r509 0.10.0 → 1.0

data/spec/spki_spec.rb

@@ -3,66 +3,66 @@ require 'stringio'
 require 'r509/spki'
 
 shared_examples_for "create spki with private key" do
-    it "generates a spki with default digest" do
-      spki = R509::SPKI.new(:key => @key)
-      spki.to_pem.should_not be_nil
-      spki.verify_signature
-    end
+  it "generates a spki with default digest" do
+    spki = R509::SPKI.new(:key => @key)
+    expect(spki.to_pem).not_to be_nil
+    spki.verify_signature
+  end
 
-    it "generates a spki from a pem key" do
-      spki = R509::SPKI.new(:key => @key.to_pem)
-      spki.to_pem.should_not be_nil
-      spki.verify_signature
-    end
+  it "generates a spki from a pem key" do
+    spki = R509::SPKI.new(:key => @key.to_pem)
+    expect(spki.to_pem).not_to be_nil
+    spki.verify_signature
+  end
 
-    it "generates a spki with custom digest" do
-      spki = R509::SPKI.new(:key => @key, :message_digest => "sha256")
-      spki.to_pem.should_not be_nil
-      case
-      when @key.rsa?
-        spki.signature_algorithm.should(match(/sha256/i))
-      when @key.dsa?
-        spki.signature_algorithm.should(match(/sha1/i))
-      end
-      spki.verify_signature
+  it "generates a spki with custom digest" do
+    spki = R509::SPKI.new(:key => @key, :message_digest => "sha256")
+    expect(spki.to_pem).not_to be_nil
+    case
+    when @key.rsa?
+      expect(spki.signature_algorithm).to(match(/sha256/i))
+    when @key.dsa?
+      expect(spki.signature_algorithm).to(match(/sha1/i))
     end
+    spki.verify_signature
+  end
 
-    it "stores the key" do
-      spki = R509::SPKI.new(:key => @key)
-      spki.key.should == @key
-    end
+  it "stores the key" do
+    spki = R509::SPKI.new(:key => @key)
+    expect(spki.key).to eq(@key)
+  end
 
-    it "verifies signature" do
-      spki = R509::SPKI.new(:key => @key)
-      spki.verify_signature
-    end
+  it "verifies signature" do
+    spki = R509::SPKI.new(:key => @key)
+    spki.verify_signature
+  end
 end
 
 shared_examples_for "spki + private key" do
   it "verifies they match" do
-      expect { R509::SPKI.new(:key => @key, :spki => @spki) }.to_not raise_error
+    expect { R509::SPKI.new(:key => @key, :spki => @spki) }.to_not raise_error
   end
 
   it "returns the correct signature_algorithm" do
-    spki = R509::SPKI.new( :spki => @spki, :key => @key )
+    spki = R509::SPKI.new(:spki => @spki, :key => @key)
     case
     when @key.rsa?
-      spki.signature_algorithm.should(match(/RSA/i))
+      expect(spki.signature_algorithm).to(match(/RSA/i))
     when @key.dsa?
-      spki.signature_algorithm.should(match(/DSA/i))
+      expect(spki.signature_algorithm).to(match(/DSA/i))
     when @key.ec?
-      spki.signature_algorithm.should(match(/ecdsa/i))
+      expect(spki.signature_algorithm).to(match(/ecdsa/i))
     end
   end
 
   it "errors if they don't match" do
-      expect { R509::SPKI.new(:key => @key, :spki => @spki2) }.to raise_error(R509::R509Error,'Key does not match SPKI.')
+    expect { R509::SPKI.new(:key => @key, :spki => @spki2) }.to raise_error(R509::R509Error, 'Key does not match SPKI.')
   end
 end
 
