jruby-openssl 0.10.0-java → 0.10.1-java
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/History.md +12 -0
- data/Mavenfile +12 -33
- data/lib/jopenssl.jar +0 -0
- data/lib/jopenssl/_compat23.rb +71 -0
- data/lib/jopenssl/load.rb +13 -7
- data/lib/jopenssl/version.rb +3 -2
- data/lib/jopenssl19/openssl/ssl-internal.rb +104 -0
- data/lib/jopenssl22/openssl/ssl.rb +16 -16
- data/lib/jopenssl23/openssl.rb +1 -1
- data/lib/jopenssl23/openssl/bn.rb +2 -1
- data/lib/jopenssl23/openssl/buffering.rb +34 -23
- data/lib/jopenssl23/openssl/config.rb +65 -64
- data/lib/jopenssl23/openssl/digest.rb +1 -1
- data/lib/jopenssl23/openssl/pkey.rb +22 -34
- data/lib/jopenssl23/openssl/ssl.rb +187 -121
- data/lib/jopenssl23/openssl/x509.rb +7 -1
- data/lib/openssl/bn.rb +1 -3
- data/lib/openssl/buffering.rb +1 -3
- data/lib/openssl/cipher.rb +1 -3
- data/lib/openssl/config.rb +10 -4
- data/lib/openssl/digest.rb +1 -3
- data/lib/openssl/pkcs12.rb +1 -3
- data/lib/openssl/pkcs5.rb +22 -0
- data/lib/openssl/ssl-internal.rb +1 -3
- data/lib/openssl/ssl.rb +1 -3
- data/lib/openssl/x509-internal.rb +1 -3
- data/lib/openssl/x509.rb +1 -3
- data/pom.xml +12 -60
- metadata +4 -10
- data/integration/1.47/pom.xml +0 -15
- data/integration/1.48/pom.xml +0 -15
- data/integration/1.49/pom.xml +0 -15
- data/integration/1.50/pom.xml +0 -15
- data/integration/Mavenfile +0 -57
- data/integration/pom.xml +0 -122
- data/lib/jopenssl24.rb +0 -112
- data/lib/openssl/pkcs7.rb +0 -5
@@ -63,7 +63,7 @@ module OpenSSL::Buffering
|
|
63
63
|
end
|
64
64
|
|
65
65
|
##
|
66
|
-
# Consumes
|
66
|
+
# Consumes _size_ bytes from the buffer
|
67
67
|
|
68
68
|
def consume_rbuff(size=nil)
|
69
69
|
if @rbuffer.empty?
