rubygems-update 3.3.18 → 3.4.19

data/test/rubygems/test_gem_security.rb

@@ -1,22 +1,23 @@
 # frozen_string_literal: true
-require_relative 'helper'
-require 'rubygems/security'
+
+require_relative "helper"
+require "rubygems/security"
 
 unless Gem::HAVE_OPENSSL
-  warn 'Skipping Gem::Security tests.  openssl not found.'
+  warn "Skipping Gem::Security tests.  openssl not found."
 end
 
 if Gem.java_platform?
-  warn 'Skipping Gem::Security tests on jruby.'
+  warn "Skipping Gem::Security tests on jruby."
 end
 
 class TestGemSecurity < Gem::TestCase
-  CHILD_KEY = load_key 'child'
-  EC_KEY = load_key 'private_ec', 'Foo bar'
+  CHILD_KEY = load_key "child"
+  EC_KEY = load_key "private_ec", "Foo bar"
 
-  ALTERNATE_CERT = load_cert 'child'
-  CHILD_CERT     = load_cert 'child'
-  EXPIRED_CERT   = load_cert 'expired'
+  ALTERNATE_CERT = load_cert "child"
+  CHILD_CERT     = load_cert "child"
+  EXPIRED_CERT   = load_cert "expired"
 
   def setup
     super
@@ -42,19 +43,19 @@ class TestGemSecurity < Gem::TestCase
     assert_equal 3, cert.extensions.length,
                  cert.extensions.map {|e| e.to_a.first }
 
-    constraints = cert.extensions.find {|ext| ext.oid == 'basicConstraints' }
-    assert_equal 'CA:FALSE', constraints.value
+    constraints = cert.extensions.find {|ext| ext.oid == "basicConstraints" }
+    assert_equal "CA:FALSE", constraints.value
 
-    key_usage = cert.extensions.find {|ext| ext.oid == 'keyUsage' }
-    assert_equal 'Digital Signature, Key Encipherment, Data Encipherment',
+    key_usage = cert.extensions.find {|ext| ext.oid == "keyUsage" }
+    assert_equal "Digital Signature, Key Encipherment, Data Encipherment",
                  key_usage.value
 
-    key_ident = cert.extensions.find {|ext| ext.oid == 'subjectKeyIdentifier' }
+    key_ident = cert.extensions.find {|ext| ext.oid == "subjectKeyIdentifier" }
     assert_equal 59, key_ident.value.length
-    assert_equal '5F:43:6E:F6:9A:8E:45:25:E9:22:E3:7D:37:5E:A4:D5:36:02:85:1B',
+    assert_equal "B1:1A:54:09:67:45:60:02:02:D7:CE:F4:1D:60:4A:89:DF:E7:58:D9",
                  key_ident.value
 
-    assert_equal '', cert.issuer.to_s
+    assert_equal "", cert.issuer.to_s
     assert_equal name.to_s, cert.subject.to_s
   end
 
@@ -63,12 +64,12 @@ class TestGemSecurity < Gem::TestCase
 
     cert = @SEC.create_cert_self_signed subject, PRIVATE_KEY, 60
 
-    assert_equal '/CN=nobody/DC=example', cert.issuer.to_s
+    assert_equal "/CN=nobody/DC=example", cert.issuer.to_s
     assert_equal "sha256WithRSAEncryption", cert.signature_algorithm
   end
 
   def test_class_create_cert_email
-    email = 'nobody@example'
+    email = "nobody@example"
     name = PUBLIC_CERT.subject
     key = PRIVATE_KEY
 
@@ -87,37 +88,37 @@ class TestGemSecurity < Gem::TestCase
     assert_equal 5, cert.extensions.length,
                  cert.extensions.map {|e| e.to_a.first }
 
-    constraints = cert.extensions.find {|ext| ext.oid == 'subjectAltName' }
-    assert_equal 'email:nobody@example', constraints.value
+    constraints = cert.extensions.find {|ext| ext.oid == "subjectAltName" }
+    assert_equal "email:nobody@example", constraints.value
 
