r509 0.10.0 → 1.0

data/spec/cert/extensions/authority_info_access_spec.rb

@@ -7,20 +7,20 @@ shared_examples_for "a correct R509 AuthorityInfoAccess object" do |critical|
     extension_name = "authorityInfoAccess"
     klass = AuthorityInfoAccess
     ef = OpenSSL::X509::ExtensionFactory.new
-    openssl_ext = ef.create_extension( extension_name, @extension_value, critical )
-    @r509_ext = klass.new( openssl_ext )
+    openssl_ext = ef.create_extension(extension_name, @extension_value, critical)
+    @r509_ext = klass.new(openssl_ext)
   end
 
   it "ca_issuers_uri should be correct critical:#{critical}" do
-    @r509_ext.ca_issuers.uris.should == @ca_issuers_uris
+    expect(@r509_ext.ca_issuers.uris).to eq(@ca_issuers_uris)
   end
 
   it "ocsp_uri should be correct critical:#{critical}" do
-    @r509_ext.ocsp.uris.should == @ocsp_uris
+    expect(@r509_ext.ocsp.uris).to eq(@ocsp_uris)
   end
 
   it "reports #critical? properly" do
-    @r509_ext.critical?.should == critical
+    expect(@r509_ext.critical?).to eq(critical)
   end
 end
 
@@ -29,30 +29,30 @@ describe R509::Cert::Extensions::AuthorityInfoAccess do
 
   context "validation" do
     it "raises an error when not a hash" do
-      expect { AuthorityInfoAccess.new( "some-url" ) }.to raise_error(ArgumentError, 'You must pass a hash with at least one of the following two keys (:ocsp_location, :ca_issuers_location)')
+      expect { AuthorityInfoAccess.new("some-url") }.to raise_error(ArgumentError, 'You must pass a hash with at least one of the following two keys (:ocsp_location, :ca_issuers_location)')
     end
 
     it "raises an error with empty hash" do
-      expect { AuthorityInfoAccess.new( {} ) }.to raise_error(ArgumentError, 'You must pass a hash with at least one of the following two keys (:ocsp_location, :ca_issuers_location)')
+      expect { AuthorityInfoAccess.new({}) }.to raise_error(ArgumentError, 'You must pass a hash with at least one of the following two keys (:ocsp_location, :ca_issuers_location)')
     end
 
     it "raises an error if you pass an ocsp_location that is not an array" do
-      expect { AuthorityInfoAccess.new( :ocsp_location => "some-url" ) }.to raise_error(ArgumentError, 'ocsp_location must contain an array or R509::ASN1::GeneralNames object if provided')
+      expect { AuthorityInfoAccess.new(:ocsp_location => "some-url") }.to raise_error(ArgumentError, 'ocsp_location must contain an array or R509::ASN1::GeneralNames object if provided')
     end
 
     it "raises an error if you pass a ca_issuers_location that is not an array" do
-      expect { AuthorityInfoAccess.new( :ca_issuers_location => "some-url" ) }.to raise_error(ArgumentError, 'ca_issuers_location must contain an array or R509::ASN1::GeneralNames object if provided')
+      expect { AuthorityInfoAccess.new(:ca_issuers_location => "some-url") }.to raise_error(ArgumentError, 'ca_issuers_location must contain an array or R509::ASN1::GeneralNames object if provided')
     end
 
     it "raises an error if you pass an array that does not contain hashes" do
-      expect { AuthorityInfoAccess.new( :ca_issuers_location => [{},"string"] ) }.to raise_error(ArgumentError, 'All elements of the array must be hashes with a :type and :value')
+      expect { AuthorityInfoAccess.new(:ca_issuers_location => [{}, "string"]) }.to raise_error(ArgumentError, 'All elements of the array must be hashes with a :type and :value')
     end
 