 describe R509::SPKI do
   before :all do
-    #also known as SPKAC (signed public key and challenge)
+    # also known as SPKAC (signed public key and challenge)
     @spki_dsa = TestFixtures::SPKI_DSA
     @spki_dsa_no_verify = TestFixtures::SPKI_DSA_NO_VERIFY
     @spki = TestFixtures::SPKI
@@ -71,10 +71,10 @@ describe R509::SPKI do
     @spki_der = TestFixtures::SPKI_DER
   end
   it "raises an error if you don't provide a hash" do
-    expect { R509::SPKI.new("junk") }.to raise_error(ArgumentError,'Must provide a hash of options')
+    expect { R509::SPKI.new("junk") }.to raise_error(ArgumentError, 'Must provide a hash of options')
   end
   it "raises an error if you provide an empty hash" do
-    expect { R509::SPKI.new({}) }.to raise_error(ArgumentError,'Must provide either :spki or :key')
+    expect { R509::SPKI.new({}) }.to raise_error(ArgumentError, 'Must provide either :spki or :key')
   end
   context "rsa" do
     context "no existing spki" do
@@ -129,127 +129,127 @@ describe R509::SPKI do
   end
   context "with existing spki" do
     it "loads an RSA spki" do
-      spki = R509::SPKI.new( :spki => @spki )
-      spki.to_pem.should == @spki
+      spki = R509::SPKI.new(:spki => @spki)
+      expect(spki.to_pem).to eq(@spki)
     end
     it "loads an spkac with newlines" do
-      spki = R509::SPKI.new( :spki => @spki_rsa_newlines )
-      spki.to_pem.should == @spki_rsa_newlines.gsub("\n","")
+      spki = R509::SPKI.new(:spki => @spki_rsa_newlines)
+      expect(spki.to_pem).to eq(@spki_rsa_newlines.gsub("\n", ""))
     end
     it "properly strips SPKAC= prefix and loads" do
-      spki = R509::SPKI.new( :spki => "SPKAC="+@spki )
-      spki.to_pem.should == @spki
+      spki = R509::SPKI.new(:spki => "SPKAC=" + @spki)
+      expect(spki.to_pem).to eq(@spki)
     end
   end
   it "returns the public key" do
-    spki = R509::SPKI.new( :spki => @spki )
-    spki.public_key.should_not == nil
+    spki = R509::SPKI.new(:spki => @spki)
+    expect(spki.public_key).not_to be_nil
   end
   it "returns pem" do
-    spki = R509::SPKI.new( :spki => @spki )
-    spki.to_pem.should == @spki
+    spki = R509::SPKI.new(:spki => @spki)
+    expect(spki.to_pem).to eq(@spki)
   end
   it "returns der" do
-    spki = R509::SPKI.new( :spki => @spki )
-    spki.to_der.should == @spki_der
+    spki = R509::SPKI.new(:spki => @spki)
+    expect(spki.to_der).to eq(@spki_der)
   end
   it "writes to pem" do
-    spki = R509::SPKI.new( :spki => @spki )
+    spki = R509::SPKI.new(:spki => @spki)
     sio = StringIO.new
     sio.set_encoding("BINARY") if sio.respond_to?(:set_encoding)
     spki.write_pem(sio)
-    sio.string.should == @spki
+    expect(sio.string).to eq(@spki)
   end
   it "writes to der" do
-    spki = R509::SPKI.new( :spki => @spki )
+    spki = R509::SPKI.new(:spki => @spki)
     sio = StringIO.new
     sio.set_encoding("BINARY") if sio.respond_to?(:set_encoding)
     spki.write_der(sio)
-    sio.string.should ==  @spki_der
+    expect(sio.string).to eq(@spki_der)
   end
   it "rsa?" do
-    spki = R509::SPKI.new( :spki => @spki )
-    spki.rsa?.should == true
-    spki.dsa?.should == false
+    spki = R509::SPKI.new(:spki => @spki)
+    expect(spki.rsa?).to eq(true)
+    expect(spki.dsa?).to eq(false)
   end
   it "returns error when asking for curve_name on non-ec" do
-    spki = R509::SPKI.new( :spki => @spki )
-    expect { spki.curve_name }.to raise_error(R509::R509Error,'Curve name is only available with EC')
+    spki = R509::SPKI.new(:spki => @spki)
+    expect { spki.curve_name }.to raise_error(R509::R509Error, 'Curve name is only available with EC')
   end
   it "returns RSA key algorithm for RSA" do
-    spki = R509::SPKI.new( :spki => @spki )
-    spki.key_algorithm.should == "RSA"
+    spki = R509::SPKI.new(:spki => @spki)
+    expect(spki.key_algorithm).to eq("RSA")
   end
   it "gets RSA bit length" do
-    spki = R509::SPKI.new( :spki => @spki )
-    spki.bit_length.should == 2048
-    spki.bit_strength.should == 2048
+    spki = R509::SPKI.new(:spki => @spki)
+    expect(spki.bit_length).to eq(2048)
+    expect(spki.bit_strength).to eq(2048)
   end
   it "loads a DSA spkac" do
-    spki = R509::SPKI.new( :spki => @spki_dsa )
-    spki.to_pem.should == @spki_dsa
+    spki = R509::SPKI.new(:spki => @spki_dsa)
+    expect(spki.to_pem).to eq(@spki_dsa)
   end
   it "gets DSA bit length" do
-    spki = R509::SPKI.new( :spki => @spki_dsa )
-    spki.bit_length.should == 2048
+    spki = R509::SPKI.new(:spki => @spki_dsa)
+    expect(spki.bit_length).to eq(2048)
   end
   it "dsa?" do
-    spki = R509::SPKI.new( :spki => @spki_dsa )
-    spki.dsa?.should == true
-    spki.rsa?.should == false
+    spki = R509::SPKI.new(:spki => @spki_dsa)
+    expect(spki.dsa?).to eq(true)
+    expect(spki.rsa?).to eq(false)
   end
   it "returns DSA key algorithm for DSA" do
-    spki = R509::SPKI.new( :spki => @spki_dsa )
-    spki.key_algorithm.should == "DSA"
+    spki = R509::SPKI.new(:spki => @spki_dsa)
+    expect(spki.key_algorithm).to eq("DSA")
   end
 
