ruby-changes:70363
From: Kazuki <ko1@a...>
Date: Tue, 21 Dec 2021 00:11:20 +0900 (JST)
Subject: [ruby-changes:70363] 582606dc58 (master): [ruby/openssl] pkey: test parsing concatenated PEM string
https://git.ruby-lang.org/ruby.git/commit/?id=582606dc58 From 582606dc58d51d333e30860c1f2cea7a6774c7f8 Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi <k@r...> Date: Wed, 3 Nov 2021 23:31:29 +0900 Subject: [ruby/openssl] pkey: test parsing concatenated PEM string PEM-encoded private keys are sometimes stored together with irrelevant PEM blocks, such as the corresponding X.509 certificate. PEM_read_bio_*() family automatically skips unknown PEM blocks, but on OpenSSL 3.0 we will be using the new OSSL_DECODER API instead due to some breaking changes around the password callback. Let's add a test case so that we won't break the current behavior. https://github.com/ruby/openssl/commit/8c185e0ae5 --- test/openssl/test_pkey_rsa.rb | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/test/openssl/test_pkey_rsa.rb b/test/openssl/test_pkey_rsa.rb index dbe87ba4c1b..7510658df73 100644 --- a/test/openssl/test_pkey_rsa.rb +++ b/test/openssl/test_pkey_rsa.rb @@ -306,6 +306,12 @@ class OpenSSL::TestPKeyRSA < OpenSSL::PKeyTestCase https://github.com/ruby/ruby/blob/trunk/test/openssl/test_pkey_rsa.rb#L306 assert_equal asn1.to_der, rsa1024.to_der assert_equal pem, rsa1024.export + + # Unknown PEM prepended + cert = issue_cert(OpenSSL::X509::Name.new([["CN", "nobody"]]), rsa1024, 1, [], nil, nil) + str = cert.to_text + cert.to_pem + rsa1024.to_pem + key = OpenSSL::PKey::RSA.new(str) + assert_same_rsa rsa1024, key end def test_RSAPrivateKey_encrypted -- cgit v1.2.1 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/