зеркало из https://github.com/github/ruby.git
[ruby/openssl] Look up digest by name instead of constant
https://github.com/ruby/openssl/commit/b28fb2f05c
This commit is contained in:
Bart de Water
Kazuki Yamaguchi
Родитель
3f8665fe0e
Коммит
0b2c70eaa1
|
|
@ -31,8 +31,8 @@ module OpenSSL
|
|||
# the length of the secret. Returns +true+ if the strings are identical,
|
||||
# +false+ otherwise.
|
||||
def self.secure_compare(a, b)
|
||||
hashed_a = OpenSSL::Digest::SHA256.digest(a)
|
||||
hashed_b = OpenSSL::Digest::SHA256.digest(b)
|
||||
hashed_a = OpenSSL::Digest.digest('SHA256', a)
|
||||
hashed_b = OpenSSL::Digest.digest('SHA256', b)
|
||||
OpenSSL.fixed_length_secure_compare(hashed_a, hashed_b) && a == b
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -15,17 +15,6 @@
|
|||
module OpenSSL
|
||||
class Digest
|
||||
|
||||
# You can get a list of all algorithms:
|
||||
# openssl list -digest-algorithms
|
||||
|
||||
ALGORITHMS = %w(MD4 MD5 RIPEMD160 SHA1 SHA224 SHA256 SHA384 SHA512)
|
||||
|
||||
if !OPENSSL_VERSION.include?("LibreSSL") && OPENSSL_VERSION_NUMBER > 0x10101000
|
||||
ALGORITHMS.concat %w(BLAKE2b512 BLAKE2s256 SHA3-224 SHA3-256 SHA3-384 SHA3-512 SHA512-224 SHA512-256)
|
||||
end
|
||||
|
||||
ALGORITHMS.freeze
|
||||
|
||||
# Return the hash value computed with _name_ Digest. _name_ is either the
|
||||
# long name or short name of a supported digest algorithm.
|
||||
#
|
||||
|
|
@ -35,13 +24,13 @@ module OpenSSL
|
|||
#
|
||||
# which is equivalent to:
|
||||
#
|
||||
# OpenSSL::Digest::SHA256.digest("abc")
|
||||
# OpenSSL::Digest.digest('SHA256', "abc")
|
||||
|
||||
def self.digest(name, data)
|
||||
super(data, name)
|
||||
end
|
||||
|
||||
ALGORITHMS.each do |name|
|
||||
%w(MD4 MD5 RIPEMD160 SHA1 SHA224 SHA256 SHA384 SHA512).each do |name|
|
||||
klass = Class.new(self) {
|
||||
define_method(:initialize, ->(data = nil) {super(name, data)})
|
||||
}
|
||||
|
|
|
|||
|
|
@ -739,7 +739,7 @@ ossl_crypto_fixed_length_secure_compare(VALUE dummy, VALUE str1, VALUE str2)
|
|||
* To sign a document, a cryptographically secure hash of the document is
|
||||
* computed first, which is then signed using the private key.
|
||||
*
|
||||
* digest = OpenSSL::Digest::SHA256.new
|
||||
* digest = OpenSSL::Digest.new('SHA256')
|
||||
* signature = key.sign digest, document
|
||||
*
|
||||
* To validate the signature, again a hash of the document is computed and
|
||||
|
|
@ -747,7 +747,7 @@ ossl_crypto_fixed_length_secure_compare(VALUE dummy, VALUE str1, VALUE str2)
|
|||
* compared to the hash just computed, if they are equal the signature was
|
||||
* valid.
|
||||
*
|
||||
* digest = OpenSSL::Digest::SHA256.new
|
||||
* digest = OpenSSL::Digest.new('SHA256')
|
||||
* if key.verify digest, signature, document
|
||||
* puts 'Valid'
|
||||
* else
|
||||
|
|
@ -782,7 +782,7 @@ ossl_crypto_fixed_length_secure_compare(VALUE dummy, VALUE str1, VALUE str2)
|
|||
* salt = OpenSSL::Random.random_bytes 16
|
||||
* iter = 20000
|
||||
* key_len = cipher.key_len
|
||||
* digest = OpenSSL::Digest::SHA256.new
|
||||
* digest = OpenSSL::Digest.new('SHA256')
|
||||
*
|
||||
* key = OpenSSL::PKCS5.pbkdf2_hmac(pwd, salt, iter, key_len, digest)
|
||||
* cipher.key = key
|
||||
|
|
@ -805,7 +805,7 @@ ossl_crypto_fixed_length_secure_compare(VALUE dummy, VALUE str1, VALUE str2)
|
|||
* salt = ... # the one generated above
|
||||
* iter = 20000
|
||||
* key_len = cipher.key_len
|
||||
* digest = OpenSSL::Digest::SHA256.new
|
||||
* digest = OpenSSL::Digest.new('SHA256')
|
||||
*
|
||||
* key = OpenSSL::PKCS5.pbkdf2_hmac(pwd, salt, iter, key_len, digest)
|
||||
* cipher.key = key
|
||||
|
|
@ -901,7 +901,7 @@ ossl_crypto_fixed_length_secure_compare(VALUE dummy, VALUE str1, VALUE str2)
|
|||
* certificate.
|
||||
*
|
||||
* cert.issuer = name
|
||||
* cert.sign key, OpenSSL::Digest::SHA1.new
|
||||
* cert.sign key, OpenSSL::Digest.new('SHA1')
|
||||
*
|
||||
* open 'certificate.pem', 'w' do |io| io.write cert.to_pem end
|
||||
*
|
||||
|
|
@ -977,7 +977,7 @@ ossl_crypto_fixed_length_secure_compare(VALUE dummy, VALUE str1, VALUE str2)
|
|||
*
|
||||
* Root CA certificates are self-signed.
|
||||
*
|
||||
* ca_cert.sign ca_key, OpenSSL::Digest::SHA1.new
|
||||
* ca_cert.sign ca_key, OpenSSL::Digest.new('SHA1')
|
||||
*
|
||||
* The CA certificate is saved to disk so it may be distributed to all the
|
||||
* users of the keys this CA will sign.
|
||||
|
|
@ -995,7 +995,7 @@ ossl_crypto_fixed_length_secure_compare(VALUE dummy, VALUE str1, VALUE str2)
|
|||
* csr.version = 0
|
||||
* csr.subject = name
|
||||
* csr.public_key = key.public_key
|
||||
* csr.sign key, OpenSSL::Digest::SHA1.new
|
||||
* csr.sign key, OpenSSL::Digest.new('SHA1')
|
||||
*
|
||||
* A CSR is saved to disk and sent to the CA for signing.
|
||||
*
|
||||
|
|
@ -1039,7 +1039,7 @@ ossl_crypto_fixed_length_secure_compare(VALUE dummy, VALUE str1, VALUE str2)
|
|||
* csr_cert.add_extension \
|
||||
* extension_factory.create_extension('subjectKeyIdentifier', 'hash')
|
||||
*
|
||||
* csr_cert.sign ca_key, OpenSSL::Digest::SHA1.new
|
||||
* csr_cert.sign ca_key, OpenSSL::Digest.new('SHA1')
|
||||
*
|
||||
* open 'csr_cert.pem', 'w' do |io|
|
||||
* io.write csr_cert.to_pem
|
||||
|
|
|
|||
|
|
@ -192,7 +192,7 @@ ossl_digest_reset(VALUE self)
|
|||
* be passed individually to the Digest instance.
|
||||
*
|
||||
* === Example
|
||||
* digest = OpenSSL::Digest::SHA256.new
|
||||
* digest = OpenSSL::Digest.new('SHA256')
|
||||
* digest.update('First input')
|
||||
* digest << 'Second input' # equivalent to digest.update('Second input')
|
||||
* result = digest.digest
|
||||
|
|
@ -248,7 +248,7 @@ ossl_digest_finish(int argc, VALUE *argv, VALUE self)
|
|||
* Returns the sn of this Digest algorithm.
|
||||
*
|
||||
* === Example
|
||||
* digest = OpenSSL::Digest::SHA512.new
|
||||
* digest = OpenSSL::Digest.new('SHA512')
|
||||
* puts digest.name # => SHA512
|
||||
*
|
||||
*/
|
||||
|
|
@ -270,7 +270,7 @@ ossl_digest_name(VALUE self)
|
|||
* final message digest result.
|
||||
*
|
||||
* === Example
|
||||
* digest = OpenSSL::Digest::SHA1.new
|
||||
* digest = OpenSSL::Digest.new('SHA1')
|
||||
* puts digest.digest_length # => 20
|
||||
*
|
||||
*/
|
||||
|
|
@ -294,7 +294,7 @@ ossl_digest_size(VALUE self)
|
|||
* consecutively.
|
||||
*
|
||||
* === Example
|
||||
* digest = OpenSSL::Digest::SHA1.new
|
||||
* digest = OpenSSL::Digest.new('SHA1')
|
||||
* puts digest.block_length # => 64
|
||||
*/
|
||||
static VALUE
|
||||
|
|
@ -348,15 +348,19 @@ Init_ossl_digest(void)
|
|||
* the integrity of a signed document, it suffices to re-compute the hash
|
||||
* and verify that it is equal to that in the signature.