   context "elliptic curve", :ec => true do
     it "loads an spkac" do
-      spki = R509::SPKI.new( :spki => @spki_ec )
-      spki.to_pem.should == @spki_ec
+      spki = R509::SPKI.new(:spki => @spki_ec)
+      expect(spki.to_pem).to eq(@spki_ec)
     end
     it "returns the curve name" do
-      spki = R509::SPKI.new( :spki => @spki_ec )
-      spki.curve_name.should == 'secp384r1'
+      spki = R509::SPKI.new(:spki => @spki_ec)
+      expect(spki.curve_name).to eq('secp384r1')
     end
     it "raises error on bit length" do
-      spki = R509::SPKI.new( :spki => @spki_ec )
-      expect { spki.bit_length }.to raise_error(R509::R509Error,'Bit length is not available for EC at this time.')
+      spki = R509::SPKI.new(:spki => @spki_ec)
+      expect { spki.bit_length }.to raise_error(R509::R509Error, 'Bit length is not available for EC at this time.')
     end
     it "returns the key algorithm" do
-      spki = R509::SPKI.new( :spki => @spki_ec )
-      spki.key_algorithm.should == "EC"
+      spki = R509::SPKI.new(:spki => @spki_ec)
+      expect(spki.key_algorithm).to eq("EC")
     end
     it "returns the public key" do
-      spki = R509::SPKI.new( :spki => @spki_ec )
-      spki.public_key.should_not == nil
+      spki = R509::SPKI.new(:spki => @spki_ec)
+      expect(spki.public_key).not_to be_nil
     end
     it "ec?" do
-      spki = R509::SPKI.new( :spki => @spki_ec )
-      spki.ec?.should == true
-      spki.dsa?.should == false
-      spki.rsa?.should == false
+      spki = R509::SPKI.new(:spki => @spki_ec)
+      expect(spki.ec?).to eq(true)
+      expect(spki.dsa?).to eq(false)
+      expect(spki.rsa?).to eq(false)
     end
   end
 
