jruby-openssl 0.9.20-java → 0.10.7-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 577486949f6eaa93a6143c4da6663196785ca64a
-  data.tar.gz: deadd1567288f80226d39a751db2802a12169000
+  metadata.gz: 5556d31972e0e74ffc7e20e662b8e1666cce85b0
+  data.tar.gz: '0439ad0115cdb8ebef38c1a10a514ee4dc48d58c'
 SHA512:
-  metadata.gz: f7aa39d4de5becaa47abd8ad85c5f2f4e83cbdcdfc95293f1294457baf3faa81e0559f443c63a18954ab33dcf4450cbd3f0ba5db63f80a947ef4f41a1b715011
-  data.tar.gz: f4c3eed0ae106c414ba730b1b78ae045e79c8ea9b1957b5f73a75f796ab1aeb6fd35007dd26fc325363cd8362636333f612baaf93cd6d12561e735126536e807
+  metadata.gz: fcd2ba1d6d0e2c43a9f30250c441590a1d1490b271c09ff8f08f014daf48c4f6ad77de55a59d7dc33bef17f93f3b9bdd6fa613418db9a6b7736fe95b6bce2865
+  data.tar.gz: 9dbb39508d7f2685c428605493984908c506251e4fcaf15c2dafb3f4ead92e5a556de3687ae273ca602e555cf8c9a8329b697c68a5e9da1794f0b66cf6f1b486

