSM49
+AwEHoUQDQgAEFglk2c+oVUIKQ64eZG9bhLNPWB7lSZ/ArK41eGy5wAzU/0G51Xtt
+CeBUl+MahZtn9fO1JKdF4qJmS39dXnpENg==
+-----END EC PRIVATE KEY-----
+ _end_of_pem_
+
module_function
def issue_cert(dn, key, serial, not_before, not_after, extensions,
generated by cgit v1.2.3 (git 2.25.1) at 2025-05-14 07:48:42 +0000