jruby-openssl 0.11.0-java → 0.12.1-java
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/History.md +20 -0
- data/Mavenfile +21 -26
- data/README.md +3 -0
- data/Rakefile +21 -35
- data/lib/jopenssl/load.rb +0 -14
- data/lib/jopenssl/version.rb +1 -1
- data/lib/jopenssl.jar +0 -0
- data/lib/openssl/bn.rb +40 -9
- data/lib/openssl/buffering.rb +478 -9
- data/lib/openssl/cipher.rb +67 -9
- data/lib/openssl/config.rb +496 -12
- data/lib/openssl/digest.rb +73 -9
- data/lib/openssl/hmac.rb +13 -0
- data/lib/openssl/marshal.rb +30 -0
- data/lib/openssl/pkcs5.rb +3 -3
- data/lib/openssl/pkey.rb +42 -5
- data/lib/openssl/ssl.rb +543 -9
- data/lib/openssl/x509.rb +369 -9
- data/lib/openssl.rb +43 -1
- data/pom.xml +35 -127
- metadata +8 -42
- data/lib/jopenssl19/openssl/bn.rb +0 -29
- data/lib/jopenssl19/openssl/buffering.rb +0 -449
- data/lib/jopenssl19/openssl/cipher.rb +0 -28
- data/lib/jopenssl19/openssl/config.rb +0 -472
- data/lib/jopenssl19/openssl/digest.rb +0 -32
- data/lib/jopenssl19/openssl/ssl-internal.rb +0 -223
- data/lib/jopenssl19/openssl/ssl.rb +0 -2
- data/lib/jopenssl19/openssl/x509-internal.rb +0 -115
- data/lib/jopenssl19/openssl/x509.rb +0 -2
- data/lib/jopenssl19/openssl.rb +0 -22
- data/lib/jopenssl21/openssl/bn.rb +0 -28
- data/lib/jopenssl21/openssl/buffering.rb +0 -1
- data/lib/jopenssl21/openssl/cipher.rb +0 -1
- data/lib/jopenssl21/openssl/config.rb +0 -1
- data/lib/jopenssl21/openssl/digest.rb +0 -1
- data/lib/jopenssl21/openssl/ssl.rb +0 -1
- data/lib/jopenssl21/openssl/x509.rb +0 -119
- data/lib/jopenssl21/openssl.rb +0 -22
- data/lib/jopenssl22/openssl/bn.rb +0 -39
- data/lib/jopenssl22/openssl/buffering.rb +0 -456
- data/lib/jopenssl22/openssl/cipher.rb +0 -28
- data/lib/jopenssl22/openssl/config.rb +0 -313
- data/lib/jopenssl22/openssl/digest.rb +0 -54
- data/lib/jopenssl22/openssl/ssl.rb +0 -330
- data/lib/jopenssl22/openssl/x509.rb +0 -139
- data/lib/jopenssl22/openssl.rb +0 -22
- data/lib/jopenssl23/openssl/bn.rb +0 -38
- data/lib/jopenssl23/openssl/buffering.rb +0 -455
- data/lib/jopenssl23/openssl/cipher.rb +0 -25
- data/lib/jopenssl23/openssl/config.rb +0 -474
- data/lib/jopenssl23/openssl/digest.rb +0 -43
- data/lib/jopenssl23/openssl/pkey.rb +0 -25
- data/lib/jopenssl23/openssl/ssl.rb +0 -508
- data/lib/jopenssl23/openssl/x509.rb +0 -208
- data/lib/jopenssl23/openssl.rb +0 -19
- data/lib/openssl/ssl-internal.rb +0 -5
- data/lib/openssl/x509-internal.rb +0 -5
data/lib/openssl/config.rb
CHANGED
@@ -1,17 +1,501 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
1
|
+
# frozen_string_literal: true
|
2
|
+
=begin
|
3
|
+
= Ruby-space definitions that completes C-space funcs for Config
|
4
|
+
|
5
|
+
= Info
|
6
|
+
Copyright (C) 2010 Hiroshi Nakamura <nahi@ruby-lang.org>
|
7
|
+
|
8
|
+
= Licence
|
9
|
+
This program is licensed under the same licence as Ruby.
