From 0366ce34848dec12661bbb44d32100ba9fcd2627 Mon Sep 17 00:00:00 2001 From: Michael Richardson Date: Mon, 24 Dec 2018 14:34:57 -0500 Subject: [PATCH] remove pending test cases, clean up debug statments --- test/test_cms.rb | 218 ++++++----------------------------------------- 1 file changed, 26 insertions(+), 192 deletions(-) diff --git a/test/test_cms.rb b/test/test_cms.rb index dad2e0063..fcf6183e7 100644 --- a/test/test_cms.rb +++ b/test/test_cms.rb @@ -1,7 +1,8 @@ # frozen_string_literal: false require_relative 'utils' +require 'byebug' -if defined?(OpenSSL) +if defined?(OpenSSL::CMS) class OpenSSL::TestCMS < OpenSSL::TestCase def setup @@ -35,7 +36,6 @@ def test_signed data = "aaaaa\r\nbbbbb\r\nccccc\r\n" tmp = OpenSSL::CMS.sign(@ee1_cert, @rsa1024, data, ca_certs) - byebug cms = OpenSSL::CMS::ContentInfo.new(tmp.to_der) certs = cms.certificates signers = cms.signers @@ -67,197 +67,31 @@ def test_signed assert_equal(@ee1_cert.serial, signers[0].serial) assert_equal(@ee1_cert.issuer.to_s, signers[0].issuer.to_s) - # A signed-data which have multiple signatures can be created - # through the following steps. - # 1. create two signed-data - # 2. copy signerInfo and certificate from one to another - - tmp1 = OpenSSL::CMS.sign(@ee1_cert, @rsa1024, data, [], flag) - tmp2 = OpenSSL::CMS.sign(@ee2_cert, @rsa1024, data, [], flag) - tmp1.add_signer(tmp2.signers[0]) - tmp1.add_certificate(@ee2_cert) - - cms = OpenSSL::CMS.ContentInfo.new(tmp1.to_der) - certs = cms.certificates - signers = cms.signers - assert(cms.verify([], store)) - assert_equal(data, cms.data) - assert_equal(2, certs.size) - assert_equal(2, signers.size) - assert_equal(@ee1_cert.serial, signers[0].serial) - assert_equal(@ee1_cert.issuer.to_s, signers[0].issuer.to_s) - assert_equal(@ee2_cert.serial, signers[1].serial) - assert_equal(@ee2_cert.issuer.to_s, signers[1].issuer.to_s) - end - - def test_detached_sign - pend "not yet" - store = OpenSSL::X509::Store.new - store.add_cert(@ca_cert) - ca_certs = [@ca_cert] - - data = "aaaaa\nbbbbb\nccccc\n" - flag = OpenSSL::PKCS7::BINARY|OpenSSL::PKCS7::DETACHED - tmp = OpenSSL::PKCS7.sign(@ee1_cert, @rsa1024, data, ca_certs, flag) - p7 = OpenSSL::PKCS7.new(tmp.to_der) - assert_nothing_raised do - OpenSSL::ASN1.decode(p7) - end - - certs = p7.certificates - signers = p7.signers - assert(!p7.verify([], store)) - assert(p7.verify([], store, data)) - assert_equal(data, p7.data) - assert_equal(2, certs.size) - assert_equal(@ee1_cert.subject.to_s, certs[0].subject.to_s) - assert_equal(@ca_cert.subject.to_s, certs[1].subject.to_s) - assert_equal(1, signers.size) - assert_equal(@ee1_cert.serial, signers[0].serial) - assert_equal(@ee1_cert.issuer.to_s, signers[0].issuer.to_s) - end - - def test_enveloped - pend "not yet" - certs = [@ee1_cert, @ee2_cert] - cipher = OpenSSL::Cipher::AES.new("128-CBC") - data = "aaaaa\nbbbbb\nccccc\n" - - tmp = OpenSSL::PKCS7.encrypt(certs, data, cipher, OpenSSL::PKCS7::BINARY) - p7 = OpenSSL::PKCS7.new(tmp.to_der) - recip = p7.recipients - assert_equal(:enveloped, p7.type) - assert_equal(2, recip.size) - - assert_equal(@ca_cert.subject.to_s, recip[0].issuer.to_s) - assert_equal(2, recip[0].serial) - assert_equal(data, p7.decrypt(@rsa1024, @ee1_cert)) - - assert_equal(@ca_cert.subject.to_s, recip[1].issuer.to_s) - assert_equal(3, recip[1].serial) - assert_equal(data, p7.decrypt(@rsa1024, @ee2_cert)) - - assert_equal(data, p7.decrypt(@rsa1024)) - end - - def test_graceful_parsing_failure #[ruby-core:43250] - pend "not yet" - contents = File.read(__FILE__) - assert_raise(ArgumentError) { OpenSSL::PKCS7.new(contents) } - end - - def test_degenerate_cms - pend "not yet" - ca_cert_pem = <