jruby-openssl 0.6 → 0.7
Sign up to get free protection for your applications and to get access to all the features.
- data/History.txt +45 -0
- data/Manifest.txt +19 -11
- data/README.txt +1 -12
- data/Rakefile +12 -5
- data/lib/bcmail-jdk15-144.jar +0 -0
- data/lib/bcprov-jdk15-144.jar +0 -0
- data/lib/jopenssl/version.rb +1 -1
- data/lib/jopenssl.jar +0 -0
- data/lib/openssl/bn.rb +5 -3
- data/lib/openssl/buffering.rb +2 -2
- data/lib/openssl/cipher.rb +27 -18
- data/lib/openssl/digest.rb +19 -4
- data/lib/openssl/dummy.rb +11 -11
- data/lib/openssl/dummyssl.rb +2 -1
- data/lib/openssl/pkcs7.rb +25 -0
- data/lib/openssl/ssl.rb +70 -26
- data/lib/openssl/x509.rb +2 -2
- data/lib/openssl.rb +47 -2
- data/test/fixture/ca-bundle.crt +2794 -0
- data/test/fixture/keypair.pem +27 -0
- data/test/fixture/selfcert.pem +23 -0
- data/test/{pkcs7_mime_enveloped.message → java/pkcs7_mime_enveloped.message} +0 -0
- data/test/{pkcs7_mime_signed.message → java/pkcs7_mime_signed.message} +0 -0
- data/test/{pkcs7_multipart_signed.message → java/pkcs7_multipart_signed.message} +0 -0
- data/test/{test_java_attribute.rb → java/test_java_attribute.rb} +2 -2
- data/test/{test_java_bio.rb → java/test_java_bio.rb} +0 -0
- data/test/{test_java_mime.rb → java/test_java_mime.rb} +0 -0
- data/test/{test_java_pkcs7.rb → java/test_java_pkcs7.rb} +35 -32
- data/test/{test_java_smime.rb → java/test_java_smime.rb} +0 -0
- data/test/openssl/test_asn1.rb +1 -3
- data/test/openssl/test_cipher.rb +7 -10
- data/test/openssl/test_ec.rb +113 -0
- data/test/openssl/test_pair.rb +3 -8
- data/test/openssl/test_pkcs7.rb +339 -11
- data/test/openssl/test_ssl.rb +728 -100
- data/test/openssl/test_x509cert.rb +5 -5
- data/test/openssl/test_x509crl.rb +1 -2
- data/test/openssl/test_x509ext.rb +3 -3
- data/test/openssl/test_x509name.rb +1 -0
- data/test/openssl/test_x509req.rb +5 -7
- data/test/openssl/test_x509store.rb +3 -2
- data/test/test_all.rb +1 -0
- data/test/{test_openssl_x509.rb → test_certificate.rb} +33 -3
- data/test/test_cipher.rb +85 -7
- data/test/test_integration.rb +7 -8
- data/test/test_java.rb +9 -9
- data/test/test_openssl.rb +3 -33
- data/test/test_parse_certificate.rb +8 -1
- data/test/test_pkcs7.rb +40 -0
- data/test/test_pkey.rb +165 -7
- data/test/test_x509store.rb +8 -7
- metadata +31 -30
- data/lib/bcmail-jdk14-139.jar +0 -0
- data/lib/bcprov-jdk14-139.jar +0 -0
@@ -0,0 +1,27 @@
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
2
|
+
MIIEpAIBAAKCAQEAoMKQs2G2GLpdHCp07ZR7fYAim3BcHhx1PM3cscrYLXaVCGqH
|
3
|
+
PtZLJQDDseuvQur1VMGjHOneUJzsfdXJcRN8WfH9AD5KXJbTpzt134BpqrMhJcov
|
4
|
+
G4e54oVNzvlQ1P2xwZt7QXYg2hyCIqH6r7wBtaW8g8e5dUGb3vuZW4OC2s/KSKue
|
5
|
+
71LnqsolKuINt9OTs0R6+4oxyLRIBU/8gG/PD+bnjXB3JUm9/JYOxh4mN3goRhbZ
|
6
|
+
61kTu6vHI9DcWI3I81rS4hzbvArnBsbmKkQOZRc8YkNqAQtyC+V/0xyv/w5jJXpT
|
7
|
+
xlT4ZJaUfcO3KtGHvP9JkxT3F4whN5whwdcRxwIDAQABAoIBAQCR7o00iWqoH+UO
|
8
|
+
