diff options
| author | Hiroshi SHIBATA <hsbt@ruby-lang.org> | 2020-02-16 15:21:29 +0900 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-02-16 15:21:29 +0900 |
| commit | b99775b163ce44079c1f8727ce9b4ed8bb03489d (patch) | |
| tree | 4f9fd53f21c94dfeb05fefe1143bbe770228733a /test/openssl/test_x509crl.rb | |
| parent | 0bfa479c52963b95a47ceab3d453f21b646366a2 (diff) | |
Import openssl-2.2.0 (#2693)
Import the master branch of ruby/openssl for preparing to release openssl-2.2.0
Notes
Notes:
Merged-By: hsbt <hsbt@ruby-lang.org>
Diffstat (limited to 'test/openssl/test_x509crl.rb')
| -rw-r--r-- | test/openssl/test_x509crl.rb | 27 |
1 files changed, 25 insertions, 2 deletions
diff --git a/test/openssl/test_x509crl.rb b/test/openssl/test_x509crl.rb index 03fdf64dd4..a6d0adc592 100644 --- a/test/openssl/test_x509crl.rb +++ b/test/openssl/test_x509crl.rb @@ -1,4 +1,4 @@ -# frozen_string_literal: false +# frozen_string_literal: true require_relative "utils" if defined?(OpenSSL) @@ -118,7 +118,7 @@ class OpenSSL::TestX509CRL < OpenSSL::TestCase ["keyUsage", "cRLSign, keyCertSign", true], ] crl_exts = [ - ["authorityKeyIdentifier", "keyid:always", false], + ["authorityKeyIdentifier", "issuer:always,keyid:always", false], ["issuerAltName", "issuer:copy", false], ] @@ -131,6 +131,9 @@ class OpenSSL::TestX509CRL < OpenSSL::TestCase assert_equal("crlNumber", exts[0].oid) assert_equal(false, exts[0].critical?) + expected_keyid = OpenSSL::TestUtils.get_subject_key_id(cert, hex: false) + assert_equal expected_keyid, crl.authority_key_identifier + assert_equal("authorityKeyIdentifier", exts[1].oid) keyid = OpenSSL::TestUtils.get_subject_key_id(cert) assert_match(/^keyid:#{keyid}/, exts[1].value) @@ -155,6 +158,10 @@ class OpenSSL::TestX509CRL < OpenSSL::TestCase assert_equal("issuerAltName", exts[2].oid) assert_equal("email:xyzzy@ruby-lang.org", exts[2].value) assert_equal(false, exts[2].critical?) + + no_ext_crl = issue_crl([], 1, Time.now, Time.now+1600, [], + cert, @rsa2048, OpenSSL::Digest::SHA1.new) + assert_equal nil, no_ext_crl.authority_key_identifier end def test_crlnumber @@ -249,6 +256,22 @@ class OpenSSL::TestX509CRL < OpenSSL::TestCase assert_equal true, rev2 == crl2.revoked[1] end + def test_marshal + now = Time.now + + cacert = issue_cert(@ca, @rsa1024, 1, [], nil, nil) + crl = issue_crl([], 1, now, now + 3600, [], cacert, @rsa1024, "sha256") + rev = OpenSSL::X509::Revoked.new.tap { |rev| + rev.serial = 1 + rev.time = now + } + crl.add_revoked(rev) + deserialized = Marshal.load(Marshal.dump(crl)) + + assert_equal crl.to_der, deserialized.to_der + assert_equal crl.revoked[0].to_der, deserialized.revoked[0].to_der + end + private def crl_error_returns_false |