jruby-openssl 0.6 → 0.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- data/History.txt +45 -0
- data/Manifest.txt +19 -11
- data/README.txt +1 -12
- data/Rakefile +12 -5
- data/lib/bcmail-jdk15-144.jar +0 -0
- data/lib/bcprov-jdk15-144.jar +0 -0
- data/lib/jopenssl/version.rb +1 -1
- data/lib/jopenssl.jar +0 -0
- data/lib/openssl/bn.rb +5 -3
- data/lib/openssl/buffering.rb +2 -2
- data/lib/openssl/cipher.rb +27 -18
- data/lib/openssl/digest.rb +19 -4
- data/lib/openssl/dummy.rb +11 -11
- data/lib/openssl/dummyssl.rb +2 -1
- data/lib/openssl/pkcs7.rb +25 -0
- data/lib/openssl/ssl.rb +70 -26
- data/lib/openssl/x509.rb +2 -2
- data/lib/openssl.rb +47 -2
- data/test/fixture/ca-bundle.crt +2794 -0
- data/test/fixture/keypair.pem +27 -0
- data/test/fixture/selfcert.pem +23 -0
- data/test/{pkcs7_mime_enveloped.message → java/pkcs7_mime_enveloped.message} +0 -0
- data/test/{pkcs7_mime_signed.message → java/pkcs7_mime_signed.message} +0 -0
- data/test/{pkcs7_multipart_signed.message → java/pkcs7_multipart_signed.message} +0 -0
- data/test/{test_java_attribute.rb → java/test_java_attribute.rb} +2 -2
- data/test/{test_java_bio.rb → java/test_java_bio.rb} +0 -0
- data/test/{test_java_mime.rb → java/test_java_mime.rb} +0 -0
- data/test/{test_java_pkcs7.rb → java/test_java_pkcs7.rb} +35 -32
- data/test/{test_java_smime.rb → java/test_java_smime.rb} +0 -0
- data/test/openssl/test_asn1.rb +1 -3
- data/test/openssl/test_cipher.rb +7 -10
- data/test/openssl/test_ec.rb +113 -0
- data/test/openssl/test_pair.rb +3 -8
- data/test/openssl/test_pkcs7.rb +339 -11
- data/test/openssl/test_ssl.rb +728 -100
- data/test/openssl/test_x509cert.rb +5 -5
- data/test/openssl/test_x509crl.rb +1 -2
- data/test/openssl/test_x509ext.rb +3 -3
- data/test/openssl/test_x509name.rb +1 -0
- data/test/openssl/test_x509req.rb +5 -7
- data/test/openssl/test_x509store.rb +3 -2
- data/test/test_all.rb +1 -0
- data/test/{test_openssl_x509.rb → test_certificate.rb} +33 -3
- data/test/test_cipher.rb +85 -7
- data/test/test_integration.rb +7 -8
- data/test/test_java.rb +9 -9
- data/test/test_openssl.rb +3 -33
- data/test/test_parse_certificate.rb +8 -1
- data/test/test_pkcs7.rb +40 -0
- data/test/test_pkey.rb +165 -7
- data/test/test_x509store.rb +8 -7
- metadata +31 -30
- data/lib/bcmail-jdk14-139.jar +0 -0
- data/lib/bcprov-jdk14-139.jar +0 -0
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
-----BEGIN RSA PRIVATE KEY-----
|
|
2
|
+
MIIEpAIBAAKCAQEAoMKQs2G2GLpdHCp07ZR7fYAim3BcHhx1PM3cscrYLXaVCGqH
|
|
3
|
+
PtZLJQDDseuvQur1VMGjHOneUJzsfdXJcRN8WfH9AD5KXJbTpzt134BpqrMhJcov
|
|
4
|
+
G4e54oVNzvlQ1P2xwZt7QXYg2hyCIqH6r7wBtaW8g8e5dUGb3vuZW4OC2s/KSKue
|
|
5
|
+
71LnqsolKuINt9OTs0R6+4oxyLRIBU/8gG/PD+bnjXB3JUm9/JYOxh4mN3goRhbZ
|
|
6
|
+
61kTu6vHI9DcWI3I81rS4hzbvArnBsbmKkQOZRc8YkNqAQtyC+V/0xyv/w5jJXpT
|
|
7
|
+
xlT4ZJaUfcO3KtGHvP9JkxT3F4whN5whwdcRxwIDAQABAoIBAQCR7o00iWqoH+UO
|
|
8
|
+
AGyMjtFbJ8pCmEjG/MZgH/BLZPvAqXi4XxvOqvEj8gGzrWM3t9pkyjKruJEbVJhJ
|
|
9
|
+
0pw+jZXAgK9OXT1bt38CvDNQZF2Hm3xntZX1w8u2GZR8Yk5CStnmCqJk1jsUQ/TO