AGyMjtFbJ8pCmEjG/MZgH/BLZPvAqXi4XxvOqvEj8gGzrWM3t9pkyjKruJEbVJhJ
|
9
|
+
0pw+jZXAgK9OXT1bt38CvDNQZF2Hm3xntZX1w8u2GZR8Yk5CStnmCqJk1jsUQ/TO
|
10
|
+
Q4QxqtVSc9UhO1jbXGeGj5azQDq1LaLDOePfH4XtM/GcoPKtu+Lghx+5JfOVMI+/
|
11
|
+
cOcm65cK+APPObySe0x7r6Q45UhFW5q0UMFGaMFfkMauYyzhuliD8BS5XV9gDSGH
|
12
|
+
Ozr8GDEroGuJr3oTKSMKZg+S8N/8SQ1g4RL9IEZZ6MIIJZrWkqhY7jwY5v1ywrSY
|
13
|
+
OBE4pNxBAoGBANI30R3WthH/iWq1xyQVQCD1XwxYO66iWk2U0fxhhn/3lSkNTq/a
|
14
|
+
cIs+2IY9vnXT7yJSY4xHejbmgJmdfNXnjwaKwDvyh/M8fesFNQLPWKufl0l4LPwH
|
15
|
+
qWlxgcmff1VxtP4xrGSEBG51oo60heqWgRACL+xan98PNUiB113UE9M5AoGBAMPF
|
16
|
+
VwXMo8RIA+wLPOSUjdWXPusZfzzKCm+NdTYDdoc7F6hVjxzNeU/44bJs5XVxM9JV
|
17
|
+
EsGjWG9KprgAhzw1gy6UJg8OErF2zf0j/czg8FIB5Cm+ecNsH8pzfBfcRursvGAt
|
18
|
+
HHVIUyyvODN/kus3dta6CqOj4kd6yKhdcu5wuQz/AoGAaRnbBW4Z7XmzPJTRkarG
|
19
|
+
OzQyZzud6zvkpjEno2UnF8ey3al3k9hEuHmdS9CG7uYdAy3p83KxGc24shTZGyEA
|
20
|
+
kya/4bjqW6P82Inr7RG5pWTPAL6CzycNflhvqVyDDzcgZI51QHP4uzk5ItwCsDy7
|
21
|
+
HkPZrfPJRn6WB0BTaufjWZECgYEAvIxATu6Tv4QYeusr336Px+neCDHLULHKMTwN
|
22
|
+
alMVghLQqyiUKAphTzuFrAGjUWQQo/+Zi/OVRcKhJVAk70EeseqvaQqFyHOC2s4i
|
23
|
+
L4NpEaKOrAGuZh+p0qM9HgHiL3qHxx1Lbk2VBdFQEJFK383QX+hYPNinI27G+Rjf
|
24
|
+
i3P3VeMCgYBhXO1Tgge4J7UPYRCT7WOsvpXdcZdwOx75fBAR9g7FrPSjiXgYPZlK
|
25
|
+
TZ1/Gv0c1WGeW4sJ+XdnFexWENh+mdJGmWsMkyPnkRNaAbRqz5Isq+eZcVNSXNEz
|
26
|
+
QBCT+THNIIPCjkZCdjwXNClVkGfePJ3i3ON43ioyrouex9D5kvU7uA==
|
27
|
+
-----END RSA PRIVATE KEY-----
|
@@ -0,0 +1,23 @@
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
2
|
+
MIID0DCCArigAwIBAgIJAKKAqEyofo5/MA0GCSqGSIb3DQEBBQUAME4xCzAJBgNV
|
3
|
+
BAYTAkpQMRowGAYDVQQKExF3d3cucnVieS1sYW5nLm9yZzEUMBIGA1UECxMLZGV2
|
4
|
+
ZWxvcG1lbnQxDTALBgNVBAMTBHNlbGYwHhcNMTAwMTEyMDkyNDU4WhcNMzAwMTA3
|
5
|
+
MDkyNDU4WjBOMQswCQYDVQQGEwJKUDEaMBgGA1UEChMRd3d3LnJ1YnktbGFuZy5v
|
6
|
+
cmcxFDASBgNVBAsTC2RldmVsb3BtZW50MQ0wCwYDVQQDEwRzZWxmMIIBIjANBgkq
|
7
|
+
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMKQs2G2GLpdHCp07ZR7fYAim3BcHhx1
|
8
|
+
PM3cscrYLXaVCGqHPtZLJQDDseuvQur1VMGjHOneUJzsfdXJcRN8WfH9AD5KXJbT
|
9
|
+
pzt134BpqrMhJcovG4e54oVNzvlQ1P2xwZt7QXYg2hyCIqH6r7wBtaW8g8e5dUGb
|
10
|
+
3vuZW4OC2s/KSKue71LnqsolKuINt9OTs0R6+4oxyLRIBU/8gG/PD+bnjXB3JUm9
|
11
|
+
/JYOxh4mN3goRhbZ61kTu6vHI9DcWI3I81rS4hzbvArnBsbmKkQOZRc8YkNqAQty
|
12
|
+
C+V/0xyv/w5jJXpTxlT4ZJaUfcO3KtGHvP9JkxT3F4whN5whwdcRxwIDAQABo4Gw
|
13
|
+
MIGtMB0GA1UdDgQWBBQT5CcsdalzWhSsCgkMqtDVRUHVGjB+BgNVHSMEdzB1gBQT
|
14
|
+
5CcsdalzWhSsCgkMqtDVRUHVGqFSpFAwTjELMAkGA1UEBhMCSlAxGjAYBgNVBAoT
|
15
|
+
EXd3dy5ydWJ5LWxhbmcub3JnMRQwEgYDVQQLEwtkZXZlbG9wbWVudDENMAsGA1UE
|
16
|
+
AxMEc2VsZoIJAKKAqEyofo5/MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD
|
17
|
+
ggEBACSpZcF7xYei4cGVQM4As6tOneR2F5Yk4OVljsH1+5Zm4UO60l/Q8o9t0KPg
|
18
|
+
xjv3H0Y3lqe9VJOmGqyl66JllTNCaIuBnIrmbDsj++NQ+1ietkq8vDu5SKKy7/OY
|
19
|
+
MMyko6iKRbs/GmigRA4XZsqFXGsNlwyO0Oq1Cr83JYb5PGRB5k9/ThGWUi8wd6lk
|
20
|
+
ODN34nC+mVT65AQM4t5HfZhYnXdrBcOje0If+HuKPPbwr+55xUEtkBmShbfXow4m
