summaryrefslogtreecommitdiff
path: root/spec/ruby/library/openssl/kdf
diff options
context:
space:
mode:
Diffstat (limited to 'spec/ruby/library/openssl/kdf')
-rw-r--r--spec/ruby/library/openssl/kdf/pbkdf2_hmac_spec.rb42
-rw-r--r--spec/ruby/library/openssl/kdf/scrypt_spec.rb45
2 files changed, 41 insertions, 46 deletions
diff --git a/spec/ruby/library/openssl/kdf/pbkdf2_hmac_spec.rb b/spec/ruby/library/openssl/kdf/pbkdf2_hmac_spec.rb
index 40f8597275..2558dbb9ec 100644
--- a/spec/ruby/library/openssl/kdf/pbkdf2_hmac_spec.rb
+++ b/spec/ruby/library/openssl/kdf/pbkdf2_hmac_spec.rb
@@ -83,86 +83,80 @@ describe "OpenSSL::KDF.pbkdf2_hmac" do
it "raises a TypeError when password is not a String and does not respond to #to_str" do
-> {
OpenSSL::KDF.pbkdf2_hmac(Object.new, **@defaults)
- }.should raise_error(TypeError, "no implicit conversion of Object into String")
+ }.should.raise(TypeError, "no implicit conversion of Object into String")
end
it "raises a TypeError when salt is not a String and does not respond to #to_str" do
-> {
OpenSSL::KDF.pbkdf2_hmac("secret", **@defaults, salt: Object.new)
- }.should raise_error(TypeError, "no implicit conversion of Object into String")
+ }.should.raise(TypeError, "no implicit conversion of Object into String")
end
it "raises a TypeError when iterations is not an Integer and does not respond to #to_int" do
-> {
OpenSSL::KDF.pbkdf2_hmac("secret", **@defaults, iterations: Object.new)
- }.should raise_error(TypeError, "no implicit conversion of Object into Integer")
+ }.should.raise(TypeError, "no implicit conversion of Object into Integer")
end
it "raises a TypeError when length is not an Integer and does not respond to #to_int" do
-> {
OpenSSL::KDF.pbkdf2_hmac("secret", **@defaults, length: Object.new)
- }.should raise_error(TypeError, "no implicit conversion of Object into Integer")
+ }.should.raise(TypeError, "no implicit conversion of Object into Integer")
end
it "raises a TypeError when hash is neither a String nor an OpenSSL::Digest" do
-> {
OpenSSL::KDF.pbkdf2_hmac("secret", **@defaults, hash: Object.new)
- }.should raise_error(TypeError, "wrong argument type Object (expected OpenSSL/Digest)")
+ }.should.raise(TypeError)
end
- it "raises a TypeError when hash is neither a String nor an OpenSSL::Digest, it does not try to call #to_str" do
- hash = mock("hash")
- hash.should_not_receive(:to_str)
- -> {
- OpenSSL::KDF.pbkdf2_hmac("secret", **@defaults, hash: hash)
- }.should raise_error(TypeError, "wrong argument type MockObject (expected OpenSSL/Digest)")
- end
-
- it "raises a RuntimeError for unknown digest algorithms" do
- -> {
- OpenSSL::KDF.pbkdf2_hmac("secret", **@defaults, hash: "wd40")
- }.should raise_error(RuntimeError, /Unsupported digest algorithm \(wd40\)/)
+ version_is OpenSSL::VERSION, "4.0.0" do
+ it "raises a OpenSSL::Digest::DigestError for unknown digest algorithms" do
+ -> {
+ OpenSSL::KDF.pbkdf2_hmac("secret", **@defaults, hash: "wd40")
+ }.should.raise(OpenSSL::Digest::DigestError, /wd40/)
+ end
end
it "treats salt as a required keyword" do
-> {
OpenSSL::KDF.pbkdf2_hmac("secret", **@defaults.except(:salt))
- }.should raise_error(ArgumentError, 'missing keyword: :salt')
+ }.should.raise(ArgumentError, 'missing keyword: :salt')
end
it "treats iterations as a required keyword" do
-> {
OpenSSL::KDF.pbkdf2_hmac("secret", **@defaults.except(:iterations))
- }.should raise_error(ArgumentError, 'missing keyword: :iterations')
+ }.should.raise(ArgumentError, 'missing keyword: :iterations')
end
it "treats length as a required keyword" do
-> {
