jruby-openssl 0.7.6.1 → 0.7.7

Sign up to get free protection for your applications and to get access to all the features.
@@ -1,3 +1,13 @@
1
+ == 0.7.7
2
+
3
+ This release includes bug fixes.
4
+
5
+ - JRUBY-6622: Support loading encrypted RSA key with PBES2
6
+ - JRUBY-4326: Confusing (and late) OpenSSL error message
7
+ - JRUBY-6579: Avoid ClassCastException for public key loading
8
+ - JRUBY-6515: sending UTF-8 data over SSL can hang with openssl
9
+ - Update tests to sync with CRuby ruby_1_9_3
10
+
1
11
  == 0.7.6
2
12
 
3
13
  This release includes initial implementation of PKCS12 by Owen Ou.
data/Rakefile CHANGED
@@ -64,7 +64,7 @@ begin
64
64
  load File.dirname(__FILE__) + "/lib/shared/jopenssl/version.rb"
65
65
  p.version = Jopenssl::Version::VERSION
66
66
  p.rubyforge_name = "jruby-extras"
67
- p.url = "https://github.com/jruby/jruby-ossl"
67
+ p.urls = ["https://github.com/jruby/jruby-ossl"]
68
68
  p.author = "Ola Bini and JRuby contributors"
69
69
  p.email = "ola.bini@gmail.com"
70
70
  p.summary = "OpenSSL add-on for JRuby"
@@ -11,7 +11,7 @@
11
11
  (See the file 'LICENCE'.)
12
12
 
13
13
  = Version
14
- $Id: buffering.rb 32012 2011-06-11 14:07:42Z nahi $
14
+ $Id$
15
15
  =end
16
16
 
17
17
  ##
@@ -307,6 +307,7 @@ module OpenSSL::Buffering
307
307
  def do_write(s)
308
308
  @wbuffer = "" unless defined? @wbuffer
309
309
  @wbuffer << s
310
+ @wbuffer.force_encoding(Encoding::BINARY)
310
311
  @sync ||= false
311
312
  if @sync or @wbuffer.size > BLOCK_SIZE or idx = @wbuffer.rindex($/)
312
313
  remain = idx ? idx + $/.size : @wbuffer.length
@@ -333,7 +334,7 @@ module OpenSSL::Buffering
333
334
 
334
335
  def write(s)
335
336
  do_write(s)
336
- s.length
337
+ s.bytesize
337
338
  end
338
339
 
339
340
  ##
Binary file
@@ -1,5 +1,5 @@
1
1
  module Jopenssl
2
2
  module Version
3
- VERSION = "0.7.6.1"
3
+ VERSION = "0.7.7"
4
4
  end
5
5
  end
@@ -146,6 +146,11 @@ class OpenSSL::TestPKCS7 < Test::Unit::TestCase
146
146
  assert_equal(3, recip[1].serial)
147
147
  assert_equal(data, p7.decrypt(@rsa1024, @ee2_cert))
148
148
  end
149
+
150
+ def test_graceful_parsing_failure #[ruby-core:43250]
151
+ contents = File.read(__FILE__)
152
+ assert_raise(ArgumentError) { OpenSSL::PKCS7.new(contents) }
153
+ end
149
154
  end
150
155
 
151
156
  end
@@ -450,6 +450,50 @@ class OpenSSL::TestSSL < OpenSSL::SSLTestCase
450
450
  end
451
451
  end
452
452
  end
453
+
454
+ def test_multibyte_read_write
455
+ #German a umlaut
456
+ auml = [%w{ C3 A4 }.join('')].pack('H*')
457
+ auml.force_encoding(Encoding::UTF_8)
458
+
459
+ [10, 1000, 100000].each {|i|
460
+ str = nil
461
+ num_written = nil
462
+ server_proc = Proc.new {|ctx, ssl|
463
+ cmp = ssl.read
464
+ raw_size = cmp.size
465
+ cmp.force_encoding(Encoding::UTF_8)
466
+ assert_equal(str, cmp)
467
+ assert_equal(num_written, raw_size)
468
+ ssl.close
469
+ }
470
+ start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true, :server_proc => server_proc){|server, port|
471
+ sock = TCPSocket.new("127.0.0.1", port)
472
+ ssl = OpenSSL::SSL::SSLSocket.new(sock)
473
+ ssl.sync_close = true
474
+ ssl.connect
475
+ str = auml * i
476
+ num_written = ssl.write(str)
477
+ ssl.close
478
+ }
479
+ }
480
+ end
481
+
482
+ def test_unset_OP_ALL
483
+ ctx_proc = Proc.new { |ctx|
484
+ ctx.options = OpenSSL::SSL::OP_ALL & ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS
485
+ }
486
+ start_server(PORT, OpenSSL::SSL::VERIFY_NONE, true, :ctx_proc => ctx_proc){|server, port|
487
+ sock = TCPSocket.new("127.0.0.1", port)
488
+ ssl = OpenSSL::SSL::SSLSocket.new(sock)
489
+ ssl.sync_close = true
490
+ ssl.connect
491
+ ssl.puts('hello')
492
+ assert_equal("hello\n", ssl.gets)
493
+ ssl.close
494
+ }
495
+ end
496
+
453
497
  end
454
498
 
