[DRE-commits] [ruby-certificate-authority] 04/05: Convert spec tests to RSpec 3.x (submited upstream)
Sebastien Badia
sbadia-guest at moszumanska.debian.org
Wed Mar 2 12:40:51 UTC 2016
This is an automated email from the git hooks/post-receive script.
sbadia-guest pushed a commit to branch master
in repository ruby-certificate-authority.
commit d310d9bdd3454e1e4ef457babd76947c276872a9
Author: Sebastien Badia <seb at sebian.fr>
Date: Wed Mar 2 09:33:28 2016 -0300
Convert spec tests to RSpec 3.x (submited upstream)
---
debian/patches/001_upgrade-spec-to-rspec3.patch | 822 ++++++++++++++++++++++++
debian/patches/series | 1 +
2 files changed, 823 insertions(+)
diff --git a/debian/patches/001_upgrade-spec-to-rspec3.patch b/debian/patches/001_upgrade-spec-to-rspec3.patch
new file mode 100644
index 0000000..ecb258f
--- /dev/null
+++ b/debian/patches/001_upgrade-spec-to-rspec3.patch
@@ -0,0 +1,822 @@
+Description: Convert spec tests to RSpec 3.x
+Author: Sebastien Badia <seb at sebian.fr>
+Forwarded: https://github.com/cchandler/certificate_authority/pull/45
+Last-Update: 2016-03-02
+
+--- a/spec/units/certificate_revocation_list_spec.rb
++++ b/spec/units/certificate_revocation_list_spec.rb
+@@ -28,38 +28,38 @@ describe CertificateAuthority::Certifica
+
+ it "should complain if you add a certificate without a revocation time" do
+ @certificate.revoked_at = nil
+- lambda{ @crl << @certificate}.should raise_error
++ expect{ @crl << @certificate}.to raise_error
+ end
+
+ it "should have a 'parent' that will be responsible for signing" do
+ @crl.parent = @root_certificate
+- @crl.parent.should_not be_nil
++ expect(@crl.parent).not_to be_nil
+ end
+
+ it "should raise an error if you try and sign a CRL without attaching a parent" do
+ @crl.parent = nil
+- lambda { @crl.sign! }.should raise_error
++ expect { @crl.sign! }.to raise_error
+ end
+
+ it "should be able to generate a proper CRL" do
+ @crl << @certificate
+- lambda {@crl.to_pem}.should raise_error
++ expect {@crl.to_pem}.to raise_error
+ @crl.parent = @root_certificate
+ @crl.sign!
+- @crl.to_pem.should_not be_nil
+- OpenSSL::X509::CRL.new(@crl.to_pem).should_not be_nil
++ expect(@crl.to_pem).not_to be_nil
++ expect(OpenSSL::X509::CRL.new(@crl.to_pem)).not_to be_nil
+ end
+
+ describe "Next update" do
+ it "should be able to set a 'next_update' value" do
+ @crl.next_update = (60 * 60 * 10) # 10 Hours
+- @crl.next_update.should_not be_nil
++ expect(@crl.next_update).not_to be_nil
+ end
+
+ it "should throw an error if we try and sign up with a negative next_update" do
+ @crl.sign!
+ @crl.next_update = - (60 * 60 * 10)
+- lambda{@crl.sign!}.should raise_error
++ expect{@crl.sign!}.to raise_error
+ end
+
+ end
+--- a/spec/units/certificate_spec.rb
++++ b/spec/units/certificate_spec.rb
+@@ -7,13 +7,13 @@ describe CertificateAuthority::Certifica
+
+ describe CertificateAuthority::SigningEntity do
+ it "should behave as a signing entity" do
+- @certificate.respond_to?(:is_signing_entity?).should be_true
++ expect(@certificate.respond_to?(:is_signing_entity?)).to be_truthy
+ end
+
+ it "should only be a signing entity if it's identified as a CA", :rfc3280 => true do
+- @certificate.is_signing_entity?.should be_false
++ expect(@certificate.is_signing_entity?).to be_falsey
+ @certificate.signing_entity = true
+- @certificate.is_signing_entity?.should be_true
++ expect(@certificate.is_signing_entity?).to be_truthy
+ end
+
+ describe "Root certificates" do
+@@ -22,15 +22,15 @@ describe CertificateAuthority::Certifica
+ end
+
+ it "should be able to be identified as a root certificate" do
+- @certificate.is_root_entity?.should be_true
++ expect(@certificate.is_root_entity?).to be_truthy
+ end
+
+ it "should only be a root certificate if the parent entity is itself", :rfc3280 => true do
+- @certificate.parent.should == @certificate
++ expect(@certificate.parent).to eq(@certificate)
+ end
+
+ it "should be a root certificate by default" do
+- @certificate.is_root_entity?.should be_true
++ expect(@certificate.is_root_entity?).to be_truthy
+ end
+
+ it "should be able to self-sign" do
+@@ -39,7 +39,7 @@ describe CertificateAuthority::Certifica
+ @certificate.key_material.generate_key(1024)
+ @certificate.sign!