-    constraints = cert.extensions.find {|ext| ext.oid == 'basicConstraints' }
-    assert_equal 'CA:FALSE', constraints.value
+    constraints = cert.extensions.find {|ext| ext.oid == "basicConstraints" }
+    assert_equal "CA:FALSE", constraints.value
 
-    key_usage = cert.extensions.find {|ext| ext.oid == 'keyUsage' }
-    assert_equal 'Digital Signature, Key Encipherment, Data Encipherment',
+    key_usage = cert.extensions.find {|ext| ext.oid == "keyUsage" }
+    assert_equal "Digital Signature, Key Encipherment, Data Encipherment",
                  key_usage.value
 
-    key_ident = cert.extensions.find {|ext| ext.oid == 'subjectKeyIdentifier' }
+    key_ident = cert.extensions.find {|ext| ext.oid == "subjectKeyIdentifier" }
     assert_equal 59, key_ident.value.length
-    assert_equal '5F:43:6E:F6:9A:8E:45:25:E9:22:E3:7D:37:5E:A4:D5:36:02:85:1B',
+    assert_equal "B1:1A:54:09:67:45:60:02:02:D7:CE:F4:1D:60:4A:89:DF:E7:58:D9",
                  key_ident.value
   end
 
   def test_class_create_key
-    key = @SEC.create_key 'rsa'
+    key = @SEC.create_key "rsa"
 
     assert_kind_of OpenSSL::PKey::RSA, key
   end
 
   def test_class_create_key_downcases
-    key = @SEC.create_key 'DSA'
+    key = @SEC.create_key "DSA"
 
     assert_kind_of OpenSSL::PKey::DSA, key
   end
 
   def test_class_create_key_raises_unknown_algorithm
     e = assert_raise Gem::Security::Exception do
-      @SEC.create_key 'NOT_RSA'
+      @SEC.create_key "NOT_RSA"
     end
 
     assert_equal "NOT_RSA algorithm not found. RSA, DSA, and EC algorithms are supported.",
@@ -137,21 +138,21 @@ class TestGemSecurity < Gem::TestCase
   end
 
   def test_class_email_to_name
-    assert_equal '/CN=nobody/DC=example',
-                 @SEC.email_to_name('nobody@example').to_s
+    assert_equal "/CN=nobody/DC=example",
+                 @SEC.email_to_name("nobody@example").to_s
 
-    assert_equal '/CN=nobody/DC=example/DC=com',
-                 @SEC.email_to_name('nobody@example.com').to_s
+    assert_equal "/CN=nobody/DC=example/DC=com",
+                 @SEC.email_to_name("nobody@example.com").to_s
 
-    assert_equal '/CN=no.body/DC=example',
-                 @SEC.email_to_name('no.body@example').to_s
+    assert_equal "/CN=no.body/DC=example",
+                 @SEC.email_to_name("no.body@example").to_s
 
-    assert_equal '/CN=no_body/DC=example',
-                 @SEC.email_to_name('no+body@example').to_s
+    assert_equal "/CN=no_body/DC=example",
+                 @SEC.email_to_name("no+body@example").to_s
   end
 
   def test_class_re_sign
-    assert_equal "sha1WithRSAEncryption", EXPIRED_CERT.signature_algorithm
+    assert_equal "sha256WithRSAEncryption", EXPIRED_CERT.signature_algorithm
     re_signed = Gem::Security.re_sign EXPIRED_CERT, PRIVATE_KEY, 60
 
     assert_in_delta Time.now,      re_signed.not_before, 10
@@ -168,7 +169,7 @@ class TestGemSecurity < Gem::TestCase
     end
 
     child_alt_name = CHILD_CERT.extensions.find do |extension|
-      extension.oid == 'subjectAltName'
+      extension.oid == "subjectAltName"
     end
 
     assert_equal "#{child_alt_name.value} is not self-signed, contact " +
@@ -217,20 +218,20 @@ class TestGemSecurity < Gem::TestCase
     assert_equal 4, signed.extensions.length,
                  signed.extensions.map {|e| e.to_a.first }
 
