jruby-openssl 0.9.20-java → 0.10.7-java

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (57) hide show
  1. checksums.yaml +4 -4
  2. data/History.md +132 -1
  3. data/LICENSE.txt +1 -1
  4. data/Mavenfile +49 -69
  5. data/README.md +14 -16
  6. data/Rakefile +4 -0
  7. data/lib/jopenssl/_compat23.rb +71 -0
  8. data/lib/jopenssl/load.rb +21 -12
  9. data/lib/jopenssl/version.rb +8 -10
  10. data/lib/jopenssl.jar +0 -0
  11. data/lib/jopenssl19/openssl/ssl-internal.rb +104 -0
  12. data/lib/jopenssl22/openssl/ssl.rb +16 -16
  13. data/lib/jopenssl23/openssl/bn.rb +2 -1
  14. data/lib/jopenssl23/openssl/buffering.rb +39 -35
  15. data/lib/jopenssl23/openssl/config.rb +12 -11
  16. data/lib/jopenssl23/openssl/digest.rb +1 -1
  17. data/lib/jopenssl23/openssl/pkey.rb +22 -34
  18. data/lib/jopenssl23/openssl/ssl.rb +210 -125
  19. data/lib/jopenssl23/openssl/x509.rb +76 -1
  20. data/lib/jopenssl23/openssl.rb +1 -1
  21. data/lib/openssl/bn.rb +1 -3
  22. data/lib/openssl/buffering.rb +1 -3
  23. data/lib/openssl/cipher.rb +1 -3
  24. data/lib/openssl/config.rb +10 -4
  25. data/lib/openssl/digest.rb +1 -3
  26. data/lib/openssl/pkcs12.rb +1 -3
  27. data/lib/openssl/pkcs5.rb +22 -0
  28. data/lib/openssl/ssl-internal.rb +1 -3
  29. data/lib/openssl/ssl.rb +1 -3
  30. data/lib/openssl/x509-internal.rb +1 -3
  31. data/lib/openssl/x509.rb +1 -3
  32. data/lib/org/bouncycastle/bcpkix-jdk15on/1.68/bcpkix-jdk15on-1.68.jar +0 -0
  33. data/lib/org/bouncycastle/bcprov-jdk15on/1.68/bcprov-jdk15on-1.68.jar +0 -0
  34. data/lib/org/bouncycastle/bctls-jdk15on/1.68/bctls-jdk15on-1.68.jar +0 -0
  35. data/pom.xml +100 -322
  36. metadata +19 -75
  37. data/integration/1.47/pom.xml +0 -15
  38. data/integration/1.48/pom.xml +0 -15
  39. data/integration/1.49/pom.xml +0 -15
  40. data/integration/1.50/pom.xml +0 -15
  41. data/integration/Mavenfile +0 -57
  42. data/integration/pom.xml +0 -122
  43. data/lib/jopenssl18/openssl/bn.rb +0 -25
  44. data/lib/jopenssl18/openssl/buffering.rb +0 -241
  45. data/lib/jopenssl18/openssl/cipher.rb +0 -28
  46. data/lib/jopenssl18/openssl/config.rb +0 -316
  47. data/lib/jopenssl18/openssl/digest.rb +0 -32
  48. data/lib/jopenssl18/openssl/pkcs7.rb +0 -25
  49. data/lib/jopenssl18/openssl/ssl-internal.rb +0 -112
  50. data/lib/jopenssl18/openssl/ssl.rb +0 -1
  51. data/lib/jopenssl18/openssl/x509-internal.rb +0 -110
  52. data/lib/jopenssl18/openssl/x509.rb +0 -1
  53. data/lib/jopenssl18/openssl.rb +0 -23
  54. data/lib/jopenssl24.rb +0 -112
  55. data/lib/openssl/pkcs7.rb +0 -5
  56. data/lib/org/bouncycastle/bcpkix-jdk15on/1.56/bcpkix-jdk15on-1.56.jar +0 -0
  57. data/lib/org/bouncycastle/bcprov-jdk15on/1.56/bcprov-jdk15on-1.56.jar +0 -0
@@ -19,6 +19,104 @@ require 'fcntl' # used by OpenSSL::SSL::Nonblock (if loaded)
19
19
 