|
||||
*
|
||||
* Among the supported message digest algorithms are:
|
||||
* * SHA, SHA1, SHA224, SHA256, SHA384 and SHA512
|
||||
* * MD2, MD4, MDC2 and MD5
|
||||
* * RIPEMD160
|
||||
* You can get a list of all digest algorithms supported on your system by
|
||||
* running this command in your terminal:
|
||||
*
|
||||
* For each of these algorithms, there is a sub-class of Digest that
|
||||
* can be instantiated as simply as e.g.
|
||||
* openssl list -digest-algorithms
|
||||
*
|
||||
* digest = OpenSSL::Digest::SHA1.new
|
||||
* Among the OpenSSL 1.1.1 supported message digest algorithms are:
|
||||
* * SHA224, SHA256, SHA384, SHA512, SHA512-224 and SHA512-256
|
||||
* * SHA3-224, SHA3-256, SHA3-384 and SHA3-512
|
||||
* * BLAKE2s256 and BLAKE2b512
|
||||
*
|
||||
* Each of these algorithms can be instantiated using the name:
|
||||
*
|
||||
* digest = OpenSSL::Digest.new('SHA256')
|
||||
*
|
||||
* === Mapping between Digest class and sn/ln
|
||||
*
|
||||
|
|
@ -406,7 +410,7 @@ Init_ossl_digest(void)
|
|||
* === Hashing a file
|
||||
*
|
||||
* data = File.read('document')
|
||||
* sha256 = OpenSSL::Digest::SHA256.new
|
||||
* sha256 = OpenSSL::Digest.new('SHA256')
|
||||
* digest = sha256.digest(data)
|
||||
*
|
||||
* === Hashing several pieces of data at once
|
||||
|
|
@ -414,7 +418,7 @@ Init_ossl_digest(void)
|
|||
* data1 = File.read('file1')
|
||||
* data2 = File.read('file2')
|
||||
* data3 = File.read('file3')
|
||||
* sha256 = OpenSSL::Digest::SHA256.new
|
||||
* sha256 = OpenSSL::Digest.new('SHA256')
|
||||
* sha256 << data1
|
||||
* sha256 << data2
|
||||
* sha256 << data3
|
||||
|
|
@ -423,7 +427,7 @@ Init_ossl_digest(void)
|
|||
* === Reuse a Digest instance
|
||||
*
|
||||
* data1 = File.read('file1')
|
||||
* sha256 = OpenSSL::Digest::SHA256.new
|
||||
* sha256 = OpenSSL::Digest.new('SHA256')
|
||||
* digest1 = sha256.digest(data1)
|
||||
*
|
||||
* data2 = File.read('file2')
|
||||
|
|
|
|||
|
|
@ -353,7 +353,7 @@ Init_ossl_hmac(void)
|
|||
* data1 = File.read("file1")
|
||||
* data2 = File.read("file2")
|
||||
* key = "key"
|
||||
* digest = OpenSSL::Digest::SHA256.new
|
||||
* digest = OpenSSL::Digest.new('SHA256')
|
||||
* hmac = OpenSSL::HMAC.new(key, digest)
|
||||
* hmac << data1
|
||||
* hmac << data2
|
||||
|
|
|
|||
|
|
@ -272,7 +272,7 @@ Init_ossl_kdf(void)
|
|||
* # store this with the generated value
|
||||
* salt = OpenSSL::Random.random_bytes(16)
|
||||
* iter = 20_000
|
||||
* hash = OpenSSL::Digest::SHA256.new
|
||||
* hash = OpenSSL::Digest.new('SHA256')
|
||||
* len = hash.digest_length
|
||||
* # the final value to be stored
|
||||
* value = OpenSSL::KDF.pbkdf2_hmac(pass, salt: salt, iterations: iter,
|
||||
|
|
|
|||
|
|
@ -350,7 +350,7 @@ ossl_spki_verify(VALUE self, VALUE key)
|
|||
* spki = OpenSSL::Netscape::SPKI.new
|
||||
* spki.challenge = "RandomChallenge"
|
||||
* spki.public_key = key.public_key
|
||||
* spki.sign(key, OpenSSL::Digest::SHA256.new)
|
||||
* spki.sign(key, OpenSSL::Digest.new('SHA256'))
|
||||
* #send a request containing this to a server generating a certificate
|
||||
* === Verifying an SPKI request
|
||||
* request = #...
|
||||
|
|
|
|||
|
|
@ -1719,7 +1719,7 @@ Init_ossl_ocsp(void)
|
|||
* subject certificate so the CA knows which certificate we are asking
|
||||
* about:
|
||||
*
|
||||
* digest = OpenSSL::Digest::SHA1.new
|
||||
* digest = OpenSSL::Digest.new('SHA1')
|
||||
* certificate_id =
|
||||
* OpenSSL::OCSP::CertificateId.new subject, issuer, digest
|
||||
*
|
||||
|
|
|
|||
|
|
@ -430,7 +430,7 @@ ossl_pkey_public_to_pem(VALUE self)
|
|||
*
|
||||
* == Example
|
||||
* data = 'Sign me!'
|
||||
* digest = OpenSSL::Digest::SHA256.new
|
||||
* digest = OpenSSL::Digest.new('SHA256')
|
||||
* pkey = OpenSSL::PKey::RSA.new(2048)
|
||||
* signature = pkey.sign(digest, data)
|
||||
*/
|
||||
|
|
@ -484,7 +484,7 @@ ossl_pkey_sign(VALUE self, VALUE digest, VALUE data)
|
|||
*
|
||||
* == Example
|
||||
* data = 'Sign me!'
|
||||
* digest = OpenSSL::Digest::SHA256.new
|
||||
* digest = OpenSSL::Digest.new('SHA256')
|
||||
* pkey = OpenSSL::PKey::RSA.new(2048)
|
||||
* signature = pkey.sign(digest, data)
|
||||
* pub_key = pkey.public_key
|
||||
|
|
|
|||
|
|
@ -513,7 +513,7 @@ ossl_dsa_to_public_key(VALUE self)
|
|||
* === Example
|
||||
* dsa = OpenSSL::PKey::DSA.new(2048)
|
||||
* doc = "Sign me"
|
||||
* digest = OpenSSL::Digest::SHA1.digest(doc)
|
||||
* digest = OpenSSL::Digest.digest('SHA1', doc)
|
||||
* sig = dsa.syssign(digest)
|
||||
*
|
||||
*
|
||||
|
|
@ -558,7 +558,7 @@ ossl_dsa_sign(VALUE self, VALUE data)
|
|||
* === Example
|
||||
* dsa = OpenSSL::PKey::DSA.new(2048)
|
||||
* doc = "Sign me"
|
||||
* digest = OpenSSL::Digest::SHA1.digest(doc)
|
||||
* digest = OpenSSL::Digest.digest('SHA1', doc)
|
||||
* sig = dsa.syssign(digest)
|
||||
* puts dsa.sysverify(digest, sig) # => true
|
||||
*
|
||||
|
|
|
|||
|
|
@ -1281,7 +1281,7 @@ Init_ossl_ts(void)
|
|||
* #Assumes ts.p12 is a PKCS#12-compatible file with a private key
|
||||
* #and a certificate that has an extended key usage of 'timeStamping'
|
||||
* p12 = OpenSSL::PKCS12.new(File.open('ts.p12', 'rb'), 'pwd')
|
||||
* md = OpenSSL::Digest::SHA1.new
|
||||
* md = OpenSSL::Digest.new('SHA1')
|
||||
* hash = md.digest(data) #some binary data to be timestamped
|
||||
* req = OpenSSL::Timestamp::Request.new
|
||||
* req.algorithm = 'SHA1'
|
||||
|
|
@ -1498,8 +1498,8 @@ Init_ossl_ts(void)
|
|||
* Must be an Array of String or OpenSSL::Digest subclass instances.
|
||||
*
|
||||
* call-seq:
|
||||
* factory.allowed_digests = ["sha1", OpenSSL::Digest::SHA256.new] -> [ "sha1", OpenSSL::Digest::SHA256.new ]
|
||||
* factory.allowed_digests -> array or nil
|
||||
* factory.allowed_digests = ["sha1", OpenSSL::Digest.new('SHA256').new] -> [ "sha1", OpenSSL::Digest) ]
|
||||
* factory.allowed_digests -> array or nil
|
||||
*
|
||||
*/
|
||||
cTimestampFactory = rb_define_class_under(mTimestamp, "Factory", rb_cObject);
|
||||
|
|
|
|||
|
|
@ -788,7 +788,7 @@ Init_ossl_x509cert(void)
|
|||
* root_ca.add_extension(ef.create_extension("keyUsage","keyCertSign, cRLSign", true))
|
||||
* root_ca.add_extension(ef.create_extension("subjectKeyIdentifier","hash",false))
|
||||
* root_ca.add_extension(ef.create_extension("authorityKeyIdentifier","keyid:always",false))
|
||||
* root_ca.sign(root_key, OpenSSL::Digest::SHA256.new)
|
||||
* root_ca.sign(root_key, OpenSSL::Digest.new('SHA256'))
|
||||
*
|
||||
* The next step is to create the end-entity certificate using the root CA
|
||||
* certificate.
