krypt 0.0.1

data/spec/res/certificate.pem

@@ -0,0 +1,20 @@
+-----BEGIN CERTIFICATE-----
+MIIDPTCCAiWgAwIBAgIBAzANBgkqhkiG9w0BAQQFADA9MRMwEQYKCZImiZPyLGQB
+GRYDb3JnMRkwFwYKCZImiZPyLGQBGRYJcnVieS1sYW5nMQswCQYDVQQDDAJDQTAe
+Fw0xMTEwMjkxNTM2MzJaFw0xMTEwMjkxNjA2MzJaMD4xEzARBgoJkiaJk/IsZAEZ
+FgNvcmcxGTAXBgoJkiaJk/IsZAEZFglydWJ5LWxhbmcxDDAKBgNVBAMMA0VFMjCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAy8LEsNRApz7U/j5DoB4XBgO9Z8At
+v5y/OVQRp0ag8Tqo1YewsWijxEWB7JOATwpBN267U4T1nPZIxxEEO7n/WNa2ws9J
+Wsjah8ssEBFSxZqdXKSLf0N4Hi7/GQ/aYoaMCiQ8jA4jegK2FJmXM71uPe+jFN/p
+eeBOpRfyXxRFOYcCAwEAAaOByjCBxzAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0OBBYE
+FNH++fv4rhvBYMv6A+JZbdhzCJITME8GA1UdIwRIMEahQaQ/MD0xEzARBgoJkiaJ
+k/IsZAEZFgNvcmcxGTAXBgoJkiaJk/IsZAEZFglydWJ5LWxhbmcxCzAJBgNVBAMM
+AkNBggEBMCcGA1UdJQQgMB4GCCsGAQUFBwMCBggrBgEFBQcDBAYIKwYBBQUHAwMw
+HAYDVR0RBBUwE4ERZWUyQHJ1YnktbGFuZy5vcmcwDQYJKoZIhvcNAQEEBQADggEB
+ABLJKAS9nXFI3idP3dXXs8n4gLBrWHyaacklwnj8gvVoNtYQIICXODY/zQLtzfjx
+SQxlrOUtn0uYTzJUNc+NLfc8EzcVDhmSWhq+msCFEyhL5+kBceFj2ZI8f9OuQ87m
+zy1yqE1jxP1fsGDZ3Cqny86jJvwRzPW6NkPtkFzS6ZYe09DXDZnUuZP8kVpn4Pit
+vHmj/XVKl4LGxlrebReqIn+m2K46uxUkQEDhk7R16SAl6N92W7vI/lXr98aVdfF4
+Ozmrzopvt+XbjtvJztDNhpG0G/celhgAOzNx/eq3wl89qHIa+9vvVbFZ0BdYUHai
+z+64/9KqwBAeA66J6k7l7C0=
+-----END CERTIFICATE-----

