spec/spki_spec.rb in r509-0.10.0 vs spec/spki_spec.rb in r509-1.0
- old
+ new
@@ -1,82 +1,82 @@
require 'spec_helper'
require 'stringio'
require 'r509/spki'
shared_examples_for "create spki with private key" do
- it "generates a spki with default digest" do
- spki = R509::SPKI.new(:key => @key)
- spki.to_pem.should_not be_nil
- spki.verify_signature
- end
+ it "generates a spki with default digest" do
+ spki = R509::SPKI.new(:key => @key)
+ expect(spki.to_pem).not_to be_nil
+ spki.verify_signature
+ end
- it "generates a spki from a pem key" do
- spki = R509::SPKI.new(:key => @key.to_pem)
- spki.to_pem.should_not be_nil
- spki.verify_signature
- end
+ it "generates a spki from a pem key" do
+ spki = R509::SPKI.new(:key => @key.to_pem)
+ expect(spki.to_pem).not_to be_nil
+ spki.verify_signature
+ end
- it "generates a spki with custom digest" do
- spki = R509::SPKI.new(:key => @key, :message_digest => "sha256")
- spki.to_pem.should_not be_nil
- case
- when @key.rsa?
- spki.signature_algorithm.should(match(/sha256/i))
- when @key.dsa?
- spki.signature_algorithm.should(match(/sha1/i))
- end
- spki.verify_signature
+ it "generates a spki with custom digest" do
+ spki = R509::SPKI.new(:key => @key, :message_digest => "sha256")
+ expect(spki.to_pem).not_to be_nil
+ case
+ when @key.rsa?
+ expect(spki.signature_algorithm).to(match(/sha256/i))
+ when @key.dsa?
+ expect(spki.signature_algorithm).to(match(/sha1/i))
end
+ spki.verify_signature
+ end
- it "stores the key" do
- spki = R509::SPKI.new(:key => @key)
- spki.key.should == @key
- end
+ it "stores the key" do
+ spki = R509::SPKI.new(:key => @key)
+ expect(spki.key).to eq(@key)
+ end
- it "verifies signature" do
- spki = R509::SPKI.new(:key => @key)
- spki.verify_signature
- end
+ it "verifies signature" do
+ spki = R509::SPKI.new(:key => @key)
+ spki.verify_signature
+ end
end
shared_examples_for "spki + private key" do
it "verifies they match" do
- expect { R509::SPKI.new(:key => @key, :spki => @spki) }.to_not raise_error
+ expect { R509::SPKI.new(:key => @key, :spki => @spki) }.to_not raise_error
end
it "returns the correct signature_algorithm" do
- spki = R509::SPKI.new( :spki => @spki, :key => @key )
+ spki = R509::SPKI.new(:spki => @spki, :key => @key)
case
when @key.rsa?
- spki.signature_algorithm.should(match(/RSA/i))
+ expect(spki.signature_algorithm).to(match(/RSA/i))
when @key.dsa?
- spki.signature_algorithm.should(match(/DSA/i))
+ expect(spki.signature_algorithm).to(match(/DSA/i))
when @key.ec?
- spki.signature_algorithm.should(match(/ecdsa/i))
+ expect(spki.signature_algorithm).to(match(/ecdsa/i))
end
end
it "errors if they don't match" do
- expect { R509::SPKI.new(:key => @key, :spki => @spki2) }.to raise_error(R509::R509Error,'Key does not match SPKI.')
+ expect { R509::SPKI.new(:key => @key, :spki => @spki2) }.to raise_error(R509::R509Error, 'Key does not match SPKI.')