|
||||
|
|
@ -807,7 +807,7 @@ Init_ossl_x509cert(void)
|
|||
* ef.issuer_certificate = root_ca
|
||||
* cert.add_extension(ef.create_extension("keyUsage","digitalSignature", true))
|
||||
* cert.add_extension(ef.create_extension("subjectKeyIdentifier","hash",false))
|
||||
* cert.sign(root_key, OpenSSL::Digest::SHA256.new)
|
||||
* cert.sign(root_key, OpenSSL::Digest.new('SHA256'))
|
||||
*
|
||||
*/
|
||||
cX509Cert = rb_define_class_under(mX509, "Certificate", rb_cObject);
|
||||
|
|
|
|||
|
|
@ -161,7 +161,7 @@ private
|
|||
end
|
||||
|
||||
def fingerprint(der)
|
||||
Digest::MD5.hexdigest(der).upcase
|
||||
Digest.hexdigest('MD5', der).upcase
|
||||
end
|
||||
end
|
||||
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ else
|
|||
ef.issuer_certificate = cert
|
||||
cert.add_extension ef.create_extension("authorityKeyIdentifier",
|
||||
"keyid:always,issuer:always")
|
||||
cert.sign(key, OpenSSL::Digest::SHA1.new)
|
||||
cert.sign(key, OpenSSL::Digest.new('SHA1'))
|
||||
end
|
||||
|
||||
ctx = OpenSSL::SSL::SSLContext.new()
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ req = X509::Request.new
|
|||
req.version = 0
|
||||
req.subject = name
|
||||
req.public_key = keypair.public_key
|
||||
req.sign(keypair, Digest::MD5.new)
|
||||
req.sign(keypair, Digest.new('MD5'))
|
||||
|
||||
puts "Writing #{csrout}..."
|
||||
File.open(csrout, "w") do |f|
|
||||
|
|
|
|||
|
|
@ -14,7 +14,7 @@ class OpenSSL::TestASN1 < OpenSSL::TestCase
|
|||
["keyUsage","keyCertSign, cRLSign",true],
|
||||
["subjectKeyIdentifier","hash",false],
|
||||
]
|
||||
dgst = OpenSSL::Digest::SHA1.new
|
||||
dgst = OpenSSL::Digest.new('SHA1')
|
||||
cert = OpenSSL::TestUtils.issue_cert(
|
||||
subj, key, s, exts, nil, nil, digest: dgst, not_before: now, not_after: now+3600)
|
||||
|
||||
|
|
@ -178,7 +178,7 @@ class OpenSSL::TestASN1 < OpenSSL::TestCase
|
|||
assert_equal(OpenSSL::ASN1::OctetString, ext.value[1].class)
|
||||
extv = OpenSSL::ASN1.decode(ext.value[1].value)
|
||||
assert_equal(OpenSSL::ASN1::OctetString, extv.class)
|
||||
sha1 = OpenSSL::Digest::SHA1.new
|
||||
sha1 = OpenSSL::Digest.new('SHA1')
|
||||
sha1.update(pkey.value[1].value)
|
||||
assert_equal(sha1.digest, extv.value)
|
||||
|
||||
|
|
@ -189,7 +189,7 @@ class OpenSSL::TestASN1 < OpenSSL::TestCase
|
|||
assert_equal(OpenSSL::ASN1::Null, pkey.value[0].value[1].class)
|
||||
|
||||
assert_equal(OpenSSL::ASN1::BitString, sig_val.class)
|
||||
cululated_sig = key.sign(OpenSSL::Digest::SHA1.new, tbs_cert.to_der)
|
||||
cululated_sig = key.sign(OpenSSL::Digest.new('SHA1'), tbs_cert.to_der)
|
||||
assert_equal(cululated_sig, sig_val.value)
|
||||
end
|
||||
|
||||
|
|
|
|||
|
|
@ -36,8 +36,8 @@ class OpenSSL::TestCipher < OpenSSL::TestCase
|
|||
cipher.pkcs5_keyivgen(pass, salt, num, "MD5")
|
||||
s1 = cipher.update(pt) << cipher.final
|
||||
|
||||
d1 = num.times.inject(pass + salt) {|out, _| OpenSSL::Digest::MD5.digest(out) }
|
||||
d2 = num.times.inject(d1 + pass + salt) {|out, _| OpenSSL::Digest::MD5.digest(out) }
|
||||
d1 = num.times.inject(pass + salt) {|out, _| OpenSSL::Digest.digest('MD5', out) }
|
||||
d2 = num.times.inject(d1 + pass + salt) {|out, _| OpenSSL::Digest.digest('MD5', out) }
|
||||
key = (d1 + d2)[0, 24]
|
||||
iv = (d1 + d2)[24, 8]
|
||||
cipher = new_encryptor("DES-EDE3-CBC", key: key, iv: iv)
|
||||
|
|
|
|||
|
|
@ -21,8 +21,8 @@ class OpenSSL::TestDigest < OpenSSL::TestCase
|
|||
@d1 << data
|
||||
assert_equal(bin, @d1.digest)
|
||||
assert_equal(hex, @d1.hexdigest)
|
||||
assert_equal(bin, OpenSSL::Digest::MD5.digest(data))
|
||||
assert_equal(hex, OpenSSL::Digest::MD5.hexdigest(data))
|
||||
assert_equal(bin, OpenSSL::Digest.digest('MD5', data))
|
||||
assert_equal(hex, OpenSSL::Digest.hexdigest('MD5', data))
|
||||
end
|
||||
|
||||
def test_eql
|
||||
|
|
@ -53,19 +53,8 @@ class OpenSSL::TestDigest < OpenSSL::TestCase
|
|||
assert_equal(dig1, dig2, "reset")
|
||||
end
|
||||
|
||||
def test_required_digests
|
||||
algorithms = OpenSSL::Digest::ALGORITHMS
|
||||
required = %w{MD4 MD5 RIPEMD160 SHA1 SHA224 SHA256 SHA384 SHA512}
|
||||
|
||||
required.each do |name|
|
||||
assert_include(algorithms, name)
|
||||
end
|
||||
end
|
||||
|
||||
def test_digest_constants
|
||||
algorithms = OpenSSL::Digest::ALGORITHMS
|
||||
|
||||
algorithms.each do |name|
|
||||
%w{MD4 MD5 RIPEMD160 SHA1 SHA224 SHA256 SHA384 SHA512}.each do |name|
|
||||
assert_not_nil(OpenSSL::Digest.new(name))
|
||||
klass = OpenSSL::Digest.const_get(name.tr('-', '_'))
|
||||
assert_not_nil(klass.new)
|
||||
|
|
@ -87,39 +76,39 @@ class OpenSSL::TestDigest < OpenSSL::TestCase
|
|||
sha384_a = "54a59b9f22b0b80880d8427e548b7c23abd873486e1f035dce9cd697e85175033caa88e6d57bc35efae0b5afd3145f31"
|
||||
sha512_a = "1f40fc92da241694750979ee6cf582f2d5d7d28e18335de05abc54d0560e0f5302860c652bf08d560252aa5e74210546f369fbbbce8c12cfc7957b2652fe9a75"
|
||||
|
||||
assert_equal(sha224_a, OpenSSL::Digest::SHA224.hexdigest("a"))
|
||||
assert_equal(sha256_a, OpenSSL::Digest::SHA256.hexdigest("a"))
|
||||
assert_equal(sha384_a, OpenSSL::Digest::SHA384.hexdigest("a"))
|
||||
assert_equal(sha512_a, OpenSSL::Digest::SHA512.hexdigest("a"))
|
||||
assert_equal(sha224_a, OpenSSL::Digest.hexdigest('SHA224', "a"))
|
||||
assert_equal(sha256_a, OpenSSL::Digest.hexdigest('SHA256', "a"))
|
||||
assert_equal(sha384_a, OpenSSL::Digest.hexdigest('SHA384', "a"))
|
||||
assert_equal(sha512_a, OpenSSL::Digest.hexdigest('SHA512', "a"))
|
||||
|
||||
assert_equal(sha224_a, encode16(OpenSSL::Digest::SHA224.digest("a")))
|
||||
assert_equal(sha256_a, encode16(OpenSSL::Digest::SHA256.digest("a")))
|
||||
assert_equal(sha384_a, encode16(OpenSSL::Digest::SHA384.digest("a")))
|
||||
assert_equal(sha512_a, encode16(OpenSSL::Digest::SHA512.digest("a")))
|
||||
assert_equal(sha224_a, encode16(OpenSSL::Digest.digest('SHA224', "a")))
|
||||
assert_equal(sha256_a, encode16(OpenSSL::Digest.digest('SHA256', "a")))
|
||||
assert_equal(sha384_a, encode16(OpenSSL::Digest.digest('SHA384', "a")))
|
||||
assert_equal(sha512_a, encode16(OpenSSL::Digest.digest('SHA512', "a")))
|
||||
end
|
||||
|
||||
def test_sha512_truncate
|
||||
pend "SHA512_224 is not implemented" unless OpenSSL::Digest.const_defined?(:SHA512_224)
|
||||
