aboutsummaryrefslogtreecommitdiffstats
path: root/test
Commit message (Collapse)AuthorAgeFilesLines
* pkey/dh: use high level EVP interface to generate parameters and keysKazuki Yamaguchi2021-04-051-4/+11
| | | | | | | | | | Implement PKey::DH.new(size, gen), PKey::DH.generate(size, gen), and PKey::DH#generate_key! using PKey.generate_parameters and .generate_key instead of the low level DH functions. Note that the EVP interface can enforce additional restrictions - for example, DH key shorter than 2048 bits is no longer accepted by default in OpenSSL 3.0. The test code is updated accordingly.
* Merge pull request #396 from rhenium/ky/drop-openssl-1.0.1Kazuki Yamaguchi2021-04-043-74/+30
|\ | | | | require OpenSSL >= 1.0.2 and LibreSSL >= 3.1
| * require OpenSSL >= 1.0.2 and LibreSSL >= 3.1Kazuki Yamaguchi2021-04-043-74/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Clean up old version guards in preparation for the upcoming OpenSSL 3.0 support. OpenSSL 1.0.1 reached its EOL on 2016-12-31. At that time, we decided to keep 1.0.1 support because many major Linux distributions were still shipped with 1.0.1. Now, nearly 4 years later, most Linux distributions are reaching their EOL and it should be safe to assume nobody uses them anymore. Major ones that were using 1.0.1: - Ubuntu 14.04 is EOL since 2019-04-30 - RHEL 6 will reach EOL on 2020-11-30 LibreSSL 3.0 and older versions are no longer supported by the LibreSSL team as of October 2020. Note that OpenSSL 1.0.2 also reached EOL on 2019-12-31 and 1.1.0 also did on 2018-08-31.
* | BN.abs and BN uplusRick Mark2021-04-011-0/+21
| | | | | | | | Adds standard math abs fuction and revises uplus to return a duplicated object due to BN mutability
* | pkcs7: keep private key when duplicating PKCS7_SIGNER_INFOky/pkcs7-add-signer-keep-pkey-ptrKazuki Yamaguchi2021-03-241-0/+18
|/ | | | | | | | | | | | | ASN1_dup() will not copy the 'pkey' field of a PKCS7_SIGNER_INFO object by design; it is a temporary field kept until the PKCS7 structure is finalized. Let's bump reference counter of the pkey in the original object and use it in the new object, too. This commit also removes PKCS7#add_signer's routine to add the content-type attribute as a signed attribute automatically. This behavior was not documented or tested. This change should not break any working user code since the method was completely useless without the change above.
* test/openssl/test_config: skip tests for .include on older OpenSSLKazuki Yamaguchi2021-03-171-4/+5
| | | | | | | | | | | | | | The .include directive was initially added by OpenSSL 1.1.1, but the syntax was later modified in 1.1.1b to improve compatibility with the parser in <= 1.1.0. The test case expects 1.1.1b's parser. https://github.com/openssl/openssl/commit/95f59d398c3f28f7ee50f092106c5910d25f9e30 The test case is failing on Ubuntu 18.04 because it still uses the initial 1.1.1 release: http://rubyci.s3.amazonaws.com/graviton2/ruby-master/log/20210316T120003Z.fail.html.gz (cherry picked from commit ruby/ruby@e61e9bcfb27580ae52b46fc7ca49c38f8fdeb8cd)
* test/openssl/test_cipher: skip AES-CCM tests on OpenSSL <= 1.1.1bKazuki Yamaguchi2021-03-171-1/+1
| | | | | | | | | | | | | AES CCM mode in OpenSSL <= 1.1.1b was overly strict in the parameters assignment order. This has been relaxed by OpenSSL 1.1.1c. https://github.com/openssl/openssl/commit/b48e3be947ddc5da6b5a86db8341081c72b9a4ee The test case is failing on Ubuntu 18.04 because it still uses the initial 1.1.1 release and has the issue: http://rubyci.s3.amazonaws.com/graviton2/ruby-master/log/20210316T120003Z.fail.html.gz (cherry picked from commit ruby/ruby@44d67128a827c65d1a3867c5d8fd190d10aa1dd2)
* test: adjust test cases for LibreSSL 3.2.4Kazuki Yamaguchi2021-02-254-40/+51
| | | | | | | | | | | | | | LibreSSL 3.2.4 made the certificate verification logic back closer to pre-3.2.2 one, which is more compatible with OpenSSL. Part of the fixes added by commit a0e98d48c91f ("Enhance TLS 1.3 support on LibreSSL 3.2/3.3", 2020-12-03) is required for 3.2.2 and 3.2.3 only (and ~3.3.1, however 3.3 does not have a stable release yet). Since both releases are security fix, it should be safe to remove those special treatment from our test suite. While we are at it, TestSSL#test_ecdh_curves is split into TLS 1.2 and TLS 1.3 variants for clarity.
