diff options
| author | Benoit Daloze <[email protected]> | 2023-11-27 18:17:52 +0100 |
|---|---|---|
| committer | Benoit Daloze <[email protected]> | 2023-11-27 18:17:52 +0100 |
| commit | cc05a60c16b69b6156396f9e6a009f94421fe1b4 (patch) | |
| tree | c8eed9dc214e7df14ed31f2b3785ac12d240728f /spec/ruby/library/openssl | |
| parent | acab060c17a21bd79f384e3e055aaa115c5dc235 (diff) | |
Update to ruby/spec@c3206f6
Diffstat (limited to 'spec/ruby/library/openssl')
| -rw-r--r-- | spec/ruby/library/openssl/fixed_length_secure_compare_spec.rb | 42 | ||||
| -rw-r--r-- | spec/ruby/library/openssl/kdf/pbkdf2_hmac_spec.rb | 17 | ||||
| -rw-r--r-- | spec/ruby/library/openssl/secure_compare_spec.rb | 38 | ||||
| -rw-r--r-- | spec/ruby/library/openssl/x509/store/verify_spec.rb (renamed from spec/ruby/library/openssl/x509/name/verify_spec.rb) | 2 |
4 files changed, 81 insertions, 18 deletions
diff --git a/spec/ruby/library/openssl/fixed_length_secure_compare_spec.rb b/spec/ruby/library/openssl/fixed_length_secure_compare_spec.rb new file mode 100644 index 0000000000..5a2ca168b5 --- /dev/null +++ b/spec/ruby/library/openssl/fixed_length_secure_compare_spec.rb @@ -0,0 +1,42 @@ +require_relative '../../spec_helper' +require 'openssl' + +describe "OpenSSL.fixed_length_secure_compare" do + it "returns true for two strings with the same content" do + input1 = "the quick brown fox jumps over the lazy dog" + input2 = "the quick brown fox jumps over the lazy dog" + OpenSSL.fixed_length_secure_compare(input1, input2).should be_true + end + + it "returns false for two strings of equal size with different content" do + input1 = "the quick brown fox jumps over the lazy dog" + input2 = "the lazy dog jumps over the quick brown fox" + OpenSSL.fixed_length_secure_compare(input1, input2).should be_false + end + + it "converts both arguments to strings using #to_str" do + input1 = mock("input1") + input1.should_receive(:to_str).and_return("the quick brown fox jumps over the lazy dog") + input2 = mock("input2") + input2.should_receive(:to_str).and_return("the quick brown fox jumps over the lazy dog") + OpenSSL.fixed_length_secure_compare(input1, input2).should be_true + end + + it "does not accept arguments that are not string and cannot be coerced into strings" do + -> { + OpenSSL.fixed_length_secure_compare("input1", :input2) + }.should raise_error(TypeError, 'no implicit conversion of Symbol into String') + + -> { + OpenSSL.fixed_length_secure_compare(Object.new, "input2") + }.should raise_error(TypeError, 'no implicit conversion of Object into String') + end + + it "raises an ArgumentError for two strings of different size" do + input1 = "the quick brown fox jumps over the lazy dog" + input2 = "the quick brown fox" + -> { + OpenSSL.fixed_length_secure_compare(input1, input2) + }.should raise_error(ArgumentError, 'inputs must be of equal length') + end +end diff --git a/spec/ruby/library/openssl/kdf/pbkdf2_hmac_spec.rb b/spec/ruby/library/openssl/kdf/pbkdf2_hmac_spec.rb index 000aa0c113..40f8597275 100644 --- a/spec/ruby/library/openssl/kdf/pbkdf2_hmac_spec.rb +++ b/spec/ruby/library/openssl/kdf/pbkdf2_hmac_spec.rb @@ -154,23 +154,6 @@ describe "OpenSSL::KDF.pbkdf2_hmac" do }.should raise_error(ArgumentError, 'missing keywords: :salt, :iterations, :length, :hash') end -=begin - guard -> { OpenSSL::OPENSSL_VERSION_NUMBER < 0x30000000 } do - it "treats 0 or less iterations as a single iteration" do - salt = "\x00".b * 16 - length = 16 - hash = "sha1" - - # "Any iter less than 1 is treated as a single iteration." - key0 = OpenSSL::KDF.pbkdf2_hmac("secret", **@defaults, iterations: 0) - key_negative = OpenSSL::KDF.pbkdf2_hmac("secret", **@defaults, iterations: -1) - key1 = OpenSSL::KDF.pbkdf2_hmac("secret", **@defaults, iterations: 1) - key0.should == key1 - key_negative.should == key1 - end - end -=end - guard -> { OpenSSL::OPENSSL_VERSION_NUMBER >= 0x30000000 } do it "raises an OpenSSL::KDF::KDFError for 0 or less iterations" do -> { diff --git a/spec/ruby/library/openssl/secure_compare_spec.rb b/spec/ruby/library/openssl/secure_compare_spec.rb new file mode 100644 index 0000000000..cec48e01e7 --- /dev/null +++ b/spec/ruby/library/openssl/secure_compare_spec.rb @@ -0,0 +1,38 @@ +require_relative '../../spec_helper' +require 'openssl' + +describe "OpenSSL.secure_compare" do + it "returns true for two strings with the same content" do + input1 = "the quick brown fox jumps over the lazy dog" + input2 = "the quick brown fox jumps over the lazy dog" + OpenSSL.secure_compare(input1, input2).should be_true + end + + it "returns false for two strings with different content" do + input1 = "the quick brown fox jumps over the lazy dog" + input2 = "the lazy dog jumps over the quick brown fox" + OpenSSL.secure_compare(input1, input2).should be_false + end + + it "converts both arguments to strings using #to_str, but adds equality check for the original objects" do + input1 = mock("input1") + input1.should_receive(:to_str).and_return("the quick brown fox jumps over the lazy dog") + input2 = mock("input2") + input2.should_receive(:to_str).and_return("the quick brown fox jumps over the lazy dog") + OpenSSL.secure_compare(input1, input2).should be_false + + input = mock("input") + input.should_receive(:to_str).twice.and_return("the quick brown fox jumps over the lazy dog") + OpenSSL.secure_compare(input, input).should be_true + end + + it "does not accept arguments that are not string and cannot be coerced into strings" do + -> { + OpenSSL.secure_compare("input1", :input2) + }.should raise_error(TypeError, 'no implicit conversion of Symbol into String') + + -> { + OpenSSL.secure_compare(Object.new, "input2") + }.should raise_error(TypeError, 'no implicit conversion of Object into String') + end +end diff --git a/spec/ruby/library/openssl/x509/name/verify_spec.rb b/spec/ruby/library/openssl/x509/store/verify_spec.rb index 6dcfc99466..6a6a53d992 100644 --- a/spec/ruby/library/openssl/x509/name/verify_spec.rb +++ b/spec/ruby/library/openssl/x509/store/verify_spec.rb @@ -1,7 +1,7 @@ require_relative '../../../../spec_helper' require 'openssl' -describe "OpenSSL::X509::Name.verify" do +describe "OpenSSL::X509::Store#verify" do it "returns true for valid certificate" do key = OpenSSL::PKey::RSA.new 2048 cert = OpenSSL::X509::Certificate.new |