jruby-openssl 0.0.4 → 0.1

Sign up to get free protection for your applications and to get access to all the features.

Potentially problematic release.


This version of jruby-openssl might be problematic. Click here for more details.

data/History.txt ADDED
@@ -0,0 +1,12 @@
1
+ == 0.1
2
+
3
+ - PLEASE NOTE: This release is not compatible with JRuby releases earlier than
4
+ 1.0.3 or 1.1b2. If you must use JRuby 1.0.2 or earlier, please install the
5
+ 0.6 release.
6
+ - Release coincides with JRuby 1.0.3 and JRuby 1.1b2 releases
7
+ - Simultaneous support for JRuby trunk and 1.0 branch
8
+ - Start of support for OpenSSL::BN
9
+
10
+ == 0.0.5 and prior
11
+
12
+ - Initial versions with maintenance updates
data/License.txt ADDED
@@ -0,0 +1,30 @@
1
+ JRuby-OpenSSL is distributed under the same license as JRuby (http://www.jruby.org/).
2
+
3
+ Version: CPL 1.0/GPL 2.0/LGPL 2.1
4
+
5
+ The contents of this file are subject to the Common Public
6
+ License Version 1.0 (the "License"); you may not use this file
7
+ except in compliance with the License. You may obtain a copy of
8
+ the License at http://www.eclipse.org/legal/cpl-v10.html
9
+
10
+ Software distributed under the License is distributed on an "AS
11
+ IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
12
+ implied. See the License for the specific language governing
13
+ rights and limitations under the License.
14
+
15
+ Copyright (C) 2007 Ola Bini <ola.bini@gmail.com>
16
+
17
+ Alternatively, the contents of this file may be used under the terms of
18
+ either of the GNU General Public License Version 2 or later (the "GPL"),
19
+ or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
20
+ in which case the provisions of the GPL or the LGPL are applicable instead
21
+ of those above. If you wish to allow use of your version of this file only
22
+ under the terms of either the GPL or the LGPL, and not to allow others to
23
+ use your version of this file under the terms of the CPL, indicate your
24
+ decision by deleting the provisions above and replace them with the notice
25
+ and other provisions required by the GPL or the LGPL. If you do not delete
26
+ the provisions above, a recipient may use your version of this file under
27
+ the terms of any one of the CPL, the GPL or the LGPL.
28
+
29
+ JRuby-OpenSSL includes software by the Legion of the Bouncy Castle
30
+ (http://bouncycastle.org/license.html).
data/README.txt ADDED
@@ -0,0 +1,18 @@
1
+ JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL native library.
2
+
3
+ JRuby offers *just enough* compatibility for most Ruby applications that use OpenSSL.
4
+
5
+ Libraries that appear to work fine:
6
+
7
+ Rails, Net::HTTPS
8
+
9
+ Notable libraries that do *not* yet work include:
10
+
11
+ Net::SSH, Net::SFTP, etc.
12
+
13
+ Please report bugs and incompatibilities (preferably with testcases) to either the JRuby
14
+ mailing list [1] or the JRuby bug tracker [2].
15
+
16
+ [1]: http://xircles.codehaus.org/projects/jruby/lists
17
+
18
+ [2]: http://jira.codehaus.org/browse/JRUBY
data/lib/jopenssl.jar CHANGED
Binary file
@@ -0,0 +1,5 @@
1
+ module Jopenssl
2
+ module Version
3
+ VERSION = "0.1"
4
+ end
5
+ end
@@ -0,0 +1,34 @@
1
+ warn "Warning: OpenSSL ASN1/PKey/X509/Netscape/PKCS7 implementation unavailable"
2
+ warn "You need to download or install BouncyCastle jars (bc-prov-*.jar, bc-mail-*.jar)"
3
+ warn "to fix this."
