jruby-openssl 0.7.4 → 0.7.6.1
Sign up to get free protection for your applications and to get access to all the features.
- data/.gemtest +0 -0
- data/History.txt +51 -14
- data/Manifest.txt +136 -79
- data/README.txt +1 -1
- data/Rakefile +17 -8
- data/lib/{openssl → 1.8/openssl}/bn.rb +2 -2
- data/lib/{openssl → 1.8/openssl}/buffering.rb +3 -1
- data/lib/{openssl → 1.8/openssl}/cipher.rb +0 -0
- data/lib/{openssl → 1.8/openssl}/config.rb +1 -1
- data/lib/{openssl → 1.8/openssl}/digest.rb +2 -2
- data/lib/{openssl → 1.8/openssl}/pkcs7.rb +0 -0
- data/lib/{openssl/ssl.rb → 1.8/openssl/ssl-internal.rb} +2 -2
- data/lib/1.8/openssl/ssl.rb +1 -0
- data/lib/{openssl/x509.rb → 1.8/openssl/x509-internal.rb} +8 -9
- data/lib/1.8/openssl/x509.rb +1 -0
- data/lib/{openssl.rb → 1.8/openssl.rb} +2 -11
- data/lib/1.9/openssl/bn.rb +35 -0
- data/lib/1.9/openssl/buffering.rb +448 -0
- data/lib/1.9/openssl/cipher.rb +65 -0
- data/lib/1.9/openssl/config.rb +313 -0
- data/lib/1.9/openssl/digest.rb +72 -0
- data/lib/1.9/openssl/ssl-internal.rb +177 -0
- data/lib/1.9/openssl/ssl.rb +2 -0
- data/lib/1.9/openssl/x509-internal.rb +158 -0
- data/lib/1.9/openssl/x509.rb +2 -0
- data/lib/1.9/openssl.rb +22 -0
- data/lib/{jopenssl → shared/jopenssl}/version.rb +1 -1
- data/lib/shared/jopenssl.jar +0 -0
- data/lib/{openssl → shared/openssl}/dummy.rb +0 -0
- data/lib/{openssl → shared/openssl}/dummyssl.rb +0 -0
- data/lib/shared/openssl/pkcs12.rb +50 -0
- data/lib/shared/openssl/ssl.rb +1 -0
- data/lib/shared/openssl/x509.rb +1 -0
- data/lib/shared/openssl.rb +20 -0
- data/test/{openssl → 1.8}/ssl_server.rb +0 -0
- data/test/{openssl → 1.8}/test_asn1.rb +15 -0
- data/test/{openssl → 1.8}/test_cipher.rb +0 -0
- data/test/{openssl → 1.8}/test_config.rb +0 -0
- data/test/{openssl → 1.8}/test_digest.rb +0 -0
- data/test/{openssl → 1.8}/test_ec.rb +0 -0
- data/test/{openssl → 1.8}/test_hmac.rb +0 -0
- data/test/{openssl → 1.8}/test_ns_spki.rb +0 -0
- data/test/{openssl → 1.8}/test_pair.rb +10 -2
- data/test/{openssl → 1.8}/test_pkcs7.rb +0 -0
- data/test/{openssl → 1.8}/test_pkey_rsa.rb +0 -0
- data/test/{openssl → 1.8}/test_ssl.rb +17 -20
- data/test/{openssl → 1.8}/test_x509cert.rb +0 -0
- data/test/{openssl → 1.8}/test_x509crl.rb +0 -0
- data/test/{openssl → 1.8}/test_x509ext.rb +0 -0
- data/test/{openssl → 1.8}/test_x509name.rb +0 -0
- data/test/{openssl → 1.8}/test_x509req.rb +0 -0
- data/test/{openssl → 1.8}/test_x509store.rb +0 -0
- data/test/{openssl → 1.8}/utils.rb +0 -0
- data/test/1.9/ssl_server.rb +81 -0
- data/test/1.9/test_asn1.rb +589 -0
- data/test/1.9/test_bn.rb +23 -0
- data/test/1.9/test_buffering.rb +88 -0
- data/test/1.9/test_cipher.rb +107 -0
- data/test/1.9/test_config.rb +288 -0
- data/test/1.9/test_digest.rb +118 -0
- data/test/1.9/test_engine.rb +15 -0
- data/test/1.9/test_hmac.rb +32 -0
- data/test/1.9/test_ns_spki.rb +50 -0
