jruby-openssl 0.9.18-java → 0.9.19-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 7f388e4b46a1251e1b24c13f15a7bde0f18e08a7
-  data.tar.gz: 4e1b627fe988301ef5cb741837459427b902d0a7
+  metadata.gz: fb1f830ea348fd26b11fe83a542a77aac7e4e330
+  data.tar.gz: 091f65172ee221e9441934259149bb111ce15fcd
 SHA512:
-  metadata.gz: 4952dbaa5751dca5391834d9640e87685acd2c239794332fb7c548bbe7843ebef64a787794fccfa874bf75982faa80f036395674479ab73d21bc8f028cef7b7c
-  data.tar.gz: 81a1455e6c84d53198db6b4f7c49037d26cae33fb1a4fbd29977ed5f19a950253daa8028fbbdb3f9b23356752cc9a4f6461b14e5c6e64674badcdc94eccc76de
+  metadata.gz: 210b5e716e5ac06ebeddb756b887adb31fae18b337c55ba7ef7ca60137f44185cbb4b6e4e8cff7f223cd70d14559be59b85cd2d450e104d6cced43e9fb53c1ae
+  data.tar.gz: 68e72a6edc19f06dd5288589b8c09949067e782a8bdb39ac74a9841fac46858e8a9c5e3dcc5b28f823777e77ed5504f139124642d9e59b321a4eb2360bd42373

data/History.md

@@ -1,3 +1,13 @@
+## 0.9.19
+
+* re-use secure random from thread-context on SSL context initialization
+* preliminary OpenSSL 1.1 (Ruby 2.4) compatibility bits (#112)
+* try using thread-shared secure random gen (in PKey-s) where possible
+* implement PKeyDSA#syssign and PKeyDSA#sysverify methods
+* avoid (unnecessary) byte[] copies in PKey#sign/verify 
+* fix ClassCastException error in X509Store.verify (#113)
+* align BH#hash with eql? (+ equals/hashCode on Java)
+
 ## 0.9.18
 
 * handle X.509 authorityKeyIdentifier parsing somehow right (#102)

data/lib/jopenssl/load.rb

@@ -27,6 +27,7 @@ org.jruby.ext.openssl.OpenSSL.load(JRuby.runtime)
 
 if RUBY_VERSION > '2.3'
   load 'jopenssl23/openssl.rb'
+  load 'jopenssl24.rb' if RUBY_VERSION >= '2.4'
 elsif RUBY_VERSION > '2.2'
   load 'jopenssl22/openssl.rb'
 elsif RUBY_VERSION > '2.1'

data/lib/jopenssl/version.rb

@@ -1,5 +1,5 @@
 module Jopenssl
-  VERSION = '0.9.18'
+  VERSION = '0.9.19'
   BOUNCY_CASTLE_VERSION = '1.55'
   # @deprecated
   module Version

data/lib/jopenssl23/openssl/buffering.rb

@@ -132,7 +132,6 @@ module OpenSSL::Buffering
       buf.replace(ret)
       ret = buf
     end
-    raise EOFError if ret.empty?
     ret
   end
 
@@ -182,7 +181,6 @@ module OpenSSL::Buffering
       buf.replace(ret)
       ret = buf
     end
-    raise EOFError if ret.empty?
     ret
   end
 

data/lib/jopenssl23/openssl/cipher.rb

@@ -14,9 +14,12 @@
 
 module OpenSSL
   class Cipher
-    # This class is only provided for backwards compatibility.  Use OpenSSL::Cipher in the future.
-    class Cipher < Cipher
-      # add warning
-    end
+
+    # Deprecated.
+    #
+    # This class is only provided for backwards compatibility.
+    # Use OpenSSL::Cipher.
+    class Cipher < Cipher; end
+    deprecate_constant :Cipher
   end # Cipher
 end # OpenSSL

data/lib/jopenssl23/openssl/digest.rb

@@ -14,18 +14,13 @@
 
 module OpenSSL
   class Digest
+
     # Deprecated.
     #
     # This class is only provided for backwards compatibility.
-    class Digest < Digest # :nodoc:
-      # Deprecated.
-      #
-      # See OpenSSL::Digest.new
-      def initialize(*args)
-        warn('Digest::Digest is deprecated; use Digest')
-        super(*args)
-      end
-    end
+    # Use OpenSSL::Digest instead.
+    class Digest < Digest; end # :nodoc:
+    deprecate_constant :Digest
 
   end # Digest
 

data/lib/jopenssl23/openssl/ssl.rb

@@ -108,10 +108,8 @@ module OpenSSL
       #
       # You can get a list of valid methods with OpenSSL::SSL::SSLContext::METHODS
       def initialize(version = nil)
-        INIT_VARS.each { |v| instance_variable_set v, nil }
-        self.options = self.options | OpenSSL::SSL::OP_ALL
-        return unless version
-        self.ssl_version = version
+        self.options |= OpenSSL::SSL::OP_ALL
+        self.ssl_version = version if version
       end unless defined? JRUBY_VERSION # JRuby: handled in "native" Java
 
