jruby-openssl 0.11.0-java → 0.12.1-java
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/History.md +20 -0
- data/Mavenfile +21 -26
- data/README.md +3 -0
- data/Rakefile +21 -35
- data/lib/jopenssl/load.rb +0 -14
- data/lib/jopenssl/version.rb +1 -1
- data/lib/jopenssl.jar +0 -0
- data/lib/openssl/bn.rb +40 -9
- data/lib/openssl/buffering.rb +478 -9
- data/lib/openssl/cipher.rb +67 -9
- data/lib/openssl/config.rb +496 -12
- data/lib/openssl/digest.rb +73 -9
- data/lib/openssl/hmac.rb +13 -0
- data/lib/openssl/marshal.rb +30 -0
- data/lib/openssl/pkcs5.rb +3 -3
- data/lib/openssl/pkey.rb +42 -5
- data/lib/openssl/ssl.rb +543 -9
- data/lib/openssl/x509.rb +369 -9
- data/lib/openssl.rb +43 -1
- data/pom.xml +35 -127
- metadata +8 -42
- data/lib/jopenssl19/openssl/bn.rb +0 -29
- data/lib/jopenssl19/openssl/buffering.rb +0 -449
- data/lib/jopenssl19/openssl/cipher.rb +0 -28
- data/lib/jopenssl19/openssl/config.rb +0 -472
- data/lib/jopenssl19/openssl/digest.rb +0 -32
- data/lib/jopenssl19/openssl/ssl-internal.rb +0 -223
- data/lib/jopenssl19/openssl/ssl.rb +0 -2
- data/lib/jopenssl19/openssl/x509-internal.rb +0 -115
- data/lib/jopenssl19/openssl/x509.rb +0 -2
- data/lib/jopenssl19/openssl.rb +0 -22
- data/lib/jopenssl21/openssl/bn.rb +0 -28
- data/lib/jopenssl21/openssl/buffering.rb +0 -1
- data/lib/jopenssl21/openssl/cipher.rb +0 -1
- data/lib/jopenssl21/openssl/config.rb +0 -1
- data/lib/jopenssl21/openssl/digest.rb +0 -1
- data/lib/jopenssl21/openssl/ssl.rb +0 -1
- data/lib/jopenssl21/openssl/x509.rb +0 -119
- data/lib/jopenssl21/openssl.rb +0 -22
- data/lib/jopenssl22/openssl/bn.rb +0 -39
- data/lib/jopenssl22/openssl/buffering.rb +0 -456
- data/lib/jopenssl22/openssl/cipher.rb +0 -28
- data/lib/jopenssl22/openssl/config.rb +0 -313
- data/lib/jopenssl22/openssl/digest.rb +0 -54
- data/lib/jopenssl22/openssl/ssl.rb +0 -330
- data/lib/jopenssl22/openssl/x509.rb +0 -139
- data/lib/jopenssl22/openssl.rb +0 -22
- data/lib/jopenssl23/openssl/bn.rb +0 -38
- data/lib/jopenssl23/openssl/buffering.rb +0 -455
- data/lib/jopenssl23/openssl/cipher.rb +0 -25
- data/lib/jopenssl23/openssl/config.rb +0 -474
- data/lib/jopenssl23/openssl/digest.rb +0 -43
- data/lib/jopenssl23/openssl/pkey.rb +0 -25
- data/lib/jopenssl23/openssl/ssl.rb +0 -508
- data/lib/jopenssl23/openssl/x509.rb +0 -208
- data/lib/jopenssl23/openssl.rb +0 -19
- data/lib/openssl/ssl-internal.rb +0 -5
- data/lib/openssl/x509-internal.rb +0 -5
@@ -1,223 +0,0 @@
|
|
1
|
-
=begin
|
2
|
-
= $RCSfile$ -- Ruby-space definitions that completes C-space funcs for SSL
|
3
|
-
|
4
|
-
= Info
|
5
|
-
'OpenSSL for Ruby 2' project
|
6
|
-
Copyright (C) 2001 GOTOU YUUZOU <gotoyuzo@notwork.org>
|
7
|
-
All rights reserved.
