jruby-openssl 0.5 → 0.5.1

data/History.txt

@@ -1,3 +1,8 @@
+== 0.5.1
+
+* Multiple fixes by Brice Figureau to get net/ssh working. Requires JRuby 1.3.1 to be 100%
+* Fix by Frederic Jean for a character-decoding issue for some certificates
+
 == 0.5
 
 * Fixed JRUBY-3614: Unsupported HMAC algorithm (HMACSHA-256)

data/lib/jopenssl/version.rb

@@ -1,5 +1,5 @@
 module Jopenssl
   module Version
-    VERSION = "0.5"
+    VERSION = "0.5.1"
   end
 end

data/test/openssl/test_cipher.rb

@@ -19,6 +19,7 @@ class OpenSSL::TestCipher < Test::Unit::TestCase
     @c2 = OpenSSL::Cipher::DES.new(:EDE3, "CBC")
     @key = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
     @iv = "\0\0\0\0\0\0\0\0"
+    @iv1 = "\1\1\1\1\1\1\1\1"
     @hexkey = "0000000000000000000000000000000000000000000000"
     @hexiv = "0000000000000000"
     @data = "DATA"
@@ -70,6 +71,21 @@ class OpenSSL::TestCipher < Test::Unit::TestCase
     assert_equal(s1, s2, "encrypt reset")
   end
 
+  def test_set_iv
+    @c1.encrypt
+    @c1.key = @key
+    @c1.iv = @iv
+    s1 = @c1.update(@data) + @c1.final
+    @c1.iv = @iv1
+    s1 += @c1.update(@data) + @c1.final
+    @c1.reset
+    @c1.iv = @iv
+    s2 = @c1.update(@data) + @c1.final
+    @c1.iv = @iv1
+    s2 += @c1.update(@data) + @c1.final
+    assert_equal(s1, s2, "encrypt reset")
+  end
+
   def test_empty_data
     @c1.encrypt
     assert_raises(ArgumentError){ @c1.update("") }

data/test/openssl/test_x509cert.rb

@@ -169,6 +169,68 @@ class OpenSSL::TestX509Certificate < Test::Unit::TestCase
                         nil, nil, OpenSSL::Digest::SHA1.new) 
     }
   end
+
+  def test_check_private_key
+    cert = issue_cert(@ca, @rsa2048, 1, Time.now, Time.now+3600, [],
+                      nil, nil, OpenSSL::Digest::SHA1.new)
+    assert_equal(true, cert.check_private_key(@rsa2048))
+  end
+
+  def test_to_text
+    cert_pem = <<END
+-----BEGIN CERTIFICATE-----
+MIIC8zCCAdugAwIBAgIBATANBgkqhkiG9w0BAQQFADA9MRMwEQYKCZImiZPyLGQB
+GRYDb3JnMRkwFwYKCZImiZPyLGQBGRYJcnVieS1sYW5nMQswCQYDVQQDDAJDQTAe
+Fw0wOTA1MjMxNTAzNDNaFw0wOTA1MjMxNjAzNDNaMD0xEzARBgoJkiaJk/IsZAEZ
+FgNvcmcxGTAXBgoJkiaJk/IsZAEZFglydWJ5LWxhbmcxCzAJBgNVBAMMAkNBMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuV9ht9J7k4NBs38jOXvvTKY9
+gW8nLICSno5EETR1cuF7i4pNs9I1QJGAFAX0BEO4KbzXmuOvfCpD3CU+Slp1enen
+fzq/t/e/1IRW0wkJUJUFQign4CtrkJL+P07yx18UjyPlBXb81ApEmAB5mrJVSrWm
+qbjs07JbuS4QQGGXLc+Su96DkYKmSNVjBiLxVVSpyZfAY3hD37d60uG+X8xdW5v6
+8JkRFIhdGlb6JL8fllf/A/blNwdJOhVr9mESHhwGjwfSeTDPfd8ZLE027E5lyAVX
+9KZYcU00mOX+fdxOSnGqS/8JDRh0EPHDL15RcJjV2J6vZjPb0rOYGDoMcH+94wID
+AQABMA0GCSqGSIb3DQEBBAUAA4IBAQB8UTw1agA9wdXxHMUACduYu6oNL7pdF0dr
+w7a4QPJyj62h4+Umxvp13q0PBw0E+mSjhXMcqUhDLjrmMcvvNGhuh5Sdjbe3GI/M
+3lCC9OwYYIzzul7omvGC3JEIGfzzdNnPPCPKEWp5X9f0MKLMR79qOf+sjHTjN2BY
+SY3YGsEFxyTXDdqrlaYaOtTAdi/C+g1WxR8fkPLefymVwIFwvyc9/bnp7iBn7Hcw
+mbxtLPbtQ9mURT0GHewZRTGJ1aiTq9Ag3xXME2FPF04eFRd3mclOQZNXKQ+LDxYf
+k0X5FeZvsWf4srFxoVxlcDdJtHh91ZRpDDJYGQlsUm9CPTnO+e4E
+-----END CERTIFICATE-----
+END
+
+    cert = OpenSSL::X509::Certificate.new(cert_pem)
+
+    cert_text = <<END
+  [0]         Version: 3
+         SerialNumber: 1
+             IssuerDN: DC=org,DC=ruby-lang,CN=CA
+           Start Date: Sat May 23 17:03:43 CEST 2009
+           Final Date: Sat May 23 18:03:43 CEST 2009
+            SubjectDN: DC=org,DC=ruby-lang,CN=CA
+           Public Key: RSA Public Key
+            modulus: b95f61b7d27b938341b37f23397bef4ca63d816f272c80929e8e4411347572e17b8b8a4db3d2354091801405f40443b829bcd79ae3af7c2a43dc253e4a5a757a77a77f3abfb7f7bfd48456d30909509505422827e02b6b9092fe3f4ef2c75f148f23e50576fcd40a449800799ab2554ab5a6a9b8ecd3b25bb92e104061972dcf92bbde839182a648d5630622f15554a9c997c0637843dfb77ad2e1be5fcc5d5b9bfaf0991114885d1a56fa24bf1f9657ff03f6e53707493a156bf661121e1c068f07d27930cf7ddf192c4d36ec4e65c80557f4a658714d3498e5fe7ddc4e4a71aa4bff090d187410f1c32f5e517098d5d89eaf6633dbd2b398183a0c707fbde3
+    public exponent: 10001
+
+  Signature Algorithm: MD5withRSA
+            Signature: 7c513c356a003dc1d5f11cc50009db98bbaa0d2f
+                       ba5d17476bc3b6b840f2728fada1e3e526c6fa75
+                       dead0f070d04fa64a385731ca948432e3ae631cb
+                       ef34686e87949d8db7b7188fccde5082f4ec1860
+                       8cf3ba5ee89af182dc910819fcf374d9cf3c23ca
+                       116a795fd7f430a2cc47bf6a39ffac8c74e33760
+                       58498dd81ac105c724d70ddaab95a61a3ad4c076
+                       2fc2fa0d56c51f1f90f2de7f2995c08170bf273d
+                       fdb9e9ee2067ec773099bc6d2cf6ed43d994453d
+                       061dec19453189d5a893abd020df15cc13614f17
+                       4e1e15177799c94e419357290f8b0f161f9345f9
+                       15e66fb167f8b2b171a15c65703749b4787dd594
+                       690c325819096c526f423d39cef9ee04
+END
+    assert_not_nil(cert.to_text)
+    # This is commented out because it doesn't take timezone into consideration; FIXME
+    #assert_equal(cert_text, cert.to_text)
+  end
+
 end
 
 end

data/test/openssl/test_x509crl.rb

@@ -213,6 +213,22 @@ class OpenSSL::TestX509CRL < Test::Unit::TestCase
     crl.version = 0
     assert_equal(false, crl.verify(@dsa512))
   end
+
+  def test_create_from_pem
+    crl = <<END
+-----BEGIN X509 CRL-----
+MIHkME8CAQEwDQYJKoZIhvcNAQEFBQAwDTELMAkGA1UEAwwCY2EXDTA5MDUyMzEw
+MTkyM1oXDTE0MDUyMjEwMTkyM1qgDjAMMAoGA1UdFAQDAgEAMA0GCSqGSIb3DQEB
+BQUAA4GBAGrGXN03TQdoluA5Xjv64We9EOvmE0EviKMeaZ/n8krEwFhUK7Yq3GVD
+BFrb40cdFX1433buCZHG7Tq7eGv8cG1eO5RasuiedurMQXmVRDTDjGor/58Dk/Wy
+owO/GR8ASm6Fx6AUKEgLAaoaaptpaWtEB+N4uaGvc0LFO9WY+ZMq
+-----END X509 CRL-----
+END
+    crl = OpenSSL::X509::CRL.new(crl)
+    assert_equal(1, crl.version)
+    assert_equal(OpenSSL::X509::Name.parse("/CN=ca").to_der, crl.issuer.to_der)
+  end
+
 end
 
 end

data/test/openssl/test_x509req.rb

@@ -135,6 +135,44 @@ class OpenSSL::TestX509Request < Test::Unit::TestCase
     assert_raise(OpenSSL::X509::RequestError){
       issue_csr(0, @dn, @dsa512, OpenSSL::Digest::MD5.new) }
   end
+
+  def test_create_from_pem
+    req = <<END
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBVTCBvwIBADAWMRQwEgYDVQQDDAsxOTIuMTY4LjAuNDCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEA0oTTzFLydOTVtBpNdYl4S0356AysVkHlqD/tNEMxQT0l
+dXdNoDKb/3TfM5WMciNxBb8rImJ51vEIf6WaWvPbaawcmhNWA9JmhMIeFCdeXyu/
+XEjiiEOL4MkWf6qfsu6VoPr2YSnR0iiWLgWcnRPuy84+PE1XPPl1qGDA0apWJ9kC
+AwEAAaAAMA0GCSqGSIb3DQEBBAUAA4GBAKdlyDzVrXRLkPdukQUTTy6uwhv35SKL
+FfiKDrHtnFYd7VbynQ1sRre5CknuRrm+E7aEJEwpz6MS+6nqmQ6JwGcm/hlZM/m7
+DVD201pI3p6LIxaRyXE20RYTp0Jj6jv+tNFd0wjVlzgStmcplNo8hu6Dtp1gKETW
+qL7M4i48FXHn
+-----END CERTIFICATE REQUEST-----
+END
+    req = OpenSSL::X509::Request.new(req)
+
+    assert_equal(0, req.version)
+    assert_equal(OpenSSL::X509::Name.parse("/CN=192.168.0.4").to_der, req.subject.to_der)
+  end
+
+    def test_create_to_pem
+      req_s = <<END
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBVTCBvwIBADAWMRQwEgYDVQQDDAsxOTIuMTY4LjAuNDCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEA0oTTzFLydOTVtBpNdYl4S0356AysVkHlqD/tNEMxQT0l
+dXdNoDKb/3TfM5WMciNxBb8rImJ51vEIf6WaWvPbaawcmhNWA9JmhMIeFCdeXyu/
+XEjiiEOL4MkWf6qfsu6VoPr2YSnR0iiWLgWcnRPuy84+PE1XPPl1qGDA0apWJ9kC
+AwEAAaAAMA0GCSqGSIb3DQEBBAUAA4GBAKdlyDzVrXRLkPdukQUTTy6uwhv35SKL
+FfiKDrHtnFYd7VbynQ1sRre5CknuRrm+E7aEJEwpz6MS+6nqmQ6JwGcm/hlZM/m7
+DVD201pI3p6LIxaRyXE20RYTp0Jj6jv+tNFd0wjVlzgStmcplNo8hu6Dtp1gKETW
+qL7M4i48FXHn
+-----END CERTIFICATE REQUEST-----
+END
+      req = OpenSSL::X509::Request.new(req_s)
+
+      assert_equal(req_s, req.to_pem)
+    end
+
 end
 
 end

data/test/openssl/test_x509store.rb

@@ -4,6 +4,7 @@ begin
 rescue LoadError
 end
 require "test/unit"
+require "tempfile"
 
 if defined?(OpenSSL)
 
@@ -212,6 +213,33 @@ class OpenSSL::TestX509Store < Test::Unit::TestCase
       store.add_crl(crl2) # add CRL issued by same CA twice.
     }
   end
+
+  def test_add_file
+    ca1_cert = <<END
+-----BEGIN CERTIFICATE-----
+MIIBzzCCATigAwIBAgIBATANBgkqhkiG9w0BAQUFADANMQswCQYDVQQDDAJjYTAe
+Fw0wOTA1MjIxMDE5MjNaFw0xNDA1MjExMDE5MjNaMA0xCzAJBgNVBAMMAmNhMIGf
+MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDcTL520vsbXHXPfkHKrcgWbk2zVf0y
+oK7bPg06kjCghs8KYsi9b/tT9KpkpejD0KucDBSmDILD3PvIWrNFcBRWf6ZC5vA5
+YuF6ueATuFhsXjUFuNLqyPcIX+XrOQmXgjiyO9nc5vzQwWRRhdyyT8DgCRUD/yHW
+pjD2ZEGIAVLY/wIDAQABoz8wPTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQf
+923P/SgiCcbiN20bbmuFM6SLxzALBgNVHQ8EBAMCAQYwDQYJKoZIhvcNAQEFBQAD
+gYEAE0CpCo8MxhfUNWMHF5GsGEG2+1LdE+aUX7gSb6d4vn1WjusrM2FoOFTomt32
+YPqJwMEbcqILq2v9Kkao4QNJRlK+z1xpRDnt1iBrHdXrYJFvYnfMqv3z7XAFPfQZ
+yMP+P2sR0jPzy4UNZfDIMmMUqQdhkz7onKWOGjXwLEtkCMs=
+-----END CERTIFICATE-----
+END
+
+    f = Tempfile.new("ca1_cert")
+    f << ca1_cert
+    f.close
+
+    store = OpenSSL::X509::Store.new
+    store.add_file(f.path)
+    assert_equal(true,  store.verify(OpenSSL::X509::Certificate.new(ca1_cert)))
+    f.unlink
+  end
+
 end
 
 end

metadata

@@ -5,9 +5,9 @@ homepage: http://jruby-extras.rubyforge.org/jruby-openssl
 executables: []
 
 version: !ruby/object:Gem::Version 
-  version: "0.5"
+  version: 0.5.1
 post_install_message: 
-date: 2009-05-12 05:00:00 +00:00
+date: 2009-06-15 05:00:00 +00:00
 files: 
 - History.txt
 - README.txt