jruby-openssl 0.8.0.pre3 → 0.8.0
Sign up to get free protection for your applications and to get access to all the features.
- data/Manifest.txt +5 -124
- data/Rakefile +3 -3
- data/lib/shared/jopenssl.jar +0 -0
- data/lib/shared/jopenssl/version.rb +1 -1
- metadata +10 -116
- data/test/1.8/ssl_server.rb +0 -99
- data/test/1.8/test_asn1.rb +0 -212
- data/test/1.8/test_cipher.rb +0 -193
- data/test/1.8/test_config.rb +0 -290
- data/test/1.8/test_digest.rb +0 -88
- data/test/1.8/test_ec.rb +0 -128
- data/test/1.8/test_hmac.rb +0 -46
- data/test/1.8/test_ns_spki.rb +0 -59
- data/test/1.8/test_pair.rb +0 -149
- data/test/1.8/test_pkcs7.rb +0 -489
- data/test/1.8/test_pkey_rsa.rb +0 -49
- data/test/1.8/test_ssl.rb +0 -1032
- data/test/1.8/test_x509cert.rb +0 -277
- data/test/1.8/test_x509crl.rb +0 -253
- data/test/1.8/test_x509ext.rb +0 -99
- data/test/1.8/test_x509name.rb +0 -290
- data/test/1.8/test_x509req.rb +0 -195
- data/test/1.8/test_x509store.rb +0 -246
- data/test/1.8/utils.rb +0 -144
- data/test/1.9/ssl_server.rb +0 -81
- data/test/1.9/test_asn1.rb +0 -589
- data/test/1.9/test_bn.rb +0 -23
- data/test/1.9/test_buffering.rb +0 -88
- data/test/1.9/test_cipher.rb +0 -107
- data/test/1.9/test_config.rb +0 -288
- data/test/1.9/test_digest.rb +0 -118
- data/test/1.9/test_engine.rb +0 -15
- data/test/1.9/test_hmac.rb +0 -32
- data/test/1.9/test_ns_spki.rb +0 -50
- data/test/1.9/test_ocsp.rb +0 -47
- data/test/1.9/test_pair.rb +0 -257
- data/test/1.9/test_pkcs12.rb +0 -209
- data/test/1.9/test_pkcs7.rb +0 -156
- data/test/1.9/test_pkey_dh.rb +0 -72
- data/test/1.9/test_pkey_dsa.rb +0 -224
- data/test/1.9/test_pkey_ec.rb +0 -182
- data/test/1.9/test_pkey_rsa.rb +0 -244
- data/test/1.9/test_ssl.rb +0 -499
- data/test/1.9/test_ssl_session.rb +0 -327
- data/test/1.9/test_x509cert.rb +0 -217
- data/test/1.9/test_x509crl.rb +0 -221
- data/test/1.9/test_x509ext.rb +0 -69
- data/test/1.9/test_x509name.rb +0 -366
- data/test/1.9/test_x509req.rb +0 -150
- data/test/1.9/test_x509store.rb +0 -229
- data/test/1.9/utils.rb +0 -304
- data/test/cert_with_ec_pk.cer +0 -27
- data/test/fixture/ca-bundle.crt +0 -2794
- data/test/fixture/ca_path/72fa7371.0 +0 -19
- data/test/fixture/ca_path/verisign.pem +0 -19
- data/test/fixture/cacert.pem +0 -23
- data/test/fixture/cert_localhost.pem +0 -19
- data/test/fixture/common.pem +0 -48
- data/test/fixture/ids_in_subject_rdn_set.pem +0 -31
- data/test/fixture/imaps/cacert.pem +0 -60
- data/test/fixture/imaps/server.crt +0 -61
- data/test/fixture/imaps/server.key +0 -15
- data/test/fixture/key_then_cert.pem +0 -34
- data/test/fixture/keypair.pem +0 -27
- data/test/fixture/localhost_keypair.pem +0 -18
- data/test/fixture/max.pem +0 -29
- data/test/fixture/purpose/b70a5bc1.0 +0 -24
- data/test/fixture/purpose/ca/PASSWD_OF_CA_KEY_IS_1234 +0 -0
- data/test/fixture/purpose/ca/ca_config.rb +0 -37
- data/test/fixture/purpose/ca/cacert.pem +0 -24
- data/test/fixture/purpose/ca/newcerts/2_cert.pem +0 -19
- data/test/fixture/purpose/ca/newcerts/3_cert.pem +0 -19
- data/test/fixture/purpose/ca/newcerts/4_cert.pem +0 -19
- data/test/fixture/purpose/ca/private/cakeypair.pem +0 -30
- data/test/fixture/purpose/ca/serial +0 -1
- data/test/fixture/purpose/cacert.pem +0 -24
- data/test/fixture/purpose/scripts/gen_cert.rb +0 -127
- data/test/fixture/purpose/scripts/gen_csr.rb +0 -50
- data/test/fixture/purpose/scripts/init_ca.rb +0 -66
- data/test/fixture/purpose/sslclient.pem +0 -19
- data/test/fixture/purpose/sslclient/csr.pem +0 -10
- data/test/fixture/purpose/sslclient/keypair.pem +0 -15
- data/test/fixture/purpose/sslclient/sslclient.pem +0 -19
- data/test/fixture/purpose/sslserver.pem +0 -19
- data/test/fixture/purpose/sslserver/csr.pem +0 -10
- data/test/fixture/purpose/sslserver/keypair.pem +0 -15