4
+ module OpenSSL
5
+ module ASN1
6
+ class ASN1Error < OpenSSLError; end
7
+ class ASN1Data; end
8
+ class Primitive; end
9
+ class Constructive; end
10
+ end
11
+ module PKey
12
+ class PKeyError < OpenSSLError; end
13
+ class PKey; def initialize(*args); end; end
14
+ class RSA < PKey; end
15
+ class DSA < PKey; end
16
+ class DH < PKey; end
17
+ end
18
+ module X509
19
+ class Name; end
20
+ class Certificate; end
21
+ class Extension; end
22
+ class CRL; end
23
+ class Revoked; end
24
+ class Store; end
25
+ class Request; end
26
+ class Attribute; end
27
+ end
28
+ module Netscape
29
+ class SPKI; end
30
+ end
31
+ module PKCS7
32
+ class PKCS7; end
33
+ end
34
+ end
@@ -0,0 +1,13 @@
1
+ warn "Warning: OpenSSL SSL implementation unavailable"
2
+ warn "You must run on JDK 1.5 (Java 5) or higher to use SSL"
3
+ module OpenSSL
4
+ module SSL
5
+ class SSLError < OpenSSLError; end
6
+ class SSLContext; end
7
+ class SSLSocket; end
8
+ VERIFY_NONE = 0
9
+ VERIFY_PEER = 1
10
+ VERIFY_FAIL_IF_NO_PEER_CERT = 2
11
+ VERIFY_CLIENT_ONCE = 4
12
+ end
13
+ end
@@ -0,0 +1,81 @@
1
+ require "socket"
2
+ require "thread"
3
+ require "openssl"
4
+ require File.join(File.dirname(__FILE__), "utils.rb")
5
+
6
+ def get_pem(io=$stdin)
7
+ buf = ""
8
+ while line = io.gets
9
+ if /^-----BEGIN / =~ line
10
+ buf << line
11
+ break
12
+ end
13
+ end
14
+ while line = io.gets
15
+ buf << line
16
+ if /^-----END / =~ line
17
+ break
18
+ end
19
+ end
20
+ return buf
21
+ end
22
+
23
+ def make_key(pem)
24
+ begin
25
+ return OpenSSL::PKey::RSA.new(pem)
26
+ rescue
27
+ return OpenSSL::PKey::DSA.new(pem)
28
+ end
29
+ end
30
+
31
+ ca_cert = OpenSSL::X509::Certificate.new(get_pem)
32
+ ssl_cert = OpenSSL::X509::Certificate.new(get_pem)
33
+ ssl_key = make_key(get_pem)
34
+ port = Integer(ARGV.shift)
35
+ verify_mode = Integer(ARGV.shift)
36
+ start_immediately = (/yes/ =~ ARGV.shift)
37
+
38
+ store = OpenSSL::X509::Store.new
39
+ store.add_cert(ca_cert)
40
+ store.purpose = OpenSSL::X509::PURPOSE_SSL_CLIENT
41
+ ctx = OpenSSL::SSL::SSLContext.new
42
+ ctx.cert_store = store
43
+ #ctx.extra_chain_cert = [ ca_cert ]
44
+ ctx.cert = ssl_cert
45
+ ctx.key = ssl_key
46
+ ctx.verify_mode = verify_mode
47
+
48
+ Socket.do_not_reverse_lookup = true
49
+ tcps = nil
50
+ 100.times{|i|
51
+ begin
52
+ tcps = TCPServer.new("0.0.0.0", port+i)
53
+ port = port + i
54
+ break
55
+ rescue Errno::EADDRINUSE
56
+ next
57
+ end
58
+ }
59
+ ssls = OpenSSL::SSL::SSLServer.new(tcps, ctx)
60
+ ssls.start_immediately = start_immediately
61
+
62
+ $stdout.sync = true
63
+ $stdout.puts Process.pid
64
+ $stdout.puts port
65
+
66
+ loop do
67
+ ssl = ssls.accept rescue next
68
+ Thread.start{
69
+ q = Queue.new
70
+ th = Thread.start{ ssl.write(q.shift) while true }
71
+ while line = ssl.gets
72
+ if line =~ /^STARTTLS$/
73
+ ssl.accept
74
+ next
75
+ end
76
+ q.push(line)
77
+ end
78
+ th.kill if q.empty?