|
@@ -79,7 +79,7 @@ module OpenSSL::Buffering
|
|
79
79
|
public
|
80
80
|
|
81
81
|
##
|
82
|
-
# Reads
|
82
|
+
# Reads _size_ bytes from the stream. If _buf_ is provided it must
|
83
83
|
# reference a string which will receive the data.
|
84
84
|
#
|
85
85
|
# See IO#read for full details.
|
@@ -106,7 +106,7 @@ module OpenSSL::Buffering
|
|
106
106
|
end
|
107
107
|
|
108
108
|
##
|
109
|
-
# Reads at most
|
109
|
+
# Reads at most _maxlen_ bytes from the stream. If _buf_ is provided it
|
110
110
|
# must reference a string which will receive the data.
|
111
111
|
#
|
112
112
|
# See IO#readpartial for full details.
|
@@ -136,7 +136,7 @@ module OpenSSL::Buffering
|
|
136
136
|
end
|
137
137
|
|
138
138
|
##
|
139
|
-
# Reads at most
|
139
|
+
# Reads at most _maxlen_ bytes in the non-blocking manner.
|
140
140
|
#
|
141
141
|
# When no data can be read without blocking it raises
|
142
142
|
# OpenSSL::SSL::SSLError extended by IO::WaitReadable or IO::WaitWritable.
|
@@ -163,6 +163,11 @@ module OpenSSL::Buffering
|
|
163
163
|
# Note that one reason that read_nonblock writes to the underlying IO is
|
164
164
|
# when the peer requests a new TLS/SSL handshake. See openssl the FAQ for
|
165
165
|
# more details. http://www.openssl.org/support/faq.html
|
166
|
+
#
|
167
|
+
# By specifying a keyword argument _exception_ to +false+, you can indicate
|
168
|
+
# that read_nonblock should not raise an IO::Wait*able exception, but
|
169
|
+
# return the symbol +:wait_writable+ or +:wait_readable+ instead. At EOF,
|
170
|
+
# it will return +nil+ instead of raising EOFError.
|
166
171
|
|
167
172
|
def read_nonblock(maxlen, buf=nil, exception: true)
|
168
173
|
if maxlen == 0
|
@@ -185,11 +190,11 @@ module OpenSSL::Buffering
|
|
185
190
|
end
|
186
191
|
|
187
192
|
##
|
188
|
-
# Reads the next "line
|
189
|
-
#
|
193
|
+
# Reads the next "line" from the stream. Lines are separated by _eol_. If
|
194
|
+
# _limit_ is provided the result will not be longer than the given number of
|
190
195
|
# bytes.
|
191
196
|
#
|
192
|
-
#
|
197
|
+
# _eol_ may be a String or Regexp.
|
193
198
|
#
|
194
199
|
# Unlike IO#gets the line read will not be assigned to +$_+.
|
195
200
|
#
|
@@ -215,7 +220,7 @@ module OpenSSL::Buffering
|
|
215
220
|
|
216
221
|
##
|
217
222
|
# Executes the block for every line in the stream where lines are separated
|
218
|
-
# by
|
223
|
+
# by _eol_.
|
219
224
|
#
|
220
225
|
# See also #gets
|
221
226
|
|
@@ -227,7 +232,7 @@ module OpenSSL::Buffering
|
|
227
232
|
alias each_line each
|
228
233
|
|
229
234
|
##
|
230
|
-
# Reads lines from the stream which are separated by
|
235
|
+
# Reads lines from the stream which are separated by _eol_.
|
231
236
|
#
|
232
237
|
# See also #gets
|
233
238
|
|
@@ -240,7 +245,7 @@ module OpenSSL::Buffering
|
|
240
245
|
end
|
241
246
|
|
242
247
|
##
|
243
|
-
# Reads a line from the stream which is separated by
|
248
|
+
# Reads a line from the stream which is separated by _eol_.
|
244
249
|
#
|
245
250
|
# Raises EOFError if at end of file.
|
246
251
|
|
@@ -276,7 +281,7 @@ module OpenSSL::Buffering
|
|
276
281
|
end
|
277
282
|
|
278
283
|
##
|
279
|
-
# Pushes character
|
284
|
+
# Pushes character _c_ back onto the stream such that a subsequent buffered
|
280
285
|
# character read will return it.
|
281
286
|
#
|
282
287
|
# Unlike IO#getc multiple bytes may be pushed back onto the stream.
|
@@ -303,7 +308,7 @@ module OpenSSL::Buffering
|
|
303
308
|
private
|
304
309
|
|
305
310
|
##
|
306
|
-
# Writes
|
311
|
+
# Writes _s_ to the buffer. When the buffer is full or #sync is true the
|
307
312
|
# buffer is flushed to the underlying socket.
|
308
313
|
|
309
314
|
def do_write(s)
|
@@ -331,16 +336,18 @@ module OpenSSL::Buffering
|
|
331
336
|
public
|
332
337
|
|
333
338
|
##
|
334
|
-
# Writes
|
335
|
-
# converted using
|
339
|
+
# Writes _s_ to the stream. If the argument is not a String it will be
|
340
|
+
# converted using +.to_s+ method. Returns the number of bytes written.
|
336
341
|
|
337
|
-
def write(s)
|
338
|
-
|
339
|
-
|
342
|
+
def write(*s)
|
343
|
+
s.inject(0) do |written, str|
|
344
|
+
do_write(str)