-    constraints = signed.extensions.find {|ext| ext.oid == 'issuerAltName' }
-    assert_equal 'email:nobody@example', constraints.value, 'issuerAltName'
+    constraints = signed.extensions.find {|ext| ext.oid == "issuerAltName" }
+    assert_equal "email:nobody@example", constraints.value, "issuerAltName"
 
-    constraints = signed.extensions.find {|ext| ext.oid == 'basicConstraints' }
-    assert_equal 'CA:FALSE', constraints.value
+    constraints = signed.extensions.find {|ext| ext.oid == "basicConstraints" }
+    assert_equal "CA:FALSE", constraints.value
 
-    key_usage = signed.extensions.find {|ext| ext.oid == 'keyUsage' }
-    assert_equal 'Digital Signature, Key Encipherment, Data Encipherment',
+    key_usage = signed.extensions.find {|ext| ext.oid == "keyUsage" }
+    assert_equal "Digital Signature, Key Encipherment, Data Encipherment",
                  key_usage.value
 
     key_ident =
-      signed.extensions.find {|ext| ext.oid == 'subjectKeyIdentifier' }
+      signed.extensions.find {|ext| ext.oid == "subjectKeyIdentifier" }
     assert_equal 59, key_ident.value.length
-    assert_equal '5F:43:6E:F6:9A:8E:45:25:E9:22:E3:7D:37:5E:A4:D5:36:02:85:1B',
+    assert_equal "B1:1A:54:09:67:45:60:02:02:D7:CE:F4:1D:60:4A:89:DF:E7:58:D9",
                  key_ident.value
 
     assert signed.verify key
@@ -240,7 +241,7 @@ class TestGemSecurity < Gem::TestCase
     issuer = PUBLIC_CERT.subject
     signee = OpenSSL::X509::Name.parse "/CN=signee/DC=example"
 
-    cert = @SEC.create_cert_email 'signee@example', PRIVATE_KEY
+    cert = @SEC.create_cert_email "signee@example", PRIVATE_KEY
 
     signed = @SEC.sign cert, PRIVATE_KEY, PUBLIC_CERT, 60
 
@@ -256,23 +257,23 @@ class TestGemSecurity < Gem::TestCase
     assert_equal 5, signed.extensions.length,
                  signed.extensions.map {|e| e.to_a.first }
 
-    constraints = signed.extensions.find {|ext| ext.oid == 'issuerAltName' }
-    assert_equal 'email:nobody@example', constraints.value, 'issuerAltName'
+    constraints = signed.extensions.find {|ext| ext.oid == "issuerAltName" }
+    assert_equal "email:nobody@example", constraints.value, "issuerAltName"
 
-    constraints = signed.extensions.find {|ext| ext.oid == 'subjectAltName' }
-    assert_equal 'email:signee@example', constraints.value, 'subjectAltName'
+    constraints = signed.extensions.find {|ext| ext.oid == "subjectAltName" }
+    assert_equal "email:signee@example", constraints.value, "subjectAltName"
 
-    constraints = signed.extensions.find {|ext| ext.oid == 'basicConstraints' }
-    assert_equal 'CA:FALSE', constraints.value
+    constraints = signed.extensions.find {|ext| ext.oid == "basicConstraints" }
+    assert_equal "CA:FALSE", constraints.value
 
-    key_usage = signed.extensions.find {|ext| ext.oid == 'keyUsage' }
-    assert_equal 'Digital Signature, Key Encipherment, Data Encipherment',
+    key_usage = signed.extensions.find {|ext| ext.oid == "keyUsage" }
+    assert_equal "Digital Signature, Key Encipherment, Data Encipherment",
                  key_usage.value
 
     key_ident =
-      signed.extensions.find {|ext| ext.oid == 'subjectKeyIdentifier' }
+      signed.extensions.find {|ext| ext.oid == "subjectKeyIdentifier" }
     assert_equal 59, key_ident.value.length
-    assert_equal '5F:43:6E:F6:9A:8E:45:25:E9:22:E3:7D:37:5E:A4:D5:36:02:85:1B',
+    assert_equal "B1:1A:54:09:67:45:60:02:02:D7:CE:F4:1D:60:4A:89:DF:E7:58:D9",
                  key_ident.value
 
     assert signed.verify PUBLIC_KEY
@@ -281,15 +282,15 @@ class TestGemSecurity < Gem::TestCase
   def test_class_trust_dir
     trust_dir = @SEC.trust_dir
 