data/spec/res/multiple_certs.pem

@@ -0,0 +1,60 @@
+-----BEGIN CERTIFICATE-----
+MIIDPTCCAiWgAwIBAgIBAzANBgkqhkiG9w0BAQQFADA9MRMwEQYKCZImiZPyLGQB
+GRYDb3JnMRkwFwYKCZImiZPyLGQBGRYJcnVieS1sYW5nMQswCQYDVQQDDAJDQTAe
+Fw0xMTEwMjkxNTM2MzJaFw0xMTEwMjkxNjA2MzJaMD4xEzARBgoJkiaJk/IsZAEZ
+FgNvcmcxGTAXBgoJkiaJk/IsZAEZFglydWJ5LWxhbmcxDDAKBgNVBAMMA0VFMjCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAy8LEsNRApz7U/j5DoB4XBgO9Z8At
+v5y/OVQRp0ag8Tqo1YewsWijxEWB7JOATwpBN267U4T1nPZIxxEEO7n/WNa2ws9J
+Wsjah8ssEBFSxZqdXKSLf0N4Hi7/GQ/aYoaMCiQ8jA4jegK2FJmXM71uPe+jFN/p
+eeBOpRfyXxRFOYcCAwEAAaOByjCBxzAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0OBBYE
+FNH++fv4rhvBYMv6A+JZbdhzCJITME8GA1UdIwRIMEahQaQ/MD0xEzARBgoJkiaJ
+k/IsZAEZFgNvcmcxGTAXBgoJkiaJk/IsZAEZFglydWJ5LWxhbmcxCzAJBgNVBAMM
+AkNBggEBMCcGA1UdJQQgMB4GCCsGAQUFBwMCBggrBgEFBQcDBAYIKwYBBQUHAwMw
+HAYDVR0RBBUwE4ERZWUyQHJ1YnktbGFuZy5vcmcwDQYJKoZIhvcNAQEEBQADggEB
+ABLJKAS9nXFI3idP3dXXs8n4gLBrWHyaacklwnj8gvVoNtYQIICXODY/zQLtzfjx
+SQxlrOUtn0uYTzJUNc+NLfc8EzcVDhmSWhq+msCFEyhL5+kBceFj2ZI8f9OuQ87m
+zy1yqE1jxP1fsGDZ3Cqny86jJvwRzPW6NkPtkFzS6ZYe09DXDZnUuZP8kVpn4Pit
+vHmj/XVKl4LGxlrebReqIn+m2K46uxUkQEDhk7R16SAl6N92W7vI/lXr98aVdfF4
+Ozmrzopvt+XbjtvJztDNhpG0G/celhgAOzNx/eq3wl89qHIa+9vvVbFZ0BdYUHai
+z+64/9KqwBAeA66J6k7l7C0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDPTCCAiWgAwIBAgIBAzANBgkqhkiG9w0BAQQFADA9MRMwEQYKCZImiZPyLGQB
+GRYDb3JnMRkwFwYKCZImiZPyLGQBGRYJcnVieS1sYW5nMQswCQYDVQQDDAJDQTAe
+Fw0xMTEwMjkxNTM2MzJaFw0xMTEwMjkxNjA2MzJaMD4xEzARBgoJkiaJk/IsZAEZ
+FgNvcmcxGTAXBgoJkiaJk/IsZAEZFglydWJ5LWxhbmcxDDAKBgNVBAMMA0VFMjCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAy8LEsNRApz7U/j5DoB4XBgO9Z8At
+v5y/OVQRp0ag8Tqo1YewsWijxEWB7JOATwpBN267U4T1nPZIxxEEO7n/WNa2ws9J
+Wsjah8ssEBFSxZqdXKSLf0N4Hi7/GQ/aYoaMCiQ8jA4jegK2FJmXM71uPe+jFN/p
+eeBOpRfyXxRFOYcCAwEAAaOByjCBxzAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0OBBYE
