1 files changed, 11 insertions, 29 deletions
diff --git a/test/openssl/test_x509cert.rb b/test/openssl/test_x509cert.rb
index 5b2e712d2a..289994d17b 100644
--- a/test/openssl/test_x509cert.rb
+++ b/test/openssl/test_x509cert.rb
@@ -1,23 +1,19 @@
 # frozen_string_literal: false
 require_relative "utils"
 
-if defined?(OpenSSL::TestUtils)
+if defined?(OpenSSL)
 
 class OpenSSL::TestX509Certificate < OpenSSL::TestCase
   def setup
     super
-    @rsa1024 = OpenSSL::TestUtils::TEST_KEY_RSA1024
-    @rsa2048 = OpenSSL::TestUtils::TEST_KEY_RSA2048
-    @dsa256  = OpenSSL::TestUtils::TEST_KEY_DSA256
-    @dsa512  = OpenSSL::TestUtils::TEST_KEY_DSA512
+    @rsa1024 = Fixtures.pkey("rsa1024")
+    @rsa2048 = Fixtures.pkey("rsa2048")
+    @dsa256  = Fixtures.pkey("dsa256")
+    @dsa512  = Fixtures.pkey("dsa512")
     @ca = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=CA")
     @ee1 = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=EE1")
   end
 
-  def issue_cert(*args)
-    OpenSSL::TestUtils.issue_cert(*args)
-  end
-
   def test_serial
     [1, 2**32, 2**100].each{|s|
       cert = issue_cert(@ca, @rsa2048, s, [], nil, nil)
@@ -34,13 +30,10 @@ class OpenSSL::TestX509Certificate < OpenSSL::TestCase
       ["authorityKeyIdentifier","keyid:always",false],
     ]
 
-    sha1 = OpenSSL::Digest::SHA1.new
-    dsa_digest = OpenSSL::TestUtils::DSA_SIGNATURE_DIGEST.new
-
     [
-      [@rsa1024, sha1], [@rsa2048, sha1], [@dsa256, dsa_digest], [@dsa512, dsa_digest]
-    ].each{|pk, digest|
-      cert = issue_cert(@ca, pk, 1, exts, nil, nil, digest: digest)
+      @rsa1024, @rsa2048, @dsa256, @dsa512,
+    ].each{|pk|
+      cert = issue_cert(@ca, pk, 1, exts, nil, nil)
       assert_equal(cert.extensions.sort_by(&:to_s)[2].value,
                    OpenSSL::TestUtils.get_subject_key_id(cert))
       cert = OpenSSL::X509::Certificate.new(cert.to_der)
@@ -152,26 +145,15 @@ class OpenSSL::TestX509Certificate < OpenSSL::TestCase
     }
   end
 
-  def test_dsig_algorithm_mismatch
-    assert_raise(OpenSSL::X509::CertificateError) do
-      issue_cert(@ca, @rsa2048, 1, [], nil, nil, digest: OpenSSL::Digest::DSS1.new)
-    end if OpenSSL::OPENSSL_VERSION_NUMBER < 0x10001000 # [ruby-core:42949]
-  end
-
   def test_dsa_with_sha2
-    begin
-      cert = issue_cert(@ca, @dsa256, 1, [], nil, nil, digest: "sha256")
-      assert_equal("dsa_with_SHA256", cert.signature_algorithm)
-    rescue OpenSSL::X509::CertificateError
-      # dsa_with_sha2 not supported. skip following test.
-      return
-    end
+    cert = issue_cert(@ca, @dsa256, 1, [], nil, nil, digest: "sha256")
+    assert_equal("dsa_with_SHA256", cert.signature_algorithm)
     # TODO: need more tests for dsa + sha2
 
     # SHA1 is allowed from OpenSSL 1.0.0 (0.9.8 requires DSS1)
     cert = issue_cert(@ca, @dsa256, 1, [], nil, nil, digest: "sha1")
     assert_equal("dsaWithSHA1", cert.signature_algorithm)
-  end if defined?(OpenSSL::Digest::SHA256)
+  end
 
   def test_check_private_key
     cert = issue_cert(@ca, @rsa2048, 1, [], nil, nil)