|
8
|
-
|
9
|
-
= Licence
|
10
|
-
This program is licenced under the same licence as Ruby.
|
11
|
-
(See the file 'LICENCE'.)
|
12
|
-
|
13
|
-
= Version
|
14
|
-
$Id$
|
15
|
-
=end
|
16
|
-
|
17
|
-
require "openssl/buffering"
|
18
|
-
require 'fcntl' # used by OpenSSL::SSL::Nonblock (if loaded)
|
19
|
-
|
20
|
-
module OpenSSL
|
21
|
-
module SSL
|
22
|
-
class SSLContext
|
23
|
-
DEFAULT_PARAMS = {
|
24
|
-
:ssl_version => "SSLv23",
|
25
|
-
:verify_mode => OpenSSL::SSL::VERIFY_PEER,
|
26
|
-
:ciphers => %w{
|
27
|
-
ECDHE-ECDSA-AES128-GCM-SHA256
|
28
|
-
ECDHE-RSA-AES128-GCM-SHA256
|
29
|
-
ECDHE-ECDSA-AES256-GCM-SHA384
|
30
|
-
ECDHE-RSA-AES256-GCM-SHA384
|
31
|
-
DHE-RSA-AES128-GCM-SHA256
|
32
|
-
DHE-DSS-AES128-GCM-SHA256
|
33
|
-
DHE-RSA-AES256-GCM-SHA384
|
34
|
-
DHE-DSS-AES256-GCM-SHA384
|
35
|
-
ECDHE-ECDSA-AES128-SHA256
|
36
|
-
ECDHE-RSA-AES128-SHA256
|
37
|
-
ECDHE-ECDSA-AES128-SHA
|
38
|
-
ECDHE-RSA-AES128-SHA
|
39
|
-
ECDHE-ECDSA-AES256-SHA384
|
40
|
-
ECDHE-RSA-AES256-SHA384
|
41
|
-
ECDHE-ECDSA-AES256-SHA
|
42
|
-
ECDHE-RSA-AES256-SHA
|
43
|
-
DHE-RSA-AES128-SHA256
|
44
|
-
DHE-RSA-AES256-SHA256
|
45
|
-
DHE-RSA-AES128-SHA
|
46
|
-
DHE-RSA-AES256-SHA
|
47
|
-
DHE-DSS-AES128-SHA256
|
48
|
-
DHE-DSS-AES256-SHA256
|
49
|
-
DHE-DSS-AES128-SHA
|
50
|
-
DHE-DSS-AES256-SHA
|
51
|
-
AES128-GCM-SHA256
|
52
|
-
AES256-GCM-SHA384
|
53
|
-
AES128-SHA256
|
54
|
-
AES256-SHA256
|
55
|
-
AES128-SHA
|
56
|
-
AES256-SHA
|
57
|
-
ECDHE-ECDSA-RC4-SHA
|
58
|
-
ECDHE-RSA-RC4-SHA
|
59
|
-
RC4-SHA
|
60
|
-
}.join(":"),
|
61
|
-
:options => -> {
|
62
|
-
opts = OpenSSL::SSL::OP_ALL
|
63
|
-
opts &= ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS if defined?(OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS)
|
64
|
-
opts |= OpenSSL::SSL::OP_NO_COMPRESSION if defined?(OpenSSL::SSL::OP_NO_COMPRESSION)
|
65
|
-
opts |= OpenSSL::SSL::OP_NO_SSLv2 if defined?(OpenSSL::SSL::OP_NO_SSLv2)
|
66
|
-
opts |= OpenSSL::SSL::OP_NO_SSLv3 if defined?(OpenSSL::SSL::OP_NO_SSLv3)
|
67
|
-
opts
|
68
|
-
}.call
|
69
|
-
} unless const_defined? :DEFAULT_PARAMS # JRuby does it in Java
|
70
|
-
|
71
|
-
begin
|
72
|
-
DEFAULT_CERT_STORE = OpenSSL::X509::Store.new
|
73
|
-
DEFAULT_CERT_STORE.set_default_paths
|
74
|
-
if defined?(OpenSSL::X509::V_FLAG_CRL_CHECK_ALL)
|
75
|
-
DEFAULT_CERT_STORE.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
|
76
|
-
end
|
77
|
-
end unless const_defined? :DEFAULT_CERT_STORE
|
78
|
-
|
79
|
-
def set_params(params={})
|
80
|
-
params = DEFAULT_PARAMS.merge(params)
|
81
|
-
params.each{|name, value| self.__send__("#{name}=", value) }
|
82
|
-
if self.verify_mode != OpenSSL::SSL::VERIFY_NONE
|
83
