From 839614309de62f761c9c53418356cf8f310745bd Mon Sep 17 00:00:00 2001 From: emboss Date: Mon, 13 Jun 2011 11:56:04 +0000 Subject: * test/openssl/test_ec.rb test/openssl/test_pkey_ec.rb: merge both files into test_pkey_ec.rb. Removed redundant group instantiation from PKey tests. * test/openssl/utils.rb: only create TEST_PKEY_EC_P256V1 if EC is defined. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@32058 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- ChangeLog | 8 +++ test/openssl/test_ec.rb | 123 --------------------------------------- test/openssl/test_pkey_ec.rb | 135 ++++++++++++++++++++++++++++++++++++++----- test/openssl/utils.rb | 4 ++ 4 files changed, 134 insertions(+), 136 deletions(-) delete mode 100644 test/openssl/test_ec.rb diff --git a/ChangeLog b/ChangeLog index 3242fd7093..ceec46015d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,11 @@ +Mon Jun 13 20:50:49 2011 Martin Bosslet + + * test/openssl/test_ec.rb + test/openssl/test_pkey_ec.rb: merge both files into test_pkey_ec.rb. + Removed redundant group instantiation from PKey tests. + * test/openssl/utils.rb: only create TEST_PKEY_EC_P256V1 if EC is + defined. + Mon Jun 13 20:28:24 2011 Martin Bosslet * test/openssl/digest.rb: remove MDC2 from test, it is not available diff --git a/test/openssl/test_ec.rb b/test/openssl/test_ec.rb deleted file mode 100644 index f80c3d40ae..0000000000 --- a/test/openssl/test_ec.rb +++ /dev/null @@ -1,123 +0,0 @@ -require_relative 'utils' - -if defined?(OpenSSL::PKey::EC) - -class OpenSSL::TestEC < Test::Unit::TestCase - def setup - @data1 = 'foo' - @data2 = 'bar' * 1000 # data too long for DSA sig - - @group1 = OpenSSL::PKey::EC::Group.new('secp112r1') - @group2 = OpenSSL::PKey::EC::Group.new('sect163k1') - - @key1 = OpenSSL::PKey::EC.new - @key1.group = @group1 - @key1.generate_key - - @key2 = OpenSSL::PKey::EC.new(@group2.curve_name) - @key2.generate_key - - @groups = [@group1, @group2] - @keys = [@key1, @key2] - end - - def compare_keys(k1, k2) - assert_equal(k1.to_pem, k2.to_pem) - end - - def test_curve_names - @groups.each_with_index do |group, idx| - key = @keys[idx] - assert_equal(group.curve_name, key.group.curve_name) - end - end - - def test_check_key - for key in @keys - assert_equal(key.check_key, true) - assert_equal(key.private_key?, true) - assert_equal(key.public_key?, true) - end - end - - def test_encoding - for group in @groups - for meth in [:to_der, :to_pem] - txt = group.send(meth) - gr = OpenSSL::PKey::EC::Group.new(txt) - assert_equal(txt, gr.send(meth)) - - assert_equal(group.generator.to_bn, gr.generator.to_bn) - assert_equal(group.cofactor, gr.cofactor) - assert_equal(group.order, gr.order) - assert_equal(group.seed, gr.seed) - assert_equal(group.degree, gr.degree) - end - end - - for key in @keys - group = key.group - - for meth in [:to_der, :to_pem] - txt = key.send(meth) - assert_equal(txt, OpenSSL::PKey::EC.new(txt).send(meth)) - end - - bn = key.public_key.to_bn - assert_equal(bn, OpenSSL::PKey::EC::Point.new(group, bn).to_bn) - end - end - - def