data/History.md

@@ -1,10 +1,141 @@
+## 0.10.7
+
+* [feat] upgrade BC library to 1.68
+* [fix] SSLContext#ciphers= (fixes #221 and jruby/jruby#3100) (#222)
+* [fix] Java::JavaLang::StringIndexOutOfBoundsException on ctx.cipher=[] (fixes #220) (#223)
+* [fix] SSLContext#ciphers= compatibility (fixes #223) (#220)
+* [fix] Match OpenSSL::X509::Name.hash implementation with Ruby (#216, #218)
+* [fix] OpenSSL::SSL::SSLContext#min_version= failure (#215)
+* [fix] adds OpenSSL::Cipher#iv_len= setter (#208)
+
+## 0.10.6 (yanked)
+
+Due several regressions please update to version 0.10.7 or higher.
+
+## 0.10.5
+
+* [fix] EC key sign/verify (#193)
+* [feat] upgrade BC library to 1.65
+* [refactor] clean security helpers to avoid reflection (#197)
+* Just use normal getInstance to get KeyFactory (fixes #197)
+* Allow multiple Certificates with the same SubjectDN in the store (#198)
+* Try direct path for MessageDigest before invasive path (#194) 
+  (relates to jruby/jruby#6098)
+* [refactor] avoid NativeException usage (jruby/jruby#5646) 
+
+## 0.10.4
+
+* Use CertificateFactory.getInstance rather than reflection
+  eliminates one of the module warnings we have been seeing (#161)
+
+## 0.10.3
+
+* [fix] implement (missing) PKey::DSA#params
+* [fix] authorityKeyIdentifier ext (general-name) value
+* [fix] authority keyid extension's :always part optional (#174)
+* [fix] work-around for not setting certificate serial
+  raise a more friendly error (jruby/jruby#1691)
+* [fix] PKey.read not parsing RSA pub-key (#176)
+* [feat] support reading DSA (public key) in full DER
+* [fix] RSA key DER format to closely follow OpenSSL
+* [fix] add missing ASN1 factory methods (Null, EndOfContent)
+* [fix] support getting password from block for PKeys
+* [fix] incorrect ASN.1 for wrapped Integer type
+* [fix] correct public key for subjectKeyIdentifier ext (#173)
+* [fix] invalid Cert#sign handling -> raise (instead of ClassCastException)
+* [feat] more TLS (GCM) ciphers - supported on Java 8+
+* [feat] add ECDHE-RSA-AES128-GCM-SHA256 as supported cipher (#185)
+* [feat] add support for ECDHE-RSA-AES256-GCM-SHA384 (#187)
+* [fix] try hard not to fail on unkown oids (OpenSSL::X509::Certificate#to_text)
+* update Bouncy-Castle to 1.62 (and handle supported BC compatibility)
+
+## 0.10.2
+
+* update Bouncy-Castle to 1.61 (and handle supported BC compatibility)
+* [fix] avoid NPE when CRL fails to parse (invalid str) (jruby/jruby#5619)
+* hide (deprecated) Jopenssl constant 
+* default OpenSSL.warn to warnings-enabled flag
+* only un-restrict jce when its restricted
+* OpenSSL::Cipher#update additional buffer argument (#170) (jruby/jruby#5242)
+
+## 0.10.1
+
+* loading JOpenSSL's native ext part the JRuby 9.2 (internal) way
+* avoid, once again, installing BC provider on boot (due OCSP support)
+* [feat] support OpenSSL::KDF as a (semi) OpenSSL::PKCS5 replacement
+* rename ugly-sh "Jopenssl" constant to **JOpenSSL**
+* support PKCS7#decrypt with 1 argument (pkey only - without certificate)
+* undo some of the call-sites in SSLSocket - account for sub-classes (#165)
+* follow-up to provide == for X.509 types (like C-OpenSSL does in 2.1) 
+* validate iter parameter on Cipher#pkcs5_keyivgen (since OpenSSL 2.0.8)
+* remove openssl/pkcs7.rb -> since 1.8 no longer supported
+
+## 0.10.0
+
+**NOTE:** dropped support for anything below ~ JRuby 1.7.20
+
+* drop support for Java 1.6 and compile using Java 7
+* improve java.version detection for Java 9/10 (pre-releases)
+* subject alt name parsing fixes (#140) - thanks @roadrunner2
+* fix loading of Subject/Issuer-Alt-Name extensions. (#144)
+* normalize all constants in CipherStrings as public (#146)
+* upgrade BC to **1.59** and dropped support for BC < 1.55
+* include BC's JSSE provider as we're planning on using it, eventually
+* setup OpenSSL::ExtConfig emulation - mostly (conservative) guesses
+* at last, do BN comparison `==` vs `eql?` properly - just like MRI
+* get `BN.new("...", 0)` working as OpenSSL does - using MPI format
+* allow for SSLContext#dup to work (copy-ing Ruby level i-vars only)
+* fix signature-alg to default to NULL and report it as 0.0 (like MRI)
+* account for ASN1Integers when transforming issuer serial numbers 
+  to_text in AuthorityKeyIdentifier extensions (#147) - thanks @lampad
+* copy bytes since it might be a shared (unsafe) buffer (#150)
+* don't use padding for streaming cipher modes (#155) - thanks @dgolombek
+* avoid ByteList#length() usage for forward (JRuby 9.2) compatibility
+* prepare for using BC's JSSE implementation as an SSL support backend
+  allow to set SSL provider name (-Djruby.openssl.ssl.provider=...)
+
+## 0.9.21
+
+* adjust X.509 value handling to parse subjectAltName recursively (#134)
+* SKI expected to be always octet wrapped - do not check for length (#131)
+* respect jruby.preferred.prng and use/tune its SecureRandom defaults
+  trying to avoid BC generator's constant attempts for seeding itself
+  as an attempt to 'fix' low-entropy systems wating for */dev/random*
+* Random#add; Random#egd shall return true on JVM
+* move "DEFAULT" special case handling to match OpenSSL behaviour (#136)
+  (jruby/jruby#2193)
+* If data is not provided, extract it from the PKCS7 instance (#132)
+* Add cipher suite strings for IBM JRE (#126) - thanks @ysohda
+* use the helper to printStackTrace (no System.err printing by default)
+* add OCSP support (#124) - thanks so very much @lampad
+* add support for renegotiation_cb on SSLContext (#121) - thanks @lampad
+
+## 0.9.20
+
+* upgrade Bouncy-Castle to 1.56 http://bouncycastle.org/releasenotes.html
+  (additional security and robustness with 10 CVEs submitted as a result)
+* add a dummy SSLContext#security_level= implementation
+* no dup-ing for SSLContext/SSLSocket and X509 Store/StoreContext
+* implement PKey initialize_copy (dup-ing)
+* digest can be passed in as a String on PKey#sign/verify
+* DSA+SHA1 is actually a supported algorithm
+* reset signed-request -> sub-sequent req.verify will work correctly
+* allow for digest name to be passed into Cert#sign
+* be less fatal on Java 9
+  won't attempt reflective SPIs when accessibility checks fail!
+* remove obsolete (deprecated) renamed classes
+* verify correct WaitReadable is raised on connect_nonblock (jruby/jruby#1716)
+* non-connected ssl socket raises EPIPE on connect_nonblock (MRI compat)
+* fine to close a SSLSocket which is not-yet-connected (like in MRI)
+* fix NPE when reading private keys (with passwd) (jruby/jruby#1784)
+
 ## 0.9.19
 