     it "raises an error if you pass an array that does not contain both :type and :value" do
-      expect { AuthorityInfoAccess.new( :ca_issuers_location => [{:type => 'URI'}] ) }.to raise_error(ArgumentError, 'All elements of the array must be hashes with a :type and :value')
-      expect { AuthorityInfoAccess.new( :ca_issuers_location => [{:value => 'value'}] ) }.to raise_error(ArgumentError, 'All elements of the array must be hashes with a :type and :value')
-      expect { AuthorityInfoAccess.new( :ocsp_location => [{:type => 'URI'}] ) }.to raise_error(ArgumentError, 'All elements of the array must be hashes with a :type and :value')
-      expect { AuthorityInfoAccess.new( :ocsp_location => [{:value => 'value'}] ) }.to raise_error(ArgumentError, 'All elements of the array must be hashes with a :type and :value')
+      expect { AuthorityInfoAccess.new(:ca_issuers_location => [{ :type => 'URI' }]) }.to raise_error(ArgumentError, 'All elements of the array must be hashes with a :type and :value')
+      expect { AuthorityInfoAccess.new(:ca_issuers_location => [{ :value => 'value' }]) }.to raise_error(ArgumentError, 'All elements of the array must be hashes with a :type and :value')
+      expect { AuthorityInfoAccess.new(:ocsp_location => [{ :type => 'URI' }]) }.to raise_error(ArgumentError, 'All elements of the array must be hashes with a :type and :value')
+      expect { AuthorityInfoAccess.new(:ocsp_location => [{ :value => 'value' }]) }.to raise_error(ArgumentError, 'All elements of the array must be hashes with a :type and :value')
     end
   end
 
@@ -70,73 +70,73 @@ describe R509::Cert::Extensions::AuthorityInfoAccess do
         end
 
         it "creates extension" do
-          @aia.ocsp.rfc_822_names.should == ['random string']
-          @aia.ocsp.directory_names[0].to_s.should == '/CN=test/O=myOrg/C=US'
-          @aia.ca_issuers.rfc_822_names.should == ['random string']
+          expect(@aia.ocsp.rfc_822_names).to eq(['random string'])
+          expect(@aia.ocsp.directory_names[0].to_s).to eq('/CN=test/O=myOrg/C=US')
+          expect(@aia.ca_issuers.rfc_822_names).to eq(['random string'])
         end
 
         it "builds yaml" do
-          YAML.load(@aia.to_yaml).should == {:critical=>false, :ocsp_location=>[{:type=>"email", :value=>"random string"}, {:type=>"dirName", :value=>{:CN=>"test", :O=>"myOrg", :C=>"US"}}], :ca_issuers_location=>[{:type=>"email", :value=>"random string"}, {:type=>"dirName", :value=>{:CN=>"test", :O=>"myOrg", :C=>"US"}}]}
+          expect(YAML.load(@aia.to_yaml)).to eq(:critical => false, :ocsp_location => [{ :type => "email", :value => "random string" }, { :type => "dirName", :value => { :CN => "test", :O => "myOrg", :C => "US" } }], :ca_issuers_location => [{ :type => "email", :value => "random string" }, { :type => "dirName", :value => { :CN => "test", :O => "myOrg", :C => "US" } }])
         end
       end
 
       context "one OCSP location" do
         before :all do
-          @args = { :ocsp_location => [{:type => "URI", :value => 'http://ocsp.domain.com' }], :critical => false }
+          @args = { :ocsp_location => [{ :type => "URI", :value => 'http://ocsp.domain.com' }], :critical => false }
           @aia = R509::Cert::Extensions::AuthorityInfoAccess.new(@args)
         end
 
         it "creates extension" do
-          @aia.ocsp.uris.should == ['http://ocsp.domain.com']
+          expect(@aia.ocsp.uris).to eq(['http://ocsp.domain.com'])
         end
 
         it "builds yaml" do
-          YAML.load(@aia.to_yaml).should == @args
+          expect(YAML.load(@aia.to_yaml)).to eq(@args)
         end
       end
 
       context " multiple OCSP locations" do
         before :all do
-          @args = { :ocsp_location => [ { :type => 'URI', :value => 'http://ocsp.domain.com' }, { :type => "URI", :value => 'http://ocsp2.domain.com' }], :critical => false }
+          @args = { :ocsp_location => [{ :type => 'URI', :value => 'http://ocsp.domain.com' }, { :type => "URI", :value => 'http://ocsp2.domain.com' }], :critical => false }
           @aia = R509::Cert::Extensions::AuthorityInfoAccess.new(@args)
         end
 