-    expected = File.join Gem.user_home, '.gem/trust'
+    expected = File.join Gem.user_home, ".gem/trust"
 
     assert_equal expected, trust_dir.dir
   end
 
   def test_class_write
-    key = @SEC.create_key 'rsa'
+    key = @SEC.create_key "rsa"
 
-    path = File.join @tempdir, 'test-private_key.pem'
+    path = File.join @tempdir, "test-private_key.pem"
 
     @SEC.write key, path
 
@@ -301,11 +302,11 @@ class TestGemSecurity < Gem::TestCase
   end
 
   def test_class_write_encrypted
-    key = @SEC.create_key 'rsa'
+    key = @SEC.create_key "rsa"
 
-    path = File.join @tempdir, 'test-private_encrypted_key.pem'
+    path = File.join @tempdir, "test-private_encrypted_key.pem"
 
-    passphrase = 'It should be long.'
+    passphrase = "It should be long."
 
     @SEC.write key, path, 0600, passphrase
 
@@ -317,13 +318,13 @@ class TestGemSecurity < Gem::TestCase
   end
 
   def test_class_write_encrypted_cipher
-    key = @SEC.create_key 'rsa'
+    key = @SEC.create_key "rsa"
 
-    path = File.join @tempdir, 'test-private_encrypted__with_non_default_cipher_key.pem'
+    path = File.join @tempdir, "test-private_encrypted__with_non_default_cipher_key.pem"
 
-    passphrase = 'It should be long.'
+    passphrase = "It should be long."
 
-    cipher = OpenSSL::Cipher.new 'AES-192-CBC'
+    cipher = OpenSSL::Cipher.new "AES-192-CBC"
 
     @SEC.write key, path, 0600, passphrase, cipher
 

data/test/rubygems/test_gem_security_policy.rb

@@ -1,34 +1,34 @@
 # frozen_string_literal: true
 
-require_relative 'helper'
+require_relative "helper"
 
 unless Gem::HAVE_OPENSSL
-  warn 'Skipping Gem::Security::Policy tests.  openssl not found.'
+  warn "Skipping Gem::Security::Policy tests.  openssl not found."
 end
 
 class TestGemSecurityPolicy < Gem::TestCase
-  ALTERNATE_KEY    = load_key 'alternate'
-  INVALID_KEY      = load_key 'invalid'
-  CHILD_KEY        = load_key 'child'
-  GRANDCHILD_KEY   = load_key 'grandchild'
-  INVALIDCHILD_KEY = load_key 'invalidchild'
-
-  ALTERNATE_CERT      = load_cert 'alternate'
-  CA_CERT             = load_cert 'ca'
-  CHILD_CERT          = load_cert 'child'
-  EXPIRED_CERT        = load_cert 'expired'
-  FUTURE_CERT         = load_cert 'future'
-  GRANDCHILD_CERT     = load_cert 'grandchild'
-  INVALIDCHILD_CERT   = load_cert 'invalidchild'
-  INVALID_ISSUER_CERT = load_cert 'invalid_issuer'
-  INVALID_SIGNER_CERT = load_cert 'invalid_signer'
-  WRONG_KEY_CERT      = load_cert 'wrong_key'
+  ALTERNATE_KEY    = load_key "alternate"
+  INVALID_KEY      = load_key "invalid"
+  CHILD_KEY        = load_key "child"
+  GRANDCHILD_KEY   = load_key "grandchild"
+  INVALIDCHILD_KEY = load_key "invalidchild"
+
+  ALTERNATE_CERT      = load_cert "alternate"
+  CA_CERT             = load_cert "ca"
+  CHILD_CERT          = load_cert "child"
+  EXPIRED_CERT        = load_cert "expired"
+  FUTURE_CERT         = load_cert "future"
+  GRANDCHILD_CERT     = load_cert "grandchild"
+  INVALIDCHILD_CERT   = load_cert "invalidchild"
+  INVALID_ISSUER_CERT = load_cert "invalid_issuer"
+  INVALID_SIGNER_CERT = load_cert "invalid_signer"
+  WRONG_KEY_CERT      = load_cert "wrong_key"
 
   def setup
     super
 
-    @spec = quick_gem 'a' do |s|
-      s.description = 'π'
+    @spec = quick_gem "a" do |s|
+      s.description = "π"
       s.files = %w[lib/code.rb]
     end
 
