spec/xml/kit/key_pair_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28

# frozen_string_literal: true

RSpec.describe Xml::Kit::KeyPair do
  let(:certificate) do
    certificate = OpenSSL::X509::Certificate.new
    certificate.public_key = key.public_key
    certificate.not_before = 1.day.ago
    certificate.not_after = 1.second.ago
    certificate
  end
  let(:key) { OpenSSL::PKey::RSA.new(2048) }
  let(:passphrase) { 'secret' }

  context 'when the passphrase is empty' do
    subject { described_class.new(certificate.to_pem, key.export, '', :signing) }

    specify { expect { subject }.not_to raise_error }
    specify { expect(subject).to be_for(:signing) }
    specify { expect(subject).not_to be_for(:encryption) }
  end

  it 'decrypts encrypted private keys' do
    encrypted_key = key.export(OpenSSL::Cipher.new('AES-256-CBC'), passphrase)
    expect do
      described_class.new(certificate.to_pem, encrypted_key, passphrase, :signing)
    end.not_to raise_error
  end
end