- data/test/fixture/purpose/sslserver/sslserver.pem +0 -19
- data/test/fixture/purpose/sslserver_no_dsig_in_keyUsage.pem +0 -19
- data/test/fixture/selfcert.pem +0 -23
- data/test/fixture/verisign.pem +0 -19
- data/test/fixture/verisign_c3.pem +0 -14
- data/test/ref/a.out +0 -0
- data/test/ref/compile.rb +0 -8
- data/test/ref/pkcs1 +0 -0
- data/test/ref/pkcs1.c +0 -21
- data/test/ruby/envutil.rb +0 -208
- data/test/ruby/ut_eof.rb +0 -128
- data/test/test_all.rb +0 -1
- data/test/test_certificate.rb +0 -132
- data/test/test_cipher.rb +0 -197
- data/test/test_imaps.rb +0 -107
- data/test/test_integration.rb +0 -144
- data/test/test_openssl.rb +0 -4
- data/test/test_parse_certificate.rb +0 -27
- data/test/test_pkcs7.rb +0 -56
- data/test/test_pkey_dsa.rb +0 -180
- data/test/test_pkey_rsa.rb +0 -329
- data/test/test_ssl.rb +0 -97
- data/test/test_x509store.rb +0 -168
data/test/1.9/test_asn1.rb
DELETED
@@ -1,589 +0,0 @@
|
|
1
|
-
require_relative 'utils'
|
2
|
-
|
3
|
-
class OpenSSL::TestASN1 < Test::Unit::TestCase
|
4
|
-
def test_decode
|
5
|
-
subj = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=TestCA")
|
6
|
-
key = OpenSSL::TestUtils::TEST_KEY_RSA1024
|
7
|
-
now = Time.at(Time.now.to_i) # suppress usec
|
8
|
-
s = 0xdeadbeafdeadbeafdeadbeafdeadbeaf
|
9
|
-
exts = [
|
10
|
-
["basicConstraints","CA:TRUE,pathlen:1",true],
|
11
|
-
["keyUsage","keyCertSign, cRLSign",true],
|
12
|
-
["subjectKeyIdentifier","hash",false],
|
13
|
-
]
|
14
|
-
dgst = OpenSSL::Digest::SHA1.new
|
15
|
-
cert = OpenSSL::TestUtils.issue_cert(
|
16
|
-
subj, key, s, now, now+3600, exts, nil, nil, dgst)
|
17
|
-
|
18
|
-
|
19
|
-
asn1 = OpenSSL::ASN1.decode(cert)
|
20
|
-
assert_equal(OpenSSL::ASN1::Sequence, asn1.class)
|
21
|
-
assert_equal(3, asn1.value.size)
|
22
|
-
tbs_cert, sig_alg, sig_val = *asn1.value
|
23
|
-
|
24
|
-
assert_equal(OpenSSL::ASN1::Sequence, tbs_cert.class)
|
25
|
-
assert_equal(8, tbs_cert.value.size)
|
26
|
-
|
27
|
-
version = tbs_cert.value[0]
|
28
|
-
assert_equal(:CONTEXT_SPECIFIC, version.tag_class)
|
29
|
-
assert_equal(0, version.tag)
|
30
|
-
assert_equal(1, version.value.size)
|
31
|
-
assert_equal(OpenSSL::ASN1::Integer, version.value[0].class)
|
32
|
-
assert_equal(2, version.value[0].value)
|
33
|
-
|
34
|
-
serial = tbs_cert.value[1]
|
35
|
-
assert_equal(OpenSSL::ASN1::Integer, serial.class)
|
36
|
-
assert_equal(0xdeadbeafdeadbeafdeadbeafdeadbeaf, serial.value)
|
37
|
-
|
38
|
-
sig = tbs_cert.value[2]
|
39
|
-
assert_equal(OpenSSL::ASN1::Sequence, sig.class)
|
40
|
-
assert_equal(2, sig.value.size)
|
41
|
-
assert_equal(OpenSSL::ASN1::ObjectId, sig.value[0].class)
|
42
|
-
assert_equal("1.2.840.113549.1.1.5", sig.value[0].oid)
|
43
|
-
assert_equal(OpenSSL::ASN1::Null, sig.value[1].class)
|
44
|
-
|
45
|
-
dn = tbs_cert.value[3] # issuer
|
46
|
-
assert_equal(subj.hash, OpenSSL::X509::Name.new(dn).hash)
|
47
|
-
assert_equal(OpenSSL::ASN1::Sequence, dn.class)
|
48
|
-
assert_equal(3, dn.value.size)
|
49
|
-
assert_equal(OpenSSL::ASN1::Set, dn.value[0].class)
|
50
|
-
assert_equal(OpenSSL::ASN1::Set, dn.value[1].class)
|
51
|
-
assert_equal(OpenSSL::ASN1::Set, dn.value[2].class)
|
52
|
-
assert_equal(1, dn.value[0].value.size)
|
53
|
-
assert_equal(1, dn.value[1].value.size)
|
54
|
-
assert_equal(1, dn.value[2].value.size)
|
55
|
-
assert_equal(OpenSSL::ASN1::Sequence, dn.value[0].value[0].class)
|
56
|
-
assert_equal(OpenSSL::ASN1::Sequence, dn.value[1].value[0].class)
|
57
|
-
assert_equal(OpenSSL::ASN1::Sequence, dn.value[2].value[0].class)
|
58
|
-
assert_equal(2, dn.value[0].value[0].value.size)
|
59
|
-
assert_equal(2, dn.value[1].value[0].value.size)
|
60
|
-
assert_equal(2, dn.value[2].value[0].value.size)
|
61
|
-
oid, value = *dn.value[0].value[0].value
|
62
|
-
