diff options
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | test/openssl/test_x509cert.rb | 34 |
2 files changed, 39 insertions, 0 deletions
@@ -1,3 +1,8 @@ +Sun May 22 06:07:17 2011 Martin Bosslet <Martin.Bosslet@googlemail.com> + + * test/openssl/test_x509cert.rb: Merge DSA-related tests from ruby_1_8 + branch. + Sun May 22 04:11:12 2011 KOSAKI Motohiro <kosaki.motohiro@gmail.com> * thread.c (Init_Thread): add a code comment why the meaningless diff --git a/test/openssl/test_x509cert.rb b/test/openssl/test_x509cert.rb index 6d39c9690d..7af00293bf 100644 --- a/test/openssl/test_x509cert.rb +++ b/test/openssl/test_x509cert.rb @@ -171,6 +171,40 @@ class OpenSSL::TestX509Certificate < Test::Unit::TestCase } end + def test_dsig_algorithm_mismatch + assert_raise(OpenSSL::X509::CertificateError) do + cert = issue_cert(@ca, @rsa2048, 1, Time.now, Time.now+3600, [], + nil, nil, OpenSSL::Digest::DSS1.new) + end + assert_raise(OpenSSL::X509::CertificateError) do + cert = issue_cert(@ca, @dsa512, 1, Time.now, Time.now+3600, [], + nil, nil, OpenSSL::Digest::MD5.new) + end + end + + def test_dsa_with_sha2 + begin + cert = issue_cert(@ca, @dsa256, 1, Time.now, Time.now+3600, [], + nil, nil, OpenSSL::Digest::SHA256.new) + assert_equal("dsa_with_SHA256", cert.signature_algorithm) + rescue OpenSSL::X509::CertificateError + # dsa_with_sha2 not supported. skip following test. + return + end + # TODO: need more tests for dsa + sha2 + + # SHA1 is allowed from OpenSSL 1.0.0 (0.9.8 requires DSS1) + cert = issue_cert(@ca, @dsa256, 1, Time.now, Time.now+3600, [], + nil, nil, OpenSSL::Digest::SHA1.new) + assert_equal("dsaWithSHA1", cert.signature_algorithm) + end + + def test_check_private_key + cert = issue_cert(@ca, @rsa2048, 1, Time.now, Time.now+3600, [], + nil, nil, OpenSSL::Digest::SHA1.new) + assert_equal(true, cert.check_private_key(@rsa2048)) + end + private def certificate_error_returns_false |