- data/test/1.9/test_ocsp.rb +47 -0
- data/test/1.9/test_pair.rb +257 -0
- data/test/1.9/test_pkcs12.rb +209 -0
- data/test/1.9/test_pkcs7.rb +151 -0
- data/test/1.9/test_pkey_dh.rb +72 -0
- data/test/1.9/test_pkey_dsa.rb +224 -0
- data/test/1.9/test_pkey_ec.rb +182 -0
- data/test/1.9/test_pkey_rsa.rb +244 -0
- data/test/1.9/test_ssl.rb +455 -0
- data/test/1.9/test_ssl_session.rb +327 -0
- data/test/1.9/test_x509cert.rb +217 -0
- data/test/1.9/test_x509crl.rb +221 -0
- data/test/1.9/test_x509ext.rb +69 -0
- data/test/1.9/test_x509name.rb +296 -0
- data/test/1.9/test_x509req.rb +150 -0
- data/test/1.9/test_x509store.rb +229 -0
- data/test/1.9/utils.rb +304 -0
- data/test/fixture/ids_in_subject_rdn_set.pem +31 -0
- data/test/fixture/purpose/ca/ca_config.rb +1 -1
- data/test/fixture/purpose/ca/gen_cert.rb +128 -0
- data/test/fixture/purpose/ca/newcerts/4_cert.pem +19 -0
- data/test/fixture/purpose/ca/serial +1 -1
- data/test/fixture/purpose/sslserver_no_dsig_in_keyUsage.pem +19 -0
- data/test/ruby/envutil.rb +208 -0
- data/test/ruby/ut_eof.rb +128 -0
- data/test/test_certificate.rb +9 -0
- data/test/test_java.rb +1 -1
- data/test/test_openssl.rb +1 -1
- data/test/test_pkcs7.rb +16 -0
- data/test/test_pkey_dsa.rb +180 -0
- data/test/test_pkey_rsa.rb +298 -0
- data/test/test_ssl.rb +1 -1
- data/test/test_x509store.rb +8 -0
- metadata +133 -73
- data/lib/jopenssl.jar +0 -0
- data/test/test_pkey.rb +0 -204
data/lib/1.9/openssl.rb
ADDED
@@ -0,0 +1,22 @@
|
|
1
|
+
=begin
|
2
|
+
= $RCSfile$ -- Loader for all OpenSSL C-space and Ruby-space definitions
|
3
|
+
|
4
|
+
= Info
|
5
|
+
'OpenSSL for Ruby 2' project
|
6
|
+
Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz>
|
7
|
+
All rights reserved.
|
8
|
+
|
9
|
+
= Licence
|
10
|
+
This program is licenced under the same licence as Ruby.
|
11
|
+
(See the file 'LICENCE'.)
|
12
|
+
|
13
|
+
= Version
|
14
|
+
$Id$
|
15
|
+
=end
|
16
|
+
|
17
|
+
require 'openssl/bn'
|
18
|
+
require 'openssl/cipher'
|
19
|
+
require 'openssl/config'
|
20
|
+
require 'openssl/digest'
|
21
|
+
require 'openssl/ssl-internal'
|
22
|
+
require 'openssl/x509-internal'
|
Binary file
|
File without changes
|
File without changes
|
@@ -0,0 +1,50 @@
|
|
1
|
+
require 'java'
|
2
|
+
|
3
|
+
module OpenSSL
|
4
|
+
class PKCS12
|
5
|
+
java_import java.io.StringReader
|
6
|
+
java_import java.io.StringBufferInputStream
|
7
|
+
java_import java.security.cert.CertificateFactory
|
8
|
+
java_import java.security.KeyStore
|
9
|
+
java_import java.io.ByteArrayOutputStream
|
10
|
+
java_import org.bouncycastle.openssl.PEMReader
|
11
|
+
|
12
|
+
java.security.Security.add_provider(org.bouncycastle.jce.provider.BouncyCastleProvider.new)
|
13
|
+
|
14
|
+
def self.create(pass, name, key, cert)
|
15
|
+
pkcs12 = self.new(pass, name, key, cert)
|
16
|
+
pkcs12.generate
|
17
|
+
pkcs12
|
18
|
+
end
|
19
|
