archive/ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2025-08-24 13:34:17 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4
ruby/test/openssl/test_provider.rb
Jun Aruga eb4082284a [ruby/openssl] test_provider.rb: Make a legacy provider test optional. 
In some cases such as OpenSSL package in FreeBSD[1], the legacy provider is not
installed intentionally. So, we omit a test depending the legacy provider if the
legacy provider is not loadable.

For the test_openssl_provider_names test, we use base provider[2] instead of
legacy provider, because we would expect the base provider is always loadable
in OpenSSL 3 for now.

* [1] https://www.freshports.org/security/openssl/
* [2] https://wiki.openssl.org/index.php/OpenSSL_3.0#Providers

7223da7730
2024-03-13 15:47:27 +00:00

72 lines
2.1 KiB
Ruby
Raw Blame History

# frozen_string_literal: true
require_relative 'utils'
if defined?(OpenSSL) && defined?(OpenSSL::Provider) && !OpenSSL.fips_mode
class OpenSSL::TestProvider < OpenSSL::TestCase
def test_openssl_provider_name_inspect
with_openssl <<-'end;'
provider = OpenSSL::Provider.load("default")
assert_equal("default", provider.name)
assert_not_nil(provider.inspect)
end;
end
def test_openssl_provider_names
with_openssl <<-'end;'
base_provider = OpenSSL::Provider.load("base")
assert_equal(2, OpenSSL::Provider.provider_names.size)
assert_includes(OpenSSL::Provider.provider_names, "base")
assert_equal(true, base_provider.unload)
assert_equal(1, OpenSSL::Provider.provider_names.size)
assert_not_includes(OpenSSL::Provider.provider_names, "base")
end;
end
def test_unloaded_openssl_provider
with_openssl <<-'end;'
default_provider = OpenSSL::Provider.load("default")
assert_equal(true, default_provider.unload)
assert_raise(OpenSSL::Provider::ProviderError) { default_provider.name }
assert_raise(OpenSSL::Provider::ProviderError) { default_provider.unload }
end;
end
def test_openssl_legacy_provider
with_openssl(<<-'end;')
begin
OpenSSL::Provider.load("legacy")
rescue OpenSSL::Provider::ProviderError
omit "Only for OpenSSL with legacy provider"
end
algo = "RC4"
data = "a" * 1000
key = OpenSSL::Random.random_bytes(16)
# default provider does not support RC4
cipher = OpenSSL::Cipher.new(algo)
cipher.encrypt
cipher.key = key
encrypted = cipher.update(data) + cipher.final
other_cipher = OpenSSL::Cipher.new(algo)
other_cipher.decrypt
other_cipher.key = key
decrypted = other_cipher.update(encrypted) + other_cipher.final
assert_equal(data, decrypted)
end;
end
private
# this is required because OpenSSL::Provider methods change global state
def with_openssl(code, **opts)
assert_separately(["-ropenssl"], <<~"end;", **opts)
#{code}
end;
end
end
end
Reference in a new issue View git blame Copy permalink