|
-
unless self.ca_file or self.ca_path or self.cert_store
|
84
|
-
self.cert_store = DEFAULT_CERT_STORE
|
85
|
-
end
|
86
|
-
end
|
87
|
-
return params
|
88
|
-
end unless method_defined? :set_params
|
89
|
-
end
|
90
|
-
|
91
|
-
module SocketForwarder
|
92
|
-
def addr
|
93
|
-
to_io.addr
|
94
|
-
end
|
95
|
-
|
96
|
-
def peeraddr
|
97
|
-
to_io.peeraddr
|
98
|
-
end
|
99
|
-
|
100
|
-
def setsockopt(level, optname, optval)
|
101
|
-
to_io.setsockopt(level, optname, optval)
|
102
|
-
end
|
103
|
-
|
104
|
-
def getsockopt(level, optname)
|
105
|
-
to_io.getsockopt(level, optname)
|
106
|
-
end
|
107
|
-
|
108
|
-
def fcntl(*args)
|
109
|
-
to_io.fcntl(*args)
|
110
|
-
end
|
111
|
-
|
112
|
-
def closed?
|
113
|
-
to_io.closed?
|
114
|
-
end
|
115
|
-
|
116
|
-
def do_not_reverse_lookup=(flag)
|
117
|
-
to_io.do_not_reverse_lookup = flag
|
118
|
-
end
|
119
|
-
end
|
120
|
-
|
121
|
-
def verify_certificate_identity(cert, hostname)
|
122
|
-
should_verify_common_name = true
|
123
|
-
cert.extensions.each { |ext|
|
124
|
-
next if ext.oid != "subjectAltName"
|
125
|
-
ext.value.split(/,\s+/).each { |general_name|
|
126
|
-
# MRI 1.9.3 (since we parse ASN.1 differently)
|
127
|
-
# when 2 # dNSName in GeneralName (RFC5280)
|
128
|
-
if /\ADNS:(.*)/ =~ general_name
|
129
|
-
should_verify_common_name = false
|
130
|
-
reg = Regexp.escape($1).gsub(/\\\*/, "[^.]+")
|
131
|
-
return true if /\A#{reg}\z/i =~ hostname
|
132
|
-
# MRI 1.9.3 (since we parse ASN.1 differently)
|
133
|
-
# when 7 # iPAddress in GeneralName (RFC5280)
|
134
|
-
elsif /\AIP(?: Address)?:(.*)/ =~ general_name
|
135
|
-
should_verify_common_name = false
|
136
|
-
return true if $1 == hostname
|
137
|
-
# NOTE: bellow logic makes little sense as we read exts differently
|
138
|
-
#value = $1 # follows GENERAL_NAME_print() in x509v3/v3_alt.c
|
139
|
-
#if value.size == 4
|
140
|
-
# return true if value.unpack('C*').join('.') == hostname
|
141
|
-
#elsif value.size == 16
|
142
|
-
# return true if value.unpack('n*').map { |e| sprintf("%X", e) }.join(':') == hostname
|
143
|
-
#end
|
144
|
-
end
|
145
|
-
}
|
146
|
-
}
|
147
|
-
if should_verify_common_name
|
148
|
-
cert.subject.to_a.each { |oid, value|
|
149
|
-
if oid == "CN"
|
150
|
-
reg = Regexp.escape(value).gsub(/\\\*/, "[^.]+")
|
151
|
-
return true if /\A#{reg}\z/i =~ hostname
|
152
|
-
end
|
153
|
-
}
|
154
|
-
end
|
155
|
-
return false
|
156
|
-
end
|
157
|
-
module_function :verify_certificate_identity
|
158
|
-
|
159
|
-
class SSLSocket
|
160
|
-
include Buffering
|
161
|
-
include SocketForwarder
|
162
|
-
include Nonblock
|
163
|
-
|
164
|
-
def sysclose
|
165
|
-
return if closed?
