diff options
author | qwyng <ikusawasi@gmail.com> | 2023-06-02 21:12:21 +0900 |
---|---|---|
committer | Kazuki Yamaguchi <k@rhe.jp> | 2023-06-17 03:08:11 +0900 |
commit | 189c167e4033f8923a12432e01f8f11345f22f48 (patch) | |
tree | 3f35f7f68e76a24d0f70d3bbe36d859301700a45 /test/openssl/test_provider.rb | |
parent | 58ce7fa4b90ca179307142f45687f7d802aca548 (diff) | |
download | ruby-openssl-189c167e4033f8923a12432e01f8f11345f22f48.tar.gz |
add OpenSSL Provider support
Diffstat (limited to 'test/openssl/test_provider.rb')
-rw-r--r-- | test/openssl/test_provider.rb | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/test/openssl/test_provider.rb b/test/openssl/test_provider.rb new file mode 100644 index 00000000..3040a4be --- /dev/null +++ b/test/openssl/test_provider.rb @@ -0,0 +1,67 @@ +# frozen_string_literal: true +require_relative 'utils' +if defined?(OpenSSL) && defined?(OpenSSL::Provider) && !OpenSSL.fips_mode + +class OpenSSL::TestProvider < OpenSSL::TestCase + def test_openssl_provider_name_inspect + with_openssl <<-'end;' + provider = OpenSSL::Provider.load("default") + assert_equal("default", provider.name) + assert_not_nil(provider.inspect) + end; + end + + def test_openssl_provider_names + with_openssl <<-'end;' + legacy_provider = OpenSSL::Provider.load("legacy") + assert_equal(2, OpenSSL::Provider.provider_names.size) + assert_includes(OpenSSL::Provider.provider_names, "legacy") + + assert_equal(true, legacy_provider.unload) + assert_equal(1, OpenSSL::Provider.provider_names.size) + assert_not_includes(OpenSSL::Provider.provider_names, "legacy") + end; + end + + def test_unloaded_openssl_provider + with_openssl <<-'end;' + default_provider = OpenSSL::Provider.load("default") + assert_equal(true, default_provider.unload) + assert_raise(OpenSSL::Provider::ProviderError) { default_provider.name } + assert_raise(OpenSSL::Provider::ProviderError) { default_provider.unload } + end; + end + + def test_openssl_legacy_provider + with_openssl(<<-'end;') + OpenSSL::Provider.load("legacy") + algo = "RC4" + data = "a" * 1000 + key = OpenSSL::Random.random_bytes(16) + + # default provider does not support RC4 + cipher = OpenSSL::Cipher.new(algo) + cipher.encrypt + cipher.key = key + encrypted = cipher.update(data) + cipher.final + + other_cipher = OpenSSL::Cipher.new(algo) + other_cipher.decrypt + other_cipher.key = key + decrypted = other_cipher.update(encrypted) + other_cipher.final + + assert_equal(data, decrypted) + end; + end + + private + + # this is required because OpenSSL::Provider methods change global state + def with_openssl(code, **opts) + assert_separately([{ "OSSL_MDEBUG" => nil }, "-ropenssl"], <<~"end;", **opts) + #{code} + end; + end +end + +end |