         it "creates extension" do
-          @aia.ocsp.uris.should == ['http://ocsp.domain.com','http://ocsp2.domain.com']
+          expect(@aia.ocsp.uris).to eq(['http://ocsp.domain.com', 'http://ocsp2.domain.com'])
         end
 
         it "builds yaml" do
-          YAML.load(@aia.to_yaml).should == @args
+          expect(YAML.load(@aia.to_yaml)).to eq(@args)
         end
       end
 
       context "one caIssuers" do
         before :all do
-          @args = { :ca_issuers_location => [ { :type => 'URI', :value => 'http://www.domain.com' } ], :critical => false }
+          @args = { :ca_issuers_location => [{ :type => 'URI', :value => 'http://www.domain.com' }], :critical => false }
           @aia = R509::Cert::Extensions::AuthorityInfoAccess.new(@args)
         end
 
         it "creates extension" do
-          @aia.ca_issuers.uris.should == ['http://www.domain.com']
+          expect(@aia.ca_issuers.uris).to eq(['http://www.domain.com'])
         end
 
         it "builds yaml" do
-          YAML.load(@aia.to_yaml).should == @args
+          expect(YAML.load(@aia.to_yaml)).to eq(@args)
         end
       end
 
       context "multiple caIssuers" do
         before :all do
-          @args = { :ca_issuers_location => [ { :type => 'URI', :value => 'http://www.domain.com' }, { :type => "URI", :value => 'http://www2.domain.com' }], :critical => false }
+          @args = { :ca_issuers_location => [{ :type => 'URI', :value => 'http://www.domain.com' }, { :type => "URI", :value => 'http://www2.domain.com' }], :critical => false }
           @aia = R509::Cert::Extensions::AuthorityInfoAccess.new(@args)
         end
 
         it "creates extension" do
-          @aia.ca_issuers.uris.should == ['http://www.domain.com','http://www2.domain.com']
+          expect(@aia.ca_issuers.uris).to eq(['http://www.domain.com', 'http://www2.domain.com'])
         end
 
         it "builds yaml" do
-          YAML.load(@aia.to_yaml).should == @args
+          expect(YAML.load(@aia.to_yaml)).to eq(@args)
         end
       end
 
@@ -147,42 +147,42 @@ describe R509::Cert::Extensions::AuthorityInfoAccess do
         end
 
         it "creates extension" do
-          @aia.ca_issuers.uris.should == ['http://www.domain.com']
-          @aia.ocsp.uris.should == ['http://ocsp.domain.com']
+          expect(@aia.ca_issuers.uris).to eq(['http://www.domain.com'])
+          expect(@aia.ocsp.uris).to eq(['http://ocsp.domain.com'])
         end
 
         it "builds yaml" do
-          YAML.load(@aia.to_yaml).should == @args
+          expect(YAML.load(@aia.to_yaml)).to eq(@args)
         end
       end
 
       context "default criticality" do
         before :all do
-        @args = { :ocsp_location => [{ :type => 'URI', :value => 'http://ocsp.domain.com' }]}
-        @aia = R509::Cert::Extensions::AuthorityInfoAccess.new(@args)
+          @args = { :ocsp_location => [{ :type => 'URI', :value => 'http://ocsp.domain.com' }] }
+          @aia = R509::Cert::Extensions::AuthorityInfoAccess.new(@args)
         end
 
         it "creates extension" do
-          @aia.critical?.should be_false
+          expect(@aia.critical?).to be false
         end
 
         it "builds yaml" do
-          YAML.load(@aia.to_yaml).should == @args.merge(:critical => false)
+          expect(YAML.load(@aia.to_yaml)).to eq(@args.merge(:critical => false))
         end
       end
 