+
|
20
|
+
attr_reader :key, :certificate
|
21
|
+
|
22
|
+
def initialize(pass, name, key, cert)
|
23
|
+
@pass = pass
|
24
|
+
@name = name
|
25
|
+
@key = key
|
26
|
+
@certificate = cert
|
27
|
+
end
|
28
|
+
|
29
|
+
def generate
|
30
|
+
key_reader = StringReader.new(key.to_pem)
|
31
|
+
key_pair = PEMReader.new(key_reader).read_object
|
32
|
+
|
33
|
+
cert_input_stream = StringBufferInputStream.new(certificate.to_pem)
|
34
|
+
certs = CertificateFactory.get_instance("X.509").generate_certificates(cert_input_stream)
|
35
|
+
|
36
|
+
store = KeyStore.get_instance("PKCS12", "BC")
|
37
|
+
store.load(nil, nil)
|
38
|
+
store.set_key_entry(@name, key_pair.get_private, nil, certs.to_array(Java::java.security.cert.Certificate[certs.size].new))
|
39
|
+
|
40
|
+
pkcs12_output_stream = ByteArrayOutputStream.new
|
41
|
+
store.store(pkcs12_output_stream, @pass.to_java.to_char_array)
|
42
|
+
|
43
|
+
@der = String.from_java_bytes(pkcs12_output_stream.to_byte_array)
|
44
|
+
end
|
45
|
+
|
46
|
+
def to_der
|
47
|
+
@der
|
48
|
+
end
|
49
|
+
end
|
50
|
+
end
|
@@ -0,0 +1 @@
|
|
1
|
+
require 'openssl'
|
@@ -0,0 +1 @@
|
|
1
|
+
require 'openssl'
|
@@ -0,0 +1,20 @@
|
|
1
|
+
unless defined? JRUBY_VERSION
|
2
|
+
warn 'Loading jruby-openssl in a non-JRuby interpreter'
|
3
|
+
end
|
4
|
+
|
5
|
+
begin
|
6
|
+
require 'bouncy-castle-java'
|
7
|
+
rescue LoadError
|
8
|
+
# runs under restricted mode.
|
9
|
+
end
|
10
|
+
require 'jopenssl'
|
11
|
+
|
12
|
+
if RUBY_VERSION >= '1.9.0'
|
13
|
+
$LOAD_PATH.unshift(File.expand_path('../../1.9', __FILE__))
|
14
|
+
load(File.expand_path('../../1.9/openssl.rb', __FILE__))
|
15
|
+
else
|
16
|
+
$LOAD_PATH.unshift(File.expand_path('../../1.8', __FILE__))
|
17
|
+
load(File.expand_path('../../1.8/openssl.rb', __FILE__))
|
18
|
+
end
|
19
|
+
|
20
|
+
require 'openssl/pkcs12'
|
File without changes
|
@@ -35,6 +35,7 @@ class OpenSSL::TestASN1 < Test::Unit::TestCase
|
|
35
35
|
assert_equal(1, version.value.size)
|
36
36
|
assert_equal(OpenSSL::ASN1::Integer, version.value[0].class)
|
37
37
|
assert_equal(2, version.value[0].value)
|
38
|
+
assert_equal(OpenSSL::BN, version.value[0].value.class)
|
38
39
|
|
39
40
|
serial = tbs_cert.value[1]
|
40
41
|
assert_equal(OpenSSL::ASN1::Integer, serial.class)
|
@@ -194,4 +195,18 @@ class OpenSSL::TestASN1 < Test::Unit::TestCase
|
|
194
195
|
cululated_sig = key.sign(OpenSSL::Digest::SHA1.new, tbs_cert.to_der)
|
195
196
|
assert_equal(cululated_sig, sig_val.value)
|
196
197
|
end
|
198
|
+
|
199
|
+
def test_encode_boolean
|
200
|
+
encode_decode_test(OpenSSL::ASN1::Boolean, [true, false])
|
201
|
+
end
|
202
|
+
|
203
|
+
def test_encode_integer
|
204
|
+
encode_decode_test(OpenSSL::ASN1::Integer, [72, -127, -128, 128, -1, 0, 1, -(2**12345), 2**12345])
|
205
|
+
end
|
206
|
+
|
207
|
+
def encode_decode_test(type, values)
|
208
|
+