 * re-use secure random from thread-context on SSL context initialization
 * preliminary OpenSSL 1.1 (Ruby 2.4) compatibility bits (#112)
 * try using thread-shared secure random gen (in PKey-s) where possible
 * implement PKeyDSA#syssign and PKeyDSA#sysverify methods
-* avoid (unnecessary) byte[] copies in PKey#sign/verify 
+* avoid (unnecessary) byte[] copies in PKey#sign/verify
 * fix ClassCastException error in X509Store.verify (#113)
 * align BH#hash with eql? (+ equals/hashCode on Java)
 

data/LICENSE.txt

@@ -18,7 +18,7 @@ ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
 DEALINGS IN THE SOFTWARE.
 
   Copyright (C) 2007-2009 Ola Bini <ola.bini@gmail.com>
-  Copyright (C) 2009-2017 The JRuby Team
+  Copyright (C) 2009-2018 The JRuby Team
 
 Alternatively, the contents of this file may be used under the terms of
 either of the GNU General Public License Version 2 or later (the "GPL"),

data/Mavenfile

@@ -2,15 +2,12 @@
 
 gemspec :jar => 'jopenssl', :include_jars => true
 
-sonatype_url = 'https://oss.sonatype.org/content/repositories/snapshots/'
-snapshot_repository :id => 'sonatype', :url => sonatype_url
-
 distribution_management do
   snapshot_repository :id => :ossrh, :url => 'https://oss.sonatype.org/content/repositories/snapshots'
   repository :id => :ossrh, :url => 'https://oss.sonatype.org/service/local/staging/deploy/maven2/'
 end
 
-java_target = '1.6'
+java_target = '1.7'
 gen_sources = '${basedir}/target/generated-sources' # hard-coded in AnnotationBinder
 
 plugin( 'org.codehaus.mojo:exec-maven-plugin', '1.3.2' ) do
@@ -49,13 +46,14 @@ plugin( 'org.codehaus.mojo:build-helper-maven-plugin', '1.9' ) do
 end
 
 plugin( :compiler, '3.1',
-        :source => java_target, :target => java_target,
+        :source => '1.7', :target => java_target,
         :encoding => 'UTF-8', :debug => true,
         :showWarnings => true, :showDeprecation => true,
+        :excludes => [ 'module-info.java' ],
+        #:jdkToolchain => { :version => '[1.7,11)' },
 
         :generatedSourcesDirectory => gen_sources,
-        :annotationProcessors => [ 'org.jruby.anno.AnnotationBinder' ],
-        :compilerArgs => [ '-XDignore.symbol.file=true' ] ) do
+        :annotationProcessors => [ 'org.jruby.anno.AnnotationBinder' ]) do
 
   #execute_goal :compile, :id => 'annotation-binder', :phase => 'compile',
   #    :generatedSourcesDirectory => gen_sources, #:outputDirectory => gen_sources,
@@ -64,10 +62,19 @@ plugin( :compiler, '3.1',
   #    :useIncrementalCompilation => false, :fork => true, :verbose => true,
   #    :compilerArgs => [ '-XDignore.symbol.file=true', '-J-Dfile.encoding=UTF-8' ]
 
-  execute_goal :compile, :id => 'compile-populators', :phase => 'process-classes',
-      :includes => [ 'org/jruby/gen/**/*.java' ], :optimize => true,
-      :compilerArgs => [ '-XDignore.symbol.file=true' ]
-      # NOTE: maybe '-J-Xbootclasspath/p:${unsafe.jar}' ... as well ?!
+  execute_goal :compile,
+               :id => 'compile-populators', :phase => 'process-classes',
+               :includes => [ 'org/jruby/gen/**/*.java' ],
+               :optimize => true,
+               :compilerArgs => [ '', '-XDignore.symbol.file=true' ]
+end
+
+profile 'module-info' do
+  activation { jdk '[9,)' }
+  plugin :compiler, '3.8.1',
+         :source => '9', :target => java_target,
+         :release => '9',
+         :includes => [ 'module-info.java' ]
 end
 
 plugin :clean do
@@ -80,49 +87,52 @@ plugin :clean do
                  'failOnError' =>  'false' )
 end
 