|
166
|
-
stop
|
167
|
-
io.close if sync_close
|
168
|
-
end unless method_defined? :sysclose
|
169
|
-
|
170
|
-
def post_connection_check(hostname)
|
171
|
-
unless OpenSSL::SSL.verify_certificate_identity(peer_cert, hostname)
|
172
|
-
raise SSLError, "hostname does not match the server certificate"
|
173
|
-
end
|
174
|
-
return true
|
175
|
-
end
|
176
|
-
|
177
|
-
end
|
178
|
-
|
179
|
-
class SSLServer
|
180
|
-
include SocketForwarder
|
181
|
-
attr_accessor :start_immediately
|
182
|
-
|
183
|
-
def initialize(svr, ctx)
|
184
|
-
@svr = svr
|
185
|
-
@ctx = ctx
|
186
|
-
unless ctx.session_id_context
|
187
|
-
session_id = OpenSSL::Digest::MD5.hexdigest($0)
|
188
|
-
@ctx.session_id_context = session_id
|
189
|
-
end
|
190
|
-
@start_immediately = true
|
191
|
-
end
|
192
|
-
|
193
|
-
def to_io
|
194
|
-
@svr
|
195
|
-
end
|
196
|
-
|
197
|
-
def listen(backlog=5)
|
198
|
-
@svr.listen(backlog)
|
199
|
-
end
|
200
|
-
|
201
|
-
def shutdown(how=Socket::SHUT_RDWR)
|
202
|
-
@svr.shutdown(how)
|
203
|
-
end
|
204
|
-
|
205
|
-
def accept
|
206
|
-
sock = @svr.accept
|
207
|
-
begin
|
208
|
-
ssl = OpenSSL::SSL::SSLSocket.new(sock, @ctx)
|
209
|
-
ssl.sync_close = true
|
210
|
-
ssl.accept if @start_immediately
|
211
|
-
ssl
|
212
|
-
rescue SSLError => ex
|
213
|
-
sock.close
|
214
|
-
raise ex
|
215
|
-
end
|
216
|
-
end
|
217
|
-
|
218
|
-
def close
|
219
|
-
@svr.close
|
220
|
-
end
|
221
|
-
end
|
222
|
-
end
|
223
|
-
end
|
@@ -1,115 +0,0 @@
|
|
1
|
-
=begin
|
2
|
-
= $RCSfile$ -- Ruby-space definitions that completes C-space funcs for X509 and subclasses
|
3
|
-
|
4
|
-
= Info
|
5
|
-
'OpenSSL for Ruby 2' project
|
6
|
-
Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz>
|
7
|
-
All rights reserved.
|
8
|
-
|
9
|
-
= Licence
|
10
|
-
This program is licenced under the same licence as Ruby.
|
11
|
-
(See the file 'LICENCE'.)