+FNH++fv4rhvBYMv6A+JZbdhzCJITME8GA1UdIwRIMEahQaQ/MD0xEzARBgoJkiaJ
+k/IsZAEZFgNvcmcxGTAXBgoJkiaJk/IsZAEZFglydWJ5LWxhbmcxCzAJBgNVBAMM
+AkNBggEBMCcGA1UdJQQgMB4GCCsGAQUFBwMCBggrBgEFBQcDBAYIKwYBBQUHAwMw
+HAYDVR0RBBUwE4ERZWUyQHJ1YnktbGFuZy5vcmcwDQYJKoZIhvcNAQEEBQADggEB
+ABLJKAS9nXFI3idP3dXXs8n4gLBrWHyaacklwnj8gvVoNtYQIICXODY/zQLtzfjx
+SQxlrOUtn0uYTzJUNc+NLfc8EzcVDhmSWhq+msCFEyhL5+kBceFj2ZI8f9OuQ87m
+zy1yqE1jxP1fsGDZ3Cqny86jJvwRzPW6NkPtkFzS6ZYe09DXDZnUuZP8kVpn4Pit
+vHmj/XVKl4LGxlrebReqIn+m2K46uxUkQEDhk7R16SAl6N92W7vI/lXr98aVdfF4
+Ozmrzopvt+XbjtvJztDNhpG0G/celhgAOzNx/eq3wl89qHIa+9vvVbFZ0BdYUHai
+z+64/9KqwBAeA66J6k7l7C0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIDPTCCAiWgAwIBAgIBAzANBgkqhkiG9w0BAQQFADA9MRMwEQYKCZImiZPyLGQB
+GRYDb3JnMRkwFwYKCZImiZPyLGQBGRYJcnVieS1sYW5nMQswCQYDVQQDDAJDQTAe
+Fw0xMTEwMjkxNTM2MzJaFw0xMTEwMjkxNjA2MzJaMD4xEzARBgoJkiaJk/IsZAEZ
+FgNvcmcxGTAXBgoJkiaJk/IsZAEZFglydWJ5LWxhbmcxDDAKBgNVBAMMA0VFMjCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAy8LEsNRApz7U/j5DoB4XBgO9Z8At
+v5y/OVQRp0ag8Tqo1YewsWijxEWB7JOATwpBN267U4T1nPZIxxEEO7n/WNa2ws9J
+Wsjah8ssEBFSxZqdXKSLf0N4Hi7/GQ/aYoaMCiQ8jA4jegK2FJmXM71uPe+jFN/p
+eeBOpRfyXxRFOYcCAwEAAaOByjCBxzAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0OBBYE
+FNH++fv4rhvBYMv6A+JZbdhzCJITME8GA1UdIwRIMEahQaQ/MD0xEzARBgoJkiaJ
+k/IsZAEZFgNvcmcxGTAXBgoJkiaJk/IsZAEZFglydWJ5LWxhbmcxCzAJBgNVBAMM
+AkNBggEBMCcGA1UdJQQgMB4GCCsGAQUFBwMCBggrBgEFBQcDBAYIKwYBBQUHAwMw
+HAYDVR0RBBUwE4ERZWUyQHJ1YnktbGFuZy5vcmcwDQYJKoZIhvcNAQEEBQADggEB
+ABLJKAS9nXFI3idP3dXXs8n4gLBrWHyaacklwnj8gvVoNtYQIICXODY/zQLtzfjx
+SQxlrOUtn0uYTzJUNc+NLfc8EzcVDhmSWhq+msCFEyhL5+kBceFj2ZI8f9OuQ87m
+zy1yqE1jxP1fsGDZ3Cqny86jJvwRzPW6NkPtkFzS6ZYe09DXDZnUuZP8kVpn4Pit
+vHmj/XVKl4LGxlrebReqIn+m2K46uxUkQEDhk7R16SAl6N92W7vI/lXr98aVdfF4
+Ozmrzopvt+XbjtvJztDNhpG0G/celhgAOzNx/eq3wl89qHIa+9vvVbFZ0BdYUHai
+z+64/9KqwBAeA66J6k7l7C0=
+-----END CERTIFICATE-----

