diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2017-05-15 23:47:47 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2021-03-16 19:16:11 +0900 |
commit | 5cae289682c6b8fea6324ae8f26dbcc90ebaaa2f (patch) | |
tree | c374695eb238803d3833c0383ad24a79fbe3228b /test/openssl | |
parent | 1e3590fe221c9631259f6876bfaa896398ac7cfa (diff) |
[ruby/openssl] pkey: port PKey::PKey#sign and #verify to the EVP_Digest* interface
Use EVP_DigestSign*() and EVP_DigestVerify*() interface instead of the
old EVP_Sign*() and EVP_Verify*() functions. They were added in OpenSSL
1.0.0.
Also, allow the digest to be specified as nil, as certain EVP_PKEY types
don't expect a digest algorithm.
https://github.com/ruby/openssl/commit/9ff6e5143b
Notes
Notes:
Merged: https://github.com/ruby/ruby/pull/4275
Diffstat (limited to 'test/openssl')
-rw-r--r-- | test/openssl/test_pkey.rb | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/test/openssl/test_pkey.rb b/test/openssl/test_pkey.rb index a325a1ea2b..247ba84f83 100644 --- a/test/openssl/test_pkey.rb +++ b/test/openssl/test_pkey.rb @@ -68,4 +68,16 @@ class OpenSSL::TestPKey < OpenSSL::PKeyTestCase assert_equal 512, pkey.p.num_bits assert_not_equal nil, pkey.priv_key end + + def test_hmac_sign_verify + pkey = OpenSSL::PKey.generate_key("HMAC", { "key" => "abcd" }) + + hmac = OpenSSL::HMAC.new("abcd", "SHA256").update("data").digest + assert_equal hmac, pkey.sign("SHA256", "data") + + # EVP_PKEY_HMAC does not support verify + assert_raise(OpenSSL::PKey::PKeyError) { + pkey.verify("SHA256", "data", hmac) + } + end end |