|
21
|
+
6OE+5iZXUzdGo/+G/fLx4JNMPufSD7GmeDIazm9crhZojElxa5ylpMNqGN22UEyZ
|
22
|
+
wYN6dtBOG81wMKfuRfKI6DW/lU0=
|
23
|
+
-----END CERTIFICATE-----
|
File without changes
|
File without changes
|
File without changes
|
@@ -4,10 +4,10 @@ module PKCS7Test
|
|
4
4
|
val = ASN1::OctetString.new("foo".to_java_bytes)
|
5
5
|
val2 = ASN1::OctetString.new("bar".to_java_bytes)
|
6
6
|
attr = Attribute.create(123, 444, val)
|
7
|
-
|
7
|
+
assert_raise NoMethodError do
|
8
8
|
attr.type = 12
|
9
9
|
end
|
10
|
-
|
10
|
+
assert_raise NoMethodError do
|
11
11
|
attr.value = val2
|
12
12
|
end
|
13
13
|
|
File without changes
|
File without changes
|
@@ -136,7 +136,7 @@ module PKCS7Test
|
|
136
136
|
end
|
137
137
|
|
138
138
|
def test_set_type_throws_exception_on_wrong_argument
|
139
|
-
|
139
|
+
assert_raise NativeException do
|
140
140
|
# 42 is a value that is not one of the valid NID's for type
|
141
141
|
PKCS7.new.type = 42
|
142
142
|
end
|
@@ -239,25 +239,25 @@ module PKCS7Test
|
|
239
239
|
p7 = PKCS7.new
|
240
240
|
p7.type = ASN1Registry::NID_pkcs7_digest
|
241
241
|
|
242
|
-
|
242
|
+
assert_raise NativeException do
|
243
243
|
p7.cipher = nil
|
244
244
|
end
|
245
245
|
|
246
246
|
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
247
247
|
|
248
|
-
|
248
|
+
assert_raise NativeException do
|
249
249
|
p7.cipher = nil
|
250
250
|
end
|
251
251
|
|
252
252
|
p7.type = ASN1Registry::NID_pkcs7_data
|
253
253
|
|
254
|
-
|
254
|
+
assert_raise NativeException do
|
255
255
|
p7.cipher = nil
|
256
256
|
end
|
257
257
|
|
258
258
|
p7.type = ASN1Registry::NID_pkcs7_signed
|
259
259
|
|
260
|
-
|
260
|
+
assert_raise NativeException do
|
261
261
|
p7.cipher = nil
|
262
262
|
end
|
263
263
|
end
|
@@ -266,7 +266,8 @@ module PKCS7Test
|
|
266
266
|
p7 = PKCS7.new
|
267
267
|
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
268
268
|
|
269
|
-
|
269
|
+
c = javax.crypto.Cipher.getInstance("RSA")
|
270
|
+
cipher = CipherSpec.new(c, "RSA", 128)
|
270
271
|
|
271
272
|
p7.cipher = cipher
|
272
273
|
|
@@ -278,7 +279,8 @@ module PKCS7Test
|
|
278
279
|
p7 = PKCS7.new
|
279
280
|
p7.type = ASN1Registry::NID_pkcs7_signedAndEnveloped
|
280
281
|
|
281
|
-
|
282
|
+
c = javax.crypto.Cipher.getInstance("RSA")
|
283
|
+
cipher = CipherSpec.new(c, "RSA", 128)
|
282
284
|
|
283
285
|
p7.cipher = cipher
|
284
286
|
|
@@ -288,25 +290,25 @@ module PKCS7Test
|
|
288
290
|
def test_add_recipient_info_to_something_that_cant_have_recipients
|
289
291
|
p7 = PKCS7.new
|
290
292
|
p7.type = ASN1Registry::NID_pkcs7_signed
|
291
|
-
|
293
|
+
assert_raise NativeException do
|
292
294
|
p7.add_recipient(X509Cert)
|
293
295
|
end
|
294
296
|
|
295
297
|
p7 = PKCS7.new
|
296
298
|
p7.type = ASN1Registry::NID_pkcs7_data
|
297
|
-
|
299
|
+
assert_raise NativeException do
|
298
300
|
p7.add_recipient(X509Cert)
|
299
301
|
end
|
300
302
|
|
301
303
|
p7 = PKCS7.new
