* lib/rubygems: Import RubyGems 2.1

* test/rubygems:  Ditto.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@41873 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

1 files changed, 154 insertions, 14 deletions

diff --git a/test/rubygems/test_gem_commands_cert_command.rb b/test/rubygems/test_gem_commands_cert_command.rb
index 75db6c4e15..a158a4442b 100644
--- a/test/rubygems/test_gem_commands_cert_command.rb
+++ b/test/rubygems/test_gem_commands_cert_command.rb
@@ -2,8 +2,8 @@ require 'rubygems/test_case'
 require 'rubygems/commands/cert_command'
 require 'rubygems/fix_openssl_warnings' if RUBY_VERSION < "1.9"
 
-unless defined? OpenSSL then
-  warn "`gem cert` tests are being skipped, module OpenSSL not found"
+unless defined?(OpenSSL::SSL) then
+  warn 'Skipping `gem cert` tests.  openssl not found.'
 end
 
 class TestGemCommandsCertCommand < Gem::TestCase
@@ -98,14 +98,22 @@ Added '/CN=alternate/DC=example'
   end
 
   def test_execute_build
+    passphrase = 'Foo bar'
+
     @cmd.handle_options %W[--build nobody@example.com]
 
-    use_ui @ui do
+    @build_ui = Gem::MockGemUi.new "#{passphrase}\n#{passphrase}"
+
+    use_ui @build_ui do
       @cmd.execute
     end
 
-    output = @ui.output.split "\n"
+    output = @build_ui.output.split "\n"
 
+    assert_equal "Passphrase for your Private Key:  ",
+                 output.shift
+    assert_equal "Please repeat the passphrase for your Private Key:  ",
+                 output.shift
     assert_equal "Certificate: #{File.join @tempdir, 'gem-public_cert.pem'}",
                  output.shift
     assert_equal "Private Key: #{File.join @tempdir, 'gem-private_key.pem'}",
@@ -115,12 +123,43 @@ Added '/CN=alternate/DC=example'
                  output.shift
 
     assert_empty output
-    assert_empty @ui.error
+    assert_empty @build_ui.error
 
     assert_path_exists File.join(@tempdir, 'gem-private_key.pem')
     assert_path_exists File.join(@tempdir, 'gem-public_cert.pem')
   end
 
+  def test_execute_build_bad_passphrase_confirmation
+    passphrase = 'Foo bar'
+    passphrase_confirmation = 'Fu bar'
+
+    @cmd.handle_options %W[--build nobody@example.com]
+
+    @build_ui = Gem::MockGemUi.new "#{passphrase}\n#{passphrase_confirmation}"
+
+    use_ui @build_ui do
+      e = assert_raises Gem::CommandLineError do
+        @cmd.execute
+      end
+
+      output = @build_ui.output.split "\n"
+
+      assert_equal "Passphrase for your Private Key:  ",
+                   output.shift
+      assert_equal "Please repeat the passphrase for your Private Key:  ",
+                   output.shift
+
+      assert_empty output
+
+      assert_equal "Passphrase and passphrase confirmation don't match",
+                   e.message
+
+    end
+
+    refute_path_exists File.join(@tempdir, 'gem-private_key.pem')
+    refute_path_exists File.join(@tempdir, 'gem-public_cert.pem')
+  end
+
   def test_execute_build_key
     @cmd.handle_options %W[
       --build nobody@example.com
@@ -135,21 +174,32 @@ Added '/CN=alternate/DC=example'
 
     assert_equal "Certificate: #{File.join @tempdir, 'gem-public_cert.pem'}",
                  output.shift
-    assert_equal "Private Key: #{File.join @tempdir, 'gem-private_key.pem'}",
-                 output.shift
-
-    assert_equal "Don't forget to move the key file to somewhere private!",
-                 output.shift
 
     assert_empty output
     assert_empty @ui.error
 
     assert_path_exists File.join(@tempdir, 'gem-public_cert.pem')
+  end
+
+  def test_execute_build_encrypted_key
+    @cmd.handle_options %W[
+      --build nobody@example.com
+      --private-key #{ENCRYPTED_PRIVATE_KEY_PATH}
+    ]
+
+    use_ui @ui do
+      @cmd.execute
+    end
+
+    output = @ui.output.split "\n"
+
+    assert_equal "Certificate: #{File.join @tempdir, 'gem-public_cert.pem'}",
+                 output.shift
 
-    private_key_file = File.join @tempdir, 'gem-private_key.pem'
-    assert_path_exists private_key_file
+    assert_empty output
+    assert_empty @ui.error
 
-    assert_equal PRIVATE_KEY.to_pem, File.read(private_key_file)
+    assert_path_exists File.join(@tempdir, 'gem-public_cert.pem')
   end
 
   def test_execute_certificate
@@ -203,6 +253,17 @@ Added '/CN=alternate/DC=example'
     assert_equal PRIVATE_KEY.to_pem, @cmd.options[:key].to_pem
   end
 