|
|
10
|
+
Q4QxqtVSc9UhO1jbXGeGj5azQDq1LaLDOePfH4XtM/GcoPKtu+Lghx+5JfOVMI+/
|
|
11
|
+
cOcm65cK+APPObySe0x7r6Q45UhFW5q0UMFGaMFfkMauYyzhuliD8BS5XV9gDSGH
|
|
12
|
+
Ozr8GDEroGuJr3oTKSMKZg+S8N/8SQ1g4RL9IEZZ6MIIJZrWkqhY7jwY5v1ywrSY
|
|
13
|
+
OBE4pNxBAoGBANI30R3WthH/iWq1xyQVQCD1XwxYO66iWk2U0fxhhn/3lSkNTq/a
|
|
14
|
+
cIs+2IY9vnXT7yJSY4xHejbmgJmdfNXnjwaKwDvyh/M8fesFNQLPWKufl0l4LPwH
|
|
15
|
+
qWlxgcmff1VxtP4xrGSEBG51oo60heqWgRACL+xan98PNUiB113UE9M5AoGBAMPF
|
|
16
|
+
VwXMo8RIA+wLPOSUjdWXPusZfzzKCm+NdTYDdoc7F6hVjxzNeU/44bJs5XVxM9JV
|
|
17
|
+
EsGjWG9KprgAhzw1gy6UJg8OErF2zf0j/czg8FIB5Cm+ecNsH8pzfBfcRursvGAt
|
|
18
|
+
HHVIUyyvODN/kus3dta6CqOj4kd6yKhdcu5wuQz/AoGAaRnbBW4Z7XmzPJTRkarG
|
|
19
|
+
OzQyZzud6zvkpjEno2UnF8ey3al3k9hEuHmdS9CG7uYdAy3p83KxGc24shTZGyEA
|
|
20
|
+
kya/4bjqW6P82Inr7RG5pWTPAL6CzycNflhvqVyDDzcgZI51QHP4uzk5ItwCsDy7
|
|
21
|
+
HkPZrfPJRn6WB0BTaufjWZECgYEAvIxATu6Tv4QYeusr336Px+neCDHLULHKMTwN
|
|
22
|
+
alMVghLQqyiUKAphTzuFrAGjUWQQo/+Zi/OVRcKhJVAk70EeseqvaQqFyHOC2s4i
|
|
23
|
+
L4NpEaKOrAGuZh+p0qM9HgHiL3qHxx1Lbk2VBdFQEJFK383QX+hYPNinI27G+Rjf
|
|
24
|
+
i3P3VeMCgYBhXO1Tgge4J7UPYRCT7WOsvpXdcZdwOx75fBAR9g7FrPSjiXgYPZlK
|
|
25
|
+
TZ1/Gv0c1WGeW4sJ+XdnFexWENh+mdJGmWsMkyPnkRNaAbRqz5Isq+eZcVNSXNEz
|
|
26
|
+
QBCT+THNIIPCjkZCdjwXNClVkGfePJ3i3ON43ioyrouex9D5kvU7uA==
|
|
27
|
+
-----END RSA PRIVATE KEY-----
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
-----BEGIN CERTIFICATE-----
|
|
2
|
+
MIID0DCCArigAwIBAgIJAKKAqEyofo5/MA0GCSqGSIb3DQEBBQUAME4xCzAJBgNV
|
|
3
|
+
BAYTAkpQMRowGAYDVQQKExF3d3cucnVieS1sYW5nLm9yZzEUMBIGA1UECxMLZGV2
|
|
4
|
+
ZWxvcG1lbnQxDTALBgNVBAMTBHNlbGYwHhcNMTAwMTEyMDkyNDU4WhcNMzAwMTA3
|
|
5
|
+
MDkyNDU4WjBOMQswCQYDVQQGEwJKUDEaMBgGA1UEChMRd3d3LnJ1YnktbGFuZy5v
|
|
6
|
+
cmcxFDASBgNVBAsTC2RldmVsb3BtZW50MQ0wCwYDVQQDEwRzZWxmMIIBIjANBgkq
|
|
7
|
+
hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMKQs2G2GLpdHCp07ZR7fYAim3BcHhx1
|
|
8
|
+
PM3cscrYLXaVCGqHPtZLJQDDseuvQur1VMGjHOneUJzsfdXJcRN8WfH9AD5KXJbT
|
|
9
|
+
pzt134BpqrMhJcovG4e54oVNzvlQ1P2xwZt7QXYg2hyCIqH6r7wBtaW8g8e5dUGb
|
|
10
|
+
3vuZW4OC2s/KSKue71LnqsolKuINt9OTs0R6+4oxyLRIBU/8gG/PD+bnjXB3JUm9
|
|
11
|
+
/JYOxh4mN3goRhbZ61kTu6vHI9DcWI3I81rS4hzbvArnBsbmKkQOZRc8YkNqAQty
|
|
12
|
+
C+V/0xyv/w5jJXpTxlT4ZJaUfcO3KtGHvP9JkxT3F4whN5whwdcRxwIDAQABo4Gw
|
|
13
|
+
MIGtMB0GA1UdDgQWBBQT5CcsdalzWhSsCgkMqtDVRUHVGjB+BgNVHSMEdzB1gBQT
|
|
14
|
+
5CcsdalzWhSsCgkMqtDVRUHVGqFSpFAwTjELMAkGA1UEBhMCSlAxGjAYBgNVBAoT
|
|
15
|
+
EXd3dy5ydWJ5LWxhbmcub3JnMRQwEgYDVQQLEwtkZXZlbG9wbWVudDENMAsGA1UE
|
|
16
|
+
AxMEc2VsZoIJAKKAqEyofo5/MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQAD
|
|
17
|
+
ggEBACSpZcF7xYei4cGVQM4As6tOneR2F5Yk4OVljsH1+5Zm4UO60l/Q8o9t0KPg
|
|
18
|
+
xjv3H0Y3lqe9VJOmGqyl66JllTNCaIuBnIrmbDsj++NQ+1ietkq8vDu5SKKy7/OY
|
|
19
|
+
MMyko6iKRbs/GmigRA4XZsqFXGsNlwyO0Oq1Cr83JYb5PGRB5k9/ThGWUi8wd6lk
|
|
20
|
+
ODN34nC+mVT65AQM4t5HfZhYnXdrBcOje0If+HuKPPbwr+55xUEtkBmShbfXow4m
|
|
21
|
+
6OE+5iZXUzdGo/+G/fLx4JNMPufSD7GmeDIazm9crhZojElxa5ylpMNqGN22UEyZ
|
|
22
|
+
wYN6dtBOG81wMKfuRfKI6DW/lU0=
|
|
23
|
+