|
345
|
+
written + str.bytesize
|
346
|
+
end
|
340
347
|
end
|
341
348
|
|
342
349
|
##
|
343
|
-
# Writes
|
350
|
+
# Writes _s_ in the non-blocking manner.
|
344
351
|
#
|
345
352
|
# If there is buffered data, it is flushed first. This may block.
|
346
353
|
#
|
@@ -371,6 +378,10 @@ module OpenSSL::Buffering
|
|
371
378
|
# Note that one reason that write_nonblock reads from the underlying IO
|
372
379
|
# is when the peer requests a new TLS/SSL handshake. See the openssl FAQ
|
373
380
|
# for more details. http://www.openssl.org/support/faq.html
|
381
|
+
#
|
382
|
+
# By specifying a keyword argument _exception_ to +false+, you can indicate
|
383
|
+
# that write_nonblock should not raise an IO::Wait*able exception, but
|
384
|
+
# return the symbol +:wait_writable+ or +:wait_readable+ instead.
|
374
385
|
|
375
386
|
def write_nonblock(s, exception: true)
|
376
387
|
flush
|
@@ -378,16 +389,16 @@ module OpenSSL::Buffering
|
|
378
389
|
end
|
379
390
|
|
380
391
|
##
|
381
|
-
# Writes
|
382
|
-
#
|
392
|
+
# Writes _s_ to the stream. _s_ will be converted to a String using
|
393
|
+
# +.to_s+ method.
|
383
394
|
|
384
|
-
def <<
|
395
|
+
def <<(s)
|
385
396
|
do_write(s)
|
386
397
|
self
|
387
398
|
end
|
388
399
|
|
389
400
|
##
|
390
|
-
# Writes
|
401
|
+
# Writes _args_ to the stream along with a record separator.
|
391
402
|
#
|
392
403
|
# See IO#puts for full details.
|
393
404
|
|
@@ -407,7 +418,7 @@ module OpenSSL::Buffering
|
|
407
418
|
end
|
408
419
|
|
409
420
|
##
|
410
|
-
# Writes
|
421
|
+
# Writes _args_ to the stream.
|
411
422
|
#
|
412
423
|
# See IO#print for full details.
|
413
424
|
|
@@ -30,7 +30,8 @@ module OpenSSL
|
|
30
30
|
class << self
|
31
31
|
|
32
32
|
##
|
33
|
-
# Parses a given
|
33
|
+
# Parses a given _string_ as a blob that contains configuration for
|
34
|
+
# OpenSSL.
|
34
35
|
#
|
35
36
|
# If the source of the IO is a file, then consider using #parse_config.
|
36
37
|
def parse(string)
|
@@ -46,7 +47,7 @@ module OpenSSL
|
|
46
47
|
alias load new
|
47
48
|
|
48
49
|
##
|
49
|
-
# Parses the configuration data read from
|
50
|
+
# Parses the configuration data read from _io_, see also #parse.
|
50
51
|
#
|
51
52
|
# Raises a ConfigError on invalid configuration data.
|
52
53
|
def parse_config(io)
|
@@ -71,7 +72,7 @@ module OpenSSL
|
|
71
72
|
end
|
72
73
|
end
|
73
74
|
|
74
|
-
|
75
|
+
private
|
75
76
|
|
76
77
|
def parse_config_lines(io)
|
77
78
|
section = 'default'
|
@@ -110,10 +111,10 @@ module OpenSSL
|
|
110
111
|
QUOTE_REGEXP_DQ = /\A([^"\\]*(?:""[^"\\]*|\\.[^"\\]*)*)"/
