openssl-custom 2.2.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +7 -0
- data/BSDL +22 -0
- data/CONTRIBUTING.md +132 -0
- data/History.md +485 -0
- data/LICENSE.txt +56 -0
- data/README.md +66 -0
- data/ext/openssl/extconf.rb +190 -0
- data/ext/openssl/openssl_missing.c +106 -0
- data/ext/openssl/openssl_missing.h +257 -0
- data/ext/openssl/ossl.c +1282 -0
- data/ext/openssl/ossl.h +181 -0
- data/ext/openssl/ossl_asn1.c +1878 -0
- data/ext/openssl/ossl_asn1.h +62 -0
- data/ext/openssl/ossl_bio.c +42 -0
- data/ext/openssl/ossl_bio.h +16 -0
- data/ext/openssl/ossl_bn.c +1270 -0
- data/ext/openssl/ossl_bn.h +26 -0
- data/ext/openssl/ossl_cipher.c +1075 -0
- data/ext/openssl/ossl_cipher.h +20 -0
- data/ext/openssl/ossl_config.c +89 -0
- data/ext/openssl/ossl_config.h +19 -0
- data/ext/openssl/ossl_digest.c +425 -0
- data/ext/openssl/ossl_digest.h +20 -0
- data/ext/openssl/ossl_engine.c +567 -0
- data/ext/openssl/ossl_engine.h +19 -0
- data/ext/openssl/ossl_hmac.c +389 -0
- data/ext/openssl/ossl_hmac.h +18 -0
- data/ext/openssl/ossl_kdf.c +303 -0
- data/ext/openssl/ossl_kdf.h +6 -0
- data/ext/openssl/ossl_ns_spki.c +405 -0
- data/ext/openssl/ossl_ns_spki.h +19 -0
- data/ext/openssl/ossl_ocsp.c +2013 -0
- data/ext/openssl/ossl_ocsp.h +23 -0
- data/ext/openssl/ossl_pkcs12.c +257 -0
- data/ext/openssl/ossl_pkcs12.h +13 -0
- data/ext/openssl/ossl_pkcs7.c +1098 -0
- data/ext/openssl/ossl_pkcs7.h +36 -0
- data/ext/openssl/ossl_pkey.c +673 -0
- data/ext/openssl/ossl_pkey.h +241 -0
- data/ext/openssl/ossl_pkey_dh.c +650 -0
- data/ext/openssl/ossl_pkey_dsa.c +664 -0
- data/ext/openssl/ossl_pkey_ec.c +1827 -0
- data/ext/openssl/ossl_pkey_rsa.c +966 -0
- data/ext/openssl/ossl_rand.c +200 -0
- data/ext/openssl/ossl_rand.h +18 -0
- data/ext/openssl/ossl_ssl.c +3080 -0
- data/ext/openssl/ossl_ssl.h +36 -0
- data/ext/openssl/ossl_ssl_session.c +332 -0
- data/ext/openssl/ossl_ts.c +1524 -0
- data/ext/openssl/ossl_ts.h +16 -0
- data/ext/openssl/ossl_x509.c +262 -0
- data/ext/openssl/ossl_x509.h +115 -0
- data/ext/openssl/ossl_x509attr.c +324 -0
- data/ext/openssl/ossl_x509cert.c +846 -0
- data/ext/openssl/ossl_x509crl.c +542 -0
- data/ext/openssl/ossl_x509ext.c +491 -0
- data/ext/openssl/ossl_x509name.c +590 -0
- data/ext/openssl/ossl_x509req.c +441 -0
- data/ext/openssl/ossl_x509revoked.c +300 -0
- data/ext/openssl/ossl_x509store.c +902 -0
- data/ext/openssl/ruby_missing.h +24 -0
- data/lib/openssl/bn.rb +40 -0
- data/lib/openssl/buffering.rb +478 -0
- data/lib/openssl/cipher.rb +67 -0
- data/lib/openssl/config.rb +501 -0
- data/lib/openssl/digest.rb +73 -0
- data/lib/openssl/hmac.rb +13 -0
- data/lib/openssl/marshal.rb +30 -0
- data/lib/openssl/pkcs5.rb +22 -0
- data/lib/openssl/pkey.rb +42 -0
- data/lib/openssl/ssl.rb +542 -0
- data/lib/openssl/version.rb +5 -0
- data/lib/openssl/x509.rb +369 -0
- data/lib/openssl.rb +38 -0
- metadata +196 -0
data/LICENSE.txt
ADDED
@@ -0,0 +1,56 @@
|
|
1
|
+
Ruby is copyrighted free software by Yukihiro Matsumoto <matz@netlab.jp>.
|
2
|
+
You can redistribute it and/or modify it under either the terms of the
|
3
|
+
2-clause BSDL (see the file BSDL), or the conditions below:
|
4
|
+
|
5
|
+
1. You may make and give away verbatim copies of the source form of the
|
6
|
+
software without restriction, provided that you duplicate all of the
|
7
|
+
original copyright notices and associated disclaimers.
|
8
|
+
|
9
|
+
2. You may modify your copy of the software in any way, provided that
|
10
|
+
you do at least ONE of the following:
|
11
|
+
|
12
|
+
a) place your modifications in the Public Domain or otherwise
|
13
|
+
make them Freely Available, such as by posting said
|
14
|
+
modifications to Usenet or an equivalent medium, or by allowing
|
15
|
+
the author to include your modifications in the software.
|
16
|
+
|
17
|
+
b) use the modified software only within your corporation or
|
18
|
+
organization.
