diff options
Diffstat (limited to 'test')
| -rw-r--r-- | test/date/test_date_strptime.rb | 15 | ||||
| -rwxr-xr-x | test/json/json_generator_test.rb | 2 | ||||
| -rw-r--r-- | test/json/json_parser_test.rb | 12 | ||||
| -rw-r--r-- | test/json/json_ryu_fallback_test.rb | 8 | ||||
| -rw-r--r-- | test/openssl/test_digest.rb | 16 | ||||
| -rw-r--r-- | test/openssl/test_kdf.rb | 135 | ||||
| -rw-r--r-- | test/ruby/test_io.rb | 4 | ||||
| -rw-r--r-- | test/ruby/test_ractor.rb | 53 | ||||
| -rw-r--r-- | test/rubygems/test_gem_commands_cert_command.rb | 14 | ||||
| -rw-r--r-- | test/rubygems/test_gem_safe_yaml.rb | 6 |
10 files changed, 166 insertions, 99 deletions
diff --git a/test/date/test_date_strptime.rb b/test/date/test_date_strptime.rb index 4efe1a47d0..6aa7db292d 100644 --- a/test/date/test_date_strptime.rb +++ b/test/date/test_date_strptime.rb @@ -517,7 +517,20 @@ class TestDateStrptime < Test::Unit::TestCase d = DateTime.strptime('9000 +0200', '%Q %z') assert_equal([1970, 1, 1, 2, 0, 9], [d.year, d.mon, d.mday, d.hour, d.min, d.sec]) assert_equal(Rational(2, 24), d.offset) - end + def test_format_modified + str = " " * 100 + fmt = Struct.new(:str) { + def to_str + str << "2026-06-01" << " "*100 + " %F " + end + }.new(str) + d = Date._strptime(str, fmt) + assert_not_nil(d) + assert_equal(2026, d[:year]) + assert_equal(6, d[:mon]) + assert_equal(1, d[:mday]) + end end diff --git a/test/json/json_generator_test.rb b/test/json/json_generator_test.rb index 87d9cd7f7d..753ee0fbdf 100755 --- a/test/json/json_generator_test.rb +++ b/test/json/json_generator_test.rb @@ -601,6 +601,8 @@ class JSONGeneratorTest < Test::Unit::TestCase assert_equal too_deep, ok ok = generate too_deep_ary, :max_nesting => 0 assert_equal too_deep, ok + + assert_raise(TypeError) { generate too_deep_ary, max_nesting: "garbage" } end def test_backslash diff --git a/test/json/json_parser_test.rb b/test/json/json_parser_test.rb index 1969e79b31..292ca1a670 100644 --- a/test/json/json_parser_test.rb +++ b/test/json/json_parser_test.rb @@ -545,22 +545,26 @@ class JSONParserTest < Test::Unit::TestCase end def test_backslash + assert_raise(JSON::ParserError) do + JSON.parse('"\\') + end + data = [ '\\.(?i:gif|jpe?g|png)$' ] json = '["\\\\.(?i:gif|jpe?g|png)$"]' assert_equal data, parse(json) - # + data = [ '\\"' ] json = '["\\\\\""]' assert_equal data, parse(json) - # + json = '["/"]' data = [ '/' ] assert_equal data, parse(json) - # + json = '["\""]' data = ['"'] assert_equal data, parse(json) - # + json = '["\\/"]' data = ["/"] assert_equal data, parse(json) diff --git a/test/json/json_ryu_fallback_test.rb b/test/json/json_ryu_fallback_test.rb index 152de7e360..a61b3e668d 100644 --- a/test/json/json_ryu_fallback_test.rb +++ b/test/json/json_ryu_fallback_test.rb @@ -179,5 +179,13 @@ class JSONRyuFallbackTest < Test::Unit::TestCase