+ cert = OpenSSL::X509::Certificate.new(@certificate.to_pem)
+- cert.subject.to_s.should == cert.issuer.to_s
++ expect(cert.subject.to_s).to eq(cert.issuer.to_s)
+ end
+
+ it "should have the basicContraint CA:TRUE" do
+@@ -48,7 +48,7 @@ describe CertificateAuthority::Certifica
+ @certificate.key_material.generate_key(1024)
+ @certificate.sign!
+ cert = OpenSSL::X509::Certificate.new(@certificate.to_pem)
+- cert.extensions.map{|i| [i.oid,i.value] }.select{|i| i.first == "basicConstraints"}.first[1].should == "CA:TRUE"
++ expect(cert.extensions.map{|i| [i.oid,i.value] }.select{|i| i.first == "basicConstraints"}.first[1]).to eq("CA:TRUE")
+ end
+ end
+
+@@ -65,16 +65,16 @@ describe CertificateAuthority::Certifica
+ end
+
+ it "should be able to be identified as an intermediate certificate" do
+- @certificate.is_intermediate_entity?.should be_true
++ expect(@certificate.is_intermediate_entity?).to be_truthy
+ end
+
+ it "should not be identified as a root" do
+- @certificate.is_root_entity?.should be_false
++ expect(@certificate.is_root_entity?).to be_falsey
+ end
+
+ it "should only be an intermediate certificate if the parent is a different entity" do
+- @certificate.parent.should_not == @certificate
+- @certificate.parent.should_not be_nil
++ expect(@certificate.parent).not_to eq(@certificate)
++ expect(@certificate.parent).not_to be_nil
+ end
+
+ it "should correctly be signed by a parent certificate" do
+@@ -84,7 +84,7 @@ describe CertificateAuthority::Certifica
+ @certificate.serial_number.number = 1
+ @certificate.sign!
+ cert = OpenSSL::X509::Certificate.new(@certificate.to_pem)
+- cert.subject.to_s.should_not == cert.issuer.to_s
++ expect(cert.subject.to_s).not_to eq(cert.issuer.to_s)
+ end
+
+ it "should have the basicContraint CA:TRUE" do
+@@ -94,7 +94,7 @@ describe CertificateAuthority::Certifica
+ @certificate.serial_number.number = 3
+ @certificate.sign!
+ cert = OpenSSL::X509::Certificate.new(@certificate.to_pem)
+- cert.extensions.map{|i| [i.oid,i.value] }.select{|i| i.first == "basicConstraints"}.first[1].should == "CA:TRUE"
++ expect(cert.extensions.map{|i| [i.oid,i.value] }.select{|i| i.first == "basicConstraints"}.first[1]).to eq("CA:TRUE")
+ end
+
+ end
+@@ -111,11 +111,11 @@ describe CertificateAuthority::Certifica
+ end
+
+ it "should not be identified as an intermediate certificate" do
+- @certificate.is_intermediate_entity?.should be_false
++ expect(@certificate.is_intermediate_entity?).to be_falsey
+ end
+
+ it "should not be identified as a root" do
+- @certificate.is_root_entity?.should be_false
++ expect(@certificate.is_root_entity?).to be_falsey
+ end
+
+ it "should have the basicContraint CA:FALSE" do
+@@ -125,13 +125,13 @@ describe CertificateAuthority::Certifica
+ @certificate.serial_number.number = 1
+ @certificate.sign!
+ cert = OpenSSL::X509::Certificate.new(@certificate.to_pem)
+- cert.extensions.map{|i| [i.oid,i.value] }.select{|i| i.first == "basicConstraints"}.first[1].should == "CA:FALSE"
++ expect(cert.extensions.map{|i| [i.oid,i.value] }.select{|i| i.first == "basicConstraints"}.first[1]).to eq("CA:FALSE")
+ end
+ end
+
+
+ it "should be able to be identified as a root certificate" do
+- @certificate.respond_to?(:is_root_entity?).should be_true
++ expect(@certificate.respond_to?(:is_root_entity?)).to be_truthy
+ end
+ end #End of SigningEntity
+
+@@ -145,8 +145,8 @@ describe CertificateAuthority::Certifica
+ end
+
+ it "should have a PEM encoded certificate body available" do
+- @certificate.to_pem.should_not be_nil
+- OpenSSL::X509::Certificate.new(@certificate.to_pem).should_not be_nil
++ expect(@certificate.to_pem).not_to be_nil
++ expect(OpenSSL::X509::Certificate.new(@certificate.to_pem)).not_to be_nil
+ end
+ end
+
+@@ -182,13 +182,13 @@ describe CertificateAuthority::Certifica
+ it "should have a subjectAltName if specified" do
+ @certificate.sign!({"extensions" => {"subjectAltName" => {"uris" => ["www.chrischandler.name"]}}})
+ cert = OpenSSL::X509::Certificate.new(@certificate.to_pem)
+- cert.extensions.map(&:oid).include?("subjectAltName").should be_true
++ expect(cert.extensions.map(&:oid).include?("subjectAltName")).to be_truthy
+ end
+
+ it "should NOT have a subjectAltName if one was not specified" do
+ @certificate.sign!