* Fixed the results of OpenSSL::Timestamp::Response#failure_infoNobuyoshi Nakada2021-02-141-0/+5
| | | | | | | | Made stored values `Symbol`s instead of `ID`s. Fixes https://bugs.ruby-lang.org/issues/17625 Co-Authored-By: xtkoba (Tee KOBAYASHI) <xtkoba+ruby@gmail.com>
* Enhance TLS 1.3 support on LibreSSL 3.2/3.3Jeremy Evans2020-12-034-24/+50
| | | | | | | | | | | | | | | | | This defines TLS1_3_VERSION when using LibreSSL 3.2+. LibreSSL 3.2/3.3 doesn't advertise this by default, even though it will use TLS 1.3 in both client and server modes. Changes between LibreSSL 3.1 and 3.2/3.3 broke a few tests, Defining TLS1_3_VERSION by itself fixes 1 test failure. A few tests now fail on LibreSSL 3.2/3.3 unless TLS 1.2 is set as the maximum version, and this adjusts those tests. The client CA test doesn't work in LibreSSL 3.2+, so I've marked that as pending. For the hostname verification, LibreSSL 3.2.2+ has a new stricter hostname verifier that doesn't like subjectAltName such as c*.example.com and d.*.example.com, so adjust the related tests. With these changes, the tests pass on LibreSSL 3.2/3.3.
* Revert "Import ruby/ruby@3beecafc2cae86290a191c1e841be13f5b08795d"Benoit Daloze2020-09-261-25/+23
| | | | | * This reverts commit 86f113c9a67fb5d60d2b8847765f960abd94335f. * It was reverted in ruby/ruby.
* Import ruby/ruby@3beecafc2cae86290a191c1e841be13f5b08795dBenoit Daloze2020-08-291-23/+25
|
* Merge pull request #394 from rhenium/ky/ssl-remove-tmp-ecdh-callbackKazuki Yamaguchi2020-08-211-24/+0
|\ | | | | ssl: remove SSL::SSLContext#tmp_ecdh_callback
| * ssl: remove SSL::SSLContext#tmp_ecdh_callbackky/ssl-remove-tmp-ecdh-callbackKazuki Yamaguchi2020-08-131-24/+0
| | | | | | | | | | | | | | | | | | | | The underlying API SSL_CTX_set_tmp_ecdh_callback() was removed by LibreSSL >= 2.6.1 and OpenSSL >= 1.1.0, in other words, it is not supported by any non-EOL versions of OpenSSL. The wrapper was initially implemented in Ruby 2.3 and has been deprecated since Ruby/OpenSSL 2.0 (bundled with Ruby 2.4) with explicit warning with rb_warn().