-----END CERTIFICATE-----
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
@@ -4,10 +4,10 @@ module PKCS7Test
|
|
|
4
4
|
val = ASN1::OctetString.new("foo".to_java_bytes)
|
|
5
5
|
val2 = ASN1::OctetString.new("bar".to_java_bytes)
|
|
6
6
|
attr = Attribute.create(123, 444, val)
|
|
7
|
-
|
|
7
|
+
assert_raise NoMethodError do
|
|
8
8
|
attr.type = 12
|
|
9
9
|
end
|
|
10
|
-
|
|
10
|
+
assert_raise NoMethodError do
|
|
11
11
|
attr.value = val2
|
|
12
12
|
end
|
|
13
13
|
|
|
File without changes
|
|
File without changes
|
|
@@ -136,7 +136,7 @@ module PKCS7Test
|
|
|
136
136
|
end
|
|
137
137
|
|
|
138
138
|
def test_set_type_throws_exception_on_wrong_argument
|
|
139
|
-
|
|
139
|
+
assert_raise NativeException do
|
|
140
140
|
# 42 is a value that is not one of the valid NID's for type
|
|
141
141
|
PKCS7.new.type = 42
|
|
142
142
|
end
|
|
@@ -239,25 +239,25 @@ module PKCS7Test
|
|
|
239
239
|
p7 = PKCS7.new
|
|
240
240
|
p7.type = ASN1Registry::NID_pkcs7_digest
|
|
241
241
|
|
|
242
|
-
|
|
242
|
+
assert_raise NativeException do
|
|
243
243
|
p7.cipher = nil
|
|
244
244
|
end
|
|
245
245
|
|
|
246
246
|
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
|
247
247
|
|
|
248
|
-
|
|
248
|
+
assert_raise NativeException do
|
|
249
249
|
p7.cipher = nil
|
|
250
250
|
end
|
|
251
251
|
|
|
252
252
|
p7.type = ASN1Registry::NID_pkcs7_data
|
|
253
253
|
|
|
254
|
-
|
|
254
|
+
assert_raise NativeException do
|
|
255
255
|
p7.cipher = nil
|
|
256
256
|
end
|
|
257
257
|
|
|
258
258
|
p7.type = ASN1Registry::NID_pkcs7_signed
|
|
259
259
|
|
|
260
|
-
|
|
260
|
+
assert_raise NativeException do
|
|
261
261
|
p7.cipher = nil
|
|
262
262
|
end
|
|
263
263
|
end
|
|
@@ -266,7 +266,8 @@ module PKCS7Test
|
|
|
266
266
|
p7 = PKCS7.new
|
|
267
267
|
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
|
268
268
|
|
|
269
|
-
|
|
269
|
+
c = javax.crypto.Cipher.getInstance("RSA")
|
|
270
|
+
cipher = CipherSpec.new(c, "RSA", 128)
|
|
270
271
|
|
|
271
272
|
p7.cipher = cipher
|
|
272
273
|
|
|
@@ -278,7 +279,8 @@ module PKCS7Test
|
|
|
278
279
|
p7 = PKCS7.new
|
|
279
280
|
p7.type = ASN1Registry::NID_pkcs7_signedAndEnveloped
|
|
280
281
|
|
|
281
|
-
|
|
282
|
+
c = javax.crypto.Cipher.getInstance("RSA")
|
|
283
|
+
cipher = CipherSpec.new(c, "RSA", 128)
|
|
282
284
|
|
|
283
285
|
p7.cipher = cipher
|
|
284
286
|
|
|
@@ -288,25 +290,25 @@ module PKCS7Test
|
|
|
288
290
|
def test_add_recipient_info_to_something_that_cant_have_recipients
|
|
289
291
|
p7 = PKCS7.new
|
|
290
292
|
p7.type = ASN1Registry::NID_pkcs7_signed
|
|
291
|
-
|
|
293
|
+
assert_raise NativeException do
|
|
292
294
|
p7.add_recipient(X509Cert)
|
|
293
295
|
end
|
|
294
296
|
|
|
295
297
|
p7 = PKCS7.new
|
|
296
298
|
p7.type = ASN1Registry::NID_pkcs7_data
|
|
297
|
-
|
|
299
|
+
assert_raise NativeException do
|
|
298
300
|
p7.add_recipient(X509Cert)
|
|
299
301
|
end
|
|
300
302
|
|
|
301
303
|
p7 = PKCS7.new
|
|
302
304
|
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
|
303
|
-
|
|
305
|
+
