jruby-openssl 0.8.0.pre3 → 0.8.0

data/test/1.9/test_pkcs12.rb

@@ -1,209 +0,0 @@
-require_relative "utils"
-
-if defined?(OpenSSL)
-
-module OpenSSL
-  class TestPKCS12 < Test::Unit::TestCase
-    include OpenSSL::TestUtils
-
-    def setup
-      ca = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=CA")
-
-      now = Time.now
-      ca_exts = [
-        ["basicConstraints","CA:TRUE",true],
-        ["keyUsage","keyCertSign, cRLSign",true],
-        ["subjectKeyIdentifier","hash",false],
-        ["authorityKeyIdentifier","keyid:always",false],
-      ]
-      
-      @cacert = issue_cert(ca, TEST_KEY_RSA2048, 1, now, now+3600, ca_exts,
-                            nil, nil, OpenSSL::Digest::SHA1.new)
-
-      inter_ca = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=Intermediate CA")
-      inter_ca_key = OpenSSL::PKey.read <<-_EOS_
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDp7hIG0SFMG/VWv1dBUWziAPrNmkMXJgTCAoB7jffzRtyyN04K
-oq/89HAszTMStZoMigQURfokzKsjpUp8OYCAEsBtt9d5zPndWMz/gHN73GrXk3LT
-ZsxEn7Xv5Da+Y9F/Hx2QZUHarV5cdZixq2NbzWGwrToogOQMh2pxN3Z/0wIDAQAB
-AoGBAJysUyx3olpsGzv3OMRJeahASbmsSKTXVLZvoIefxOINosBFpCIhZccAG6UV
-5c/xCvS89xBw8aD15uUfziw3AuT8QPEtHCgfSjeT7aWzBfYswEgOW4XPuWr7EeI9
-iNHGD6z+hCN/IQr7FiEBgTp6A+i/hffcSdR83fHWKyb4M7TRAkEA+y4BNd668HmC
-G5MPRx25n6LixuBxrNp1umfjEI6UZgEFVpYOg4agNuimN6NqM253kcTR94QNTUs5
-Kj3EhG1YWwJBAO5rUjiOyCNVX2WUQrOMYK/c1lU7fvrkdygXkvIGkhsPoNRzLPeA
-HGJszKtrKD8bNihWpWNIyqKRHfKVD7yXT+kCQGCAhVCIGTRoypcDghwljHqLnysf
-ci0h5ZdPcIqc7ODfxYhFsJ/Rql5ONgYsT5Ig/+lOQAkjf+TRYM4c2xKx2/8CQBvG
-jv6dy70qDgIUgqzONtlmHeYyFzn9cdBO5sShdVYHvRHjFSMEXsosqK9zvW2UqvuK
-FJx7d3f29gkzynCLJDkCQGQZlEZJC4vWmWJGRKJ24P6MyQn3VsPfErSKOg4lvyM3
-Li8JsX5yIiuVYaBg/6ha3tOg4TCa5K/3r3tVliRZ2Es=
------END RSA PRIVATE KEY-----
-      _EOS_
-
-      @inter_cacert = issue_cert(inter_ca, inter_ca_key, 2, now, now+3600, ca_exts,
-                                 @ca_cert, TEST_KEY_RSA2048, OpenSSL::Digest::SHA1.new)
-
-      exts = [
-        ["keyUsage","digitalSignature",true],
-        ["subjectKeyIdentifier","hash",false],
-      ]
-      ee = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=Ruby PKCS12 Test Certificate")
-      @mycert = issue_cert(ee, TEST_KEY_RSA1024, 3, now, now+3600, exts,
-                           @inter_cacert, inter_ca_key, OpenSSL::Digest::SHA1.new)
-    end
-
-    def test_create
-      pkcs12 = OpenSSL::PKCS12.create(
-        "omg",
-        "hello",
-        TEST_KEY_RSA1024,
-        @mycert
-      )
-      assert_equal @mycert, pkcs12.certificate
-      assert_equal TEST_KEY_RSA1024, pkcs12.key
-      assert_nil pkcs12.ca_certs
-    end
-
-    def test_create_no_pass
-      pkcs12 = OpenSSL::PKCS12.create(
-        nil,
-        "hello",
-        TEST_KEY_RSA1024,
-        @mycert
-      )
-      assert_equal @mycert, pkcs12.certificate
-      assert_equal TEST_KEY_RSA1024, pkcs12.key
-      assert_nil pkcs12.ca_certs
-