455
499
  end
@@ -100,6 +100,58 @@ class OpenSSL::TestX509Name < Test::Unit::TestCase
100
100
  assert_equal(name_from_der.to_der, name.to_der)
101
101
  end
102
102
 
103
+ def test_unrecognized_oid
104
+ dn = [ ["1.2.3.4.5.6.7.8.9.7.5.3.1", "Unknown OID 1"],
105
+ ["1.1.2.3.5.8.13.21.34", "Unknown OID 2"],
106
+ ["C", "US"],
107
+ ["postalCode", "60602"],
108
+ ["ST", "Illinois"],
109
+ ["L", "Chicago"],
110
+ #["street", "123 Fake St"],
111
+ ["O", "Some Company LLC"],
112
+ ["CN", "mydomain.com"] ]
113
+
114
+ name = OpenSSL::X509::Name.new(dn)
115
+ ary = name.to_a
116
+ #assert_equal("/1.2.3.4.5.6.7.8.9.7.5.3.1=Unknown OID 1/1.1.2.3.5.8.13.21.34=Unknown OID 2/C=US/postalCode=60602/ST=Illinois/L=Chicago/street=123 Fake St/O=Some Company LLC/CN=mydomain.com", name.to_s)
117
+ assert_equal("/1.2.3.4.5.6.7.8.9.7.5.3.1=Unknown OID 1/1.1.2.3.5.8.13.21.34=Unknown OID 2/C=US/postalCode=60602/ST=Illinois/L=Chicago/O=Some Company LLC/CN=mydomain.com", name.to_s)
118
+ assert_equal("1.2.3.4.5.6.7.8.9.7.5.3.1", ary[0][0])
119
+ assert_equal("1.1.2.3.5.8.13.21.34", ary[1][0])
120
+ assert_equal("C", ary[2][0])
121
+ assert_equal("postalCode", ary[3][0])
122
+ assert_equal("ST", ary[4][0])
123
+ assert_equal("L", ary[5][0])
124
+ #assert_equal("street", ary[6][0])
125
+ assert_equal("O", ary[6][0])
126
+ assert_equal("CN", ary[7][0])
127
+ assert_equal("Unknown OID 1", ary[0][1])
128
+ assert_equal("Unknown OID 2", ary[1][1])
129
+ assert_equal("US", ary[2][1])
130
+ assert_equal("60602", ary[3][1])
131
+ assert_equal("Illinois", ary[4][1])
132
+ assert_equal("Chicago", ary[5][1])
133
+ #assert_equal("123 Fake St", ary[6][1])
134
+ assert_equal("Some Company LLC", ary[6][1])
135
+ assert_equal("mydomain.com", ary[7][1])
136
+ end
137
+
138
+ def test_unrecognized_oid_parse_encode_equality
139
+ dn = [ ["1.2.3.4.5.6.7.8.9.7.5.3.2", "Unknown OID1"],
140
+ ["1.1.2.3.5.8.13.21.35", "Unknown OID2"],
141
+ ["C", "US"],
142
+ ["postalCode", "60602"],
143
+ ["ST", "Illinois"],
144
+ ["L", "Chicago"],
145
+ #["street", "123 Fake St"],
146
+ ["O", "Some Company LLC"],
147
+ ["CN", "mydomain.com"] ]
148
+
149
+ name1 = OpenSSL::X509::Name.new(dn)
150
+ name2 = OpenSSL::X509::Name.parse(name1.to_s)
151
+ assert_equal(name1.to_s, name2.to_s)
152
+ assert_equal(name1.to_a, name2.to_a)
153
+ end
154
+
103
155
  def test_s_parse
104
156
  dn = "/DC=org/DC=ruby-lang/CN=www.ruby-lang.org"
105
157
  name = OpenSSL::X509::Name.parse(dn)
@@ -258,6 +310,24 @@ class OpenSSL::TestX509Name < Test::Unit::TestCase
258
310
  assert_equal(OpenSSL::ASN1::PRINTABLESTRING, ary[4][2])
259
311
  end
260
312
 
