summaryrefslogtreecommitdiff
path: root/test/openssl/utils.rb
diff options
context:
space:
mode:
authorrhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2016-11-30 14:41:46 +0000
committerrhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2016-11-30 14:41:46 +0000
commitaab0d67a1ff5190ff7a951e40cee742210302aed (patch)
treec8635fd674d8300fa79e76a2f5d5eeef465abd88 /test/openssl/utils.rb
parent0a5abaf745bf40de27bf4fac2172aaeacc2e2637 (diff)
openssl: import v2.0.0
Import Ruby/OpenSSL 2.0.0. The full commit history since 2.0.0 beta.2 (imported at r56098) can be found at: https://github.com/ruby/openssl/compare/v2.0.0.beta.2...v2.0.0 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56946 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'test/openssl/utils.rb')
-rw-r--r--test/openssl/utils.rb18
1 files changed, 9 insertions, 9 deletions
diff --git a/test/openssl/utils.rb b/test/openssl/utils.rb
index 6f3a3c6d1c4..43ecd79eca6 100644
--- a/test/openssl/utils.rb
+++ b/test/openssl/utils.rb
@@ -10,7 +10,6 @@ rescue LoadError
end
require "test/unit"
-require "digest/md5"
require 'tempfile'
require "rbconfig"
require "socket"
@@ -131,8 +130,8 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC
module_function
- def issue_cert(dn, key, serial, not_before, not_after, extensions,
- issuer, issuer_key, digest)
+ def issue_cert(dn, key, serial, extensions, issuer, issuer_key,
+ not_before: nil, not_after: nil, digest: nil)
cert = OpenSSL::X509::Certificate.new
issuer = cert unless issuer
issuer_key = key unless issuer_key
@@ -141,14 +140,16 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC
cert.subject = dn
cert.issuer = issuer.subject
cert.public_key = key.public_key
- cert.not_before = not_before
- cert.not_after = not_after
+ now = Time.now
+ cert.not_before = not_before || now - 3600
+ cert.not_after = not_after || now + 3600
ef = OpenSSL::X509::ExtensionFactory.new
ef.subject_certificate = cert
ef.issuer_certificate = issuer
extensions.each{|oid, value, critical|
cert.add_extension(ef.create_extension(oid, value, critical))
}
+ digest ||= OpenSSL::PKey::DSA === issuer_key ? DSA_SIGNATURE_DIGEST.new : "sha256"
cert.sign(issuer_key, digest)
cert
end
@@ -217,7 +218,6 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC
@ca = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=CA")
@svr = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=localhost")
@cli = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=localhost")
- now = Time.at(Time.now.to_i)
ca_exts = [
["basicConstraints","CA:TRUE",true],
["keyUsage","cRLSign,keyCertSign",true],
@@ -225,9 +225,9 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC
ee_exts = [
["keyUsage","keyEncipherment,digitalSignature",true],
]
- @ca_cert = issue_cert(@ca, @ca_key, 1, now, now+3600, ca_exts, nil, nil, OpenSSL::Digest::SHA1.new)
- @svr_cert = issue_cert(@svr, @svr_key, 2, now, now+1800, ee_exts, @ca_cert, @ca_key, OpenSSL::Digest::SHA1.new)
- @cli_cert = issue_cert(@cli, @cli_key, 3, now, now+1800, ee_exts, @ca_cert, @ca_key, OpenSSL::Digest::SHA1.new)
+ @ca_cert = issue_cert(@ca, @ca_key, 1, ca_exts, nil, nil)
+ @svr_cert = issue_cert(@svr, @svr_key, 2, ee_exts, @ca_cert, @ca_key)
+ @cli_cert = issue_cert(@cli, @cli_key, 3, ee_exts, @ca_cert, @ca_key)
@server = nil
end