-      decoded = OpenSSL::PKCS12.new(pkcs12.to_der)
-      assert_cert @mycert, decoded.certificate
-    end
-
-    def test_create_with_chain
-      chain = [@inter_cacert, @cacert]
-
-      pkcs12 = OpenSSL::PKCS12.create(
-        "omg",
-        "hello",
-        TEST_KEY_RSA1024,
-        @mycert,
-        chain
-      )
-      assert_equal chain, pkcs12.ca_certs
-    end
-
-    def test_create_with_chain_decode
-      chain = [@cacert, @inter_cacert]
-
-      passwd = "omg"
-
-      pkcs12 = OpenSSL::PKCS12.create(
-        passwd,
-        "hello",
-        TEST_KEY_RSA1024,
-        @mycert,
-        chain
-      )
-
-      decoded = OpenSSL::PKCS12.new(pkcs12.to_der, passwd)
-      assert_equal chain.size, decoded.ca_certs.size
-      assert_include_cert @cacert, decoded.ca_certs
-      assert_include_cert @inter_cacert, decoded.ca_certs
-      assert_cert @mycert, decoded.certificate 
-      assert_equal TEST_KEY_RSA1024.to_der, decoded.key.to_der
-    end
-
-    def test_create_with_bad_nid
-      assert_raises(ArgumentError) do
-        OpenSSL::PKCS12.create(
-          "omg",
-          "hello",
-          TEST_KEY_RSA1024,
-          @mycert,
-          [],
-          "foo"
-        )
-      end
-    end
-
-    def test_create_with_itr
-      OpenSSL::PKCS12.create(
-        "omg",
-        "hello",
-        TEST_KEY_RSA1024,
-        @mycert,
-        [],
-        nil,
-        nil,
-        2048
-      )
-
-      assert_raises(TypeError) do
-        OpenSSL::PKCS12.create(
-          "omg",
-          "hello",
-          TEST_KEY_RSA1024,
-          @mycert,
-          [],
-          nil,
-          nil,
-          "omg"
-        )
-      end
-    end
-
-    def test_create_with_mac_itr
-      OpenSSL::PKCS12.create(
-        "omg",
-        "hello",
-        TEST_KEY_RSA1024,
-        @mycert,
-        [],
-        nil,
-        nil,
-        nil,
-        2048
-      )
-
-      assert_raises(TypeError) do
-        OpenSSL::PKCS12.create(
-          "omg",
-          "hello",
-          TEST_KEY_RSA1024,
-          @mycert,
-          [],
-          nil,
-          nil,
-          nil,
-          "omg"
-        )
-      end
-    end
-
-    private
-    def assert_cert expected, actual
-      [
-        :subject,
-        :issuer,
-        :serial,
-        :not_before,
-        :not_after,
-      ].each do |attribute|
-        assert_equal expected.send(attribute), actual.send(attribute)
-      end
-      assert_equal expected.to_der, actual.to_der
-    end
-
-    def assert_include_cert cert, ary
-      der = cert.to_der
-      ary.each do |candidate|
-        if candidate.to_der == der
-          return true
-        end
-      end
-      false
-    end
-
-  end
-end
-
-end

data/test/1.9/test_pkcs7.rb

@@ -1,156 +0,0 @@
-require_relative 'utils'
-
-if defined?(OpenSSL)
-
-class OpenSSL::TestPKCS7 < Test::Unit::TestCase
-  def setup
-    @rsa1024 = OpenSSL::TestUtils::TEST_KEY_RSA1024