20
20
  module OpenSSL
21
21
  module SSL
22
+ class SSLContext
23
+ DEFAULT_PARAMS = {
24
+ :ssl_version => "SSLv23",
25
+ :verify_mode => OpenSSL::SSL::VERIFY_PEER,
26
+ :ciphers => %w{
27
+ ECDHE-ECDSA-AES128-GCM-SHA256
28
+ ECDHE-RSA-AES128-GCM-SHA256
29
+ ECDHE-ECDSA-AES256-GCM-SHA384
30
+ ECDHE-RSA-AES256-GCM-SHA384
31
+ DHE-RSA-AES128-GCM-SHA256
32
+ DHE-DSS-AES128-GCM-SHA256
33
+ DHE-RSA-AES256-GCM-SHA384
34
+ DHE-DSS-AES256-GCM-SHA384
35
+ ECDHE-ECDSA-AES128-SHA256
36
+ ECDHE-RSA-AES128-SHA256
37
+ ECDHE-ECDSA-AES128-SHA
38
+ ECDHE-RSA-AES128-SHA
39
+ ECDHE-ECDSA-AES256-SHA384
40
+ ECDHE-RSA-AES256-SHA384
41
+ ECDHE-ECDSA-AES256-SHA
42
+ ECDHE-RSA-AES256-SHA
43
+ DHE-RSA-AES128-SHA256
44
+ DHE-RSA-AES256-SHA256
45
+ DHE-RSA-AES128-SHA
46
+ DHE-RSA-AES256-SHA
47
+ DHE-DSS-AES128-SHA256
48
+ DHE-DSS-AES256-SHA256
49
+ DHE-DSS-AES128-SHA
50
+ DHE-DSS-AES256-SHA
51
+ AES128-GCM-SHA256
52
+ AES256-GCM-SHA384
53
+ AES128-SHA256
54
+ AES256-SHA256
55
+ AES128-SHA
56
+ AES256-SHA
57
+ ECDHE-ECDSA-RC4-SHA
58
+ ECDHE-RSA-RC4-SHA
59
+ RC4-SHA
60
+ }.join(":"),
61
+ :options => -> {
62
+ opts = OpenSSL::SSL::OP_ALL
63
+ opts &= ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS if defined?(OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS)
64
+ opts |= OpenSSL::SSL::OP_NO_COMPRESSION if defined?(OpenSSL::SSL::OP_NO_COMPRESSION)
65
+ opts |= OpenSSL::SSL::OP_NO_SSLv2 if defined?(OpenSSL::SSL::OP_NO_SSLv2)
66
+ opts |= OpenSSL::SSL::OP_NO_SSLv3 if defined?(OpenSSL::SSL::OP_NO_SSLv3)
67
+ opts
68
+ }.call
69
+ } unless const_defined? :DEFAULT_PARAMS # JRuby does it in Java
70
+
71
+ begin
72
+ DEFAULT_CERT_STORE = OpenSSL::X509::Store.new
73
+ DEFAULT_CERT_STORE.set_default_paths
74
+ if defined?(OpenSSL::X509::V_FLAG_CRL_CHECK_ALL)
75
+ DEFAULT_CERT_STORE.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
76
+ end
77
+ end unless const_defined? :DEFAULT_CERT_STORE
78
+
79
+ def set_params(params={})
80
+ params = DEFAULT_PARAMS.merge(params)
81
+ params.each{|name, value| self.__send__("#{name}=", value) }
82
+ if self.verify_mode != OpenSSL::SSL::VERIFY_NONE
83
+ unless self.ca_file or self.ca_path or self.cert_store
84
+ self.cert_store = DEFAULT_CERT_STORE
85
+ end
86
+ end
87
+ return params
88
+ end unless method_defined? :set_params
89
+ end
90
+
91
+ module SocketForwarder
92
+ def addr
93
+ to_io.addr
94
+ end
95
+
96
+ def peeraddr
97
+ to_io.peeraddr
98
+ end
99
+
100
+ def setsockopt(level, optname, optval)
101
+ to_io.setsockopt(level, optname, optval)
102
+ end
103
+
104
+ def getsockopt(level, optname)
105
+ to_io.getsockopt(level, optname)
106
+ end
107
+
108
+ def fcntl(*args)
109
+ to_io.fcntl(*args)
110
+ end
111
+
112
+ def closed?
113
+ to_io.closed?
114
+ end
115
+
116
+ def do_not_reverse_lookup=(flag)
117
+ to_io.do_not_reverse_lookup = flag
118
+ end
119
+ end
22
120
 