data/spec/resources.rb

@@ -0,0 +1,66 @@
+require 'openssl'
+
+module Resources
+
+  CERTIFICATE_PEM = <<-_EOF_
+-----BEGIN CERTIFICATE-----
+MIIDPTCCAiWgAwIBAgIBAzANBgkqhkiG9w0BAQQFADA9MRMwEQYKCZImiZPyLGQB
+GRYDb3JnMRkwFwYKCZImiZPyLGQBGRYJcnVieS1sYW5nMQswCQYDVQQDDAJDQTAe
+Fw0xMTEwMjkxNTM2MzJaFw0xMTEwMjkxNjA2MzJaMD4xEzARBgoJkiaJk/IsZAEZ
+FgNvcmcxGTAXBgoJkiaJk/IsZAEZFglydWJ5LWxhbmcxDDAKBgNVBAMMA0VFMjCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAy8LEsNRApz7U/j5DoB4XBgO9Z8At
+v5y/OVQRp0ag8Tqo1YewsWijxEWB7JOATwpBN267U4T1nPZIxxEEO7n/WNa2ws9J
+Wsjah8ssEBFSxZqdXKSLf0N4Hi7/GQ/aYoaMCiQ8jA4jegK2FJmXM71uPe+jFN/p
+eeBOpRfyXxRFOYcCAwEAAaOByjCBxzAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0OBBYE
+FNH++fv4rhvBYMv6A+JZbdhzCJITME8GA1UdIwRIMEahQaQ/MD0xEzARBgoJkiaJ
+k/IsZAEZFgNvcmcxGTAXBgoJkiaJk/IsZAEZFglydWJ5LWxhbmcxCzAJBgNVBAMM
+AkNBggEBMCcGA1UdJQQgMB4GCCsGAQUFBwMCBggrBgEFBQcDBAYIKwYBBQUHAwMw
+HAYDVR0RBBUwE4ERZWUyQHJ1YnktbGFuZy5vcmcwDQYJKoZIhvcNAQEEBQADggEB
+ABLJKAS9nXFI3idP3dXXs8n4gLBrWHyaacklwnj8gvVoNtYQIICXODY/zQLtzfjx
+SQxlrOUtn0uYTzJUNc+NLfc8EzcVDhmSWhq+msCFEyhL5+kBceFj2ZI8f9OuQ87m
+zy1yqE1jxP1fsGDZ3Cqny86jJvwRzPW6NkPtkFzS6ZYe09DXDZnUuZP8kVpn4Pit
+vHmj/XVKl4LGxlrebReqIn+m2K46uxUkQEDhk7R16SAl6N92W7vI/lXr98aVdfF4
+Ozmrzopvt+XbjtvJztDNhpG0G/celhgAOzNx/eq3wl89qHIa+9vvVbFZ0BdYUHai
+z+64/9KqwBAeA66J6k7l7C0=
+-----END CERTIFICATE-----
+_EOF_
+
+  CERTIFICATE = OpenSSL::X509::Certificate.new CERTIFICATE_PEM 
+   
+  class << self
+    def certificate
+      CERTIFICATE.to_der
+    end
+
+    def certificate_pem
+      CERTIFICATE_PEM
+    end
+
+    def certificate_io
+      File.open(File.expand_path('res/certificate.cer', File.dirname(__FILE__)), "rb")
+    end
+
+    def certificate_pem_io
+      File.open(File.expand_path('res/certificate.pem', File.dirname(__FILE__)), "rb")
+    end
+
+    def multi_certificate_pem_io
+      File.open(File.expand_path('res/multiple_certs.pem', File.dirname(__FILE__)), "rb")
+    end
+
+    def ca_certificate_pem_io
+      File.open(File.expand_path('res/ca-bundle.crt', File.dirname(__FILE__)), "rb")
+    end
+
+    def bytes_to_io(str)
+      raw = [str.join('')].pack('H*')
+      StringIO.new raw  
+    end
+
+    def bytes(str)
+      [str.join('')].pack('H*')
+    end
+  end
+
+end
+