-    @rsa2048 = OpenSSL::TestUtils::TEST_KEY_RSA2048
-    ca = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=CA")
-    ee1 = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=EE1")
-    ee2 = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=EE2")
-
-    now = Time.now
-    ca_exts = [
-      ["basicConstraints","CA:TRUE",true],
-      ["keyUsage","keyCertSign, cRLSign",true],
-      ["subjectKeyIdentifier","hash",false],
-      ["authorityKeyIdentifier","keyid:always",false],
-    ]
-    @ca_cert = issue_cert(ca, @rsa2048, 1, now, now+3600, ca_exts,
-                           nil, nil, OpenSSL::Digest::SHA1.new)
-    ee_exts = [
-      ["keyUsage","Non Repudiation, Digital Signature, Key Encipherment",true],
-      ["authorityKeyIdentifier","keyid:always",false],
-      ["extendedKeyUsage","clientAuth, emailProtection, codeSigning",false],
-    ]
-    @ee1_cert = issue_cert(ee1, @rsa1024, 2, now, now+1800, ee_exts,
-                           @ca_cert, @rsa2048, OpenSSL::Digest::SHA1.new)
-    @ee2_cert = issue_cert(ee2, @rsa1024, 3, now, now+1800, ee_exts,
-                           @ca_cert, @rsa2048, OpenSSL::Digest::SHA1.new)
-  end
-
-  def issue_cert(*args)
-    OpenSSL::TestUtils.issue_cert(*args)
-  end
-
-  def test_signed
-    store = OpenSSL::X509::Store.new
-    store.add_cert(@ca_cert)
-    ca_certs = [@ca_cert]
-
-    data = "aaaaa\r\nbbbbb\r\nccccc\r\n"
-    tmp = OpenSSL::PKCS7.sign(@ee1_cert, @rsa1024, data, ca_certs)
-    p7 = OpenSSL::PKCS7.new(tmp.to_der)
-    certs = p7.certificates
-    signers = p7.signers
-    assert(p7.verify([], store))
-    assert_equal(data, p7.data)
-    assert_equal(2, certs.size)
-    assert_equal(@ee1_cert.subject.to_s, certs[0].subject.to_s)
-    assert_equal(@ca_cert.subject.to_s, certs[1].subject.to_s)
-    assert_equal(1, signers.size)
-    assert_equal(@ee1_cert.serial, signers[0].serial)
-    assert_equal(@ee1_cert.issuer.to_s, signers[0].issuer.to_s)
-
-    # Normaly OpenSSL tries to translate the supplied content into canonical
-    # MIME format (e.g. a newline character is converted into CR+LF).
-    # If the content is a binary, PKCS7::BINARY flag should be used.
-
-    data = "aaaaa\nbbbbb\nccccc\n"
-    flag = OpenSSL::PKCS7::BINARY
-    tmp = OpenSSL::PKCS7.sign(@ee1_cert, @rsa1024, data, ca_certs, flag)
-    p7 = OpenSSL::PKCS7.new(tmp.to_der)
-    certs = p7.certificates
-    signers = p7.signers
-    assert(p7.verify([], store))
-    assert_equal(data, p7.data)
-    assert_equal(2, certs.size)
-    assert_equal(@ee1_cert.subject.to_s, certs[0].subject.to_s)
-    assert_equal(@ca_cert.subject.to_s, certs[1].subject.to_s)
-    assert_equal(1, signers.size)
-    assert_equal(@ee1_cert.serial, signers[0].serial)
-    assert_equal(@ee1_cert.issuer.to_s, signers[0].issuer.to_s)
-
-    # A signed-data which have multiple signatures can be created
-    # through the following steps.