+ cert = OpenSSL::X509::Certificate.new(@certificate.to_pem)
+- cert.extensions.map(&:oid).include?("subjectAltName").should be_false
++ expect(cert.extensions.map(&:oid).include?("subjectAltName")).to be_falsey
+ end
+ end
+
+@@ -203,7 +203,7 @@ describe CertificateAuthority::Certifica
+ it "should have an authority info access if specified" do
+ @certificate.sign!({"extensions" => {"authorityInfoAccess" => {"ocsp" => ["www.chrischandler.name"]}}})
+ cert = OpenSSL::X509::Certificate.new(@certificate.to_pem)
+- cert.extensions.map(&:oid).include?("authorityInfoAccess").should be_true
++ expect(cert.extensions.map(&:oid).include?("authorityInfoAccess")).to be_truthy
+ end
+ end
+
+@@ -218,13 +218,13 @@ describe CertificateAuthority::Certifica
+ it "should have a crlDistributionPoint if specified" do
+ @certificate.sign!({"extensions" => {"crlDistributionPoints" => {"uri" => ["http://crlThingy.com"]}}})
+ cert = OpenSSL::X509::Certificate.new(@certificate.to_pem)
+- cert.extensions.map(&:oid).include?("crlDistributionPoints").should be_true
++ expect(cert.extensions.map(&:oid).include?("crlDistributionPoints")).to be_truthy
+ end
+
+ it "should NOT have a crlDistributionPoint if one was not specified" do
+ @certificate.sign!
+ cert = OpenSSL::X509::Certificate.new(@certificate.to_pem)
+- cert.extensions.map(&:oid).include?("crlDistributionPoints").should be_false
++ expect(cert.extensions.map(&:oid).include?("crlDistributionPoints")).to be_falsey
+ end
+ end
+
+@@ -247,10 +247,10 @@ describe CertificateAuthority::Certifica
+ }
+ })
+ cert = OpenSSL::X509::Certificate.new(@certificate.to_pem)
+- cert.extensions.map(&:oid).include?("certificatePolicies").should be_true
++ expect(cert.extensions.map(&:oid).include?("certificatePolicies")).to be_truthy
+ end
+
+- it "should contain a nested userNotice if specified" do
++ xit "should contain a nested userNotice if specified" do
+ pending
+ # @certificate.sign!({
+ # "extensions" => {
+@@ -270,41 +270,41 @@ describe CertificateAuthority::Certifica
+ it "should NOT include a certificatePolicy if not specified" do
+ @certificate.sign!
+ cert = OpenSSL::X509::Certificate.new(@certificate.to_pem)
+- cert.extensions.map(&:oid).include?("certificatePolicies").should be_false
++ expect(cert.extensions.map(&:oid).include?("certificatePolicies")).to be_falsey
+ end
+ end
+
+
+ it "should support BasicContraints" do
+ cert = OpenSSL::X509::Certificate.new(@certificate.to_pem)
+- cert.extensions.map(&:oid).include?("basicConstraints").should be_true
++ expect(cert.extensions.map(&:oid).include?("basicConstraints")).to be_truthy
+ end
+
+ it "should support subjectKeyIdentifier" do
+ cert = OpenSSL::X509::Certificate.new(@certificate.to_pem)
+- cert.extensions.map(&:oid).include?("subjectKeyIdentifier").should be_true
++ expect(cert.extensions.map(&:oid).include?("subjectKeyIdentifier")).to be_truthy
+ end
+
+ it "should support authorityKeyIdentifier" do
+ cert = OpenSSL::X509::Certificate.new(@certificate.to_pem)
+- cert.extensions.map(&:oid).include?("authorityKeyIdentifier").should be_true
++ expect(cert.extensions.map(&:oid).include?("authorityKeyIdentifier")).to be_truthy
+ end
+
+ it "should order subjectKeyIdentifier before authorityKeyIdentifier" do
+ cert = OpenSSL::X509::Certificate.new(@certificate.to_pem)
+- cert.extensions.map(&:oid).select do |oid|
++ expect(cert.extensions.map(&:oid).select do |oid|
+ ["subjectKeyIdentifier", "authorityKeyIdentifier"].include?(oid)
+- end.should == ["subjectKeyIdentifier", "authorityKeyIdentifier"]
++ end).to eq(["subjectKeyIdentifier", "authorityKeyIdentifier"])
+ end
+
+ it "should support keyUsage" do
+ cert = OpenSSL::X509::Certificate.new(@certificate.to_pem)
+- cert.extensions.map(&:oid).include?("keyUsage").should be_true
++ expect(cert.extensions.map(&:oid).include?("keyUsage")).to be_truthy
+ end
+
+ it "should support extendedKeyUsage" do
+ cert = OpenSSL::X509::Certificate.new(@certificate.to_pem)
+- cert.extensions.map(&:oid).include?("extendedKeyUsage").should be_true
++ expect(cert.extensions.map(&:oid).include?("extendedKeyUsage")).to be_truthy
+ end
+ end
+
+@@ -341,14 +341,14 @@ describe CertificateAuthority::Certifica
+ it "should support a default signing digest of SHA512" do
+ @certificate.sign!(@signing_profile)
+ cert = OpenSSL::X509::Certificate.new(@certificate.to_pem)