assert_equal(OpenSSL::ASN1::ObjectId, oid.class)
|
63
|
-
assert_equal("0.9.2342.19200300.100.1.25", oid.oid)
|
64
|
-
assert_equal(OpenSSL::ASN1::IA5String, value.class)
|
65
|
-
assert_equal("org", value.value)
|
66
|
-
oid, value = *dn.value[1].value[0].value
|
67
|
-
assert_equal(OpenSSL::ASN1::ObjectId, oid.class)
|
68
|
-
assert_equal("0.9.2342.19200300.100.1.25", oid.oid)
|
69
|
-
assert_equal(OpenSSL::ASN1::IA5String, value.class)
|
70
|
-
assert_equal("ruby-lang", value.value)
|
71
|
-
oid, value = *dn.value[2].value[0].value
|
72
|
-
assert_equal(OpenSSL::ASN1::ObjectId, oid.class)
|
73
|
-
assert_equal("2.5.4.3", oid.oid)
|
74
|
-
assert_equal(OpenSSL::ASN1::UTF8String, value.class)
|
75
|
-
assert_equal("TestCA", value.value)
|
76
|
-
|
77
|
-
validity = tbs_cert.value[4]
|
78
|
-
assert_equal(OpenSSL::ASN1::Sequence, validity.class)
|
79
|
-
assert_equal(2, validity.value.size)
|
80
|
-
assert_equal(OpenSSL::ASN1::UTCTime, validity.value[0].class)
|
81
|
-
assert_equal(now, validity.value[0].value)
|
82
|
-
assert_equal(OpenSSL::ASN1::UTCTime, validity.value[1].class)
|
83
|
-
assert_equal(now+3600, validity.value[1].value)
|
84
|
-
|
85
|
-
dn = tbs_cert.value[5] # subject
|
86
|
-
assert_equal(subj.hash, OpenSSL::X509::Name.new(dn).hash)
|
87
|
-
assert_equal(OpenSSL::ASN1::Sequence, dn.class)
|
88
|
-
assert_equal(3, dn.value.size)
|
89
|
-
assert_equal(OpenSSL::ASN1::Set, dn.value[0].class)
|
90
|
-
assert_equal(OpenSSL::ASN1::Set, dn.value[1].class)
|
91
|
-
assert_equal(OpenSSL::ASN1::Set, dn.value[2].class)
|
92
|
-
assert_equal(1, dn.value[0].value.size)
|
93
|
-
assert_equal(1, dn.value[1].value.size)
|
94
|
-
assert_equal(1, dn.value[2].value.size)
|
95
|
-
assert_equal(OpenSSL::ASN1::Sequence, dn.value[0].value[0].class)
|
96
|
-
assert_equal(OpenSSL::ASN1::Sequence, dn.value[1].value[0].class)
|
97
|
-
assert_equal(OpenSSL::ASN1::Sequence, dn.value[2].value[0].class)
|
98
|
-
assert_equal(2, dn.value[0].value[0].value.size)
|
99
|
-
assert_equal(2, dn.value[1].value[0].value.size)
|
100
|
-
assert_equal(2, dn.value[2].value[0].value.size)
|
101
|
-
oid, value = *dn.value[0].value[0].value
|
102
|
-
assert_equal(OpenSSL::ASN1::ObjectId, oid.class)
|
103
|
-
assert_equal("0.9.2342.19200300.100.1.25", oid.oid)
|
104
|
-
assert_equal(OpenSSL::ASN1::IA5String, value.class)
|
105
|
-
assert_equal("org", value.value)
|
106
|
-
oid, value = *dn.value[1].value[0].value
|
107
|
-
assert_equal(OpenSSL::ASN1::ObjectId, oid.class)
|
108
|
-
assert_equal("0.9.2342.19200300.100.1.25", oid.oid)
|
109
|
-
assert_equal(OpenSSL::ASN1::IA5String, value.class)
|
110
|
-
assert_equal("ruby-lang", value.value)
|
111
|
-
oid, value = *dn.value[2].value[0].value
|
112
|
-
assert_equal(OpenSSL::ASN1::ObjectId, oid.class)
|
113
|
-
assert_equal("2.5.4.3", oid.oid)
|
114
|
-
assert_equal(OpenSSL::ASN1::UTF8String, value.class)
|
115
|
-
assert_equal("TestCA", value.value)
|
116
|
-
|
117
|
-
pkey = tbs_cert.value[6]
|
118
|
-
assert_equal(OpenSSL::ASN1::Sequence, pkey.class)
|
119
|
-
assert_equal(2, pkey.value.size)
|
120
|
-
assert_equal(OpenSSL::ASN1::Sequence, pkey.value[0].class)
|
121
|
-
assert_equal(2, pkey.value[0].value.size)
|
122
|
-
assert_equal(OpenSSL::ASN1::ObjectId, pkey.value[0].value[0].class)
|
123
|
-
assert_equal("1.2.840.113549.1.1.1", pkey.value[0].value[0].oid)
|
124
|
-
assert_equal(OpenSSL::ASN1::BitString, pkey.value[1].class)
|
125
|
-
assert_equal(0, pkey.value[1].unused_bits)
|
126
|
-
spkey = OpenSSL::ASN1.decode(pkey.value[1].value)
|
127
|
-
assert_equal(OpenSSL::ASN1::Sequence, spkey.class)
|
128
|
-
assert_equal(2, spkey.value.size)
|
129
|
-
assert_equal(OpenSSL::ASN1::Integer, spkey.value[0].class)
|
130
|
-