-    #   1. create two signed-data
-    #   2. copy signerInfo and certificate from one to another
-
-    tmp1 = OpenSSL::PKCS7.sign(@ee1_cert, @rsa1024, data, [], flag)
-    tmp2 = OpenSSL::PKCS7.sign(@ee2_cert, @rsa1024, data, [], flag)
-    tmp1.add_signer(tmp2.signers[0])
-    tmp1.add_certificate(@ee2_cert)
-
-    p7 = OpenSSL::PKCS7.new(tmp1.to_der)
-    certs = p7.certificates
-    signers = p7.signers
-    assert(p7.verify([], store))
-    assert_equal(data, p7.data)
-    assert_equal(2, certs.size)
-    assert_equal(2, signers.size)
-    assert_equal(@ee1_cert.serial, signers[0].serial)
-    assert_equal(@ee1_cert.issuer.to_s, signers[0].issuer.to_s)
-    assert_equal(@ee2_cert.serial, signers[1].serial)
-    assert_equal(@ee2_cert.issuer.to_s, signers[1].issuer.to_s)
-  end
-
-  def test_detached_sign
-    store = OpenSSL::X509::Store.new
-    store.add_cert(@ca_cert)
-    ca_certs = [@ca_cert]
-
-    data = "aaaaa\nbbbbb\nccccc\n"
-    flag = OpenSSL::PKCS7::BINARY|OpenSSL::PKCS7::DETACHED
-    tmp = OpenSSL::PKCS7.sign(@ee1_cert, @rsa1024, data, ca_certs, flag)
-    p7 = OpenSSL::PKCS7.new(tmp.to_der)
-    assert_nothing_raised do
-      OpenSSL::ASN1.decode(p7)
-    end
-
-    certs = p7.certificates
-    signers = p7.signers
-    assert(!p7.verify([], store))
-    assert(p7.verify([], store, data))
-    assert_equal(data, p7.data)
-    assert_equal(2, certs.size)
-    assert_equal(@ee1_cert.subject.to_s, certs[0].subject.to_s)
-    assert_equal(@ca_cert.subject.to_s, certs[1].subject.to_s)
-    assert_equal(1, signers.size)
-    assert_equal(@ee1_cert.serial, signers[0].serial)
-    assert_equal(@ee1_cert.issuer.to_s, signers[0].issuer.to_s)
-  end
-
-  def test_enveloped
-    if OpenSSL::OPENSSL_VERSION_NUMBER <= 0x0090704f
-      # PKCS7_encrypt() of OpenSSL-0.9.7d goes to SEGV.
-      # http://www.mail-archive.com/openssl-dev@openssl.org/msg17376.html
-      return
-    end
-
-    certs = [@ee1_cert, @ee2_cert]
-    cipher = OpenSSL::Cipher::AES.new("128-CBC")
-    data = "aaaaa\nbbbbb\nccccc\n"
-
-    tmp = OpenSSL::PKCS7.encrypt(certs, data, cipher, OpenSSL::PKCS7::BINARY)
-    p7 = OpenSSL::PKCS7.new(tmp.to_der)
-    recip = p7.recipients
-    assert_equal(:enveloped, p7.type)
-    assert_equal(2, recip.size)
-
-    assert_equal(@ca_cert.subject.to_s, recip[0].issuer.to_s)
-    assert_equal(2, recip[0].serial)
-    assert_equal(data, p7.decrypt(@rsa1024, @ee1_cert))
-
-    assert_equal(@ca_cert.subject.to_s, recip[1].issuer.to_s)
-    assert_equal(3, recip[1].serial)
-    assert_equal(data, p7.decrypt(@rsa1024, @ee2_cert))
-  end
-  
-  def test_graceful_parsing_failure #[ruby-core:43250]
-    contents = File.read(__FILE__)
-    assert_raise(ArgumentError) { OpenSSL::PKCS7.new(contents) }
-  end
-end
-
-end

data/test/1.9/test_pkey_dh.rb

@@ -1,72 +0,0 @@
-require_relative 'utils'
-
-if defined?(OpenSSL)
-
-class OpenSSL::TestPKeyDH < Test::Unit::TestCase
-  def test_new
-    dh = OpenSSL::PKey::DH.new(256)
-    assert_key(dh)
-  end
-
-  def test_to_der
-    dh = OpenSSL::PKey::DH.new(256)
-    der = dh.to_der
-    dh2 = OpenSSL::PKey::DH.new(der)
-    assert_equal_params(dh, dh2)
-    assert_no_key(dh2)
-  end
-
-  def test_to_pem
-    dh = OpenSSL::PKey::DH.new(256)
-    pem = dh.to_pem
-    dh2 = OpenSSL::PKey::DH.new(pem)
-    assert_equal_params(dh, dh2)
-    assert_no_key(dh2)
-  end
-
-  def test_public_key
-    dh = OpenSSL::PKey::DH.new(256)
-    public_key = dh.public_key
-    assert_no_key(public_key) #implies public_key.public? is false!
-    assert_equal(dh.to_der, public_key.to_der)
-    assert_equal(dh.to_pem, public_key.to_pem)
-  end
-
-  def test_generate_key
-    dh = OpenSSL::TestUtils::TEST_KEY_DH512.public_key # creates a copy
-    assert_no_key(dh)
-    dh.generate_key!