+- cert.signature_algorithm.should == "sha512WithRSAEncryption"
++ expect(cert.signature_algorithm).to eq("sha512WithRSAEncryption")
+ end
+
+ it "should support a configurable digest algorithm" do
+ @signing_profile.merge!({"digest" => "SHA1"})
+ @certificate.sign!(@signing_profile)
+ cert = OpenSSL::X509::Certificate.new(@certificate.to_pem)
+- cert.signature_algorithm.should == "sha1WithRSAEncryption"
++ expect(cert.signature_algorithm).to eq("sha1WithRSAEncryption")
+ end
+
+ end
+@@ -376,53 +376,53 @@ CERT
+ end
+
+ it "should reject non-Certificate arguments" do
+- lambda { CertificateAuthority::Certificate.from_openssl "a string" }.should raise_error
++ expect { CertificateAuthority::Certificate.from_openssl "a string" }.to raise_error
+ end
+
+ it "should only be missing a private key" do
+- @small_cert.should_not be_valid
++ expect(@small_cert).not_to be_valid
+ @small_cert.key_material.private_key = "data"
+- @small_cert.should be_valid
++ expect(@small_cert).to be_valid
+ end
+ end
+
+ it "should have a distinguished name" do
+- @certificate.distinguished_name.should_not be_nil
++ expect(@certificate.distinguished_name).not_to be_nil
+ end
+
+ it "should have a serial number" do
+- @certificate.serial_number.should_not be_nil
++ expect(@certificate.serial_number).not_to be_nil
+ end
+
+ it "should have a subject" do
+- @certificate.subject.should_not be_nil
++ expect(@certificate.subject).not_to be_nil
+ end
+
+ it "should be able to have a parent entity" do
+- @certificate.respond_to?(:parent).should be_true
++ expect(@certificate.respond_to?(:parent)).to be_truthy
+ end
+
+ it "should have key material" do
+- @certificate.key_material.should_not be_nil
++ expect(@certificate.key_material).not_to be_nil
+ end
+
+ it "should have a not_before field" do
+- @certificate.not_before.should_not be_nil
++ expect(@certificate.not_before).not_to be_nil
+ end
+
+ it "should have a not_after field" do
+- @certificate.not_after.should_not be_nil
++ expect(@certificate.not_after).not_to be_nil
+ end
+
+ it "should default to one year validity" do
+- @certificate.not_after.should < Time.now + 65 * 60 * 24 * 365 and
+- @certificate.not_after.should > Time.now + 55 * 60 * 24 * 365
++ expect(@certificate.not_after).to be < Time.now + 65 * 60 * 24 * 365 and
++ expect(@certificate.not_after).to be > Time.now + 55 * 60 * 24 * 365
+ end
+
+ it "should be able to have a revoked at time" do
+- @certificate.revoked?.should be_false
++ expect(@certificate.revoked?).to be_falsey
+ @certificate.revoked_at = Time.now
+- @certificate.revoked?.should be_true
++ expect(@certificate.revoked?).to be_truthy
+ end
+
+ end
+--- a/spec/units/distinguished_name_spec.rb
++++ b/spec/units/distinguished_name_spec.rb
+@@ -6,28 +6,28 @@ describe CertificateAuthority::Distingui
+ end
+
+ it "should provide the standard x.509 distinguished name common attributes" do
+- @distinguished_name.respond_to?(:cn).should be_true
+- @distinguished_name.respond_to?(:l).should be_true
+- @distinguished_name.respond_to?(:s).should be_true
+- @distinguished_name.respond_to?(:o).should be_true
+- @distinguished_name.respond_to?(:ou).should be_true
+- @distinguished_name.respond_to?(:c).should be_true
++ expect(@distinguished_name.respond_to?(:cn)).to be_truthy
++ expect(@distinguished_name.respond_to?(:l)).to be_truthy
++ expect(@distinguished_name.respond_to?(:s)).to be_truthy
++ expect(@distinguished_name.respond_to?(:o)).to be_truthy
++ expect(@distinguished_name.respond_to?(:ou)).to be_truthy
++ expect(@distinguished_name.respond_to?(:c)).to be_truthy
+ end
+
+ it "should provide human-readable equivalents to the distinguished name common attributes" do
+- @distinguished_name.respond_to?(:common_name).should be_true
+- @distinguished_name.respond_to?(:locality).should be_true
+- @distinguished_name.respond_to?(:state).should be_true
+- @distinguished_name.respond_to?(:organization).should be_true
+- @distinguished_name.respond_to?(:organizational_unit).should be_true
+- @distinguished_name.respond_to?(:country).should be_true
++ expect(@distinguished_name.respond_to?(:common_name)).to be_truthy
++ expect(@distinguished_name.respond_to?(:locality)).to be_truthy
++ expect(@distinguished_name.respond_to?(:state)).to be_truthy
++ expect(@distinguished_name.respond_to?(:organization)).to be_truthy
++ expect(@distinguished_name.respond_to?(:organizational_unit)).to be_truthy