assert_raise NativeException do
|
|
304
306
|
p7.add_recipient(X509Cert)
|
|
305
307
|
end
|
|
306
308
|
|
|
307
309
|
p7 = PKCS7.new
|
|
308
310
|
p7.type = ASN1Registry::NID_pkcs7_digest
|
|
309
|
-
|
|
311
|
+
assert_raise NativeException do
|
|
310
312
|
p7.add_recipient(X509Cert)
|
|
311
313
|
end
|
|
312
314
|
end
|
|
@@ -335,25 +337,25 @@ module PKCS7Test
|
|
|
335
337
|
def test_add_signer_to_something_that_cant_have_signers
|
|
336
338
|
p7 = PKCS7.new
|
|
337
339
|
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
|
338
|
-
|
|
340
|
+
assert_raise NativeException do
|
|
339
341
|
p7.add_signer(SignerInfoWithPkey.new(nil, nil, nil, nil, nil, nil, nil))
|
|
340
342
|
end
|
|
341
343
|
|
|
342
344
|
p7 = PKCS7.new
|
|
343
345
|
p7.type = ASN1Registry::NID_pkcs7_data
|
|
344
|
-
|
|
346
|
+
assert_raise NativeException do
|
|
345
347
|
p7.add_signer(SignerInfoWithPkey.new(nil, nil, nil, nil, nil, nil, nil))
|
|
346
348
|
end
|
|
347
349
|
|
|
348
350
|
p7 = PKCS7.new
|
|
349
351
|
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
|
350
|
-
|
|
352
|
+
assert_raise NativeException do
|
|
351
353
|
p7.add_signer(SignerInfoWithPkey.new(nil, nil, nil, nil, nil, nil, nil))
|
|
352
354
|
end
|
|
353
355
|
|
|
354
356
|
p7 = PKCS7.new
|
|
355
357
|
p7.type = ASN1Registry::NID_pkcs7_digest
|
|
356
|
-
|
|
358
|
+
assert_raise NativeException do
|
|
357
359
|
p7.add_signer(SignerInfoWithPkey.new(nil, nil, nil, nil, nil, nil, nil))
|
|
358
360
|
end
|
|
359
361
|
end
|
|
@@ -452,7 +454,7 @@ module PKCS7Test
|
|
|
452
454
|
def test_set_content_on_data_throws_exception
|
|
453
455
|
p7 = PKCS7.new
|
|
454
456
|
p7.type = ASN1Registry::NID_pkcs7_data
|
|
455
|
-
|
|
457
|
+
assert_raise NativeException do
|
|
456
458
|
p7.setContent(PKCS7.new)
|
|
457
459
|
end
|
|
458
460
|
end
|
|
@@ -460,7 +462,7 @@ module PKCS7Test
|
|
|
460
462
|
def test_set_content_on_enveloped_throws_exception
|
|
461
463
|
p7 = PKCS7.new
|
|
462
464
|
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
|
463
|
-
|
|
465
|
+
assert_raise NativeException do
|
|
464
466
|
p7.setContent(PKCS7.new)
|
|
465
467
|
end
|
|
466
468
|
end
|
|
@@ -468,7 +470,7 @@ module PKCS7Test
|
|
|
468
470
|
def test_set_content_on_signedAndEnveloped_throws_exception
|
|
469
471
|
p7 = PKCS7.new
|
|
470
472
|
p7.type = ASN1Registry::NID_pkcs7_signedAndEnveloped
|
|
471
|
-
|
|
473
|
+
assert_raise NativeException do
|
|
472
474
|
p7.setContent(PKCS7.new)
|
|
473
475
|
end
|
|
474
476
|
end
|
|
@@ -476,7 +478,7 @@ module PKCS7Test
|
|
|
476
478
|
def test_set_content_on_encrypted_throws_exception
|
|
477
479
|
p7 = PKCS7.new
|
|
478
480
|
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
|
479
|
-
|
|
481
|
+
assert_raise NativeException do
|
|
480
482
|
p7.setContent(PKCS7.new)
|
|
481
483
|
end
|
|
482
484
|
end
|
|
@@ -538,7 +540,7 @@ module PKCS7Test
|
|
|
538
540
|
def test_content_new_on_data_raises_exception
|
|
539
541
|
p7 = PKCS7.new
|
|
540
542
|
p7.type = ASN1Registry::NID_pkcs7_data
|
|
541
|
-
|
|
543
|
+