-    assert_key(dh)
-  end
-
-  def test_key_exchange
-    dh = OpenSSL::TestUtils::TEST_KEY_DH512
-    dh2 = dh.public_key
-    dh.generate_key!
-    dh2.generate_key!
-    assert_equal(dh.compute_key(dh2.pub_key), dh2.compute_key(dh.pub_key))
-  end
-
-  private
-
-  def assert_equal_params(dh1, dh2)
-    assert_equal(dh1.g, dh2.g)
-    assert_equal(dh1.p, dh2.p)
-  end
-
-  def assert_no_key(dh)
-    assert_equal(false, dh.public?)
-    assert_equal(false, dh.private?)
-    assert_equal(nil, dh.pub_key)
-    assert_equal(nil, dh.priv_key)
-  end
-
-  def assert_key(dh)
-    assert(dh.public?)
-    assert(dh.private?)
-    assert(dh.pub_key)
-    assert(dh.priv_key)
-  end
-end
-
-end

data/test/1.9/test_pkey_dsa.rb

@@ -1,224 +0,0 @@
-require_relative 'utils'
-require 'base64'
-
-if defined?(OpenSSL)
-
-class OpenSSL::TestPKeyDSA < Test::Unit::TestCase
-  def test_private
-    key = OpenSSL::PKey::DSA.new(256)
-    assert(key.private?)
-    key2 = OpenSSL::PKey::DSA.new(key.to_der)
-    assert(key2.private?)
-    key3 = key.public_key
-    assert(!key3.private?)
-    key4 = OpenSSL::PKey::DSA.new(key3.to_der)
-    assert(!key4.private?)
-  end
-
-  def test_new
-    key = OpenSSL::PKey::DSA.new 256
-    pem  = key.public_key.to_pem
-    OpenSSL::PKey::DSA.new pem
-    assert_equal([], OpenSSL.errors)
-  end
-
-  def test_sys_sign_verify
-    key = OpenSSL::TestUtils::TEST_KEY_DSA256
-    data = 'Sign me!'
-    digest = OpenSSL::Digest::SHA1.digest(data)
-    sig = key.syssign(digest)
-    assert(key.sysverify(digest, sig))
-  end
-
-  def test_sign_verify
-    check_sign_verify(OpenSSL::Digest::DSS1.new)
-  end
-
-if (OpenSSL::OPENSSL_VERSION_NUMBER > 0x10000000)
-  def test_sign_verify_sha1
-    check_sign_verify(OpenSSL::Digest::SHA1.new)
-  end
-
-  def test_sign_verify_sha256
-    check_sign_verify(OpenSSL::Digest::SHA256.new)
-  end
-end
-
-  def test_digest_state_irrelevant_verify
-    key = OpenSSL::TestUtils::TEST_KEY_DSA256
-    digest1 = OpenSSL::Digest::DSS1.new
-    digest2 = OpenSSL::Digest::DSS1.new
-    data = 'Sign me!'
-    sig = key.sign(digest1, data)
-    digest1.reset
-    digest1 << 'Change state of digest1'
-    assert(key.verify(digest1, sig, data))
-    assert(key.verify(digest2, sig, data))
-  end
-
-  def test_read_DSA_PUBKEY
-    p = 7188211954100152441468596248707152960171255279130004340103875772401008316444412091945435731597638374542374929457672178957081124632837356913990200866056699
-    q = 957032439192465935099784319494405376402293318491
-    g = 122928973717064636255205666162891733518376475981809749897454444301389338825906076467196186192907631719698166056821519884939865041993585844526937010746285
-    y = 1235756183583465414789073313502727057075641172514181938731172021825149551960029708596057102104063395063907739571546165975727369183495540798749742124846271
-    algo = OpenSSL::ASN1::ObjectId.new('DSA')
-    params = OpenSSL::ASN1::Sequence.new([OpenSSL::ASN1::Integer.new(p),
-                                          OpenSSL::ASN1::Integer.new(q),
-                                          OpenSSL::ASN1::Integer.new(g)])
-    algo_id = OpenSSL::ASN1::Sequence.new ([algo, params])
-    pub_key = OpenSSL::ASN1::Integer.new(y)
-    seq = OpenSSL::ASN1::Sequence.new([algo_id, OpenSSL::ASN1::BitString.new(pub_key.to_der)])
-    key = OpenSSL::PKey::DSA.new(seq.to_der)
-    assert(key.public?)