   context "when elliptic curve support is unavailable" do
     before :all do
-      @ec = OpenSSL::PKey.send(:remove_const,:EC) # remove EC support for test!
+      @ec = OpenSSL::PKey.send(:remove_const, :EC) # remove EC support for test!
       load('r509/ec-hack.rb')
     end
     after :all do
-      OpenSSL::PKey.send(:remove_const,:EC) # remove stubbed EC
+      OpenSSL::PKey.send(:remove_const, :EC) # remove stubbed EC
       OpenSSL::PKey::EC = @ec # add the real one back
     end
     it "checks rsa?" do
-      spki = R509::SPKI.new( :spki => @spki )
-      spki.rsa?.should == true
-      spki.ec?.should == false
-      spki.dsa?.should == false
+      spki = R509::SPKI.new(:spki => @spki)
+      expect(spki.rsa?).to eq(true)
+      expect(spki.ec?).to eq(false)
+      expect(spki.dsa?).to eq(false)
     end
     it "returns RSA key algorithm for RSA CSR" do
-      spki = R509::SPKI.new( :spki => @spki )
-      spki.key_algorithm.should == "RSA"
+      spki = R509::SPKI.new(:spki => @spki)
+      expect(spki.key_algorithm).to eq("RSA")
     end
   end
 end

data/spec/subject_spec.rb

@@ -9,25 +9,25 @@ describe R509::Subject do
 
   it "initializes an empty subject and gets the name" do
     subject = R509::Subject.new
-    subject.name.to_s.should == ""
+    expect(subject.name.to_s).to eq("")
   end
   it "initializes an empty subject, adds a field, and gets the name" do
     subject = R509::Subject.new
     subject["CN"] = "domain.com"
-    subject.name.to_s.should == "/CN=domain.com"
+    expect(subject.name.to_s).to eq("/CN=domain.com")
   end
   it "initializes with a subject array, and gets the name" do
     subject = R509::Subject.new([["CN", "domain.com"], ["O", "my org"]])
-    subject.name.to_s.should == "/CN=domain.com/O=my org"
+    expect(subject.name.to_s).to eq("/CN=domain.com/O=my org")
   end
   it "initializes with a subject hash, and gets the name" do
     subject = R509::Subject.new(:CN => "domain.com", :O => "my org", :"1.2.3.4.4.5.6.7" => "what")
-    subject.name.to_s.should == "/CN=domain.com/O=my org/1.2.3.4.4.5.6.7=what"
+    expect(subject.name.to_s).to eq("/CN=domain.com/O=my org/1.2.3.4.4.5.6.7=what")
   end
   it "initializes with a name, gets the name" do
     name = OpenSSL::X509::Name.new([["CN", "domain.com"], ["O", "my org"], ["OU", "my unit"]])
     subject = R509::Subject.new(name)
-    subject.name.to_s.should == "/CN=domain.com/O=my org/OU=my unit"
+    expect(subject.name.to_s).to eq("/CN=domain.com/O=my org/OU=my unit")
   end
   it "initializes with a subject" do
     s1 = R509::Subject.new
@@ -35,66 +35,66 @@ describe R509::Subject do
     s1["O"] = "my org"
 