|
302
304
|
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
303
|
-
|
305
|
+
assert_raise NativeException do
|
304
306
|
p7.add_recipient(X509Cert)
|
305
307
|
end
|
306
308
|
|
307
309
|
p7 = PKCS7.new
|
308
310
|
p7.type = ASN1Registry::NID_pkcs7_digest
|
309
|
-
|
311
|
+
assert_raise NativeException do
|
310
312
|
p7.add_recipient(X509Cert)
|
311
313
|
end
|
312
314
|
end
|
@@ -335,25 +337,25 @@ module PKCS7Test
|
|
335
337
|
def test_add_signer_to_something_that_cant_have_signers
|
336
338
|
p7 = PKCS7.new
|
337
339
|
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
338
|
-
|
340
|
+
assert_raise NativeException do
|
339
341
|
p7.add_signer(SignerInfoWithPkey.new(nil, nil, nil, nil, nil, nil, nil))
|
340
342
|
end
|
341
343
|
|
342
344
|
p7 = PKCS7.new
|
343
345
|
p7.type = ASN1Registry::NID_pkcs7_data
|
344
|
-
|
346
|
+
assert_raise NativeException do
|
345
347
|
p7.add_signer(SignerInfoWithPkey.new(nil, nil, nil, nil, nil, nil, nil))
|
346
348
|
end
|
347
349
|
|
348
350
|
p7 = PKCS7.new
|
349
351
|
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
350
|
-
|
352
|
+
assert_raise NativeException do
|
351
353
|
p7.add_signer(SignerInfoWithPkey.new(nil, nil, nil, nil, nil, nil, nil))
|
352
354
|
end
|
353
355
|
|
354
356
|
p7 = PKCS7.new
|
355
357
|
p7.type = ASN1Registry::NID_pkcs7_digest
|
356
|
-
|
358
|
+
assert_raise NativeException do
|
357
359
|
p7.add_signer(SignerInfoWithPkey.new(nil, nil, nil, nil, nil, nil, nil))
|
358
360
|
end
|
359
361
|
end
|
@@ -452,7 +454,7 @@ module PKCS7Test
|
|
452
454
|
def test_set_content_on_data_throws_exception
|
453
455
|
p7 = PKCS7.new
|
454
456
|
p7.type = ASN1Registry::NID_pkcs7_data
|
455
|
-
|
457
|
+
assert_raise NativeException do
|
456
458
|
p7.setContent(PKCS7.new)
|
457
459
|
end
|
458
460
|
end
|
@@ -460,7 +462,7 @@ module PKCS7Test
|
|
460
462
|
def test_set_content_on_enveloped_throws_exception
|
461
463
|
p7 = PKCS7.new
|
462
464
|
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
463
|
-
|
465
|
+
assert_raise NativeException do
|
464
466
|
p7.setContent(PKCS7.new)
|
465
467
|
end
|
466
468
|
end
|
@@ -468,7 +470,7 @@ module PKCS7Test
|
|
468
470
|
def test_set_content_on_signedAndEnveloped_throws_exception
|
469
471
|
p7 = PKCS7.new
|
470
472
|
p7.type = ASN1Registry::NID_pkcs7_signedAndEnveloped
|
471
|
-
|
473
|
+
assert_raise NativeException do
|
472
474
|
p7.setContent(PKCS7.new)
|
473
475
|
end
|
474
476
|
end
|
@@ -476,7 +478,7 @@ module PKCS7Test
|
|
476
478
|
def test_set_content_on_encrypted_throws_exception
|
477
479
|
p7 = PKCS7.new
|
478
480
|
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
479
|
-
|
481
|
+
assert_raise NativeException do
|
480
482
|
p7.setContent(PKCS7.new)
|
481
483
|
end
|
482
484
|
end
|
@@ -538,7 +540,7 @@ module PKCS7Test
|
|
538
540
|
def test_content_new_on_data_raises_exception
|
539
541
|
p7 = PKCS7.new
|
540
542
|