values.each do |v|
|
209
|
+
assert_equal(v, OpenSSL::ASN1.decode(type.new(v).to_der).value)
|
210
|
+
end
|
211
|
+
end
|
197
212
|
end if defined?(OpenSSL)
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
@@ -90,9 +90,17 @@ class OpenSSL::TestPair < Test::Unit::TestCase
|
|
90
90
|
ssl_pair {|s1, s2|
|
91
91
|
s2.write "a\nbcd"
|
92
92
|
assert_equal("a\n", s1.gets)
|
93
|
-
|
93
|
+
read = s1.readpartial(10)
|
94
|
+
assert_equal("bcd"[0, read.bytesize], read)
|
95
|
+
s1.read(read.bytesize - 3) # drop unread bytes
|
96
|
+
|
94
97
|
s2.write "efg"
|
95
|
-
|
98
|
+
read = s1.readpartial(10)
|
99
|
+
assert_equal("efg"[0, read.bytesize], read)
|
100
|
+
rest = 3 - read.bytesize
|
101
|
+
while rest > 0
|
102
|
+
rest -= s1.readpartial(rest).size
|
103
|
+
end
|
96
104
|
s2.close
|
97
105
|
assert_raise(EOFError) { s1.readpartial(10) }
|
98
106
|
assert_raise(EOFError) { s1.readpartial(10) }
|
File without changes
|
File without changes
|
@@ -200,19 +200,6 @@ class OpenSSL::TestSSL < Test::Unit::TestCase
|
|
200
200
|
|
201
201
|
assert_raise(ArgumentError) { ssl.sysread(-1) }
|
202
202
|
|
203
|
-
# syswrite and sysread
|
204
|
-
ITERATIONS.times{|i|
|
205
|
-
str = "x" * 100 + "\n"
|
206
|
-
ssl.syswrite(str)
|
207
|
-
assert_equal(str, ssl.sysread(str.size))
|
208
|
-
|
209
|
-
str = "x" * i * 100 + "\n"
|
210
|
-
buf = ""
|
211
|
-
ssl.syswrite(str)
|
212
|
-
assert_equal(buf.object_id, ssl.sysread(str.size, buf).object_id)
|
213
|
-
assert_equal(str, buf)
|
214
|
-
}
|
215
|
-
|
216
203
|
# puts and gets
|
217
204
|
ITERATIONS.times{
|
218
205
|
str = "x" * 100 + "\n"
|
@@ -237,6 +224,14 @@ class OpenSSL::TestSSL < Test::Unit::TestCase
|
|
237
224
|
}
|
238
225
|
end
|
239
226
|
|
227
|
+
def sysread_size(ssl, size)
|
228
|
+
buf = ''
|
229
|
+
while buf.bytesize < size
|
230
|
+
buf += ssl.sysread(size - buf.bytesize)
|
231
|
+
end
|
232
|
+
buf
|
233
|
+
end
|
234
|
+
|
240
235
|
def test_sysread_chunks
|
241
236
|
args = {}
|
242
237
|
args[:server_proc] = proc { |ctx, ssl|
|
@@ -257,11 +252,11 @@ class OpenSSL::TestSSL < Test::Unit::TestCase
|
|
257
252
|
ssl.sync_close = true
|
258
253
|
ssl.connect
|
259
254
|
ssl.syswrite("hello\n")
|
260
|
-
assert_equal("0" * 200, ssl
|
261
|
-
assert_equal("0" * 200, ssl
|
262
|
-
assert_equal("0" * 200, ssl
|
263
|
-
assert_equal("0" * 200, ssl
|
264
|
-
assert_equal("1" * 200, ssl
|
255
|
+
assert_equal("0" * 200, sysread_size(ssl, 200))
|
256
|
+
assert_equal("0" * 200, sysread_size(ssl, 200))
|
257
|
+
assert_equal("0" * 200, sysread_size(ssl, 200))
|
258
|
+
assert_equal("0" * 200, sysread_size(ssl, 200))
|
259
|
+
assert_equal("1" * 200, sysread_size(ssl, 200))
|
265
260
|
ssl.close
|
266
261
|
}
|
267
262
|
end
|
@@ -285,12 +280,14 @@ class OpenSSL::TestSSL < Test::Unit::TestCase
|
|
285
280
|
read = ssl.sysread(str.size, buf)
|
286
281
|
assert(!read.empty?)