end
end
describe R509::SPKI do
before :all do
- #also known as SPKAC (signed public key and challenge)
+ # also known as SPKAC (signed public key and challenge)
@spki_dsa = TestFixtures::SPKI_DSA
@spki_dsa_no_verify = TestFixtures::SPKI_DSA_NO_VERIFY
@spki = TestFixtures::SPKI
@spki_rsa_newlines = TestFixtures::SPKI_RSA_NEWLINES
@spki_ec = TestFixtures::SPKI_EC
@spki_der = TestFixtures::SPKI_DER
end
it "raises an error if you don't provide a hash" do
- expect { R509::SPKI.new("junk") }.to raise_error(ArgumentError,'Must provide a hash of options')
+ expect { R509::SPKI.new("junk") }.to raise_error(ArgumentError, 'Must provide a hash of options')
end
it "raises an error if you provide an empty hash" do
- expect { R509::SPKI.new({}) }.to raise_error(ArgumentError,'Must provide either :spki or :key')
+ expect { R509::SPKI.new({}) }.to raise_error(ArgumentError, 'Must provide either :spki or :key')
end
context "rsa" do
context "no existing spki" do
before :all do
@key = R509::PrivateKey.new(:type => "rsa", :bit_length => 1024)
@@ -127,129 +127,129 @@
include_examples "spki + private key"
end
end
context "with existing spki" do
it "loads an RSA spki" do
- spki = R509::SPKI.new( :spki => @spki )
- spki.to_pem.should == @spki
+ spki = R509::SPKI.new(:spki => @spki)
+ expect(spki.to_pem).to eq(@spki)
end
it "loads an spkac with newlines" do
- spki = R509::SPKI.new( :spki => @spki_rsa_newlines )
- spki.to_pem.should == @spki_rsa_newlines.gsub("\n","")
+ spki = R509::SPKI.new(:spki => @spki_rsa_newlines)
+ expect(spki.to_pem).to eq(@spki_rsa_newlines.gsub("\n", ""))
end
it "properly strips SPKAC= prefix and loads" do
- spki = R509::SPKI.new( :spki => "SPKAC="+@spki )
- spki.to_pem.should == @spki
+ spki = R509::SPKI.new(:spki => "SPKAC=" + @spki)
+ expect(spki.to_pem).to eq(@spki)
end
end
it "returns the public key" do
- spki = R509::SPKI.new( :spki => @spki )
- spki.public_key.should_not == nil
+ spki = R509::SPKI.new(:spki => @spki)
+ expect(spki.public_key).not_to be_nil
end
it "returns pem" do
- spki = R509::SPKI.new( :spki => @spki )
- spki.to_pem.should == @spki
+ spki = R509::SPKI.new(:spki => @spki)
+ expect(spki.to_pem).to eq(@spki)
end
it "returns der" do
- spki = R509::SPKI.new( :spki => @spki )
- spki.to_der.should == @spki_der
+ spki = R509::SPKI.new(:spki => @spki)
+ expect(spki.to_der).to eq(@spki_der)
end
it "writes to pem" do
- spki = R509::SPKI.new( :spki => @spki )
+ spki = R509::SPKI.new(:spki => @spki)
sio = StringIO.new
sio.set_encoding("BINARY") if sio.respond_to?(:set_encoding)
spki.write_pem(sio)
- sio.string.should == @spki
+ expect(sio.string).to eq(@spki)
end
it "writes to der" do
- spki = R509::SPKI.new( :spki => @spki )
+ spki = R509::SPKI.new(:spki => @spki)
sio = StringIO.new
sio.set_encoding("BINARY") if sio.respond_to?(:set_encoding)
spki.write_der(sio)
- sio.string.should == @spki_der
+ expect(sio.string).to eq(@spki_der)
end
it "rsa?" do
- spki = R509::SPKI.new( :spki => @spki )
- spki.rsa?.should == true
- spki.dsa?.should == false
+ spki = R509::SPKI.new(:spki => @spki)
+ expect(spki.rsa?).to eq(true)
+ expect(spki.dsa?).to eq(false)
end
it "returns error when asking for curve_name on non-ec" do
- spki = R509::SPKI.new( :spki => @spki )
- expect { spki.curve_name }.to raise_error(R509::R509Error,'Curve name is only available with EC')
+ spki = R509::SPKI.new(:spki => @spki)
+ expect { spki.curve_name }.to raise_error(R509::R509Error, 'Curve name is only available with EC')
end
it "returns RSA key algorithm for RSA" do
- spki = R509::SPKI.new( :spki => @spki )
- spki.key_algorithm.should == "RSA"