|
111
112
|
# escaped char map
|
112
113
|
ESCAPE_MAP = {
|
113
|
-
|
114
|
-
|
115
|
-
|
116
|
-
|
114
|
+
"r" => "\r",
|
115
|
+
"n" => "\n",
|
116
|
+
"b" => "\b",
|
117
|
+
"t" => "\t",
|
117
118
|
}
|
118
119
|
|
119
120
|
def unescape_value(data, section, value)
|
@@ -123,36 +124,36 @@ module OpenSSL
|
|
123
124
|
c = m[0]
|
124
125
|
value = m.post_match
|
125
126
|
case c
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
135
|
-
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
|
140
|
-
|
141
|
-
|
142
|
-
|
143
|
-
|
144
|
-
|
145
|
-
|
146
|
-
|
147
|
-
|
148
|
-
|
149
|
-
|
150
|
-
|
151
|
-
else
|
152
|
-
raise ConfigError, "variable has no value"
|
153
|
-
end
|
127
|
+
when "'"
|
128
|
+
if m = value.match(QUOTE_REGEXP_SQ)
|
129
|
+
scanned << m[1].gsub(/\\(.)/, '\\1')
|
130
|
+
value = m.post_match
|
131
|
+
else
|
132
|
+
break
|
133
|
+
end
|
134
|
+
when '"'
|
135
|
+
if m = value.match(QUOTE_REGEXP_DQ)
|
136
|
+
scanned << m[1].gsub(/""/, '').gsub(/\\(.)/, '\\1')
|
137
|
+
value = m.post_match
|
138
|
+
else
|
139
|
+
break
|
140
|
+
end
|
141
|
+
when "\\"
|
142
|
+
c = value.slice!(0, 1)
|
143
|
+
scanned << (ESCAPE_MAP[c] || c)
|
144
|
+
when "$"
|
145
|
+
ref, value = extract_reference(value)
|
146
|
+
refsec = section
|
147
|
+
if ref.index('::')
|
148
|
+
refsec, ref = ref.split('::', 2)
|
149
|
+
end
|
150
|
+
if v = get_key_string(data, refsec, ref)
|
151
|
+
scanned << v
|
154
152
|
else
|
155
|
-
raise
|
153
|
+
raise ConfigError, "variable has no value"
|
154
|
+
end
|
155
|
+
else
|
156
|
+
raise 'must not reaced'
|
156
157
|
end
|
157
158
|
end
|
158
159
|
scanned << value
|
@@ -186,25 +187,25 @@ module OpenSSL
|
|
186
187
|
c = m[0]
|
187
188
|
line = m.post_match
|
188
189
|
case c
|
189
|
-
|
190
|
+
when '#'
|
191
|
+
line = nil
|
192
|
+
break
|
193
|
+
when "'", '"'
|
194
|
+
regexp = (c == "'") ? QUOTE_REGEXP_SQ : QUOTE_REGEXP_DQ
|
195
|
+
scanned << c
|
196
|
+
if m = line.match(regexp)
|
197
|
+
scanned << m[0]
|
198
|
+
line = m.post_match
|
199
|
+
else
|
200
|
+
scanned << line
|
190
201
|
line = nil
|
191
202
|
break
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
|
196
|
-
|
197
|
-
|
198
|
-
else
|
199
|
-
scanned << line
|
200
|
-
line = nil
|
201
|
-
break
|
202
|
-
end
|
203
|
-
when "\\"
|
204
|
-
scanned << c
|
205
|
-
scanned << line.slice!(0, 1)
|
206
|
-
else
|
207
|
-
raise 'must not reaced'
|
203
|
+
end
|
204
|
+
when "\\"
|
205
|
+
scanned << c
|
206
|
+
scanned << line.slice!(0, 1)
|
207
|
+
else
|
208
|
+
raise 'must not reaced'