23
121
  def verify_certificate_identity(cert, hostname)
24
122
  should_verify_common_name = true
@@ -63,6 +161,12 @@ module OpenSSL
63
161
  include SocketForwarder
64
162
  include Nonblock
65
163
 
164
+ def sysclose
165
+ return if closed?
166
+ stop
167
+ io.close if sync_close
168
+ end unless method_defined? :sysclose
169
+
66
170
  def post_connection_check(hostname)
67
171
  unless OpenSSL::SSL.verify_certificate_identity(peer_cert, hostname)
68
172
  raise SSLError, "hostname does not match the server certificate"
@@ -68,13 +68,13 @@ module OpenSSL
68
68
  }.call
69
69
  } unless const_defined? :DEFAULT_PARAMS # JRuby does it in Java
70
70
 
71
- unless const_defined? :DEFAULT_CERT_STORE # JRuby specific
72
- DEFAULT_CERT_STORE = OpenSSL::X509::Store.new
73
- DEFAULT_CERT_STORE.set_default_paths
74
- if defined?(OpenSSL::X509::V_FLAG_CRL_CHECK_ALL)
75
- DEFAULT_CERT_STORE.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
76
- end
77
- end
71
+ begin
72
+ DEFAULT_CERT_STORE = OpenSSL::X509::Store.new
73
+ DEFAULT_CERT_STORE.set_default_paths
74
+ if defined?(OpenSSL::X509::V_FLAG_CRL_CHECK_ALL)
75
+ DEFAULT_CERT_STORE.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
76
+ end
77
+ end unless const_defined? :DEFAULT_CERT_STORE
78
78
 
79
79
  ##
80
80
  # Sets the parameters for this SSL context to the values in +params+.
@@ -86,14 +86,14 @@ module OpenSSL
86
86
 
87
87
  def set_params(params={})
88
88
  params = DEFAULT_PARAMS.merge(params)
89
- params.each{|name, value| self.__send__("#{name}=", value) }
89
+ params.each { |name, value| self.__send__("#{name}=", value) }
90
90
  if self.verify_mode != OpenSSL::SSL::VERIFY_NONE
91
91
  unless self.ca_file or self.ca_path or self.cert_store
92
92
  self.cert_store = DEFAULT_CERT_STORE
93
93
  end
94
94
  end
95
95
  return params
96
- end unless method_defined? :set_params # JRuby: hooked up in "native" Java
96
+ end unless method_defined? :set_params
97
97
  end
98
98
 
99
99
  module SocketForwarder
@@ -124,7 +124,7 @@ module OpenSSL
124
124
  def do_not_reverse_lookup=(flag)
125
125
  to_io.do_not_reverse_lookup = flag
126
126
  end
127
- end unless const_defined? :SocketForwarder # JRuby: hooked up in "native" Java
127
+ end
128
128
 
129
129
  module Nonblock
130
130
  def initialize(*args)
@@ -228,6 +228,12 @@ module OpenSSL
228
228
  include SocketForwarder
229
229
  include Nonblock
230
230
 
231
+ def sysclose
232
+ return if closed?
233
+ stop
234
+ io.close if sync_close
235
+ end unless method_defined? :sysclose
236
+
231
237
  ##
232
238
  # Perform hostname verification after an SSL connection is established
233
239
  #
@@ -248,12 +254,6 @@ module OpenSSL
248
254
  return true
249
255
  end
250
256
 