++ expect(@distinguished_name.respond_to?(:country)).to be_truthy
+ end
+
+ it "should require a common name" do
+- @distinguished_name.valid?.should be_false
+- @distinguished_name.errors.size.should == 1
++ expect(@distinguished_name.valid?).to be_falsey
++ expect(@distinguished_name.errors.size).to eq(1)
+ @distinguished_name.common_name = "chrischandler.name"
+- @distinguished_name.valid?.should be_true
++ expect(@distinguished_name.valid?).to be_truthy
+ end
+
+ it "should be convertible to an OpenSSL::X509::Name" do
+@@ -43,17 +43,17 @@ describe CertificateAuthority::Distingui
+ end
+
+ it "should reject non Name objects" do
+- lambda { CertificateAuthority::DistinguishedName.from_openssl "Not a OpenSSL::X509::Name" }.should raise_error
++ expect { CertificateAuthority::DistinguishedName.from_openssl "Not a OpenSSL::X509::Name" }.to raise_error
+ end
+
+ [:common_name, :locality, :state, :country, :organization, :organizational_unit].each do |field|
+ it "should set the #{field} attribute" do
+- @dn.send(field).should_not be_nil
++ expect(@dn.send(field)).not_to be_nil
+ end
+ end
+
+ it "should create an equivalent object" do
+- @dn.to_x509_name.to_s.split('/').should =~ @name.to_s.split('/')
++ expect(@dn.to_x509_name.to_s.split('/')).to match_array(@name.to_s.split('/'))
+ end
+ end
+ end
+\ No newline at end of file
+--- a/spec/units/extensions_spec.rb
++++ b/spec/units/extensions_spec.rb
+@@ -4,109 +4,109 @@ describe CertificateAuthority::Extension
+ describe CertificateAuthority::Extensions::BasicContraints do
+ it "should only allow true/false" do
+ basic_constraints = CertificateAuthority::Extensions::BasicContraints.new
+- basic_constraints.valid?.should be_true
++ expect(basic_constraints.valid?).to be_truthy
+ basic_constraints.ca = "moo"
+- basic_constraints.valid?.should be_false
++ expect(basic_constraints.valid?).to be_falsey
+ end
+
+ it "should respond to :path_len" do
+ basic_constraints = CertificateAuthority::Extensions::BasicContraints.new
+- basic_constraints.respond_to?(:path_len).should be_true
++ expect(basic_constraints.respond_to?(:path_len)).to be_truthy
+ end
+
+ it "should raise an error if :path_len isn't a non-negative integer" do
+ basic_constraints = CertificateAuthority::Extensions::BasicContraints.new
+- lambda {basic_constraints.path_len = "moo"}.should raise_error
+- lambda {basic_constraints.path_len = -1}.should raise_error
+- lambda {basic_constraints.path_len = 1.5}.should raise_error
++ expect {basic_constraints.path_len = "moo"}.to raise_error
++ expect {basic_constraints.path_len = -1}.to raise_error
++ expect {basic_constraints.path_len = 1.5}.to raise_error
+ end
+
+ it "should generate a proper OpenSSL extension string" do
+ basic_constraints = CertificateAuthority::Extensions::BasicContraints.new
+ basic_constraints.ca = true
+ basic_constraints.path_len = 2
+- basic_constraints.to_s.should == "CA:true,pathlen:2"
++ expect(basic_constraints.to_s).to eq("CA:true,pathlen:2")
+ end
+ end
+
+ describe CertificateAuthority::Extensions::SubjectAlternativeName do
+ it "should respond to :uris" do
+ subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
+- subjectAltName.respond_to?(:uris).should be_true
++ expect(subjectAltName.respond_to?(:uris)).to be_truthy
+ end
+
+ it "should require 'uris' to be an Array" do
+ subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
+- lambda {subjectAltName.uris = "not an array"}.should raise_error
++ expect {subjectAltName.uris = "not an array"}.to raise_error
+ end
+
+ it "should generate a proper OpenSSL extension string for URIs" do
+ subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
+ subjectAltName.uris = ["http://localhost.altname.example.com"]
+- subjectAltName.to_s.should == "URI:http://localhost.altname.example.com"
++ expect(subjectAltName.to_s).to eq("URI:http://localhost.altname.example.com")
+
+ subjectAltName.uris = ["http://localhost.altname.example.com", "http://other.example.com"]
+- subjectAltName.to_s.should == "URI:http://localhost.altname.example.com,URI:http://other.example.com"
++ expect(subjectAltName.to_s).to eq("URI:http://localhost.altname.example.com,URI:http://other.example.com")
+ end
+
+
+ it "should respond to :dns_names" do
+ subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
+- subjectAltName.respond_to?(:dns_names).should be_true