-# NOTE: unfortunately we can not use 1.6.8 to generate invokers ...
-# although we'd like to compile against 1.6 to make sure all is well
-jar 'org.jruby:jruby-core', '1.7.17', :scope => :provided  # 1.6.8
-jar 'junit:junit', '4.11', :scope => :test
+jar 'org.jruby:jruby-core', '1.7.20', :scope => :provided
+jar 'junit:junit', '[4.13.1,)', :scope => :test
+
+# 9.1.17.0 is Java 7 compatible (till supporting JRuby 1.7)
+# NOTE: to build on Java 11 - installing gems fails (due old jossl) with:
+#  load error: jopenssl/load -- java.lang.StringIndexOutOfBoundsException
+MVN_JRUBY_VERSION = ENV_JAVA['java.version'].to_i >= 9 ? '9.2.9.0' : '9.1.17.0'
 
 jruby_plugin! :gem do
-  # when installing dependent gems we want to use the built in openssl
-  # not the one from this lib directory
-  # we compile against jruby-core-1.7.17 and want to keep this out of
-  # the plugin execution here
+  # when installing dependent gems we want to use the built in openssl not the one from this lib directory
+  # we compile against jruby-core-1.7.20 and want to keep this out of the plugin execution here
   execute_goal :id => 'default-initialize', :addProjectClasspath => false, :libDirectory => 'something-which-does-not-exists'
   execute_goals :id => 'default-push', :skip => true
 end
 
-# we want to have the snapshots on oss.sonatype.org and the released gems
-# on maven central
+# we want to have the snapshots on oss.sonatype.org and the released gems on maven central
 plugin :deploy, '2.8.1' do
   execute_goals( :deploy, :skip => false )
 end
 
-supported_bc_versions = %w{ 1.51 1.52 1.53 1.54 } # due EC support dropped <= 1.50
+supported_bc_versions = %w{ 1.58 1.59 1.60 1.61 1.62 1.63 1.64 1.65 }
 
-default_bc_version = File.expand_path('lib/jopenssl/version.rb', File.dirname(__FILE__))
+default_bc_version = File.read File.expand_path('lib/jopenssl/version.rb', File.dirname(__FILE__))
 default_bc_version = default_bc_version[/BOUNCY_CASTLE_VERSION\s?=\s?'(.*?)'/, 1]
 
-properties( 'jruby.plugins.version' => '1.0.10',
-            'jruby.versions' => '1.7.18',
+properties( 'jruby.plugins.version' => '1.1.8',
+            'jruby.switches' => '-W0', # https://github.com/torquebox/jruby-maven-plugins/issues/94
             'bc.versions' => default_bc_version,
             'invoker.test' => '${bc.versions}',
             # allow to skip all tests with -Dmaven.test.skip
             'invoker.skip' => '${maven.test.skip}',
             'runit.dir' => 'src/test/ruby/**/test_*.rb',
-            # use this version of jruby for ALL the jruby-maven-plugins
-            'jruby.version' => '1.7.18',
-            # dump pom.xml as readonly when running 'rmvn'
-            'polyglot.dump.pom' => 'pom.xml',
-            'polyglot.dump.readonly' => true,
-            'tesla.dump.pom' => 'pom.xml',
-            'tesla.dump.readonly' => true )
+            'mavengem.wagon.version' => '1.0.3', # for jruby plugin
+            'mavengem-wagon.version' => '1.0.3', # for polyglot-ruby
+            # use this version of jruby for the jruby-maven-plugins
+            'jruby.versions' => MVN_JRUBY_VERSION, 'jruby.version' => MVN_JRUBY_VERSION,
+            # dump pom.xml when running 'rmvn'
+            'polyglot.dump.pom' => 'pom.xml', 'polyglot.dump.readonly' => false )
 