79
+ ssl.close
80
+ }
81
+ end
@@ -0,0 +1,199 @@
1
+ begin
2
+ require "openssl"
3
+ require File.join(File.dirname(__FILE__), "utils.rb")
4
+ rescue LoadError
5
+ end
6
+ require 'test/unit'
7
+
8
+ class OpenSSL::TestASN1 < Test::Unit::TestCase
9
+ def test_decode
10
+ subj = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=TestCA")
11
+ key = OpenSSL::TestUtils::TEST_KEY_RSA1024
12
+ now = Time.at(Time.now.to_i) # suppress usec
13
+ # now = Time.utc(2006,04,03,22,15,13)
14
+ s = 0xdeadbeafdeadbeafdeadbeafdeadbeaf
15
+ exts = [
16
+ ["basicConstraints","CA:TRUE,pathlen:1",true],
17
+ ["keyUsage","keyCertSign, cRLSign",true],
18
+ ["subjectKeyIdentifier","hash",false],
19
+ ]
20
+ dgst = OpenSSL::Digest::SHA1.new
21
+ cert = OpenSSL::TestUtils.issue_cert(
22
+ subj, key, s, now, now+3600, exts, nil, nil, dgst)
23
+
24
+ asn1 = OpenSSL::ASN1.decode(cert)
25
+ assert_equal(OpenSSL::ASN1::Sequence, asn1.class)
26
+ assert_equal(3, asn1.value.size)
27
+ tbs_cert, sig_alg, sig_val = *asn1.value
28
+
29
+ assert_equal(OpenSSL::ASN1::Sequence, tbs_cert.class)
30
+ assert_equal(8, tbs_cert.value.size)
31
+
32
+ version = tbs_cert.value[0]
33
+ assert_equal(:CONTEXT_SPECIFIC, version.tag_class)
34
+ assert_equal(0, version.tag)
35
+
36
+ assert_equal(1, version.value.size)
37
+ assert_equal(OpenSSL::ASN1::Integer, version.value[0].class)
38
+ assert_equal(2, version.value[0].value)
39
+
40
+ serial = tbs_cert.value[1]
41
+ assert_equal(OpenSSL::ASN1::Integer, serial.class)
42
+ assert_equal(0xdeadbeafdeadbeafdeadbeafdeadbeaf, serial.value)
43
+
44
+ sig = tbs_cert.value[2]
45
+ assert_equal(OpenSSL::ASN1::Sequence, sig.class)
46
+ assert_equal(2, sig.value.size)
47
+ assert_equal(OpenSSL::ASN1::ObjectId, sig.value[0].class)
48
+ assert_equal("1.2.840.113549.1.1.5", sig.value[0].oid)
49
+ assert_equal(OpenSSL::ASN1::Null, sig.value[1].class)
50
+
51
+ dn = tbs_cert.value[3] # issuer
52
+ assert_equal(subj.hash, OpenSSL::X509::Name.new(dn).hash)
53
+ assert_equal(OpenSSL::ASN1::Sequence, dn.class)
54
+ assert_equal(3, dn.value.size)
55
+ assert_equal(OpenSSL::ASN1::Set, dn.value[0].class)
56
+ assert_equal(OpenSSL::ASN1::Set, dn.value[1].class)
57
+ assert_equal(OpenSSL::ASN1::Set, dn.value[2].class)
58
+ assert_equal(1, dn.value[0].value.size)
59
+ assert_equal(1, dn.value[1].value.size)
60
+ assert_equal(1, dn.value[2].value.size)
61
+ assert_equal(OpenSSL::ASN1::Sequence, dn.value[0].value[0].class)
62
+ assert_equal(OpenSSL::ASN1::Sequence, dn.value[1].value[0].class)
63
+ assert_equal(OpenSSL::ASN1::Sequence, dn.value[2].value[0].class)
64
+ assert_equal(2, dn.value[0].value[0].value.size)
65
+ assert_equal(2, dn.value[1].value[0].value.size)
66
+ assert_equal(2, dn.value[2].value[0].value.size)
67
+ oid, value = *dn.value[0].value[0].value
68