     s2 = R509::Subject.new(s1)
-    s2.name.to_s.should == s1.name.to_s
+    expect(s2.name.to_s).to eq(s1.name.to_s)
   end
   it "preserves order of a full subject line" do
-    subject = R509::Subject.new([['CN','langui.sh'],['ST','Illinois'],['L','Chicago'],['C','US'],['emailAddress','ca@langui.sh']])
-    subject.name.to_s.should == '/CN=langui.sh/ST=Illinois/L=Chicago/C=US/emailAddress=ca@langui.sh'
+    subject = R509::Subject.new([['CN', 'langui.sh'], ['ST', 'Illinois'], ['L', 'Chicago'], ['C', 'US'], ['emailAddress', 'ca@langui.sh']])
+    expect(subject.name.to_s).to eq('/CN=langui.sh/ST=Illinois/L=Chicago/C=US/emailAddress=ca@langui.sh')
   end
   it "preserves order of a full subject line and uses to_s directly" do
-    subject = R509::Subject.new([['CN','langui.sh'],['ST','Illinois'],['L','Chicago'],['C','US'],['emailAddress','ca@langui.sh']])
-    subject.to_s.should == '/CN=langui.sh/ST=Illinois/L=Chicago/C=US/emailAddress=ca@langui.sh'
+    subject = R509::Subject.new([['CN', 'langui.sh'], ['ST', 'Illinois'], ['L', 'Chicago'], ['C', 'US'], ['emailAddress', 'ca@langui.sh']])
+    expect(subject.to_s).to eq('/CN=langui.sh/ST=Illinois/L=Chicago/C=US/emailAddress=ca@langui.sh')
   end
   it "preserves order with raw OIDs, and potentially fills in known OID names" do
-    subject = R509::Subject.new([['2.5.4.3','common name'],['2.5.4.15','business category'],['2.5.4.7','locality'],['1.3.6.1.4.1.311.60.2.1.3','jurisdiction oid openssl typically does not know']])
-    subject.to_s.should == "/CN=common name/businessCategory=business category/L=locality/jurisdictionOfIncorporationCountryName=jurisdiction oid openssl typically does not know"
+    subject = R509::Subject.new([['2.5.4.3', 'common name'], ['2.5.4.15', 'business category'], ['2.5.4.7', 'locality'], ['1.3.6.1.4.1.311.60.2.1.3', 'jurisdiction oid openssl typically does not know']])
+    expect(subject.to_s).to eq("/CN=common name/businessCategory=business category/L=locality/jurisdictionOfIncorporationCountryName=jurisdiction oid openssl typically does not know")
   end
 
   it "edits an existing subject entry" do
     subject = R509::Subject.new([["CN", "domain1.com"], ["O", "my org"]])
-    subject.to_s.should == "/CN=domain1.com/O=my org"
+    expect(subject.to_s).to eq("/CN=domain1.com/O=my org")
 
     subject["CN"] = "domain2.com"
-    subject.to_s.should == "/CN=domain2.com/O=my org"
+    expect(subject.to_s).to eq("/CN=domain2.com/O=my org")
   end
 
   it "deletes an existing subject entry" do
     subject = R509::Subject.new([["CN", "domain1.com"], ["O", "my org"]])
-    subject.to_s.should == "/CN=domain1.com/O=my org"
+    expect(subject.to_s).to eq("/CN=domain1.com/O=my org")
 
     subject.delete("CN")
-    subject.to_s.should == "/O=my org"
+    expect(subject.to_s).to eq("/O=my org")
   end
 
   it "is empty when initialized" do
     subject = R509::Subject.new
-    subject.empty?.should == true
+    expect(subject.empty?).to eq(true)
     subject["CN"] = "domain.com"
-    subject.empty?.should == false
+    expect(subject.empty?).to eq(false)
   end
 
   it "is not empty" do
     subject = R509::Subject.new([["CN", "domain1.com"]])
-    subject.empty?.should == false
+    expect(subject.empty?).to eq(false)
   end
 
   it "can get a component out of the subject" do
     subject = R509::Subject.new([["CN", "domain.com"]])
-    subject["CN"].should == "domain.com"
-    subject["O"].should == nil
+    expect(subject["CN"]).to eq("domain.com")
+    expect(subject["O"]).to be_nil
   end
 
   it "adds an OID" do
     subject = R509::Subject.new
     subject['1.3.6.1.4.1.311.60.2.1.3'] = 'jurisdiction oid openssl typically does not know'
-    subject['1.3.6.1.4.1.311.60.2.1.3'].should == 'jurisdiction oid openssl typically does not know'
+    expect(subject['1.3.6.1.4.1.311.60.2.1.3']).to eq('jurisdiction oid openssl typically does not know')
   end
 
   it "deletes an OID" do
     subject = R509::Subject.new([["CN", "domain.com"], ['1.3.6.1.4.1.38383.60.2.1.0.0', 'random oid']])
-    subject.to_s.should == "/CN=domain.com/1.3.6.1.4.1.38383.60.2.1.0.0=random oid"
+    expect(subject.to_s).to eq("/CN=domain.com/1.3.6.1.4.1.38383.60.2.1.0.0=random oid")
     subject.delete("1.3.6.1.4.1.38383.60.2.1.0.0")
-    subject.to_s.should == "/CN=domain.com"
+    expect(subject.to_s).to eq("/CN=domain.com")
   end
 