assert_equal(143085709396403084580358323862163416700436550432664688288860593156058579474547937626086626045206357324274536445865308750491138538454154232826011964045825759324933943290377903384882276841880081931690695505836279972214003660451338124170055999155993192881685495391496854691199517389593073052473319331505702779271, spkey.value[0].value)
|
131
|
-
assert_equal(OpenSSL::ASN1::Integer, spkey.value[1].class)
|
132
|
-
assert_equal(65537, spkey.value[1].value)
|
133
|
-
|
134
|
-
extensions = tbs_cert.value[7]
|
135
|
-
assert_equal(:CONTEXT_SPECIFIC, extensions.tag_class)
|
136
|
-
assert_equal(3, extensions.tag)
|
137
|
-
assert_equal(1, extensions.value.size)
|
138
|
-
assert_equal(OpenSSL::ASN1::Sequence, extensions.value[0].class)
|
139
|
-
assert_equal(3, extensions.value[0].value.size)
|
140
|
-
|
141
|
-
ext = extensions.value[0].value[0] # basicConstraints
|
142
|
-
assert_equal(OpenSSL::ASN1::Sequence, ext.class)
|
143
|
-
assert_equal(3, ext.value.size)
|
144
|
-
assert_equal(OpenSSL::ASN1::ObjectId, ext.value[0].class)
|
145
|
-
assert_equal("2.5.29.19", ext.value[0].oid)
|
146
|
-
assert_equal(OpenSSL::ASN1::Boolean, ext.value[1].class)
|
147
|
-
assert_equal(true, ext.value[1].value)
|
148
|
-
assert_equal(OpenSSL::ASN1::OctetString, ext.value[2].class)
|
149
|
-
extv = OpenSSL::ASN1.decode(ext.value[2].value)
|
150
|
-
assert_equal(OpenSSL::ASN1::Sequence, extv.class)
|
151
|
-
assert_equal(2, extv.value.size)
|
152
|
-
assert_equal(OpenSSL::ASN1::Boolean, extv.value[0].class)
|
153
|
-
assert_equal(true, extv.value[0].value)
|
154
|
-
assert_equal(OpenSSL::ASN1::Integer, extv.value[1].class)
|
155
|
-
assert_equal(1, extv.value[1].value)
|
156
|
-
|
157
|
-
ext = extensions.value[0].value[1] # keyUsage
|
158
|
-
assert_equal(OpenSSL::ASN1::Sequence, ext.class)
|
159
|
-
assert_equal(3, ext.value.size)
|
160
|
-
assert_equal(OpenSSL::ASN1::ObjectId, ext.value[0].class)
|
161
|
-
assert_equal("2.5.29.15", ext.value[0].oid)
|
162
|
-
assert_equal(OpenSSL::ASN1::Boolean, ext.value[1].class)
|
163
|
-
assert_equal(true, ext.value[1].value)
|
164
|
-
assert_equal(OpenSSL::ASN1::OctetString, ext.value[2].class)
|
165
|
-
extv = OpenSSL::ASN1.decode(ext.value[2].value)
|
166
|
-
assert_equal(OpenSSL::ASN1::BitString, extv.class)
|
167
|
-
str = "\000"; str[0] = 0b00000110.chr
|
168
|
-
assert_equal(str, extv.value)
|
169
|
-
|
170
|
-
ext = extensions.value[0].value[2] # subjetKeyIdentifier
|
171
|
-
assert_equal(OpenSSL::ASN1::Sequence, ext.class)
|
172
|
-
assert_equal(2, ext.value.size)
|
173
|
-
assert_equal(OpenSSL::ASN1::ObjectId, ext.value[0].class)
|
174
|
-
assert_equal("2.5.29.14", ext.value[0].oid)
|
175
|
-
assert_equal(OpenSSL::ASN1::OctetString, ext.value[1].class)
|
176
|
-
extv = OpenSSL::ASN1.decode(ext.value[1].value)
|
177
|
-
assert_equal(OpenSSL::ASN1::OctetString, extv.class)
|
178
|
-
sha1 = OpenSSL::Digest::SHA1.new
|
179
|
-
sha1.update(pkey.value[1].value)
|
180
|
-
assert_equal(sha1.digest, extv.value)
|
181
|
-
|
182
|
-
assert_equal(OpenSSL::ASN1::Sequence, sig_alg.class)
|
183
|
-
assert_equal(2, sig_alg.value.size)
|
184
|
-
assert_equal(OpenSSL::ASN1::ObjectId, pkey.value[0].value[0].class)
|
185
|
-
assert_equal("1.2.840.113549.1.1.1", pkey.value[0].value[0].oid)
|
186
|
-
assert_equal(OpenSSL::ASN1::Null, pkey.value[0].value[1].class)
|
187
|
-
|
188
|
-
assert_equal(OpenSSL::ASN1::BitString, sig_val.class)
|
189
|
-
cululated_sig = key.sign(OpenSSL::Digest::SHA1.new, tbs_cert.to_der)
|
190
|
-
assert_equal(cululated_sig, sig_val.value)
|
191
|
-
end
|
192
|
-
|
193
|
-
def test_encode_boolean
|
194
|
-
encode_decode_test(OpenSSL::ASN1::Boolean, [true, false])
|
195
|
-
end
|
196
|
-
|
197
|
-
def test_encode_integer
|
198
|
-
encode_decode_test(OpenSSL::ASN1::Integer, [72, -127, -128, 128, -1, 0, 1, -(2**12345), 2**12345])
|
199
|
-
end
|
200
|
-
|
