test/openssl/test_pkey: use EC keys for PKey.generate_parameters tests

OpenSSL 3.0 refuses to generate DSA parameters shorter than 2048 bits, but generating 2048 bits parameters takes very long time. Let's use EC in these test cases instead.
author: Kazuki Yamaguchi <k@rhe.jp> 2020-05-18 02:35:35 +0900
committer: Kazuki Yamaguchi <k@rhe.jp> 2021-10-22 17:16:07 +0900
commit: c732387ee5aaa8c5a9717e8b3ffebb3d7430e99a (patch)
tree: 9f02978f8f69b4952afca1af6720241b88ad662a
parent: 558cfbe5f5032d669e1eca4d94e9ebc9cfe1402d (diff)
download: ruby-openssl-c732387ee5aaa8c5a9717e8b3ffebb3d7430e99a.tar.gz
1 files changed, 11 insertions, 16 deletions
diff --git a/test/openssl/test_pkey.rb b/test/openssl/test_pkey.rb
index 4a539d8c..544340e3 100644
--- a/test/openssl/test_pkey.rb
+++ b/test/openssl/test_pkey.rb
@@ -27,20 +27,16 @@ class OpenSSL::TestPKey < OpenSSL::PKeyTestCase
   end
 
   def test_s_generate_parameters
-    # 512 is non-default; 1024 is used if 'dsa_paramgen_bits' is not specified
-    # with OpenSSL 1.1.0.
-    pkey = OpenSSL::PKey.generate_parameters("DSA", {
-      "dsa_paramgen_bits" => 512,
-      "dsa_paramgen_q_bits" => 256,
+    pkey = OpenSSL::PKey.generate_parameters("EC", {
+      "ec_paramgen_curve" => "secp384r1",
     })
-    assert_instance_of OpenSSL::PKey::DSA, pkey
-    assert_equal 512, pkey.p.num_bits
-    assert_equal 256, pkey.q.num_bits
-    assert_equal nil, pkey.priv_key
+    assert_instance_of OpenSSL::PKey::EC, pkey
+    assert_equal "secp384r1", pkey.group.curve_name
+    assert_equal nil, pkey.private_key
 
     # Invalid options are checked
     assert_raise(OpenSSL::PKey::PKeyError) {
-      OpenSSL::PKey.generate_parameters("DSA", "invalid" => "option")
+      OpenSSL::PKey.generate_parameters("EC", "invalid" => "option")
     }
 
     # Parameter generation callback is called
@@ -59,14 +55,13 @@ class OpenSSL::TestPKey < OpenSSL::PKeyTestCase
       # DSA key pair cannot be generated without parameters
       OpenSSL::PKey.generate_key("DSA")
     }
-    pkey_params = OpenSSL::PKey.generate_parameters("DSA", {
-      "dsa_paramgen_bits" => 512,
-      "dsa_paramgen_q_bits" => 256,
+    pkey_params = OpenSSL::PKey.generate_parameters("EC", {
+      "ec_paramgen_curve" => "secp384r1",
     })
     pkey = OpenSSL::PKey.generate_key(pkey_params)
-    assert_instance_of OpenSSL::PKey::DSA, pkey
-    assert_equal 512, pkey.p.num_bits
-    assert_not_equal nil, pkey.priv_key
+    assert_instance_of OpenSSL::PKey::EC, pkey
+    assert_equal "secp384r1", pkey.group.curve_name
+    assert_not_equal nil, pkey.private_key
   end
 
   def test_hmac_sign_verify
author	Kazuki Yamaguchi <k@rhe.jp>	2020-05-18 02:35:35 +0900
committer	Kazuki Yamaguchi <k@rhe.jp>	2021-10-22 17:16:07 +0900
commit	c732387ee5aaa8c5a9717e8b3ffebb3d7430e99a (patch)
tree	9f02978f8f69b4952afca1af6720241b88ad662a
parent	558cfbe5f5032d669e1eca4d94e9ebc9cfe1402d (diff)
download	ruby-openssl-c732387ee5aaa8c5a9717e8b3ffebb3d7430e99a.tar.gz