data/test/helper.rb

@@ -0,0 +1,8 @@
+begin
+  require 'simplecov'
+  SimpleCov.start
+rescue LoadError
+end
+require 'krypt'
+require 'test/unit'
+require_relative 'resources'

data/test/resources.rb

@@ -0,0 +1,48 @@
+require 'openssl'
+
+module Resources
+
+  CERTIFICATE = OpenSSL::X509::Certificate.new <<-_EOF_
+-----BEGIN CERTIFICATE-----
+MIIDPTCCAiWgAwIBAgIBAzANBgkqhkiG9w0BAQQFADA9MRMwEQYKCZImiZPyLGQB
+GRYDb3JnMRkwFwYKCZImiZPyLGQBGRYJcnVieS1sYW5nMQswCQYDVQQDDAJDQTAe
+Fw0xMTEwMjkxNTM2MzJaFw0xMTEwMjkxNjA2MzJaMD4xEzARBgoJkiaJk/IsZAEZ
+FgNvcmcxGTAXBgoJkiaJk/IsZAEZFglydWJ5LWxhbmcxDDAKBgNVBAMMA0VFMjCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAy8LEsNRApz7U/j5DoB4XBgO9Z8At
+v5y/OVQRp0ag8Tqo1YewsWijxEWB7JOATwpBN267U4T1nPZIxxEEO7n/WNa2ws9J
+Wsjah8ssEBFSxZqdXKSLf0N4Hi7/GQ/aYoaMCiQ8jA4jegK2FJmXM71uPe+jFN/p
+eeBOpRfyXxRFOYcCAwEAAaOByjCBxzAOBgNVHQ8BAf8EBAMCBeAwHQYDVR0OBBYE
+FNH++fv4rhvBYMv6A+JZbdhzCJITME8GA1UdIwRIMEahQaQ/MD0xEzARBgoJkiaJ
+k/IsZAEZFgNvcmcxGTAXBgoJkiaJk/IsZAEZFglydWJ5LWxhbmcxCzAJBgNVBAMM
+AkNBggEBMCcGA1UdJQQgMB4GCCsGAQUFBwMCBggrBgEFBQcDBAYIKwYBBQUHAwMw
+HAYDVR0RBBUwE4ERZWUyQHJ1YnktbGFuZy5vcmcwDQYJKoZIhvcNAQEEBQADggEB
+ABLJKAS9nXFI3idP3dXXs8n4gLBrWHyaacklwnj8gvVoNtYQIICXODY/zQLtzfjx
+SQxlrOUtn0uYTzJUNc+NLfc8EzcVDhmSWhq+msCFEyhL5+kBceFj2ZI8f9OuQ87m
+zy1yqE1jxP1fsGDZ3Cqny86jJvwRzPW6NkPtkFzS6ZYe09DXDZnUuZP8kVpn4Pit
+vHmj/XVKl4LGxlrebReqIn+m2K46uxUkQEDhk7R16SAl6N92W7vI/lXr98aVdfF4
+Ozmrzopvt+XbjtvJztDNhpG0G/celhgAOzNx/eq3wl89qHIa+9vvVbFZ0BdYUHai
+z+64/9KqwBAeA66J6k7l7C0=
+-----END CERTIFICATE-----
+_EOF_
+   
+  class << self
+    def certificate
+      CERTIFICATE.to_der
+    end
+
+    def certificate_io
+      File.new(File.expand_path('res/certificate.cer', File.dirname(__FILE__)))
+    end
+
+    def bytes_to_io(str)
+      raw = [str.join('')].pack('H*')
+      StringIO.new raw  
+    end
+
+    def bytes(str)
+      [str.join('')].pack('H*')
+    end
+  end
+
+end
+