       context "non-default criticality" do
         before :all do
-        @args = { :ocsp_location => [{ :type => 'URI', :value => 'http://ocsp.domain.com' }], :critical => true}
-        @aia = R509::Cert::Extensions::AuthorityInfoAccess.new(@args)
+          @args = { :ocsp_location => [{ :type => 'URI', :value => 'http://ocsp.domain.com' }], :critical => true }
+          @aia = R509::Cert::Extensions::AuthorityInfoAccess.new(@args)
         end
 
         it "creates extension" do
-          @aia.critical?.should be_true
+          expect(@aia.critical?).to be true
         end
 
         it "builds yaml" do
-          YAML.load(@aia.to_yaml).should == @args
+          expect(YAML.load(@aia.to_yaml)).to eq(@args)
         end
       end
 

data/spec/cert/extensions/authority_key_identifier_spec.rb

@@ -8,20 +8,20 @@ shared_examples_for "a correct R509 AuthorityKeyIdentifier object" do
     klass = AuthorityKeyIdentifier
     ef = OpenSSL::X509::ExtensionFactory.new
     ef.issuer_certificate = OpenSSL::X509::Certificate.new TestFixtures::TEST_CA_CERT
-    openssl_ext = ef.create_extension( extension_name, @extension_value )
-    @r509_ext = klass.new( openssl_ext )
+    openssl_ext = ef.create_extension(extension_name, @extension_value)
+    @r509_ext = klass.new(openssl_ext)
   end
 
   it "has the expected type" do
-    @r509_ext.oid.should == "authorityKeyIdentifier"
+    expect(@r509_ext.oid).to eq("authorityKeyIdentifier")
   end
 
   it "contains the key identifier" do
-    @r509_ext.key_identifier.should == "79:75:BB:84:3A:CB:2C:DE:7A:09:BE:31:1B:43:BC:1C:2A:4D:53:58"
+    expect(@r509_ext.key_identifier).to eq("79:75:BB:84:3A:CB:2C:DE:7A:09:BE:31:1B:43:BC:1C:2A:4D:53:58")
   end
   it "parses the authority cert issuer and serial number" do
-    @r509_ext.authority_cert_issuer.value.to_s.should == "/C=US/ST=Illinois/L=Chicago/O=Ruby CA Project/CN=Test CA"
-    @r509_ext.authority_cert_serial_number.should == 'FF:D9:C7:0B:87:37:D1:94'
+    expect(@r509_ext.authority_cert_issuer.value.to_s).to eq("/C=US/ST=Illinois/L=Chicago/O=Ruby CA Project/CN=Test CA")
+    expect(@r509_ext.authority_cert_serial_number).to eq('FF:D9:C7:0B:87:37:D1:94')
   end
 end
 
@@ -34,47 +34,53 @@ describe R509::Cert::Extensions::AuthorityKeyIdentifier do
     end
 
     it "errors when not supplying a public_key" do
-      expect {
+      expect do
         R509::Cert::Extensions::AuthorityKeyIdentifier.new({})
-      }.to raise_error(ArgumentError,'You must supply an OpenSSL::PKey object to :public_key if aki value contains keyid (present by default)')
+      end.to raise_error(ArgumentError, 'You must supply an OpenSSL::PKey object to :public_key if aki value contains keyid (present by default)')
     end
 
     it "errors when not supplying an issuer subject when embedding issuer info" do
-      expect {
-        R509::Cert::Extensions::AuthorityKeyIdentifier.new(:value => "issuer:always")
-      }.to raise_error(ArgumentError,'You must supply an R509::Subject object to :issuer_subject if aki value contains issuer')
+      expect do
+        R509::Cert::Extensions::AuthorityKeyIdentifier.new(:value => "issuer:always", :issuer_serial => 3)
+      end.to raise_error(ArgumentError, 'You must supply an R509::Subject object to :issuer_subject if aki value contains issuer')
+    end
+
+    it "errors when not supplying an issuer serial when embedding issuer info" do
+      expect do
+        R509::Cert::Extensions::AuthorityKeyIdentifier.new(:value => "issuer:always", :issuer_subject => R509::Subject.new(:CN => 'something'))
+      end.to raise_error(ArgumentError, 'You must supply an integer to :issuer_serial if aki value contains issuer')
     end
 
