mirror of
https://github.com/ruby/ruby.git
synced 2026-01-26 20:19:19 +00:00
161 lines
5.4 KiB
Ruby
161 lines
5.4 KiB
Ruby
# frozen_string_literal: true
|
|
require_relative 'utils'
|
|
|
|
if defined?(OpenSSL)
|
|
|
|
class OpenSSL::TestDigest < OpenSSL::TestCase
|
|
def setup
|
|
super
|
|
@d1 = OpenSSL::Digest.new("SHA256")
|
|
@d2 = OpenSSL::Digest::SHA256.new
|
|
end
|
|
|
|
def test_initialize
|
|
assert_raise(OpenSSL::Digest::DigestError) {
|
|
OpenSSL::Digest.new("no such algorithm")
|
|
}
|
|
end
|
|
|
|
def test_digest
|
|
# SHA256 null value calculated by `echo -n "" | sha256sum`
|
|
null_hex = "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855"
|
|
null_bin = [null_hex].pack("H*")
|
|
data = "DATA"
|
|
# SHA256 DATA value calculated by `echo -n "DATA" | sha256sum`
|
|
hex = "c97c29c7a71b392b437ee03fd17f09bb10b75e879466fc0eb757b2c4a78ac938"
|
|
bin = [hex].pack("H*")
|
|
assert_equal(null_bin, @d1.digest)
|
|
assert_equal(null_hex, @d1.hexdigest)
|
|
@d1 << data
|
|
assert_equal(bin, @d1.digest)
|
|
assert_equal(hex, @d1.hexdigest)
|
|
assert_equal(bin, OpenSSL::Digest.digest('SHA256', data))
|
|
assert_equal(hex, OpenSSL::Digest.hexdigest('SHA256', data))
|
|
end
|
|
|
|
def test_eql
|
|
assert(@d1 == @d2, "==")
|
|
d = @d1.clone
|
|
assert(d == @d1, "clone")
|
|
end
|
|
|
|
def test_info
|
|
assert_equal("SHA256", @d1.name, "name")
|
|
assert_equal("SHA256", @d2.name, "name")
|
|
assert_equal(32, @d1.size, "size")
|
|
end
|
|
|
|
def test_dup
|
|
@d1.update("DATA")
|
|
assert_equal(@d1.name, @d1.dup.name, "dup")
|
|
assert_equal(@d1.name, @d1.clone.name, "clone")
|
|
assert_equal(@d1.digest, @d1.clone.digest, "clone .digest")
|
|
end
|
|
|
|
def test_reset
|
|
@d1.update("DATA")
|
|
dig1 = @d1.digest
|
|
@d1.reset
|
|
@d1.update("DATA")
|
|
dig2 = @d1.digest
|
|
assert_equal(dig1, dig2, "reset")
|
|
end
|
|
|
|
def test_digest_constants
|
|
non_fips_names = %w{MD5}
|
|
names = %w{SHA1 SHA224 SHA256 SHA384 SHA512}
|
|
names = non_fips_names + names unless OpenSSL.fips_mode
|
|
names.each do |name|
|
|
assert_not_nil(OpenSSL::Digest.new(name))
|
|
klass = OpenSSL::Digest.const_get(name.tr('-', '_'))
|
|
assert_not_nil(klass.new)
|
|
end
|
|
end
|
|
|
|
def test_digest_by_oid_and_name
|
|
# SHA256
|
|
o1 = OpenSSL::Digest.digest("SHA256", "")
|
|
o2 = OpenSSL::Digest.digest("sha256", "")
|
|
assert_equal(o1, o2)
|
|
o3 = OpenSSL::Digest.digest("2.16.840.1.101.3.4.2.1", "")
|
|
assert_equal(o1, o3)
|
|
|
|
# An alias for SHA256 recognized by EVP_get_digestbyname(), but not by
|
|
# EVP_MD_fetch()
|
|
o4 = OpenSSL::Digest.digest("RSA-SHA256", "")
|
|
assert_equal(o1, o4)
|
|
end
|
|
|
|
def encode16(str)
|
|
str.unpack1("H*")
|
|
end
|
|
|
|
def test_sha2
|
|
sha224_a = "abd37534c7d9a2efb9465de931cd7055ffdb8879563ae98078d6d6d5"
|
|
sha256_a = "ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb"
|
|