++ expect(subjectAltName.respond_to?(:dns_names)).to be_truthy
+ end
+
+ it "should require 'dns_names' to be an Array" do
+ subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
+- lambda {subjectAltName.dns_names = "not an array"}.should raise_error
++ expect {subjectAltName.dns_names = "not an array"}.to raise_error
+ end
+
+ it "should generate a proper OpenSSL extension string for DNS names" do
+ subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
+ subjectAltName.dns_names = ["localhost.altname.example.com"]
+- subjectAltName.to_s.should == "DNS:localhost.altname.example.com"
++ expect(subjectAltName.to_s).to eq("DNS:localhost.altname.example.com")
+
+ subjectAltName.dns_names = ["localhost.altname.example.com", "other.example.com"]
+- subjectAltName.to_s.should == "DNS:localhost.altname.example.com,DNS:other.example.com"
++ expect(subjectAltName.to_s).to eq("DNS:localhost.altname.example.com,DNS:other.example.com")
+ end
+
+ it "should respond to :ips" do
+ subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
+- subjectAltName.respond_to?(:ips).should be_true
++ expect(subjectAltName.respond_to?(:ips)).to be_truthy
+ end
+
+ it "should require 'ips' to be an Array" do
+ subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
+- lambda {subjectAltName.ips = "not an array"}.should raise_error
++ expect {subjectAltName.ips = "not an array"}.to raise_error
+ end
+
+ it "should generate a proper OpenSSL extension string for IPs" do
+ subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
+ subjectAltName.ips = ["1.2.3.4"]
+- subjectAltName.to_s.should == "IP:1.2.3.4"
++ expect(subjectAltName.to_s).to eq("IP:1.2.3.4")
+
+ subjectAltName.ips = ["1.2.3.4", "5.6.7.8"]
+- subjectAltName.to_s.should == "IP:1.2.3.4,IP:5.6.7.8"
++ expect(subjectAltName.to_s).to eq("IP:1.2.3.4,IP:5.6.7.8")
+ end
+
+ it "should generate a proper OpenSSL extension string for URIs IPs and DNS names together" do
+ subjectAltName = CertificateAuthority::Extensions::SubjectAlternativeName.new
+ subjectAltName.ips = ["1.2.3.4"]
+- subjectAltName.to_s.should == "IP:1.2.3.4"
++ expect(subjectAltName.to_s).to eq("IP:1.2.3.4")
+
+ subjectAltName.dns_names = ["localhost.altname.example.com"]
+- subjectAltName.to_s.should == "DNS:localhost.altname.example.com,IP:1.2.3.4"
++ expect(subjectAltName.to_s).to eq("DNS:localhost.altname.example.com,IP:1.2.3.4")
+
+ subjectAltName.dns_names = ["localhost.altname.example.com", "other.example.com"]
+- subjectAltName.to_s.should == "DNS:localhost.altname.example.com,DNS:other.example.com,IP:1.2.3.4"
++ expect(subjectAltName.to_s).to eq("DNS:localhost.altname.example.com,DNS:other.example.com,IP:1.2.3.4")
+
+ subjectAltName.ips = ["1.2.3.4", "5.6.7.8"]
+- subjectAltName.to_s.should == "DNS:localhost.altname.example.com,DNS:other.example.com,IP:1.2.3.4,IP:5.6.7.8"
++ expect(subjectAltName.to_s).to eq("DNS:localhost.altname.example.com,DNS:other.example.com,IP:1.2.3.4,IP:5.6.7.8")
+
+ subjectAltName.uris = ["http://localhost.altname.example.com"]
+- subjectAltName.to_s.should == "URI:http://localhost.altname.example.com,DNS:localhost.altname.example.com,DNS:other.example.com,IP:1.2.3.4,IP:5.6.7.8"
++ expect(subjectAltName.to_s).to eq("URI:http://localhost.altname.example.com,DNS:localhost.altname.example.com,DNS:other.example.com,IP:1.2.3.4,IP:5.6.7.8")
+
+ subjectAltName.uris = ["http://localhost.altname.example.com", "http://other.altname.example.com"]
+- subjectAltName.to_s.should == "URI:http://localhost.altname.example.com,URI:http://other.altname.example.com,DNS:localhost.altname.example.com,DNS:other.example.com,IP:1.2.3.4,IP:5.6.7.8"
++ expect(subjectAltName.to_s).to eq("URI:http://localhost.altname.example.com,URI:http://other.altname.example.com,DNS:localhost.altname.example.com,DNS:other.example.com,IP:1.2.3.4,IP:5.6.7.8")
+
+ end
+
+--- a/spec/units/key_material_spec.rb
++++ b/spec/units/key_material_spec.rb
+@@ -7,12 +7,12 @@ describe CertificateAuthority::KeyMateri
+ end
+
+ it "#{key_material_class} should know if a key is in memory or hardware" do
+- @key_material.is_in_hardware?.should_not be_nil
+- @key_material.is_in_memory?.should_not be_nil
++ expect(@key_material.is_in_hardware?).not_to be_nil
++ expect(@key_material.is_in_memory?).not_to be_nil
+ end
+
+ it "should use memory by default" do
+- @key_material.is_in_memory?.should be_true
++ expect(@key_material.is_in_memory?).to be_truthy