251
- #def session
252
- # SSL::Session.new(self)
253
- #rescue SSL::Session::SessionError
254
- # nil
255
- #end
256
-
257
257
  private
258
258
 
259
259
  def using_anon_cipher?
@@ -25,8 +25,9 @@ module OpenSSL
25
25
  end # OpenSSL
26
26
 
27
27
  ##
28
+ #--
28
29
  # Add double dispatch to Integer
29
- #
30
+ #++
30
31
  class Integer
31
32
  # Casts an Integer as an OpenSSL::BN
32
33
  #
@@ -63,7 +63,7 @@ module OpenSSL::Buffering
63
63
  end
64
64
 
65
65
  ##
66
- # Consumes +size+ bytes from the buffer
66
+ # Consumes _size_ bytes from the buffer
67
67
 
68
68
  def consume_rbuff(size=nil)
69
69
  if @rbuffer.empty?
@@ -79,7 +79,7 @@ module OpenSSL::Buffering
79
79
  public
80
80
 
81
81
  ##
82
- # Reads +size+ bytes from the stream. If +buf+ is provided it must
82
+ # Reads _size_ bytes from the stream. If _buf_ is provided it must
83
83
  # reference a string which will receive the data.
84
84
  #
85
85
  # See IO#read for full details.
@@ -106,7 +106,7 @@ module OpenSSL::Buffering
106
106
  end
107
107
 
108
108
  ##
109
- # Reads at most +maxlen+ bytes from the stream. If +buf+ is provided it
109
+ # Reads at most _maxlen_ bytes from the stream. If _buf_ is provided it
110
110
  # must reference a string which will receive the data.
111
111
  #
112
112
  # See IO#readpartial for full details.
@@ -136,7 +136,7 @@ module OpenSSL::Buffering
136
136
  end
137
137
 
138
138
  ##
139
- # Reads at most +maxlen+ bytes in the non-blocking manner.
139
+ # Reads at most _maxlen_ bytes in the non-blocking manner.
140
140
  #
141
141
  # When no data can be read without blocking it raises
142
142
  # OpenSSL::SSL::SSLError extended by IO::WaitReadable or IO::WaitWritable.
@@ -163,6 +163,11 @@ module OpenSSL::Buffering
163
163
  # Note that one reason that read_nonblock writes to the underlying IO is
164
164
  # when the peer requests a new TLS/SSL handshake. See openssl the FAQ for
165
165
  # more details. http://www.openssl.org/support/faq.html
166
+ #
167
+ # By specifying a keyword argument _exception_ to +false+, you can indicate
168
+ # that read_nonblock should not raise an IO::Wait*able exception, but
169
+ # return the symbol +:wait_writable+ or +:wait_readable+ instead. At EOF,
170
+ # it will return +nil+ instead of raising EOFError.
166
171
 
167
172
  def read_nonblock(maxlen, buf=nil, exception: true)
168
173
  if maxlen == 0
@@ -185,11 +190,11 @@ module OpenSSL::Buffering
185
190
  end
186
191
 
187
192
  ##
188
- # Reads the next "line+ from the stream. Lines are separated by +eol+. If
189
- # +limit+ is provided the result will not be longer than the given number of
193
+ # Reads the next "line" from the stream. Lines are separated by _eol_. If
194
+ # _limit_ is provided the result will not be longer than the given number of
190
195
  # bytes.
191
196
  #
192
- # +eol+ may be a String or Regexp.
197
+ # _eol_ may be a String or Regexp.
193
198
  #
194
199
  # Unlike IO#gets the line read will not be assigned to +$_+.
195
200
  #
@@ -215,7 +220,7 @@ module OpenSSL::Buffering
215
220
 
216
221
  ##
217
222
  # Executes the block for every line in the stream where lines are separated
218
- # by +eol+.
223
+ # by _eol_.
219
224
  #
220
225
  # See also #gets
221
226
 