p7.type = ASN1Registry::NID_pkcs7_data
|
541
|
-
|
543
|
+
assert_raise NativeException do
|
542
544
|
p7.content_new(ASN1Registry::NID_pkcs7_data)
|
543
545
|
end
|
544
546
|
end
|
@@ -546,7 +548,7 @@ module PKCS7Test
|
|
546
548
|
def test_content_new_on_encrypted_raises_exception
|
547
549
|
p7 = PKCS7.new
|
548
550
|
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
549
|
-
|
551
|
+
assert_raise NativeException do
|
550
552
|
p7.content_new(ASN1Registry::NID_pkcs7_data)
|
551
553
|
end
|
552
554
|
end
|
@@ -554,7 +556,7 @@ module PKCS7Test
|
|
554
556
|
def test_content_new_on_enveloped_raises_exception
|
555
557
|
p7 = PKCS7.new
|
556
558
|
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
557
|
-
|
559
|
+
assert_raise NativeException do
|
558
560
|
p7.content_new(ASN1Registry::NID_pkcs7_data)
|
559
561
|
end
|
560
562
|
end
|
@@ -562,7 +564,7 @@ module PKCS7Test
|
|
562
564
|
def test_content_new_on_signedAndEnveloped_raises_exception
|
563
565
|
p7 = PKCS7.new
|
564
566
|
p7.type = ASN1Registry::NID_pkcs7_signedAndEnveloped
|
565
|
-
|
567
|
+
assert_raise NativeException do
|
566
568
|
p7.content_new(ASN1Registry::NID_pkcs7_data)
|
567
569
|
end
|
568
570
|
end
|
@@ -591,7 +593,7 @@ module PKCS7Test
|
|
591
593
|
def test_add_certificate_on_data_throws_exception
|
592
594
|
p7 = PKCS7.new
|
593
595
|
p7.type = ASN1Registry::NID_pkcs7_data
|
594
|
-
|
596
|
+
assert_raise NativeException do
|
595
597
|
p7.add_certificate(X509Cert)
|
596
598
|
end
|
597
599
|
end
|
@@ -599,7 +601,7 @@ module PKCS7Test
|
|
599
601
|
def test_add_certificate_on_enveloped_throws_exception
|
600
602
|
p7 = PKCS7.new
|
601
603
|
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
602
|
-
|
604
|
+
assert_raise NativeException do
|
603
605
|
p7.add_certificate(X509Cert)
|
604
606
|
end
|
605
607
|
end
|
@@ -607,7 +609,7 @@ module PKCS7Test
|
|
607
609
|
def test_add_certificate_on_encrypted_throws_exception
|
608
610
|
p7 = PKCS7.new
|
609
611
|
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
610
|
-
|
612
|
+
assert_raise NativeException do
|
611
613
|
p7.add_certificate(X509Cert)
|
612
614
|
end
|
613
615
|
end
|
@@ -615,7 +617,7 @@ module PKCS7Test
|
|
615
617
|
def test_add_certificate_on_digest_throws_exception
|
616
618
|
p7 = PKCS7.new
|
617
619
|
p7.type = ASN1Registry::NID_pkcs7_digest
|
618
|
-
|
620
|
+
assert_raise NativeException do
|
619
621
|
p7.add_certificate(X509Cert)
|
620
622
|
end
|
621
623
|
end
|
@@ -639,7 +641,7 @@ module PKCS7Test
|
|
639
641
|
def test_add_crl_on_data_throws_exception
|
640
642
|
p7 = PKCS7.new
|
641
643
|
p7.type = ASN1Registry::NID_pkcs7_data
|
642
|
-
|
644
|
+
assert_raise NativeException do
|
643
645
|
p7.add_crl(X509CRL)
|
644
646
|
end
|
645
647
|
end
|
@@ -647,7 +649,7 @@ module PKCS7Test
|
|
647
649
|
def test_add_crl_on_enveloped_throws_exception
|
648
650
|
p7 = PKCS7.new
|
649
651
|
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