assert_raise NativeException do
|
|
542
544
|
p7.content_new(ASN1Registry::NID_pkcs7_data)
|
|
543
545
|
end
|
|
544
546
|
end
|
|
@@ -546,7 +548,7 @@ module PKCS7Test
|
|
|
546
548
|
def test_content_new_on_encrypted_raises_exception
|
|
547
549
|
p7 = PKCS7.new
|
|
548
550
|
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
|
549
|
-
|
|
551
|
+
assert_raise NativeException do
|
|
550
552
|
p7.content_new(ASN1Registry::NID_pkcs7_data)
|
|
551
553
|
end
|
|
552
554
|
end
|
|
@@ -554,7 +556,7 @@ module PKCS7Test
|
|
|
554
556
|
def test_content_new_on_enveloped_raises_exception
|
|
555
557
|
p7 = PKCS7.new
|
|
556
558
|
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
|
557
|
-
|
|
559
|
+
assert_raise NativeException do
|
|
558
560
|
p7.content_new(ASN1Registry::NID_pkcs7_data)
|
|
559
561
|
end
|
|
560
562
|
end
|
|
@@ -562,7 +564,7 @@ module PKCS7Test
|
|
|
562
564
|
def test_content_new_on_signedAndEnveloped_raises_exception
|
|
563
565
|
p7 = PKCS7.new
|
|
564
566
|
p7.type = ASN1Registry::NID_pkcs7_signedAndEnveloped
|
|
565
|
-
|
|
567
|
+
assert_raise NativeException do
|
|
566
568
|
p7.content_new(ASN1Registry::NID_pkcs7_data)
|
|
567
569
|
end
|
|
568
570
|
end
|
|
@@ -591,7 +593,7 @@ module PKCS7Test
|
|
|
591
593
|
def test_add_certificate_on_data_throws_exception
|
|
592
594
|
p7 = PKCS7.new
|
|
593
595
|
p7.type = ASN1Registry::NID_pkcs7_data
|
|
594
|
-
|
|
596
|
+
assert_raise NativeException do
|
|
595
597
|
p7.add_certificate(X509Cert)
|
|
596
598
|
end
|
|
597
599
|
end
|
|
@@ -599,7 +601,7 @@ module PKCS7Test
|
|
|
599
601
|
def test_add_certificate_on_enveloped_throws_exception
|
|
600
602
|
p7 = PKCS7.new
|
|
601
603
|
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
|
602
|
-
|
|
604
|
+
assert_raise NativeException do
|
|
603
605
|
p7.add_certificate(X509Cert)
|
|
604
606
|
end
|
|
605
607
|
end
|
|
@@ -607,7 +609,7 @@ module PKCS7Test
|
|
|
607
609
|
def test_add_certificate_on_encrypted_throws_exception
|
|
608
610
|
p7 = PKCS7.new
|
|
609
611
|
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
|
610
|
-
|
|
612
|
+
assert_raise NativeException do
|
|
611
613
|
p7.add_certificate(X509Cert)
|
|
612
614
|
end
|
|
613
615
|
end
|
|
@@ -615,7 +617,7 @@ module PKCS7Test
|
|
|
615
617
|
def test_add_certificate_on_digest_throws_exception
|
|
616
618
|
p7 = PKCS7.new
|
|
617
619
|
p7.type = ASN1Registry::NID_pkcs7_digest
|
|
618
|
-
|
|
620
|
+
assert_raise NativeException do
|
|
619
621
|
p7.add_certificate(X509Cert)
|
|
620
622
|
end
|
|
621
623
|
end
|
|
@@ -639,7 +641,7 @@ module PKCS7Test
|
|
|
639
641
|
def test_add_crl_on_data_throws_exception
|
|
640
642
|
p7 = PKCS7.new
|
|
641
643
|
p7.type = ASN1Registry::NID_pkcs7_data
|
|
642
|
-
|
|
644
|
+
assert_raise NativeException do
|
|
643
645
|
p7.add_crl(X509CRL)
|
|
644
646
|
end
|
|
645
647
|
end
|
|
@@ -647,7 +649,7 @@ module PKCS7Test
|
|
|
647
649
|
def test_add_crl_on_enveloped_throws_exception
|
|
648
650
|
p7 = PKCS7.new
|
|
649
651
|
p7.type = ASN1Registry::NID_pkcs7_enveloped
