path: root/test/openssl/test_asn1.rb
AgeCommit message (Collapse)Author
2021-11-03[ruby/openssl] Fix typos [ci skip]Nobuyoshi Nakada
2021-07-18[ruby/openssl] require OpenSSL >= 1.0.2 and LibreSSL >= 3.1Kazuki Yamaguchi
Clean up old version guards in preparation for the upcoming OpenSSL 3.0 support. OpenSSL 1.0.1 reached its EOL on 2016-12-31. At that time, we decided to keep 1.0.1 support because many major Linux distributions were still shipped with 1.0.1. Now, nearly 4 years later, most Linux distributions are reaching their EOL and it should be safe to assume nobody uses them anymore. Major ones that were using 1.0.1: - Ubuntu 14.04 is EOL since 2019-04-30 - RHEL 6 will reach EOL on 2020-11-30 LibreSSL 3.0 and older versions are no longer supported by the LibreSSL team as of October 2020. Note that OpenSSL 1.0.2 also reached EOL on 2019-12-31 and 1.1.0 also did on 2018-08-31.
2020-05-13[ruby/openssl] Look up digest by name instead of constantBart de Water
2020-02-16Import openssl-2.2.0 (#2693)Hiroshi SHIBATA
Import the master branch of ruby/openssl for preparing to release openssl-2.2.0 Notes: Merged-By: hsbt <>
2019-10-10Skip very time consuming test [Bug #16196]Nobuyoshi Nakada
2019-10-10Slimed down test runtime by stressing only [Bug #16196]Nobuyoshi Nakada
2019-10-10Guard static variable firstNobuyoshi Nakada
* ext/openssl/ossl_asn1.c (Init_ossl_asn1): register the static variable to grab an internal object, before creating the object. otherwise the just-created object could get collected during the global variable list allocation. [Bug #16196]
2017-09-05openssl: merge test fixes from upstreamrhe
Fix platform-dependent or fragile test cases added by r59734. This is a combined patch of the three commits below: 4fc17977350a test/test_fips: skip if setting FIPS mode fails b25179fbeebf test/test_asn1: fix possible failure in test_utctime 8ed81ff4b0a8 test/test_pair: fix test_write_nonblock{,_no_exceptions} git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2017-09-03openssl: import v2.1.0.beta1rhe
Import Ruby/OpenSSL 2.1.0.beta1. The full commit log since v2.0.5 (imported by r59567) can be found at: ---------------------------------------------------------------- Antonio Terceiro (1): test/test_ssl: explicitly accept TLS 1.1 in corresponding test Colby Swandale (1): document using secure protocol to fetch git master in Bundler Colton Jenkins (1): Add fips_mode_get to return fips_mode Kazuki Yamaguchi (85): Start preparing for 2.1.0 Remove support for OpenSSL 0.9.8 and 1.0.0 bn: refine tests bn: implement unary {plus,minus} operators for OpenSSL::BN bn: implement OpenSSL::BN#negative? Don't define main() when built with --enable-debug test: let OpenSSL::TestCase include OpenSSL::TestUtils test: prepare test PKey instances on demand Add OpenSSL.print_mem_leaks Enable OSSL_MDEBUG on CI builds ssl: move default DH parameters from OpenSSL::PKey::DH Make exceptions with the same format regardless of OpenSSL.debug ssl: show reason of 'certificate verify error' in exception message ssl: remove OpenSSL::ExtConfig::TLS_DH_anon_WITH_AES_256_GCM_SHA384 ssl: do not confuse different ex_data index registries ssl: assume SSL/SSL_CTX always have a valid reference to the Ruby object Fix RDoc markup ssl: suppress compiler warning ext/openssl/deprecation.rb: remove broken-apple-openssl extconf.rb: print informative message if OpenSSL can't be found Rakefile: compile the extension before test kdf: introduce OpenSSL::KDF module ossl.h: add NUM2UINT64T() macro kdf: add scrypt Expand rb_define_copy_func() macro Expand FPTR_TO_FD() macro Remove SafeGet*() macros cipher: rename GetCipherPtr() to ossl_evp_get_cipherbyname() digest: rename GetDigestPtr() to ossl_evp_get_digestbyname() Add ossl_str_new(), an exception-safe rb_str_new() bio: simplify ossl_membio2str() using ossl_str_new() Remove unused functions and macros Drop support for LibreSSL 2.3 ocsp: add OpenSSL::OCSP::Request#signed? asn1: infinite length -> indefinite length asn1: rearrange tests ssl: remove a needless NULL check in SSL::SSLContext#ciphers ssl: return nil in SSL::SSLSocket#cipher if session is not started asn1: remove an unnecessary function prototype asn1: require tag information when instantiating generic type asn1: initialize 'unused_bits' attribute of BitString with 0 asn1: check for illegal 'unused_bits' value of BitString asn1: disallow NULL to be passed to asn1time_to_time() asn1: avoid truncating OID in OpenSSL::ASN1::ObjectId#oid asn1: allow constructed encoding with definite length form asn1: prohibit indefinite length form for primitive encoding asn1: allow tag number to be >= 32 for universal tag class asn1: use ossl_asn1_tag() asn1: clean up OpenSSL::ASN1::Constructive#to_der asn1: harmonize OpenSSL::ASN1::*#to_der asn1: prevent EOC octets from being in the middle of the content