aboutsummaryrefslogtreecommitdiffstats
path: root/test/test_pkey_dh.rb
Commit message (Collapse)AuthorAgeFilesLines
* Merge branch 'topic/ssl-move-default-dh-params'Kazuki Yamaguchi2017-01-261-16/+0
|\ | | | | | | | | * topic/ssl-move-default-dh-params: ssl: move default DH parameters from OpenSSL::PKey::DH
| * ssl: move default DH parameters from OpenSSL::PKey::DHtopic/ssl-move-default-dh-paramsKazuki Yamaguchi2017-01-241-16/+0
| | | | | | | | They should belong to OpenSSL::SSL rather than OpenSSL::PKey::DH.
* | test: prepare test PKey instances on demandKazuki Yamaguchi2017-01-171-11/+10
| | | | | | | | | | | | Preparing for the introduction of the memory leak checker. Do not leave OpenSSL objects in constants that wouldn't be GCed in order to avoid false positives.
* | Remove support for OpenSSL 0.9.8 and 1.0.0topic/drop-openssl-098-and-100Kazuki Yamaguchi2016-12-221-4/+0
|/ | | | | | | | | | They are no longer receiving security updates from the OpenSSL development team since 2015-12. We have kept basic compatibility until now because RHEL 5 still uses an (heavily modified) OpenSSL 0.9.8e. The RHEL 5 will reach EOL on 2017-03, thus it is now safe to assume nobody is still using such old versions of OpenSSL.
* test: rework PEM/DER encoding and decoding testsKazuki Yamaguchi2016-08-181-15/+26
| | | | | Check that PKey::*.new actually read the ASN.1 structure, and PKey::PKey#to_der and #export return the expected structure.
* test/test_pkey_dh: refine OpenSSL::PKey::DH::DEFAULT_* testsKazuki Yamaguchi2016-08-181-23/+14
| | | | | Just comparing parameters does not make sense. Test that they have a safe prime 'p' with appropriate length.
* openssl: implement initialize_copy method for PKey classesrhe2016-06-191-0/+10
| | | | | | | | | | | | | | * ext/openssl/ossl_pkey_dh.c, ext/openssl/ossl_pkey_dsa.c, ext/openssl/ossl_pkey_ec.c, ext/openssl/ossl_pkey_rsa.c: Implement initialize_copy method for OpenSSL::PKey::*. [ruby-core:75504] [Bug #12381] * test/openssl/test_pkey_dh.rb, test/openssl/test_pkey_dsa.rb, test/openssl/test_pkey_ec.rb, test/openssl/test_pkey_rsa.rb: Test they actually copy the OpenSSL objects, and modifications to cloned object don't affect the original object. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55454 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* openssl: clear OpenSSL error queue before return to Rubyrhe2016-05-311-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * ext/openssl/ossl_x509cert.c (ossl_x509_verify): X509_verify() family may put errors on 0 return (0 means verification failure). Clear OpenSSL error queue before return to Ruby. Since the queue is thread global, remaining errors in the queue can cause an unexpected error in the next OpenSSL operation. [ruby-core:48284] [Bug #7215] * ext/openssl/ossl_x509crl.c (ossl_x509crl_verify): ditto. * ext/openssl/ossl_x509req.c (ossl_x509req_verify): ditto. * ext/openssl/ossl_x509store.c (ossl_x509stctx_verify): ditto. * ext/openssl/ossl_pkey_dh.c (dh_generate): clear the OpenSSL error queue before re-raising exception. * ext/openssl/ossl_pkey_dsa.c (dsa_generate): ditto. * ext/openssl/ossl_pkey_rsa.c (rsa_generate): ditto. * ext/openssl/ossl_ssl.c (ossl_start_ssl): ditto. * test/openssl: check that OpenSSL.errors is empty every time after running a test case. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55051 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Sync trunkZachary Scott2016-02-021-0/+1
|
* support 2048 bit length DH-keySHIBATA Hiroshi2016-01-151-0/+14
|
* Remove 512-bit DH groupTony Arcieri2016-01-071-12/+2
| | | | | | 512-bit DH keys are severely weak and have been implicated in recent attacks: https://weakdh.org/
* Sync with ruby trunkZachary Scott2015-09-231-0/+21
|
* Upstream ruby/ruby@ae042f2 from r50727Zachary Scott2015-06-031-1/+1
|
* Sync tests with trunkZachary Scott2015-01-061-1/+1
|
* import ruby trunkSHIBATA Hiroshi2014-10-271-0/+82
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-01 10:28:59 +0000