[前][次][番号順一覧][スレッド一覧]

ruby-changes:19992

From: emboss <ko1@a...>
Date: Mon, 13 Jun 2011 10:58:16 +0900 (JST)
Subject: [ruby-changes:19992] emboss:r32039 (trunk): * ext/openssl/pkey_dh.c: corrected documentation.

emboss	2011-06-13 10:58:09 +0900 (Mon, 13 Jun 2011)

  New Revision: 32039

  http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=32039

  Log:
    * ext/openssl/pkey_dh.c: corrected documentation.
    * test/openssl/utils.rb: add test key for DH.
    * test/openssl/test_pkey_dh.rb: add tests.

  Added files:
    trunk/test/openssl/test_pkey_dh.rb
  Modified files:
    trunk/ChangeLog
    trunk/ext/openssl/ossl_pkey_dh.c
    trunk/test/openssl/utils.rb

Index: ChangeLog
===================================================================
--- ChangeLog	(revision 32038)
+++ ChangeLog	(revision 32039)
@@ -1,3 +1,9 @@
+Mon Jun 13 10:54:03 2011  Martin Bosslet  <Martin.Bosslet@g...>
+
+	* ext/openssl/pkey_dh.c: corrected documentation.
+	* test/openssl/utils.rb: add test key for DH.
+	* test/openssl/test_pkey_dh.rb: add tests.
+
 Mon Jun 13 10:13:08 2011  Martin Bosslet  <Martin.Bosslet@g...>
 
 	* ext/openssl/pkey_dh.c: clarify difference between DH#public_key and
Index: ext/openssl/ossl_pkey_dh.c
===================================================================
--- ext/openssl/ossl_pkey_dh.c	(revision 32038)
+++ ext/openssl/ossl_pkey_dh.c	(revision 32039)
@@ -137,9 +137,9 @@
  *
  * Either generates a DH instance from scratch or by reading already existing
  * DH parameters from +string+. Note that when reading a DH instance from
- * data that was encoded from a DH#public_key DH instance the result
- * will *not* contain a public/private key pair yet. This needs to be
- * generated using DH#generate_key! first.
+ * data that was encoded from a DH instance by using DH#to_pem or DH#to_der
+ * the result will *not* contain a public/private key pair yet. This needs to
+ * be generated using DH#generate_key! first.
  *
  * === Parameters
  * * +size+ is an integer representing the desired key size. Keys smaller than 1024 bits should be considered insecure.
@@ -150,9 +150,7 @@
  *  DH.new # -> dh
  *  DH.new(1024) # -> dh
  *  DH.new(1024, 5) # -> dh
- *  #Reading a "private" DH key
- *  DH.new(File.read('key.pem')) # -> dh
- *  #Reading public DH parameters
+ *  #Reading DH parameters
  *  dh = DH.new(File.read('parameters.pem')) # -> dh, but no public/private key yet
  *  dh.generate_key! # -> dh with public and private key
  */
@@ -237,7 +235,9 @@
  *  call-seq:
  *     dh.to_pem -> aString
  *
- * Encodes this DH to its PEM encoding.
+ * Encodes this DH to its PEM encoding. Note that any existing per-session
+ * public/private keys will *not* get encoded, just the Diffie-Hellman
+ * parameters will be encoded.
  */
 static VALUE
 ossl_dh_export(VALUE self)
@@ -263,7 +263,10 @@
  *  call-seq:
  *     dh.to_der -> aString
  *
- * Encodes this DH to its DER encoding.
+ * Encodes this DH to its DER encoding. Note that any existing per-session
+ * public/private keys will *not* get encoded, just the Diffie-Hellman
+ * parameters will be encoded.
+
  */
 static VALUE
 ossl_dh_to_der(VALUE self)
Index: test/openssl/test_pkey_dh.rb
===================================================================
--- test/openssl/test_pkey_dh.rb	(revision 0)
+++ test/openssl/test_pkey_dh.rb	(revision 32039)
@@ -0,0 +1,72 @@
+require_relative 'utils'
+
+if defined?(OpenSSL)
+
+class OpenSSL::TestPKeyDH < Test::Unit::TestCase
+  def test_new
+    dh = OpenSSL::PKey::DH.new(256)
+    assert_key(dh)
+  end
+
+  def test_to_der
+    dh = OpenSSL::PKey::DH.new(256)
+    der = dh.to_der
+    dh2 = OpenSSL::PKey::DH.new(der)
+    assert_equal_params(dh, dh2)
+    assert_no_key(dh2)
+  end
+
+  def test_to_pem
+    dh = OpenSSL::PKey::DH.new(256)
+    pem = dh.to_pem
+    dh2 = OpenSSL::PKey::DH.new(pem)
+    assert_equal_params(dh, dh2)
+    assert_no_key(dh2)
+  end
+
+  def test_public_key
+    dh = OpenSSL::PKey::DH.new(256)
+    public_key = dh.public_key
+    assert_no_key(public_key) #implies public_key.public? is false!
+    assert_equal(dh.to_der, public_key.to_der)
+    assert_equal(dh.to_pem, public_key.to_pem)
+  end
+
+  def test_generate_key
+    dh = OpenSSL::TestUtils::TEST_KEY_DH512.public_key # creates a copy
+    assert_no_key(dh)
+    dh.generate_key!
+    assert_key(dh)
+  end
+
+  def test_key_exchange
+    dh = OpenSSL::TestUtils::TEST_KEY_DH512
+    dh2 = dh.public_key
+    dh.generate_key!
+    dh2.generate_key!
+    assert_equal(dh.compute_key(dh2.pub_key), dh2.compute_key(dh.pub_key))
+  end
+
+  private
+
+  def assert_equal_params(dh1, dh2)
+    assert_equal(dh1.g, dh2.g)
+    assert_equal(dh1.p, dh2.p)
+  end
+
+  def assert_no_key(dh)
+    assert_equal(false, dh.public?)
+    assert_equal(false, dh.private?)
+    assert_equal(nil, dh.pub_key)
+    assert_equal(nil, dh.priv_key)
+  end
+
+  def assert_key(dh)
+    assert(dh.public?)
+    assert(dh.private?)
+    assert(dh.pub_key)
+    assert(dh.priv_key)
+  end
+end
+
+end
Index: test/openssl/utils.rb
===================================================================
--- test/openssl/utils.rb	(revision 32038)
+++ test/openssl/utils.rb	(revision 32039)
@@ -88,6 +88,13 @@
 -----END EC PRIVATE KEY-----
   _end_of_pem_
 
+  TEST_KEY_DH512 = OpenSSL::PKey::DH.new <<-_end_of_pem_
+-----BEGIN DH PARAMETERS-----
+MEYCQQDmWXGPqk76sKw/edIOdhAQD4XzjJ+AR/PTk2qzaGs+u4oND2yU5D2NN4wr
+aPgwHyJBiK1/ebK3tYcrSKrOoRyrAgEC
+-----END DH PARAMETERS-----
+  _end_of_pem_
+
   module_function
 
   def issue_cert(dn, key, serial, not_before, not_after, extensions,

--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/

[前][次][番号順一覧][スレッド一覧]