You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
68 lines
2.4 KiB
68 lines
2.4 KiB
2 years ago
|
From 10d2216b2f35a31777a099d9f765b0b6ea34a63e Mon Sep 17 00:00:00 2001
|
||
|
From: Kazuki Yamaguchi <k@rhe.jp>
|
||
|
Date: Mon, 18 May 2020 02:35:35 +0900
|
||
|
Subject: [PATCH] test/openssl/test_pkey: use EC keys for
|
||
|
PKey.generate_parameters tests
|
||
|
|
||
|
OpenSSL 3.0 refuses to generate DSA parameters shorter than 2048 bits,
|
||
|
but generating 2048 bits parameters takes very long time. Let's use EC
|
||
|
in these test cases instead.
|
||
|
---
|
||
|
test/openssl/test_pkey.rb | 27 +++++++++++----------------
|
||
|
1 file changed, 11 insertions(+), 16 deletions(-)
|
||
|
|
||
|
diff --git a/test/openssl/test_pkey.rb b/test/openssl/test_pkey.rb
|
||
|
index 3630458b3c..88a6e04581 100644
|
||
|
--- a/test/openssl/test_pkey.rb
|
||
|
+++ b/test/openssl/test_pkey.rb
|
||
|
@@ -27,20 +27,16 @@ def test_generic_oid_inspect
|
||
|
end
|
||
|
|
||
|
def test_s_generate_parameters
|
||
|
- # 512 is non-default; 1024 is used if 'dsa_paramgen_bits' is not specified
|
||
|
- # with OpenSSL 1.1.0.
|
||
|
- pkey = OpenSSL::PKey.generate_parameters("DSA", {
|
||
|
- "dsa_paramgen_bits" => 512,
|
||
|
- "dsa_paramgen_q_bits" => 256,
|
||
|
+ pkey = OpenSSL::PKey.generate_parameters("EC", {
|
||
|
+ "ec_paramgen_curve" => "secp384r1",
|
||
|
})
|
||
|
- assert_instance_of OpenSSL::PKey::DSA, pkey
|
||
|
- assert_equal 512, pkey.p.num_bits
|
||
|
- assert_equal 256, pkey.q.num_bits
|
||
|
- assert_equal nil, pkey.priv_key
|
||
|
+ assert_instance_of OpenSSL::PKey::EC, pkey
|
||
|
+ assert_equal "secp384r1", pkey.group.curve_name
|
||
|
+ assert_equal nil, pkey.private_key
|
||
|
|
||
|
# Invalid options are checked
|
||
|
assert_raise(OpenSSL::PKey::PKeyError) {
|
||
|
- OpenSSL::PKey.generate_parameters("DSA", "invalid" => "option")
|
||
|
+ OpenSSL::PKey.generate_parameters("EC", "invalid" => "option")
|
||
|
}
|
||
|
|
||
|
# Parameter generation callback is called
|
||
|
@@ -59,14 +55,13 @@ def test_s_generate_key
|
||
|
# DSA key pair cannot be generated without parameters
|
||
|
OpenSSL::PKey.generate_key("DSA")
|
||
|
}
|
||
|
- pkey_params = OpenSSL::PKey.generate_parameters("DSA", {
|
||
|
- "dsa_paramgen_bits" => 512,
|
||
|
- "dsa_paramgen_q_bits" => 256,
|
||
|
+ pkey_params = OpenSSL::PKey.generate_parameters("EC", {
|
||
|
+ "ec_paramgen_curve" => "secp384r1",
|
||
|
})
|
||
|
pkey = OpenSSL::PKey.generate_key(pkey_params)
|
||
|
- assert_instance_of OpenSSL::PKey::DSA, pkey
|
||
|
- assert_equal 512, pkey.p.num_bits
|
||
|
- assert_not_equal nil, pkey.priv_key
|
||
|
+ assert_instance_of OpenSSL::PKey::EC, pkey
|
||
|
+ assert_equal "secp384r1", pkey.group.curve_name
|
||
|
+ assert_not_equal nil, pkey.private_key
|
||
|
end
|
||
|
|
||
|
def test_hmac_sign_verify
|
||
|
--
|
||
|
2.32.0
|
||
|
|