OpenSSL::KDF.pbkdf2_hmac("secret", **@defaults.except(:length))
- }.should raise_error(ArgumentError, 'missing keyword: :length')
+ }.should.raise(ArgumentError, 'missing keyword: :length')
end
it "treats hash as a required keyword" do
-> {
OpenSSL::KDF.pbkdf2_hmac("secret", **@defaults.except(:hash))
- }.should raise_error(ArgumentError, 'missing keyword: :hash')
+ }.should.raise(ArgumentError, 'missing keyword: :hash')
end
it "treats all keywords as required" do
-> {
OpenSSL::KDF.pbkdf2_hmac("secret")
- }.should raise_error(ArgumentError, 'missing keywords: :salt, :iterations, :length, :hash')
+ }.should.raise(ArgumentError, 'missing keywords: :salt, :iterations, :length, :hash')
end
guard -> { OpenSSL::OPENSSL_VERSION_NUMBER >= 0x30000000 } do
it "raises an OpenSSL::KDF::KDFError for 0 or less iterations" do
-> {
OpenSSL::KDF.pbkdf2_hmac("secret", **@defaults, iterations: 0)
- }.should raise_error(OpenSSL::KDF::KDFError, "PKCS5_PBKDF2_HMAC: invalid iteration count")
+ }.should.raise(OpenSSL::KDF::KDFError, "PKCS5_PBKDF2_HMAC: invalid iteration count")
-> {
OpenSSL::KDF.pbkdf2_hmac("secret", **@defaults, iterations: -1)
- }.should raise_error(OpenSSL::KDF::KDFError, /PKCS5_PBKDF2_HMAC/)
+ }.should.raise(OpenSSL::KDF::KDFError, /PKCS5_PBKDF2_HMAC/)
end
end
end
diff --git a/spec/ruby/library/openssl/kdf/scrypt_spec.rb b/spec/ruby/library/openssl/kdf/scrypt_spec.rb
index 5dc9f2f281..c00f91bb5b 100644
--- a/spec/ruby/library/openssl/kdf/scrypt_spec.rb
+++ b/spec/ruby/library/openssl/kdf/scrypt_spec.rb
@@ -1,7 +1,8 @@
require_relative '../../../spec_helper'
require 'openssl'
-guard -> { OpenSSL::KDF.respond_to?(:scrypt) } do
+# LibreSSL seems not to support scrypt
+guard -> { OpenSSL::OPENSSL_VERSION.start_with?('OpenSSL') and OpenSSL::OPENSSL_VERSION_NUMBER >= 0x10100000 } do
describe "OpenSSL::KDF.scrypt" do
before :each do
@defaults = {
@@ -88,79 +89,79 @@ guard -> { OpenSSL::KDF.respond_to?(:scrypt) } do
it "raises a TypeError when password is not a String and does not respond to #to_str" do
-> {
OpenSSL::KDF.scrypt(Object.new, **@defaults)
- }.should raise_error(TypeError, "no implicit conversion of Object into String")
+ }.should.raise(TypeError, "no implicit conversion of Object into String")
end
it "raises a TypeError when salt is not a String and does not respond to #to_str" do
-> {
OpenSSL::KDF.scrypt("secret", **@defaults, salt: Object.new)
- }.should raise_error(TypeError, "no implicit conversion of Object into String")
+ }.should.raise(TypeError, "no implicit conversion of Object into String")
end
it "raises a TypeError when N is not an Integer and does not respond to #to_int" do
-> {
OpenSSL::KDF.scrypt("secret", **@defaults, N: Object.new)
- }.should raise_error(TypeError, "no implicit conversion of Object into Integer")
+ }.should.raise(TypeError, "no implicit conversion of Object into Integer")
end
it "raises a TypeError when r is not an Integer and does not respond to #to_int" do
-> {
OpenSSL::KDF.scrypt("secret", **@defaults, r: Object.new)
- }.should raise_error(TypeError, "no implicit conversion of Object into Integer")
+ }.should.raise(TypeError, "no implicit conversion of Object into Integer")
end
it "raises a TypeError when p is not an Integer and does not respond to #to_int" do
-> {
OpenSSL::KDF.scrypt("secret", **@defaults, p: Object.new)
- }.should raise_error(TypeError, "no implicit conversion of Object into Integer")
+ }.should.raise(TypeError, "no implicit conversion of Object into Integer")
end
it "raises a TypeError when length is not an Integer and does not respond to #to_int" do
-> {