asn1: do not treat EOC octets as part of content octets x509name: add 'loc' and 'set' kwargs to OpenSSL::X509::Name#add_entry ssl: do not call session_remove_cb during GC Backport "Merge branch 'topic/test-memory-leak'" to maint cipher: update the documentation for Cipher#auth_tag= Rakefile: let sync:to_ruby know about test/openssl/fixtures test: fix formatting test/utils: remove OpenSSL::TestUtils.silent test/utils: add SSLTestCase#tls12_supported? test/utils: have start_server yield only the port number test/utils: do not set ecdh_curves in start_server test/utils: let server_loop close socket test/utils: improve error handling in start_server test/utils: add OpenSSL::TestUtils.openssl? and .libressl? test/utils: do not use DSA certificates in SSL tests test/test_ssl: remove test_invalid_shutdown_by_gc test/test_ssl: move test_multibyte_read_write to test_pair test/test_ssl_session: rearrange tests test/test_pair, test/test_ssl: fix for TLS 1.3 ssl: remove useless call to rb_thread_wait_fd() ssl: fix NPN support ssl: mark OpenSSL::SSL::SSLContext::DEFAULT_{1024,2048} as private ssl: use 2048-bit group in the default tmp_dh_cb ssl: ensure that SSL option flags are non-negative ssl: update OpenSSL::SSL::OP_* flags ssl: prefer TLS_method() over SSLv23_method() ssl: add SSLContext#min_version= and #max_version= ssl: rework SSLContext#ssl_version= test/test_x509name: change script encoding to ASCII-8BIT x509name: refactor OpenSSL::X509::Name#to_s x509name: add OpenSSL::X509::Name#to_utf8 x509name: add OpenSSL::X509::Name#inspect x509name: update regexp in OpenSSL::X509::Name.parse Ruby/OpenSSL 2.1.0.beta1 Marcus Stollsteimer (1): Fix rdoc for core Integer class nobu (4): [DOC] {read,write}_nonblock with exception: false [DOC] keyword argument _exception_ [DOC] mark up literals Revert r57690 except for read_nonblock git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2017-01-31openssl: import v2.0.3rhe
Import Ruby/OpenSSL 2.0.3. Only bugfixes. The full commit log since 2.0.2 (imported at r57146) can be found at: ---------------------------------------------------------------- Corey Bonnell (1): Fix for ASN1::Constructive 'each' implementation Kazuki Yamaguchi (10): Fix build with static OpenSSL libraries on Windows ([ruby-core:78878] [Bug #13080]) Merge pull request #96 from CBonnell/master Merge branch 'topic/windows-static-linking-without-pkg-config' into maint appveyor.yml: update OpenSSL version to 1.0.2j buffering: fix typo in doc test/envutil: fix assert_raise_with_message x509: fix OpenSSL::X509::Name#eql? ([ruby-core:79310] [Bug #13170]) ruby-openssl-docker: update versions of Ruby and OpenSSL .travis.yml: test with Ruby 2.4 Ruby/OpenSSL 2.0.3 git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-12-10openssl: import v2.0.1rhe
Import Ruby/OpenSSL 2.0.1. The full commit history since 2.0.0 (imported at r56946) can be found at: This release contains only bug fixes. Note, the first two commits since v2.0.0 are already imported at r56953 to make Travis and RubyCI green. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-11-30openssl: import v2.0.0rhe
Import Ruby/OpenSSL 2.0.0. The full commit history since 2.0.0 beta.2 (imported at r56098) can be found at: git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-06-09openssl: use ASN1_ENUMERATED_to_BN() if neededrhe
* ext/openssl/ossl_asn1.c (asn1integer_to_num): Use ASN1_ENUMERATED_to_BN() to convert an ASN1_ENUMERATED to a BN. Starting from OpenSSL 1.1.0, ASN1_INTEGER_to_BN() rejects non-ASN1_INTEGER objects. The format of INTEGER and ENUMERATED are almost identical so they behaved in the same way in OpenSSL <= 1.0.2. [ruby-core:75225] [Feature #12324] * test/openssl/test_asn1.rb (test_decode_enumerated): Test that it works. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-05-31openssl: add missing test for r55219rhe
* test/openssl/test_asn1.rb: Add missing regression test for r55219. It fixed the year 2038 issue but the test code was missing. [ruby-core:45552] [Bug #6571] git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2016-05-18openssl: clear OpenSSL error queue before return to Rubyrhe
* ext/openssl/ossl_x509cert.c (ossl_x509_verify): X509_verify() family may put errors on 0 return (0 means verification failure). Clear OpenSSL error queue before return to Ruby. Since the queue is thread global, remaining errors in the queue can cause an unexpected error in the next OpenSSL operation. [ruby-core:48284] [Bug #7215] * ext/openssl/ossl_x509crl.c (ossl_x509crl_verify): ditto. * ext/openssl/ossl_x509req.c (ossl_x509req_verify): ditto. * ext/openssl/ossl_x509store.c (ossl_x509stctx_verify): ditto. * ext/openssl/ossl_pkey_dh.c (dh_generate): clear the OpenSSL error queue before re-raising exception. * ext/openssl/ossl_pkey_dsa.c (dsa_generate): ditto. * ext/openssl/ossl_pkey_rsa.c (rsa_generate): ditto. * ext/openssl/ossl_ssl.c (ossl_start_ssl): ditto. * test/openssl: check that OpenSSL.errors is empty every time after running a test case. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-12-16Add frozen_string_literal: false for all filesnaruse