@@ -227,7 +232,7 @@ module OpenSSL::Buffering
227
232
  alias each_line each
228
233
 
229
234
  ##
230
- # Reads lines from the stream which are separated by +eol+.
235
+ # Reads lines from the stream which are separated by _eol_.
231
236
  #
232
237
  # See also #gets
233
238
 
@@ -240,7 +245,7 @@ module OpenSSL::Buffering
240
245
  end
241
246
 
242
247
  ##
243
- # Reads a line from the stream which is separated by +eol+.
248
+ # Reads a line from the stream which is separated by _eol_.
244
249
  #
245
250
  # Raises EOFError if at end of file.
246
251
 
@@ -276,7 +281,7 @@ module OpenSSL::Buffering
276
281
  end
277
282
 
278
283
  ##
279
- # Pushes character +c+ back onto the stream such that a subsequent buffered
284
+ # Pushes character _c_ back onto the stream such that a subsequent buffered
280
285
  # character read will return it.
281
286
  #
282
287
  # Unlike IO#getc multiple bytes may be pushed back onto the stream.
@@ -303,7 +308,7 @@ module OpenSSL::Buffering
303
308
  private
304
309
 
305
310
  ##
306
- # Writes +s+ to the buffer. When the buffer is full or #sync is true the
311
+ # Writes _s_ to the buffer. When the buffer is full or #sync is true the
307
312
  # buffer is flushed to the underlying socket.
308
313
 
309
314
  def do_write(s)
@@ -311,36 +316,33 @@ module OpenSSL::Buffering
311
316
  @wbuffer << s
312
317
  @wbuffer.force_encoding(Encoding::BINARY)
313
318
  @sync ||= false
314
- if @sync or @wbuffer.size > BLOCK_SIZE or idx = @wbuffer.rindex($/)
315
- remain = idx ? idx + $/.size : @wbuffer.length
316
- nwritten = 0
317
- while remain > 0
318
- str = @wbuffer[nwritten,remain]
319
+ if @sync or @wbuffer.size > BLOCK_SIZE
320
+ until @wbuffer.empty?
319
321
  begin
320
- nwrote = syswrite(str)
322
+ nwrote = syswrite(@wbuffer)
321
323
  rescue Errno::EAGAIN
322
324
  retry
323
325
  end
324
- remain -= nwrote
325
- nwritten += nwrote
326
+ @wbuffer[0, nwrote] = ""
326
327
  end
327
- @wbuffer[0,nwritten] = ""
328
328
  end
329
329
  end
330
330
 
331
331
  public
332
332
 
333
333
  ##
334
- # Writes +s+ to the stream. If the argument is not a string it will be
335
- # converted using String#to_s. Returns the number of bytes written.
334
+ # Writes _s_ to the stream. If the argument is not a String it will be
335
+ # converted using +.to_s+ method. Returns the number of bytes written.
336
336
 
337
- def write(s)
338
- do_write(s)
339
- s.bytesize
337
+ def write(*s)
338
+ s.inject(0) do |written, str|
339
+ do_write(str)
340
+ written + str.bytesize
341
+ end
340
342
  end
341
343
 
342
344
  ##
343
- # Writes +str+ in the non-blocking manner.
345
+ # Writes _s_ in the non-blocking manner.
344
346
  #
345
347
  # If there is buffered data, it is flushed first. This may block.
346
348
  #
@@ -371,6 +373,10 @@ module OpenSSL::Buffering
371
373
  # Note that one reason that write_nonblock reads from the underlying IO
372
374
  # is when the peer requests a new TLS/SSL handshake. See the openssl FAQ
373
375
  # for more details. http://www.openssl.org/support/faq.html
376
+ #
377
+ # By specifying a keyword argument _exception_ to +false+, you can indicate
378
+ # that write_nonblock should not raise an IO::Wait*able exception, but
379
+ # return the symbol +:wait_writable+ or +:wait_readable+ instead.
374
380
 
375
381
  def write_nonblock(s, exception: true)
376
382
  flush
@@ -378,16 +384,16 @@ module OpenSSL::Buffering
378
384
  end
379
385
 
