* lib/rubygems/security/policy.rb: Raise proper exceptions when

verifying unsigned gems (instead of crashing). * test/rubygems/test_gem_security_policy.rb: Tests for the above. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@39153 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: drbrain <drbrain@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2013-02-08 02:58:19 +0000
committer: drbrain <drbrain@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2013-02-08 02:58:19 +0000
commit: d2be12ef6171f75a074aca8caaeaf834e1f2aac8 (patch)
tree: 3932c9c3040bc8b306f4337004ccab6bc48dd93d /test/rubygems
parent: 16f6500cb2f81a66e831dd9d878ff56e81f1ab43 (diff)
1 files changed, 67 insertions, 0 deletions
diff --git a/test/rubygems/test_gem_security_policy.rb b/test/rubygems/test_gem_security_policy.rb
index 568bf69d08..1ce93fbd95 100644
--- a/test/rubygems/test_gem_security_policy.rb
+++ b/test/rubygems/test_gem_security_policy.rb
@@ -34,6 +34,7 @@ class TestGemSecurityPolicy < Gem::TestCase
     @no        = Gem::Security::NoSecurity
     @almost_no = Gem::Security::AlmostNoSecurity
     @low       = Gem::Security::LowSecurity
+    @medium    = Gem::Security::MediumSecurity
     @high      = Gem::Security::HighSecurity
 
     @chain = Gem::Security::Policy.new(
@@ -85,6 +86,14 @@ class TestGemSecurityPolicy < Gem::TestCase
     assert @chain.check_chain chain, Time.now
   end
 
+  def test_check_chain_empty_chain
+    e = assert_raises Gem::Security::Exception do
+      @chain.check_chain [], Time.now
+    end
+
+    assert_equal 'empty signing chain', e.message
+  end
+
   def test_check_chain_invalid
     chain = [PUBLIC_CERT, CHILD_CERT, INVALIDCHILD_CERT]
 
@@ -97,6 +106,14 @@ class TestGemSecurityPolicy < Gem::TestCase
                  "was not issued by #{CHILD_CERT.subject}", e.message
   end
 
+  def test_check_chain_no_chain
+    e = assert_raises Gem::Security::Exception do
+      @chain.check_chain nil, Time.now
+    end
+
+    assert_equal 'missing signing chain', e.message
+  end
+
   def test_check_cert
     assert @low.check_cert(PUBLIC_CERT, nil, Time.now)
   end
@@ -135,10 +152,28 @@ class TestGemSecurityPolicy < Gem::TestCase
     assert @low.check_cert(CHILD_CERT, PUBLIC_CERT, Time.now)
   end
 
+  def test_check_cert_no_signer
+    e = assert_raises Gem::Security::Exception do
+      @high.check_cert(nil, nil, Time.now)
+    end
+
+    assert_equal 'missing signing certificate', e.message
+  end
+
   def test_check_key
     assert @almost_no.check_key(PUBLIC_CERT, PRIVATE_KEY)
   end
 
+  def test_check_key_no_signer
+    assert @almost_no.check_key(nil, nil)
+
+    e = assert_raises Gem::Security::Exception do
+      @high.check_key(nil, nil)
+    end
+
+    assert_equal 'missing key or signature', e.message
+  end
+
   def test_check_key_wrong_key
     e = assert_raises Gem::Security::Exception do
       @almost_no.check_key(PUBLIC_CERT, ALTERNATE_KEY)
@@ -154,6 +189,14 @@ class TestGemSecurityPolicy < Gem::TestCase
     assert @chain.check_root chain, Time.now
   end
 
+  def test_check_root_empty_chain
+    e = assert_raises Gem::Security::Exception do
+      @chain.check_root [], Time.now
+    end
+
+    assert_equal 'missing root certificate', e.message
+  end
+
   def test_check_root_invalid_signer
     chain = [INVALID_SIGNER_CERT]
 
@@ -178,6 +221,14 @@ class TestGemSecurityPolicy < Gem::TestCase
                  e.message
   end
 
+  def test_check_root_no_chain
+    e = assert_raises Gem::Security::Exception do
+      @chain.check_root nil, Time.now
+    end
+
+    assert_equal 'missing signing chain', e.message
+  end
+
   def test_check_trust
     Gem::Security.trust_dir.trust_cert PUBLIC_CERT
 
@@ -190,6 +241,14 @@ class TestGemSecurityPolicy < Gem::TestCase
     assert @high.check_trust [PUBLIC_CERT, CHILD_CERT], @sha1, @trust_dir
   end
 
+  def test_check_trust_empty_chain
+    e = assert_raises Gem::Security::Exception do
+      @chain.check_trust [], @sha1, @trust_dir
+    end
+
+    assert_equal 'missing root certificate', e.message
+  end
+
   def test_check_trust_mismatch
     Gem::Security.trust_dir.trust_cert PUBLIC_CERT
 
@@ -201,6 +260,14 @@ class TestGemSecurityPolicy < Gem::TestCase
                  "does not match signing root certificate checksum", e.message
   end
 
+  def test_check_trust_no_chain
+    e = assert_raises Gem::Security::Exception do
+      @chain.check_trust nil, @sha1, @trust_dir
+    end
+
+    assert_equal 'missing signing chain', e.message
+  end
+
   def test_check_trust_no_trust
     e = assert_raises Gem::Security::Exception do
       @high.check_trust [PUBLIC_CERT], @sha1, @trust_dir
author	drbrain <drbrain@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2013-02-08 02:58:19 +0000
committer	drbrain <drbrain@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2013-02-08 02:58:19 +0000
commit	d2be12ef6171f75a074aca8caaeaf834e1f2aac8 (patch)
tree	3932c9c3040bc8b306f4337004ccab6bc48dd93d /test/rubygems
parent	16f6500cb2f81a66e831dd9d878ff56e81f1ab43 (diff)