assert_equal(-0.0, JSON.parse("-99999999999999999e-4294967296")) assert_equal(-Float::INFINITY, JSON.parse("-1e4294967295")) assert_equal(-Float::INFINITY, JSON.parse("-1e4294967297")) + + assert_equal(Float::INFINITY, JSON.parse("1e9223372036854775808")) + assert_equal(Float::INFINITY, JSON.parse("1e9999999999999999999")) + assert_equal(Float::INFINITY, JSON.parse("1e18446744073709551616")) + assert_equal(Float::INFINITY, JSON.parse("1e10000000000000000000")) + assert_equal(Float::INFINITY, JSON.parse("1e184467440737095516160")) + assert_equal 0.0, JSON.parse("1e-18446744073709551615") + assert_equal 0.0, JSON.parse("1e-9223372036854775809") end end diff --git a/test/openssl/test_digest.rb b/test/openssl/test_digest.rb index 91ed247414..bc1f680df5 100644 --- a/test/openssl/test_digest.rb +++ b/test/openssl/test_digest.rb @@ -155,6 +155,22 @@ class OpenSSL::TestDigest < OpenSSL::TestCase assert_include digests, "sha256" assert_include digests, "sha512" end + + if respond_to?(:ractor) && defined?(Ractor.shareable_proc) + ractor + + def test_ractor + assert_nothing_raised do + Ractor.new { + [ + OpenSSL::Digest::SHA256.new(""), + OpenSSL::Digest::SHA256.hexdigest(""), + OpenSSL::Digest::SHA256.digest(""), + ] + }.value + end + end + end end end diff --git a/test/openssl/test_kdf.rb b/test/openssl/test_kdf.rb index 6a12a25aa8..708d1883af 100644 --- a/test/openssl/test_kdf.rb +++ b/test/openssl/test_kdf.rb @@ -5,64 +5,31 @@ if defined?(OpenSSL) class OpenSSL::TestKDF < OpenSSL::TestCase def test_pkcs5_pbkdf2_hmac_compatibility - expected = OpenSSL::KDF.pbkdf2_hmac("password", salt: "salt", iterations: 1, length: 20, hash: "sha1") - assert_equal(expected, OpenSSL::PKCS5.pbkdf2_hmac("password", "salt", 1, 20, "sha1")) - assert_equal(expected, OpenSSL::PKCS5.pbkdf2_hmac_sha1("password", "salt", 1, 20)) + # PBKDF2 salt >= 16 bytes (128 bits) and iterations >= 1000 are required in + # FIPS. + # SP 800-132. + # https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-132.pdf + # * 5.1 The Salt (S) + # * 5.2 The Iteration Count (C) + # https://github.com/openssl/openssl/blob/71943544885ff364a10bcc5ffc62d0e651c9a021/providers/implementations/kdfs/pbkdf2.c#L235-L240 + # https://github.com/openssl/openssl/blob/71943544885ff364a10bcc5ffc62d0e651c9a021/providers/implementations/kdfs/pbkdf2.c#L247-L252 + # Use the same parameters with test_pbkdf2_hmac_sha1_rfc6070_c_4096_len_25. + expected = OpenSSL::KDF.pbkdf2_hmac("passwordPASSWORDpassword", + salt: "saltSALTsaltSALTsaltSALTsaltSALTsalt", + iterations: 4096, + length: 25, + hash: "sha1") + assert_equal(expected, OpenSSL::PKCS5.pbkdf2_hmac("passwordPASSWORDpassword", + "saltSALTsaltSALTsaltSALTsaltSALTsalt", + 4096, + 25, + "sha1")) + assert_equal(expected, OpenSSL::PKCS5.pbkdf2_hmac_sha1("passwordPASSWORDpassword", + "saltSALTsaltSALTsaltSALTsaltSALTsalt", + 4096, + 25)) end - def test_pbkdf2_hmac_sha1_rfc6070_c_1_len_20 - p ="password" - s = "salt" - c = 1 - dk_len = 20 - raw = %w{ 0c 60 c8 0f 96 1f 0e 71 - f3 a9 b5 24 af 60 12 06 - 2f e0 37 a6 } - expected = [raw.join('')].pack('H*') - value = OpenSSL::KDF.pbkdf2_hmac(p, salt: s, iterations: c, length: dk_len, hash: "sha1") - assert_equal(expected, value) - end - - def test_pbkdf2_hmac_sha1_rfc6070_c_2_len_20 - p ="password" - s = "salt" - c = 2 - dk_len = 20 - raw = %w{ ea 6c 01 4d c7 2d 6f 8c - cd 1e d9 2a ce 1d 41 f0 - d8 de 89 57 } - expected = [raw.join('')].pack('H*') - value = OpenSSL::KDF.pbkdf2_hmac(p, salt: s, iterations: c, length: dk_len, hash: "sha1") - assert_equal(expected, value) - end - - def test_pbkdf2_hmac_sha1_rfc6070_c_4096_len_20 - p ="password" - s = "salt" - c = 4096 - dk_len = 20 - raw = %w{ 4b 00 79 01 b7 65 48 9a - be ad 49 d9 26 f7 21 d0 - 65 a4 29 c1 } - expected = [raw.join('')].pack('H*') - value = OpenSSL::KDF.pbkdf2_hmac(p, salt: s, iterations: c, length: dk_len, hash: "sha1") - assert_equal(expected, value) - end - -# takes too long! -# def test_pbkdf2_hmac_sha1_rfc6070_c_16777216_len_20 -# p ="password" -# s = "salt" -# c = 16777216 -# dk_len = 20 -# raw = %w{ ee fe 3d 61 cd 4d a4 e4 -# e9 94 5b 3d 6b a2 15 8c -# 26 34 e9 84 } -# expected = [raw.join('')].pack('H*') -# value = OpenSSL::KDF.pbkdf2_hmac(p, salt: s, iterations: c, length: dk_len, hash: "sha1") -# assert_equal(expected, value) -# end - def test_pbkdf2_hmac_sha1_rfc6070_c_4096_len_25 p ="passwordPASSWORDpassword" s = "saltSALTsaltSALTsaltSALTsaltSALTsalt" @@ -78,18 +45,6 @@ class OpenSSL::TestKDF < OpenSSL::TestCase assert_equal(expected, value) end - def test_pbkdf2_hmac_sha1_rfc6070_c_4096_len_16 - p ="pass\0word" - s = "sa\0lt" - c = 4096 - dk_len = 16 - raw = %w{ 56 fa 6a a7 55 48 09 9d - cc 37 d7 f0 34 25 e0 c3 } - expected = [raw.join('')].pack('H*') - value = OpenSSL::KDF.pbkdf2_hmac(p, salt: s, iterations: c, length: dk_len, hash: "sha1") - assert_equal(expected, value) - end - def test_pbkdf2_hmac_sha256_c_20000_len_32 #unfortunately no official test vectors available yet for SHA-2 p ="password" @@ -103,6 +58,11 @@ class OpenSSL::TestKDF < OpenSSL::TestCase def test_scrypt_rfc7914_first pend "scrypt is not implemented" unless OpenSSL::KDF.respond_to?(:scrypt) # OpenSSL >= 1.1.0 + # scrypt is not available in FIPS. + # EVP_KDF_fetch(ctx, OSSL_KDF_NAME_SCRYPT, propq) returns NULL in FIPS. + # https://github.com/openssl/openssl/blob/71943544885ff364a10bcc5ffc62d0e651c9a021/crypto/evp/pbe_scrypt.c#L67-L71 + omit_on_fips + pass = "" salt = "" n = 16 @@ -118,6 +78,9 @@ class OpenSSL::TestKDF < OpenSSL::TestCase def test_scrypt_rfc7914_second pend "scrypt is not implemented" unless OpenSSL::KDF.respond_to?(:scrypt) # OpenSSL >= 1.1.0 + # scrypt is not available in FIPS. + omit_on_fips + pass = "password" salt = "NaCl" n = 1024 @@ -131,6 +94,7 @@ class OpenSSL::TestKDF < OpenSSL::TestCase assert_equal(expected, OpenSSL::KDF.scrypt(pass, salt: salt, N: n, r: r, p: p, length: dklen)) end + # https://www.rfc-editor.org/rfc/rfc5869#appendix-A.1 def test_hkdf_rfc5869_test_case_1 hash = "sha256" ikm = B("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b") @@ -144,6 +108,7 @@ class OpenSSL::TestKDF < OpenSSL::TestCase assert_equal(okm, OpenSSL::KDF.hkdf(ikm, salt: salt, info: info, length: l, hash: hash)) end + # https://www.rfc-editor.org/rfc/rfc5869#appendix-A.3 def test_hkdf_rfc5869_test_case_3 hash = "sha256" ikm = B("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b") @@ -157,16 +122,32 @@ class OpenSSL::TestKDF < OpenSSL::TestCase assert_equal(okm, OpenSSL::KDF.hkdf(ikm, salt: salt, info: info, length: l, hash: hash)) end - def test_hkdf_rfc5869_test_case_4 + # https://www.rfc-editor.org/rfc/rfc5869#appendix-A.5 + def test_hkdf_rfc5869_test_case_5 hash = "sha1" - ikm = B("0b0b0b0b0b0b0b0b0b0b0b") - salt = B("000102030405060708090a0b0c") - info = B("f0f1f2f3f4f5f6f7f8f9") - l = 42 - - okm = B("085a01ea1b10f36933068b56efa5ad81" \ - "a4f14b822f5b091568a9cdd4f155fda2" \ - "c22e422478d305f3f896") + ikm = B("000102030405060708090a0b0c0d0e0f" \ + "101112131415161718191a1b1c1d1e1f" \ + "202122232425262728292a2b2c2d2e2f" \ + "303132333435363738393a3b3c3d3e3f" \ + "404142434445464748494a4b4c4d4e4f") + salt = B("606162636465666768696a6b6c6d6e6f" \ + "707172737475767778797a7b7c7d7e7f" \ + "808182838485868788898a8b8c8d8e8f" \ + "909192939495969798999a9b9c9d9e9f" \ + "a0a1a2a3a4a5a6a7a8a9aaabacadaeaf") + info = B("b0b1b2b3b4b5b6b7b8b9babbbcbdbebf" \ + "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf" \ + "d0d1d2d3d4d5d6d7d8d9dadbdcdddedf" \ + "e0e1e2e3e4e5e6e7e8e9eaebecedeeef" \ + "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff") + l = 82 + + okm = B("0bd770a74d1160f7c9f12cd5912a06eb" \ + "ff6adcae899d92191fe4305673ba2ffe" \ + "8fa3f1a4e5ad79f3f334b3b202b2173c" \ + "486ea37ce3d397ed034c7f9dfeb15c5e" \ + "927336d0441f4c4300e2cff0d0900b52" \ + "d3b4") assert_equal(okm, OpenSSL::KDF.hkdf(ikm, salt: salt, info: info, length: l, hash: hash)) end diff --git a/test/ruby/test_io.rb b/test/ruby/test_io.rb index 1adf47ac51..a78527d40e 100644 --- a/test/ruby/test_io.rb +++ b/test/ruby/test_io.rb @@ -1393,10 +1393,6 @@ class TestIO < Test::Unit::TestCase args = ['-e', '$>.write($<.read)'] if args.empty? ruby = EnvUtil.rubybin opts = {} - if defined?(Process::RLIMIT_NPROC) - lim = Process.getrlimit(Process::RLIMIT_NPROC)[1] - opts[:rlimit_nproc] = [lim, 2048].min - end f = IO.popen([ruby] + args, 'r+', opts) pid = f.pid yield(f) diff --git a/test/ruby/test_ractor.rb b/test/ruby/test_ractor.rb index fabb414e14..611b3b7715 100644 --- a/test/ruby/test_ractor.rb +++ b/test/ruby/test_ractor.rb @@ -42,6 +42,59 @@ class TestRactor < Test::Unit::TestCase =end end + def test_shareable_proc_define_method_super_method_missing + assert_ractor(<<~'RUBY', timeout: 30) + iterations = 1_000_000 + + class SuperFromShareableProcMethodMissingBase + def method_missing(mid, *) = mid + end + + class SuperFromShareableProcMethodMissingChild < SuperFromShareableProcMethodMissingBase + BODY = Ractor.shareable_proc { super() } + define_method(:foo, &BODY) + define_method(:bar, &BODY) + end + + [:foo, :bar].map do |mid| + Ractor.new(mid, iterations) do |mid, iterations| + obj = SuperFromShareableProcMethodMissingChild.new + iterations.times do + got = obj.