       ##

data/lib/jopenssl24.rb

@@ -0,0 +1,112 @@
+# frozen_string_literal: false
+
+# Ruby 2.4 preliminary compatibility script, loaded after all (2.3) jruby-openssl files
+
+module OpenSSL
+
+  module SSL
+    class SSLContext
+      # OpenSSL 1.1.0 introduced "security level"
+      def security_level; 0 end
+      def security_level=(level); raise NotImplementedError end
+    end
+  end
+
+  module PKey
+
+    class DH
+
+      def set_key(pub_key, priv_key)
+        self.public_key = pub_key
+        self.priv_key = priv_key
+        self
+      end
+
+      def set_pqg(p, q, g)
+        self.p = p
+        # TODO self.q = q
+        if respond_to?(:q)
+          self.q = q
+        else
+          OpenSSL.warn "JRuby-OpenSSL does not support setting q param on #{inspect}" if q
+        end
+        self.g = g
+        self
+      end
+
+    end
+
+    class DSA
+
+      def set_key(pub_key, priv_key)
+        self.public_key = pub_key
+        self.priv_key = priv_key
+        self
+      end
+
+      def set_pqg(p, q, g)
+        self.p = p
+        self.q = q
+        self.g = g
+        self
+      end
+
+    end
+
+    class RSA
+
+      def set_key(n, e, d)
+        self.n = n
+        self.e = e
+        self.d = d
+        self
+      end
+
+      def set_factors(p, q)
+        self.p = p
+        self.q = q
+        self
+      end
+
+      def set_crt_params(dmp1, dmq1, iqmp)
+        self.dmp1 = dmp1
+        self.dmq1 = dmq1
+        self.iqmp = iqmp
+        self
+      end
+
+    end
+
+    # openssl/lib/openssl/pkey.rb :
+
+    class DH
+
+      remove_const :DEFAULT_512 if const_defined?(:DEFAULT_512)
+
+      DEFAULT_2048 = new <<-_end_of_pem_
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEA7E6kBrYiyvmKAMzQ7i8WvwVk9Y/+f8S7sCTN712KkK3cqd1jhJDY
+JbrYeNV3kUIKhPxWHhObHKpD1R84UpL+s2b55+iMd6GmL7OYmNIT/FccKhTcveab
+VBmZT86BZKYyf45hUF9FOuUM9xPzuK3Vd8oJQvfYMCd7LPC0taAEljQLR4Edf8E6
+YoaOffgTf5qxiwkjnlVZQc3whgnEt9FpVMvQ9eknyeGB5KHfayAc3+hUAvI3/Cr3
+1bNveX5wInh5GDx1FGhKBZ+s1H+aedudCm7sCgRwv8lKWYGiHzObSma8A86KG+MD
+7Lo5JquQ3DlBodj3IDyPrxIv96lvRPFtAwIBAg==
+-----END DH PARAMETERS-----
+      _end_of_pem_
+
+    end
+
+    remove_const :DEFAULT_TMP_DH_CALLBACK if const_defined?(:DEFAULT_TMP_DH_CALLBACK)
+
+    DEFAULT_TMP_DH_CALLBACK = lambda { |ctx, is_export, keylen|
+      warn "using default DH parameters." if $VERBOSE
+      case keylen
+        when 1024 then OpenSSL::PKey::DH::DEFAULT_1024
+        when 2048 then OpenSSL::PKey::DH::DEFAULT_2048
+        else nil
+      end
+    }
+
+  end
+
+end

data/pom.xml

@@ -11,7 +11,7 @@ DO NOT MODIFIY - GENERATED CODE
   <modelVersion>4.0.0</modelVersion>
   <groupId>rubygems</groupId>
   <artifactId>jruby-openssl</artifactId>
-  <version>0.9.18</version>
+  <version>0.9.19</version>
   <packaging>gem</packaging>
   <name>JRuby OpenSSL</name>
   <description>JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL native library.</description>

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: jruby-openssl
 version: !ruby/object:Gem::Version
-  version: 0.9.18
+  version: 0.9.19
 platform: java
 authors:
 - Ola Bini
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-11-06 00:00:00.000000000 Z
+date: 2016-12-02 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
@@ -118,6 +118,7 @@ files:
 - lib/jopenssl23/openssl/pkey.rb
 - lib/jopenssl23/openssl/ssl.rb
 - lib/jopenssl23/openssl/x509.rb
+- lib/jopenssl24.rb
 - lib/jruby-openssl.rb
 - lib/openssl.rb
 - lib/openssl/bn.rb