     it "creates successfully with default value" do
       aki = R509::Cert::Extensions::AuthorityKeyIdentifier.new(:public_key => @cert.public_key)
-      aki.key_identifier.should_not be_nil
-      aki.authority_cert_issuer.should be_nil
+      expect(aki.key_identifier).not_to be_nil
+      expect(aki.authority_cert_issuer).to be_nil
     end
 
     it "creates successfully with issuer value" do
-      aki = R509::Cert::Extensions::AuthorityKeyIdentifier.new(:issuer_subject => @cert.subject, :value => "issuer:always")
-      aki.authority_cert_issuer.should_not be_nil
-      aki.authority_cert_serial_number.should_not be_nil
+      aki = R509::Cert::Extensions::AuthorityKeyIdentifier.new(:issuer_subject => @cert.subject, :issuer_serial => 5, :value => "issuer:always")
+      expect(aki.authority_cert_issuer.to_h).to eq(:type => "dirName", :value => { :C => "US", :ST => "Illinois", :L => "Chicago", :O => "Ruby CA Project", :CN => "Test CA" })
+      expect(aki.authority_cert_serial_number).to eq("05")
     end
 
     it "creates successfully with issuer+keyid value" do
-      aki = R509::Cert::Extensions::AuthorityKeyIdentifier.new(:issuer_subject => @cert.subject, :public_key => @cert.public_key, :value => "issuer:always,keyid:always")
-      aki.authority_cert_issuer.should_not be_nil
-      aki.authority_cert_serial_number.should_not be_nil
-      aki.key_identifier.should_not be_nil
+      aki = R509::Cert::Extensions::AuthorityKeyIdentifier.new(:issuer_subject => @cert.subject, :issuer_serial => 5, :public_key => @cert.public_key, :value => "issuer:always,keyid:always")
+      expect(aki.authority_cert_issuer.to_h).to eq(:type => "dirName", :value => { :C => "US", :ST => "Illinois", :L => "Chicago", :O => "Ruby CA Project", :CN => "Test CA" })
+      expect(aki.authority_cert_serial_number).not_to be_nil
+      expect(aki.key_identifier).not_to be_nil
     end
 
     it "creates with default criticality" do
       aki = R509::Cert::Extensions::AuthorityKeyIdentifier.new(:public_key => @cert.public_key)
-      aki.critical?.should be_false
+      expect(aki.critical?).to be false
     end
 
     it "creates with non-default criticality" do
       aki = R509::Cert::Extensions::AuthorityKeyIdentifier.new(:public_key => @cert.public_key, :critical => true)
-      aki.critical?.should be_true
+      expect(aki.critical?).to be true
     end
 
-    end
+  end
   context "AuthorityKeyIdentifier" do
     before :all do
       @extension_value = "keyid:always,issuer:always"

data/spec/cert/extensions/base_spec.rb

@@ -4,43 +4,47 @@ include R509::Cert::Extensions
 
 shared_examples_for "a correctly implemented wrap_openssl_extensions" do
   before :each do
-    @r509_extensions = R509::Cert::Extensions.wrap_openssl_extensions( @openssl_extensions )
-
-    @r509_classes = [ BasicConstraints, KeyUsage, ExtendedKeyUsage,
-            SubjectKeyIdentifier, AuthorityKeyIdentifier,
-            SubjectAlternativeName, AuthorityInfoAccess,
-            CRLDistributionPoints, OCSPNoCheck ]
+    @r509_extensions = R509::Cert::Extensions.wrap_openssl_extensions(@openssl_extensions)
+
+    @r509_classes = [
+      BasicConstraints, KeyUsage, ExtendedKeyUsage,
+      SubjectKeyIdentifier, AuthorityKeyIdentifier,
+      SubjectAlternativeName, AuthorityInfoAccess,
+      CRLDistributionPoints, OCSPNoCheck
+    ]
   end
 
   it "should not have returned values that aren't R509 extensions" do
     classes = @r509_extensions.values.map { |ext| ext.class }
     non_r509_classes = classes.reject { |ext_class| @r509_classes.include?(ext_class) }
-    non_r509_classes.should == []
+    expect(non_r509_classes).to eq([])
   end
 
