diff options
| author | Kazuki Yamaguchi <k@rhe.jp> | 2016-10-10 19:45:39 +0900 |
|---|---|---|
| committer | Kazuki Yamaguchi <k@rhe.jp> | 2017-06-19 15:50:54 +0900 |
| commit | af8a14df6994a4d22dff89b2ec1882867c0a7f19 (patch) | |
| tree | 376b0307d1040d50066a61662bbb07af3bc14f9b /test | |
| parent | 576eff66bece4c3e49d4041a3746c2a520627946 (diff) | |
| download | ruby-openssl-af8a14df6994a4d22dff89b2ec1882867c0a7f19.tar.gz | |
ocsp: add OpenSSL::OCSP::Request#signed?topic/ocsp-request-is-signed
Add a method to check whether the OpenSSL::OCSP::Request is signed or
not. Currently there is no way to distinguish them except inspecting
DER encoding or parsing verification error message.
Diffstat (limited to 'test')
| -rw-r--r-- | test/test_ocsp.rb | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/test/test_ocsp.rb b/test/test_ocsp.rb index 6677d751..25e052ae 100644 --- a/test/test_ocsp.rb +++ b/test/test_ocsp.rb @@ -128,6 +128,21 @@ class OpenSSL::TestOCSP < OpenSSL::TestCase # fixed by OpenSSL 1.0.1j, 1.0.2 and LibreSSL 2.4.2 pend "RT2560: ocsp_req_find_signer" end + + # not signed + req = OpenSSL::OCSP::Request.new.add_certid(cid) + assert_equal false, req.verify([], store) + end + + def test_request_is_signed + cid = OpenSSL::OCSP::CertificateId.new(@cert, @ca_cert) + req = OpenSSL::OCSP::Request.new + req.add_certid(cid) + assert_equal false, req.signed? + assert_equal false, OpenSSL::OCSP::Request.new(req.to_der).signed? + req.sign(@cert, @cert_key, []) + assert_equal true, req.signed? + assert_equal true, OpenSSL::OCSP::Request.new(req.to_der).signed? end def test_request_nonce |