pend "SHA512_224 is not implemented" unless digest_available?('SHA512-224')
|
||||
sha512_224_a = "d5cdb9ccc769a5121d4175f2bfdd13d6310e0d3d361ea75d82108327"
|
||||
sha512_256_a = "455e518824bc0601f9fb858ff5c37d417d67c2f8e0df2babe4808858aea830f8"
|
||||
|
||||
assert_equal(sha512_224_a, OpenSSL::Digest::SHA512_224.hexdigest("a"))
|
||||
assert_equal(sha512_256_a, OpenSSL::Digest::SHA512_256.hexdigest("a"))
|
||||
assert_equal(sha512_224_a, OpenSSL::Digest.hexdigest('SHA512-224', "a"))
|
||||
assert_equal(sha512_256_a, OpenSSL::Digest.hexdigest('SHA512-256', "a"))
|
||||
|
||||
assert_equal(sha512_224_a, encode16(OpenSSL::Digest::SHA512_224.digest("a")))
|
||||
assert_equal(sha512_256_a, encode16(OpenSSL::Digest::SHA512_256.digest("a")))
|
||||
assert_equal(sha512_224_a, encode16(OpenSSL::Digest.digest('SHA512-224', "a")))
|
||||
assert_equal(sha512_256_a, encode16(OpenSSL::Digest.digest('SHA512-256', "a")))
|
||||
end
|
||||
|
||||
def test_sha3
|
||||
pend "SHA3 is not implemented" unless OpenSSL::Digest.const_defined?(:SHA3_224)
|
||||
pend "SHA3 is not implemented" unless digest_available?('SHA3-224')
|
||||
s224 = '6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7'
|
||||
s256 = 'a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a'
|
||||
s384 = '0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2ac3713831264adb47fb6bd1e058d5f004'
|
||||
s512 = 'a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26'
|
||||
assert_equal(OpenSSL::Digest::SHA3_224.hexdigest(""), s224)
|
||||
assert_equal(OpenSSL::Digest::SHA3_256.hexdigest(""), s256)
|
||||
assert_equal(OpenSSL::Digest::SHA3_384.hexdigest(""), s384)
|
||||
assert_equal(OpenSSL::Digest::SHA3_512.hexdigest(""), s512)
|
||||
assert_equal(OpenSSL::Digest.hexdigest('SHA3-224', ""), s224)
|
||||
assert_equal(OpenSSL::Digest.hexdigest('SHA3-256', ""), s256)
|
||||
assert_equal(OpenSSL::Digest.hexdigest('SHA3-384', ""), s384)
|
||||
assert_equal(OpenSSL::Digest.hexdigest('SHA3-512', ""), s512)
|
||||
end
|
||||
|
||||
def test_digest_by_oid_and_name_sha2
|
||||
|
|
@ -147,6 +136,14 @@ class OpenSSL::TestDigest < OpenSSL::TestCase
|
|||
d = OpenSSL::Digest.new(oid.oid)
|
||||
assert_not_nil(d)
|
||||
end
|
||||
|
||||
def digest_available?(name)
|
||||
begin
|
||||
OpenSSL::Digest.new(name)
|
||||
rescue RuntimeError
|
||||
false
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
|||
|
|
@ -47,7 +47,7 @@ class OpenSSL::TestEngine < OpenSSL::TestCase
|
|||
digest = engine.digest("SHA1")
|
||||
assert_not_nil(digest)
|
||||
data = "test"
|
||||
assert_equal(OpenSSL::Digest::SHA1.digest(data), digest.digest(data))
|
||||
assert_equal(OpenSSL::Digest.digest('SHA1', data), digest.digest(data))
|
||||
end;
|
||||
end
|
||||
|
||||
|
|
|
|||
|
|
@ -22,7 +22,7 @@ class OpenSSL::TestNSSPI < OpenSSL::TestCase
|
|||
spki = OpenSSL::Netscape::SPKI.new
|
||||
spki.challenge = "RandomString"
|
||||
spki.public_key = key1.public_key
|
||||
spki.sign(key1, OpenSSL::Digest::SHA1.new)
|
||||
spki.sign(key1, OpenSSL::Digest.new('SHA1'))
|
||||
assert(spki.verify(spki.public_key))
|
||||
assert(spki.verify(key1.public_key))
|
||||
assert(!spki.verify(key2.public_key))
|
||||
|
|
|
|||
|
|
@ -50,26 +50,26 @@ class OpenSSL::TestOCSP < OpenSSL::TestCase
|
|||
cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert)
|
||||
assert_kind_of OpenSSL::OCSP::CertificateId, cid
|
||||
assert_equal @cert.serial, cid.serial
|
||||
cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA256.new)
|
||||
cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest.new('SHA256'))
|
||||
assert_kind_of OpenSSL::OCSP::CertificateId, cid
|
||||
assert_equal @cert.serial, cid.serial
|
||||
end
|
||||
|
||||
def test_certificate_id_issuer_name_hash
|
||||
cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert)
|
||||
assert_equal OpenSSL::Digest::SHA1.hexdigest(@cert.issuer.to_der), cid.issuer_name_hash
|
||||
assert_equal OpenSSL::Digest.hexdigest('SHA1', @cert.issuer.to_der), cid.issuer_name_hash
|
||||
assert_equal "d91f736ac4dc3242f0fb9b77a3149bd83c5c43d0", cid.issuer_name_hash
|
||||
end
|
||||
|
||||
def test_certificate_id_issuer_key_hash
|
||||
cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert)
|
||||
assert_equal OpenSSL::Digest::SHA1.hexdigest(OpenSSL::ASN1.decode(@ca_cert.to_der).value[0].value[6].value[1].value), cid.issuer_key_hash
|
||||
assert_equal OpenSSL::Digest.hexdigest('SHA1', OpenSSL::ASN1.decode(@ca_cert.to_der).value[0].value[6].value[1].value), cid.issuer_key_hash
|
||||
assert_equal "d1fef9fbf8ae1bc160cbfa03e2596dd873089213", cid.issuer_key_hash
|
||||
end
|
||||
|
||||
def test_certificate_id_hash_algorithm
|
||||
cid_sha1 = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA1.new)
|
||||
cid_sha256 = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA256.new)
|
||||
cid_sha1 = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest.new('SHA1'))
|
||||
cid_sha256 = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest.new('SHA256'))
|
||||
assert_equal "sha1", cid_sha1.hash_algorithm
|
||||
assert_equal "sha256", cid_sha256.hash_algorithm
|
||||
end
|
||||
|
|
@ -94,7 +94,7 @@ class OpenSSL::TestOCSP < OpenSSL::TestCase
|
|||
|
||||
def test_request_der
|
||||
request = OpenSSL::OCSP::Request.new
|
||||
cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA1.new)
|
||||
cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest.new('SHA1'))
|
||||
request.add_certid(cid)
|
||||
request.sign(@cert, @cert_key, [@ca_cert], 0)
|
||||
asn1 = OpenSSL::ASN1.decode(request.to_der)
|
||||
|
|
@ -164,14 +164,14 @@ class OpenSSL::TestOCSP < OpenSSL::TestCase
|
|||
|
||||
def test_request_dup
|
||||
request = OpenSSL::OCSP::Request.new
|
||||
cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA1.new)
|
||||
cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest.new('SHA1'))
|
||||
request.add_certid(cid)
|
||||
assert_equal request.to_der, request.dup.to_der
|
||||
end
|
||||
|
||||
def test_basic_response_der
|
||||
bres = OpenSSL::OCSP::BasicResponse.new
|
||||
cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA1.new)
|
||||
cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest.new('SHA1'))
|
||||
bres.add_status(cid, OpenSSL::OCSP::V_CERTSTATUS_GOOD, 0, nil, -300, 500, [])
