ruby-changes:19992
From: emboss <ko1@a...>
Date: Mon, 13 Jun 2011 10:58:16 +0900 (JST)
Subject: [ruby-changes:19992] emboss:r32039 (trunk): * ext/openssl/pkey_dh.c: corrected documentation.
emboss 2011-06-13 10:58:09 +0900 (Mon, 13 Jun 2011) New Revision: 32039 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=32039 Log: * ext/openssl/pkey_dh.c: corrected documentation. * test/openssl/utils.rb: add test key for DH. * test/openssl/test_pkey_dh.rb: add tests. Added files: trunk/test/openssl/test_pkey_dh.rb Modified files: trunk/ChangeLog trunk/ext/openssl/ossl_pkey_dh.c trunk/test/openssl/utils.rb Index: ChangeLog =================================================================== --- ChangeLog (revision 32038) +++ ChangeLog (revision 32039) @@ -1,3 +1,9 @@ +Mon Jun 13 10:54:03 2011 Martin Bosslet <Martin.Bosslet@g...> + + * ext/openssl/pkey_dh.c: corrected documentation. + * test/openssl/utils.rb: add test key for DH. + * test/openssl/test_pkey_dh.rb: add tests. + Mon Jun 13 10:13:08 2011 Martin Bosslet <Martin.Bosslet@g...> * ext/openssl/pkey_dh.c: clarify difference between DH#public_key and Index: ext/openssl/ossl_pkey_dh.c =================================================================== --- ext/openssl/ossl_pkey_dh.c (revision 32038) +++ ext/openssl/ossl_pkey_dh.c (revision 32039) @@ -137,9 +137,9 @@ * * Either generates a DH instance from scratch or by reading already existing * DH parameters from +string+. Note that when reading a DH instance from - * data that was encoded from a DH#public_key DH instance the result - * will *not* contain a public/private key pair yet. This needs to be - * generated using DH#generate_key! first. + * data that was encoded from a DH instance by using DH#to_pem or DH#to_der + * the result will *not* contain a public/private key pair yet. This needs to + * be generated using DH#generate_key! first. * * === Parameters * * +size+ is an integer representing the desired key size. Keys smaller than 1024 bits should be considered insecure. @@ -150,9 +150,7 @@ * DH.new # -> dh * DH.new(1024) # -> dh * DH.new(1024, 5) # -> dh - * #Reading a "private" DH key - * DH.new(File.read('key.pem')) # -> dh - * #Reading public DH parameters + * #Reading DH parameters * dh = DH.new(File.read('parameters.pem')) # -> dh, but no public/private key yet * dh.generate_key! # -> dh with public and private key */ @@ -237,7 +235,9 @@ * call-seq: * dh.to_pem -> aString * - * Encodes this DH to its PEM encoding. + * Encodes this DH to its PEM encoding. Note that any existing per-session + * public/private keys will *not* get encoded, just the Diffie-Hellman + * parameters will be encoded. */ static VALUE ossl_dh_export(VALUE self) @@ -263,7 +263,10 @@ * call-seq: * dh.to_der -> aString * - * Encodes this DH to its DER encoding. + * Encodes this DH to its DER encoding. Note that any existing per-session + * public/private keys will *not* get encoded, just the Diffie-Hellman + * parameters will be encoded. + */ static VALUE ossl_dh_to_der(VALUE self) Index: test/openssl/test_pkey_dh.rb =================================================================== --- test/openssl/test_pkey_dh.rb (revision 0) +++ test/openssl/test_pkey_dh.rb (revision 32039) @@ -0,0 +1,72 @@ +require_relative 'utils' + +if defined?(OpenSSL) + +class OpenSSL::TestPKeyDH < Test::Unit::TestCase + def test_new + dh = OpenSSL::PKey::DH.new(256) + assert_key(dh) + end + + def test_to_der + dh = OpenSSL::PKey::DH.new(256) + der = dh.to_der + dh2 = OpenSSL::PKey::DH.new(der) + assert_equal_params(dh, dh2) + assert_no_key(dh2) + end + + def test_to_pem + dh = OpenSSL::PKey::DH.new(256) + pem = dh.to_pem + dh2 = OpenSSL::PKey::DH.new(pem) + assert_equal_params(dh, dh2) + assert_no_key(dh2) + end + + def test_public_key + dh = OpenSSL::PKey::DH.new(256) + public_key = dh.public_key + assert_no_key(public_key) #implies public_key.public? is false! + assert_equal(dh.to_der, public_key.to_der) + assert_equal(dh.to_pem, public_key.to_pem) + end + + def test_generate_key + dh = OpenSSL::TestUtils::TEST_KEY_DH512.public_key # creates a copy + assert_no_key(dh) + dh.generate_key! + assert_key(dh) + end + + def test_key_exchange + dh = OpenSSL::TestUtils::TEST_KEY_DH512 + dh2 = dh.public_key + dh.generate_key! + dh2.generate_key! + assert_equal(dh.compute_key(dh2.pub_key), dh2.compute_key(dh.pub_key)) + end + + private + + def assert_equal_params(dh1, dh2) + assert_equal(dh1.g, dh2.g) + assert_equal(dh1.p, dh2.p) + end + + def assert_no_key(dh) + assert_equal(false, dh.public?) + assert_equal(false, dh.private?) + assert_equal(nil, dh.pub_key) + assert_equal(nil, dh.priv_key) + end + + def assert_key(dh) + assert(dh.public?) + assert(dh.private?) + assert(dh.pub_key) + assert(dh.priv_key) + end +end + +end Index: test/openssl/utils.rb =================================================================== --- test/openssl/utils.rb (revision 32038) +++ test/openssl/utils.rb (revision 32039) @@ -88,6 +88,13 @@ -----END EC PRIVATE KEY----- _end_of_pem_ + TEST_KEY_DH512 = OpenSSL::PKey::DH.new <<-_end_of_pem_ +-----BEGIN DH PARAMETERS----- +MEYCQQDmWXGPqk76sKw/edIOdhAQD4XzjJ+AR/PTk2qzaGs+u4oND2yU5D2NN4wr +aPgwHyJBiK1/ebK3tYcrSKrOoRyrAgEC +-----END DH PARAMETERS----- + _end_of_pem_ + module_function def issue_cert(dn, key, serial, not_before, not_after, extensions, -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/