201
|
-
def encode_decode_test(type, values)
|
202
|
-
values.each do |v|
|
203
|
-
assert_equal(v, OpenSSL::ASN1.decode(type.new(v).to_der).value)
|
204
|
-
end
|
205
|
-
end
|
206
|
-
|
207
|
-
def test_decode_pem #should fail gracefully (cf. [ruby-dev:44542])
|
208
|
-
pem = <<-_EOS_
|
209
|
-
-----BEGIN CERTIFICATE-----
|
210
|
-
MIIC8zCCAdugAwIBAgIBATANBgkqhkiG9w0BAQUFADA9MRMwEQYKCZImiZPyLGQB
|
211
|
-
GRYDb3JnMRkwFwYKCZImiZPyLGQBGRYJcnVieS1sYW5nMQswCQYDVQQDDAJDQTAe
|
212
|
-
Fw0xMTA5MjUxMzQ4MjZaFw0xMTA5MjUxNDQ4MjZaMD0xEzARBgoJkiaJk/IsZAEZ
|
213
|
-
FgNvcmcxGTAXBgoJkiaJk/IsZAEZFglydWJ5LWxhbmcxCzAJBgNVBAMMAkNBMIIB
|
214
|
-
IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuV9ht9J7k4NBs38jOXvvTKY9
|
215
|
-
gW8nLICSno5EETR1cuF7i4pNs9I1QJGAFAX0BEO4KbzXmuOvfCpD3CU+Slp1enen
|
216
|
-
fzq/t/e/1IRW0wkJUJUFQign4CtrkJL+P07yx18UjyPlBXb81ApEmAB5mrJVSrWm
|
217
|
-
qbjs07JbuS4QQGGXLc+Su96DkYKmSNVjBiLxVVSpyZfAY3hD37d60uG+X8xdW5v6
|
218
|
-
8JkRFIhdGlb6JL8fllf/A/blNwdJOhVr9mESHhwGjwfSeTDPfd8ZLE027E5lyAVX
|
219
|
-
9KZYcU00mOX+fdxOSnGqS/8JDRh0EPHDL15RcJjV2J6vZjPb0rOYGDoMcH+94wID
|
220
|
-
AQABMA0GCSqGSIb3DQEBBQUAA4IBAQAiAtrIr1pLX4GYN5klviWKb8HC9ICYuAFI
|
221
|
-
NfE3FwqzErEVXotuMe3yPVyB3Bv6rjYY/x5EtS5+WPTbHlvHZTkfcsnTpizcn4mW
|
222
|
-
dJ6dDRaFCHt1YKKjUxqBt9lvvrc3nReYZN/P+s1mrDhWzGf8iPZgf8sFUHgnaK7W
|
223
|
-
CXRVXmPFgCDRNpDDVQ0MQkr509yYfTH+dujNzqTCwSvkyZFyQ7Oe8Yj0VR6kquG3
|
224
|
-
rEzBQ0F9dUyqQ9gyRg8KHhDfv9HzT1d/rnUZMkoombwYBRIUChGCYV0GnJcan2Zm
|
225
|
-
/93PnPG1IvPjYNd5VlV+sXSnaxQn974HRCsMv7jA8BD6IgSaX6WK
|
226
|
-
-----END CERTIFICATE-----
|
227
|
-
_EOS_
|
228
|
-
assert_raise(OpenSSL::ASN1::ASN1Error) { OpenSSL::ASN1.decode(pem) }
|
229
|
-
assert_raise(OpenSSL::ASN1::ASN1Error) { OpenSSL::ASN1.decode_all(pem) }
|
230
|
-
end
|
231
|
-
|
232
|
-
def test_primitive_cannot_set_infinite_length
|
233
|
-
begin
|
234
|
-
prim = OpenSSL::ASN1::Integer.new(50)
|
235
|
-
assert_equal(false, prim.infinite_length)
|
236
|
-
prim.infinite_length = true
|
237
|
-
flunk('Could set infinite length on primitive value')
|
238
|
-
rescue NoMethodError => e
|
239
|
-
#ok
|
240
|
-
end
|
241
|
-
end
|
242
|
-
|
243
|
-
def test_decode_all
|
244
|
-
expected = %w{ 02 01 01 02 01 02 02 01 03 }
|
245
|
-
raw = [expected.join('')].pack('H*')
|
246
|
-
ary = OpenSSL::ASN1.decode_all(raw)
|
247
|
-
assert_equal(3, ary.size)
|
248
|
-
ary.each_with_index do |asn1, i|
|
249
|
-
assert_universal(OpenSSL::ASN1::INTEGER, asn1)
|
250
|
-
assert_equal(i + 1, asn1.value)
|
251
|
-
end
|
252
|
-
end
|
253
|
-
|
254
|
-
def test_create_inf_length_primitive
|
255
|
-
expected = %w{ 24 80 04 01 61 00 00 }
|
256
|
-
raw = [expected.join('')].pack('H*')
|
257
|
-
val = OpenSSL::ASN1::OctetString.new('a')
|
258
|
-
cons = OpenSSL::ASN1::Constructive.new([val,
|
259
|
-
OpenSSL::ASN1::EndOfContent.new],
|
260
|
-
OpenSSL::ASN1::OCTET_STRING,
|
261
|
-
nil,
|
262
|
-
:UNIVERSAL)
|
263
|
-
cons.infinite_length = true
|
264
|
-
assert_equal(nil, cons.tagging)
|
265
|
-
assert_equal(raw, cons.to_der)
|
266
|
-
asn1 = OpenSSL::ASN1.decode(raw)
|
267
|
-
assert(asn1.infinite_length)
|
268
|
-
assert_equal(raw, asn1.to_der)
|
269
|
-
end
|
270
|
-
|
271
|
-
def test_cons_without_inf_length_forbidden
|
272
|
-
assert_raise(OpenSSL::ASN1::ASN1Error) do
|
273
|
-
val = OpenSSL::ASN1::OctetString.new('a')
|
274
|
-
cons = OpenSSL::ASN1::Constructive.new([val],
|
275
|
-
OpenSSL::ASN1::OCTET_STRING,
|
276
|
-
nil,
|
277
|
-
:UNIVERSAL)
|
278
|
-
cons.to_der
|
279
|
-
end
|
280
|
-
end
|
281
|
-
|
282
|
-
def test_cons_without_array_forbidden
|
283
|
-
assert_raise(OpenSSL::ASN1::ASN1Error) do
|
284
|
-
val = OpenSSL::ASN1::OctetString.new('a')
|
285
|
-
cons = OpenSSL::ASN1::Constructive.new(val,
|
286
|
-
OpenSSL::ASN1::OCTET_STRING,
|
287
|
-
nil,
|
288
|
-