|
||||
bres.add_nonce("NONCE")
|
||||
bres.sign(@ocsp_cert, @ocsp_key, [@ca_cert], 0)
|
||||
|
|
@ -214,7 +214,7 @@ class OpenSSL::TestOCSP < OpenSSL::TestCase
|
|||
|
||||
def test_basic_response_dup
|
||||
bres = OpenSSL::OCSP::BasicResponse.new
|
||||
cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA1.new)
|
||||
cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest.new('SHA1'))
|
||||
bres.add_status(cid, OpenSSL::OCSP::V_CERTSTATUS_GOOD, 0, nil, -300, 500, [])
|
||||
bres.sign(@ocsp_cert, @ocsp_key, [@ca_cert], 0)
|
||||
assert_equal bres.to_der, bres.dup.to_der
|
||||
|
|
@ -223,9 +223,9 @@ class OpenSSL::TestOCSP < OpenSSL::TestCase
|
|||
def test_basic_response_response_operations
|
||||
bres = OpenSSL::OCSP::BasicResponse.new
|
||||
now = Time.at(Time.now.to_i)
|
||||
cid1 = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA1.new)
|
||||
cid2 = OpenSSL::OCSP::CertificateId.new(@ocsp_cert, @ca_cert, OpenSSL::Digest::SHA1.new)
|
||||
cid3 = OpenSSL::OCSP::CertificateId.new(@ca_cert, @ca_cert, OpenSSL::Digest::SHA1.new)
|
||||
cid1 = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest.new('SHA1'))
|
||||
cid2 = OpenSSL::OCSP::CertificateId.new(@ocsp_cert, @ca_cert, OpenSSL::Digest.new('SHA1'))
|
||||
cid3 = OpenSSL::OCSP::CertificateId.new(@ca_cert, @ca_cert, OpenSSL::Digest.new('SHA1'))
|
||||
bres.add_status(cid1, OpenSSL::OCSP::V_CERTSTATUS_REVOKED, OpenSSL::OCSP::REVOKED_STATUS_UNSPECIFIED, now - 400, -300, nil, nil)
|
||||
bres.add_status(cid2, OpenSSL::OCSP::V_CERTSTATUS_GOOD, nil, nil, -300, 500, [])
|
||||
|
||||
|
|
@ -257,8 +257,8 @@ class OpenSSL::TestOCSP < OpenSSL::TestCase
|
|||
|
||||
def test_single_response_check_validity
|
||||
bres = OpenSSL::OCSP::BasicResponse.new
|
||||
cid1 = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA1.new)
|
||||
cid2 = OpenSSL::OCSP::CertificateId.new(@ocsp_cert, @ca_cert, OpenSSL::Digest::SHA1.new)
|
||||
cid1 = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest.new('SHA1'))
|
||||
cid2 = OpenSSL::OCSP::CertificateId.new(@ocsp_cert, @ca_cert, OpenSSL::Digest.new('SHA1'))
|
||||
bres.add_status(cid1, OpenSSL::OCSP::V_CERTSTATUS_REVOKED, OpenSSL::OCSP::REVOKED_STATUS_UNSPECIFIED, -400, -300, -50, [])
|
||||
bres.add_status(cid2, OpenSSL::OCSP::V_CERTSTATUS_REVOKED, OpenSSL::OCSP::REVOKED_STATUS_UNSPECIFIED, -400, -300, nil, [])
|
||||
bres.add_status(cid2, OpenSSL::OCSP::V_CERTSTATUS_GOOD, nil, nil, Time.now + 100, nil, nil)
|
||||
|
|
@ -277,7 +277,7 @@ class OpenSSL::TestOCSP < OpenSSL::TestCase
|
|||
|
||||
def test_response
|
||||
bres = OpenSSL::OCSP::BasicResponse.new
|
||||
cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA1.new)
|
||||
cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest.new('SHA1'))
|
||||
bres.add_status(cid, OpenSSL::OCSP::V_CERTSTATUS_GOOD, 0, nil, -300, 500, [])
|
||||
bres.sign(@ocsp_cert, @ocsp_key, [])
|
||||
res = OpenSSL::OCSP::Response.create(OpenSSL::OCSP::RESPONSE_STATUS_SUCCESSFUL, bres)
|
||||
|
|
@ -288,7 +288,7 @@ class OpenSSL::TestOCSP < OpenSSL::TestCase
|
|||
|
||||
def test_response_der
|
||||
bres = OpenSSL::OCSP::BasicResponse.new
|
||||
cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest::SHA1.new)
|
||||
cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert, OpenSSL::Digest.new('SHA1'))
|
||||
bres.add_status(cid, OpenSSL::OCSP::V_CERTSTATUS_GOOD, 0, nil, -300, 500, [])
|
||||
bres.sign(@ocsp_cert, @ocsp_key, [@ca_cert], 0)
|
||||
res = OpenSSL::OCSP::Response.create(OpenSSL::OCSP::RESPONSE_STATUS_SUCCESSFUL, bres)
|
||||
|
|
|
|||
|
|
@ -12,7 +12,7 @@ class OpenSSL::OSSL < OpenSSL::SSLTestCase
|
|||
|
||||
assert OpenSSL.fixed_length_secure_compare("aaa", "aaa")
|
||||
assert OpenSSL.fixed_length_secure_compare(
|
||||
OpenSSL::Digest::SHA256.digest("aaa"), OpenSSL::Digest::SHA256.digest("aaa")
|
||||
OpenSSL::Digest.digest('SHA256', "aaa"), OpenSSL::Digest::SHA256.digest("aaa")
|
||||
)
|
||||
|
||||
assert_raise(ArgumentError) { OpenSSL.fixed_length_secure_compare("aaa", "aaaa") }
|
||||
|
|
|
|||
|
|
@ -37,8 +37,8 @@ class OpenSSL::TestPKeyDSA < OpenSSL::PKeyTestCase
|
|||
dsa512 = Fixtures.pkey("dsa512")
|
||||
data = "Sign me!"
|
||||
if defined?(OpenSSL::Digest::DSS1)
|
||||
signature = dsa512.sign(OpenSSL::Digest::DSS1.new, data)
|
||||
assert_equal true, dsa512.verify(OpenSSL::Digest::DSS1.new, signature, data)
|
||||
signature = dsa512.sign(OpenSSL::Digest.new('DSS1'), data)
|
||||
assert_equal true, dsa512.verify(OpenSSL::Digest.new('DSS1'), signature, data)
|
||||
end
|
||||
|
||||
signature = dsa512.sign("SHA1", data)
|
||||
|
|
@ -56,7 +56,7 @@ class OpenSSL::TestPKeyDSA < OpenSSL::PKeyTestCase
|
|||
def test_sys_sign_verify
|
||||
key = Fixtures.pkey("dsa256")
|
||||
data = 'Sign me!'
|
||||
digest = OpenSSL::Digest::SHA1.digest(data)
|
||||
digest = OpenSSL::Digest.digest('SHA1', data)
|
||||
sig = key.syssign(digest)
|
||||
assert(key.sysverify(digest, sig))
|
||||
end
|
||||
|
|
|
|||
|
|
@ -7,7 +7,7 @@ class OpenSSL::TestPKeyRSA < OpenSSL::PKeyTestCase
|
|||
def test_no_private_exp
|
||||
key = OpenSSL::PKey::RSA.new
|
||||
rsa = Fixtures.pkey("rsa2048")
|
||||
key.set_key(rsa.n, rsa.e, nil)
|
||||
key.set_key(rsa.n, rsa.e, nil)
|
||||
key.set_factors(rsa.p, rsa.q)
|
||||
assert_raise(OpenSSL::PKey::RSAError){ key.private_encrypt("foo") }
|
||||
assert_raise(OpenSSL::PKey::RSAError){ key.private_decrypt("foo") }
|
||||
|
|
@ -119,8 +119,8 @@ class OpenSSL::TestPKeyRSA < OpenSSL::PKeyTestCase
|
|||
|
||||
def test_digest_state_irrelevant_sign
|
||||
key = Fixtures.pkey("rsa1024")
|
||||
digest1 = OpenSSL::Digest::SHA1.new
|
||||
digest2 = OpenSSL::Digest::SHA1.new
|
||||
digest1 = OpenSSL::Digest.new('SHA1')
|
||||
digest2 = OpenSSL::Digest.new('SHA1')
|
||||
data = 'Sign me!'
|
||||
digest1 << 'Change state of digest1'
|
||||
sig1 = key.sign(digest1, data)
|
||||
|
|
@ -130,8 +130,8 @@ class OpenSSL::TestPKeyRSA < OpenSSL::PKeyTestCase
|
|||
|
||||
def test_digest_state_irrelevant_verify
|
||||
key = Fixtures.pkey("rsa1024")
|
||||
digest1 = OpenSSL::Digest::SHA1.new
|
||||
digest2 = OpenSSL::Digest::SHA1.new
|
||||
digest1 = OpenSSL::Digest.new('SHA1')
|
||||
digest2 = OpenSSL::Digest.new('SHA1')
|
||||
data = 'Sign me!'