 # make sure we have the embedded jars in place before we run runit plugin
 plugin! :dependency do
-  execute_goal 'copy-dependencies', :phase => 'generate-test-resources', :outputDirectory => '${basedir}/lib', :useRepositoryLayout => true, :includeGroupIds => 'org.bouncycastle'
+  execute_goal 'copy-dependencies',
+               :phase => 'generate-test-resources',
+               :outputDirectory => '${basedir}/lib',
+               :useRepositoryLayout => true,
+               :includeGroupIds => 'org.bouncycastle'
 end
 
 jruby_plugin(:runit) { execute_goal( :test, :runitDirectory => '${runit.dir}' ) }
@@ -141,54 +151,24 @@ invoker_run_options = {
       'runit.dir' => '${runit.dir}' }
 }
 
-profile :id => 'test-1.6.8' do
-  plugin :invoker, '1.8' do
-    execute_goals( :install, :run, invoker_run_options )
-  end
-  properties 'jruby.versions' => '1.6.8', 'jruby.modes' => '1.8,1.9',
-             'bc.versions' => supported_bc_versions.join(',')
-end
-
-profile :id => 'test-1.7.4' do
-  plugin :invoker, '1.8' do
-    execute_goals( :install, :run, invoker_run_options )
-  end
-  properties 'jruby.versions' => '1.7.4', 'jruby.modes' => '1.8,1.9',
-             'bc.versions' => supported_bc_versions.join(',')
-end
-
-jruby_1_7_versions = %w{ 1.7.13 1.7.15 1.7.16 1.7.18 1.7.20 1.7.22 1.7.23 }
-jruby_1_7_versions += %w{ 1.7.24 1.7.25 1.7.26 }
-
-jruby_1_7_versions.each { |version|
-
-profile :id => "test-#{version}" do
-  plugin :invoker, '1.8' do
-    execute_goals( :install, :run, invoker_run_options )
-  end
-  properties 'jruby.versions' => version, 'jruby.modes' => '1.8,1.9,2.0',
-             'bc.versions' => supported_bc_versions.join(',')
-end
-
-}
-
-jruby_9_K_versions = %w{ 9.0.1.0 9.0.5.0 9.1.0.0 9.1.1.0 9.1.2.0 9.1.5.0 }
+jruby_9_K_versions  = %w{ 9.0.5.0 9.1.2.0 9.1.8.0 9.1.12.0 9.1.16.0 9.1.17.0 }
+jruby_9_K_versions += %w{ 9.2.0.0 9.2.5.0 9.2.6.0 9.2.7.0 9.2.8.0 9.2.9.0 }
 
 jruby_9_K_versions.each { |version|
 profile :id => "test-#{version}" do
   plugin :invoker, '1.8' do
     execute_goals( :install, :run, invoker_run_options )
   end
-  # NOTE: we're work-around 9K maven-runit version bug (due minitest changes) !
-  # ... still can not build with 9K : https://github.com/jruby/jruby/issues/3184
-  properties 'jruby.version' => version, 'jruby.versions' => version,
+  properties 'jruby.version' => version,
+             'jruby.versions' => version,
              'bc.versions' => supported_bc_versions.join(',')
 end
 }
 
 profile :id => 'release' do
-  plugin :gpg, '1.5' do
+  plugin :gpg, '1.6' do
     execute_goal :sign, :phase => :verify
   end
 end
+
 # vim: syntax=Ruby

data/README.md

@@ -16,12 +16,14 @@ the JRuby [mailing list][1] or the [bug tracker][2].
 
 | JRuby-OpenSSL | JRuby compat  | JVM compat | supported BC |
 | ------------- |:-------------:| ----------:| ------------:|
-|         0.9.6 |   1.6.8-9.0.2 |   Java 6-8 |    1.47-1.50 |
-|        0.9.12 |   1.6.8-9.0.5 |   Java 6-8 |    1.47-1.52 |
-|        0.9.13 |   1.6.8-9.1.2 |   Java 6-8 |    1.49-1.52 |
-|        0.9.14 |   1.6.8-9.1.5 |   Java 6-8 |    1.49-1.54 |
-|        0.9.17 |   1.6.8-9.1.5 |   Java 6-8 |    1.50-1.54 |
-|        0.9.18 |   1.6.8-9.1.7 |   Java 6-8 |    1.50-1.55 |
+|         0.9.6 |   1.6.8-9.0.2 |  Java 6-8  |    1.47-1.50 |
+|        0.9.12 |   1.6.8-9.0.5 |  Java 6-8  |    1.47-1.52 |
+|        0.9.13 |   1.6.8-9.1.2 |  Java 6-8  |    1.49-1.52 |
+|        0.9.14 |   1.6.8-9.1.5 |  Java 6-8  |    1.49-1.54 |
+|        0.9.17 |   1.6.8-9.1.5 |  Java 6-8  |    1.50-1.54 |
+|      ~>0.9.18 |   1.6.8-9.1.x |  Java 6-8  |    1.50-1.55 |
+|        0.10.0 |  1.7.20-9.2.x |  Java 7-10 |    1.55-1.59 |
+|        0.10.3 |  1.7.20-9.2.x |  Java 7-11 |    1.56-1.62 |
 