|
12
|
-
|
13
|
-
= Version
|
14
|
-
$Id$
|
15
|
-
=end
|
16
|
-
|
17
|
-
module OpenSSL
|
18
|
-
module X509
|
19
|
-
class Name
|
20
|
-
module RFC2253DN
|
21
|
-
Special = ',=+<>#;'
|
22
|
-
HexChar = /[0-9a-fA-F]/
|
23
|
-
HexPair = /#{HexChar}#{HexChar}/
|
24
|
-
HexString = /#{HexPair}+/
|
25
|
-
Pair = /\\(?:[#{Special}]|\\|"|#{HexPair})/
|
26
|
-
StringChar = /[^#{Special}\\"]/
|
27
|
-
QuoteChar = /[^\\"]/
|
28
|
-
AttributeType = /[a-zA-Z][0-9a-zA-Z]*|[0-9]+(?:\.[0-9]+)*/
|
29
|
-
AttributeValue = /
|
30
|
-
(?!["#])((?:#{StringChar}|#{Pair})*)|
|
31
|
-
\#(#{HexString})|
|
32
|
-
"((?:#{QuoteChar}|#{Pair})*)"
|
33
|
-
/x
|
34
|
-
TypeAndValue = /\A(#{AttributeType})=#{AttributeValue}/
|
35
|
-
|
36
|
-
module_function
|
37
|
-
|
38
|
-
def expand_pair(str)
|
39
|
-
return nil unless str
|
40
|
-
return str.gsub(Pair){
|
41
|
-
pair = $&
|
42
|
-
case pair.size
|
43
|
-
when 2 then pair[1,1]
|
44
|
-
when 3 then Integer("0x#{pair[1,2]}").chr
|
45
|
-
else raise OpenSSL::X509::NameError, "invalid pair: #{str}"
|
46
|
-
end
|
47
|
-
}
|
48
|
-
end
|
49
|
-
|
50
|
-
def expand_hexstring(str)
|
51
|
-
return nil unless str
|
52
|
-
der = str.gsub(HexPair){$&.to_i(16).chr }
|
53
|
-
a1 = OpenSSL::ASN1.decode(der)
|
54
|
-
return a1.value, a1.tag
|
55
|
-
end
|
56
|
-
|
57
|
-
def expand_value(str1, str2, str3)
|
58
|
-
value = expand_pair(str1)
|
59
|
-
value, tag = expand_hexstring(str2) unless value
|
60
|
-
value = expand_pair(str3) unless value
|
61
|
-
return value, tag
|
62
|
-
end
|
63
|
-
|
64
|
-
def scan(dn)
|
65
|
-
str = dn
|
66
|
-
ary = []
|
67
|
-
while true
|
68
|
-
if md = TypeAndValue.match(str)
|
69
|
-
remain = md.post_match
|
70
|
-
type = md[1]
|
71
|
-
value, tag = expand_value(md[2], md[3], md[4]) rescue nil
|
72
|
-
if value
|
73
|
-
type_and_value = [type, value]
|
74
|
-
type_and_value.push(tag) if tag
|
75
|
-
ary.unshift(type_and_value)
|
76
|
-
if remain.length > 2 && remain[0] == ?,
|
77
|
-
str = remain[1..-1]
|
78
|
-
next
|
79
|
-
elsif remain.length > 2 && remain[0] == ?+
|
80
|
-
raise OpenSSL::X509::NameError,
|
81
|
-
"multi-valued RDN is not supported: #{dn}"
|
82
|
-
elsif remain.empty?