|
10
|
+
(See the file 'LICENCE'.)
|
11
|
+
|
12
|
+
=end
|
13
|
+
|
14
|
+
require 'stringio'
|
10
15
|
|
11
|
-
# @note moved from JOpenSSL native bits.
|
12
16
|
module OpenSSL
|
17
|
+
##
|
18
|
+
# = OpenSSL::Config
|
19
|
+
#
|
20
|
+
# Configuration for the openssl library.
|
21
|
+
#
|
22
|
+
# Many system's installation of openssl library will depend on your system
|
23
|
+
# configuration. See the value of OpenSSL::Config::DEFAULT_CONFIG_FILE for
|
24
|
+
# the location of the file for your host.
|
25
|
+
#
|
26
|
+
# See also http://www.openssl.org/docs/apps/config.html
|
13
27
|
class Config
|
14
|
-
|
28
|
+
include Enumerable
|
29
|
+
|
30
|
+
class << self
|
31
|
+
|
32
|
+
##
|
33
|
+
# Parses a given _string_ as a blob that contains configuration for
|
34
|
+
# OpenSSL.
|
35
|
+
#
|
36
|
+
# If the source of the IO is a file, then consider using #parse_config.
|
37
|
+
def parse(string)
|
38
|
+
c = new()
|
39
|
+
parse_config(StringIO.new(string)).each do |section, hash|
|
40
|
+
c.set_section(section, hash)
|
41
|
+
end
|
42
|
+
c
|
43
|
+
end
|
44
|
+
|
45
|
+
##
|
46
|
+
# load is an alias to ::new
|
47
|
+
alias load new
|
48
|
+
|
49
|
+
##
|
50
|
+
# Parses the configuration data read from _io_, see also #parse.
|
51
|
+
#
|
52
|
+
# Raises a ConfigError on invalid configuration data.
|
53
|
+
def parse_config(io)
|
54
|
+
begin
|
55
|
+
parse_config_lines(io)
|
56
|
+
rescue => error
|
57
|
+
raise ConfigError, "error in line #{io.lineno}: " + error.message
|
58
|
+
end
|
59
|
+
end
|
60
|
+
|
61
|
+
def get_key_string(data, section, key) # :nodoc:
|
62
|
+
if v = data[section] && data[section][key]
|
63
|
+
return v
|
64
|
+
elsif section == 'ENV'
|
65
|
+
if v = ENV[key]
|
66
|
+
return v
|
67
|
+
end
|
68
|
+
end
|
69
|
+
if v = data['default'] && data['default'][key]
|
70
|
+
return v
|
71
|
+
end
|
72
|
+
end
|
73
|
+
|
74
|
+
private
|
75
|
+
|
76
|
+
def parse_config_lines(io)
|
77
|
+
section = 'default'
|
78
|
+
data = {section => {}}
|
79
|
+
io_stack = [io]
|
80
|
+
while definition = get_definition(io_stack)
|
81
|
+
definition = clear_comments(definition)
|
82
|
+
next if definition.empty?