data/test/scratch.rb

@@ -0,0 +1,28 @@
+# encoding: US-ASCII
+require 'krypt'
+require_relative 'resources'
+require 'openssl'
+require 'stringio'
+require 'pp'
+
+decoder = Krypt::ASN1
+
+stringio = StringIO.new(
+[
+  Krypt::ASN1::Null.new,
+  Krypt::ASN1::Integer.new(0)
+].map { |e| e.to_der }.join
+)
+c = Class.new do
+  def initialize(io)
+    @io = io
+  end
+
+  def read(*args)
+    @io.read(*args)
+  end
+end
+
+generic = c.new(stringio)
+p decoder.decode_der(generic)
+p decoder.decode_der(generic)

data/test/test_krypt_asn1.rb

@@ -0,0 +1,119 @@
+require_relative 'helper'
+require 'stringio'
+
+class Krypt::ASN1Test < Test::Unit::TestCase
+
+  def test_parse_encode_equality_file
+    io = Resources.certificate_io
+    begin
+      asn1 = Krypt::ASN1.decode(io)
+      cert = Resources.certificate
+      assert_equal(cert, asn1.to_der)
+      assert_equal_streaming(cert, asn1)
+    ensure
+      io.close
+    end
+  end
+
+  def test_parse_encode_equality_string_io
+    io = StringIO.new(Resources.certificate)
+    asn1 = Krypt::ASN1.decode(io)
+    cert = Resources.certificate
+    assert_equal(cert, asn1.to_der)
+    assert_equal_streaming(cert, asn1)
+  end
+
+  def test_parse_encode_equality_string
+    asn1 = Krypt::ASN1.decode(Resources.certificate)
+    cert = Resources.certificate
+    assert_equal(cert, asn1.to_der)
+    assert_equal_streaming(cert, asn1)
+  end
+
+  def test_attributes
+    raw = [%w{30 06 04 01 01 02 01 01}.join("")].pack("H*")
+    asn1 = Krypt::ASN1.decode(raw)
+    assert_universal(Krypt::ASN1::SEQUENCE, asn1)
+    seq = asn1.value
+    assert_equal(2, seq.size)
+    octet = seq[0]
+    assert_universal(Krypt::ASN1::OCTET_STRING, octet)
+    assert_equal("\1", octet.value)
+    integer = seq[1]
+    assert_universal(Krypt::ASN1::INTEGER, integer)
+    assert_equal(1, integer.value)
+    
+    assert_equal(raw, asn1.to_der)
+  end
+
+  def test_parse_infinite_length_sequence
+    raw = [%w{30 80 04 01 01 02 01 01 00 00}.join("")].pack("H*")
+    asn1 = Krypt::ASN1.decode(raw)
+    assert_universal(Krypt::ASN1::SEQUENCE, asn1, true)
+    seq = asn1.value
+    assert_equal(3, seq.size)
+    octet = seq[0]
+    assert_universal(Krypt::ASN1::OCTET_STRING, octet)
+    assert_equal("\1", octet.value)
+    integer = seq[1]
+    assert_universal(Krypt::ASN1::INTEGER, integer)
+    assert_equal(1, integer.value)
+    eoc = seq[2]
+    assert_universal(Krypt::ASN1::END_OF_CONTENTS, eoc)
+    assert_nil(eoc.value)
+    
+    assert_equal(raw, asn1.to_der)
+  end
+
+  def test_parse_infinite_length_octet_string
+    raw = [%w{24 80 04 01 01 04 01 02 00 00}.join("")].pack("H*")
+    asn1 = Krypt::ASN1.decode(raw)
+    assert_universal(Krypt::ASN1::OCTET_STRING, asn1, true)
+    assert_equal(true, asn1.is_a?(Krypt::ASN1::Constructive))
+    seq = asn1.value
+    assert_equal(3, seq.size)
+    octet1 = seq[0]
+    assert_universal(Krypt::ASN1::OCTET_STRING, octet1)
+    assert_equal("\1", octet1.value)
+    octet2 = seq[1]
+    assert_universal(Krypt::ASN1::OCTET_STRING, octet2)
+    assert_equal("\2", octet2.value)
+    eoc = seq[2]
+    assert_universal(Krypt::ASN1::END_OF_CONTENTS, eoc)
+    assert_nil(eoc.value)
+    
+    assert_equal(raw, asn1.to_der)
+  end
+
+  def test_each
+    [%w{30 06 04 01 01 02 01 01},
+     %w{31 06 04 01 01 02 01 01},
+     %w{24 80 04 01 01 04 01 02 00 00}].each do |raw|
+      val = [raw.join("")].pack("H*")
+      cons_header = Krypt::ASN1::Parser.new.next(StringIO.new(val))
+      io = StringIO.new
+      cons_header.encode_to(io)
+      asn1 = Krypt::ASN1.decode(val)
+      asn1.each do |val|
+        val.encode_to(io)
+      end
+      assert_equal(val, io.string.force_encoding("ASCII-8BIT"))
+    end
+  end
+
+  private
+
+  def assert_universal(tag, asn1, inf_len=false)
+    assert_equal(tag, asn1.tag)
+    assert_equal(:UNIVERSAL, asn1.tag_class)
+    assert_equal(inf_len, asn1.infinite_length)
+  end
+
+  def assert_equal_streaming(raw, asn1)
+    io = StringIO.new
+    asn1.encode_to(io)
+    assert_equal(raw, io.string.force_encoding("ASCII-8BIT"))
+  end
+
+end
+