When you change this to true, you may need to add more tests. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2015-06-02use assert_raisenobu
git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2014-12-13test/openssl: skip old OpenSSLnobu
* test/openssl/utils.rb (OpenSSL::TestUtils): ignore out-of-date OpenSSL before 1.0. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2013-07-22* ext/openssl/ossl_asn1.c (asn1time_to_time): Implement YYMMDDhhmmZdrbrain
format for ASN.1 UTCTime. [ruby-trunk - Bug #8664] * test/openssl/test_asn1.rb: Test for the above. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2012-09-03* test/openssl/test_asn1_rb:emboss
test/openssl/test_ssl_session.rb: test/openssl/test_x509name.rb: test/openssl/test_buffering.rb: test/openssl/test_x509cert.rb: test/openssl/test_ssl.rb: Refactor code that leads to warnings on Ruby CI. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2012-08-21remove trainling spaces.nobu
git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2012-03-28* ext/openssl/ossl_asn1.c: raise TypeError when trying to encode nilemboss
values for Primitive instances. * test/openssl/test_asn1.rb: Assert consistent behavior when encoding nil values: Primitives raise TypeError, Constructives raise NoMethodError. Fixes [ruby-core:43009][Bug #6102] -This line, and those below, will be ignored-- M test/openssl/test_asn1.rb M ext/openssl/ossl_asn1.c M ChangeLog git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-09-25* ext/openssl/ossl_asn1.c: fix int_ossl_asn1_decode0_cons when beingemboss
fed arbitrary string values. Clearly distinguish between the cases "universal, infinite and not a SEQUENCE or SET" and "universal SEQUENCE or SET, possibly infinite". Raise error for universal tags that are not infinite. * test/openssl/test_asn1.rb: add a test for this. Thanks to Hiroshi Yoshida for reporting this bug. [Bug #5363] [ruby-dev:44542] git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-05-23* ext/openssl/ossl_asn1.c: Do not parse zero-tagged values as EOC. Doemboss
not let current length become negative for infinite length constructed values. Support constructed values of length zero. Added tests. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-05-22* ext/openssl/ossl_asn1.c: Forbid Constructives whose value is not anemboss
Array to prevent segfault. Added test. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-05-22* ext/openssl/ossl_asn1.c: Forbid Constructive without infiniteemboss
length. This also prevents a segfault. Added test and improved documentation. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-05-22* ext/openssl/ossl_asn1.c: Fix decoding of infinite length values.emboss
Simplified ossl_asn1_decode0 by splitting it into three separate functions. Add tests. [Ruby 1.9 - Bug #4374][ruby-core:35123] git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-05-15* remove trailing spaces.nobu
git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2011-01-26 * ext/openssl/ossl_asn1.c (ossl_asn1_decode0): OpenSSL::ASN1.decodenahi
should reject indefinite length primitive encodings as that is illegal. Patch by Martin Bosslet. See #4324. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2010-12-11* ext/openssl/ossl_asn1.c: indefinite length BER to DER encoding istenderlove
properly supported. Thanks Martin Bosslet! [ruby-core:33082] git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2010-12-11refactor load error rescue to the openssl util filetenderlove
git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2010-08-23 * backport r29071 from ruby_1_8;nahi
* ext/openssl/ossl_asn1.c (obj_to_asn1bool): fixed ASN1::Boolean encoding issue for OpenSSL 1.0.0 compatibility. wrongly generated "\1\1\377" which means 'true'. ASN1_TYPE_set of OpenSSL <= 0.9.8 treats value 0x100 as 'false' but OpenSSL >= 1.0.0 treats it as 'true'. ruby-ossl was using 0x100 for 'false' for backward compatibility. Just use 0x0 for the case OpenSSL >= OpenSSL 0.9.7. * test/openssl/test_asn1.rb: test added. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2010-02-02use require_relative.akr
git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2006-07-02* test/openssl/test_asn1.c: String#[]= doesnt't accept Integer.gotoyuzo
git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2004-12-21* ext/openssl/ossl_asn1.c (ossl_asn1_traverse, ossl_asn1_decode):gotoyuzo
use rb_str_new4 to avoid SEGV. fix [ruby-dev:25261] * test/openssl/test_asn1.rb: add tests for OpenSSL::ASN1. git-svn-id: svn+ssh:// b2dd03c8-39d4-4d8f-98ff-823fe69b080e