|
83
|
+
case definition
|
84
|
+
when /\A\[/
|
85
|
+
if /\[([^\]]*)\]/ =~ definition
|
86
|
+
section = $1.strip
|
87
|
+
data[section] ||= {}
|
88
|
+
else
|
89
|
+
raise ConfigError, "missing close square bracket"
|
90
|
+
end
|
91
|
+
when /\A\.include (\s*=\s*)?(.+)\z/
|
92
|
+
path = $2
|
93
|
+
if File.directory?(path)
|
94
|
+
files = Dir.glob(File.join(path, "*.{cnf,conf}"), File::FNM_EXTGLOB)
|
95
|
+
else
|
96
|
+
files = [path]
|
97
|
+
end
|
98
|
+
|
99
|
+
files.each do |filename|
|
100
|
+
begin
|
101
|
+
io_stack << StringIO.new(File.read(filename))
|
102
|
+
rescue
|
103
|
+
raise ConfigError, "could not include file '%s'" % filename
|
104
|
+
end
|
105
|
+
end
|
106
|
+
when /\A([^:\s]*)(?:::([^:\s]*))?\s*=(.*)\z/
|
107
|
+
if $2
|
108
|
+
section = $1
|
109
|
+
key = $2
|
110
|
+
else
|
111
|
+
key = $1
|
112
|
+
end
|
113
|
+
value = unescape_value(data, section, $3)
|
114
|
+
(data[section] ||= {})[key] = value.strip
|
115
|
+
else
|
116
|
+
raise ConfigError, "missing equal sign"
|
117
|
+
end
|
118
|
+
end
|
119
|
+
data
|
120
|
+
end
|
121
|
+
|
122
|
+
# escape with backslash
|
123
|
+
QUOTE_REGEXP_SQ = /\A([^'\\]*(?:\\.[^'\\]*)*)'/
|
124
|
+
# escape with backslash and doubled dq
|
125
|
+
QUOTE_REGEXP_DQ = /\A([^"\\]*(?:""[^"\\]*|\\.[^"\\]*)*)"/
|
126
|
+
# escaped char map
|
127
|
+
ESCAPE_MAP = {
|
128
|
+
"r" => "\r",
|
129
|
+
"n" => "\n",
|
130
|
+
"b" => "\b",
|
131
|
+
"t" => "\t",
|
132
|
+
}
|
133
|
+
|
134
|
+
def unescape_value(data, section, value)
|
135
|
+
scanned = []
|
136
|
+
while m = value.match(/['"\\$]/)
|
137
|
+
scanned << m.pre_match
|
138
|
+
c = m[0]
|
139
|
+
value = m.post_match
|
140
|
+
case c
|
141
|
+
when "'"
|
142
|
+
if m = value.match(QUOTE_REGEXP_SQ)
|
143
|
+
scanned << m[1].gsub(/\\(.)/, '\\1')
|
144
|
+
value = m.post_match
|
145
|
+
else
|
146
|
+
break
|
147
|
+
end
|
148
|
+
when '"'
|
149
|
+
if m = value.match(QUOTE_REGEXP_DQ)
|
150
|
+
scanned << m[1].gsub(/""/, '').gsub(/\\(.)/, '\\1')
|
151
|
+
value = m.post_match
|
152
|
+
else
|
153
|
+
break
|
154
|
+
end
|
155
|
+
when "\\"
|
156
|
+
c = value.slice!(0, 1)
|
157
|
+
scanned << (ESCAPE_MAP[c] || c)
|
158
|
+
when "$"
|
159
|
+
ref, value = extract_reference(value)
|
160
|
+
refsec = section
|
161
|
+
if ref.index('::')
|
162
|
+
refsec, ref = ref.split('::', 2)
|
163
|
+
end
|
164
|
+
if v = get_key_string(data, refsec, ref)
|
165
|
+
scanned << v
|
166
|
+
else
|
167
|
+
raise ConfigError, "variable has no value"
|
168
|
+
end
|
169
|
+
else
|
170
|
+
raise 'must not reaced'
|
171
|
+
end
|
172
|
+
end
|
173
|
+
scanned << value
|
174
|
+
scanned.join
|
175
|
+
end
|
176
|
+
|
177
|
+
def extract_reference(value)
|
178
|
+
rest = ''
|
179
|
+
if m = value.match(/\(([^)]*)\)|\{([^}]*)\}/)
|
180
|
+
value = m[1] || m[2]
|
181
|
+
rest = m.post_match
|
182
|
+
elsif [?(, ?{].include?(value[0])
|
183
|
+
raise ConfigError, "no close brace"
|
184
|
+
end
|
185
|
+
if m = value.match(/[a-zA-Z0-9_]*(?:::[a-zA-Z0-9_]*)?/)
|
186
|
+
return m[0], m.post_match + rest
|
187
|
+
else
|
188
|
+
raise
|
189
|
+
end
|
190
|
+
end
|
191
|
+
|
192
|
+
def clear_comments(line)
|
193
|
+
# FCOMMENT
|
194
|
+
if m = line.match(/\A([\t\n\f ]*);.*\z/)