OpenSSL::KDF.scrypt("secret", **@defaults, length: Object.new)
- }.should raise_error(TypeError, "no implicit conversion of Object into Integer")
+ }.should.raise(TypeError, "no implicit conversion of Object into Integer")
end
it "treats salt as a required keyword" do
-> {
OpenSSL::KDF.scrypt("secret", **@defaults.except(:salt))
- }.should raise_error(ArgumentError, 'missing keyword: :salt')
+ }.should.raise(ArgumentError, 'missing keyword: :salt')
end
it "treats N as a required keyword" do
-> {
OpenSSL::KDF.scrypt("secret", **@defaults.except(:N))
- }.should raise_error(ArgumentError, 'missing keyword: :N')
+ }.should.raise(ArgumentError, 'missing keyword: :N')
end
it "treats r as a required keyword" do
-> {
OpenSSL::KDF.scrypt("secret", **@defaults.except(:r))
- }.should raise_error(ArgumentError, 'missing keyword: :r')
+ }.should.raise(ArgumentError, 'missing keyword: :r')
end
it "treats p as a required keyword" do
-> {
OpenSSL::KDF.scrypt("secret", **@defaults.except(:p))
- }.should raise_error(ArgumentError, 'missing keyword: :p')
+ }.should.raise(ArgumentError, 'missing keyword: :p')
end
it "treats length as a required keyword" do
-> {
OpenSSL::KDF.scrypt("secret", **@defaults.except(:length))
- }.should raise_error(ArgumentError, 'missing keyword: :length')
+ }.should.raise(ArgumentError, 'missing keyword: :length')
end
it "treats all keywords as required" do
-> {
OpenSSL::KDF.scrypt("secret")
- }.should raise_error(ArgumentError, 'missing keywords: :salt, :N, :r, :p, :length')
+ }.should.raise(ArgumentError, 'missing keywords: :salt, :N, :r, :p, :length')
end
it "requires N to be a power of 2" do
-> {
OpenSSL::KDF.scrypt("secret", **@defaults, N: 2**14 - 1)
- }.should raise_error(OpenSSL::KDF::KDFError, /EVP_PBE_scrypt/)
+ }.should.raise(OpenSSL::KDF::KDFError, /EVP_PBE_scrypt/)
end
it "requires N to be at least 2" do
@@ -169,41 +170,41 @@ guard -> { OpenSSL::KDF.respond_to?(:scrypt) } do
-> {
OpenSSL::KDF.scrypt("secret", **@defaults, N: 1)
- }.should raise_error(OpenSSL::KDF::KDFError, /EVP_PBE_scrypt/)
+ }.should.raise(OpenSSL::KDF::KDFError, /EVP_PBE_scrypt/)
-> {
OpenSSL::KDF.scrypt("secret", **@defaults, N: 0)
- }.should raise_error(OpenSSL::KDF::KDFError, /EVP_PBE_scrypt/)
+ }.should.raise(OpenSSL::KDF::KDFError, /EVP_PBE_scrypt/)
-> {
OpenSSL::KDF.scrypt("secret", **@defaults, N: -1)
- }.should raise_error(OpenSSL::KDF::KDFError, /EVP_PBE_scrypt/)
+ }.should.raise(OpenSSL::KDF::KDFError, /EVP_PBE_scrypt/)
end
it "requires r to be positive" do
-> {
OpenSSL::KDF.scrypt("secret", **@defaults, r: 0)
- }.should raise_error(OpenSSL::KDF::KDFError, /EVP_PBE_scrypt/)
+ }.should.raise(OpenSSL::KDF::KDFError, /EVP_PBE_scrypt/)
-> {
OpenSSL::KDF.scrypt("secret", **@defaults, r: -1)
- }.should raise_error(OpenSSL::KDF::KDFError, /EVP_PBE_scrypt/)
+ }.should.raise(OpenSSL::KDF::KDFError, /EVP_PBE_scrypt/)
end
it "requires p to be positive" do
-> {
OpenSSL::KDF.scrypt("secret", **@defaults, p: 0)
- }.should raise_error(OpenSSL::KDF::KDFError, /EVP_PBE_scrypt/)
+ }.should.raise(OpenSSL::KDF::KDFError, /EVP_PBE_scrypt/)
-> {
OpenSSL::KDF.scrypt("secret", **@defaults, p: -1)
- }.should raise_error(OpenSSL::KDF::KDFError, /EVP_PBE_scrypt/)
+ }.should.raise(OpenSSL::KDF::KDFError, /EVP_PBE_scrypt/)
end
it "requires length to be not negative" do
-> {
OpenSSL::KDF.scrypt("secret", **@defaults, length: -1)
- }.should raise_error(ArgumentError, "negative string size (or size too big)")
+ }.should.raise(ArgumentError, "negative string size (or size too big)")
end
end
end
generated by cgit v1.2.3 (git 2.25.1) at 2026-06-14 15:49:43 +0000