650
|
-
|
652
|
+
assert_raise NativeException do
|
651
653
|
p7.add_crl(X509CRL)
|
652
654
|
end
|
653
655
|
end
|
@@ -655,7 +657,7 @@ module PKCS7Test
|
|
655
657
|
def test_add_crl_on_encrypted_throws_exception
|
656
658
|
p7 = PKCS7.new
|
657
659
|
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
658
|
-
|
660
|
+
assert_raise NativeException do
|
659
661
|
p7.add_crl(X509CRL)
|
660
662
|
end
|
661
663
|
end
|
@@ -663,7 +665,7 @@ module PKCS7Test
|
|
663
665
|
def test_add_crl_on_digest_throws_exception
|
664
666
|
p7 = PKCS7.new
|
665
667
|
p7.type = ASN1Registry::NID_pkcs7_digest
|
666
|
-
|
668
|
+
assert_raise NativeException do
|
667
669
|
p7.add_crl(X509CRL)
|
668
670
|
end
|
669
671
|
end
|
@@ -690,7 +692,8 @@ module PKCS7Test
|
|
690
692
|
|
691
693
|
def test_encrypt_integration_test
|
692
694
|
certs = [X509Cert]
|
693
|
-
|
695
|
+
c = Cipher.get_instance("AES", BCP.new)
|
696
|
+
cipher = CipherSpec.new(c, "AES-128-CBC", 128)
|
694
697
|
data = "aaaaa\nbbbbb\nccccc\n".to_java_bytes
|
695
698
|
PKCS7::encrypt(certs, data, cipher, PKCS7::BINARY)
|
696
699
|
# puts
|
File without changes
|
data/test/openssl/test_asn1.rb
CHANGED
@@ -10,7 +10,6 @@ class OpenSSL::TestASN1 < Test::Unit::TestCase
|
|
10
10
|
subj = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=TestCA")
|
11
11
|
key = OpenSSL::TestUtils::TEST_KEY_RSA1024
|
12
12
|
now = Time.at(Time.now.to_i) # suppress usec
|
13
|
-
# now = Time.utc(2006,04,03,22,15,13)
|
14
13
|
s = 0xdeadbeafdeadbeafdeadbeafdeadbeaf
|
15
14
|
exts = [
|
16
15
|
["basicConstraints","CA:TRUE,pathlen:1",true],
|
@@ -21,6 +20,7 @@ class OpenSSL::TestASN1 < Test::Unit::TestCase
|
|
21
20
|
cert = OpenSSL::TestUtils.issue_cert(
|
22
21
|
subj, key, s, now, now+3600, exts, nil, nil, dgst)
|
23
22
|
|
23
|
+
|
24
24
|
asn1 = OpenSSL::ASN1.decode(cert)
|
25
25
|
assert_equal(OpenSSL::ASN1::Sequence, asn1.class)
|
26
26
|
assert_equal(3, asn1.value.size)
|
@@ -32,7 +32,6 @@ class OpenSSL::TestASN1 < Test::Unit::TestCase
|
|
32
32
|
version = tbs_cert.value[0]
|
33
33
|
assert_equal(:CONTEXT_SPECIFIC, version.tag_class)
|
34
34
|
assert_equal(0, version.tag)
|
35
|
-
|
36
35
|
assert_equal(1, version.value.size)
|
37
36
|
assert_equal(OpenSSL::ASN1::Integer, version.value[0].class)
|
38
37
|
assert_equal(2, version.value[0].value)
|
@@ -192,7 +191,6 @@ class OpenSSL::TestASN1 < Test::Unit::TestCase
|
|
192
191
|
assert_equal(OpenSSL::ASN1::Null, pkey.value[0].value[1].class)
|
193
192
|
|
194
193
|
assert_equal(OpenSSL::ASN1::BitString, sig_val.class)
|
195
|
-
|
196
194
|
cululated_sig = key.sign(OpenSSL::Digest::SHA1.new, tbs_cert.to_der)
|
197
195
|
assert_equal(cululated_sig, sig_val.value)
|
198
196
|
end
|
data/test/openssl/test_cipher.rb
CHANGED
@@ -1,10 +1,3 @@
|
|
1
|
-
if defined?(JRUBY_VERSION)
|
2
|
-
require "java"
|
3
|
-
base = File.join(File.dirname(__FILE__), '..', '..')