test_set_keys - for key in @keys - k = OpenSSL::PKey::EC.new - k.group = key.group - k.private_key = key.private_key - k.public_key = key.public_key - - compare_keys(key, k) - end - end - - def test_dsa_sign_verify - for key in @keys - sig = key.dsa_sign_asn1(@data1) - assert(key.dsa_verify_asn1(@data1, sig)) - end - end - - def test_dsa_sign_asn1_FIPS186_3 - for key in @keys - size = key.group.order.num_bits / 8 + 1 - dgst = (1..size).to_a.pack('C*') - begin - sig = key.dsa_sign_asn1(dgst) - # dgst is auto-truncated according to FIPS186-3 after openssl-0.9.8m - assert(key.dsa_verify_asn1(dgst + "garbage", sig)) - rescue OpenSSL::PKey::ECError => e - # just an exception for longer dgst before openssl-0.9.8m - assert_equal('ECDSA_sign: data too large for key size', e.message) - # no need to do following tests - return - end - end - end - - def test_dh_compute_key - for key in @keys - k = OpenSSL::PKey::EC.new(key.group) - k.generate_key - - puba = key.public_key - pubb = k.public_key - a = key.dh_compute_key(pubb) - b = k.dh_compute_key(puba) - assert_equal(a, b) - end - end - -# test Group: asn1_flag, point_conversion - -end - -end diff --git a/test/openssl/test_pkey_ec.rb b/test/openssl/test_pkey_ec.rb index b80e1e56ec..3fb8d29c32 100644 --- a/test/openssl/test_pkey_ec.rb +++ b/test/openssl/test_pkey_ec.rb @@ -1,16 +1,125 @@ require_relative 'utils' -if defined?(OpenSSL) - -class OpenSSL::TestPKeyEC < Test::Unit::TestCase - def test_new - group = OpenSSL::PKey::EC::Group.new('prime256v1') - ec = OpenSSL::PKey::EC.new(group) - ec.generate_key - assert(ec.private_key?) - assert(ec.public_key?) +if defined?(OpenSSL::PKey::EC) + +class OpenSSL::TestEC < Test::Unit::TestCase + def setup + @data1 = 'foo' + @data2 = 'bar' * 1000 # data too long for DSA sig + + @group1 = OpenSSL::PKey::EC::Group.new('secp112r1') + @group2 = OpenSSL::PKey::EC::Group.new('sect163k1') + @group3 = OpenSSL::PKey::EC::Group.new('prime256v1') + + @key1 = OpenSSL::PKey::EC.new + @key1.group = @group1 + @key1.generate_key + + @key2 = OpenSSL::PKey::EC.new(@group2.curve_name) + @key2.generate_key + + @key3 = OpenSSL::PKey::EC.new(@group3) + @key3.generate_key + + @groups = [@group1, @group2, @group3] + @keys = [@key1, @key2, @key3] + end + + def compare_keys(k1, k2) + assert_equal(k1.to_pem, k2.to_pem) + end + + def test_curve_names + @groups.each_with_index do |group, idx| + key = @keys[idx] + assert_equal(group.curve_name, key.group.curve_name) + end + end + + def test_check_key + for key in @keys + assert_equal(key.check_key, true) + assert_equal(key.private_key?, true) + assert_equal(key.public_key?, true) + end + end + + def test_encoding + for group in @groups + for meth in [:to_der, :to_pem] + txt = group.send(meth) + gr = OpenSSL::PKey::EC::Group.new(txt) + assert_equal(txt, gr.send(meth)) + + assert_equal(group.generator.to_bn, gr.generator.to_bn) + assert_equal(group.cofactor, gr.cofactor) + assert_equal(group.order, gr.order) + assert_equal(group.seed, gr.seed) + assert_equal(group.degree, gr.degree) + end + end + + for key in @keys + group = key.group + + for meth in [:to_der, :to_pem] + txt = key.send(meth) + assert_equal(txt, OpenSSL::PKey::EC.new(txt).send(meth)) + end + + bn = key.public_key.to_bn + assert_equal(bn, OpenSSL::PKey::EC::Point.new(group, bn).to_bn) + end + end + + def test_set_keys + for key in @keys + k = OpenSSL::PKey::EC.new + k.group = key.group + k.private_key = key.private_key + k.public_key = key.public_key + + compare_keys(key, k) + end + end + + def test_dsa_sign_verify + for key in @keys + sig = key.dsa_sign_asn1(@data1) + assert(key.dsa_verify_asn1(@data1, sig)) + end + end + + def test_dsa_sign_asn1_FIPS186_3 + for key in @keys + size = key.group.order.num_bits / 8 + 1 + dgst = (1..size).to_a.pack('C*') + begin + sig = key.dsa_sign_asn1(dgst) + # dgst is auto-truncated according to FIPS186-3 after openssl-0.9.8m + assert(key.dsa_verify_asn1(dgst + "garbage", sig)) + rescue OpenSSL::PKey::ECError => e + # just an exception for longer dgst before openssl-0.9.8m + assert_equal('ECDSA_sign: data too large for key size', e.message) + # no need to do following tests + return + end + end end + def test_dh_compute_key + for key in @keys + k = OpenSSL::PKey::EC.new(key.group) + k.generate_key + + puba = key.public_key + pubb = k.public_key + a = key.dh_compute_key(pubb) + b = k.dh_compute_key(puba) + assert_equal(a, b) + end + end + def test_read_private_key_der ec = OpenSSL::TestUtils::TEST_KEY_EC_P256V1 der = ec.to_der @@ -29,8 +138,7 @@ class OpenSSL::TestPKeyEC < Test::Unit::TestCase def test_read_public_key_der ec = OpenSSL::TestUtils::TEST_KEY_EC_P256V1 - group = OpenSSL::PKey::EC::Group.new('prime256v1') - ec2 = OpenSSL::PKey::EC.new(group) + ec2 = OpenSSL::PKey::EC.new(ec.group) ec2.public_key = ec.public_key der = ec2.to_der ec3 = OpenSSL::PKey.read(der) @@ -40,8 +148,7 @@ class OpenSSL::TestPKeyEC < Test::Unit::TestCase def test_read_public_key_pem ec = OpenSSL::TestUtils::TEST_KEY_EC_P256V1 - group = OpenSSL::PKey::EC::Group.new('prime256v1') - ec2 = OpenSSL::PKey::EC.new(group) + ec2 = OpenSSL::PKey::EC.new(ec.group) ec2.public_key = ec.public_key pem = ec2.to_pem ec3 = OpenSSL::PKey.read(pem) @@ -63,6 +170,8 @@ class OpenSSL::TestPKeyEC < Test::Unit::TestCase #omit pem equality check, will be different due to cipher iv end +# test Group: asn1_flag, point_conversion + end end diff --git a/test/openssl/utils.rb b/test/openssl/utils.rb index 3f9662a8a5..c502fda301 100644 --- a/test/openssl/utils.rb +++ b/test/openssl/utils.rb @@ -80,6 +80,8 @@ Q1VB8qkJN7rA7/2HrCR3gTsWNb1YhAsnFsoeRscC+LxXoXi9OAIUBG98h4tilg6S -----END DSA PRIVATE KEY----- _end_of_pem_ +if defined?(OpenSSL::PKey::EC) + TEST_KEY_EC_P256V1 = OpenSSL::PKey::EC.new <<-_end_of_pem_ -----BEGIN EC PRIVATE KEY----- MHcCAQEEIID49FDqcf1O1eO8saTgG70UbXQw9Fqwseliit2aWhH1oAoGCCqGSM49 @@ -88,6 +90,8 @@ CeBUl+MahZtn9fO1JKdF4qJmS39dXnpENg== -----END EC PRIVATE KEY----- _end_of_pem_ +end + TEST_KEY_DH512 = OpenSSL::PKey::DH.new <<-_end_of_pem_ -----BEGIN DH PARAMETERS----- MEYCQQDmWXGPqk76sKw/edIOdhAQD4XzjJ+AR/PTk2qzaGs+u4oND2yU5D2NN4wr -- cgit v1.2.3