+ spki = R509::SPKI.new(:spki => @spki)
+ expect(spki.key_algorithm).to eq("RSA")
end
it "gets RSA bit length" do
- spki = R509::SPKI.new( :spki => @spki )
- spki.bit_length.should == 2048
- spki.bit_strength.should == 2048
+ spki = R509::SPKI.new(:spki => @spki)
+ expect(spki.bit_length).to eq(2048)
+ expect(spki.bit_strength).to eq(2048)
end
it "loads a DSA spkac" do
- spki = R509::SPKI.new( :spki => @spki_dsa )
- spki.to_pem.should == @spki_dsa
+ spki = R509::SPKI.new(:spki => @spki_dsa)
+ expect(spki.to_pem).to eq(@spki_dsa)
end
it "gets DSA bit length" do
- spki = R509::SPKI.new( :spki => @spki_dsa )
- spki.bit_length.should == 2048
+ spki = R509::SPKI.new(:spki => @spki_dsa)
+ expect(spki.bit_length).to eq(2048)
end
it "dsa?" do
- spki = R509::SPKI.new( :spki => @spki_dsa )
- spki.dsa?.should == true
- spki.rsa?.should == false
+ spki = R509::SPKI.new(:spki => @spki_dsa)
+ expect(spki.dsa?).to eq(true)
+ expect(spki.rsa?).to eq(false)
end
it "returns DSA key algorithm for DSA" do
- spki = R509::SPKI.new( :spki => @spki_dsa )
- spki.key_algorithm.should == "DSA"
+ spki = R509::SPKI.new(:spki => @spki_dsa)
+ expect(spki.key_algorithm).to eq("DSA")
end
context "elliptic curve", :ec => true do
it "loads an spkac" do
- spki = R509::SPKI.new( :spki => @spki_ec )
- spki.to_pem.should == @spki_ec
+ spki = R509::SPKI.new(:spki => @spki_ec)
+ expect(spki.to_pem).to eq(@spki_ec)
end
it "returns the curve name" do
- spki = R509::SPKI.new( :spki => @spki_ec )
- spki.curve_name.should == 'secp384r1'
+ spki = R509::SPKI.new(:spki => @spki_ec)
+ expect(spki.curve_name).to eq('secp384r1')
end
it "raises error on bit length" do
- spki = R509::SPKI.new( :spki => @spki_ec )
- expect { spki.bit_length }.to raise_error(R509::R509Error,'Bit length is not available for EC at this time.')
+ spki = R509::SPKI.new(:spki => @spki_ec)
+ expect { spki.bit_length }.to raise_error(R509::R509Error, 'Bit length is not available for EC at this time.')
end
it "returns the key algorithm" do
- spki = R509::SPKI.new( :spki => @spki_ec )
- spki.key_algorithm.should == "EC"
+ spki = R509::SPKI.new(:spki => @spki_ec)
+ expect(spki.key_algorithm).to eq("EC")
end
it "returns the public key" do
- spki = R509::SPKI.new( :spki => @spki_ec )
- spki.public_key.should_not == nil
+ spki = R509::SPKI.new(:spki => @spki_ec)
+ expect(spki.public_key).not_to be_nil
end
it "ec?" do
- spki = R509::SPKI.new( :spki => @spki_ec )
- spki.ec?.should == true
- spki.dsa?.should == false
- spki.rsa?.should == false
+ spki = R509::SPKI.new(:spki => @spki_ec)
+ expect(spki.ec?).to eq(true)
+ expect(spki.dsa?).to eq(false)
+ expect(spki.rsa?).to eq(false)
end
end
context "when elliptic curve support is unavailable" do
before :all do
- @ec = OpenSSL::PKey.send(:remove_const,:EC) # remove EC support for test!
+ @ec = OpenSSL::PKey.send(:remove_const, :EC) # remove EC support for test!
load('r509/ec-hack.rb')
end
after :all do
- OpenSSL::PKey.send(:remove_const,:EC) # remove stubbed EC
+ OpenSSL::PKey.send(:remove_const, :EC) # remove stubbed EC
OpenSSL::PKey::EC = @ec # add the real one back
end
it "checks rsa?" do
- spki = R509::SPKI.new( :spki => @spki )
- spki.rsa?.should == true
- spki.ec?.should == false
- spki.dsa?.should == false
+ spki = R509::SPKI.new(:spki => @spki)
+ expect(spki.rsa?).to eq(true)
+ expect(spki.ec?).to eq(false)
+ expect(spki.dsa?).to eq(false)
end
it "returns RSA key algorithm for RSA CSR" do
- spki = R509::SPKI.new( :spki => @spki )
- spki.key_algorithm.should == "RSA"
+ spki = R509::SPKI.new(:spki => @spki)
+ expect(spki.key_algorithm).to eq("RSA")
end
end
end