* | Merge pull request #392 from rhenium/ky/x509store-reviewKazuki Yamaguchi2020-08-211-140/+271
|\ \ | |/ |/| Review OpenSSL::X509::Store
| * test/openssl/test_x509store: tidy up tests for X509::Store#add_certky/x509store-reviewKazuki Yamaguchi2020-08-121-17/+9
| | | | | | | | | | Rename the test case to test_add_cert_duplicate to clarify what it is actually testing.
| * test/openssl/test_x509store: break up test_verifyKazuki Yamaguchi2020-08-121-112/+227
| | | | | | | | | | The test case is huge and too complex. Break it up into separate test cases for better documentation.
| * x509store: emit warning if arguments are given to X509::Store.newKazuki Yamaguchi2020-08-121-8/+13
| | | | | | | | | | Anything passed to OpenSSL::X509::Store.new was always ignored. Let's emit an explicit warning to not confuse users.
| * x509store: let X509::Store#add_file raise TypeError if nil is givenKazuki Yamaguchi2020-08-121-4/+23
| | | | | | | | | | | | | | | | Undo special treatment of nil and simply pass the value to StringValueCStr(). nil was never a valid argument for the method; OpenSSL::X509::StoreError with an unhelpful error message "system lib" was raised in that case.
* | ssl: initialize verify_mode and verify_hostname with default valuesky/ssl-attr-default-valuesKazuki Yamaguchi2020-07-181-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | SSLContext's verify_mode expects an SSL_VERIFY_* constant (an integer) and verify_hostname expects either true or false. However, they are set to nil after calling OpenSSL::SSL::SSLContext.new, which is surprising. Set a proper value to them by default: verify_mode is set to OpenSSL::SSL::VERIFY_NONE and verify_hostname is set to false by default. Note that this does not change the default behavior. The certificate verification was never performed unless verify_mode is set to OpenSSL::SSL::VERIFY_PEER by a user. The same applies to verify_hostname.
* | test/openssl/test_ssl: revise verify_mode test casesKazuki Yamaguchi2020-07-181-1/+45
| | | | | | | | | | | | Add explicit test cases for the behaviors with different verify_mode. If we made a bug in verify_mode, we would notice it by failures of other test cases, but there were no dedicated test cases for verify_mode.
* | test/openssl/test_ssl: revise a test case for client_cert_cbKazuki Yamaguchi2020-07-181-10/+6
|/ | | | | | | | | | | | | The current test_client_auth_public_key test case checks that supplying a PKey containing only public components through client_cert_cb will cause handshake to fail. While this is a correct behavior as a whole, the assertions are misleading in the sense that giving a public key is causing the failure. Actually, the handshake fails because a client certificate is not supplied at all, as a result of ArgumentError that is silently ignored. Rename the test case to test_client_cert_cb_ignore_error and simplify it to clarify what it is testing.
* Merge pull request #383 from cwjenkins/add_rsa_keys_eqlKazuki Yamaguchi2020-07-161-0/+18
|\ | | | | Add wrapper method for EVP_PKEY_cmp to compare same type keys
| * Add compare? method to OpenSSL::PKey that wraps EVP_PKEY_cmp.Colton Jenkins2020-07-141-0/+18
| | | | | | | | | | | | Explicitly check for type given some conflicting statements within openssl's documentation around EVP_PKEY_cmp and EVP_PKEY_ASN1_METHOD(3). Add documentation with an example for compare?
* | Merge pull request #381 from rhenium/ky/hmac-base64Kazuki Yamaguchi2020-07-101-0/+4
|\ \ | | | | | | hmac: implement base64digest methods
| * | hmac: implement base64digest methodsky/hmac-base64Kazuki Yamaguchi2020-06-301-0/+4
| | | | | | | | | | | | | | | OpenSSL::HMAC implements the similar interface as ::Digest. Let's add base64digest methods to OpenSSL::HMAC, too, for feature parity.