380
386
  ##
381
- # Writes +s+ to the stream. +s+ will be converted to a String using
382
- # String#to_s.
387
+ # Writes _s_ to the stream. _s_ will be converted to a String using
388
+ # +.to_s+ method.
383
389
 
384
- def << (s)
390
+ def <<(s)
385
391
  do_write(s)
386
392
  self
387
393
  end
388
394
 
389
395
  ##
390
- # Writes +args+ to the stream along with a record separator.
396
+ # Writes _args_ to the stream along with a record separator.
391
397
  #
392
398
  # See IO#puts for full details.
393
399
 
@@ -398,16 +404,14 @@ module OpenSSL::Buffering
398
404
  end
399
405
  args.each{|arg|
400
406
  s << arg.to_s
401
- if $/ && /\n\z/ !~ s
402
- s << "\n"
403
- end
407
+ s.sub!(/(?<!\n)\z/, "\n")
404
408
  }
405
409
  do_write(s)
406
410
  nil
407
411
  end
408
412
 
409
413
  ##
410
- # Writes +args+ to the stream.
414
+ # Writes _args_ to the stream.
411
415
  #
412
416
  # See IO#print for full details.
413
417
 
@@ -30,7 +30,8 @@ module OpenSSL
30
30
  class << self
31
31
 
32
32
  ##
33
- # Parses a given +string+ as a blob that contains configuration for openssl.
33
+ # Parses a given _string_ as a blob that contains configuration for
34
+ # OpenSSL.
34
35
  #
35
36
  # If the source of the IO is a file, then consider using #parse_config.
36
37
  def parse(string)
@@ -46,7 +47,7 @@ module OpenSSL
46
47
  alias load new
47
48
 
48
49
  ##
49
- # Parses the configuration data read from +io+, see also #parse.
50
+ # Parses the configuration data read from _io_, see also #parse.
50
51
  #
51
52
  # Raises a ConfigError on invalid configuration data.
52
53
  def parse_config(io)
@@ -236,7 +237,7 @@ module OpenSSL
236
237
  #
237
238
  # This can be used in contexts like OpenSSL::X509::ExtensionFactory.config=
238
239
  #
239
- # If the optional +filename+ parameter is provided, then it is read in and
240
+ # If the optional _filename_ parameter is provided, then it is read in and
240
241
  # parsed via #parse_config.
241
242
  #
242
243
  # This can raise IO exceptions based on the access, or availability of the
@@ -255,7 +256,7 @@ module OpenSSL
255
256
  end
256
257
 
257
258
  ##
258
- # Gets the value of +key+ from the given +section+
259
+ # Gets the value of _key_ from the given _section_
259
260
  #
260
261
  # Given the following configurating file being loaded:
261
262
  #
@@ -265,8 +266,8 @@ module OpenSSL
265
266
  # #=> [ default ]
266
267
  # # foo=bar
267
268
  #
268
- # You can get a specific value from the config if you know the +section+
269
- # and +key+ like so:
269
+ # You can get a specific value from the config if you know the _section_
270
+ # and _key_ like so:
270
271
  #
271
272
  # config.get_value('default','foo')
272
273
  # #=> "bar"
@@ -297,7 +298,7 @@ module OpenSSL
297
298
  end
298
299
 
299
300
  ##
300
- # Set the target +key+ with a given +value+ under a specific +section+.
301
+ # Set the target _key_ with a given _value_ under a specific _section_.
301
302
  #
302
303
  # Given the following configurating file being loaded:
303
304
  #
@@ -307,7 +308,7 @@ module OpenSSL
307
308
  # #=> [ default ]
308
309
  # # foo=bar
309
310
  #
310
- # You can set the value of +foo+ under the +default+ section to a new
311
+ # You can set the value of _foo_ under the _default_ section to a new
311
312
  # value:
312
313
  #
313
314
  # config.add_value('default', 'foo', 'buzz')
@@ -322,7 +323,7 @@ module OpenSSL
322
323
  end
323
324
 