   it "fails when you instantiate with an unknown shortname" do
@@ -109,87 +109,87 @@ describe R509::Subject do
   it "parses unknown OIDs out of a CSR" do
     csr = R509::CSR.new(:csr => @csr_unknown_oid)
     subject = R509::Subject.new(csr.subject)
-    subject["1.2.3.4.5.6.7.8.9.8.7.6.5.4.3.2.1.0.0"].should == "random oid!"
-    subject["1.3.3.543.567.32.43.335.1.1.1"].should == "another random oid!"
-    subject["CN"].should == 'normaldomain.com'
+    expect(subject["1.2.3.4.5.6.7.8.9.8.7.6.5.4.3.2.1.0.0"]).to eq("random oid!")
+    expect(subject["1.3.3.543.567.32.43.335.1.1.1"]).to eq("another random oid!")
+    expect(subject["CN"]).to eq('normaldomain.com')
   end
 
   it "builds a hash" do
     args = { :CN => "domain.com", :O => "my org", :"1.2.3.4.4.5.6.7" => "what" }
     subject = R509::Subject.new(args)
-    subject.to_h.should == args
+    expect(subject.to_h).to eq(args)
   end
 
   it "builds yaml" do
     args = { :CN => "domain.com", :O => "my org", :"1.2.3.4.4.5.6.7" => "what" }
     subject = R509::Subject.new(args)
-    YAML.load(subject.to_yaml).should == args
+    expect(YAML.load(subject.to_yaml)).to eq(args)
   end
 
   context "dynamic getter/setter behaviors" do
     it "recognizes getters for a standard subject oid" do
-      subject = R509::Subject.new [['CN','testCN']]
-      subject.CN.should == 'testCN'
-      subject.common_name.should == 'testCN'
-      subject.commonName.should == 'testCN'
+      subject = R509::Subject.new [['CN', 'testCN']]
+      expect(subject.CN).to eq('testCN')
+      expect(subject.common_name).to eq('testCN')
+      expect(subject.commonName).to eq('testCN')
     end
 
     it "recognizes setters for a standard subject oid" do
       subject = R509::Subject.new
-      subject.CN= 'testCN'
-      subject.CN.should == 'testCN'
-      subject.common_name= 'testCN2'
-      subject.common_name.should == 'testCN2'
-      subject.commonName= 'testCN3'
-      subject.commonName.should == 'testCN3'
-      subject.CN.should == 'testCN3'
-      subject.common_name.should == 'testCN3'
+      subject.CN = 'testCN'
+      expect(subject.CN).to eq('testCN')
+      subject.common_name = 'testCN2'
+      expect(subject.common_name).to eq('testCN2')
+      subject.commonName = 'testCN3'
+      expect(subject.commonName).to eq('testCN3')
+      expect(subject.CN).to eq('testCN3')
+      expect(subject.common_name).to eq('testCN3')
     end
 
     it "returns properly for respond_to? with a standard subject oid" do
       subject = R509::Subject.new
-      subject.respond_to?("CN").should == true
-      subject.respond_to?("CN=").should == true
-      subject.respond_to?("commonName").should == true
-      subject.respond_to?("commonName=").should == true
-      subject.respond_to?("common_name").should == true
-      subject.respond_to?("common_name=").should == true
+      expect(subject.respond_to?("CN")).to eq(true)
+      expect(subject.respond_to?("CN=")).to eq(true)
+      expect(subject.respond_to?("commonName")).to eq(true)
+      expect(subject.respond_to?("commonName=")).to eq(true)
+      expect(subject.respond_to?("common_name")).to eq(true)
+      expect(subject.respond_to?("common_name=")).to eq(true)
     end
 
     it "returns properly for respond_to? for an invalid method name" do
       subject = R509::Subject.new
-      subject.respond_to?("not_a_real_method=").should == false
-      subject.respond_to?("not_a_real_method").should == false
+      expect(subject.respond_to?("not_a_real_method=")).to eq(false)
+      expect(subject.respond_to?("not_a_real_method")).to eq(false)
     end
 
