From 5bd7899b98fc4fd9631d08423f5c2fb6918c783d Mon Sep 17 00:00:00 2001
From: emboss <emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Sun, 10 Jun 2012 01:23:21 +0000
Subject: * ext/openssl/ossl.c   ext/openssl/ossl_pkey_rsa.c  
 ext/openssl/ossl_pkey_dsa.c   ext/openssl/ossl_pkey_ec.c: Forbid export
 passwords that are less   than four characters long, as OpenSSL itself does
 not allow this.   Issue found by Eric Hodel. * ext/openssl/ossl_pkey_ec.c:
 Add export as an alias of to_pem,   following the PKey interface contract. *
 test/openssl/test_pkey_dsa.rb   test/openssl/test_pkey_rsa.rb  
 test/openssl/test_pkey_ec.rb: Add tests that assert correct   behaviour when
 dealing with passwords that are less than four   characters long.  
 [ruby-core: 42281][ruby-trunk - Bug #5951]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36001 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 test/openssl/test_pkey_dsa.rb | 9 +++++++++
 test/openssl/test_pkey_ec.rb  | 9 +++++++++
 test/openssl/test_pkey_rsa.rb | 9 +++++++++
 3 files changed, 27 insertions(+)

(limited to 'test/openssl')

diff --git a/test/openssl/test_pkey_dsa.rb b/test/openssl/test_pkey_dsa.rb
index 4bf64a51be..555637e7a4 100644
--- a/test/openssl/test_pkey_dsa.rb
+++ b/test/openssl/test_pkey_dsa.rb
@@ -218,6 +218,15 @@ YNMbNw==
     assert_equal([], OpenSSL.errors)
   end
 
+  def test_export_password_length
+    key = OpenSSL::TestUtils::TEST_KEY_DSA256
+    assert_raise(OpenSSL::OpenSSLError) do
+      key.export(OpenSSL::Cipher.new('AES-128-CBC'), 'sec')
+    end
+    pem = key.export(OpenSSL::Cipher.new('AES-128-CBC'), 'secr')
+    assert(pem)
+  end
+
   private
 
   def check_sign_verify(digest)
diff --git a/test/openssl/test_pkey_ec.rb b/test/openssl/test_pkey_ec.rb
index e63f617140..a663bb0757 100644
--- a/test/openssl/test_pkey_ec.rb
+++ b/test/openssl/test_pkey_ec.rb
@@ -175,6 +175,15 @@ class OpenSSL::TestEC < Test::Unit::TestCase
     assert_equal([], OpenSSL.errors)
   end
 
+  def test_export_password_length
+    key = OpenSSL::TestUtils::TEST_KEY_EC_P256V1
+    assert_raise(OpenSSL::OpenSSLError) do
+      key.export(OpenSSL::Cipher.new('AES-128-CBC'), 'sec')
+    end
+    pem = key.export(OpenSSL::Cipher.new('AES-128-CBC'), 'secr')
+    assert(pem)
+  end
+
 # test Group: asn1_flag, point_conversion
 
 end
diff --git a/test/openssl/test_pkey_rsa.rb b/test/openssl/test_pkey_rsa.rb
index 815f49b61e..1881525c02 100644
--- a/test/openssl/test_pkey_rsa.rb
+++ b/test/openssl/test_pkey_rsa.rb
@@ -244,6 +244,15 @@ AwEAAQ==
     assert_equal([], OpenSSL.errors)
   end
 
+  def test_export_password_length
+    key = OpenSSL::TestUtils::TEST_KEY_RSA1024
+    assert_raise(OpenSSL::OpenSSLError) do
+      key.export(OpenSSL::Cipher.new('AES-128-CBC'), 'sec')
+    end
+    pem = key.export(OpenSSL::Cipher.new('AES-128-CBC'), 'secr')
+    assert(pem)
+  end
+
   private
 
   def check_PUBKEY(asn1, key)
-- 
cgit v1.2.3