Commit c5036e7
Changed files (2)
lib
xml
kit
spec
xml
kit
lib/xml/kit/key_pair.rb
@@ -9,7 +9,11 @@ module Xml
def initialize(certificate, private_key, passphrase, use)
@certificate = ::Xml::Kit::Certificate.new(certificate, use: use)
- @private_key = OpenSSL::PKey::RSA.new(private_key, passphrase)
+ if passphrase.present?
+ @private_key = OpenSSL::PKey::RSA.new(private_key, passphrase)
+ else
+ @private_key = OpenSSL::PKey::RSA.new(private_key)
+ end
@public_key = @private_key.public_key
end
spec/xml/kit/key_pair_spec.rb
@@ -1,9 +1,26 @@
# frozen_string_literal: true
RSpec.describe Xml::Kit::KeyPair do
- it 'ignores an empty passphrases' do
+ let(:certificate) do
+ certificate = OpenSSL::X509::Certificate.new
+ certificate.public_key = key.public_key
+ certificate.not_before = 1.day.ago
+ certificate.not_after = 1.second.ago
+ certificate
+ end
+ let(:key) { OpenSSL::PKey::RSA.new(2048) }
+ let(:passphrase) { "secret" }
+
+ it 'ignores empty passphrases' do
+ expect do
+ described_class.new(certificate.to_pem, key.export, '', :signing)
+ end.not_to raise_error
+ end
+
+ it 'decrypts encrypted private keys' do
+ encrypted_key = key.export(OpenSSL::Cipher.new('AES-256-CBC'), passphrase)
expect do
- described_class.new(certificate, private_key, '', :signing)
- end.not_to raise_error(/OpenSSL::OpenSSLError/)
+ described_class.new(certificate.to_pem, encrypted_key, passphrase, :signing)
+ end.not_to raise_error
end
end