diff options
author | Kazuki Yamaguchi <k@rhe.jp> | 2020-05-18 02:35:35 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2021-10-22 17:16:07 +0900 |
commit | c732387ee5aaa8c5a9717e8b3ffebb3d7430e99a (patch) | |
tree | 9f02978f8f69b4952afca1af6720241b88ad662a | |
parent | 558cfbe5f5032d669e1eca4d94e9ebc9cfe1402d (diff) | |
download | ruby-openssl-c732387ee5aaa8c5a9717e8b3ffebb3d7430e99a.tar.gz |
test/openssl/test_pkey: use EC keys for PKey.generate_parameters tests
OpenSSL 3.0 refuses to generate DSA parameters shorter than 2048 bits,
but generating 2048 bits parameters takes very long time. Let's use EC
in these test cases instead.
-rw-r--r-- | test/openssl/test_pkey.rb | 27 |
1 files changed, 11 insertions, 16 deletions
diff --git a/test/openssl/test_pkey.rb b/test/openssl/test_pkey.rb index 4a539d8c..544340e3 100644 --- a/test/openssl/test_pkey.rb +++ b/test/openssl/test_pkey.rb @@ -27,20 +27,16 @@ class OpenSSL::TestPKey < OpenSSL::PKeyTestCase end def test_s_generate_parameters - # 512 is non-default; 1024 is used if 'dsa_paramgen_bits' is not specified - # with OpenSSL 1.1.0. - pkey = OpenSSL::PKey.generate_parameters("DSA", { - "dsa_paramgen_bits" => 512, - "dsa_paramgen_q_bits" => 256, + pkey = OpenSSL::PKey.generate_parameters("EC", { + "ec_paramgen_curve" => "secp384r1", }) - assert_instance_of OpenSSL::PKey::DSA, pkey - assert_equal 512, pkey.p.num_bits - assert_equal 256, pkey.q.num_bits - assert_equal nil, pkey.priv_key + assert_instance_of OpenSSL::PKey::EC, pkey + assert_equal "secp384r1", pkey.group.curve_name + assert_equal nil, pkey.private_key # Invalid options are checked assert_raise(OpenSSL::PKey::PKeyError) { - OpenSSL::PKey.generate_parameters("DSA", "invalid" => "option") + OpenSSL::PKey.generate_parameters("EC", "invalid" => "option") } # Parameter generation callback is called @@ -59,14 +55,13 @@ class OpenSSL::TestPKey < OpenSSL::PKeyTestCase # DSA key pair cannot be generated without parameters OpenSSL::PKey.generate_key("DSA") } - pkey_params = OpenSSL::PKey.generate_parameters("DSA", { - "dsa_paramgen_bits" => 512, - "dsa_paramgen_q_bits" => 256, + pkey_params = OpenSSL::PKey.generate_parameters("EC", { + "ec_paramgen_curve" => "secp384r1", }) pkey = OpenSSL::PKey.generate_key(pkey_params) - assert_instance_of OpenSSL::PKey::DSA, pkey - assert_equal 512, pkey.p.num_bits - assert_not_equal nil, pkey.priv_key + assert_instance_of OpenSSL::PKey::EC, pkey + assert_equal "secp384r1", pkey.group.curve_name + assert_not_equal nil, pkey.private_key end def test_hmac_sign_verify |