+ assert_equal(OpenSSL::ASN1::ObjectId, oid.class)
69
+ assert_equal("0.9.2342.19200300.100.1.25", oid.oid)
70
+ assert_equal(OpenSSL::ASN1::IA5String, value.class)
71
+ assert_equal("org", value.value)
72
+ oid, value = *dn.value[1].value[0].value
73
+ assert_equal(OpenSSL::ASN1::ObjectId, oid.class)
74
+ assert_equal("0.9.2342.19200300.100.1.25", oid.oid)
75
+ assert_equal(OpenSSL::ASN1::IA5String, value.class)
76
+ assert_equal("ruby-lang", value.value)
77
+ oid, value = *dn.value[2].value[0].value
78
+ assert_equal(OpenSSL::ASN1::ObjectId, oid.class)
79
+ assert_equal("2.5.4.3", oid.oid)
80
+ assert_equal(OpenSSL::ASN1::UTF8String, value.class)
81
+ assert_equal("TestCA", value.value)
82
+
83
+ validity = tbs_cert.value[4]
84
+ assert_equal(OpenSSL::ASN1::Sequence, validity.class)
85
+ assert_equal(2, validity.value.size)
86
+ assert_equal(OpenSSL::ASN1::UTCTime, validity.value[0].class)
87
+ assert_equal(now, validity.value[0].value)
88
+ assert_equal(OpenSSL::ASN1::UTCTime, validity.value[1].class)
89
+ assert_equal(now+3600, validity.value[1].value)
90
+
91
+ dn = tbs_cert.value[5] # subject
92
+ assert_equal(subj.hash, OpenSSL::X509::Name.new(dn).hash)
93
+ assert_equal(OpenSSL::ASN1::Sequence, dn.class)
94
+ assert_equal(3, dn.value.size)
95
+ assert_equal(OpenSSL::ASN1::Set, dn.value[0].class)
96
+ assert_equal(OpenSSL::ASN1::Set, dn.value[1].class)
97
+ assert_equal(OpenSSL::ASN1::Set, dn.value[2].class)
98
+ assert_equal(1, dn.value[0].value.size)
99
+ assert_equal(1, dn.value[1].value.size)
100
+ assert_equal(1, dn.value[2].value.size)
101
+ assert_equal(OpenSSL::ASN1::Sequence, dn.value[0].value[0].class)
102
+ assert_equal(OpenSSL::ASN1::Sequence, dn.value[1].value[0].class)
103
+ assert_equal(OpenSSL::ASN1::Sequence, dn.value[2].value[0].class)
104
+ assert_equal(2, dn.value[0].value[0].value.size)
105
+ assert_equal(2, dn.value[1].value[0].value.size)
106
+ assert_equal(2, dn.value[2].value[0].value.size)
107
+ oid, value = *dn.value[0].value[0].value
108
+ assert_equal(OpenSSL::ASN1::ObjectId, oid.class)
109
+ assert_equal("0.9.2342.19200300.100.1.25", oid.oid)
110
+ assert_equal(OpenSSL::ASN1::IA5String, value.class)
111
+ assert_equal("org", value.value)
112
+ oid, value = *dn.value[1].value[0].value
113
+ assert_equal(OpenSSL::ASN1::ObjectId, oid.class)
114
+ assert_equal("0.9.2342.19200300.100.1.25", oid.oid)
115
+ assert_equal(OpenSSL::ASN1::IA5String, value.class)
116
+ assert_equal("ruby-lang", value.value)
117
+ oid, value = *dn.value[2].value[0].value
118
+ assert_equal(OpenSSL::ASN1::ObjectId, oid.class)
119
+ assert_equal("2.5.4.3", oid.oid)
120
+ assert_equal(OpenSSL::ASN1::UTF8String, value.class)
121
+ assert_equal("TestCA", value.value)
122
+
123
+ pkey = tbs_cert.value[6]
124
+ assert_equal(OpenSSL::ASN1::Sequence, pkey.class)