313
+ def test_add_entry_street
314
+ return if OpenSSL::OPENSSL_VERSION_NUMBER < 0x009080df # 0.9.8m
315
+ # openssl/crypto/objects/obj_mac.h 1.83
316
+ dn = [
317
+ ["DC", "org"],
318
+ ["DC", "ruby-lang"],
319
+ ["CN", "GOTOU Yuuzou"],
320
+ ["emailAddress", "gotoyuzo@ruby-lang.org"],
321
+ ["serialNumber", "123"],
322
+ ["street", "Namiki"],
323
+ ]
324
+ name = OpenSSL::X509::Name.new
325
+ dn.each{|attr| name.add_entry(*attr) }
326
+ ary = name.to_a
327
+ assert_equal("/DC=org/DC=ruby-lang/CN=GOTOU Yuuzou/emailAddress=gotoyuzo@ruby-lang.org/serialNumber=123/street=Namiki", name.to_s)
328
+ assert_equal("Namiki", ary[5][1])
329
+ end
330
+
261
331
  def test_equals2
262
332
  n1 = OpenSSL::X509::Name.parse 'CN=a'
263
333
  n2 = OpenSSL::X509::Name.parse 'CN=a'
@@ -103,6 +103,37 @@ __EOP__
103
103
  end
104
104
  end
105
105
 
106
+ # JRUBY-6622
107
+ def test_load_pkey_rsa_enc_pbes2
108
+ # password is 'password'
109
+ pem = <<__EOP__
110
+ -----BEGIN ENCRYPTED PRIVATE KEY-----
111
+ MIICxjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIaYgszaX31yECAggA
112
+ MBQGCCqGSIb3DQMHBAij3LmXGCmB8wSCAoDcLnAeXiBugFmwXd3wrvznlKvwHkP2
113
+ 76lIrTiwDRZOLuaKHdBgNQDJ3NP+UPGdM7YEyNqdfdbN/3cLd0qfzeobuU+c/lGI
114
+ aE5pAwlWm5lK9boTsJnCqaDFEgJz2khZF+7RqYQVSG7MTM9SnIRNScLKjhTk7AaF
115
+ PD2qSnMVtixw/VfwdzhUknuwP2monLY8Ip/l9abicmBp9HGQ+0WA/nKQLQ/egWG0
116
+ S6rrXsH91exaxL7gcZL8jF+Ub7VDt4Hvx1RB/3r12k7AQGsK+TyIrKQFUllSnSq/
117
+ eFwBqpLSKWYyGJZlkJzW5MTHyeXqpTvav6T7e2mKZ4GG/a8THoWxLLrKeODFFoWn
118
+ LQNOQZ2Axa15E0TdeSkaumsOWPJm5DgFxf/1cRNxhJqYdX68QjWXeNS2SXPZBwlx
119
+ HCaAYo6OoCHZQ7O/3MpiT3rUAk30fbSa09VSvrenYi5s5lPieKFt3QZI44uGvi9j
120
+ MXyN4fkjzzXasE0xZzf6bQLS6aM+ucyQ8CMv0oAgAndoeKu10Ha4KmdT5dZf3LHj
121
+ BUXZDYp3Q5UF6ePyxKBdAqJf4PNKl4+VehYJ4eQ6CIQiSxSuWv9T+2b90PyDuRkz
122
+ sB1XZpeDD6dhQuU9GjdwCTyatITcm97ZkbdZEoQiDpiWQB4parTvKLKbD4AbP/+E
123
+ 08btPFgXNocFUjLb5lB4Y/6RqaQxY7VoaFOPOfPpWPXF26X9Y5y3y+ymXdYFpkhp
124
+ wGBGScH+dutQWHoRV1TWUjv9a7CuzUxCX2Hrjooz1BtOnG8CoPA7K43+kvire5jN
125
+ 529p6u+FtUZPUWLm5L5WHBUECEtJGw3ImjosX1HtoM/rW34XDmMHuN0u
126
+ -----END ENCRYPTED PRIVATE KEY-----
127
+ __EOP__
128
+ assert_nothing_raised do
129
+ pkey = OpenSSL::PKey::RSA.new(pem, 'password')
130
+ pkey2 = OpenSSL::PKey::RSA.new(pkey.to_pem)
131
+ assert_equal(pkey.n, pkey2.n)
132
+ assert_equal(pkey.e, pkey2.e)
133
+ assert_equal(pkey.d, pkey2.d)
134
+ end
135
+ end
136
+
106
137
  # jruby-openssl/0.6 causes NPE
107
138
  def test_generate_pkey_rsa_empty
108
139
  assert_nothing_raised do
metadata CHANGED
@@ -2,7 +2,7 @@
2
2
  name: jruby-openssl
3
3
  version: !ruby/object:Gem::Version
4
4
  prerelease:
5
- version: 0.7.6.1
5
+ version: 0.7.7
6
6
  platform: ruby
7
7
  authors:
8
8
  - Ola Bini and JRuby contributors
@@ -10,7 +10,7 @@ autorequire:
10
10
  bindir: bin
11
11
  cert_chain: []
12
12
 
13
- date: 2012-02-15 00:00:00 Z
13
+ date: 2012-05-21 00:00:00 Z
14
14
  dependencies:
15
15
  - !ruby/object:Gem::Dependency
16
16
  name: bouncy-castle-java