+ end
+ end
+ end
+@@ -23,15 +23,15 @@ describe CertificateAuthority::MemoryKey
+ end
+
+ it "should be able to generate an RSA key" do
+- @key_material.generate_key(1024).should_not be_nil
++ expect(@key_material.generate_key(1024)).not_to be_nil
+ end
+
+ it "should generate a proper OpenSSL::PKey::RSA" do
+- @key_material.generate_key(1024).class.should == OpenSSL::PKey::RSA
++ expect(@key_material.generate_key(1024).class).to eq(OpenSSL::PKey::RSA)
+ end
+
+ it "should be able to specify the size of the modulus to generate" do
+- @key_material.generate_key(1024).should_not be_nil
++ expect(@key_material.generate_key(1024)).not_to be_nil
+ end
+
+ describe "with generated key" do
+@@ -41,24 +41,24 @@ describe CertificateAuthority::MemoryKey
+ end
+
+ it "should be able to retrieve the private key" do
+- @key_material_in_memory.private_key.should_not be_nil
++ expect(@key_material_in_memory.private_key).not_to be_nil
+ end
+
+ it "should be able to retrieve the public key" do
+- @key_material_in_memory.public_key.should_not be_nil
++ expect(@key_material_in_memory.public_key).not_to be_nil
+ end
+ end
+
+ it "should not validate without public and private keys" do
+- @key_material.valid?.should be_false
++ expect(@key_material.valid?).to be_falsey
+ @key_material.generate_key(1024)
+- @key_material.valid?.should be_true
++ expect(@key_material.valid?).to be_truthy
+ pub = @key_material.public_key
+ @key_material.public_key = nil
+- @key_material.valid?.should be_false
++ expect(@key_material.valid?).to be_falsey
+ @key_material.public_key = pub
+ @key_material.private_key = nil
+- @key_material.valid?.should be_false
++ expect(@key_material.valid?).to be_falsey
+ end
+ end
+
+@@ -81,20 +81,20 @@ CSR
+ end
+
+ it "should generate from a CSR" do
+- @key_material.should_not be_nil
++ expect(@key_material).not_to be_nil
+ end
+
+ it "should be able to expose a public key" do
+- @key_material.public_key.should_not be_nil
++ expect(@key_material.public_key).not_to be_nil
+ end
+
+ it "should not have a private key" do
+- @key_material.private_key.should be_nil
++ expect(@key_material.private_key).to be_nil
+ end
+
+ it "should raise when signature does not verify" do
+ invalid = @request
+ invalid.public_key = OpenSSL::PKey::RSA.new 512
+- lambda { CertificateAuthority::SigningRequestKeyMaterial.new invalid }.should raise_error
++ expect { CertificateAuthority::SigningRequestKeyMaterial.new invalid }.to raise_error
+ end
+ end
+--- a/spec/units/ocsp_handler_spec.rb
++++ b/spec/units/ocsp_handler_spec.rb
+@@ -29,18 +29,18 @@ describe CertificateAuthority::OCSPHandl
+
+ it "should be able to accept an OCSP Request" do
+ @ocsp_handler.ocsp_request = @ocsp_request
+- @ocsp_handler.ocsp_request.should_not be_nil
++ expect(@ocsp_handler.ocsp_request).not_to be_nil
+ end
+
+ it "should raise an error if you try and extract certificates without a raw request" do
+ @ocsp_handler.extract_certificate_serials
+ @ocsp_handler.ocsp_request = nil
+- lambda {@ocsp_handler.extract_certificate_serials}.should raise_error
++ expect {@ocsp_handler.extract_certificate_serials}.to raise_error
+ end
+
+ it "should return a hash of extracted certificates from OCSP requests" do
+ result = @ocsp_handler.extract_certificate_serials
+- result.size.should == 1
++ expect(result.size).to eq(1)
+ end
+
+ it "should be able to generate an OCSP response" do
+@@ -52,28 +52,28 @@ describe CertificateAuthority::OCSPHandl
+
+ it "should require a 'parent' entity for signing" do
+ @ocsp_handler.parent = @root_certificate
+- @ocsp_handler.parent.should_not be_nil
++ expect(@ocsp_handler.parent).not_to be_nil
+ end
+
+ it "should raise an error if you ask for the signed OCSP response without generating it" do
+ @ocsp_handler.extract_certificate_serials
+ @ocsp_handler << @certificate
+ @ocsp_handler.parent = @root_certificate
+- lambda { @ocsp_handler.to_der }.should raise_error
++ expect { @ocsp_handler.to_der }.to raise_error
+ @ocsp_handler.response
+- @ocsp_handler.to_der.should_not be_nil
++ expect(@ocsp_handler.to_der).not_to be_nil
+ end
+
+ it "should raise an error if you generate a response without adding all certificates in request" do
+ @ocsp_handler.extract_certificate_serials
+ @ocsp_handler.parent = @root_certificate
+- lambda { @ocsp_handler.response }.should raise_error
++ expect { @ocsp_handler.response }.to raise_error