|
4
|
-
$CLASSPATH << File.join(base, 'pkg', 'classes')
|
5
|
-
$CLASSPATH << File.join(base, 'lib', 'bcprov-jdk14-139.jar')
|
6
|
-
end
|
7
|
-
|
8
1
|
begin
|
9
2
|
require "openssl"
|
10
3
|
rescue LoadError
|
@@ -88,7 +81,7 @@ class OpenSSL::TestCipher < Test::Unit::TestCase
|
|
88
81
|
|
89
82
|
def test_empty_data
|
90
83
|
@c1.encrypt
|
91
|
-
|
84
|
+
assert_raise(ArgumentError){ @c1.update("") }
|
92
85
|
end
|
93
86
|
|
94
87
|
def test_disable_padding(padding=0)
|
@@ -159,7 +152,9 @@ class OpenSSL::TestCipher < Test::Unit::TestCase
|
|
159
152
|
%w(ECB CBC CFB OFB).each{|mode|
|
160
153
|
c1 = OpenSSL::Cipher::AES256.new(mode)
|
161
154
|
c1.encrypt
|
162
|
-
|
155
|
+
assert_nothing_raised('This test fails w/o Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files') do
|
156
|
+
c1.pkcs5_keyivgen("passwd")
|
157
|
+
end
|
163
158
|
ct = c1.update(pt) + c1.final
|
164
159
|
|
165
160
|
c2 = OpenSSL::Cipher::AES256.new(mode)
|
@@ -176,6 +171,7 @@ class OpenSSL::TestCipher < Test::Unit::TestCase
|
|
176
171
|
data = "1234567890~5J96LC303C1D22DD~20090930005944~http%3A%2F%2Flocalhost%3A8080%2Flogin%3B0%3B1~http%3A%2F%2Fmix-stage.oracle.com%2F~00"
|
177
172
|
c1 = OpenSSL::Cipher::Cipher.new("DES-CBC")
|
178
173
|
c1.padding = 0
|
174
|
+
c1.iv = "0" * 8
|
179
175
|
c1.encrypt
|
180
176
|
c1.key = key
|
181
177
|
e = c1.update data
|
@@ -183,12 +179,13 @@ class OpenSSL::TestCipher < Test::Unit::TestCase
|
|
183
179
|
|
184
180
|
c2 = OpenSSL::Cipher::Cipher.new("DES-CBC")
|
185
181
|
c2.padding = 0
|
182
|
+
c2.iv = "0" * 8
|
186
183
|
c2.decrypt
|
187
184
|
c2.key = key
|
188
185
|
d = c2.update e
|
189
186
|
d << c2.final
|
190
187
|
|
191
|
-
assert_equal "
|
188
|
+
assert_equal "\342\320B.\300&X\310\344\253\025\215\017*\22015\344\024D\342\213\361\336\311\271\326\016\243\214\026\2545\002\237,\017s\202\316&Ew\323\221H\376\200\304\201\365\332Im\240\361\037\246\3536\001A2\341\324o0\350\364%=\325\330\240\324u\225\304h\277\272\361f\024\324\352\336\353N\002/]C\370!\003)\212oa\225\207\333\340\245\207\024\351\037\327[\212\001{\216\f\315\345\372\v\226\r\233?\002\vJK", e
|
192
189
|
assert_equal data, d
|
193
190
|
end
|
194
191
|
end
|
@@ -0,0 +1,113 @@
|
|
1
|
+
begin
|
2
|
+
require "openssl"
|
3
|
+
require File.join(File.dirname(__FILE__), "utils.rb")
|
4
|
+
rescue LoadError
|
5
|
+
end
|
6
|
+
require "test/unit"
|
7
|
+
|
8
|
+
if defined?(OpenSSL::PKey::EC)
|
9
|
+
|
10
|
+
class OpenSSL::TestEC < Test::Unit::TestCase
|
11
|
+
def setup
|
12
|
+
@data1 = 'foo'
|
13
|
+
@data2 = 'bar' * 1000 # data too long for DSA sig
|
14
|
+
|
15
|
+
@group1 = OpenSSL::PKey::EC::Group.new('secp112r1')
|
16
|
+
@group2 = OpenSSL::PKey::EC::Group.new('sect163k1')
|
17
|
+
|
18
|
+
@key1 = OpenSSL::PKey::EC.new
|
19
|
+
@key1.group = @group1
|
20
|
+
@key1.generate_key
|
21
|
+
|
22
|
+
@key2 = OpenSSL::PKey::EC.new(@group2.curve_name)
|
23
|
+
@key2.generate_key
|
24
|
+
|
25
|
+
@groups = [@group1, @group2]
|
26
|
+
@keys = [@key1, @key2]
|
27
|
+
end
|
28
|
+
|
29
|
+
def compare_keys(k1, k2)
|
30
|
+
assert_equal(k1.to_pem, k2.to_pem)
