Skip to content

Commit 954b16d

Browse files
authored
Merge pull request #378 from silug/fix/certificate-request-spec-sha1
fix: skip SHA1 CSR signing test when OpenSSL doesn't support it
2 parents 8882950 + a35040c commit 954b16d

1 file changed

Lines changed: 12 additions & 0 deletions

File tree

spec/unit/ssl/certificate_request_spec.rb

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -69,6 +69,17 @@
6969
end
7070
end
7171

72+
def sha1_signing_supported?
73+
test_key = OpenSSL::PKey::RSA.new(512)
74+
csr = OpenSSL::X509::Request.new
75+
csr.public_key = test_key.public_key
76+
csr.version = 0
77+
csr.sign(test_key, OpenSSL::Digest::SHA1.new)
78+
true
79+
rescue
80+
false
81+
end
82+
7283
describe "when generating", :unless => RUBY_PLATFORM == 'java' do
7384
it "should verify the CSR using the public key associated with the private key" do
7485
request.generate(key)
@@ -312,6 +323,7 @@
312323
end
313324

314325
it "should use SHA1 to sign the csr when SHA256 isn't available" do
326+
skip "SHA1 signing not supported by this OpenSSL build" unless sha1_signing_supported?
315327
csr = OpenSSL::X509::Request.new
316328
csr.public_key = key.public_key
317329
csr.version = 0

0 commit comments

Comments
 (0)