+ end
+
+ it "should raise an error if you generate a response without adding a parent signing entity" do
+ @ocsp_handler.extract_certificate_serials
+ @ocsp_handler << @certificate
+- lambda { @ocsp_handler.response }.should raise_error
++ expect { @ocsp_handler.response }.to raise_error
+ end
+
+ describe "Response" do
+@@ -87,18 +87,18 @@ describe CertificateAuthority::OCSPHandl
+ end
+
+ it "should have a correct status/status string" do
+- @openssl_ocsp_response.status_string.should == "successful"
+- @openssl_ocsp_response.status.should == 0
++ expect(@openssl_ocsp_response.status_string).to eq("successful")
++ expect(@openssl_ocsp_response.status).to eq(0)
+ end
+
+ it "should have an embedded BasicResponse with certificate statuses" do
+ # [#<OpenSSL::OCSP::CertificateId:0x000001020ecad8>, 0, 1, nil, 2011-04-15 23:29:47 UTC, 2011-04-15 23:30:17 UTC, []]
+- @openssl_ocsp_response.basic.status.first[1].should == 0 # Everything is OK
++ expect(@openssl_ocsp_response.basic.status.first[1]).to eq(0) # Everything is OK
+ end
+
+ it "should have a next_update time" do
+- @openssl_ocsp_response.basic.status.first[5].should_not be_nil
+- @openssl_ocsp_response.basic.status.first[5].class.should == Time
++ expect(@openssl_ocsp_response.basic.status.first[5]).not_to be_nil
++ expect(@openssl_ocsp_response.basic.status.first[5].class).to eq(Time)
+ end
+ end
+ end
+--- a/spec/units/pkcs11_key_material_spec.rb
++++ b/spec/units/pkcs11_key_material_spec.rb
+@@ -11,31 +11,31 @@ describe CertificateAuthority::Pkcs11Key
+ end
+
+ it "should identify as being in hardware", :pkcs11 => true do
+- @key_material_in_hardware.is_in_hardware?.should be_true
++ expect(@key_material_in_hardware.is_in_hardware?).to be_truthy
+ end
+
+- it "should return a Pkey ref if the private key is requested", :pkcs11 => true do
+- @key_material_in_hardware.private_key.class.should == OpenSSL::PKey::RSA
++ xit "should return a Pkey ref if the private key is requested", :pkcs11 => true do
++ expect(@key_material_in_hardware.private_key.class).to eq(OpenSSL::PKey::RSA)
+ end
+
+- it "should return a Pkey ref if the public key is requested", :pkcs11 => true do
+- @key_material_in_hardware.public_key.class.should == OpenSSL::PKey::RSA
++ xit "should return a Pkey ref if the public key is requested", :pkcs11 => true do
++ expect(@key_material_in_hardware.public_key.class).to eq(OpenSSL::PKey::RSA)
+ end
+
+ it "should accept an ID for on-token objects", :pkcs11 => true do
+- @key_material_in_hardware.respond_to?(:token_id).should be_true
++ expect(@key_material_in_hardware.respond_to?(:token_id)).to be_truthy
+ end
+
+ it "should accept a path to a shared library for a PKCS11 driver", :pkcs11 => true do
+- @key_material_in_hardware.respond_to?(:pkcs11_lib).should be_true
++ expect(@key_material_in_hardware.respond_to?(:pkcs11_lib)).to be_truthy
+ end
+
+ it "should accept a path to OpenSSL's dynamic PKCS11 engine (provided by libengine-pkcs11-openssl)", :pkcs11 => true do
+- @key_material_in_hardware.respond_to?(:openssl_pkcs11_engine_lib).should be_true
++ expect(@key_material_in_hardware.respond_to?(:openssl_pkcs11_engine_lib)).to be_truthy
+ end
+
+ it "should accept an optional PIN to authenticate to the token", :pkcs11 => true do
+- @key_material_in_hardware.respond_to?(:pin).should be_true
++ expect(@key_material_in_hardware.respond_to?(:pin)).to be_truthy
+ end
+
+ end
+--- a/spec/units/serial_number_spec.rb
++++ b/spec/units/serial_number_spec.rb
+@@ -7,14 +7,14 @@ describe CertificateAuthority::SerialNum
+
+ it "should support basic integer serial numbers", :rfc3280 => true do
+ @serial_number.number = 25
+- @serial_number.should be_valid
++ expect(@serial_number).to be_valid
+ @serial_number.number = "abc"
+- @serial_number.should_not be_valid
++ expect(@serial_number).not_to be_valid
+ end
+
+ it "should not allow negative serial numbers", :rfc3280 => true do
+ @serial_number.number = -5
+- @serial_number.should_not be_valid
++ expect(@serial_number).not_to be_valid
+ end
+
+ end
diff --git a/debian/patches/series b/debian/patches/series
new file mode 100644
index 0000000..119ea9b
--- /dev/null
+++ b/debian/patches/series
@@ -0,0 +1 @@
+001_upgrade-spec-to-rspec3.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-ruby-extras/ruby-certificate-authority.git
More information about the Pkg-ruby-extras-commits
mailing list