__send__(mid) + raise "#{mid} returned #{got.inspect}" unless got == mid + end + end + end.each(&:value) + RUBY + end + + def test_shareable_proc_define_method_super_method_entry + assert_ractor(<<~'RUBY', timeout: 30) + iterations = 1_000_000 + + class SuperFromShareableProcBase + def foo = :foo + def bar = :bar + end + + class SuperFromShareableProcChild < SuperFromShareableProcBase + BODY = Ractor.shareable_proc { super() } + define_method(:foo, &BODY) + define_method(:bar, &BODY) + end + + [:foo, :bar].map do |mid| + Ractor.new(mid, iterations) do |mid, iterations| + obj = SuperFromShareableProcChild.new + iterations.times do + got = obj.__send__(mid) + raise "#{mid} returned #{got.inspect}" unless got == mid + end + end + end.each(&:value) + RUBY + end + def test_shareability_error_uses_inspect x = (+"").instance_exec { method(:to_s) } def x.to_s diff --git a/test/rubygems/test_gem_commands_cert_command.rb b/test/rubygems/test_gem_commands_cert_command.rb index 39fda73eba..ed1a1c8627 100644 --- a/test/rubygems/test_gem_commands_cert_command.rb +++ b/test/rubygems/test_gem_commands_cert_command.rb @@ -31,14 +31,6 @@ class TestGemCommandsCertCommand < Gem::TestCase @cmd = Gem::Commands::CertCommand.new @trust_dir = Gem::Security.trust_dir - - @cleanup = [] - end - - def teardown - FileUtils.rm_f(@cleanup) - - super end def test_certificates_matching @@ -661,8 +653,7 @@ ERROR: --private-key not specified and ~/.gem/gem-private_key.pem does not exis assert_equal "/CN=nobody/DC=example", EXPIRED_PUBLIC_CERT.issuer.to_s - tmp_expired_cert_file = File.join(Dir.tmpdir, File.basename(EXPIRED_PUBLIC_CERT_FILE)) - @cleanup << tmp_expired_cert_file + tmp_expired_cert_file = File.join(@tempdir, File.basename(EXPIRED_PUBLIC_CERT_FILE)) File.write(tmp_expired_cert_file, File.read(EXPIRED_PUBLIC_CERT_FILE)) @cmd.handle_options %W[ @@ -694,8 +685,7 @@ ERROR: --private-key not specified and ~/.gem/gem-private_key.pem does not exis assert_equal "/CN=nobody/DC=example", EXPIRED_PUBLIC_CERT.issuer.to_s - tmp_expired_cert_file = File.join(Dir.tmpdir, File.basename(EXPIRED_PUBLIC_CERT_FILE)) - @cleanup << tmp_expired_cert_file + tmp_expired_cert_file = File.join(@tempdir, File.basename(EXPIRED_PUBLIC_CERT_FILE)) File.write(tmp_expired_cert_file, File.read(EXPIRED_PUBLIC_CERT_FILE)) @cmd.handle_options %W[ diff --git a/test/rubygems/test_gem_safe_yaml.rb b/test/rubygems/test_gem_safe_yaml.rb index ce2c690fc1..8d0ac63c41 100644 --- a/test/rubygems/test_gem_safe_yaml.rb +++ b/test/rubygems/test_gem_safe_yaml.rb @@ -138,7 +138,11 @@ class TestGemSafeYAML < Gem::TestCase depth = Gem::YAMLSerializer::Parser::MAX_NESTING_DEPTH + 1 yaml = "x: " + ("[" * depth) + "a" + ("]" * depth) + "\n" - assert_raise(Psych::SyntaxError) do + expected = [Psych::SyntaxError] + # JRuby's JVM stack overflows before the Ruby-level nesting cap fires. + expected << ::Java::JavaLang::StackOverflowError if RUBY_ENGINE == "jruby" + + assert_raise(*expected) do Gem::YAMLSerializer.load(yaml, permitted_classes: []) end end |