 NOTE: backwards JRuby compatibility was not handled for versions <= **0.9.6** 
 
@@ -41,30 +43,26 @@ any of OpenSSL's C code, only Ruby parts (*.rb) are the same as in MRI's OpenSSL
     mvn test
 
 will run (junit as well as ruby) tests and a some ruby tests against the default
-jruby version. to pick a different version and/or modes (1.8, 1.9, 2.0, 2.1) run
+jruby version. to pick a different JRuby version run
 
-    mvn test -Djruby.versions=1.7.12 -Djruby.modes=1.8
+    mvn test -Djruby.versions=9.2.8.0
 
 for running integration-tests the gem will be first installed and then the same
 tests run for each possible bouncy-castle version (see [listing][3]), run with
 
-    mvn verify -P test-9.0.4.0,test-1.7.22
+    mvn verify -P test-9.2.9.0,test-9.1.17.0
 
 or pick a bouncy-castle version
 
-    mvn verify -P test-1.6.8 -Dbc.versions=1.50
-
-or simply be more picky
-
-    mvn verify -P test-1.7.4 -Dbc.versions=1.49 -Djruby.modes=1.9
+    mvn verify -P test-9.2.9.0 -Dbc.versions=1.60
 
 NOTE: you can pick any jruby version which is on [central][4] or on [ci.jruby][5]
 
 ## License
 
-(c) 2009-2017 JRuby distributed under EPL 1.0/GPL 2.0/LGPL 2.1
+(c) 2009-2020 JRuby distributed under EPL 1.0/GPL 2.0/LGPL 2.1
 
-[0]: https://secure.travis-ci.org/jruby/jruby-openssl.png
+[0]: https://secure.travis-ci.org/jruby/jruby-openssl.svg
 [1]: http://xircles.codehaus.org/projects/jruby/lists
 [2]: https://github.com/jruby/jruby/issues
 [3]: https://github.com/jruby/jruby-openssl/tree/master/integration

data/Rakefile

@@ -27,6 +27,10 @@ else
       RubyMaven.exec( 'package -Dmaven.test.skip=true' )
     end
   end
+  task :test_prepare do
+    RubyMaven.exec( 'prepare-package -Dmaven.test.skip=true' )
+    RubyMaven.exec( 'test-compile' ) # separate step due -Dmaven.test.skip=true
+  end
 end
 
 task :build do

data/lib/jopenssl/_compat23.rb

@@ -0,0 +1,71 @@
+# frozen_string_literal: false
+
+module OpenSSL
+
+  module PKey
+
+    class DH
+
+      def set_key(pub_key, priv_key)
+        self.pub_key = pub_key
+        self.priv_key = priv_key
+        self
+      end
+
+      def set_pqg(p, q, g)
+        self.p = p
+        if respond_to?(:q)
+          self.q = q
+        else # TODO self.q = q
+          OpenSSL.warn "JRuby-OpenSSL does not support setting q param on #{inspect}" if q
+        end
+        self.g = g
+        self
+      end
+
+    end
+
+    class DSA
+
+      def set_key(pub_key, priv_key)
+        self.pub_key = pub_key
+        self.priv_key = priv_key
+        self
+      end
+
+      def set_pqg(p, q, g)
+        self.p = p
+        self.q = q
+        self.g = g
+        self
+      end
+
+    end
+
+    class RSA
+
+      def set_key(n, e, d)
+        self.n = n
+        self.e = e
+        self.d = d
+        self
+      end
+
+      def set_factors(p, q)
+        self.p = p
+        self.q = q
+        self
+      end
+
+      def set_crt_params(dmp1, dmq1, iqmp)
+        self.dmp1 = dmp1
+        self.dmq1 = dmq1
+        self.iqmp = iqmp
+        self
+      end
+
+    end
+
+  end
+
+end

data/lib/jopenssl/load.rb

@@ -1,41 +1,50 @@
-warn 'Loading jruby-openssl in a non-JRuby interpreter' unless defined? JRUBY_VERSION
+warn 'Loading jruby-openssl gem in a non-JRuby interpreter' unless defined? JRUBY_VERSION
 