data/test/test_krypt_parser.rb

@@ -0,0 +1,331 @@
+require_relative 'helper'
+require 'stringio'
+
+class Krypt::ParserTest < Test::Unit::TestCase
+
+  def test_parse_and_skip_top_level_file
+    parse_and_skip_top_level(Resources.certificate_io)
+  end
+
+  def test_parse_and_skip_top_level_string_io
+    parse_and_skip_top_level(StringIO.new(Resources.certificate))
+  end
+
+  def test_parse_and_skip_file
+    parse_and_skip(Resources.certificate_io)
+  end
+
+  def test_parse_and_skip_string_io
+    parse_and_skip(StringIO.new(Resources.certificate))
+  end
+
+  def test_consume_top_level_streaming_file
+    consume_top_level_streaming(Resources.certificate_io)
+  end
+
+  def test_consume_top_level_streaming_string_io
+    consume_top_level_streaming(StringIO.new(Resources.certificate))
+  end
+
+  def test_consume_top_level_at_once_file
+    consume_top_level_at_once(Resources.certificate_io)
+  end
+
+  def test_consume_top_level_at_once_string_io
+    consume_top_level_at_once(StringIO.new(Resources.certificate))
+  end
+
+  def test_consume_all_streaming_file
+    consume_all_streaming(Resources.certificate_io)
+  end
+
+  def test_consume_all_streaming_string_io
+    consume_all_streaming(StringIO.new(Resources.certificate))
+  end
+
+  def test_consume_all_at_once_file
+    consume_all_at_once(Resources.certificate_io)
+  end
+
+  def test_consume_all_at_once_string_io
+    consume_all_at_once(StringIO.new(Resources.certificate))
+  end
+
+  def test_parse_tokens_methods_file
+    parse_tokens_test_methods(Resources.certificate_io)
+  end
+
+  def test_parse_tokens_methods_string_io
+    parse_tokens_test_methods(StringIO.new(Resources.certificate))
+  end
+
+  def test_parse_primitive
+    raw = [%w{02 02 01 00}.join("")].pack("H*")
+    parser = Krypt::ASN1::Parser.new
+    io = StringIO.new(raw)
+    header = parser.next(io)
+    assert_equal(Krypt::ASN1::INTEGER, header.tag)
+    assert_equal(:UNIVERSAL, header.tag_class)
+    assert_equal(false, header.constructed?)
+    assert_equal(false, header.infinite?)
+    assert_equal(2, header.length)
+    assert_equal(2, header.header_length)
+    assert_header_value_equal(raw, header)
+  end
+
+  def test_parse_constructed
+    raw = [%w{30 06 04 01 01 04 01 02}.join("")].pack("H*")
+    parser = Krypt::ASN1::Parser.new
+    io = StringIO.new(raw)
+    header = parser.next(io)
+    assert_equal(Krypt::ASN1::SEQUENCE, header.tag)
+    assert_equal(:UNIVERSAL, header.tag_class)
+    assert_equal(true, header.constructed?)
+    assert_equal(false, header.infinite?)
+    assert_equal(6, header.length)
+    assert_equal(2, header.header_length)
+    assert_header_value_equal(raw, header)
+  end
+
+  def test_parse_constructed
+    raw = [%w{30 02 80 01 00}.join("")].pack("H*")
+    parser = Krypt::ASN1::Parser.new
+    io = StringIO.new(raw)
+    header = parser.next(io)
+    assert_equal(Krypt::ASN1::SEQUENCE, header.tag)
+    assert_equal(:UNIVERSAL, header.tag_class)
+    assert_equal(true, header.constructed?)
+    assert_equal(false, header.infinite?)
+    assert_equal(2, header.length)
+    assert_equal(2, header.header_length)
+    header = parser.next(io)
+    assert_equal(0, header.tag)
+    assert_equal(:CONTEXT_SPECIFIC, header.tag_class)
+    assert_equal(false, header.constructed?)
+    assert_equal(false, header.infinite?)
+    assert_equal(1, header.length)
+    assert_equal(2, header.header_length)
+    assert_equal("\0", header.value)
+    assert_nil(parser.next(io))
+  end
+
+  def test_complex_length
+    raw = [%w{04 82 03 e8}.join("")].pack("H*")
+    raw << "\0" * 1000
+    io = StringIO.new(raw)
+    parser = Krypt::ASN1::Parser.new
+    header = parser.next(io)
+    assert_equal(Krypt::ASN1::OCTET_STRING, header.tag)
+    assert_equal(:UNIVERSAL, header.tag_class)
+    assert_equal(false, header.constructed?)
+    assert_equal(false, header.infinite?)
+    assert_equal(1000, header.length)
+    assert_equal(4, header.header_length)
+    assert_header_value_equal(raw, header)
+  end
+
+  def test_complex_length_single_octet
+    raw = [%w{df 2a 01 00}.join("")].pack("H*")
+    parser = Krypt::ASN1::Parser.new
+    io = StringIO.new(raw)
+    header = parser.next(io)
+    assert_equal(42, header.tag)
+    assert_equal(:PRIVATE, header.tag_class)
+    assert_equal(false, header.constructed?)
+    assert_equal(false, header.infinite?)
+    assert_equal(1, header.length)
+    assert_equal(3, header.header_length)
+    assert_header_value_equal(raw, header)
+  end
+
+  def test_complex_tag_two_octets
+    raw = [%w{5f 82 2c 01 00}.join("")].pack("H*")
+    parser = Krypt::ASN1::Parser.new
+    io = StringIO.new(raw)
+    header = parser.next(io)
+    assert_equal(300, header.tag)
+    assert_equal(:APPLICATION, header.tag_class)
+    assert_equal(false, header.constructed?)