|
83
|
-
break
|
84
|
-
end
|
85
|
-
end
|
86
|
-
end
|
87
|
-
msg_dn = dn[0, dn.length - str.length] + " =>" + str
|
88
|
-
raise OpenSSL::X509::NameError, "malformed RDN: #{msg_dn}"
|
89
|
-
end
|
90
|
-
return ary
|
91
|
-
end
|
92
|
-
end
|
93
|
-
|
94
|
-
class << self
|
95
|
-
def parse_rfc2253(str, template=OBJECT_TYPE_TEMPLATE)
|
96
|
-
ary = OpenSSL::X509::Name::RFC2253DN.scan(str)
|
97
|
-
self.new(ary, template)
|
98
|
-
end
|
99
|
-
|
100
|
-
def parse_openssl(str, template=OBJECT_TYPE_TEMPLATE)
|
101
|
-
ary = str.scan(/\s*([^\/,]+)\s*/).collect{|i| i[0].split("=", 2) }
|
102
|
-
self.new(ary, template)
|
103
|
-
end
|
104
|
-
|
105
|
-
alias parse parse_openssl
|
106
|
-
end
|
107
|
-
end
|
108
|
-
|
109
|
-
class StoreContext
|
110
|
-
def cleanup
|
111
|
-
warn "(#{caller.first}) OpenSSL::X509::StoreContext#cleanup is deprecated with no replacement" if $VERBOSE
|
112
|
-
end
|
113
|
-
end
|
114
|
-
end
|
115
|
-
end
|
data/lib/jopenssl19/openssl.rb
DELETED
@@ -1,22 +0,0 @@
|
|
1
|
-
=begin
|
2
|
-
= $RCSfile$ -- Loader for all OpenSSL C-space and Ruby-space definitions
|
3
|
-
|
4
|
-
= Info
|
5
|
-
'OpenSSL for Ruby 2' project
|
6
|
-
Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz>
|
7
|
-
All rights reserved.
|
8
|
-
|
9
|
-
= Licence
|
10
|
-
This program is licenced under the same licence as Ruby.
|
11
|
-
(See the file 'LICENCE'.)
|
12
|
-
|
13
|
-
= Version
|
14
|
-
$Id$
|
15
|
-
=end
|
16
|
-
|
17
|
-
require 'openssl/bn'
|
18
|
-
require 'openssl/cipher'
|
19
|
-
require 'openssl/config'
|
20
|
-
require 'openssl/digest'
|
21
|
-
require 'openssl/ssl-internal'
|
22
|
-
require 'openssl/x509-internal'
|
@@ -1,28 +0,0 @@
|
|
1
|
-
#--
|
2
|
-
#
|
3
|
-
# $RCSfile$
|
4
|
-
#
|
5
|
-
# = Ruby-space definitions that completes C-space funcs for BN
|
6
|
-
#
|
7
|
-
# = Info
|
8
|
-
# 'OpenSSL for Ruby 2' project
|
9
|
-
# Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz>
|
10
|
-
# All rights reserved.
|
11
|
-
#
|
12
|
-
# = Licence
|
13
|
-
# This program is licenced under the same licence as Ruby.
|
14
|
-
# (See the file 'LICENCE'.)
|
15
|
-
#
|
16
|
-
# = Version
|
17
|
-
# $Id$
|
18
|
-
#
|
19
|
-
#++
|
20
|
-
|
21
|
-
##
|
22
|
-
# Add double dispatch to Integer
|
23
|
-
#
|
24
|
-
class Integer
|
25
|
-
def to_bn
|
26
|
-
OpenSSL::BN::new(self)
|
27
|
-
end
|
28
|
-
end # Integer
|
@@ -1 +0,0 @@
|
|
1
|
-
load 'jopenssl22/openssl/buffering.rb'
|
@@ -1 +0,0 @@
|
|
1
|
-
load 'jopenssl22/openssl/cipher.rb'
|
@@ -1 +0,0 @@
|
|
1
|
-
load 'jopenssl22/openssl/config.rb'
|
@@ -1 +0,0 @@
|
|
1
|
-
load 'jopenssl22/openssl/digest.rb'
|
@@ -1 +0,0 @@
|
|
1
|
-
load 'jopenssl22/openssl/ssl.rb'