-    assert(!key.private?)
-    assert_equal(p, key.p)
-    assert_equal(q, key.q)
-    assert_equal(g, key.g)
-    assert_equal(y, key.pub_key)
-    assert_equal(nil, key.priv_key)
-    assert_equal([], OpenSSL.errors)
-  end
-
-  def test_read_DSAPublicKey_pem
-    p = 12260055936871293565827712385212529106400444521449663325576634579961635627321079536132296996623400607469624537382977152381984332395192110731059176842635699
-    q = 979494906553787301107832405790107343409973851677
-    g = 3731695366899846297271147240305742456317979984190506040697507048095553842519347835107669437969086119948785140453492839427038591924536131566350847469993845
-    y = 10505239074982761504240823422422813362721498896040719759460296306305851824586095328615844661273887569281276387605297130014564808567159023649684010036304695
-    pem = <<-EOF
------BEGIN DSA PUBLIC KEY-----
-MIHfAkEAyJSJ+g+P/knVcgDwwTzC7Pwg/pWs2EMd/r+lYlXhNfzg0biuXRul8VR4
-VUC/phySExY0PdcqItkR/xYAYNMbNwJBAOoV57X0FxKO/PrNa/MkoWzkCKV/hzhE
-p0zbFdsicw+hIjJ7S6Sd/FlDlo89HQZ2FuvWJ6wGLM1j00r39+F2qbMCFQCrkhIX
-SG+is37hz1IaBeEudjB2HQJAR0AloavBvtsng8obsjLb7EKnB+pSeHr/BdIQ3VH7
-fWLOqqkzFeRrYMDzUpl36XktY6Yq8EJYlW9pCMmBVNy/dQ==
------END DSA PUBLIC KEY-----
-    EOF
-    key = OpenSSL::PKey::DSA.new(pem)
-    assert(key.public?)
-    assert(!key.private?)
-    assert_equal(p, key.p)
-    assert_equal(q, key.q)
-    assert_equal(g, key.g)
-    assert_equal(y, key.pub_key)
-    assert_equal(nil, key.priv_key)
-    assert_equal([], OpenSSL.errors)
-  end
-
-  def test_read_DSA_PUBKEY_pem
-    p = 12260055936871293565827712385212529106400444521449663325576634579961635627321079536132296996623400607469624537382977152381984332395192110731059176842635699
-    q = 979494906553787301107832405790107343409973851677
-    g = 3731695366899846297271147240305742456317979984190506040697507048095553842519347835107669437969086119948785140453492839427038591924536131566350847469993845
-    y = 10505239074982761504240823422422813362721498896040719759460296306305851824586095328615844661273887569281276387605297130014564808567159023649684010036304695
-    pem = <<-EOF
------BEGIN PUBLIC KEY-----
-MIHxMIGoBgcqhkjOOAQBMIGcAkEA6hXntfQXEo78+s1r8yShbOQIpX+HOESnTNsV
-2yJzD6EiMntLpJ38WUOWjz0dBnYW69YnrAYszWPTSvf34XapswIVAKuSEhdIb6Kz
-fuHPUhoF4S52MHYdAkBHQCWhq8G+2yeDyhuyMtvsQqcH6lJ4ev8F0hDdUft9Ys6q
-qTMV5GtgwPNSmXfpeS1jpirwQliVb2kIyYFU3L91A0QAAkEAyJSJ+g+P/knVcgDw
-wTzC7Pwg/pWs2EMd/r+lYlXhNfzg0biuXRul8VR4VUC/phySExY0PdcqItkR/xYA
-YNMbNw==
------END PUBLIC KEY-----
-    EOF
-    key = OpenSSL::PKey::DSA.new(pem)
-    assert(key.public?)
-    assert(!key.private?)