-require 'java'
 require 'jopenssl/version'
 
+warn "JRuby #{JRUBY_VERSION} is not supported by jruby-openssl #{JOpenSSL::VERSION}" if JRUBY_VERSION < '1.7.20'
+
 # NOTE: assuming user does pull in BC .jars from somewhere else on the CP
 unless ENV_JAVA['jruby.openssl.load.jars'].eql?('false')
-  version = Jopenssl::Version::BOUNCY_CASTLE_VERSION
+  version = JOpenSSL::BOUNCY_CASTLE_VERSION
   bc_jars = nil
   begin
     require 'jar-dependencies'
     # if we have jar-dependencies we let it track the jars
-    require_jar( 'org.bouncycastle', 'bcpkix-jdk15on', version )
     require_jar( 'org.bouncycastle', 'bcprov-jdk15on', version )
+    require_jar( 'org.bouncycastle', 'bcpkix-jdk15on', version )
+    require_jar( 'org.bouncycastle', 'bctls-jdk15on',  version )
     bc_jars = true
   rescue LoadError
+    bc_jars = false
   end
   unless bc_jars
-    load "org/bouncycastle/bcpkix-jdk15on/#{version}/bcpkix-jdk15on-#{version}.jar"
     load "org/bouncycastle/bcprov-jdk15on/#{version}/bcprov-jdk15on-#{version}.jar"
+    load "org/bouncycastle/bcpkix-jdk15on/#{version}/bcpkix-jdk15on-#{version}.jar"
+    load "org/bouncycastle/bctls-jdk15on/#{version}/bctls-jdk15on-#{version}.jar"
   end
 end
 
-require 'jruby'
 require 'jopenssl.jar'
-org.jruby.ext.openssl.OpenSSL.load(JRuby.runtime)
+
+if JRuby::Util.respond_to?(:load_ext) # JRuby 9.2
+  JRuby::Util.load_ext('org.jruby.ext.openssl.OpenSSL')
+else; require 'jruby'
+  org.jruby.ext.openssl.OpenSSL.load(JRuby.runtime)
+end
 
 if RUBY_VERSION > '2.3'
   load 'jopenssl23/openssl.rb'
-  load 'jopenssl24.rb' if RUBY_VERSION >= '2.4'
+  load 'jopenssl/_compat23.rb'
 elsif RUBY_VERSION > '2.2'
   load 'jopenssl22/openssl.rb'
 elsif RUBY_VERSION > '2.1'
   load 'jopenssl21/openssl.rb'
-elsif RUBY_VERSION > '1.9'
-  load 'jopenssl19/openssl.rb'
 else
-  load 'jopenssl18/openssl.rb'
+  load 'jopenssl19/openssl.rb'
 end
 
-require 'openssl/pkcs12'
+module OpenSSL
+  autoload :Config, 'openssl/config' unless const_defined?(:Config, false)
+  autoload :PKCS12, 'openssl/pkcs12'
+end

data/lib/jopenssl/version.rb

@@ -1,11 +1,9 @@
-module Jopenssl
-  VERSION = '0.9.20'
-  BOUNCY_CASTLE_VERSION = '1.56'
-  # @deprecated
-  module Version
-    # @private
-    VERSION = Jopenssl::VERSION
-    # @private
-    BOUNCY_CASTLE_VERSION = Jopenssl::BOUNCY_CASTLE_VERSION
-  end
+module JOpenSSL
+  VERSION = '0.10.7'
+  BOUNCY_CASTLE_VERSION = '1.68'
+end
+
+Object.class_eval do
+  Jopenssl = JOpenSSL
+  private_constant :Jopenssl if respond_to?(:private_constant)
 end