* | | User lower case cipher names for maximum compatibilityBart de Water2020-07-071-4/+4
| |/ |/| | | | | We ran into some Linux-based systems not accepting the upper case variant
* | Merge pull request #371 from rhenium/ky/hmac-evpKazuki Yamaguchi2020-06-301-0/+9
|\| | | | | hmac: migrate from the low-level HMAC API to the EVP API
| * hmac: add a test case for OpenSSL::HMAC singleton methodsKazuki Yamaguchi2020-06-301-0/+9
| |
* | pkey/ec: deprecate OpenSSL::PKey::EC::Point#mul(ary, ary [, bn])ky/pkey-ec-point-deprecate-mul-aryKazuki Yamaguchi2020-06-291-15/+19
|/ | | | | | | | | | | | | Deprecate it for future removal. However, I do not expect any application is affected by this. The other form of calling it, PKey::EC::Point#mul(bn [, bn]) remains untouched. PKey::EC::Point#mul calls EC_POINTs_mul(3) when multiple BNs are given as an array. LibreSSL 2.8.0 released on 2018-08 removed the feature and OpenSSL 3.0 which is planned to be released in 2020 will also deprecate the function as there is no real use-case.
* Merge pull request #329 from rhenium/ky/pkey-generic-operationsKazuki Yamaguchi2020-05-133-0/+155
|\ | | | | pkey: add more support for 'generic' pkey types
| * pkey: add PKey::PKey#deriveKazuki Yamaguchi2020-05-133-0/+55
| | | | | | | | | | | | Add OpenSSL::PKey::PKey#derive as the wrapper for EVP_PKEY_CTX_derive(). This is useful for pkey types that we don't have dedicated classes, such as X25519.
| * pkey: support 'one-shot' signing and verificationKazuki Yamaguchi2020-05-131-0/+45
| | | | | | | | | | | | OpenSSL 1.1.1 added EVP_DigestSign() and EVP_DigestVerify() functions to the interface. Some EVP_PKEY methods such as PureEdDSA algorithms do not support the streaming mechanism and require us to use them.
| * pkey: port PKey::PKey#sign and #verify to the EVP_Digest* interfaceKazuki Yamaguchi2020-05-131-0/+12
| | | | | | | | | | | | | | | | | | Use EVP_DigestSign*() and EVP_DigestVerify*() interface instead of the old EVP_Sign*() and EVP_Verify*() functions. They were added in OpenSSL 1.0.0. Also, allow the digest to be specified as nil, as certain EVP_PKEY types don't expect a digest algorithm.
| * pkey: add PKey.generate_parameters and .generate_keyKazuki Yamaguchi2020-05-131-0/+43
| | | | | | | | | | Add two methods to create a PKey using the generic EVP interface. This is useful for the PKey types we don't have a dedicated class.
* | Merge pull request #328 from rhenium/ky/pkey-refactor-serializationKazuki Yamaguchi2020-05-132-3/+2
|\ \ | | | | | | pkey: refactor PEM/DER serialization code
| * | pkey: have PKey.read parse PEM-encoded DHParameterKazuki Yamaguchi2020-05-132-3/+2
| |/ | | | | | | | | Try PEM_read_bio_Parameters(). Only PEM format is supported at the moment since corresponding d2i_* functions are not provided by OpenSSL.
* | test/openssl/test_ssl: fix flaky test caseKazuki Yamaguchi2020-05-131-1/+1
| | | | | | | | | | | | | | | | | | | | | | Fix test_socket_open_with_local_address_port_context. Often with MinGW, it seems EACCES is returned on bind when the port number is unavailable. Ignore it just as we do for EADDRINUSE and continue searching free port number. Fixes: 98f8787b4687 ("test/openssl/test_ssl: fix random failure in SSLSocket.open test", 2020-02-17)
* | config: revert to C implementation of OpenSSL::ConfigKazuki Yamaguchi2020-05-131-3/+7
| | | | | | | | | | | | | | | | | | | | Revert OpenSSL::Config to using the OpenSSL API and remove our own parser implementation for the config file syntax. OpenSSL::Config now wraps a CONF object. Accessor methods deal with the object directly rather than Ruby-level internal state. This work is based on the old C code we used before 2010.