@@ -42,28 +42,28 @@ class TestGemSecurityPolicy < Gem::TestCase
     @high      = Gem::Security::HighSecurity
 
     @chain = Gem::Security::Policy.new(
-      'Chain',
-      :verify_data   => true,
+      "Chain",
+      :verify_data => true,
       :verify_signer => true,
-      :verify_chain  => true,
-      :verify_root   => false,
-      :only_trusted  => false,
-      :only_signed   => false
+      :verify_chain => true,
+      :verify_root => false,
+      :only_trusted => false,
+      :only_signed => false
     )
 
     @root = Gem::Security::Policy.new(
-      'Root',
-      :verify_data   => true,
+      "Root",
+      :verify_data => true,
       :verify_signer => true,
-      :verify_chain  => true,
-      :verify_root   => true,
-      :only_trusted  => false,
-      :only_signed   => false
+      :verify_chain => true,
+      :verify_root => true,
+      :only_trusted => false,
+      :only_signed => false
     )
   end
 
   def test_check_data
-    data = digest 'hello'
+    data = digest "hello"
 
     signature = sign data
 
@@ -71,17 +71,17 @@ class TestGemSecurityPolicy < Gem::TestCase
   end
 
   def test_check_data_invalid
-    data = digest 'hello'
+    data = digest "hello"
 
     signature = sign data
 
-    invalid = digest 'hello!'
+    invalid = digest "hello!"
 
     e = assert_raise Gem::Security::Exception do
       @almost_no.check_data PUBLIC_KEY, @digest, signature, invalid
     end
 
-    assert_equal 'invalid signature', e.message
+    assert_equal "invalid signature", e.message
   end
 
   def test_check_chain
@@ -95,7 +95,7 @@ class TestGemSecurityPolicy < Gem::TestCase
       @chain.check_chain [], Time.now
     end
 
-    assert_equal 'empty signing chain', e.message
+    assert_equal "empty signing chain", e.message
   end
 
   def test_check_chain_invalid
@@ -115,7 +115,7 @@ class TestGemSecurityPolicy < Gem::TestCase
       @chain.check_chain nil, Time.now
     end
 
-    assert_equal 'missing signing chain', e.message
+    assert_equal "missing signing chain", e.message
   end
 
   def test_check_cert
@@ -161,7 +161,7 @@ class TestGemSecurityPolicy < Gem::TestCase
       @high.check_cert(nil, nil, Time.now)
     end
 
-    assert_equal 'missing signing certificate', e.message
+    assert_equal "missing signing certificate", e.message
   end
 
   def test_check_key
@@ -175,7 +175,7 @@ class TestGemSecurityPolicy < Gem::TestCase
       @high.check_key(nil, nil)
     end
 
-    assert_equal 'missing key or signature', e.message
+    assert_equal "missing key or signature", e.message
   end
 
   def test_check_key_wrong_key
@@ -198,7 +198,7 @@ class TestGemSecurityPolicy < Gem::TestCase
       @chain.check_root [], Time.now
     end
 
-    assert_equal 'missing root certificate', e.message
+    assert_equal "missing root certificate", e.message
   end
 
   def test_check_root_invalid_signer
@@ -230,7 +230,7 @@ class TestGemSecurityPolicy < Gem::TestCase
       @chain.check_root nil, Time.now
     end
 
-    assert_equal 'missing signing chain', e.message
+    assert_equal "missing signing chain", e.message
   end
 
   def test_check_trust
@@ -250,7 +250,7 @@ class TestGemSecurityPolicy < Gem::TestCase
       @chain.check_trust [], @digest, @trust_dir
     end
 