|
||||
sig = key.sign(digest1, data)
|
||||
digest1.reset
|
||||
|
|
|
|||
|
|
@ -77,7 +77,7 @@ _end_of_pem_
|
|||
assert_raise(OpenSSL::Timestamp::TimestampError) do
|
||||
req.to_der
|
||||
end
|
||||
req.message_imprint = OpenSSL::Digest::SHA1.new.digest("data")
|
||||
req.message_imprint = OpenSSL::Digest.digest('SHA1', "data")
|
||||
req.to_der
|
||||
end
|
||||
|
||||
|
|
@ -160,7 +160,7 @@ _end_of_pem_
|
|||
def test_request_encode_decode
|
||||
req = OpenSSL::Timestamp::Request.new
|
||||
req.algorithm = "SHA1"
|
||||
digest = OpenSSL::Digest::SHA1.new.digest("test")
|
||||
digest = OpenSSL::Digest.digest('SHA1', "test")
|
||||
req.message_imprint = digest
|
||||
req.policy_id = "1.2.3.4.5"
|
||||
req.nonce = 42
|
||||
|
|
@ -193,7 +193,7 @@ _end_of_pem_
|
|||
def test_response_creation
|
||||
req = OpenSSL::Timestamp::Request.new
|
||||
req.algorithm = "SHA1"
|
||||
digest = OpenSSL::Digest::SHA1.new.digest("test")
|
||||
digest = OpenSSL::Digest.digest('SHA1', "test")
|
||||
req.message_imprint = digest
|
||||
req.policy_id = "1.2.3.4.5"
|
||||
|
||||
|
|
@ -232,7 +232,7 @@ _end_of_pem_
|
|||
assert_raise(OpenSSL::Timestamp::TimestampError) do
|
||||
fac.create_timestamp(ee_key, ts_cert_ee, req)
|
||||
end
|
||||
req.message_imprint = OpenSSL::Digest::SHA1.new.digest("data")
|
||||
req.message_imprint = OpenSSL::Digest.digest('SHA1', "data")
|
||||
assert_raise(OpenSSL::Timestamp::TimestampError) do
|
||||
fac.create_timestamp(ee_key, ts_cert_ee, req)
|
||||
end
|
||||
|
|
@ -258,7 +258,7 @@ _end_of_pem_
|
|||
def test_response_allowed_digests
|
||||
req = OpenSSL::Timestamp::Request.new
|
||||
req.algorithm = "SHA1"
|
||||
req.message_imprint = OpenSSL::Digest::SHA1.digest("test")
|
||||
req.message_imprint = OpenSSL::Digest.digest('SHA1', "test")
|
||||
|
||||
fac = OpenSSL::Timestamp::Factory.new
|
||||
fac.gen_time = Time.now
|
||||
|
|
@ -275,13 +275,13 @@ _end_of_pem_
|
|||
assert_equal OpenSSL::Timestamp::Response::GRANTED, resp.status
|
||||
|
||||
# Explicitly allow SHA1 (object)
|
||||
fac.allowed_digests = [OpenSSL::Digest::SHA1.new]
|
||||
fac.allowed_digests = [OpenSSL::Digest.new('SHA1')]
|
||||
resp = fac.create_timestamp(ee_key, ts_cert_ee, req)
|
||||
assert_equal OpenSSL::Timestamp::Response::GRANTED, resp.status
|
||||
|
||||
# Others not allowed
|
||||
req.algorithm = "SHA256"
|
||||
req.message_imprint = OpenSSL::Digest::SHA256.digest("test")
|
||||
req.message_imprint = OpenSSL::Digest.digest('SHA256', "test")
|
||||
resp = fac.create_timestamp(ee_key, ts_cert_ee, req)
|
||||
assert_equal OpenSSL::Timestamp::Response::REJECTION, resp.status
|
||||
|
||||
|
|
@ -291,7 +291,7 @@ _end_of_pem_
|
|||
assert_equal OpenSSL::Timestamp::Response::REJECTION, resp.status
|
||||
|
||||
# Non-String, non-Digest Array element
|
||||
fac.allowed_digests = ["sha1", OpenSSL::Digest::SHA1.new, 123]
|
||||
fac.allowed_digests = ["sha1", OpenSSL::Digest.new('SHA1'), 123]
|
||||
assert_raise(TypeError) do
|
||||
fac.create_timestamp(ee_key, ts_cert_ee, req)
|
||||
end
|
||||
|
|
@ -300,7 +300,7 @@ _end_of_pem_
|
|||
def test_response_default_policy
|
||||
req = OpenSSL::Timestamp::Request.new
|
||||
req.algorithm = "SHA1"
|
||||
digest = OpenSSL::Digest::SHA1.new.digest("test")
|
||||
digest = OpenSSL::Digest.digest('SHA1', "test")
|
||||
req.message_imprint = digest
|
||||
|
||||
fac = OpenSSL::Timestamp::Factory.new
|
||||
|
|
@ -317,7 +317,7 @@ _end_of_pem_
|
|||
def test_response_bad_purpose
|
||||
req = OpenSSL::Timestamp::Request.new
|
||||
req.algorithm = "SHA1"
|
||||
digest = OpenSSL::Digest::SHA1.new.digest("test")
|
||||
digest = OpenSSL::Digest.digest('SHA1', "test")
|
||||
req.message_imprint = digest
|
||||
req.policy_id = "1.2.3.4.5"
|
||||
req.nonce = 42
|
||||
|
|
@ -336,7 +336,7 @@ _end_of_pem_
|
|||
def test_no_cert_requested
|
||||
req = OpenSSL::Timestamp::Request.new
|
||||
req.algorithm = "SHA1"
|
||||
digest = OpenSSL::Digest::SHA1.new.digest("test")
|
||||
digest = OpenSSL::Digest.digest('SHA1', "test")
|
||||
req.message_imprint = digest
|
||||
req.cert_requested = false
|
||||
|
||||
|
|
@ -355,7 +355,7 @@ _end_of_pem_
|
|||
assert_raise(OpenSSL::Timestamp::TimestampError) do
|
||||
req = OpenSSL::Timestamp::Request.new
|
||||
req.algorithm = "SHA1"
|
||||
digest = OpenSSL::Digest::SHA1.new.digest("test")
|
||||
digest = OpenSSL::Digest.digest('SHA1', "test")
|
||||
req.message_imprint = digest
|
||||
|
||||
fac = OpenSSL::Timestamp::Factory.new
|
||||
|
|
@ -423,7 +423,7 @@ _end_of_pem_
|
|||
def test_verify_ee_def_policy
|
||||
req = OpenSSL::Timestamp::Request.new
|
||||
req.algorithm = "SHA1"
|
||||
digest = OpenSSL::Digest::SHA1.new.digest("test")
|
||||
digest = OpenSSL::Digest.digest('SHA1', "test")
|
||||
req.message_imprint = digest
|
||||
req.nonce = 42
|
||||
|
||||
|
|
@ -481,7 +481,7 @@ _end_of_pem_
|
|||
def test_verify_ee_additional_certs_array
|
||||
req = OpenSSL::Timestamp::Request.new
|
||||
req.algorithm = "SHA1"
|
||||
digest = OpenSSL::Digest::SHA1.new.digest("test")
|
||||
digest = OpenSSL::Digest.digest('SHA1', "test")
|
||||
req.message_imprint = digest
|
||||
req.policy_id = "1.2.3.4.5"
|
||||
req.nonce = 42
|
||||
|
|
@ -501,7 +501,7 @@ _end_of_pem_
|
|||
def test_verify_ee_additional_certs_with_root
|
||||
req = OpenSSL::Timestamp::Request.new
|
||||
req.algorithm = "SHA1"
|
||||
digest = OpenSSL::Digest::SHA1.new.digest("test")
|
||||
digest = OpenSSL::Digest.digest('SHA1', "test")
|
||||
req.message_imprint = digest
|
||||
req.policy_id = "1.2.3.4.5"
|
||||
req.nonce = 42
|
||||
|
|
@ -518,7 +518,7 @@ _end_of_pem_
|
|||
def test_verify_ee_cert_inclusion_not_requested
|
||||
req = OpenSSL::Timestamp::Request.new
|
||||
req.algorithm = "SHA1"
|
||||
digest = OpenSSL::Digest::SHA1.new.digest("test")
|
||||
digest = OpenSSL::Digest.digest('SHA1', "test")
|
||||
req.message_imprint = digest
|
||||
req.nonce = 42
|
||||
req.cert_requested = false
|
||||
|
|
@ -539,7 +539,7 @@ _end_of_pem_
|
|||
#CTX_free methods don't mess up e.g. the certificates
|
||||
req = OpenSSL::Timestamp::Request.new
|
||||
req.algorithm = "SHA1"
|
||||
digest = OpenSSL::Digest::SHA1.new.digest("test")
|
||||
digest = OpenSSL::Digest.digest('SHA1', "test")
|
||||
req.message_imprint = digest
|
||||
req.policy_id = "1.2.3.4.5"
|
||||
req.nonce = 42
|
||||
|
|
@ -560,7 +560,7 @@ _end_of_pem_
|
|||
def test_token_info_creation
|
||||
req = OpenSSL::Timestamp::Request.new
|
||||
req.algorithm = "SHA1"
|
||||
digest = OpenSSL::Digest::SHA1.new.digest("test")
|
||||
digest = OpenSSL::Digest.digest('SHA1', "test")
|
||||
req.message_imprint = digest
|
||||
req.policy_id = "1.2.3.4.5"
|
||||