125
+ assert_equal(2, pkey.value.size)
126
+ assert_equal(OpenSSL::ASN1::Sequence, pkey.value[0].class)
127
+ assert_equal(2, pkey.value[0].value.size)
128
+ assert_equal(OpenSSL::ASN1::ObjectId, pkey.value[0].value[0].class)
129
+ assert_equal("1.2.840.113549.1.1.1", pkey.value[0].value[0].oid)
130
+ assert_equal(OpenSSL::ASN1::BitString, pkey.value[1].class)
131
+ assert_equal(0, pkey.value[1].unused_bits)
132
+ spkey = OpenSSL::ASN1.decode(pkey.value[1].value)
133
+ assert_equal(OpenSSL::ASN1::Sequence, spkey.class)
134
+ assert_equal(2, spkey.value.size)
135
+ assert_equal(OpenSSL::ASN1::Integer, spkey.value[0].class)
136
+ assert_equal(143085709396403084580358323862163416700436550432664688288860593156058579474547937626086626045206357324274536445865308750491138538454154232826011964045825759324933943290377903384882276841880081931690695505836279972214003660451338124170055999155993192881685495391496854691199517389593073052473319331505702779271, spkey.value[0].value)
137
+ assert_equal(OpenSSL::ASN1::Integer, spkey.value[1].class)
138
+ assert_equal(65537, spkey.value[1].value)
139
+
140
+ extensions = tbs_cert.value[7]
141
+ assert_equal(:CONTEXT_SPECIFIC, extensions.tag_class)
142
+ assert_equal(3, extensions.tag)
143
+ assert_equal(1, extensions.value.size)
144
+ assert_equal(OpenSSL::ASN1::Sequence, extensions.value[0].class)
145
+ assert_equal(3, extensions.value[0].value.size)
146
+
147
+ ext = extensions.value[0].value[0] # basicConstraints
148
+ assert_equal(OpenSSL::ASN1::Sequence, ext.class)
149
+ assert_equal(3, ext.value.size)
150
+ assert_equal(OpenSSL::ASN1::ObjectId, ext.value[0].class)
151
+ assert_equal("2.5.29.19", ext.value[0].oid)
152
+ assert_equal(OpenSSL::ASN1::Boolean, ext.value[1].class)
153
+ assert_equal(true, ext.value[1].value)
154
+ assert_equal(OpenSSL::ASN1::OctetString, ext.value[2].class)
155
+ extv = OpenSSL::ASN1.decode(ext.value[2].value)
156
+ assert_equal(OpenSSL::ASN1::Sequence, extv.class)
157
+ assert_equal(2, extv.value.size)
158
+ assert_equal(OpenSSL::ASN1::Boolean, extv.value[0].class)
159
+ assert_equal(true, extv.value[0].value)
160
+ assert_equal(OpenSSL::ASN1::Integer, extv.value[1].class)
161
+ assert_equal(1, extv.value[1].value)
162
+
163
+ ext = extensions.value[0].value[1] # keyUsage
164
+ assert_equal(OpenSSL::ASN1::Sequence, ext.class)
165
+ assert_equal(3, ext.value.size)
166
+ assert_equal(OpenSSL::ASN1::ObjectId, ext.value[0].class)
167
+ assert_equal("2.5.29.15", ext.value[0].oid)
168
+ assert_equal(OpenSSL::ASN1::Boolean, ext.value[1].class)
169
+ assert_equal(true, ext.value[1].value)
170
+ assert_equal(OpenSSL::ASN1::OctetString, ext.value[2].class)
171
+ extv = OpenSSL::ASN1.decode(ext.value[2].value)
172
+ assert_equal(OpenSSL::ASN1::BitString, extv.class)
173
