|
|
6daba0 |
From 10d2216b2f35a31777a099d9f765b0b6ea34a63e Mon Sep 17 00:00:00 2001
|
|
|
6daba0 |
From: Kazuki Yamaguchi <k@rhe.jp>
|
|
|
6daba0 |
Date: Mon, 18 May 2020 02:35:35 +0900
|
|
|
6daba0 |
Subject: [PATCH] test/openssl/test_pkey: use EC keys for
|
|
|
6daba0 |
PKey.generate_parameters tests
|
|
|
6daba0 |
|
|
|
6daba0 |
OpenSSL 3.0 refuses to generate DSA parameters shorter than 2048 bits,
|
|
|
6daba0 |
but generating 2048 bits parameters takes very long time. Let's use EC
|
|
|
6daba0 |
in these test cases instead.
|
|
|
6daba0 |
---
|
|
|
6daba0 |
test/openssl/test_pkey.rb | 27 +++++++++++----------------
|
|
|
6daba0 |
1 file changed, 11 insertions(+), 16 deletions(-)
|
|
|
6daba0 |
|
|
|
6daba0 |
diff --git a/test/openssl/test_pkey.rb b/test/openssl/test_pkey.rb
|
|
|
6daba0 |
index 3630458b3c..88a6e04581 100644
|
|
|
6daba0 |
--- a/test/openssl/test_pkey.rb
|
|
|
6daba0 |
+++ b/test/openssl/test_pkey.rb
|
|
|
6daba0 |
@@ -27,20 +27,16 @@ def test_generic_oid_inspect
|
|
|
6daba0 |
end
|
|
|
6daba0 |
|
|
|
6daba0 |
def test_s_generate_parameters
|
|
|
6daba0 |
- # 512 is non-default; 1024 is used if 'dsa_paramgen_bits' is not specified
|
|
|
6daba0 |
- # with OpenSSL 1.1.0.
|
|
|
6daba0 |
- pkey = OpenSSL::PKey.generate_parameters("DSA", {
|
|
|
6daba0 |
- "dsa_paramgen_bits" => 512,
|
|
|
6daba0 |
- "dsa_paramgen_q_bits" => 256,
|
|
|
6daba0 |
+ pkey = OpenSSL::PKey.generate_parameters("EC", {
|
|
|
6daba0 |
+ "ec_paramgen_curve" => "secp384r1",
|
|
|
6daba0 |
})
|
|
|
6daba0 |
- assert_instance_of OpenSSL::PKey::DSA, pkey
|
|
|
6daba0 |
- assert_equal 512, pkey.p.num_bits
|
|
|
6daba0 |
- assert_equal 256, pkey.q.num_bits
|
|
|
6daba0 |
- assert_equal nil, pkey.priv_key
|
|
|
6daba0 |
+ assert_instance_of OpenSSL::PKey::EC, pkey
|
|
|
6daba0 |
+ assert_equal "secp384r1", pkey.group.curve_name
|
|
|
6daba0 |
+ assert_equal nil, pkey.private_key
|
|
|
6daba0 |
|
|
|
6daba0 |
# Invalid options are checked
|
|
|
6daba0 |
assert_raise(OpenSSL::PKey::PKeyError) {
|
|
|
6daba0 |
- OpenSSL::PKey.generate_parameters("DSA", "invalid" => "option")
|
|
|
6daba0 |
+ OpenSSL::PKey.generate_parameters("EC", "invalid" => "option")
|
|
|
6daba0 |
}
|
|
|
6daba0 |
|
|
|
6daba0 |
# Parameter generation callback is called
|
|
|
6daba0 |
@@ -59,14 +55,13 @@ def test_s_generate_key
|
|
|
6daba0 |
# DSA key pair cannot be generated without parameters
|
|
|
6daba0 |
OpenSSL::PKey.generate_key("DSA")
|
|
|
6daba0 |
}
|
|
|
6daba0 |
- pkey_params = OpenSSL::PKey.generate_parameters("DSA", {
|
|
|
6daba0 |
- "dsa_paramgen_bits" => 512,
|
|
|
6daba0 |
- "dsa_paramgen_q_bits" => 256,
|
|
|
6daba0 |
+ pkey_params = OpenSSL::PKey.generate_parameters("EC", {
|
|
|
6daba0 |
+ "ec_paramgen_curve" => "secp384r1",
|
|
|
6daba0 |
})
|
|
|
6daba0 |
pkey = OpenSSL::PKey.generate_key(pkey_params)
|
|
|
6daba0 |
- assert_instance_of OpenSSL::PKey::DSA, pkey
|
|
|
6daba0 |
- assert_equal 512, pkey.p.num_bits
|
|
|
6daba0 |
- assert_not_equal nil, pkey.priv_key
|
|
|
6daba0 |
+ assert_instance_of OpenSSL::PKey::EC, pkey
|
|
|
6daba0 |
+ assert_equal "secp384r1", pkey.group.curve_name
|
|
|
6daba0 |
+ assert_not_equal nil, pkey.private_key
|
|
|
6daba0 |
end
|
|
|
6daba0 |
|
|
|
6daba0 |
def test_hmac_sign_verify
|
|
|
6daba0 |
--
|
|
|
6daba0 |
2.32.0
|
|
|
6daba0 |
|