   it "should have returned the right number of extensions" do
-    @r509_extensions.count.should == @wrappable_extensions.count
+    expect(@r509_extensions.count).to eq(@wrappable_extensions.count)
   end
 
   it "should not have returned keys improperly mapped to values" do
-    incorrect_mappings = @r509_extensions.select { |key_class,ext| ext.class != key_class }
+    incorrect_mappings = @r509_extensions.select { |key_class, ext| ext.class != key_class }
     incorrect_mappings = {} if incorrect_mappings == [] # compatibility for old versions of Ruby
-    incorrect_mappings.should == {}
+    expect(incorrect_mappings).to eq({})
   end
 
   it "should not have failed to map an implemented extension" do
     missing_extensions = []
     @wrappable_extensions.each do |openssl_ext|
-      if (@r509_extensions.select {|r509_class,r509_ext| r509_ext.oid == openssl_ext.oid}) == {} then missing_extensions << openssl_ext.oid end
+      if (@r509_extensions.select { |_r509_class, r509_ext| r509_ext.oid == openssl_ext.oid }) == {}
+        missing_extensions << openssl_ext.oid
+      end
     end
 
-    missing_extensions.should == []
+    expect(missing_extensions).to eq([])
   end
 end
 
 shared_examples_for "a correctly implemented get_unknown_extensions" do
   it "should not have returned values that are R509 extensions" do
-    R509::Cert::Extensions.get_unknown_extensions( @openssl_extensions ).should == @unknown_extensions
+    expect(R509::Cert::Extensions.get_unknown_extensions(@openssl_extensions)).to eq(@unknown_extensions)
   end
 end
 
@@ -65,7 +69,7 @@ describe R509::Cert::Extensions do
         before :each do
           @wrappable_extensions = []
           ef = OpenSSL::X509::ExtensionFactory.new
-          @wrappable_extensions << ef.create_extension( "basicConstraints", "CA:TRUE,pathlen:0" )
+          @wrappable_extensions << ef.create_extension("basicConstraints", "CA:TRUE,pathlen:0")
 
           @unknown_extensions = []
 
@@ -82,14 +86,14 @@ describe R509::Cert::Extensions do
           ef = OpenSSL::X509::ExtensionFactory.new
           ef.issuer_certificate = OpenSSL::X509::Certificate.new TestFixtures::TEST_CA_CERT
           ef.subject_certificate = OpenSSL::X509::Certificate.new TestFixtures::TEST_CA_CERT
-          @wrappable_extensions << ef.create_extension( "basicConstraints", "CA:TRUE,pathlen:0", true )
-          @wrappable_extensions << ef.create_extension( "keyUsage", KeyUsage::AU_DIGITAL_SIGNATURE )
-          @wrappable_extensions << ef.create_extension( "extendedKeyUsage", ExtendedKeyUsage::AU_WEB_SERVER_AUTH )
-          @wrappable_extensions << ef.create_extension( "subjectKeyIdentifier", "hash" )
-          @wrappable_extensions << ef.create_extension( "authorityKeyIdentifier", "keyid:always" )
-          @wrappable_extensions << ef.create_extension( "subjectAltName", "DNS:www.test.local" )
-          @wrappable_extensions << ef.create_extension( "authorityInfoAccess", "caIssuers;URI:http://www.test.local" )
-          @wrappable_extensions << ef.create_extension( "crlDistributionPoints", "URI:http://www.test.local" )
+          @wrappable_extensions << ef.create_extension("basicConstraints", "CA:TRUE,pathlen:0", true)
+          @wrappable_extensions << ef.create_extension("keyUsage", KeyUsage::AU_DIGITAL_SIGNATURE)
+          @wrappable_extensions << ef.create_extension("extendedKeyUsage", ExtendedKeyUsage::AU_WEB_SERVER_AUTH)
+          @wrappable_extensions << ef.create_extension("subjectKeyIdentifier", "hash")
+          @wrappable_extensions << ef.create_extension("authorityKeyIdentifier", "keyid:always")
+          @wrappable_extensions << ef.create_extension("subjectAltName", "DNS:www.test.local")
+          @wrappable_extensions << ef.create_extension("authorityInfoAccess", "caIssuers;URI:http://www.test.local")
+          @wrappable_extensions << ef.create_extension("crlDistributionPoints", "URI:http://www.test.local")
 