sha384_a = "54a59b9f22b0b80880d8427e548b7c23abd873486e1f035dce9cd697e85175033caa88e6d57bc35efae0b5afd3145f31"
|
|
sha512_a = "1f40fc92da241694750979ee6cf582f2d5d7d28e18335de05abc54d0560e0f5302860c652bf08d560252aa5e74210546f369fbbbce8c12cfc7957b2652fe9a75"
|
|
|
|
assert_equal(sha224_a, OpenSSL::Digest.hexdigest('SHA224', "a"))
|
|
assert_equal(sha256_a, OpenSSL::Digest.hexdigest('SHA256', "a"))
|
|
assert_equal(sha384_a, OpenSSL::Digest.hexdigest('SHA384', "a"))
|
|
assert_equal(sha512_a, OpenSSL::Digest.hexdigest('SHA512', "a"))
|
|
|
|
assert_equal(sha224_a, encode16(OpenSSL::Digest.digest('SHA224', "a")))
|
|
assert_equal(sha256_a, encode16(OpenSSL::Digest.digest('SHA256', "a")))
|
|
assert_equal(sha384_a, encode16(OpenSSL::Digest.digest('SHA384', "a")))
|
|
assert_equal(sha512_a, encode16(OpenSSL::Digest.digest('SHA512', "a")))
|
|
end
|
|
|
|
def test_sha512_truncate
|
|
sha512_224_a = "d5cdb9ccc769a5121d4175f2bfdd13d6310e0d3d361ea75d82108327"
|
|
sha512_256_a = "455e518824bc0601f9fb858ff5c37d417d67c2f8e0df2babe4808858aea830f8"
|
|
|
|
assert_equal(sha512_224_a, OpenSSL::Digest.hexdigest('SHA512-224', "a"))
|
|
assert_equal(sha512_256_a, OpenSSL::Digest.hexdigest('SHA512-256', "a"))
|
|
|
|
assert_equal(sha512_224_a, encode16(OpenSSL::Digest.digest('SHA512-224', "a")))
|
|
assert_equal(sha512_256_a, encode16(OpenSSL::Digest.digest('SHA512-256', "a")))
|
|
end
|
|
|
|
def test_sha3
|
|
s224 = '6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7'
|
|
s256 = 'a7ffc6f8bf1ed76651c14756a061d662f580ff4de43b49fa82d80a4b80f8434a'
|
|
s384 = '0c63a75b845e4f7d01107d852e4c2485c51a50aaaa94fc61995e71bbee983a2ac3713831264adb47fb6bd1e058d5f004'
|
|
s512 = 'a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a615b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26'
|
|
assert_equal(s224, OpenSSL::Digest.hexdigest('SHA3-224', ""))
|
|
assert_equal(s256, OpenSSL::Digest.hexdigest('SHA3-256', ""))
|
|
assert_equal(s384, OpenSSL::Digest.hexdigest('SHA3-384', ""))
|
|
assert_equal(s512, OpenSSL::Digest.hexdigest('SHA3-512', ""))
|
|
end
|
|
|
|
def test_fetched_evp_md
|
|
# KECCAK-256 is not FIPS-approved.
|
|
omit_on_fips
|
|
|
|
# Pre-NIST Keccak is an example of a digest algorithm that doesn't have an
|
|
# NID and requires dynamic allocation of EVP_MD
|
|
hex = "c5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470"
|
|
assert_equal(hex, OpenSSL::Digest.hexdigest("KECCAK-256", ""))
|
|
end if openssl?(3, 2, 0)
|
|
|
|
def test_openssl_digest
|
|
assert_equal OpenSSL::Digest::MD5, OpenSSL::Digest("MD5")
|
|
|
|
assert_raise NameError do
|
|
OpenSSL::Digest("no such digest")
|
|
end
|
|
end
|
|
|
|
def test_digests
|
|
digests = OpenSSL::Digest.digests
|
|
assert_kind_of Array, digests
|
|
assert_include digests, "md5"
|
|
assert_include digests, "sha1"
|
|
assert_include digests, "sha256"
|
|
assert_include digests, "sha512"
|
|
end
|
|
end
|
|
|
|
end
|