-    assert_equal 'missing root certificate', e.message
+    assert_equal "missing root certificate", e.message
   end
 
   def test_check_trust_mismatch
@@ -269,7 +269,7 @@ class TestGemSecurityPolicy < Gem::TestCase
       @chain.check_trust nil, @digest, @trust_dir
     end
 
-    assert_equal 'missing signing chain', e.message
+    assert_equal "missing signing chain", e.message
   end
 
   def test_check_trust_no_trust
@@ -290,8 +290,8 @@ class TestGemSecurityPolicy < Gem::TestCase
   end
 
   def test_subject
-    assert_equal 'email:nobody@example', @no.subject(PUBLIC_CERT)
-    assert_equal '/C=JP/ST=Tokyo/O=RubyGemsTest/CN=CA', @no.subject(CA_CERT)
+    assert_equal "email:nobody@example", @no.subject(PUBLIC_CERT)
+    assert_equal "/C=JP/ST=Tokyo/O=RubyGemsTest/CN=CA", @no.subject(CA_CERT)
   end
 
   def test_verify
@@ -319,7 +319,7 @@ class TestGemSecurityPolicy < Gem::TestCase
       @almost_no.verify [PUBLIC_CERT], nil, {}, signatures
     end
 
-    assert_equal 'no digests provided (probable bug)', e.message
+    assert_equal "no digests provided (probable bug)", e.message
   end
 
   def test_verify_no_digests_no_security
@@ -331,7 +331,7 @@ class TestGemSecurityPolicy < Gem::TestCase
       @no.verify [PUBLIC_CERT], nil, {}, signatures
     end
 
-    assert_equal 'missing digest for 0', e.message
+    assert_equal "missing digest for 0", e.message
   end
 
   def test_verify_no_signatures
@@ -340,7 +340,7 @@ class TestGemSecurityPolicy < Gem::TestCase
     digests, = dummy_signatures
 
     use_ui @ui do
-      @no.verify [PUBLIC_CERT], nil, digests, {}, 'some_gem'
+      @no.verify [PUBLIC_CERT], nil, digests, {}, "some_gem"
     end
 
     assert_match "WARNING:  some_gem is not signed\n", @ui.error
@@ -354,7 +354,7 @@ class TestGemSecurityPolicy < Gem::TestCase
     Gem::Security.trust_dir.trust_cert PUBLIC_CERT
 
     use_ui @ui do
-      @no.verify [PUBLIC_CERT], nil, {}, {}, 'some_gem'
+      @no.verify [PUBLIC_CERT], nil, {}, {}, "some_gem"
     end
 
     assert_empty @ui.output
@@ -366,7 +366,7 @@ class TestGemSecurityPolicy < Gem::TestCase
 
     digests, signatures = dummy_signatures
 
-    data = digest 'goodbye'
+    data = digest "goodbye"
 
     signatures[1] = PRIVATE_KEY.sign @digest.new, data.digest
 
@@ -374,14 +374,14 @@ class TestGemSecurityPolicy < Gem::TestCase
       @almost_no.verify [PUBLIC_CERT], nil, digests, signatures
     end
 
-    assert_equal 'missing digest for 1', e.message
+    assert_equal "missing digest for 1", e.message
   end
 
   def test_verify_no_trust
     digests, signatures = dummy_signatures
 
     use_ui @ui do
-      @low.verify [PUBLIC_CERT], nil, digests, signatures, 'some_gem'
+      @low.verify [PUBLIC_CERT], nil, digests, signatures, "some_gem"
     end
 
     assert_equal "WARNING:  email:nobody@example is not trusted for some_gem\n",
@@ -395,18 +395,18 @@ class TestGemSecurityPolicy < Gem::TestCase
   def test_verify_wrong_digest_type
     Gem::Security.trust_dir.trust_cert PUBLIC_CERT
 
-    data = OpenSSL::Digest.new('SHA512')
-    data << 'hello'
+    data = OpenSSL::Digest.new("SHA512")
+    data << "hello"
 