|
@@ -1,119 +0,0 @@
|
|
1
|
-
#--
|
2
|
-
#
|
3
|
-
# $RCSfile$
|
4
|
-
#
|
5
|
-
# = Ruby-space definitions that completes C-space funcs for X509 and subclasses
|
6
|
-
#
|
7
|
-
# = Info
|
8
|
-
# 'OpenSSL for Ruby 2' project
|
9
|
-
# Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz>
|
10
|
-
# All rights reserved.
|
11
|
-
#
|
12
|
-
# = Licence
|
13
|
-
# This program is licenced under the same licence as Ruby.
|
14
|
-
# (See the file 'LICENCE'.)
|
15
|
-
#
|
16
|
-
# = Version
|
17
|
-
# $Id$
|
18
|
-
#
|
19
|
-
#++
|
20
|
-
|
21
|
-
module OpenSSL
|
22
|
-
module X509
|
23
|
-
class Name
|
24
|
-
module RFC2253DN
|
25
|
-
Special = ',=+<>#;'
|
26
|
-
HexChar = /[0-9a-fA-F]/
|
27
|
-
HexPair = /#{HexChar}#{HexChar}/
|
28
|
-
HexString = /#{HexPair}+/
|
29
|
-
Pair = /\\(?:[#{Special}]|\\|"|#{HexPair})/
|
30
|
-
StringChar = /[^#{Special}\\"]/
|
31
|
-
QuoteChar = /[^\\"]/
|
32
|
-
AttributeType = /[a-zA-Z][0-9a-zA-Z]*|[0-9]+(?:\.[0-9]+)*/
|
33
|
-
AttributeValue = /
|
34
|
-
(?!["#])((?:#{StringChar}|#{Pair})*)|
|
35
|
-
\#(#{HexString})|
|
36
|
-
"((?:#{QuoteChar}|#{Pair})*)"
|
37
|
-
/x
|
38
|
-
TypeAndValue = /\A(#{AttributeType})=#{AttributeValue}/
|
39
|
-
|
40
|
-
module_function
|
41
|
-
|
42
|
-
def expand_pair(str)
|
43
|
-
return nil unless str
|
44
|
-
return str.gsub(Pair){
|
45
|
-
pair = $&
|
46
|
-
case pair.size
|
47
|
-
when 2 then pair[1,1]
|
48
|
-
when 3 then Integer("0x#{pair[1,2]}").chr
|
49
|
-
else raise OpenSSL::X509::NameError, "invalid pair: #{str}"
|
50
|
-
end
|
51
|
-
}
|
52
|
-
end
|
53
|
-
|
54
|
-
def expand_hexstring(str)
|
55
|
-
return nil unless str
|
56
|
-
der = str.gsub(HexPair){$&.to_i(16).chr }
|
57
|
-
a1 = OpenSSL::ASN1.decode(der)
|
58
|
-
return a1.value, a1.tag
|
59
|
-
end
|
60
|
-
|
61
|
-
def expand_value(str1, str2, str3)
|
62
|
-
value = expand_pair(str1)
|
63
|
-
value, tag = expand_hexstring(str2) unless value
|
64
|
-
value = expand_pair(str3) unless value
|
65
|
-
return value, tag
|
66
|
-
end
|
67
|
-
|
68
|
-
def scan(dn)
|
69
|
-
str = dn
|
70
|
-
ary = []
|
71
|
-
while true
|
72
|
-
if md = TypeAndValue.match(str)
|
73
|
-
remain = md.post_match
|
74
|
-
type = md[1]
|
75
|
-
value, tag = expand_value(md[2], md[3], md[4]) rescue nil
|
76
|
-
if value
|
77
|
-
type_and_value = [type, value]
|
78
|
-
type_and_value.push(tag) if tag
|
79
|
-
ary.unshift(type_and_value)
|
80
|
-
if remain.length > 2 && remain[0] == ?,
|
81
|
-
str = remain[1..-1]
|
82
|
-
next
|
83
|
-
elsif remain.length > 2 && remain[0] == ?+
|
84
|
-
raise OpenSSL::X509::NameError,
|
85
|
-
"multi-valued RDN is not supported: #{dn}"
|
86
|
-
elsif remain.empty?