|
195
|
+
return m[1]
|
196
|
+
end
|
197
|
+
# COMMENT
|
198
|
+
scanned = []
|
199
|
+
while m = line.match(/[#'"\\]/)
|
200
|
+
scanned << m.pre_match
|
201
|
+
c = m[0]
|
202
|
+
line = m.post_match
|
203
|
+
case c
|
204
|
+
when '#'
|
205
|
+
line = nil
|
206
|
+
break
|
207
|
+
when "'", '"'
|
208
|
+
regexp = (c == "'") ? QUOTE_REGEXP_SQ : QUOTE_REGEXP_DQ
|
209
|
+
scanned << c
|
210
|
+
if m = line.match(regexp)
|
211
|
+
scanned << m[0]
|
212
|
+
line = m.post_match
|
213
|
+
else
|
214
|
+
scanned << line
|
215
|
+
line = nil
|
216
|
+
break
|
217
|
+
end
|
218
|
+
when "\\"
|
219
|
+
scanned << c
|
220
|
+
scanned << line.slice!(0, 1)
|
221
|
+
else
|
222
|
+
raise 'must not reaced'
|
223
|
+
end
|
224
|
+
end
|
225
|
+
scanned << line
|
226
|
+
scanned.join
|
227
|
+
end
|
228
|
+
|
229
|
+
def get_definition(io_stack)
|
230
|
+
if line = get_line(io_stack)
|
231
|
+
while /[^\\]\\\z/ =~ line
|
232
|
+
if extra = get_line(io_stack)
|
233
|
+
line += extra
|
234
|
+
else
|
235
|
+
break
|
236
|
+
end
|
237
|
+
end
|
238
|
+
return line.strip
|
239
|
+
end
|
240
|
+
end
|
241
|
+
|
242
|
+
def get_line(io_stack)
|
243
|
+
while io = io_stack.last
|
244
|
+
if line = io.gets
|
245
|
+
return line.gsub(/[\r\n]*/, '')
|
246
|
+
end
|
247
|
+
io_stack.pop
|
248
|
+
end
|
249
|
+
end
|
250
|
+
end
|
251
|
+
|
252
|
+
##
|
253
|
+
# Creates an instance of OpenSSL's configuration class.
|
254
|
+
#
|
255
|
+
# This can be used in contexts like OpenSSL::X509::ExtensionFactory.config=
|
256
|
+
#
|
257
|
+
# If the optional _filename_ parameter is provided, then it is read in and
|
258
|
+
# parsed via #parse_config.
|
259
|
+
#
|
260
|
+
# This can raise IO exceptions based on the access, or availability of the
|
261
|
+
# file. A ConfigError exception may be raised depending on the validity of
|
262
|
+
# the data being configured.
|
263
|
+
#
|
264
|
+
def initialize(filename = nil)
|
265
|
+
@data = {}
|
266
|
+
if filename
|
267
|
+
File.open(filename.to_s) do |file|
|
268
|
+
Config.parse_config(file).each do |section, hash|
|
269
|
+
set_section(section, hash)
|
270
|
+
end
|
271
|
+
end
|
272
|
+
end
|
273
|
+
end
|
274
|
+
|
275
|
+
##
|
276
|
+
# Gets the value of _key_ from the given _section_
|
277
|
+
#
|
278
|
+
# Given the following configurating file being loaded:
|
279
|
+
#
|
280
|
+
# config = OpenSSL::Config.load('foo.cnf')
|
281
|
+
# #=> #<OpenSSL::Config sections=["default"]>
|
282
|
+
# puts config.to_s
|
283
|
+
# #=> [ default ]
|
284
|
+
# # foo=bar
|
285
|
+
#
|
286
|
+
# You can get a specific value from the config if you know the _section_
|
287
|
+
# and _key_ like so:
|
288
|
+
#
|
289
|
+
# config.get_value('default','foo')
|
290
|
+
# #=> "bar"
|
291
|
+
#
|
292
|
+
def get_value(section, key)
|
293
|
+
if section.nil?
|
294
|
+
raise TypeError.new('nil not allowed')
|
295
|
+
end
|
296
|
+
section = 'default' if section.empty?
|
297
|
+
get_key_string(section, key)
|
298
|
+
end
|
299
|
+
|
300
|
+
##
|
301
|
+
#
|
302
|
+
# *Deprecated*
|
303
|
+
#
|
304
|
+
# Use #get_value instead
|
305
|
+
def value(arg1, arg2 = nil) # :nodoc:
|
306
|
+
warn('Config#value is deprecated; use Config#get_value')
|
307
|
+
if arg2.nil?