324
325
  ##
325
- # Get a specific +section+ from the current configuration
326
+ # Get a specific _section_ from the current configuration
326
327
  #
327
328
  # Given the following configurating file being loaded:
328
329
  #
@@ -351,7 +352,7 @@ module OpenSSL
351
352
  end
352
353
 
353
354
  ##
354
- # Sets a specific +section+ name with a Hash +pairs+
355
+ # Sets a specific _section_ name with a Hash _pairs_.
355
356
  #
356
357
  # Given the following configuration being created:
357
358
  #
@@ -365,7 +366,7 @@ module OpenSSL
365
366
  # # baz=buz
366
367
  #
367
368
  # It's important to note that this will essentially merge any of the keys
368
- # in +pairs+ with the existing +section+. For example:
369
+ # in _pairs_ with the existing _section_. For example:
369
370
  #
370
371
  # config['default']
371
372
  # #=> {"foo"=>"bar", "baz"=>"buz"}
@@ -24,7 +24,7 @@ module OpenSSL
24
24
 
25
25
  end # Digest
26
26
 
27
- # Returns a Digest subclass by +name+.
27
+ # Returns a Digest subclass by _name_
28
28
  #
29
29
  # require 'openssl'
30
30
  #
@@ -1,37 +1,25 @@
1
1
  # frozen_string_literal: false
2
- module OpenSSL
3
- module PKey
4
- if defined?(OpenSSL::PKey::DH)
2
+ #--
3
+ # Ruby/OpenSSL Project
4
+ # Copyright (C) 2017 Ruby/OpenSSL Project Authors
5
+ #++
5
6
 
6
- class DH
7
- DEFAULT_512 = new <<-_end_of_pem_
8
- -----BEGIN DH PARAMETERS-----
9
- MEYCQQD0zXHljRg/mJ9PYLACLv58Cd8VxBxxY7oEuCeURMiTqEhMym16rhhKgZG2
10
- zk2O9uUIBIxSj+NKMURHGaFKyIvLAgEC
11
- -----END DH PARAMETERS-----
12
- _end_of_pem_
13
-
14
- DEFAULT_1024 = new <<-_end_of_pem_
15
- -----BEGIN DH PARAMETERS-----
16
- MIGHAoGBAJ0lOVy0VIr/JebWn0zDwY2h+rqITFOpdNr6ugsgvkDXuucdcChhYExJ
17
- AV/ZD2AWPbrTqV76mGRgJg4EddgT1zG0jq3rnFdMj2XzkBYx3BVvfR0Arnby0RHR
18
- T4h7KZ/2zmjvV+eF8kBUHBJAojUlzxKj4QeO2x20FP9X5xmNUXeDAgEC
19
- -----END DH PARAMETERS-----
20
- _end_of_pem_
21
- end
22
-
23
- DEFAULT_TMP_DH_CALLBACK = lambda { |ctx, is_export, keylen|
24
- warn "using default DH parameters." if $VERBOSE
25
- case keylen
26
- when 512 then OpenSSL::PKey::DH::DEFAULT_512
27
- when 1024 then OpenSSL::PKey::DH::DEFAULT_1024
28
- else
29
- nil
30
- end
31
- }
32
-
33
- else
34
- DEFAULT_TMP_DH_CALLBACK = nil
35
- end
7
+ module OpenSSL::PKey
8
+ if defined?(EC)
9
+ class EC::Point
10
+ # :call-seq:
11
+ # point.to_bn([conversion_form]) -> OpenSSL::BN
12
+ #
13
+ # Returns the octet string representation of the EC point as an instance of
14
+ # OpenSSL::BN.
15
+ #
16
+ # If _conversion_form_ is not given, the _point_conversion_form_ attribute
17
+ # set to the group is used.
18
+ #
19
+ # See #to_octet_string for more information.
20
+ # def to_bn(conversion_form = group.point_conversion_form)
21
+ # OpenSSL::BN.new(to_octet_string(conversion_form), 2)
22
+ # end
23
+ end
36
24
  end
37
- end
25
+ end