req.nonce = OpenSSL::BN.new(123)
|
||||
|
|
@ -594,7 +594,7 @@ _end_of_pem_
|
|||
def timestamp_ee
|
||||
req = OpenSSL::Timestamp::Request.new
|
||||
req.algorithm = "SHA1"
|
||||
digest = OpenSSL::Digest::SHA1.new.digest("test")
|
||||
digest = OpenSSL::Digest.digest('SHA1', "test")
|
||||
req.message_imprint = digest
|
||||
req.policy_id = "1.2.3.4.5"
|
||||
req.nonce = 42
|
||||
|
|
@ -609,7 +609,7 @@ _end_of_pem_
|
|||
def timestamp_ee_no_cert
|
||||
req = OpenSSL::Timestamp::Request.new
|
||||
req.algorithm = "SHA1"
|
||||
digest = OpenSSL::Digest::SHA1.new.digest("test")
|
||||
digest = OpenSSL::Digest.digest('SHA1', "test")
|
||||
req.message_imprint = digest
|
||||
req.policy_id = "1.2.3.4.5"
|
||||
req.nonce = 42
|
||||
|
|
@ -625,7 +625,7 @@ _end_of_pem_
|
|||
def timestamp_direct
|
||||
req = OpenSSL::Timestamp::Request.new
|
||||
req.algorithm = "SHA1"
|
||||
digest = OpenSSL::Digest::SHA1.new.digest("test")
|
||||
digest = OpenSSL::Digest.digest('SHA1', "test")
|
||||
req.message_imprint = digest
|
||||
req.policy_id = "1.2.3.4.5"
|
||||
req.nonce = 42
|
||||
|
|
@ -640,7 +640,7 @@ _end_of_pem_
|
|||
def timestamp_direct_no_cert
|
||||
req = OpenSSL::Timestamp::Request.new
|
||||
req.algorithm = "SHA1"
|
||||
digest = OpenSSL::Digest::SHA1.new.digest("test")
|
||||
digest = OpenSSL::Digest.digest('SHA1', "test")
|
||||
req.message_imprint = digest
|
||||
req.policy_id = "1.2.3.4.5"
|
||||
req.nonce = 42
|
||||
|
|
|
|||
|
|
@ -205,7 +205,7 @@ class OpenSSL::TestX509Certificate < OpenSSL::TestCase
|
|||
end
|
||||
|
||||
def test_sign_and_verify_rsa_dss1
|
||||
cert = issue_cert(@ca, @rsa2048, 1, [], nil, nil, digest: OpenSSL::Digest::DSS1.new)
|
||||
cert = issue_cert(@ca, @rsa2048, 1, [], nil, nil, digest: OpenSSL::Digest.new('DSS1'))
|
||||
assert_equal(false, cert.verify(@rsa1024))
|
||||
assert_equal(true, cert.verify(@rsa2048))
|
||||
assert_equal(false, certificate_error_returns_false { cert.verify(@dsa256) })
|
||||
|
|
|
|||
|
|
@ -20,7 +20,7 @@ class OpenSSL::TestX509CRL < OpenSSL::TestCase
|
|||
|
||||
cert = issue_cert(@ca, @rsa2048, 1, [], nil, nil)
|
||||
crl = issue_crl([], 1, now, now+1600, [],
|
||||
cert, @rsa2048, OpenSSL::Digest::SHA1.new)
|
||||
cert, @rsa2048, OpenSSL::Digest.new('SHA1'))
|
||||
assert_equal(1, crl.version)
|
||||
assert_equal(cert.issuer.to_der, crl.issuer.to_der)
|
||||
assert_equal(now, crl.last_update)
|
||||
|
|
@ -57,7 +57,7 @@ class OpenSSL::TestX509CRL < OpenSSL::TestCase
|
|||
]
|
||||
cert = issue_cert(@ca, @rsa2048, 1, [], nil, nil)
|
||||
crl = issue_crl(revoke_info, 1, Time.now, Time.now+1600, [],
|
||||
cert, @rsa2048, OpenSSL::Digest::SHA1.new)
|
||||
cert, @rsa2048, OpenSSL::Digest.new('SHA1'))
|
||||
revoked = crl.revoked
|
||||
assert_equal(5, revoked.size)
|
||||
assert_equal(1, revoked[0].serial)
|
||||
|
|
@ -98,7 +98,7 @@ class OpenSSL::TestX509CRL < OpenSSL::TestCase
|
|||
|
||||
revoke_info = (1..1000).collect{|i| [i, now, 0] }
|
||||
crl = issue_crl(revoke_info, 1, Time.now, Time.now+1600, [],
|
||||
cert, @rsa2048, OpenSSL::Digest::SHA1.new)
|
||||
cert, @rsa2048, OpenSSL::Digest.new('SHA1'))
|
||||
revoked = crl.revoked
|
||||
assert_equal(1000, revoked.size)
|
||||
assert_equal(1, revoked[0].serial)
|
||||
|
|
@ -124,7 +124,7 @@ class OpenSSL::TestX509CRL < OpenSSL::TestCase
|
|||
|
||||
cert = issue_cert(@ca, @rsa2048, 1, cert_exts, nil, nil)
|
||||
crl = issue_crl([], 1, Time.now, Time.now+1600, crl_exts,
|
||||
cert, @rsa2048, OpenSSL::Digest::SHA1.new)
|
||||
cert, @rsa2048, OpenSSL::Digest.new('SHA1'))
|
||||
exts = crl.extensions
|
||||
assert_equal(3, exts.size)
|
||||
assert_equal("1", exts[0].value)
|
||||
|
|
@ -160,24 +160,24 @@ class OpenSSL::TestX509CRL < OpenSSL::TestCase
|
|||
assert_equal(false, exts[2].critical?)
|
||||
|
||||
no_ext_crl = issue_crl([], 1, Time.now, Time.now+1600, [],
|
||||
cert, @rsa2048, OpenSSL::Digest::SHA1.new)
|
||||
cert, @rsa2048, OpenSSL::Digest.new('SHA1'))
|
||||
assert_equal nil, no_ext_crl.authority_key_identifier
|
||||
end
|
||||
|
||||
def test_crlnumber
|
||||
cert = issue_cert(@ca, @rsa2048, 1, [], nil, nil)
|
||||
crl = issue_crl([], 1, Time.now, Time.now+1600, [],
|
||||
cert, @rsa2048, OpenSSL::Digest::SHA1.new)
|
||||
cert, @rsa2048, OpenSSL::Digest.new('SHA1'))
|
||||
assert_match(1.to_s, crl.extensions[0].value)
|
||||
assert_match(/X509v3 CRL Number:\s+#{1}/m, crl.to_text)
|
||||
|
||||
crl = issue_crl([], 2**32, Time.now, Time.now+1600, [],
|
||||
cert, @rsa2048, OpenSSL::Digest::SHA1.new)
|
||||
cert, @rsa2048, OpenSSL::Digest.new('SHA1'))
|
||||
assert_match((2**32).to_s, crl.extensions[0].value)
|
||||
assert_match(/X509v3 CRL Number:\s+#{2**32}/m, crl.to_text)
|
||||
|
||||
crl = issue_crl([], 2**100, Time.now, Time.now+1600, [],
|
||||
cert, @rsa2048, OpenSSL::Digest::SHA1.new)
|
||||
cert, @rsa2048, OpenSSL::Digest.new('SHA1'))
|
||||
assert_match(/X509v3 CRL Number:\s+#{2**100}/m, crl.to_text)
|
||||
assert_match((2**100).to_s, crl.extensions[0].value)
|
||||
end
|
||||
|
|
@ -185,7 +185,7 @@ class OpenSSL::TestX509CRL < OpenSSL::TestCase
|
|||
def test_sign_and_verify
|
||||
cert = issue_cert(@ca, @rsa2048, 1, [], nil, nil)
|
||||
crl = issue_crl([], 1, Time.now, Time.now+1600, [],
|
||||
cert, @rsa2048, OpenSSL::Digest::SHA1.new)
|
||||
cert, @rsa2048, OpenSSL::Digest.new('SHA1'))
|
||||
assert_equal(false, crl.verify(@rsa1024))
|
||||
assert_equal(true, crl.verify(@rsa2048))
|
||||
assert_equal(false, crl_error_returns_false { crl.verify(@dsa256) })
|
||||
|
|
@ -195,7 +195,7 @@ class OpenSSL::TestX509CRL < OpenSSL::TestCase
|
|||
|
||||
cert = issue_cert(@ca, @dsa512, 1, [], nil, nil)
|
||||
crl = issue_crl([], 1, Time.now, Time.now+1600, [],
|
||||
cert, @dsa512, OpenSSL::Digest::SHA1.new)
|
||||
cert, @dsa512, OpenSSL::Digest.new('SHA1'))
|
||||
assert_equal(false, crl_error_returns_false { crl.verify(@rsa1024) })
|
||||
assert_equal(false, crl_error_returns_false { crl.verify(@rsa2048) })
|
||||
assert_equal(false, crl.verify(@dsa256))
|
||||
|
|
|
|||
|
|
@ -432,13 +432,13 @@ class OpenSSL::TestX509Name < OpenSSL::TestCase
|
|||
def test_hash
|
||||
dn = "/DC=org/DC=ruby-lang/CN=www.ruby-lang.org"
|
||||
name = OpenSSL::X509::Name.parse(dn)
|
||||
d = OpenSSL::Digest::MD5.digest(name.to_der)
|
||||
d = OpenSSL::Digest.digest('MD5', name.to_der)
|
||||
expected = (d[0].ord & 0xff) | (d[1].ord & 0xff) << 8 | (d[2].ord & 0xff) << 16 | (d[3].ord & 0xff) << 24
|
||||
assert_equal(expected, name_hash(name))
|
||||
#
|
||||
dn = "/DC=org/DC=ruby-lang/CN=baz.ruby-lang.org"
|
||||
name = OpenSSL::X509::Name.parse(dn)
|
||||
d = OpenSSL::Digest::MD5.digest(name.to_der)
|
||||