:UNIVERSAL)
|
289
|
-
cons.infinite_length = true
|
290
|
-
cons.to_der
|
291
|
-
end
|
292
|
-
end
|
293
|
-
|
294
|
-
def test_parse_empty_sequence
|
295
|
-
expected = %w{ A0 07 30 02 30 00 02 01 00 }
|
296
|
-
raw = [expected.join('')].pack('H*')
|
297
|
-
asn1 = OpenSSL::ASN1.decode(raw)
|
298
|
-
assert_equal(raw, asn1.to_der)
|
299
|
-
assert_equal(2, asn1.value.size)
|
300
|
-
seq = asn1.value[0]
|
301
|
-
assert_equal(1, seq.value.size)
|
302
|
-
inner_seq = seq.value[0]
|
303
|
-
assert_equal(0, inner_seq.value.size)
|
304
|
-
end
|
305
|
-
|
306
|
-
def test_parse_tagged_0_infinite
|
307
|
-
expected = %w{ 30 80 02 01 01 80 01 02 00 00 }
|
308
|
-
raw = [expected.join('')].pack('H*')
|
309
|
-
asn1 = OpenSSL::ASN1.decode(raw)
|
310
|
-
assert_equal(3, asn1.value.size)
|
311
|
-
int = asn1.value[0]
|
312
|
-
assert_universal(OpenSSL::ASN1::INTEGER, int)
|
313
|
-
tagged = asn1.value[1]
|
314
|
-
assert_equal(0, tagged.tag)
|
315
|
-
assert_universal(OpenSSL::ASN1::EOC, asn1.value[2])
|
316
|
-
assert_equal(raw, asn1.to_der)
|
317
|
-
end
|
318
|
-
|
319
|
-
def test_seq_infinite_length
|
320
|
-
begin
|
321
|
-
content = [ OpenSSL::ASN1::Null.new(nil),
|
322
|
-
OpenSSL::ASN1::EndOfContent.new ]
|
323
|
-
cons = OpenSSL::ASN1::Sequence.new(content)
|
324
|
-
cons.infinite_length = true
|
325
|
-
expected = %w{ 30 80 05 00 00 00 }
|
326
|
-
raw = [expected.join('')].pack('H*')
|
327
|
-
assert_equal(raw, cons.to_der)
|
328
|
-
assert_equal(raw, OpenSSL::ASN1.decode(raw).to_der)
|
329
|
-
end
|
330
|
-
end
|
331
|
-
|
332
|
-
def test_set_infinite_length
|
333
|
-
begin
|
334
|
-
content = [ OpenSSL::ASN1::Null.new(nil),
|
335
|
-
OpenSSL::ASN1::EndOfContent.new() ]
|
336
|
-
cons = OpenSSL::ASN1::Set.new(content)
|
337
|
-
cons.infinite_length = true
|
338
|
-
expected = %w{ 31 80 05 00 00 00 }
|
339
|
-
raw = [expected.join('')].pack('H*')
|
340
|
-
assert_equal(raw, cons.to_der)
|
341
|
-
assert_equal(raw, OpenSSL::ASN1.decode(raw).to_der)
|
342
|
-
end
|
343
|
-
end
|
344
|
-
|
345
|
-
def test_octet_string_infinite_length
|
346
|
-
begin
|
347
|
-
octets = [ OpenSSL::ASN1::OctetString.new('aaa'),
|
348
|
-
OpenSSL::ASN1::EndOfContent.new() ]
|
349
|
-
cons = OpenSSL::ASN1::Constructive.new(
|
350
|
-
octets,
|
351
|
-
OpenSSL::ASN1::OCTET_STRING,
|
352
|
-
nil,
|
353
|
-
:UNIVERSAL)
|
354
|
-
cons.infinite_length = true
|
355
|
-
expected = %w{ 24 80 04 03 61 61 61 00 00 }
|
356
|
-
raw = [expected.join('')].pack('H*')
|
357
|
-
assert_equal(raw, cons.to_der)
|
358
|
-
assert_equal(raw, OpenSSL::ASN1.decode(raw).to_der)
|
359
|
-
end
|
360
|
-
end
|
361
|
-
|
362
|
-
def test_prim_explicit_tagging
|
363
|
-
begin
|
364
|
-
oct_str = OpenSSL::ASN1::OctetString.new("a", 0, :EXPLICIT)
|
365
|
-
expected = %w{ A0 03 04 01 61 }
|
366
|
-
raw = [expected.join('')].pack('H*')
|
367
|
-
assert_equal(raw, oct_str.to_der)
|
368
|
-
assert_equal(raw, OpenSSL::ASN1.decode(raw).to_der)
|
369
|
-
end
|
370
|
-
end
|
371
|
-
|
372
|
-
def test_prim_explicit_tagging_tag_class
|
373
|
-
begin
|
374
|
-
oct_str = OpenSSL::ASN1::OctetString.new("a", 0, :EXPLICIT)
|
375
|
-
oct_str2 = OpenSSL::ASN1::OctetString.new(
|
376
|
-
"a",
|
377
|
-
0,
|
378
|
-
:EXPLICIT,
|
379
|
-
:CONTEXT_SPECIFIC)
|
380
|
-
assert_equal(oct_str.to_der, oct_str2.to_der)
|
381
|
-
end
|
382
|
-
end
|
383
|
-
|
384
|
-
def test_prim_implicit_tagging
|
385
|
-
begin
|
386
|
-
int = OpenSSL::ASN1::Integer.new(1, 0, :IMPLICIT)
|
387
|
-
expected = %w{ 80 01 01 }
|
388
|
-
raw = [expected.join('')].pack('H*')
|
389
|
-
assert_equal(raw, int.to_der)
|
390
|
-
assert_equal(raw, OpenSSL::ASN1.decode(raw).to_der)
|
391
|
-
end
|
392
|
-
end
|
393
|
-
|
394
|
-
def test_prim_implicit_tagging_tag_class
|
395
|
-
begin
|
396
|
-
int = OpenSSL::ASN1::Integer.new(1, 0, :IMPLICIT)