|
308
|
+
section, key = 'default', arg1
|
309
|
+
else
|
310
|
+
section, key = arg1, arg2
|
311
|
+
end
|
312
|
+
section ||= 'default'
|
313
|
+
section = 'default' if section.empty?
|
314
|
+
get_key_string(section, key)
|
315
|
+
end
|
316
|
+
|
317
|
+
##
|
318
|
+
# *Deprecated in v2.2.0*. This method will be removed in a future release.
|
319
|
+
#
|
320
|
+
# Set the target _key_ with a given _value_ under a specific _section_.
|
321
|
+
#
|
322
|
+
# Given the following configurating file being loaded:
|
323
|
+
#
|
324
|
+
# config = OpenSSL::Config.load('foo.cnf')
|
325
|
+
# #=> #<OpenSSL::Config sections=["default"]>
|
326
|
+
# puts config.to_s
|
327
|
+
# #=> [ default ]
|
328
|
+
# # foo=bar
|
329
|
+
#
|
330
|
+
# You can set the value of _foo_ under the _default_ section to a new
|
331
|
+
# value:
|
332
|
+
#
|
333
|
+
# config.add_value('default', 'foo', 'buzz')
|
334
|
+
# #=> "buzz"
|
335
|
+
# puts config.to_s
|
336
|
+
# #=> [ default ]
|
337
|
+
# # foo=buzz
|
338
|
+
#
|
339
|
+
def add_value(section, key, value)
|
340
|
+
check_modify
|
341
|
+
(@data[section] ||= {})[key] = value
|
342
|
+
end
|
343
|
+
|
344
|
+
##
|
345
|
+
# Get a specific _section_ from the current configuration
|
346
|
+
#
|
347
|
+
# Given the following configurating file being loaded:
|
348
|
+
#
|
349
|
+
# config = OpenSSL::Config.load('foo.cnf')
|
350
|
+
# #=> #<OpenSSL::Config sections=["default"]>
|
351
|
+
# puts config.to_s
|
352
|
+
# #=> [ default ]
|
353
|
+
# # foo=bar
|
354
|
+
#
|
355
|
+
# You can get a hash of the specific section like so:
|
356
|
+
#
|
357
|
+
# config['default']
|
358
|
+
# #=> {"foo"=>"bar"}
|
359
|
+
#
|
360
|
+
def [](section)
|
361
|
+
@data[section] || {}
|
362
|
+
end
|
363
|
+
|
364
|
+
##
|
365
|
+
# Deprecated
|
366
|
+
#
|
367
|
+
# Use #[] instead
|
368
|
+
def section(name) # :nodoc:
|
369
|
+
warn('Config#section is deprecated; use Config#[]')
|
370
|
+
@data[name] || {}
|
371
|
+
end
|
372
|
+
|
373
|
+
##
|
374
|
+
# *Deprecated in v2.2.0*. This method will be removed in a future release.
|
375
|
+
#
|
376
|
+
# Sets a specific _section_ name with a Hash _pairs_.
|
377
|
+
#
|
378
|
+
# Given the following configuration being created:
|
379
|
+
#
|
380
|
+
# config = OpenSSL::Config.new
|
381
|
+
# #=> #<OpenSSL::Config sections=[]>
|
382
|
+
# config['default'] = {"foo"=>"bar","baz"=>"buz"}
|
383
|
+
# #=> {"foo"=>"bar", "baz"=>"buz"}
|
384
|
+
# puts config.to_s
|
385
|
+
# #=> [ default ]
|
386
|
+
# # foo=bar
|
387
|
+
# # baz=buz
|
388
|
+
#
|
389
|
+
# It's important to note that this will essentially merge any of the keys
|
390
|
+
# in _pairs_ with the existing _section_. For example:
|
391
|
+
#
|
392
|
+
# config['default']
|
393
|
+
# #=> {"foo"=>"bar", "baz"=>"buz"}
|
394
|
+
# config['default'] = {"foo" => "changed"}
|
395
|
+
# #=> {"foo"=>"changed"}
|
396
|
+
# config['default']
|
397
|
+
# #=> {"foo"=>"changed", "baz"=>"buz"}
|
398
|
+
#
|
399
|
+
def []=(section, pairs)
|
400
|
+
check_modify
|
401
|
+
set_section(section, pairs)
|
402
|
+
end
|
403
|
+
|
404
|
+
def set_section(section, pairs) # :nodoc:
|
405
|
+
hash = @data[section] ||= {}
|
406
|
+
pairs.each do |key, value|
|
407
|
+
hash[key] = value
|
408
|
+
end
|
409
|
+
end
|
410
|
+
|
411
|
+
##
|
412
|
+
# Get the names of all sections in the current configuration
|
413
|
+
def sections
|
414
|
+
@data.keys
|
415
|
+
end
|
416
|
+
|
417
|
+
##
|
418
|
+
# Get the parsable form of the current configuration
|
419
|
+
#
|
420
|
+
# Given the following configuration being created:
|
421
|
+
#
|
422
|
+
# config = OpenSSL::Config.new
|
423
|
+
# #=> #<OpenSSL::Config sections=[]>
|
424
|
+
# config['default'] = {"foo"=>"bar","baz"=>"buz"}
|
425
|
+
# #=> {"foo"=>"bar", "baz"=>"buz"}
|
426
|
+
# puts config.to_s
|
427
|
+
# #=> [ default ]
|
428
|
+
# # foo=bar
|
429
|
+
# # baz=buz
|
430
|
+
#
|
431
|
+
# You can parse get the serialized configuration using #to_s and then parse
|
432
|
+
# it later:
|
433
|
+
#
|
434
|
+
# serialized_config = config.to_s
|
435
|
+
# # much later...
|
436
|
+
# new_config = OpenSSL::Config.parse(serialized_config)
|
437
|
+
# #=> #<OpenSSL::Config sections=["default"]>
|
438
|
+
# puts new_config
|
439
|
+
# #=> [ default ]
|
440
|
+
# foo=bar
|
441
|
+
# baz=buz
|
442
|
+
#
|
443
|
+
def to_s
|
444
|
+
ary = []
|
445
|
+
@data.keys.sort.each do |section|
|
446
|
+
ary << "[ #{section} ]\n"
|
447
|
+
@data[section].keys.each do |key|
|
448
|
+
ary << "#{key}=#{@data[section][key]}\n"
|
449
|
+
end
|
450
|
+
ary << "\n"
|
451
|
+
end
|
452
|
+
ary.join
|
453
|
+
end
|
454
|
+
|
455
|
+
##
|
456
|
+
# For a block.
|
457
|
+
#
|
458
|
+
# Receive the section and its pairs for the current configuration.
|
459
|
+
#
|
460
|
+
# config.each do |section, key, value|
|
461
|
+
# # ...
|
462
|
+
# end
|
463
|
+
#
|
464
|
+
def each
|
465
|
+
@data.each do |section, hash|
|
466
|
+
hash.each do |key, value|
|
467
|
+
yield [section, key, value]
|
468
|
+
end
|
469
|
+
end
|
470
|
+
end
|
471
|
+
|
472
|
+
##
|
473
|
+
# String representation of this configuration object, including the class
|
474
|
+
# name and its sections.
|
475
|
+
def inspect
|
476
|
+
"#<#{self.class.name} sections=#{sections.inspect}>"
|
477
|
+
end
|
478
|
+
|
479
|
+
protected
|
480
|
+
|
481
|
+
def data # :nodoc:
|
482
|
+
@data
|
483
|
+
end
|
484
|
+
|
485
|
+
private
|
486
|
+
|
487
|
+
def initialize_copy(other)
|
488
|
+
@data = other.data.dup
|
489
|
+
end
|
490
|
+
|
491
|
+
def check_modify
|
492
|
+
warn "#{caller(2, 1)[0]}: warning: do not modify OpenSSL::Config; this " \
|
493
|
+
"method is deprecated and will be removed in a future release."
|
494
|
+
raise TypeError.new("Insecure: can't modify OpenSSL config") if frozen?
|
495
|
+
end
|
496
|
+
|
497
|
+
def get_key_string(section, key)
|
498
|
+
Config.get_key_string(@data, section, key)
|
499
|
+
end
|
15
500
|
end
|
16
|
-
class ConfigError < OpenSSLError; end
|
17
501
|
end
|
data/lib/openssl/digest.rb
CHANGED
@@ -1,9 +1,73 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#--
|
3
|
+
# = Ruby-space predefined Digest subclasses
|
4
|
+
#
|
5
|
+
# = Info
|
6
|
+
# 'OpenSSL for Ruby 2' project
|
7
|
+
# Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz>
|
8
|
+
# All rights reserved.
|
9
|
+
#
|
10
|
+
# = Licence
|
11
|
+
# This program is licensed under the same licence as Ruby.
|
12
|
+
# (See the file 'LICENCE'.)
|
13
|
+
#++
|
14
|
+
|
15
|
+
module OpenSSL
|
16
|
+
class Digest
|
17
|
+
|
18
|
+
# Return the hash value computed with _name_ Digest. _name_ is either the
|
19
|
+
# long name or short name of a supported digest algorithm.
|
20
|
+
#
|
21
|
+
# === Examples
|
22
|
+
#
|
23
|
+
# OpenSSL::Digest.digest("SHA256", "abc")
|
24
|
+
#
|
25
|
+
# which is equivalent to:
|
26
|
+
#
|
27
|
+
# OpenSSL::Digest.digest('SHA256', "abc")
|
28
|
+
#
|
29
|
+
# def self.digest(name, data)
|
30
|
+
# super(data, name)
|
31
|
+
# end
|
32
|
+
#
|
33
|
+
# %w(MD4 MD5 RIPEMD160 SHA1 SHA224 SHA256 SHA384 SHA512).each do |name|
|
34
|
+
# klass = Class.new(self) {
|
35
|
+
# define_method(:initialize, ->(data = nil) {super(name, data)})
|
36
|
+
# }
|
37
|
+
#
|
38
|
+
# singleton = (class << klass; self; end)
|
39
|
+
#
|
40
|
+
# singleton.class_eval{
|
41
|
+
# define_method(:digest) {|data| new.digest(data)}
|
42
|
+
# define_method(:hexdigest) {|data| new.hexdigest(data)}
|
43
|
+
# }
|
44
|
+
#
|
45
|
+
# const_set(name.tr('-', '_'), klass)
|
46
|
+
# end
|
47
|
+
|
48
|
+
# Deprecated.
|
49
|
+
#
|
50
|
+
# This class is only provided for backwards compatibility.
|
51
|
+
# Use OpenSSL::Digest instead.
|
52
|
+
class Digest < Digest; end # :nodoc:
|
53
|
+
deprecate_constant :Digest
|
54
|
+
|
55
|
+
end # Digest
|
56
|
+
|
57
|
+
# Returns a Digest subclass by _name_
|
58
|
+
#
|
59
|
+
# require 'openssl'
|
60
|
+
#
|
61
|
+
# OpenSSL::Digest("MD5")
|
62
|
+
# # => OpenSSL::Digest::MD5
|
63
|
+
#
|
64
|
+
# Digest("Foo")
|
65
|
+
# # => NameError: wrong constant name Foo
|
66
|
+
|
67
|
+
def Digest(name)
|
68
|
+
OpenSSL::Digest.const_get(name)
|
69
|
+
end
|
70
|
+
|
71
|
+
module_function :Digest
|
72
|
+
|
73
|
+
end # OpenSSL
|
data/lib/openssl/hmac.rb
ADDED
@@ -0,0 +1,13 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
|
3
|
+
module OpenSSL
|
4
|
+
class HMAC
|
5
|
+
# Securely compare with another HMAC instance in constant time.
|
6
|
+
def ==(other)
|
7
|
+
return false unless HMAC === other
|
8
|
+
return false unless self.digest.bytesize == other.digest.bytesize
|
9
|
+
|
10
|
+
OpenSSL.fixed_length_secure_compare(self.digest, other.digest)