d = OpenSSL::Digest.digest('MD5', name.to_der)
|
||||
expected = (d[0].ord & 0xff) | (d[1].ord & 0xff) << 8 | (d[2].ord & 0xff) << 16 | (d[3].ord & 0xff) << 24
|
||||
assert_equal(expected, name_hash(name))
|
||||
end
|
||||
|
|
|
|||
|
|
@ -23,31 +23,31 @@ class OpenSSL::TestX509Request < OpenSSL::TestCase
|
|||
end
|
||||
|
||||
def test_public_key
|
||||
req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest::SHA1.new)
|
||||
req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest.new('SHA1'))
|
||||
assert_equal(@rsa1024.public_key.to_der, req.public_key.to_der)
|
||||
req = OpenSSL::X509::Request.new(req.to_der)
|
||||
assert_equal(@rsa1024.public_key.to_der, req.public_key.to_der)
|
||||
|
||||
req = issue_csr(0, @dn, @dsa512, OpenSSL::Digest::SHA1.new)
|
||||
req = issue_csr(0, @dn, @dsa512, OpenSSL::Digest.new('SHA1'))
|
||||
assert_equal(@dsa512.public_key.to_der, req.public_key.to_der)
|
||||
req = OpenSSL::X509::Request.new(req.to_der)
|
||||
assert_equal(@dsa512.public_key.to_der, req.public_key.to_der)
|
||||
end
|
||||
|
||||
def test_version
|
||||
req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest::SHA1.new)
|
||||
req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest.new('SHA1'))
|
||||
assert_equal(0, req.version)
|
||||
req = OpenSSL::X509::Request.new(req.to_der)
|
||||
assert_equal(0, req.version)
|
||||
|
||||
req = issue_csr(1, @dn, @rsa1024, OpenSSL::Digest::SHA1.new)
|
||||
req = issue_csr(1, @dn, @rsa1024, OpenSSL::Digest.new('SHA1'))
|
||||
assert_equal(1, req.version)
|
||||
req = OpenSSL::X509::Request.new(req.to_der)
|
||||
assert_equal(1, req.version)
|
||||
end
|
||||
|
||||
def test_subject
|
||||
req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest::SHA1.new)
|
||||
req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest.new('SHA1'))
|
||||
assert_equal(@dn.to_der, req.subject.to_der)
|
||||
req = OpenSSL::X509::Request.new(req.to_der)
|
||||
assert_equal(@dn.to_der, req.subject.to_der)
|
||||
|
|
@ -78,9 +78,9 @@ class OpenSSL::TestX509Request < OpenSSL::TestCase
|
|||
OpenSSL::X509::Attribute.new("msExtReq", attrval),
|
||||
]
|
||||
|
||||
req0 = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest::SHA1.new)
|
||||
req0 = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest.new('SHA1'))
|
||||
attrs.each{|attr| req0.add_attribute(attr) }
|
||||
req1 = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest::SHA1.new)
|
||||
req1 = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest.new('SHA1'))
|
||||
req1.attributes = attrs
|
||||
assert_equal(req0.to_der, req1.to_der)
|
||||
|
||||
|
|
@ -101,7 +101,7 @@ class OpenSSL::TestX509Request < OpenSSL::TestCase
|
|||
end
|
||||
|
||||
def test_sign_and_verify_rsa_sha1
|
||||
req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest::SHA1.new)
|
||||
req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest.new('SHA1'))
|
||||
assert_equal(true, req.verify(@rsa1024))
|
||||
assert_equal(false, req.verify(@rsa2048))
|
||||
assert_equal(false, request_error_returns_false { req.verify(@dsa256) })
|
||||
|
|
@ -111,7 +111,7 @@ class OpenSSL::TestX509Request < OpenSSL::TestCase
|
|||
end
|
||||
|
||||
def test_sign_and_verify_rsa_md5
|
||||
req = issue_csr(0, @dn, @rsa2048, OpenSSL::Digest::MD5.new)
|
||||
req = issue_csr(0, @dn, @rsa2048, OpenSSL::Digest.new('MD5'))
|
||||
assert_equal(false, req.verify(@rsa1024))
|
||||
assert_equal(true, req.verify(@rsa2048))
|
||||
assert_equal(false, request_error_returns_false { req.verify(@dsa256) })
|
||||
|
|
@ -122,7 +122,7 @@ class OpenSSL::TestX509Request < OpenSSL::TestCase
|
|||
end
|
||||
|
||||
def test_sign_and_verify_dsa
|
||||
req = issue_csr(0, @dn, @dsa512, OpenSSL::Digest::SHA1.new)
|
||||
req = issue_csr(0, @dn, @dsa512, OpenSSL::Digest.new('SHA1'))
|
||||
assert_equal(false, request_error_returns_false { req.verify(@rsa1024) })
|
||||
assert_equal(false, request_error_returns_false { req.verify(@rsa2048) })
|
||||
assert_equal(false, req.verify(@dsa256))
|
||||
|
|
@ -133,11 +133,11 @@ class OpenSSL::TestX509Request < OpenSSL::TestCase
|
|||
|
||||
def test_sign_and_verify_dsa_md5
|
||||
assert_raise(OpenSSL::X509::RequestError){
|
||||
issue_csr(0, @dn, @dsa512, OpenSSL::Digest::MD5.new) }
|
||||
issue_csr(0, @dn, @dsa512, OpenSSL::Digest.new('MD5')) }
|
||||
end
|
||||
|
||||
def test_dup
|
||||
req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest::SHA1.new)
|
||||
req = issue_csr(0, @dn, @rsa1024, OpenSSL::Digest.new('SHA1'))
|
||||
assert_equal(req.to_der, req.dup.to_der)
|
||||
end
|
||||
|
||||
|
|
|
|||
|
|
@ -72,16 +72,16 @@ class OpenSSL::TestX509Store < OpenSSL::TestCase
|
|||
|
||||
revoke_info = []
|
||||
crl1 = issue_crl(revoke_info, 1, now, now+1800, [],
|
||||
ca1_cert, @rsa2048, OpenSSL::Digest::SHA1.new)
|
||||
ca1_cert, @rsa2048, OpenSSL::Digest.new('SHA1'))
|
||||
revoke_info = [ [2, now, 1], ]
|
||||
crl1_2 = issue_crl(revoke_info, 2, now, now+1800, [],
|
||||
ca1_cert, @rsa2048, OpenSSL::Digest::SHA1.new)
|
||||
ca1_cert, @rsa2048, OpenSSL::Digest.new('SHA1'))
|
||||
revoke_info = [ [20, now, 1], ]
|
||||
crl2 = issue_crl(revoke_info, 1, now, now+1800, [],
|
||||
ca2_cert, @rsa1024, OpenSSL::Digest::SHA1.new)
|
||||
ca2_cert, @rsa1024, OpenSSL::Digest.new('SHA1'))
|
||||
revoke_info = []
|
||||
crl2_2 = issue_crl(revoke_info, 2, now-100, now-1, [],
|
||||
ca2_cert, @rsa1024, OpenSSL::Digest::SHA1.new)
|
||||
ca2_cert, @rsa1024, OpenSSL::Digest.new('SHA1'))
|
||||
|
||||
assert_equal(true, ca1_cert.verify(ca1_cert.public_key)) # self signed
|
||||
assert_equal(true, ca2_cert.verify(ca1_cert.public_key)) # issued by ca1
|
||||
|
|
@ -220,10 +220,10 @@ class OpenSSL::TestX509Store < OpenSSL::TestCase
|
|||
|
||||
revoke_info = []
|
||||
crl1 = issue_crl(revoke_info, 1, now, now+1800, [],
|
||||
ca1_cert, @rsa2048, OpenSSL::Digest::SHA1.new)
|
||||
ca1_cert, @rsa2048, OpenSSL::Digest.new('SHA1'))
|
||||
revoke_info = [ [2, now, 1], ]
|
||||
crl2 = issue_crl(revoke_info, 2, now+1800, now+3600, [],
|
||||
ca1_cert, @rsa2048, OpenSSL::Digest::SHA1.new)
|
||||
ca1_cert, @rsa2048, OpenSSL::Digest.new('SHA1'))
|
||||
store.add_crl(crl1)
|
||||
assert_raise(OpenSSL::X509::StoreError){
|
||||
store.add_crl(crl2) # add CRL issued by same CA twice.
|
||||
|
|
|
|||
|
|
@ -126,7 +126,7 @@ module OpenSSL::TestUtils
|
|||
pkinfo = tbscert.value[6]
|
||||
publickey = pkinfo.value[1]
|
||||
pkvalue = publickey.value
|
||||
digest = OpenSSL::Digest::SHA1.digest(pkvalue)
|
||||
digest = OpenSSL::Digest.digest('SHA1', pkvalue)
|
||||
if hex
|
||||
digest.unpack("H2"*20).join(":").upcase
|
||||
else
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче