jruby-openssl 0.9.20-java → 0.10.7-java
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/History.md +132 -1
- data/LICENSE.txt +1 -1
- data/Mavenfile +49 -69
- data/README.md +14 -16
- data/Rakefile +4 -0
- data/lib/jopenssl/_compat23.rb +71 -0
- data/lib/jopenssl/load.rb +21 -12
- data/lib/jopenssl/version.rb +8 -10
- data/lib/jopenssl.jar +0 -0
- data/lib/jopenssl19/openssl/ssl-internal.rb +104 -0
- data/lib/jopenssl22/openssl/ssl.rb +16 -16
- data/lib/jopenssl23/openssl/bn.rb +2 -1
- data/lib/jopenssl23/openssl/buffering.rb +39 -35
- data/lib/jopenssl23/openssl/config.rb +12 -11
- data/lib/jopenssl23/openssl/digest.rb +1 -1
- data/lib/jopenssl23/openssl/pkey.rb +22 -34
- data/lib/jopenssl23/openssl/ssl.rb +210 -125
- data/lib/jopenssl23/openssl/x509.rb +76 -1
- data/lib/jopenssl23/openssl.rb +1 -1
- data/lib/openssl/bn.rb +1 -3
- data/lib/openssl/buffering.rb +1 -3
- data/lib/openssl/cipher.rb +1 -3
- data/lib/openssl/config.rb +10 -4
- data/lib/openssl/digest.rb +1 -3
- data/lib/openssl/pkcs12.rb +1 -3
- data/lib/openssl/pkcs5.rb +22 -0
- data/lib/openssl/ssl-internal.rb +1 -3
- data/lib/openssl/ssl.rb +1 -3
- data/lib/openssl/x509-internal.rb +1 -3
- data/lib/openssl/x509.rb +1 -3
- data/lib/org/bouncycastle/bcpkix-jdk15on/1.68/bcpkix-jdk15on-1.68.jar +0 -0
- data/lib/org/bouncycastle/bcprov-jdk15on/1.68/bcprov-jdk15on-1.68.jar +0 -0
- data/lib/org/bouncycastle/bctls-jdk15on/1.68/bctls-jdk15on-1.68.jar +0 -0
- data/pom.xml +100 -322
- metadata +19 -75
- data/integration/1.47/pom.xml +0 -15
- data/integration/1.48/pom.xml +0 -15
- data/integration/1.49/pom.xml +0 -15
- data/integration/1.50/pom.xml +0 -15
- data/integration/Mavenfile +0 -57
- data/integration/pom.xml +0 -122
- data/lib/jopenssl18/openssl/bn.rb +0 -25
- data/lib/jopenssl18/openssl/buffering.rb +0 -241
- data/lib/jopenssl18/openssl/cipher.rb +0 -28
- data/lib/jopenssl18/openssl/config.rb +0 -316
- data/lib/jopenssl18/openssl/digest.rb +0 -32
- data/lib/jopenssl18/openssl/pkcs7.rb +0 -25
- data/lib/jopenssl18/openssl/ssl-internal.rb +0 -112
- data/lib/jopenssl18/openssl/ssl.rb +0 -1
- data/lib/jopenssl18/openssl/x509-internal.rb +0 -110
- data/lib/jopenssl18/openssl/x509.rb +0 -1
- data/lib/jopenssl18/openssl.rb +0 -23
- data/lib/jopenssl24.rb +0 -112
- data/lib/openssl/pkcs7.rb +0 -5
- data/lib/org/bouncycastle/bcpkix-jdk15on/1.56/bcpkix-jdk15on-1.56.jar +0 -0
- data/lib/org/bouncycastle/bcprov-jdk15on/1.56/bcprov-jdk15on-1.56.jar +0 -0
@@ -19,6 +19,104 @@ require 'fcntl' # used by OpenSSL::SSL::Nonblock (if loaded)
|
|
19
19
|
|
20
20
|
module OpenSSL
|
21
21
|
module SSL
|
22
|
+
class SSLContext
|
23
|
+
DEFAULT_PARAMS = {
|
24
|
+
:ssl_version => "SSLv23",
|
25
|
+
:verify_mode => OpenSSL::SSL::VERIFY_PEER,
|
26
|
+
:ciphers => %w{
|
27
|
+
ECDHE-ECDSA-AES128-GCM-SHA256
|
28
|
+
ECDHE-RSA-AES128-GCM-SHA256
|
29
|
+
ECDHE-ECDSA-AES256-GCM-SHA384
|
30
|
+
ECDHE-RSA-AES256-GCM-SHA384
|
31
|
+
DHE-RSA-AES128-GCM-SHA256
|
32
|
+
DHE-DSS-AES128-GCM-SHA256
|
33
|
+
DHE-RSA-AES256-GCM-SHA384
|
34
|
+
DHE-DSS-AES256-GCM-SHA384
|
35
|
+
ECDHE-ECDSA-AES128-SHA256
|
36
|
+
ECDHE-RSA-AES128-SHA256
|
37
|
+
ECDHE-ECDSA-AES128-SHA
|
38
|
+
ECDHE-RSA-AES128-SHA
|
39
|
+
ECDHE-ECDSA-AES256-SHA384
|
40
|
+
ECDHE-RSA-AES256-SHA384
|
41
|
+
ECDHE-ECDSA-AES256-SHA
|
42
|
+
ECDHE-RSA-AES256-SHA
|
43
|
+
DHE-RSA-AES128-SHA256
|
44
|
+
DHE-RSA-AES256-SHA256
|
45
|
+
DHE-RSA-AES128-SHA
|
46
|
+
DHE-RSA-AES256-SHA
|
47
|
+
DHE-DSS-AES128-SHA256
|
48
|
+
DHE-DSS-AES256-SHA256
|
49
|
+
DHE-DSS-AES128-SHA
|
50
|
+
DHE-DSS-AES256-SHA
|
51
|
+
AES128-GCM-SHA256
|
52
|
+
AES256-GCM-SHA384
|
53
|
+
AES128-SHA256
|
54
|
+
AES256-SHA256
|
55
|
+
AES128-SHA
|
56
|
+
AES256-SHA
|
57
|
+
ECDHE-ECDSA-RC4-SHA
|
58
|
+
ECDHE-RSA-RC4-SHA
|
59
|
+
RC4-SHA
|
60
|
+
}.join(":"),
|
61
|
+
:options => -> {
|
62
|
+
opts = OpenSSL::SSL::OP_ALL
|
63
|
+
opts &= ~OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS if defined?(OpenSSL::SSL::OP_DONT_INSERT_EMPTY_FRAGMENTS)
|
64
|
+
opts |= OpenSSL::SSL::OP_NO_COMPRESSION if defined?(OpenSSL::SSL::OP_NO_COMPRESSION)
|
65
|
+
opts |= OpenSSL::SSL::OP_NO_SSLv2 if defined?(OpenSSL::SSL::OP_NO_SSLv2)
|
66
|
+
opts |= OpenSSL::SSL::OP_NO_SSLv3 if defined?(OpenSSL::SSL::OP_NO_SSLv3)
|
67
|
+
opts
|
68
|
+
}.call
|
69
|
+
} unless const_defined? :DEFAULT_PARAMS # JRuby does it in Java
|
70
|
+
|
71
|
+
begin
|
72
|
+
DEFAULT_CERT_STORE = OpenSSL::X509::Store.new
|
73
|
+
DEFAULT_CERT_STORE.set_default_paths
|
74
|
+
if defined?(OpenSSL::X509::V_FLAG_CRL_CHECK_ALL)
|
75
|
+
DEFAULT_CERT_STORE.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
|
76
|
+
end
|
77
|
+
end unless const_defined? :DEFAULT_CERT_STORE
|
78
|
+
|
79
|
+
def set_params(params={})
|
80
|
+
params = DEFAULT_PARAMS.merge(params)
|
81
|
+
params.each{|name, value| self.__send__("#{name}=", value) }
|
82
|
+
if self.verify_mode != OpenSSL::SSL::VERIFY_NONE
|
83
|
+
unless self.ca_file or self.ca_path or self.cert_store
|
84
|
+
self.cert_store = DEFAULT_CERT_STORE
|
85
|
+
end
|
86
|
+
end
|
87
|
+
return params
|
88
|
+
end unless method_defined? :set_params
|
89
|
+
end
|
90
|
+
|
91
|
+
module SocketForwarder
|
92
|
+
def addr
|
93
|
+
to_io.addr
|
94
|
+
end
|
95
|
+
|
96
|
+
def peeraddr
|
97
|
+
to_io.peeraddr
|
98
|
+
end
|
99
|
+
|
100
|
+
def setsockopt(level, optname, optval)
|
101
|
+
to_io.setsockopt(level, optname, optval)
|
102
|
+
end
|
103
|
+
|
104
|
+
def getsockopt(level, optname)
|
105
|
+
to_io.getsockopt(level, optname)
|
106
|
+
end
|
107
|
+
|
108
|
+
def fcntl(*args)
|
109
|
+
to_io.fcntl(*args)
|
110
|
+
end
|
111
|
+
|
112
|
+
def closed?
|
113
|
+
to_io.closed?
|
114
|
+
end
|
115
|
+
|
116
|
+
def do_not_reverse_lookup=(flag)
|
117
|
+
to_io.do_not_reverse_lookup = flag
|
118
|
+
end
|
119
|
+
end
|
22
120
|
|
23
121
|
def verify_certificate_identity(cert, hostname)
|
24
122
|
should_verify_common_name = true
|
@@ -63,6 +161,12 @@ module OpenSSL
|
|
63
161
|
include SocketForwarder
|
64
162
|
include Nonblock
|
65
163
|
|
164
|
+
def sysclose
|
165
|
+
return if closed?
|
166
|
+
stop
|
167
|
+
io.close if sync_close
|
168
|
+
end unless method_defined? :sysclose
|
169
|
+
|
66
170
|
def post_connection_check(hostname)
|
67
171
|
unless OpenSSL::SSL.verify_certificate_identity(peer_cert, hostname)
|
68
172
|
raise SSLError, "hostname does not match the server certificate"
|
@@ -68,13 +68,13 @@ module OpenSSL
|
|
68
68
|
}.call
|
69
69
|
} unless const_defined? :DEFAULT_PARAMS # JRuby does it in Java
|
70
70
|
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
end
|
71
|
+
begin
|
72
|
+
DEFAULT_CERT_STORE = OpenSSL::X509::Store.new
|
73
|
+
DEFAULT_CERT_STORE.set_default_paths
|
74
|
+
if defined?(OpenSSL::X509::V_FLAG_CRL_CHECK_ALL)
|
75
|
+
DEFAULT_CERT_STORE.flags = OpenSSL::X509::V_FLAG_CRL_CHECK_ALL
|
76
|
+
end
|
77
|
+
end unless const_defined? :DEFAULT_CERT_STORE
|
78
78
|
|
79
79
|
##
|
80
80
|
# Sets the parameters for this SSL context to the values in +params+.
|
@@ -86,14 +86,14 @@ module OpenSSL
|
|
86
86
|
|
87
87
|
def set_params(params={})
|
88
88
|
params = DEFAULT_PARAMS.merge(params)
|
89
|
-
params.each{|name, value| self.__send__("#{name}=", value) }
|
89
|
+
params.each { |name, value| self.__send__("#{name}=", value) }
|
90
90
|
if self.verify_mode != OpenSSL::SSL::VERIFY_NONE
|
91
91
|
unless self.ca_file or self.ca_path or self.cert_store
|
92
92
|
self.cert_store = DEFAULT_CERT_STORE
|
93
93
|
end
|
94
94
|
end
|
95
95
|
return params
|
96
|
-
end unless method_defined? :set_params
|
96
|
+
end unless method_defined? :set_params
|
97
97
|
end
|
98
98
|
|
99
99
|
module SocketForwarder
|
@@ -124,7 +124,7 @@ module OpenSSL
|
|
124
124
|
def do_not_reverse_lookup=(flag)
|
125
125
|
to_io.do_not_reverse_lookup = flag
|
126
126
|
end
|
127
|
-
end
|
127
|
+
end
|
128
128
|
|
129
129
|
module Nonblock
|
130
130
|
def initialize(*args)
|
@@ -228,6 +228,12 @@ module OpenSSL
|
|
228
228
|
include SocketForwarder
|
229
229
|
include Nonblock
|
230
230
|
|
231
|
+
def sysclose
|
232
|
+
return if closed?
|
233
|
+
stop
|
234
|
+
io.close if sync_close
|
235
|
+
end unless method_defined? :sysclose
|
236
|
+
|
231
237
|
##
|
232
238
|
# Perform hostname verification after an SSL connection is established
|
233
239
|
#
|
@@ -248,12 +254,6 @@ module OpenSSL
|
|
248
254
|
return true
|
249
255
|
end
|
250
256
|
|
251
|
-
#def session
|
252
|
-
# SSL::Session.new(self)
|
253
|
-
#rescue SSL::Session::SessionError
|
254
|
-
# nil
|
255
|
-
#end
|
256
|
-
|
257
257
|
private
|
258
258
|
|
259
259
|
def using_anon_cipher?
|
@@ -63,7 +63,7 @@ module OpenSSL::Buffering
|
|
63
63
|
end
|
64
64
|
|
65
65
|
##
|
66
|
-
# Consumes
|
66
|
+
# Consumes _size_ bytes from the buffer
|
67
67
|
|
68
68
|
def consume_rbuff(size=nil)
|
69
69
|
if @rbuffer.empty?
|
@@ -79,7 +79,7 @@ module OpenSSL::Buffering
|
|
79
79
|
public
|
80
80
|
|
81
81
|
##
|
82
|
-
# Reads
|
82
|
+
# Reads _size_ bytes from the stream. If _buf_ is provided it must
|
83
83
|
# reference a string which will receive the data.
|
84
84
|
#
|
85
85
|
# See IO#read for full details.
|
@@ -106,7 +106,7 @@ module OpenSSL::Buffering
|
|
106
106
|
end
|
107
107
|
|
108
108
|
##
|
109
|
-
# Reads at most
|
109
|
+
# Reads at most _maxlen_ bytes from the stream. If _buf_ is provided it
|
110
110
|
# must reference a string which will receive the data.
|
111
111
|
#
|
112
112
|
# See IO#readpartial for full details.
|
@@ -136,7 +136,7 @@ module OpenSSL::Buffering
|
|
136
136
|
end
|
137
137
|
|
138
138
|
##
|
139
|
-
# Reads at most
|
139
|
+
# Reads at most _maxlen_ bytes in the non-blocking manner.
|
140
140
|
#
|
141
141
|
# When no data can be read without blocking it raises
|
142
142
|
# OpenSSL::SSL::SSLError extended by IO::WaitReadable or IO::WaitWritable.
|
@@ -163,6 +163,11 @@ module OpenSSL::Buffering
|
|
163
163
|
# Note that one reason that read_nonblock writes to the underlying IO is
|
164
164
|
# when the peer requests a new TLS/SSL handshake. See openssl the FAQ for
|
165
165
|
# more details. http://www.openssl.org/support/faq.html
|
166
|
+
#
|
167
|
+
# By specifying a keyword argument _exception_ to +false+, you can indicate
|
168
|
+
# that read_nonblock should not raise an IO::Wait*able exception, but
|
169
|
+
# return the symbol +:wait_writable+ or +:wait_readable+ instead. At EOF,
|
170
|
+
# it will return +nil+ instead of raising EOFError.
|
166
171
|
|
167
172
|
def read_nonblock(maxlen, buf=nil, exception: true)
|
168
173
|
if maxlen == 0
|
@@ -185,11 +190,11 @@ module OpenSSL::Buffering
|
|
185
190
|
end
|
186
191
|
|
187
192
|
##
|
188
|
-
# Reads the next "line
|
189
|
-
#
|
193
|
+
# Reads the next "line" from the stream. Lines are separated by _eol_. If
|
194
|
+
# _limit_ is provided the result will not be longer than the given number of
|
190
195
|
# bytes.
|
191
196
|
#
|
192
|
-
#
|
197
|
+
# _eol_ may be a String or Regexp.
|
193
198
|
#
|
194
199
|
# Unlike IO#gets the line read will not be assigned to +$_+.
|
195
200
|
#
|
@@ -215,7 +220,7 @@ module OpenSSL::Buffering
|
|
215
220
|
|
216
221
|
##
|
217
222
|
# Executes the block for every line in the stream where lines are separated
|
218
|
-
# by
|
223
|
+
# by _eol_.
|
219
224
|
#
|
220
225
|
# See also #gets
|
221
226
|
|
@@ -227,7 +232,7 @@ module OpenSSL::Buffering
|
|
227
232
|
alias each_line each
|
228
233
|
|
229
234
|
##
|
230
|
-
# Reads lines from the stream which are separated by
|
235
|
+
# Reads lines from the stream which are separated by _eol_.
|
231
236
|
#
|
232
237
|
# See also #gets
|
233
238
|
|
@@ -240,7 +245,7 @@ module OpenSSL::Buffering
|
|
240
245
|
end
|
241
246
|
|
242
247
|
##
|
243
|
-
# Reads a line from the stream which is separated by
|
248
|
+
# Reads a line from the stream which is separated by _eol_.
|
244
249
|
#
|
245
250
|
# Raises EOFError if at end of file.
|
246
251
|
|
@@ -276,7 +281,7 @@ module OpenSSL::Buffering
|
|
276
281
|
end
|
277
282
|
|
278
283
|
##
|
279
|
-
# Pushes character
|
284
|
+
# Pushes character _c_ back onto the stream such that a subsequent buffered
|
280
285
|
# character read will return it.
|
281
286
|
#
|
282
287
|
# Unlike IO#getc multiple bytes may be pushed back onto the stream.
|
@@ -303,7 +308,7 @@ module OpenSSL::Buffering
|
|
303
308
|
private
|
304
309
|
|
305
310
|
##
|
306
|
-
# Writes
|
311
|
+
# Writes _s_ to the buffer. When the buffer is full or #sync is true the
|
307
312
|
# buffer is flushed to the underlying socket.
|
308
313
|
|
309
314
|
def do_write(s)
|
@@ -311,36 +316,33 @@ module OpenSSL::Buffering
|
|
311
316
|
@wbuffer << s
|
312
317
|
@wbuffer.force_encoding(Encoding::BINARY)
|
313
318
|
@sync ||= false
|
314
|
-
if @sync or @wbuffer.size > BLOCK_SIZE
|
315
|
-
|
316
|
-
nwritten = 0
|
317
|
-
while remain > 0
|
318
|
-
str = @wbuffer[nwritten,remain]
|
319
|
+
if @sync or @wbuffer.size > BLOCK_SIZE
|
320
|
+
until @wbuffer.empty?
|
319
321
|
begin
|
320
|
-
nwrote = syswrite(
|
322
|
+
nwrote = syswrite(@wbuffer)
|
321
323
|
rescue Errno::EAGAIN
|
322
324
|
retry
|
323
325
|
end
|
324
|
-
|
325
|
-
nwritten += nwrote
|
326
|
+
@wbuffer[0, nwrote] = ""
|
326
327
|
end
|
327
|
-
@wbuffer[0,nwritten] = ""
|
328
328
|
end
|
329
329
|
end
|
330
330
|
|
331
331
|
public
|
332
332
|
|
333
333
|
##
|
334
|
-
# Writes
|
335
|
-
# converted using
|
334
|
+
# Writes _s_ to the stream. If the argument is not a String it will be
|
335
|
+
# converted using +.to_s+ method. Returns the number of bytes written.
|
336
336
|
|
337
|
-
def write(s)
|
338
|
-
|
339
|
-
|
337
|
+
def write(*s)
|
338
|
+
s.inject(0) do |written, str|
|
339
|
+
do_write(str)
|
340
|
+
written + str.bytesize
|
341
|
+
end
|
340
342
|
end
|
341
343
|
|
342
344
|
##
|
343
|
-
# Writes
|
345
|
+
# Writes _s_ in the non-blocking manner.
|
344
346
|
#
|
345
347
|
# If there is buffered data, it is flushed first. This may block.
|
346
348
|
#
|
@@ -371,6 +373,10 @@ module OpenSSL::Buffering
|
|
371
373
|
# Note that one reason that write_nonblock reads from the underlying IO
|
372
374
|
# is when the peer requests a new TLS/SSL handshake. See the openssl FAQ
|
373
375
|
# for more details. http://www.openssl.org/support/faq.html
|
376
|
+
#
|
377
|
+
# By specifying a keyword argument _exception_ to +false+, you can indicate
|
378
|
+
# that write_nonblock should not raise an IO::Wait*able exception, but
|
379
|
+
# return the symbol +:wait_writable+ or +:wait_readable+ instead.
|
374
380
|
|
375
381
|
def write_nonblock(s, exception: true)
|
376
382
|
flush
|
@@ -378,16 +384,16 @@ module OpenSSL::Buffering
|
|
378
384
|
end
|
379
385
|
|
380
386
|
##
|
381
|
-
# Writes
|
382
|
-
#
|
387
|
+
# Writes _s_ to the stream. _s_ will be converted to a String using
|
388
|
+
# +.to_s+ method.
|
383
389
|
|
384
|
-
def <<
|
390
|
+
def <<(s)
|
385
391
|
do_write(s)
|
386
392
|
self
|
387
393
|
end
|
388
394
|
|
389
395
|
##
|
390
|
-
# Writes
|
396
|
+
# Writes _args_ to the stream along with a record separator.
|
391
397
|
#
|
392
398
|
# See IO#puts for full details.
|
393
399
|
|
@@ -398,16 +404,14 @@ module OpenSSL::Buffering
|
|
398
404
|
end
|
399
405
|
args.each{|arg|
|
400
406
|
s << arg.to_s
|
401
|
-
|
402
|
-
s << "\n"
|
403
|
-
end
|
407
|
+
s.sub!(/(?<!\n)\z/, "\n")
|
404
408
|
}
|
405
409
|
do_write(s)
|
406
410
|
nil
|
407
411
|
end
|
408
412
|
|
409
413
|
##
|
410
|
-
# Writes
|
414
|
+
# Writes _args_ to the stream.
|
411
415
|
#
|
412
416
|
# See IO#print for full details.
|
413
417
|
|
@@ -30,7 +30,8 @@ module OpenSSL
|
|
30
30
|
class << self
|
31
31
|
|
32
32
|
##
|
33
|
-
# Parses a given
|
33
|
+
# Parses a given _string_ as a blob that contains configuration for
|
34
|
+
# OpenSSL.
|
34
35
|
#
|
35
36
|
# If the source of the IO is a file, then consider using #parse_config.
|
36
37
|
def parse(string)
|
@@ -46,7 +47,7 @@ module OpenSSL
|
|
46
47
|
alias load new
|
47
48
|
|
48
49
|
##
|
49
|
-
# Parses the configuration data read from
|
50
|
+
# Parses the configuration data read from _io_, see also #parse.
|
50
51
|
#
|
51
52
|
# Raises a ConfigError on invalid configuration data.
|
52
53
|
def parse_config(io)
|
@@ -236,7 +237,7 @@ module OpenSSL
|
|
236
237
|
#
|
237
238
|
# This can be used in contexts like OpenSSL::X509::ExtensionFactory.config=
|
238
239
|
#
|
239
|
-
# If the optional
|
240
|
+
# If the optional _filename_ parameter is provided, then it is read in and
|
240
241
|
# parsed via #parse_config.
|
241
242
|
#
|
242
243
|
# This can raise IO exceptions based on the access, or availability of the
|
@@ -255,7 +256,7 @@ module OpenSSL
|
|
255
256
|
end
|
256
257
|
|
257
258
|
##
|
258
|
-
# Gets the value of
|
259
|
+
# Gets the value of _key_ from the given _section_
|
259
260
|
#
|
260
261
|
# Given the following configurating file being loaded:
|
261
262
|
#
|
@@ -265,8 +266,8 @@ module OpenSSL
|
|
265
266
|
# #=> [ default ]
|
266
267
|
# # foo=bar
|
267
268
|
#
|
268
|
-
# You can get a specific value from the config if you know the
|
269
|
-
# and
|
269
|
+
# You can get a specific value from the config if you know the _section_
|
270
|
+
# and _key_ like so:
|
270
271
|
#
|
271
272
|
# config.get_value('default','foo')
|
272
273
|
# #=> "bar"
|
@@ -297,7 +298,7 @@ module OpenSSL
|
|
297
298
|
end
|
298
299
|
|
299
300
|
##
|
300
|
-
# Set the target
|
301
|
+
# Set the target _key_ with a given _value_ under a specific _section_.
|
301
302
|
#
|
302
303
|
# Given the following configurating file being loaded:
|
303
304
|
#
|
@@ -307,7 +308,7 @@ module OpenSSL
|
|
307
308
|
# #=> [ default ]
|
308
309
|
# # foo=bar
|
309
310
|
#
|
310
|
-
# You can set the value of
|
311
|
+
# You can set the value of _foo_ under the _default_ section to a new
|
311
312
|
# value:
|
312
313
|
#
|
313
314
|
# config.add_value('default', 'foo', 'buzz')
|
@@ -322,7 +323,7 @@ module OpenSSL
|
|
322
323
|
end
|
323
324
|
|
324
325
|
##
|
325
|
-
# Get a specific
|
326
|
+
# Get a specific _section_ from the current configuration
|
326
327
|
#
|
327
328
|
# Given the following configurating file being loaded:
|
328
329
|
#
|
@@ -351,7 +352,7 @@ module OpenSSL
|
|
351
352
|
end
|
352
353
|
|
353
354
|
##
|
354
|
-
# Sets a specific
|
355
|
+
# Sets a specific _section_ name with a Hash _pairs_.
|
355
356
|
#
|
356
357
|
# Given the following configuration being created:
|
357
358
|
#
|
@@ -365,7 +366,7 @@ module OpenSSL
|
|
365
366
|
# # baz=buz
|
366
367
|
#
|
367
368
|
# It's important to note that this will essentially merge any of the keys
|
368
|
-
# in
|
369
|
+
# in _pairs_ with the existing _section_. For example:
|
369
370
|
#
|
370
371
|
# config['default']
|
371
372
|
# #=> {"foo"=>"bar", "baz"=>"buz"}
|
@@ -1,37 +1,25 @@
|
|
1
1
|
# frozen_string_literal: false
|
2
|
-
|
3
|
-
|
4
|
-
|
2
|
+
#--
|
3
|
+
# Ruby/OpenSSL Project
|
4
|
+
# Copyright (C) 2017 Ruby/OpenSSL Project Authors
|
5
|
+
#++
|
5
6
|
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
end
|
22
|
-
|
23
|
-
DEFAULT_TMP_DH_CALLBACK = lambda { |ctx, is_export, keylen|
|
24
|
-
warn "using default DH parameters." if $VERBOSE
|
25
|
-
case keylen
|
26
|
-
when 512 then OpenSSL::PKey::DH::DEFAULT_512
|
27
|
-
when 1024 then OpenSSL::PKey::DH::DEFAULT_1024
|
28
|
-
else
|
29
|
-
nil
|
30
|
-
end
|
31
|
-
}
|
32
|
-
|
33
|
-
else
|
34
|
-
DEFAULT_TMP_DH_CALLBACK = nil
|
35
|
-
end
|
7
|
+
module OpenSSL::PKey
|
8
|
+
if defined?(EC)
|
9
|
+
class EC::Point
|
10
|
+
# :call-seq:
|
11
|
+
# point.to_bn([conversion_form]) -> OpenSSL::BN
|
12
|
+
#
|
13
|
+
# Returns the octet string representation of the EC point as an instance of
|
14
|
+
# OpenSSL::BN.
|
15
|
+
#
|
16
|
+
# If _conversion_form_ is not given, the _point_conversion_form_ attribute
|
17
|
+
# set to the group is used.
|
18
|
+
#
|
19
|
+
# See #to_octet_string for more information.
|
20
|
+
# def to_bn(conversion_form = group.point_conversion_form)
|
21
|
+
# OpenSSL::BN.new(to_octet_string(conversion_form), 2)
|
22
|
+
# end
|
23
|
+
end
|
36
24
|
end
|
37
|
-
end
|
25
|
+
end
|