     it "errors on invalid method names" do
       subject = R509::Subject.new
-      expect { subject.random_value="assign" }.to raise_error(NoMethodError)
+      expect { subject.random_value = "assign" }.to raise_error(NoMethodError)
       expect { subject.random_value }.to raise_error(NoMethodError)
     end
 
     it "works with an arbitrarily defined OID" do
       R509::OIDMapper.register("1.4.3.2.1.2.3.6.6.6.6", "AOI", "arbitraryName")
       subject = R509::Subject.new
-      subject.AOI= "test"
-      subject.AOI.should == "test"
+      subject.AOI = "test"
+      expect(subject.AOI).to eq("test")
       subject.arbitrary_name = "test2"
-      subject.arbitrary_name.should == "test2"
-      subject.arbitraryName= "test3"
-      subject.arbitraryName.should == "test3"
-      subject.AOI.should == "test3"
-      subject.arbitrary_name.should == "test3"
+      expect(subject.arbitrary_name).to eq("test2")
+      subject.arbitraryName = "test3"
+      expect(subject.arbitraryName).to eq("test3")
+      expect(subject.AOI).to eq("test3")
+      expect(subject.arbitrary_name).to eq("test3")
     end
 
     it "returns properly for respond_to? with a custom subject oid" do
       R509::OIDMapper.register("1.4.3.2.1.2.3.7.7.7.7", "IOS", "iOperatingSystem")
       subject = R509::Subject.new
-      subject.respond_to?("IOS").should == true
-      subject.respond_to?("IOS=").should == true
-      subject.respond_to?("iOperatingSystem").should == true
-      subject.respond_to?("iOperatingSystem=").should == true
-      subject.respond_to?("i_operating_system").should == true
-      subject.respond_to?("i_operating_system=").should == true
+      expect(subject.respond_to?("IOS")).to eq(true)
+      expect(subject.respond_to?("IOS=")).to eq(true)
+      expect(subject.respond_to?("iOperatingSystem")).to eq(true)
+      expect(subject.respond_to?("iOperatingSystem=")).to eq(true)
+      expect(subject.respond_to?("i_operating_system")).to eq(true)
+      expect(subject.respond_to?("i_operating_system=")).to eq(true)
     end
 
   end
@@ -204,84 +204,84 @@ describe R509::NameSanitizer do
   it "when it has only known OIDs" do
     name = OpenSSL::X509::Name.new [["C", "US"], ["ST", "Illinois"]]
     array = @sanitizer.sanitize(name)
-    array.size.should == 2
-    array[0][0].should == "C"
-    array[0][1].should == "US"
-    array[1][0].should == "ST"
-    array[1][1].should == "Illinois"
+    expect(array.size).to eq(2)
+    expect(array[0][0]).to eq("C")
+    expect(array[0][1]).to eq("US")
+    expect(array[1][0]).to eq("ST")
+    expect(array[1][1]).to eq("Illinois")
   end
 
   it "when it has only unknown OIDs" do
     name = OpenSSL::X509::Name.new [["1.2.3.4", "US"], ["1.2.3.5", "Illinois"]]
     array = @sanitizer.sanitize(name)
-    array.size.should == 2
-    array[0][0].should == "1.2.3.4"
-    array[0][1].should == "US"
-    array[1][0].should == "1.2.3.5"
-    array[1][1].should == "Illinois"
+    expect(array.size).to eq(2)
+    expect(array[0][0]).to eq("1.2.3.4")
+    expect(array[0][1]).to eq("US")
+    expect(array[1][0]).to eq("1.2.3.5")
+    expect(array[1][1]).to eq("Illinois")
   end
 
   it "when it has an unknown between two knowns" do
     name = OpenSSL::X509::Name.new [["CN", "domain.com"], ["1.2.3.4", "US"], ["ST", "Illinois"]]
     array = @sanitizer.sanitize(name)
-    array.size.should == 3
-    array[0][0].should == "CN"
-    array[0][1].should == "domain.com"
-    array[1][0].should == "1.2.3.4"
-    array[1][1].should == "US"
-    array[2][0].should == "ST"
-    array[2][1].should == "Illinois"
+    expect(array.size).to eq(3)
+    expect(array[0][0]).to eq("CN")
+    expect(array[0][1]).to eq("domain.com")
+    expect(array[1][0]).to eq("1.2.3.4")
+    expect(array[1][1]).to eq("US")
+    expect(array[2][0]).to eq("ST")
+    expect(array[2][1]).to eq("Illinois")
   end
 