           @unknown_extensions = []
 
@@ -105,7 +109,7 @@ describe R509::Cert::Extensions do
           @wrappable_extensions = []
 
           @unknown_extensions = []
-          @unknown_extensions << OpenSSL::X509::Extension.new( "issuerAltName", "DNS:www.test.local" )
+          @unknown_extensions << OpenSSL::X509::Extension.new("issuerAltName", "DNS:www.test.local")
 
           @openssl_extensions = @wrappable_extensions + @unknown_extensions
         end
@@ -118,10 +122,10 @@ describe R509::Cert::Extensions do
         before :each do
           @wrappable_extensions = []
           ef = OpenSSL::X509::ExtensionFactory.new
-          @wrappable_extensions << ef.create_extension( "basicConstraints", "CA:TRUE,pathlen:0" )
+          @wrappable_extensions << ef.create_extension("basicConstraints", "CA:TRUE,pathlen:0")
 
           @unknown_extensions = []
-          @unknown_extensions << OpenSSL::X509::Extension.new( "issuerAltName", "DNS:www.test.local" )
+          @unknown_extensions << OpenSSL::X509::Extension.new("issuerAltName", "DNS:www.test.local")
 
           @openssl_extensions = @wrappable_extensions + @unknown_extensions
         end
@@ -134,19 +138,19 @@ describe R509::Cert::Extensions do
         before :each do
           @wrappable_extensions = []
           ef = OpenSSL::X509::ExtensionFactory.new
-          @wrappable_extensions << ef.create_extension( "basicConstraints", "CA:TRUE,pathlen:0" )
-          @wrappable_extensions << ef.create_extension( "basicConstraints", "CA:TRUE,pathlen:1" )
+          @wrappable_extensions << ef.create_extension("basicConstraints", "CA:TRUE,pathlen:0")
+          @wrappable_extensions << ef.create_extension("basicConstraints", "CA:TRUE,pathlen:1")
 
           @unknown_extensions = []
-          @unknown_extensions << OpenSSL::X509::Extension.new( "issuerAltName", "DNS:www.test.local" )
+          @unknown_extensions << OpenSSL::X509::Extension.new("issuerAltName", "DNS:www.test.local")
 
           @openssl_extensions = @wrappable_extensions + @unknown_extensions
         end
 
         it "should raise an ArgumentError for #wrap_openssl_extensions" do
-          expect {
-            R509::Cert::Extensions.wrap_openssl_extensions( @openssl_extensions )
-          }.to raise_error(ArgumentError)
+          expect do
+            R509::Cert::Extensions.wrap_openssl_extensions(@openssl_extensions)
+          end.to raise_error(ArgumentError)
         end
         it_should_behave_like "a correctly implemented get_unknown_extensions"
       end
@@ -155,11 +159,11 @@ describe R509::Cert::Extensions do
         before :each do
           @wrappable_extensions = []
           ef = OpenSSL::X509::ExtensionFactory.new
-          @wrappable_extensions << ef.create_extension( "basicConstraints", "CA:TRUE,pathlen:0" )
+          @wrappable_extensions << ef.create_extension("basicConstraints", "CA:TRUE,pathlen:0")
 
           @unknown_extensions = []
-          @unknown_extensions << OpenSSL::X509::Extension.new( "issuerAltName", "DNS:www.test.local" )
-          @unknown_extensions << OpenSSL::X509::Extension.new( "issuerAltName", "DNS:www2.test.local" )
+          @unknown_extensions << OpenSSL::X509::Extension.new("issuerAltName", "DNS:www.test.local")
+          @unknown_extensions << OpenSSL::X509::Extension.new("issuerAltName", "DNS:www2.test.local")
 
           @openssl_extensions = @wrappable_extensions + @unknown_extensions
         end