|
|
650
|
-
|
|
652
|
+
assert_raise NativeException do
|
|
651
653
|
p7.add_crl(X509CRL)
|
|
652
654
|
end
|
|
653
655
|
end
|
|
@@ -655,7 +657,7 @@ module PKCS7Test
|
|
|
655
657
|
def test_add_crl_on_encrypted_throws_exception
|
|
656
658
|
p7 = PKCS7.new
|
|
657
659
|
p7.type = ASN1Registry::NID_pkcs7_encrypted
|
|
658
|
-
|
|
660
|
+
assert_raise NativeException do
|
|
659
661
|
p7.add_crl(X509CRL)
|
|
660
662
|
end
|
|
661
663
|
end
|
|
@@ -663,7 +665,7 @@ module PKCS7Test
|
|
|
663
665
|
def test_add_crl_on_digest_throws_exception
|
|
664
666
|
p7 = PKCS7.new
|
|
665
667
|
p7.type = ASN1Registry::NID_pkcs7_digest
|
|
666
|
-
|
|
668
|
+
assert_raise NativeException do
|
|
667
669
|
p7.add_crl(X509CRL)
|
|
668
670
|
end
|
|
669
671
|
end
|
|
@@ -690,7 +692,8 @@ module PKCS7Test
|
|
|
690
692
|
|
|
691
693
|
def test_encrypt_integration_test
|
|
692
694
|
certs = [X509Cert]
|
|
693
|
-
|
|
695
|
+
c = Cipher.get_instance("AES", BCP.new)
|
|
696
|
+
cipher = CipherSpec.new(c, "AES-128-CBC", 128)
|
|
694
697
|
data = "aaaaa\nbbbbb\nccccc\n".to_java_bytes
|
|
695
698
|
PKCS7::encrypt(certs, data, cipher, PKCS7::BINARY)
|
|
696
699
|
# puts
|
|
File without changes
|
data/test/openssl/test_asn1.rb
CHANGED
|
@@ -10,7 +10,6 @@ class OpenSSL::TestASN1 < Test::Unit::TestCase
|
|
|
10
10
|
subj = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=TestCA")
|
|
11
11
|
key = OpenSSL::TestUtils::TEST_KEY_RSA1024
|
|
12
12
|
now = Time.at(Time.now.to_i) # suppress usec
|
|
13
|
-
# now = Time.utc(2006,04,03,22,15,13)
|
|
14
13
|
s = 0xdeadbeafdeadbeafdeadbeafdeadbeaf
|
|
15
14
|
exts = [
|
|
16
15
|
["basicConstraints","CA:TRUE,pathlen:1",true],
|
|
@@ -21,6 +20,7 @@ class OpenSSL::TestASN1 < Test::Unit::TestCase
|
|
|
21
20
|
cert = OpenSSL::TestUtils.issue_cert(
|
|
22
21
|
subj, key, s, now, now+3600, exts, nil, nil, dgst)
|
|
23
22
|
|
|
23
|
+
|
|
24
24
|
asn1 = OpenSSL::ASN1.decode(cert)
|
|
25
25
|
assert_equal(OpenSSL::ASN1::Sequence, asn1.class)
|
|
26
26
|
assert_equal(3, asn1.value.size)
|
|
@@ -32,7 +32,6 @@ class OpenSSL::TestASN1 < Test::Unit::TestCase
|
|
|
32
32
|
version = tbs_cert.value[0]
|
|
33
33
|
assert_equal(:CONTEXT_SPECIFIC, version.tag_class)
|
|
34
34
|
assert_equal(0, version.tag)
|
|
35
|
-
|
|
36
35
|
assert_equal(1, version.value.size)
|
|
37
36
|
assert_equal(OpenSSL::ASN1::Integer, version.value[0].class)
|
|
38
37
|
assert_equal(2, version.value[0].value)
|
|
@@ -192,7 +191,6 @@ class OpenSSL::TestASN1 < Test::Unit::TestCase
|
|
|
192
191
|
assert_equal(OpenSSL::ASN1::Null, pkey.value[0].value[1].class)
|
|
193
192
|
|
|
194
193
|
assert_equal(OpenSSL::ASN1::BitString, sig_val.class)
|
|
195
|
-
|
|
196
194
|
cululated_sig = key.sign(OpenSSL::Digest::SHA1.new, tbs_cert.to_der)
|
|
197
195
|
assert_equal(cululated_sig, sig_val.value)
|
|
198
196
|
end
|
data/test/openssl/test_cipher.rb
CHANGED
|
@@ -1,10 +1,3 @@
|
|
|
1
|
-
if defined?(JRUBY_VERSION)
|
|
2
|
-
require "java"
|
|
3
|
-
base = File.join(File.dirname(__FILE__), '..', '..')