+ str = "\000"; str[0] = 0b00000110
174
+ assert_equal(str, extv.value)
175
+
176
+ ext = extensions.value[0].value[2] # subjetKeyIdentifier
177
+ assert_equal(OpenSSL::ASN1::Sequence, ext.class)
178
+ assert_equal(2, ext.value.size)
179
+ assert_equal(OpenSSL::ASN1::ObjectId, ext.value[0].class)
180
+ assert_equal("2.5.29.14", ext.value[0].oid)
181
+ assert_equal(OpenSSL::ASN1::OctetString, ext.value[1].class)
182
+ extv = OpenSSL::ASN1.decode(ext.value[1].value)
183
+ assert_equal(OpenSSL::ASN1::OctetString, extv.class)
184
+ sha1 = OpenSSL::Digest::SHA1.new
185
+ sha1.update(pkey.value[1].value)
186
+ assert_equal(sha1.digest, extv.value)
187
+
188
+ assert_equal(OpenSSL::ASN1::Sequence, sig_alg.class)
189
+ assert_equal(2, sig_alg.value.size)
190
+ assert_equal(OpenSSL::ASN1::ObjectId, pkey.value[0].value[0].class)
191
+ assert_equal("1.2.840.113549.1.1.1", pkey.value[0].value[0].oid)
192
+ assert_equal(OpenSSL::ASN1::Null, pkey.value[0].value[1].class)
193
+
194
+ assert_equal(OpenSSL::ASN1::BitString, sig_val.class)
195
+
196
+ cululated_sig = key.sign(OpenSSL::Digest::SHA1.new, tbs_cert.to_der)
197
+ assert_equal(cululated_sig, sig_val.value)
198
+ end
199
+ end if defined?(OpenSSL)
@@ -0,0 +1,151 @@
1
+ begin
2
+ require "openssl"
3
+ rescue LoadError
4
+ end
5
+ require "test/unit"
6
+
7
+ if defined?(OpenSSL)
8
+
9
+ class OpenSSL::TestCipher < Test::Unit::TestCase
10
+ def setup
11
+ @c1 = OpenSSL::Cipher::Cipher.new("DES-EDE3-CBC")
12
+ @c2 = OpenSSL::Cipher::DES.new(:EDE3, "CBC")
13
+ @key = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
14
+ @iv = "\0\0\0\0\0\0\0\0"
15
+ @hexkey = "0000000000000000000000000000000000000000000000"
16
+ @hexiv = "0000000000000000"
17
+ @data = "DATA"
18
+ end
19
+
20
+ def teardown
21
+ @c1 = @c2 = nil
22
+ end
23
+
24
+ def test_crypt
25
+ @c1.encrypt.pkcs5_keyivgen(@key, @iv)
26
+ @c2.encrypt.pkcs5_keyivgen(@key, @iv)
27
+ s1 = @c1.update(@data) + @c1.final
28
+ s2 = @c2.update(@data) + @c2.final
29
+ assert_equal(s1, s2, "encrypt")
30
+
31
+ @c1.decrypt.pkcs5_keyivgen(@key, @iv)
32
+ @c2.decrypt.pkcs5_keyivgen(@key, @iv)
33
+ assert_equal(@data, @c1.update(s1)+@c1.final, "decrypt")
34
+ assert_equal(@data, @c2.update(s2)+@c2.final, "decrypt")
35
+ end
36
+
37
+ def test_info
38
+ assert_equal("DES-EDE3-CBC", @c1.name, "name")
39
+ assert_equal("DES-EDE3-CBC", @c2.name, "name")
40
+ assert_kind_of(Fixnum, @c1.key_len, "key_len")
41
+ assert_kind_of(Fixnum, @c1.iv_len, "iv_len")
42
+ end
43
+
44
+ def test_dup
45
+ assert_equal(@c1.name, @c1.dup.name, "dup")
46
+ assert_equal(@c1.name, @c1.clone.name, "clone")
47
+ @c1.encrypt
48
+ @c1.key = @key
49
+ @c1.iv = @iv
50
+ tmpc = @c1.dup
51
+ s1 = @c1.update(@data) + @c1.final
52
+ s2 = tmpc.update(@data) + tmpc.final
53
+ assert_equal(s1, s2, "encrypt dup")
54
+ end
55