|
208
209
|
end
|
209
210
|
end
|
210
211
|
scanned << line
|
@@ -236,7 +237,7 @@ module OpenSSL
|
|
236
237
|
#
|
237
238
|
# This can be used in contexts like OpenSSL::X509::ExtensionFactory.config=
|
238
239
|
#
|
239
|
-
# If the optional
|
240
|
+
# If the optional _filename_ parameter is provided, then it is read in and
|
240
241
|
# parsed via #parse_config.
|
241
242
|
#
|
242
243
|
# This can raise IO exceptions based on the access, or availability of the
|
@@ -255,7 +256,7 @@ module OpenSSL
|
|
255
256
|
end
|
256
257
|
|
257
258
|
##
|
258
|
-
# Gets the value of
|
259
|
+
# Gets the value of _key_ from the given _section_
|
259
260
|
#
|
260
261
|
# Given the following configurating file being loaded:
|
261
262
|
#
|
@@ -265,8 +266,8 @@ module OpenSSL
|
|
265
266
|
# #=> [ default ]
|
266
267
|
# # foo=bar
|
267
268
|
#
|
268
|
-
# You can get a specific value from the config if you know the
|
269
|
-
# and
|
269
|
+
# You can get a specific value from the config if you know the _section_
|
270
|
+
# and _key_ like so:
|
270
271
|
#
|
271
272
|
# config.get_value('default','foo')
|
272
273
|
# #=> "bar"
|
@@ -297,7 +298,7 @@ module OpenSSL
|
|
297
298
|
end
|
298
299
|
|
299
300
|
##
|
300
|
-
# Set the target
|
301
|
+
# Set the target _key_ with a given _value_ under a specific _section_.
|
301
302
|
#
|
302
303
|
# Given the following configurating file being loaded:
|
303
304
|
#
|
@@ -307,7 +308,7 @@ module OpenSSL
|
|
307
308
|
# #=> [ default ]
|
308
309
|
# # foo=bar
|
309
310
|
#
|
310
|
-
# You can set the value of
|
311
|
+
# You can set the value of _foo_ under the _default_ section to a new
|
311
312
|
# value:
|
312
313
|
#
|
313
314
|
# config.add_value('default', 'foo', 'buzz')
|
@@ -322,7 +323,7 @@ module OpenSSL
|
|
322
323
|
end
|
323
324
|
|
324
325
|
##
|
325
|
-
# Get a specific
|
326
|
+
# Get a specific _section_ from the current configuration
|
326
327
|
#
|
327
328
|
# Given the following configurating file being loaded:
|
328
329
|
#
|
@@ -351,7 +352,7 @@ module OpenSSL
|
|
351
352
|
end
|
352
353
|
|
353
354
|
##
|
354
|
-
# Sets a specific
|
355
|
+
# Sets a specific _section_ name with a Hash _pairs_.
|
355
356
|
#
|
356
357
|
# Given the following configuration being created:
|
357
358
|
#
|
@@ -365,7 +366,7 @@ module OpenSSL
|
|
365
366
|
# # baz=buz
|
366
367
|
#
|
367
368
|
# It's important to note that this will essentially merge any of the keys
|
368
|
-
# in
|
369
|
+
# in _pairs_ with the existing _section_. For example:
|
369
370
|
#
|
370
371
|
# config['default']
|
371
372
|
# #=> {"foo"=>"bar", "baz"=>"buz"}
|
@@ -450,13 +451,13 @@ module OpenSSL
|
|
450
451
|
"#<#{self.class.name} sections=#{sections.inspect}>"
|
451
452
|
end
|
452
453
|
|
453
|
-
|
454
|
+
protected
|
454
455
|
|
455
456
|
def data # :nodoc:
|
456
457
|
@data
|
457
458
|
end
|
458
459
|
|
459
|
-
|
460
|
+
private
|
460
461
|
|
461
462
|
def initialize_copy(other)
|
462
463
|
@data = other.data.dup
|
@@ -1,37 +1,25 @@
|
|
1
1
|
# frozen_string_literal: false
|
2
|
-
|
3
|
-
|
4
|
-
|
2
|
+
#--
|
3
|
+
# Ruby/OpenSSL Project
|
4
|
+
# Copyright (C) 2017 Ruby/OpenSSL Project Authors
|
5
|
+
#++
|
5
6
|
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
end
|
22
|
-
|
23
|
-
DEFAULT_TMP_DH_CALLBACK = lambda { |ctx, is_export, keylen|
|
24
|
-
warn "using default DH parameters." if $VERBOSE
|
25
|
-
case keylen
|
26
|
-
when 512 then OpenSSL::PKey::DH::DEFAULT_512
|
27
|
-
when 1024 then OpenSSL::PKey::DH::DEFAULT_1024
|
28
|
-
else
|
29
|
-
nil
|
30
|
-
end
|
31
|
-
}
|
32
|
-
|
33
|
-
else
|
34
|
-
DEFAULT_TMP_DH_CALLBACK = nil
|
35
|
-
end
|
7
|
+
module OpenSSL::PKey
|
8
|
+
if defined?(EC)
|
9
|
+
class EC::Point
|
10
|
+
# :call-seq:
|
11
|
+
# point.to_bn([conversion_form]) -> OpenSSL::BN
|
12
|
+
#
|
13
|
+
# Returns the octet string representation of the EC point as an instance of
|
14
|
+
# OpenSSL::BN.
|
15
|
+
#
|
16
|
+
# If _conversion_form_ is not given, the _point_conversion_form_ attribute
|
17
|
+
# set to the group is used.
|
18
|
+
#
|
19
|
+
# See #to_octet_string for more information.
|
20
|
+
# def to_bn(conversion_form = group.point_conversion_form)
|
21
|
+
# OpenSSL::BN.new(to_octet_string(conversion_form), 2)
|
22
|
+
# end
|
23
|
+
end
|
36
24
|
end
|
37
|
-
end
|
25
|
+
end
|