|
397
|
-
int2 = OpenSSL::ASN1::Integer.new(1, 0, :IMPLICIT, :CONTEXT_SPECIFIC);
|
398
|
-
assert_equal(int.to_der, int2.to_der)
|
399
|
-
end
|
400
|
-
end
|
401
|
-
|
402
|
-
def test_cons_explicit_tagging
|
403
|
-
begin
|
404
|
-
content = [ OpenSSL::ASN1::PrintableString.new('abc') ]
|
405
|
-
seq = OpenSSL::ASN1::Sequence.new(content, 2, :EXPLICIT)
|
406
|
-
expected = %w{ A2 07 30 05 13 03 61 62 63 }
|
407
|
-
raw = [expected.join('')].pack('H*')
|
408
|
-
assert_equal(raw, seq.to_der)
|
409
|
-
assert_equal(raw, OpenSSL::ASN1.decode(raw).to_der)
|
410
|
-
end
|
411
|
-
end
|
412
|
-
|
413
|
-
def test_cons_explicit_tagging_inf_length
|
414
|
-
begin
|
415
|
-
content = [ OpenSSL::ASN1::PrintableString.new('abc') ,
|
416
|
-
OpenSSL::ASN1::EndOfContent.new() ]
|
417
|
-
seq = OpenSSL::ASN1::Sequence.new(content, 2, :EXPLICIT)
|
418
|
-
seq.infinite_length = true
|
419
|
-
expected = %w{ A2 80 30 80 13 03 61 62 63 00 00 00 00 }
|
420
|
-
raw = [expected.join('')].pack('H*')
|
421
|
-
assert_equal(raw, seq.to_der)
|
422
|
-
assert_equal(raw, OpenSSL::ASN1.decode(raw).to_der)
|
423
|
-
end
|
424
|
-
end
|
425
|
-
|
426
|
-
def test_cons_implicit_tagging
|
427
|
-
begin
|
428
|
-
content = [ OpenSSL::ASN1::Null.new(nil) ]
|
429
|
-
seq = OpenSSL::ASN1::Sequence.new(content, 1, :IMPLICIT)
|
430
|
-
expected = %w{ A1 02 05 00 }
|
431
|
-
raw = [expected.join('')].pack('H*')
|
432
|
-
assert_equal(raw, seq.to_der)
|
433
|
-
assert_equal(raw, OpenSSL::ASN1.decode(raw).to_der)
|
434
|
-
end
|
435
|
-
end
|
436
|
-
|
437
|
-
def test_cons_implicit_tagging_inf_length
|
438
|
-
begin
|
439
|
-
content = [ OpenSSL::ASN1::Null.new(nil),
|
440
|
-
OpenSSL::ASN1::EndOfContent.new() ]
|
441
|
-
seq = OpenSSL::ASN1::Sequence.new(content, 1, :IMPLICIT)
|
442
|
-
seq.infinite_length = true
|
443
|
-
expected = %w{ A1 80 05 00 00 00 }
|
444
|
-
raw = [expected.join('')].pack('H*')
|
445
|
-
assert_equal(raw, seq.to_der)
|
446
|
-
assert_equal(raw, OpenSSL::ASN1.decode(raw).to_der)
|
447
|
-
end
|
448
|
-
end
|
449
|
-
|
450
|
-
def test_octet_string_infinite_length_explicit_tagging
|
451
|
-
begin
|
452
|
-
octets = [ OpenSSL::ASN1::OctetString.new('aaa'),
|
453
|
-
OpenSSL::ASN1::EndOfContent.new() ]
|
454
|
-
cons = OpenSSL::ASN1::Constructive.new(
|
455
|
-
octets,
|
456
|
-
1,
|
457
|
-
:EXPLICIT)
|
458
|
-
cons.infinite_length = true
|
459
|
-
expected = %w{ A1 80 24 80 04 03 61 61 61 00 00 00 00 }
|
460
|
-
raw = [expected.join('')].pack('H*')
|
461
|
-
assert_equal(raw, cons.to_der)
|
462
|
-
assert_equal(raw, OpenSSL::ASN1.decode(raw).to_der)
|
463
|
-
end
|
464
|
-
end
|
465
|
-
|
466
|
-
def test_octet_string_infinite_length_implicit_tagging
|
467
|
-
begin
|
468
|
-
octets = [ OpenSSL::ASN1::OctetString.new('aaa'),
|
469
|
-
OpenSSL::ASN1::EndOfContent.new() ]
|
470
|
-
cons = OpenSSL::ASN1::Constructive.new(
|
471
|
-
octets,
|
472
|
-
0,
|
473
|
-
:IMPLICIT)
|
474
|
-
cons.infinite_length = true
|
475
|
-
expected = %w{ A0 80 04 03 61 61 61 00 00 }
|
476
|
-
raw = [expected.join('')].pack('H*')
|
477
|
-
assert_equal(raw, cons.to_der)
|
478
|
-
assert_equal(raw, OpenSSL::ASN1.decode(raw).to_der)
|
479
|
-
end
|
480
|
-
end
|
481
|
-
|
482
|
-
def test_recursive_octet_string_infinite_length
|
483
|
-
begin
|
484
|
-
octets_sub1 = [ OpenSSL::ASN1::OctetString.new("\x01"),
|
485
|
-
OpenSSL::ASN1::EndOfContent.new() ]
|
486
|
-
octets_sub2 = [ OpenSSL::ASN1::OctetString.new("\x02"),
|
487
|
-
OpenSSL::ASN1::EndOfContent.new() ]
|
488
|
-
container1 = OpenSSL::ASN1::Constructive.new(
|
489
|
-
octets_sub1,
|
490
|
-
OpenSSL::ASN1::OCTET_STRING,
|
491
|
-
nil,
|
492
|
-
:UNIVERSAL)
|
493
|
-
container1.infinite_length = true
|
494
|
-
container2 = OpenSSL::ASN1::Constructive.new(
|
495
|
-