   it "when it has a known between two unknowns" do
     name = OpenSSL::X509::Name.new [["1.2.3.4", "domain.com"], ["C", "US"], ["1.2.3.5", "Illinois"]]
     array = @sanitizer.sanitize(name)
-    array.size.should == 3
-    array[0][0].should == "1.2.3.4"
-    array[0][1].should == "domain.com"
-    array[1][0].should == "C"
-    array[1][1].should == "US"
-    array[2][0].should == "1.2.3.5"
-    array[2][1].should == "Illinois"
+    expect(array.size).to eq(3)
+    expect(array[0][0]).to eq("1.2.3.4")
+    expect(array[0][1]).to eq("domain.com")
+    expect(array[1][0]).to eq("C")
+    expect(array[1][1]).to eq("US")
+    expect(array[2][0]).to eq("1.2.3.5")
+    expect(array[2][1]).to eq("Illinois")
   end
 
   it "when a known has the same value as an unknown defined before it" do
     name = OpenSSL::X509::Name.new [["1.2.3.4", "domain.com"], ["CN", "domain.com"]]
     array = @sanitizer.sanitize(name)
-    array.size.should == 2
-    array[0][0].should == "1.2.3.4"
-    array[0][1].should == "domain.com"
-    array[1][0].should == "CN"
-    array[1][1].should == "domain.com"
+    expect(array.size).to eq(2)
+    expect(array[0][0]).to eq("1.2.3.4")
+    expect(array[0][1]).to eq("domain.com")
+    expect(array[1][0]).to eq("CN")
+    expect(array[1][1]).to eq("domain.com")
   end
 
   it "when two unknowns have the same value" do
     name = OpenSSL::X509::Name.new [["1.2.3.4", "domain.com"], ["1.2.3.5", "domain.com"]]
     array = @sanitizer.sanitize(name)
-    array.size.should == 2
-    array[0][0].should == "1.2.3.4"
-    array[0][1].should == "domain.com"
-    array[1][0].should == "1.2.3.5"
-    array[1][1].should == "domain.com"
+    expect(array.size).to eq(2)
+    expect(array[0][0]).to eq("1.2.3.4")
+    expect(array[0][1]).to eq("domain.com")
+    expect(array[1][0]).to eq("1.2.3.5")
+    expect(array[1][1]).to eq("domain.com")
   end
 
   it "when two unknowns have the same oid and different values" do
     name = OpenSSL::X509::Name.new [["1.2.3.4", "domain.com"], ["1.2.3.4", "other"]]
     array = @sanitizer.sanitize(name)
-    array.size.should == 2
-    array[0][0].should == "1.2.3.4"
-    array[0][1].should == "domain.com"
-    array[1][0].should == "1.2.3.4"
-    array[1][1].should == "other"
+    expect(array.size).to eq(2)
+    expect(array[0][0]).to eq("1.2.3.4")
+    expect(array[0][1]).to eq("domain.com")
+    expect(array[1][0]).to eq("1.2.3.4")
+    expect(array[1][1]).to eq("other")
   end
 
   it "when two unknowns have the same oid and the same value" do
     name = OpenSSL::X509::Name.new [["1.2.3.4", "domain.com"], ["1.2.3.4", "domain.com"]]
     array = @sanitizer.sanitize(name)
-    array.size.should == 2
-    array[0][0].should == "1.2.3.4"
-    array[0][1].should == "domain.com"
-    array[1][0].should == "1.2.3.4"
-    array[1][1].should == "domain.com"
+    expect(array.size).to eq(2)
+    expect(array[0][0]).to eq("1.2.3.4")
+    expect(array[0][1]).to eq("domain.com")
+    expect(array[1][0]).to eq("1.2.3.4")
+    expect(array[1][1]).to eq("domain.com")
   end
 end