[ruby/openssl] pkey: port PKey::PKey#sign and #verify to the EVP_Digest* interface

Use EVP_DigestSign*() and EVP_DigestVerify*() interface instead of the old EVP_Sign*() and EVP_Verify*() functions. They were added in OpenSSL 1.0.0. Also, allow the digest to be specified as nil, as certain EVP_PKEY types don't expect a digest algorithm. https://github.com/ruby/openssl/commit/9ff6e5143b
author: Kazuki Yamaguchi <k@rhe.jp> 2017-05-15 23:47:47 +0900
committer: Kazuki Yamaguchi <k@rhe.jp> 2021-03-16 19:16:11 +0900
commit: 5cae289682c6b8fea6324ae8f26dbcc90ebaaa2f (patch)
tree: c374695eb238803d3833c0383ad24a79fbe3228b /test/openssl
parent: 1e3590fe221c9631259f6876bfaa896398ac7cfa (diff)
1 files changed, 12 insertions, 0 deletions
diff --git a/test/openssl/test_pkey.rb b/test/openssl/test_pkey.rb
index a325a1ea2b..247ba84f83 100644
--- a/test/openssl/test_pkey.rb
+++ b/test/openssl/test_pkey.rb
@@ -68,4 +68,16 @@ class OpenSSL::TestPKey < OpenSSL::PKeyTestCase
     assert_equal 512, pkey.p.num_bits
     assert_not_equal nil, pkey.priv_key
   end
+
+  def test_hmac_sign_verify
+    pkey = OpenSSL::PKey.generate_key("HMAC", { "key" => "abcd" })
+
+    hmac = OpenSSL::HMAC.new("abcd", "SHA256").update("data").digest
+    assert_equal hmac, pkey.sign("SHA256", "data")
+
+    # EVP_PKEY_HMAC does not support verify
+    assert_raise(OpenSSL::PKey::PKeyError) {
+      pkey.verify("SHA256", "data", hmac)
+    }
+  end
 end
author	Kazuki Yamaguchi <k@rhe.jp>	2017-05-15 23:47:47 +0900
committer	Kazuki Yamaguchi <k@rhe.jp>	2021-03-16 19:16:11 +0900
commit	5cae289682c6b8fea6324ae8f26dbcc90ebaaa2f (patch)
tree	c374695eb238803d3833c0383ad24a79fbe3228b /test/openssl
parent	1e3590fe221c9631259f6876bfaa896398ac7cfa (diff)