+    assert_equal(false, header.infinite?)
+    assert_equal(1, header.length)
+    assert_equal(4, header.header_length)
+    assert_header_value_equal(raw, header)
+  end
+
+  def test_inf_length_parsing_at_once_string_io
+    inf_length_parsing_streaming_string_io(:AT_ONCE)
+  end
+
+  def test_inf_length_parsing_streaming_string_io
+    inf_length_parsing_streaming_string_io(:STREAMING)
+  end
+
+  def test_inf_length_parsing_streaming_fixed_buffer_string_io
+    inf_length_parsing_streaming_string_io(:STREAMING_FIXED)
+  end
+
+  def test_inf_length_parsing_at_once_values_only_string_io
+    inf_length_parsing_streaming_string_io(:AT_ONCE, true)
+  end
+
+  def test_inf_length_parsing_streaming_values_only_string_io
+    inf_length_parsing_streaming_string_io(:STREAMING, true)
+  end
+
+  def test_inf_length_parsing_streaming_fixed_buffer_values_only_string_io
+    inf_length_parsing_streaming_string_io(:STREAMING_FIXED, true)
+  end
+
+  private
+
+  def parse_and_skip_top_level(io)
+    parser = Krypt::ASN1::Parser.new
+    header = parser.next(io)
+    assert_equal(Krypt::ASN1::SEQUENCE, header.tag)
+    assert_equal(:UNIVERSAL, header.tag_class)
+    assert(header.constructed?)
+    assert(!header.infinite?)
+    assert_equal(Resources.certificate.size, header.header_size + header.size)
+    header.skip_value
+    assert_nil(parser.next(io))
+  ensure
+    io.close
+  end
+
+  def parse_and_skip(io)
+    parser = Krypt::ASN1::Parser.new
+    num_tokens = 0
+    while header = parser.next(io)
+      num_tokens += 1
+      unless header.constructed?
+        header.skip_value
+      end
+    end
+    assert(num_tokens > 1)
+  ensure
+    io.close
+  end
+
+  def consume_top_level_streaming(io)
+    parser = Krypt::ASN1::Parser.new
+    header = parser.next(io)
+    stream = header.value_io
+    consume_streaming(stream)
+    assert_nil(parser.next(io))
+  ensure
+    io.close
+  end
+
+  def consume_top_level_at_once(io)
+    parser = Krypt::ASN1::Parser.new
+    header = parser.next(io)
+    stream = header.value_io
+    stream.read
+    assert_nil(parser.next(io))
+  ensure
+    io.close
+  end
+
+  def consume_all_streaming(io)
+    parser = Krypt::ASN1::Parser.new
+    while header = parser.next(io)
+      unless header.constructed?
+        stream = header.value_io
+        consume_streaming(stream)
+      end
+    end
+    assert_nil(parser.next(io))
+  ensure
+    io.close
+  end
+
+  def consume_all_at_once(io)
+    parser = Krypt::ASN1::Parser.new
+    while header = parser.next(io)
+      unless header.constructed?
+        stream = header.value_io
+        stream.read
+      end
+    end
+    assert_nil(parser.next(io))
+  ensure
+    io.close
+  end
+
+  def parse_tokens_test_methods(io)
+    parser = Krypt::ASN1::Parser.new
+    while header = parser.next(io)
+      assert_not_nil(header.tag)
+      assert_not_nil(header.tag_class)
+      assert_not_nil(header.size)
+      assert_not_nil(header.length)
+      assert_not_nil(header.header_size)
+      assert_not_nil(header.header_length)
+      assert_not_nil(header.constructed?)
+      assert_not_nil(header.infinite?)
+      unless header.constructed?
+        if (header.tag == Krypt::ASN1::NULL || header.tag == Krypt::ASN1::END_OF_CONTENTS)
+          assert_nil(header.value)
+        else
+          assert_not_nil(header.value)
+        end
+      end
+    end
+  ensure
+    io.close
+  end
+
+  def inf_length_parsing_streaming_string_io(mode, values_only=false)
+    raw = [%w{24 80 04 01 01 04 01 02 00 00}.join("")].pack("H*")
+    io = StringIO.new(raw)
+    parser = Krypt::ASN1::Parser.new
+    header = parser.next(io)
+    assert_equal(Krypt::ASN1::OCTET_STRING, header.tag)
+    assert_equal(:UNIVERSAL, header.tag_class)
+    assert_equal(true, header.constructed?)
+    assert_equal(true, header.infinite?)
+    assert_equal(0, header.length)
+    assert_equal(2, header.header_length)
+    value_io = header.value_io(values_only)
+
+    result = StringIO.new("", "wb")
+    unless values_only
+      header.encode_to(result)
+    end
+
+    case mode
+    when :AT_ONCE
+      result << value_io.read
+    when :STREAMING
+      while buf = value_io.read(3, buf)
+        result << buf
+      end
+    when :STREAMING_FIXED
+      buf = ""
+      while value_io.read(3, buf)
+        result << buf
+      end
+    end
+  
+    if values_only
+      assert_equal( [%w{01 02}.join("")].pack("H*"), result.string)
+    else
+      assert_equal(raw, result.string.force_encoding("ASCII-8BIT"))
+    end
+  end
+
+  def consume_streaming(io)
+    buffer = ""
+    while io.read(3, buffer)
+    end
+  end
+
+  def assert_header_value_equal(expected, header)
+    io = StringIO.new()
+    header.encode_to(io)
+    io << header.value
+    assert_equal(expected, io.string.force_encoding("ASCII-8BIT"))
+  end
+
+end
+