|
31
|
+
end
|
32
|
+
|
33
|
+
def test_curve_names
|
34
|
+
@groups.each_with_index do |group, idx|
|
35
|
+
key = @keys[idx]
|
36
|
+
assert_equal(group.curve_name, key.group.curve_name)
|
37
|
+
end
|
38
|
+
end
|
39
|
+
|
40
|
+
def test_check_key
|
41
|
+
for key in @keys
|
42
|
+
assert_equal(key.check_key, true)
|
43
|
+
assert_equal(key.private_key?, true)
|
44
|
+
assert_equal(key.public_key?, true)
|
45
|
+
end
|
46
|
+
end
|
47
|
+
|
48
|
+
def test_encoding
|
49
|
+
for group in @groups
|
50
|
+
for meth in [:to_der, :to_pem]
|
51
|
+
txt = group.send(meth)
|
52
|
+
gr = OpenSSL::PKey::EC::Group.new(txt)
|
53
|
+
assert_equal(txt, gr.send(meth))
|
54
|
+
|
55
|
+
assert_equal(group.generator.to_bn, gr.generator.to_bn)
|
56
|
+
assert_equal(group.cofactor, gr.cofactor)
|
57
|
+
assert_equal(group.order, gr.order)
|
58
|
+
assert_equal(group.seed, gr.seed)
|
59
|
+
assert_equal(group.degree, gr.degree)
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
for key in @keys
|
64
|
+
group = key.group
|
65
|
+
|
66
|
+
for meth in [:to_der, :to_pem]
|
67
|
+
txt = key.send(meth)
|
68
|
+
assert_equal(txt, OpenSSL::PKey::EC.new(txt).send(meth))
|
69
|
+
end
|
70
|
+
|
71
|
+
bn = key.public_key.to_bn
|
72
|
+
assert_equal(bn, OpenSSL::PKey::EC::Point.new(group, bn).to_bn)
|
73
|
+
end
|
74
|
+
end
|
75
|
+
|
76
|
+
def test_set_keys
|
77
|
+
for key in @keys
|
78
|
+
k = OpenSSL::PKey::EC.new
|
79
|
+
k.group = key.group
|
80
|
+
k.private_key = key.private_key
|
81
|
+
k.public_key = key.public_key
|
82
|
+
|
83
|
+
compare_keys(key, k)
|
84
|
+
end
|
85
|
+
end
|
86
|
+
|
87
|
+
def test_dsa_sign_verify
|
88
|
+
for key in @keys
|
89
|
+
sig = key.dsa_sign_asn1(@data1)
|
90
|
+
assert_equal(key.dsa_verify_asn1(@data1, sig), true)
|
91
|
+
|
92
|
+
assert_raise(OpenSSL::PKey::ECError) { key.dsa_sign_asn1(@data2) }
|
93
|
+
end
|
94
|
+
end
|
95
|
+
|
96
|
+
def test_dh_compute_key
|
97
|
+
for key in @keys
|
98
|
+
k = OpenSSL::PKey::EC.new(key.group)
|
99
|
+
k.generate_key
|
100
|
+
|
101
|
+
puba = key.public_key
|
102
|
+
pubb = k.public_key
|
103
|
+
a = key.dh_compute_key(pubb)
|
104
|
+
b = k.dh_compute_key(puba)
|
105
|
+
assert_equal(a, b)
|
106
|
+
end
|
107
|
+
end
|
108
|
+
|
109
|
+
# test Group: asn1_flag, point_conversion
|
110
|
+
|
111
|
+
end
|
112
|
+
|
113
|
+
end
|
data/test/openssl/test_pair.rb
CHANGED
@@ -36,16 +36,14 @@ module SSLPair
|
|
36
36
|
|
37
37
|
def ssl_pair
|
38
38
|
ssls = server
|
39
|
-
tv = nil
|
40
39
|
th = Thread.new {
|
41
40
|
ns = ssls.accept
|
42
41
|
ssls.close
|
43
|
-
|
42
|
+
ns
|
44
43
|
}
|
45
44
|
port = ssls.to_io.addr[1]
|
46
45
|
c = client(port)
|
47
|
-
th.
|
48
|
-
s = tv
|
46
|
+
s = th.value
|
49
47
|
if block_given?
|
50
48
|
begin
|
51
49
|
yield c, s
|
@@ -65,10 +63,7 @@ class OpenSSL::TestEOF1 < Test::Unit::TestCase
|
|
65
63
|
|
66
64
|
def open_file(content)
|
67
65
|
s1, s2 = ssl_pair
|
68
|
-
Thread.new {
|
69
|
-
s2 << content;
|
70
|
-
s2.close
|
71
|
-
}
|
66
|
+
Thread.new { s2 << content; s2.close }
|
72
67
|
yield s1
|
73
68
|
end
|
74
69
|
end
|