diff options
author | emboss <emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2012-09-03 01:14:26 +0000 |
---|---|---|
committer | emboss <emboss@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2012-09-03 01:14:26 +0000 |
commit | e29819df6e6a644bbfadbdc706a472c413015286 (patch) | |
tree | 33b5dcd1ab6b1d96a922f1e5e48d3f7032ad8124 /test/openssl/test_x509cert.rb | |
parent | 9b6f66c74f367bbce13dc19bcc5e4d037ed290bf (diff) | |
download | ruby-e29819df6e6a644bbfadbdc706a472c413015286.tar.gz |
* ext/openssl/extconf.rb: Detect OpenSSL_FIPS macro
ext/openssl/ossl.c: Expose OpenSSL::OPENSSL_FIPS constant to
indicate whether OpenSSL runs in FIPS mode.
test/openssl/test_pkey_dh.rb: Generate 256 bit keys for
non-FIPS installations to improve test performance (e.g. for
rubyci).
test/openssl/utils.rb: Replace DSS1 as certificate signature
digest with SHA1 for FIPS installations when using DSA by
introducing TestUtils::DSA_SIGNATURE_DIGEST.
test/openssl/test_x509cert.rb:
test/openssl/test_x509crl.rb:
test/openssl/test_x509req.rb: Use DSA_SIGNATURE_DIGEST
NEWS: Introduce OpenSSL::OPENSSL_FIPS
These changes allow running the OpenSSL tests in FIPS mode
while keeping a high performance for non-FIPS installations.
Introduction of OpenSSL::OPENSSL_FIPS allows for applications
to react to special requirements when using OpenSSL in FIPS mode.
[Feature #6946] [ruby-core:47345]
- Diese und die folgenden Zeilen werden ignoriert --
M ext/openssl/extconf.rb
M ext/openssl/ossl.c
M NEWS
M ChangeLog
M test/openssl/utils.rb
M test/openssl/test_x509crl.rb
M test/openssl/test_x509req.rb
M test/openssl/test_x509cert.rb
M test/openssl/test_pkey_dh.rb
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36884 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'test/openssl/test_x509cert.rb')
-rw-r--r-- | test/openssl/test_x509cert.rb | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/test/openssl/test_x509cert.rb b/test/openssl/test_x509cert.rb index 80c31f4d13..1c47b2b42b 100644 --- a/test/openssl/test_x509cert.rb +++ b/test/openssl/test_x509cert.rb @@ -39,8 +39,10 @@ class OpenSSL::TestX509Certificate < Test::Unit::TestCase sha1 = OpenSSL::Digest::SHA1.new dss1 = OpenSSL::Digest::DSS1.new + dsa_digest = OpenSSL::TestUtils::DSA_SIGNATURE_DIGEST.new + [ - [@rsa1024, sha1], [@rsa2048, sha1], [@dsa256, dss1], [@dsa512, dss1], + [@rsa1024, sha1], [@rsa2048, sha1], [@dsa256, dsa_digest], [@dsa512, dsa_digest] ].each{|pk, digest| cert = issue_cert(@ca, pk, 1, Time.now, Time.now+3600, exts, nil, nil, digest) @@ -145,7 +147,7 @@ class OpenSSL::TestX509Certificate < Test::Unit::TestCase assert_equal(false, cert.verify(@rsa2048)) cert = issue_cert(@ca, @dsa512, 1, Time.now, Time.now+3600, [], - nil, nil, OpenSSL::Digest::DSS1.new) + nil, nil, OpenSSL::TestUtils::DSA_SIGNATURE_DIGEST.new) assert_equal(false, certificate_error_returns_false { cert.verify(@rsa1024) }) assert_equal(false, certificate_error_returns_false { cert.verify(@rsa2048) }) assert_equal(false, cert.verify(@dsa256)) |