|
287
282
|
assert_equal(buf.object_id, read.object_id)
|
288
|
-
assert_equal(str, buf)
|
283
|
+
assert_equal(str[0, buf.bytesize], buf)
|
284
|
+
sysread_size(ssl, str.bytesize - buf.bytesize) # drop unread bytes
|
289
285
|
|
290
286
|
ssl.syswrite(str)
|
291
287
|
read = ssl.sysread(str.size, nil)
|
292
288
|
assert(!read.empty?)
|
293
|
-
assert_equal(str, read)
|
289
|
+
assert_equal(str[0, read.bytesize], read)
|
290
|
+
sysread_size(ssl, str.bytesize - read.bytesize) # drop unread bytes
|
294
291
|
}
|
295
292
|
ssl.close
|
296
293
|
}
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
File without changes
|
@@ -0,0 +1,81 @@
|
|
1
|
+
require "socket"
|
2
|
+
require "thread"
|
3
|
+
require "openssl"
|
4
|
+
require File.join(File.dirname(__FILE__), "utils.rb")
|
5
|
+
|
6
|
+
def get_pem(io=$stdin)
|
7
|
+
buf = ""
|
8
|
+
while line = io.gets
|
9
|
+
if /^-----BEGIN / =~ line
|
10
|
+
buf << line
|
11
|
+
break
|
12
|
+
end
|
13
|
+
end
|
14
|
+
while line = io.gets
|
15
|
+
buf << line
|
16
|
+
if /^-----END / =~ line
|
17
|
+
break
|
18
|
+
end
|
19
|
+
end
|
20
|
+
return buf
|
21
|
+
end
|
22
|
+
|
23
|
+
def make_key(pem)
|
24
|
+
begin
|
25
|
+
return OpenSSL::PKey::RSA.new(pem)
|
26
|
+
rescue
|
27
|
+
return OpenSSL::PKey::DSA.new(pem)
|
28
|
+
end
|
29
|
+
end
|
30
|
+
|
31
|
+
ca_cert = OpenSSL::X509::Certificate.new(get_pem)
|
32
|
+
ssl_cert = OpenSSL::X509::Certificate.new(get_pem)
|
33
|
+
ssl_key = make_key(get_pem)
|
34
|
+
port = Integer(ARGV.shift)
|
35
|
+
verify_mode = Integer(ARGV.shift)
|
36
|
+
start_immediately = (/yes/ =~ ARGV.shift)
|
37
|
+
|
38
|
+
store = OpenSSL::X509::Store.new
|
39
|
+
store.add_cert(ca_cert)
|
40
|
+
store.purpose = OpenSSL::X509::PURPOSE_SSL_CLIENT
|
41
|
+
ctx = OpenSSL::SSL::SSLContext.new
|
42
|
+
ctx.cert_store = store
|
43
|
+
#ctx.extra_chain_cert = [ ca_cert ]
|
44
|
+
ctx.cert = ssl_cert
|
45
|
+
ctx.key = ssl_key
|
46
|
+
ctx.verify_mode = verify_mode
|
47
|
+
|
48
|
+
Socket.do_not_reverse_lookup = true
|
49
|
+
tcps = nil
|
50
|
+
100.times{|i|
|
51
|
+
begin
|
52
|
+
tcps = TCPServer.new("0.0.0.0", port+i)
|
53
|
+
port = port + i
|
54
|
+
break
|
55
|
+
rescue Errno::EADDRINUSE
|
56
|
+
next
|
57
|
+
end
|
58
|
+
}
|
59
|
+
ssls = OpenSSL::SSL::SSLServer.new(tcps, ctx)
|
60
|
+
ssls.start_immediately = start_immediately
|
61
|
+
|
62
|
+
$stdout.sync = true
|
63
|
+
$stdout.puts Process.pid
|
64
|
+
$stdout.puts port
|
65
|
+
|
66
|
+
loop do
|
67
|
+
ssl = ssls.accept rescue next
|
68
|
+
Thread.start{
|
69
|
+
q = Queue.new
|
70
|
+
th = Thread.start{ ssl.write(q.shift) while true }
|
71
|
+
while line = ssl.gets
|
72
|
+
if line =~ /^STARTTLS$/
|
73
|
+
ssl.accept
|
74
|
+
next
|
75
|
+
end
|
76
|
+
q.push(line)
|
77
|
+
end
|
78
|
+
th.kill if q.empty?
|
79
|
+
ssl.close
|
80
|
+
}
|
81
|
+
end
|