+
56
+ def test_reset
57
+ @c1.encrypt
58
+ @c1.key = @key
59
+ @c1.iv = @iv
60
+ s1 = @c1.update(@data) + @c1.final
61
+ @c1.reset
62
+ s2 = @c1.update(@data) + @c1.final
63
+ assert_equal(s1, s2, "encrypt reset")
64
+ end
65
+
66
+ def test_empty_data
67
+ @c1.encrypt
68
+ assert_raises(ArgumentError){ @c1.update("") }
69
+ end
70
+
71
+ def test_disable_padding(padding=0)
72
+ # assume a padding size of 8
73
+ # encrypt the data with padding
74
+ @c1.encrypt
75
+ @c1.key = @key
76
+ @c1.iv = @iv
77
+ encrypted_data = @c1.update(@data) + @c1.final
78
+ assert_equal(8, encrypted_data.size)
79
+ # decrypt with padding disabled
80
+ @c1.decrypt
81
+ @c1.padding = padding
82
+ decrypted_data = @c1.update(encrypted_data) + @c1.final
83
+ # check that the result contains the padding
84
+ assert_equal(8, decrypted_data.size)
85
+ assert_equal(@data, decrypted_data[0...@data.size])
86
+ end
87
+
88
+ if PLATFORM =~ /java/
89
+ # JRuby extension - using Java padding types
90
+
91
+ def test_disable_padding_javastyle
92
+ test_disable_padding('NoPadding')
93
+ end
94
+
95
+ def test_iso10126_padding
96
+ @c1.encrypt
97
+ @c1.key = @key
98
+ @c1.iv = @iv
99
+ @c1.padding = 'ISO10126Padding'
100
+ encrypted_data = @c1.update(@data) + @c1.final
101
+ # decrypt with padding disabled to see the padding
102
+ @c1.decrypt
103
+ @c1.padding = 0
104
+ decrypted_data = @c1.update(encrypted_data) + @c1.final
105
+ assert_equal(@data, decrypted_data[0...@data.size])
106
+ # last byte should be the amount of padding
107
+ assert_equal(4, decrypted_data[-1])
108
+ end
109
+
110
+ def test_iso10126_padding_boundry
111
+ @data = 'HELODATA' # 8 bytes, same as padding size
112
+ @c1.encrypt
113
+ @c1.key = @key
114
+ @c1.iv = @iv
115
+ @c1.padding = 'ISO10126Padding'
116
+ encrypted_data = @c1.update(@data) + @c1.final
117
+ # decrypt with padding disabled to see the padding
118
+ @c1.decrypt
119
+ @c1.padding = 0
120
+ decrypted_data = @c1.update(encrypted_data) + @c1.final
121
+ assert_equal(@data, decrypted_data[0...@data.size])
122
+ # padding should be one whole block
123
+ assert_equal(8, decrypted_data[-1])
124
+ end
125
+ end
126
+
127
+ if OpenSSL::OPENSSL_VERSION_NUMBER > 0x00907000
128
+ def test_ciphers
129
+ OpenSSL::Cipher.ciphers.each{|name|
130
+ assert(OpenSSL::Cipher::Cipher.new(name).is_a?(OpenSSL::Cipher::Cipher))
131
+ }
132
+ end
133
+
134
+ def test_AES
135
+ pt = File.read(__FILE__)
136
+ %w(ECB CBC CFB OFB).each{|mode|
137
+ c1 = OpenSSL::Cipher::AES256.new(mode)
138
+ c1.encrypt
139
+ c1.pkcs5_keyivgen("passwd")
140
+ ct = c1.update(pt) + c1.final
141
+
142
+ c2 = OpenSSL::Cipher::AES256.new(mode)
143
+ c2.decrypt
144
+ c2.pkcs5_keyivgen("passwd")
145
+ assert_equal(pt, c2.update(ct) + c2.final)
146
+ }
147
+ end
148
+ end
149
+ end
150
+
151
+ end