adding a test for OpenSSL::PKCS12.create

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@30192 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

test/openssl/test_pkcs12.rb

@@ -0,0 +1,149 @@
+require_relative "utils"
+
+if defined?(OpenSSL)
+
+module OpenSSL
+  class TestPKCS12 < MiniTest::Unit::TestCase
+    include OpenSSL::TestUtils
+
+    def setup
+      @mycert = cert
+    end
+
+    def test_create
+      pkcs12 = OpenSSL::PKCS12.create(
+        "omg",
+        "hello",
+        TEST_KEY_RSA2048,
+        @mycert
+      )
+      assert_equal @mycert, pkcs12.certificate
+      assert_equal TEST_KEY_RSA2048, pkcs12.key
+      assert_nil pkcs12.ca_certs
+    end
+
+    def test_create_no_pass
+      pkcs12 = OpenSSL::PKCS12.create(
+        nil,
+        "hello",
+        TEST_KEY_RSA2048,
+        @mycert
+      )
+      assert_equal @mycert, pkcs12.certificate
+      assert_equal TEST_KEY_RSA2048, pkcs12.key
+      assert_nil pkcs12.ca_certs
+
+      decoded = OpenSSL::PKCS12.new(pkcs12.to_der)
+      assert_cert @mycert, decoded.certificate
+    end
+
+    def test_create_with_chain
+      chain = [cert, cert]
+
+      pkcs12 = OpenSSL::PKCS12.create(
+        "omg",
+        "hello",
+        TEST_KEY_RSA2048,
+        @mycert,
+        chain
+      )
+      assert_equal chain, pkcs12.ca_certs
+    end
+
+    def test_create_with_bad_nid
+      assert_raises(ArgumentError) do
+        OpenSSL::PKCS12.create(
+          "omg",
+          "hello",
+          TEST_KEY_RSA2048,
+          @mycert,
+          [],
+          "foo"
+        )
+      end
+    end
+
+    def test_create_with_itr
+      OpenSSL::PKCS12.create(
+        "omg",
+        "hello",
+        TEST_KEY_RSA2048,
+        @mycert,
+        [],
+        nil,
+        nil,
+        2048
+      )
+
+      assert_raises(TypeError) do
+        OpenSSL::PKCS12.create(
+          "omg",
+          "hello",
+          TEST_KEY_RSA2048,
+          @mycert,
+          [],
+          nil,
+          nil,
+          "omg"
+        )
+      end
+    end
+
+    def test_create_with_mac_itr
+      OpenSSL::PKCS12.create(
+        "omg",
+        "hello",
+        TEST_KEY_RSA2048,
+        @mycert,
+        [],
+        nil,
+        nil,
+        nil,
+        2048
+      )
+
+      assert_raises(TypeError) do
+        OpenSSL::PKCS12.create(
+          "omg",
+          "hello",
+          TEST_KEY_RSA2048,
+          @mycert,
+          [],
+          nil,
+          nil,
+          nil,
+          "omg"
+        )
+      end
+    end
+
+    private
+    def assert_cert expected, actual
+      [
+        :subject,
+        :issuer,
+        :serial,
+        :not_before,
+        :not_after,
+      ].each do |attribute|
+        assert_equal expected.send(attribute), actual.send(attribute)
+      end
+    end
+
+    def cert
+      ca = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=CA")
+
+      now = Time.now
+      ca_exts = [
+        ["basicConstraints","CA:TRUE",true],
+        ["keyUsage","keyCertSign, cRLSign",true],
+        ["subjectKeyIdentifier","hash",false],
+        ["authorityKeyIdentifier","keyid:always",false],
+      ]
+      issue_cert(ca, TEST_KEY_RSA2048, 1, now, now+3600, ca_exts,
+                            nil, nil, OpenSSL::Digest::SHA1.new)
+    end
+  end
+end
+
+end