octets_sub2,
|
496
|
-
OpenSSL::ASN1::OCTET_STRING,
|
497
|
-
nil,
|
498
|
-
:UNIVERSAL)
|
499
|
-
container2.infinite_length = true
|
500
|
-
octets3 = OpenSSL::ASN1::OctetString.new("\x03")
|
501
|
-
|
502
|
-
octets = [ container1, container2, octets3,
|
503
|
-
OpenSSL::ASN1::EndOfContent.new() ]
|
504
|
-
cons = OpenSSL::ASN1::Constructive.new(
|
505
|
-
octets,
|
506
|
-
OpenSSL::ASN1::OCTET_STRING,
|
507
|
-
nil,
|
508
|
-
:UNIVERSAL)
|
509
|
-
cons.infinite_length = true
|
510
|
-
expected = %w{ 24 80 24 80 04 01 01 00 00 24 80 04 01 02 00 00 04 01 03 00 00 }
|
511
|
-
raw = [expected.join('')].pack('H*')
|
512
|
-
assert_equal(raw, cons.to_der)
|
513
|
-
assert_equal(raw, OpenSSL::ASN1.decode(raw).to_der)
|
514
|
-
end
|
515
|
-
end
|
516
|
-
|
517
|
-
def test_bit_string_infinite_length
|
518
|
-
begin
|
519
|
-
content = [ OpenSSL::ASN1::BitString.new("\x01"),
|
520
|
-
OpenSSL::ASN1::EndOfContent.new() ]
|
521
|
-
cons = OpenSSL::ASN1::Constructive.new(
|
522
|
-
content,
|
523
|
-
OpenSSL::ASN1::BIT_STRING,
|
524
|
-
nil,
|
525
|
-
:UNIVERSAL)
|
526
|
-
cons.infinite_length = true
|
527
|
-
expected = %w{ 23 80 03 02 00 01 00 00 }
|
528
|
-
raw = [expected.join('')].pack('H*')
|
529
|
-
assert_equal(raw, cons.to_der)
|
530
|
-
assert_equal(raw, OpenSSL::ASN1.decode(raw).to_der)
|
531
|
-
end
|
532
|
-
end
|
533
|
-
|
534
|
-
def test_primitive_inf_length
|
535
|
-
assert_raises(OpenSSL::ASN1::ASN1Error) do
|
536
|
-
spec = %w{ 02 80 02 01 01 00 00 }
|
537
|
-
raw = [spec.join('')].pack('H*')
|
538
|
-
OpenSSL::ASN1.decode(raw)
|
539
|
-
OpenSSL::ASN1.decode_all(raw)
|
540
|
-
end
|
541
|
-
end
|
542
|
-
|
543
|
-
def test_recursive_octet_string_parse
|
544
|
-
test = %w{ 24 80 24 80 04 01 01 00 00 24 80 04 01 02 00 00 04 01 03 00 00 }
|
545
|
-
raw = [test.join('')].pack('H*')
|
546
|
-
asn1 = OpenSSL::ASN1.decode(raw)
|
547
|
-
assert_equal(OpenSSL::ASN1::Constructive, asn1.class)
|
548
|
-
assert_universal(OpenSSL::ASN1::OCTET_STRING, asn1)
|
549
|
-
assert_equal(true, asn1.infinite_length)
|
550
|
-
assert_equal(4, asn1.value.size)
|
551
|
-
nested1 = asn1.value[0]
|
552
|
-
assert_equal(OpenSSL::ASN1::Constructive, nested1.class)
|
553
|
-
assert_universal(OpenSSL::ASN1::OCTET_STRING, nested1)
|
554
|
-
assert_equal(true, nested1.infinite_length)
|
555
|
-
assert_equal(2, nested1.value.size)
|
556
|
-
oct1 = nested1.value[0]
|
557
|
-
assert_universal(OpenSSL::ASN1::OCTET_STRING, oct1)
|
558
|
-
assert_equal(false, oct1.infinite_length)
|
559
|
-
assert_universal(OpenSSL::ASN1::EOC, nested1.value[1])
|
560
|
-
assert_equal(false, nested1.value[1].infinite_length)
|
561
|
-
nested2 = asn1.value[1]
|
562
|
-
assert_equal(OpenSSL::ASN1::Constructive, nested2.class)
|
563
|
-
assert_universal(OpenSSL::ASN1::OCTET_STRING, nested2)
|
564
|
-
assert_equal(true, nested2.infinite_length)
|
565
|
-
assert_equal(2, nested2.value.size)
|
566
|
-
oct2 = nested2.value[0]
|
567
|
-
assert_universal(OpenSSL::ASN1::OCTET_STRING, oct2)
|
568
|
-
assert_equal(false, oct2.infinite_length)
|
569
|
-
assert_universal(OpenSSL::ASN1::EOC, nested2.value[1])
|
570
|
-
assert_equal(false, nested2.value[1].infinite_length)
|
571
|
-
oct3 = asn1.value[2]
|
572
|
-
assert_universal(OpenSSL::ASN1::OCTET_STRING, oct3)
|
573
|
-
assert_equal(false, oct3.infinite_length)
|
574
|
-
assert_universal(OpenSSL::ASN1::EOC, asn1.value[3])
|
575
|
-
assert_equal(false, asn1.value[3].infinite_length)
|
576
|
-
end
|
577
|
-
|
578
|
-
private
|
579
|
-
|
580
|
-
def assert_universal(tag, asn1)
|
581
|
-
assert_equal(tag, asn1.tag)
|
582
|
-
if asn1.respond_to?(:tagging)
|
583
|
-
assert_nil(asn1.tagging)
|
584
|
-
end
|
585
|
-
assert_equal(:UNIVERSAL, asn1.tag_class)
|
586
|
-
end
|
587
|
-
|
588
|
-
end if defined?(OpenSSL)
|
589
|
-
|