diff options
| author | rhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2016-11-30 14:41:46 +0000 |
|---|---|---|
| committer | rhe <rhe@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2016-11-30 14:41:46 +0000 |
| commit | aab0d67a1ff5190ff7a951e40cee742210302aed (patch) | |
| tree | c8635fd674d8300fa79e76a2f5d5eeef465abd88 /test/openssl/utils.rb | |
| parent | 0a5abaf745bf40de27bf4fac2172aaeacc2e2637 (diff) | |
| download | ruby-aab0d67a1ff5190ff7a951e40cee742210302aed.tar.gz | |
openssl: import v2.0.0
Import Ruby/OpenSSL 2.0.0. The full commit history since 2.0.0 beta.2
(imported at r56098) can be found at:
https://github.com/ruby/openssl/compare/v2.0.0.beta.2...v2.0.0
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@56946 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'test/openssl/utils.rb')
| -rw-r--r-- | test/openssl/utils.rb | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/test/openssl/utils.rb b/test/openssl/utils.rb index 6f3a3c6d1c..43ecd79eca 100644 --- a/test/openssl/utils.rb +++ b/test/openssl/utils.rb @@ -10,7 +10,6 @@ rescue LoadError end require "test/unit" -require "digest/md5" require 'tempfile' require "rbconfig" require "socket" @@ -131,8 +130,8 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC module_function - def issue_cert(dn, key, serial, not_before, not_after, extensions, - issuer, issuer_key, digest) + def issue_cert(dn, key, serial, extensions, issuer, issuer_key, + not_before: nil, not_after: nil, digest: nil) cert = OpenSSL::X509::Certificate.new issuer = cert unless issuer issuer_key = key unless issuer_key @@ -141,14 +140,16 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC cert.subject = dn cert.issuer = issuer.subject cert.public_key = key.public_key - cert.not_before = not_before - cert.not_after = not_after + now = Time.now + cert.not_before = not_before || now - 3600 + cert.not_after = not_after || now + 3600 ef = OpenSSL::X509::ExtensionFactory.new ef.subject_certificate = cert ef.issuer_certificate = issuer extensions.each{|oid, value, critical| cert.add_extension(ef.create_extension(oid, value, critical)) } + digest ||= OpenSSL::PKey::DSA === issuer_key ? DSA_SIGNATURE_DIGEST.new : "sha256" cert.sign(issuer_key, digest) cert end @@ -217,7 +218,6 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC @ca = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=CA") @svr = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=localhost") @cli = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=localhost") - now = Time.at(Time.now.to_i) ca_exts = [ ["basicConstraints","CA:TRUE",true], ["keyUsage","cRLSign,keyCertSign",true], @@ -225,9 +225,9 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC ee_exts = [ ["keyUsage","keyEncipherment,digitalSignature",true], ] - @ca_cert = issue_cert(@ca, @ca_key, 1, now, now+3600, ca_exts, nil, nil, OpenSSL::Digest::SHA1.new) - @svr_cert = issue_cert(@svr, @svr_key, 2, now, now+1800, ee_exts, @ca_cert, @ca_key, OpenSSL::Digest::SHA1.new) - @cli_cert = issue_cert(@cli, @cli_key, 3, now, now+1800, ee_exts, @ca_cert, @ca_key, OpenSSL::Digest::SHA1.new) + @ca_cert = issue_cert(@ca, @ca_key, 1, ca_exts, nil, nil) + @svr_cert = issue_cert(@svr, @svr_key, 2, ee_exts, @ca_cert, @ca_key) + @cli_cert = issue_cert(@cli, @cli_key, 3, ee_exts, @ca_cert, @ca_key) @server = nil end |