+  def test_execute_encrypted_private_key
+    use_ui @ui do
+      @cmd.send :handle_options, %W[--private-key #{ENCRYPTED_PRIVATE_KEY_PATH}]
+    end
+
+    assert_equal '', @ui.output
+    assert_equal '', @ui.error
+
+    assert_equal ENCRYPTED_PRIVATE_KEY.to_pem, @cmd.options[:key].to_pem
+  end
+
   def test_execute_remove
     @trust_dir.trust_cert PUBLIC_CERT
 
@@ -307,6 +368,35 @@ Removed '/CN=alternate/DC=example'
     assert_equal mask, File.stat(path).mode unless win_platform?
   end
 
+  def test_execute_sign_encrypted_key
+    path = File.join @tempdir, 'cert.pem'
+    Gem::Security.write ALTERNATE_CERT, path, 0600
+
+    assert_equal '/CN=alternate/DC=example', ALTERNATE_CERT.issuer.to_s
+
+    @cmd.handle_options %W[
+      --private-key #{ENCRYPTED_PRIVATE_KEY_PATH}
+      --certificate #{PUBLIC_CERT_FILE}
+
+      --sign #{path}
+    ]
+
+    use_ui @ui do
+      @cmd.execute
+    end
+
+    assert_equal '', @ui.output
+    assert_equal '', @ui.error
+
+    cert = OpenSSL::X509::Certificate.new File.read path
+
+    assert_equal '/CN=nobody/DC=example', cert.issuer.to_s
+
+    mask = 0100600 & (~File.umask)
+
+    assert_equal mask, File.stat(path).mode unless win_platform?
+  end
+
   def test_execute_sign_default
     FileUtils.mkdir_p File.join Gem.user_home, '.gem'
 
@@ -339,6 +429,38 @@ Removed '/CN=alternate/DC=example'
     assert_equal mask, File.stat(path).mode unless win_platform?
   end
 
+  def test_execute_sign_default_encrypted_key
+    FileUtils.mkdir_p File.join(Gem.user_home, '.gem')
+
+    private_key_path = File.join Gem.user_home, '.gem', 'gem-private_key.pem'
+    Gem::Security.write ENCRYPTED_PRIVATE_KEY, private_key_path, 0600, PRIVATE_KEY_PASSPHRASE
+
+    public_cert_path = File.join Gem.user_home, '.gem', 'gem-public_cert.pem'
+    Gem::Security.write PUBLIC_CERT, public_cert_path
+
+    path = File.join @tempdir, 'cert.pem'
+    Gem::Security.write ALTERNATE_CERT, path, 0600
+
+    assert_equal '/CN=alternate/DC=example', ALTERNATE_CERT.issuer.to_s
+
+    @cmd.handle_options %W[--sign #{path}]
+
+    use_ui @ui do
+      @cmd.execute
+    end
+
+    assert_equal '', @ui.output
+    assert_equal '', @ui.error
+
+    cert = OpenSSL::X509::Certificate.new File.read path
+
+    assert_equal '/CN=nobody/DC=example', cert.issuer.to_s
+
+    mask = 0100600 & (~File.umask)
+
+    assert_equal mask, File.stat(path).mode unless win_platform?
+  end
+
   def test_execute_sign_no_cert
     FileUtils.mkdir_p File.join Gem.user_home, '.gem'
 
@@ -509,6 +631,24 @@ ERROR:  --private-key not specified and ~/.gem/gem-private_key.pem does not exis
     assert_equal [ALTERNATE_CERT_FILE, CHILD_CERT_FILE], @cmd.options[:sign]
   end
 
+  def test_handle_options_sign_encrypted_key
+    @cmd.handle_options %W[
+      --private-key #{ALTERNATE_KEY_FILE}
+      --private-key #{ENCRYPTED_PRIVATE_KEY_PATH}
+
+      --certificate #{ALTERNATE_CERT_FILE}
+      --certificate #{PUBLIC_CERT_FILE}
+
+      --sign #{ALTERNATE_CERT_FILE}
+      --sign #{CHILD_CERT_FILE}
+    ]
+
+    assert_equal ENCRYPTED_PRIVATE_KEY.to_pem, @cmd.options[:key].to_pem
+    assert_equal PUBLIC_CERT.to_pem, @cmd.options[:issuer_cert].to_pem
+
+    assert_equal [ALTERNATE_CERT_FILE, CHILD_CERT_FILE], @cmd.options[:sign]
+  end
+
   def test_handle_options_sign_nonexistent
     nonexistent = File.join @tempdir, 'nonexistent'
     e = assert_raises OptionParser::InvalidArgument do
@@ -525,5 +665,5 @@ ERROR:  --private-key not specified and ~/.gem/gem-private_key.pem does not exis
                  e.message
   end
 
-end if defined? OpenSSL
+end if defined?(OpenSSL::SSL)