|
|
4
|
-
$CLASSPATH << File.join(base, 'pkg', 'classes')
|
|
5
|
-
$CLASSPATH << File.join(base, 'lib', 'bcprov-jdk14-139.jar')
|
|
6
|
-
end
|
|
7
|
-
|
|
8
1
|
begin
|
|
9
2
|
require "openssl"
|
|
10
3
|
rescue LoadError
|
|
@@ -88,7 +81,7 @@ class OpenSSL::TestCipher < Test::Unit::TestCase
|
|
|
88
81
|
|
|
89
82
|
def test_empty_data
|
|
90
83
|
@c1.encrypt
|
|
91
|
-
|
|
84
|
+
assert_raise(ArgumentError){ @c1.update("") }
|
|
92
85
|
end
|
|
93
86
|
|
|
94
87
|
def test_disable_padding(padding=0)
|
|
@@ -159,7 +152,9 @@ class OpenSSL::TestCipher < Test::Unit::TestCase
|
|
|
159
152
|
%w(ECB CBC CFB OFB).each{|mode|
|
|
160
153
|
c1 = OpenSSL::Cipher::AES256.new(mode)
|
|
161
154
|
c1.encrypt
|
|
162
|
-
|
|
155
|
+
assert_nothing_raised('This test fails w/o Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files') do
|
|
156
|
+
c1.pkcs5_keyivgen("passwd")
|
|
157
|
+
end
|
|
163
158
|
ct = c1.update(pt) + c1.final
|
|
164
159
|
|
|
165
160
|
c2 = OpenSSL::Cipher::AES256.new(mode)
|
|
@@ -176,6 +171,7 @@ class OpenSSL::TestCipher < Test::Unit::TestCase
|
|
|
176
171
|
data = "1234567890~5J96LC303C1D22DD~20090930005944~http%3A%2F%2Flocalhost%3A8080%2Flogin%3B0%3B1~http%3A%2F%2Fmix-stage.oracle.com%2F~00"
|
|
177
172
|
c1 = OpenSSL::Cipher::Cipher.new("DES-CBC")
|
|
178
173
|
c1.padding = 0
|
|
174
|
+
c1.iv = "0" * 8
|
|
179
175
|
c1.encrypt
|
|
180
176
|
c1.key = key
|
|
181
177
|
e = c1.update data
|
|
@@ -183,12 +179,13 @@ class OpenSSL::TestCipher < Test::Unit::TestCase
|
|
|
183
179
|
|
|
184
180
|
c2 = OpenSSL::Cipher::Cipher.new("DES-CBC")
|
|
185
181
|
c2.padding = 0
|
|
182
|
+
c2.iv = "0" * 8
|
|
186
183
|
c2.decrypt
|
|
187
184
|
c2.key = key
|
|
188
185
|
d = c2.update e
|
|
189
186
|
d << c2.final
|
|
190
187
|
|
|
191
|
-
assert_equal "
|
|
188
|
+
assert_equal "\342\320B.\300&X\310\344\253\025\215\017*\22015\344\024D\342\213\361\336\311\271\326\016\243\214\026\2545\002\237,\017s\202\316&Ew\323\221H\376\200\304\201\365\332Im\240\361\037\246\3536\001A2\341\324o0\350\364%=\325\330\240\324u\225\304h\277\272\361f\024\324\352\336\353N\002/]C\370!\003)\212oa\225\207\333\340\245\207\024\351\037\327[\212\001{\216\f\315\345\372\v\226\r\233?\002\vJK", e
|
|
192
189
|
assert_equal data, d
|
|
193
190
|
end
|
|
194
191
|
end
|
|
@@ -0,0 +1,113 @@
|
|
|
1
|
+
begin
|
|
2
|
+
require "openssl"
|
|
3
|
+
require File.join(File.dirname(__FILE__), "utils.rb")
|
|
4
|
+
rescue LoadError
|
|
5
|
+
end
|
|
6
|
+
require "test/unit"
|
|
7
|
+
|
|
8
|
+
if defined?(OpenSSL::PKey::EC)
|
|
9
|
+
|
|
10
|
+
class OpenSSL::TestEC < Test::Unit::TestCase
|
|
11
|
+
def setup
|
|
12
|
+
@data1 = 'foo'
|
|
13
|
+
@data2 = 'bar' * 1000 # data too long for DSA sig
|
|
14
|
+
|
|
15
|
+
@group1 = OpenSSL::PKey::EC::Group.new('secp112r1')
|
|
16
|
+
@group2 = OpenSSL::PKey::EC::Group.new('sect163k1')
|
|
17
|
+
|
|
18
|
+
@key1 = OpenSSL::PKey::EC.new
|
|
19
|
+
@key1.group = @group1
|
|
20
|
+
@key1.generate_key
|
|
21
|
+
|
|
22
|
+
@key2 = OpenSSL::PKey::EC.new(@group2.curve_name)
|
|
23
|
+
@key2.generate_key
|
|
24
|
+
|
|
25
|
+
@groups = [@group1, @group2]
|
|
26
|
+
@keys = [@key1, @key2]
|
|
27
|
+
end
|
|
28
|
+
|
|
29
|
+
def compare_keys(k1, k2)
|
|
30
|
+
assert_equal(k1.to_pem, k2.to_pem)
|
|
31
|
+
end
|
|
32
|
+
|
|
33
|
+
def test_curve_names