-    digests    = { 'SHA512' => { 0 => data } }
-    signature  = PRIVATE_KEY.sign 'sha512', data.digest
+    digests    = { "SHA512" => { 0 => data } }
+    signature  = PRIVATE_KEY.sign "sha512", data.digest
     signatures = { 0 => signature }
 
     e = assert_raise Gem::Security::Exception do
       @almost_no.verify [PUBLIC_CERT], nil, digests, signatures
     end
 
-    assert_equal 'no digests provided (probable bug)', e.message
+    assert_equal "no digests provided (probable bug)", e.message
   end
 
   def test_verify_signatures_chain
@@ -448,17 +448,17 @@ class TestGemSecurityPolicy < Gem::TestCase
 
     metadata_gz = Gem::Util.gzip @spec.to_yaml
 
-    package = Gem::Package.new 'nonexistent.gem'
+    package = Gem::Package.new "nonexistent.gem"
     package.checksums[Gem::Security::DIGEST_NAME] = {}
 
     s = StringIO.new metadata_gz
-    def s.full_name() 'metadata.gz' end
+    def s.full_name() "metadata.gz" end
 
     digests = package.digest s
-    metadata_gz_digest = digests[Gem::Security::DIGEST_NAME]['metadata.gz']
+    metadata_gz_digest = digests[Gem::Security::DIGEST_NAME]["metadata.gz"]
 
     signatures = {}
-    signatures['metadata.gz'] =
+    signatures["metadata.gz"] =
       PRIVATE_KEY.sign @digest.new, metadata_gz_digest.digest
 
     assert @high.verify_signatures @spec, digests, signatures
@@ -471,26 +471,26 @@ class TestGemSecurityPolicy < Gem::TestCase
 
     metadata_gz = Gem::Util.gzip @spec.to_yaml
 
-    package = Gem::Package.new 'nonexistent.gem'
+    package = Gem::Package.new "nonexistent.gem"
     package.checksums[Gem::Security::DIGEST_NAME] = {}
 
     s = StringIO.new metadata_gz
-    def s.full_name() 'metadata.gz' end
+    def s.full_name() "metadata.gz" end
 
     digests = package.digest s
-    digests[Gem::Security::DIGEST_NAME]['data.tar.gz'] = @digest.hexdigest 'hello'
+    digests[Gem::Security::DIGEST_NAME]["data.tar.gz"] = @digest.hexdigest "hello"
 
-    metadata_gz_digest = digests[Gem::Security::DIGEST_NAME]['metadata.gz']
+    metadata_gz_digest = digests[Gem::Security::DIGEST_NAME]["metadata.gz"]
 
     signatures = {}
-    signatures['metadata.gz'] =
+    signatures["metadata.gz"] =
       PRIVATE_KEY.sign @digest.new, metadata_gz_digest.digest
 
     e = assert_raise Gem::Security::Exception do
       @high.verify_signatures @spec, digests, signatures
     end
 
-    assert_equal 'missing signature for data.tar.gz', e.message
+    assert_equal "missing signature for data.tar.gz", e.message
   end
 
   def test_verify_signatures_none
@@ -500,14 +500,14 @@ class TestGemSecurityPolicy < Gem::TestCase
 
     metadata_gz = Gem::Util.gzip @spec.to_yaml
 
-    package = Gem::Package.new 'nonexistent.gem'
+    package = Gem::Package.new "nonexistent.gem"
     package.checksums[Gem::Security::DIGEST_NAME] = {}
 
     s = StringIO.new metadata_gz
-    def s.full_name() 'metadata.gz' end
+    def s.full_name() "metadata.gz" end
 
     digests = package.digest s
-    digests[Gem::Security::DIGEST_NAME]['data.tar.gz'] = @digest.hexdigest 'hello'
+    digests[Gem::Security::DIGEST_NAME]["data.tar.gz"] = @digest.hexdigest "hello"
 
     assert_raise Gem::Security::Exception do
       @high.verify_signatures @spec, digests, {}
@@ -525,7 +525,7 @@ class TestGemSecurityPolicy < Gem::TestCase
   end
 
   def dummy_signatures(key = PRIVATE_KEY)
-    data = digest 'hello'
+    data = digest "hello"
 
     digests    = { Gem::Security::DIGEST_NAME => { 0 => data } }
     signatures = { 0 => sign(data, key) }