* | test/openssl/test_config: skip test_get_value_ENV on LibreSSLKazuki Yamaguchi2020-05-131-0/+3
| | | | | | | | | | LibreSSL has removed the feature to map environment variables onto the "ENV" section.
* | test/openssl/test_config: fix non-deterministic test caseKazuki Yamaguchi2020-05-131-1/+1
| | | | | | | | | | | | | | Sort keys of a section before comparing. The ordering is not part of the API. This can cause a test failure if we use OpenSSL's C implementation. Fixes: 2ad65b5f673f ("config: support .include directive", 2018-08-16)
* | test/openssl/test_config: add missing test case for Config.parse_configKazuki Yamaguchi2020-05-131-0/+6
| |
* | config: remove deprecated methodsKazuki Yamaguchi2020-05-131-112/+16
|/ | | | | | | | | | | | | | | | Remove 4 deprecated methods. The following two methods have been marked as deprecated since 2003, by r4531 (ruby.git commit 78ff3833fb67c8005a9b851037e74b3eea940aa3). - OpenSSL::Config#value - OpenSSL::Config#section Other two methods are removed because the corresponding functions disappeared in OpenSSL 1.1.0. - OpenSSL::Config#add_value - OpenSSL::Config#[]=
* ssl: temporarily remove SSLContext#add_certificate_chain_fileKazuki Yamaguchi2020-05-131-28/+0
| | | | | | | | | | | | | | | | | | | | | | | | | Let's revert the changes for now, as it cannot be included in the 2.2.0 release. My comment on #257: > A blocker is OpenSSL::SSL::SSLContext#add_certificate_chain_file. It > has a pending change and I don't want to include it in an incomplete > state. > > The initial implementation in commit 46e4bdba40c5 was not really > useful. The issue is described in #305. #309 extended it > to take the corresponding private key together. However, the new > implementation was incompatible on Windows and was reverted by #320 to > the initial one. > > (The prerequisite to implement it in) an alternative way is #288, and > it's still cooking. This effectively reverts the following commits: - dacd08937ccd ("ssl: suppress test failure with SSLContext#add_certificate_chain_file", 2020-03-09) - 46e4bdba40c5 ("Add support for SSL_CTX_use_certificate_chain_file. Fixes #254.", 2019-06-13)
* Merge pull request #359 from zeroSteiner/fix/aead/ccm-mode-in-lenKazuki Yamaguchi2020-04-221-0/+42
|\ | | | | Allow specifying the data length for CCM mode
| * Define Cipher #ccm_data_len= for CCM mode ciphersSpencer McIntyre2020-04-211-0/+42
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow specifying just length to #update CCM mode ciphers need to specify the total plaintext or ciphertext length to EVP_CipherUpdate. Update the link to the tests file Define Cipher#ccm_data_len= for CCM mode ciphers Add a unit test for CCM mode Also check CCM is authenticated when testing
* | pkey: add PKey#inspect and #oidKazuki Yamaguchi2020-04-211-0/+28
| | | | | | | | | | | | | | | | | | | | | | Implement OpenSSL::PKey::PKey#oid as a wrapper around EVP_PKEY_id(). This allows user code to check the type of a PKey object. EVP_PKEY can have a pkey type for which we do not provide a dedicated subclass. In other words, an EVP_PKEY that is not any of {RSA,DSA,DH,EC} can exist. It is currently not possible to distinguish such a pkey. Also, implement PKey#inspect to include the key type for convenience.
* | Look up cipher by name instead of constantBart de Water2020-04-211-3/+3
| |
* | Look up digest by name instead of constantBart de Water2020-04-2116-118/+115
| |
* | Add Marshal support to PKey objectsBart de Water2020-04-194-0/+28
| |
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-29 04:04:51 +0000