|
87
|
-
break
|
88
|
-
end
|
89
|
-
end
|
90
|
-
end
|
91
|
-
msg_dn = dn[0, dn.length - str.length] + " =>" + str
|
92
|
-
raise OpenSSL::X509::NameError, "malformed RDN: #{msg_dn}"
|
93
|
-
end
|
94
|
-
return ary
|
95
|
-
end
|
96
|
-
end
|
97
|
-
|
98
|
-
class << self
|
99
|
-
def parse_rfc2253(str, template=OBJECT_TYPE_TEMPLATE)
|
100
|
-
ary = OpenSSL::X509::Name::RFC2253DN.scan(str)
|
101
|
-
self.new(ary, template)
|
102
|
-
end
|
103
|
-
|
104
|
-
def parse_openssl(str, template=OBJECT_TYPE_TEMPLATE)
|
105
|
-
ary = str.scan(/\s*([^\/,]+)\s*/).collect{|i| i[0].split("=", 2) }
|
106
|
-
self.new(ary, template)
|
107
|
-
end
|
108
|
-
|
109
|
-
alias parse parse_openssl
|
110
|
-
end
|
111
|
-
end
|
112
|
-
|
113
|
-
class StoreContext
|
114
|
-
def cleanup
|
115
|
-
warn "(#{caller.first}) OpenSSL::X509::StoreContext#cleanup is deprecated with no replacement" if $VERBOSE
|
116
|
-
end
|
117
|
-
end
|
118
|
-
end
|
119
|
-
end
|
data/lib/jopenssl21/openssl.rb
DELETED
@@ -1,22 +0,0 @@
|
|
1
|
-
=begin
|
2
|
-
= $RCSfile$ -- Loader for all OpenSSL C-space and Ruby-space definitions
|
3
|
-
|
4
|
-
= Info
|
5
|
-
'OpenSSL for Ruby 2' project
|
6
|
-
Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz>
|
7
|
-
All rights reserved.
|
8
|
-
|
9
|
-
= Licence
|
10
|
-
This program is licenced under the same licence as Ruby.
|
11
|
-
(See the file 'LICENCE'.)
|
12
|
-
|
13
|
-
= Version
|
14
|
-
$Id$
|
15
|
-
=end
|
16
|
-
|
17
|
-
require 'openssl/bn'
|
18
|
-
require 'openssl/cipher'
|
19
|
-
require 'openssl/config'
|
20
|
-
require 'openssl/digest'
|
21
|
-
require 'openssl/x509'
|
22
|
-
require 'openssl/ssl'
|
@@ -1,39 +0,0 @@
|
|
1
|
-
#--
|
2
|
-
#
|
3
|
-
# $RCSfile$
|
4
|
-
#
|
5
|
-
# = Ruby-space definitions that completes C-space funcs for BN
|
6
|
-
#
|
7
|
-
# = Info
|
8
|
-
# 'OpenSSL for Ruby 2' project
|
9
|
-
# Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz>
|
10
|
-
# All rights reserved.
|
11
|
-
#
|
12
|
-
# = Licence
|
13
|
-
# This program is licenced under the same licence as Ruby.
|
14
|
-
# (See the file 'LICENCE'.)
|
15
|
-
#
|
16
|
-
# = Version
|
17
|
-
# $Id$
|
18
|
-
#
|
19
|
-
#++
|
20
|
-
|
21
|
-
module OpenSSL
|
22
|
-
class BN
|
23
|
-
def pretty_print(q)
|
24
|
-
q.object_group(self) {
|
25
|
-
q.text ' '
|
26
|
-
q.text to_i.to_s
|
27
|
-
}
|
28
|
-
end
|
29
|
-
end # BN
|
30
|
-
end # OpenSSL
|
31
|
-
|
32
|
-
##
|
33
|
-
# Add double dispatch to Integer
|
34
|
-
#
|
35
|
-
class Integer
|
36
|
-
def to_bn
|
37
|
-
OpenSSL::BN::new(self)
|
38
|
-
end
|
39
|
-
end # Integer
|