|
|
34
|
+
@groups.each_with_index do |group, idx|
|
|
35
|
+
key = @keys[idx]
|
|
36
|
+
assert_equal(group.curve_name, key.group.curve_name)
|
|
37
|
+
end
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
def test_check_key
|
|
41
|
+
for key in @keys
|
|
42
|
+
assert_equal(key.check_key, true)
|
|
43
|
+
assert_equal(key.private_key?, true)
|
|
44
|
+
assert_equal(key.public_key?, true)
|
|
45
|
+
end
|
|
46
|
+
end
|
|
47
|
+
|
|
48
|
+
def test_encoding
|
|
49
|
+
for group in @groups
|
|
50
|
+
for meth in [:to_der, :to_pem]
|
|
51
|
+
txt = group.send(meth)
|
|
52
|
+
gr = OpenSSL::PKey::EC::Group.new(txt)
|
|
53
|
+
assert_equal(txt, gr.send(meth))
|
|
54
|
+
|
|
55
|
+
assert_equal(group.generator.to_bn, gr.generator.to_bn)
|
|
56
|
+
assert_equal(group.cofactor, gr.cofactor)
|
|
57
|
+
assert_equal(group.order, gr.order)
|
|
58
|
+
assert_equal(group.seed, gr.seed)
|
|
59
|
+
assert_equal(group.degree, gr.degree)
|
|
60
|
+
end
|
|
61
|
+
end
|
|
62
|
+
|
|
63
|
+
for key in @keys
|
|
64
|
+
group = key.group
|
|
65
|
+
|
|
66
|
+
for meth in [:to_der, :to_pem]
|
|
67
|
+
txt = key.send(meth)
|
|
68
|
+
assert_equal(txt, OpenSSL::PKey::EC.new(txt).send(meth))
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
bn = key.public_key.to_bn
|
|
72
|
+
assert_equal(bn, OpenSSL::PKey::EC::Point.new(group, bn).to_bn)
|
|
73
|
+
end
|
|
74
|
+
end
|
|
75
|
+
|
|
76
|
+
def test_set_keys
|
|
77
|
+
for key in @keys
|
|
78
|
+
k = OpenSSL::PKey::EC.new
|
|
79
|
+
k.group = key.group
|
|
80
|
+
k.private_key = key.private_key
|
|
81
|
+
k.public_key = key.public_key
|
|
82
|
+
|
|
83
|
+
compare_keys(key, k)
|
|
84
|
+
end
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
def test_dsa_sign_verify
|
|
88
|
+
for key in @keys
|
|
89
|
+
sig = key.dsa_sign_asn1(@data1)
|
|
90
|
+
assert_equal(key.dsa_verify_asn1(@data1, sig), true)
|
|
91
|
+
|
|
92
|
+
assert_raise(OpenSSL::PKey::ECError) { key.dsa_sign_asn1(@data2) }
|
|
93
|
+
end
|
|
94
|
+
end
|
|
95
|
+
|
|
96
|
+
def test_dh_compute_key
|
|
97
|
+
for key in @keys
|
|
98
|
+
k = OpenSSL::PKey::EC.new(key.group)
|
|
99
|
+
k.generate_key
|
|
100
|
+
|
|
101
|
+
puba = key.public_key
|
|
102
|
+
pubb = k.public_key
|
|
103
|
+
a = key.dh_compute_key(pubb)
|
|
104
|
+
b = k.dh_compute_key(puba)
|
|
105
|
+
assert_equal(a, b)
|
|
106
|
+
end
|
|
107
|
+
end
|
|
108
|
+
|
|
109
|
+
# test Group: asn1_flag, point_conversion
|
|
110
|
+
|
|
111
|
+
end
|
|
112
|
+
|
|
113
|
+
end
|
data/test/openssl/test_pair.rb
CHANGED
|
@@ -36,16 +36,14 @@ module SSLPair
|
|
|
36
36
|
|
|
37
37
|
def ssl_pair
|
|
38
38
|
ssls = server
|
|
39
|
-
tv = nil
|
|
40
39
|
th = Thread.new {
|
|
41
40
|
ns = ssls.accept
|
|
42
41
|
ssls.close
|
|
43
|
-
|
|
42
|
+
ns
|
|
44
43
|
}
|
|
45
44
|
port = ssls.to_io.addr[1]
|
|
46
45
|
c = client(port)
|
|
47
|
-
th.
|
|
48
|
-
s = tv
|
|
46
|
+
s = th.value
|
|
49
47
|
if block_given?
|
|
50
48
|
begin
|
|
51
49
|
yield c, s
|
|
@@ -65,10 +63,7 @@ class OpenSSL::TestEOF1 < Test::Unit::TestCase
|
|
|
65
63
|
|
|
66
64
|
def open_file(content)
|
|
67
65
|
s1, s2 = ssl_pair
|
|
68
|
-
Thread.new {
|
|
69
|
-
s2 << content;
|
|
70
|
-
s2.close
|
|
71
|
-
}
|
|
66
|
+
Thread.new { s2 << content; s2.close }
|
|
72
67
|
yield s1
|
|
73
68
|
end
|
|
74
69
|
end
|