|
11
|
+
end
|
12
|
+
end
|
13
|
+
end
|
@@ -0,0 +1,30 @@
|
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#--
|
3
|
+
# = Ruby-space definitions to add DER (de)serialization to classes
|
4
|
+
#
|
5
|
+
# = Info
|
6
|
+
# 'OpenSSL for Ruby 2' project
|
7
|
+
# Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz>
|
8
|
+
# All rights reserved.
|
9
|
+
#
|
10
|
+
# = Licence
|
11
|
+
# This program is licensed under the same licence as Ruby.
|
12
|
+
# (See the file 'LICENCE'.)
|
13
|
+
#++
|
14
|
+
module OpenSSL
|
15
|
+
module Marshal
|
16
|
+
def self.included(base)
|
17
|
+
base.extend(ClassMethods)
|
18
|
+
end
|
19
|
+
|
20
|
+
module ClassMethods
|
21
|
+
def _load(string)
|
22
|
+
new(string)
|
23
|
+
end
|
24
|
+
end
|
25
|
+
|
26
|
+
def _dump(_level)
|
27
|
+
to_der
|
28
|
+
end
|
29
|
+
end
|
30
|
+
end
|
data/lib/openssl/pkcs5.rb
CHANGED
@@ -1,10 +1,9 @@
|
|
1
|
+
# frozen_string_literal: true
|
1
2
|
#--
|
2
3
|
# Ruby/OpenSSL Project
|
3
4
|
# Copyright (C) 2017 Ruby/OpenSSL Project Authors
|
4
5
|
#++
|
5
6
|
|
6
|
-
# JOpenSSL has these - here for explicit require 'openssl/pkcs5' compatibility
|
7
|
-
|
8
7
|
# module OpenSSL
|
9
8
|
# module PKCS5
|
10
9
|
# module_function
|
@@ -12,7 +11,8 @@
|
|
12
11
|
# # OpenSSL::PKCS5.pbkdf2_hmac has been renamed to OpenSSL::KDF.pbkdf2_hmac.
|
13
12
|
# # This method is provided for backwards compatibility.
|
14
13
|
# def pbkdf2_hmac(pass, salt, iter, keylen, digest)
|
15
|
-
# OpenSSL::KDF.pbkdf2_hmac(pass, salt: salt, iterations: iter,
|
14
|
+
# OpenSSL::KDF.pbkdf2_hmac(pass, salt: salt, iterations: iter,
|
15
|
+
# length: keylen, hash: digest)
|
16
16
|
# end
|
17
17
|
#
|
18
18
|
# def pbkdf2_hmac_sha1(pass, salt, iter, keylen)
|
data/lib/openssl/pkey.rb
CHANGED
@@ -1,5 +1,42 @@
|
|
1
|
-
|
2
|
-
|
3
|
-
|
4
|
-
|
5
|
-
|
1
|
+
# frozen_string_literal: true
|
2
|
+
#--
|
3
|
+
# Ruby/OpenSSL Project
|
4
|
+
# Copyright (C) 2017 Ruby/OpenSSL Project Authors
|
5
|
+
#++
|
6
|
+
|
7
|
+
require_relative 'marshal'
|
8
|
+
|
9
|
+
module OpenSSL::PKey
|
10
|
+
class DH
|
11
|
+
include OpenSSL::Marshal
|
12
|
+
end
|
13
|
+
|
14
|
+
class DSA
|
15
|
+
include OpenSSL::Marshal
|
16
|
+
end
|
17
|
+
|
18
|
+
if defined?(EC)
|
19
|
+
class EC
|
20
|
+
include OpenSSL::Marshal
|
21
|
+
end
|
22
|
+
class EC::Point
|
23
|
+
# :call-seq:
|
24
|
+
# point.to_bn([conversion_form]) -> OpenSSL::BN
|
25
|
+
#
|
26
|
+
# Returns the octet string representation of the EC point as an instance of
|
27
|
+
# OpenSSL::BN.
|
28
|
+
#
|
29
|
+
# If _conversion_form_ is not given, the _point_conversion_form_ attribute
|
30
|
+
# set to the group is used.
|
31
|
+
#
|
32
|
+
# See #to_octet_string for more information.
|
33
|
+
# def to_bn(conversion_form = group.point_conversion_form)
|
34
|
+
# OpenSSL::BN.new(to_octet_string(conversion_form), 2)
|
35
|
+
# end
|
36
|
+
end
|
37
|
+
end
|
38
|
+
|
39
|
+
class RSA
|
40
|
+
include OpenSSL::Marshal
|
41
|
+
end
|
42
|
+
end
|