-    assert_equal(p, key.p)
-    assert_equal(q, key.q)
-    assert_equal(g, key.g)
-    assert_equal(y, key.pub_key)
-    assert_equal(nil, key.priv_key)
-    assert_equal([], OpenSSL.errors)
-  end
-
-  def test_export_format_is_DSA_PUBKEY_pem
-    key = OpenSSL::TestUtils::TEST_KEY_DSA256
-    pem = key.public_key.to_pem
-    pem.gsub!(/^-+(\w|\s)+-+$/, "") # eliminate --------BEGIN...-------
-    asn1 = OpenSSL::ASN1.decode(Base64.decode64(pem))
-    assert_equal(OpenSSL::ASN1::SEQUENCE, asn1.tag)
-    assert_equal(2, asn1.value.size)
-    seq = asn1.value
-    assert_equal(OpenSSL::ASN1::SEQUENCE, seq[0].tag)
-    assert_equal(2, seq[0].value.size)
-    algo_id = seq[0].value
-    assert_equal(OpenSSL::ASN1::OBJECT, algo_id[0].tag)
-    assert_equal('DSA', algo_id[0].value)
-    assert_equal(OpenSSL::ASN1::SEQUENCE, algo_id[1].tag)
-    assert_equal(3, algo_id[1].value.size)
-    params = algo_id[1].value
-    assert_equal(OpenSSL::ASN1::INTEGER, params[0].tag)
-    assert_equal(key.p, params[0].value)
-    assert_equal(OpenSSL::ASN1::INTEGER, params[1].tag)
-    assert_equal(key.q, params[1].value)
-    assert_equal(OpenSSL::ASN1::INTEGER, params[2].tag)
-    assert_equal(key.g, params[2].value)
-    assert_equal(OpenSSL::ASN1::BIT_STRING, seq[1].tag)
-    assert_equal(0, seq[1].unused_bits)
-    pub_key = OpenSSL::ASN1.decode(seq[1].value)
-    assert_equal(OpenSSL::ASN1::INTEGER, pub_key.tag)
-    assert_equal(key.pub_key, pub_key.value)
-    assert_equal([], OpenSSL.errors)
-  end
-
-  def test_read_private_key_der
-    key = OpenSSL::TestUtils::TEST_KEY_DSA256
-    der = key.to_der
-    key2 = OpenSSL::PKey.read(der)
-    assert(key2.private?)
-    assert_equal(der, key2.to_der)
-    assert_equal([], OpenSSL.errors)
-  end
-
-  def test_read_private_key_pem
-    key = OpenSSL::TestUtils::TEST_KEY_DSA256
-    pem = key.to_pem
-    key2 = OpenSSL::PKey.read(pem)
-    assert(key2.private?)
-    assert_equal(pem, key2.to_pem)
-    assert_equal([], OpenSSL.errors)
-  end
-
-  def test_read_public_key_der
-    key = OpenSSL::TestUtils::TEST_KEY_DSA256.public_key
-    der = key.to_der
-    key2 = OpenSSL::PKey.read(der)
-    assert(!key2.private?)
-    assert_equal(der, key2.to_der)
-    assert_equal([], OpenSSL.errors)
-  end
-
-  def test_read_public_key_pem
-    key = OpenSSL::TestUtils::TEST_KEY_DSA256.public_key
-    pem = key.to_pem
-    key2 = OpenSSL::PKey.read(pem)
-    assert(!key2.private?)
-    assert_equal(pem, key2.to_pem)
-    assert_equal([], OpenSSL.errors)
-  end
-
-  def test_read_private_key_pem_pw
-    key = OpenSSL::TestUtils::TEST_KEY_DSA256
-    pem = key.to_pem(OpenSSL::Cipher.new('AES-128-CBC'), 'secret')
-    #callback form for password
-    key2 = OpenSSL::PKey.read(pem) do
-      'secret'
-    end
-    assert(key2.private?)
-    # pass password directly
-    key2 = OpenSSL::PKey.read(pem, 'secret')
-    assert(key2.private?)
-    #omit pem equality check, will be different due to cipher iv
-    assert_equal([], OpenSSL.errors)
-  end
-
-  private
-
-  def check_sign_verify(digest)
-    key = OpenSSL::TestUtils::TEST_KEY_DSA256
-    data = 'Sign me!'
-    sig = key.sign(digest, data)
-    assert(key.verify(digest, sig, data))
-  end
-end
-
-end