|
19
|
+
|
20
|
+
c) give non-standard binaries non-standard names, with
|
21
|
+
instructions on where to get the original software distribution.
|
22
|
+
|
23
|
+
d) make other distribution arrangements with the author.
|
24
|
+
|
25
|
+
3. You may distribute the software in object code or binary form,
|
26
|
+
provided that you do at least ONE of the following:
|
27
|
+
|
28
|
+
a) distribute the binaries and library files of the software,
|
29
|
+
together with instructions (in the manual page or equivalent)
|
30
|
+
on where to get the original distribution.
|
31
|
+
|
32
|
+
b) accompany the distribution with the machine-readable source of
|
33
|
+
the software.
|
34
|
+
|
35
|
+
c) give non-standard binaries non-standard names, with
|
36
|
+
instructions on where to get the original software distribution.
|
37
|
+
|
38
|
+
d) make other distribution arrangements with the author.
|
39
|
+
|
40
|
+
4. You may modify and include the part of the software into any other
|
41
|
+
software (possibly commercial). But some files in the distribution
|
42
|
+
are not written by the author, so that they are not under these terms.
|
43
|
+
|
44
|
+
For the list of those files and their copying conditions, see the
|
45
|
+
file LEGAL.
|
46
|
+
|
47
|
+
5. The scripts and library files supplied as input to or produced as
|
48
|
+
output from the software do not automatically fall under the
|
49
|
+
copyright of the software, but belong to whomever generated them,
|
50
|
+
and may be sold commercially, and may be aggregated with this
|
51
|
+
software.
|
52
|
+
|
53
|
+
6. THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR
|
54
|
+
IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
|
55
|
+
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
56
|
+
PURPOSE.
|
data/README.md
ADDED
@@ -0,0 +1,66 @@
|
|
1
|
+
# OpenSSL for Ruby
|
2
|
+
|
3
|
+
[](https://github.com/ruby/openssl/actions?workflow=CI)
|
4
|
+
|
5
|
+
|
6
|
+
OpenSSL provides SSL, TLS and general purpose cryptography. It wraps the
|
7
|
+
OpenSSL library.
|
8
|
+
|
9
|
+
## Installation
|
10
|
+
|
11
|
+
The openssl gem is available at [rubygems.org](https://rubygems.org/gems/openssl).
|
12
|
+
You can install with:
|
13
|
+
|
14
|
+
```
|
15
|
+
gem install openssl
|
16
|
+
```
|
17
|
+
|
18
|
+
You may need to specify the path where OpenSSL is installed.
|
19
|
+
|
20
|
+
```
|
21
|
+
gem install openssl -- --with-openssl-dir=/opt/openssl
|
22
|
+
```
|
23
|
+
|
24
|
+
Alternatively, you can install the gem with `bundler`:
|
25
|
+
|
26
|
+
```ruby
|
27
|
+
# Gemfile
|
28
|
+
gem 'openssl'
|
29
|
+
# or specify git master
|
30
|
+
gem 'openssl', git: 'https://github.com/ruby/openssl'
|
31
|
+
```
|
32
|
+
|
33
|
+
After doing `bundle install`, you should have the gem installed in your bundle.
|
34
|
+
|
35
|
+
## Usage
|
36
|
+
|
37
|
+
Once installed, you can require "openssl" in your application.
|
38
|
+
|
39
|
+
```ruby
|
40
|
+
require "openssl"
|
41
|
+
```
|
42
|
+
|
43
|
+
**NOTE**: If you are using Ruby 2.3 (and not Bundler), you **must** activate
|
44
|
+
the gem version of openssl, otherwise the default gem packaged with the Ruby
|
45
|
+
installation will be used:
|
46
|
+
|
47
|
+
```ruby
|
48
|
+
gem "openssl"
|
49
|
+
require "openssl"
|
50
|
+
```
|
51
|
+
|
52
|
+
## Documentation
|
53
|
+
|
54
|
+
See https://ruby.github.io/openssl/.
|
55
|
+
|
56
|
+
## Contributing
|
57
|
+
|
58
|
+
Please read our [CONTRIBUTING.md] for instructions.
|
59
|
+
|
60
|
+
## Security
|
61
|
+
|
62
|
+
Security issues should be reported to ruby-core by following the process
|
63
|
+
described on ["Security at ruby-lang.org"](https://www.ruby-lang.org/en/security/).
|
64
|
+
|
65
|
+
|
66
|
+
[CONTRIBUTING.md]: https://github.com/ruby/openssl/tree/master/CONTRIBUTING.md
|
@@ -0,0 +1,190 @@
|
|
1
|
+
# -*- coding: us-ascii -*-
|
2
|
+
# frozen_string_literal: true
|
3
|
+
=begin
|
4
|
+
= Info
|
5
|
+
'OpenSSL for Ruby 2' project
|
6
|
+
Copyright (C) 2002 Michal Rokos <m.rokos@sh.cvut.cz>
|
7
|
+
All rights reserved.
|
8
|
+
|
9
|
+
= Licence
|
10
|
+
This program is licensed under the same licence as Ruby.
|
11
|
+
(See the file 'LICENCE'.)
|
12
|
+
=end
|
13
|
+
|
14
|
+
require "mkmf"
|
15
|
+
|
16
|
+
dir_config_given = dir_config("openssl").any?
|
17
|
+
dir_config("kerberos")
|
18
|
+
|
19
|
+
Logging::message "=== OpenSSL for Ruby configurator ===\n"
|
20
|
+
|
21
|
+
##
|
22
|
+
# Adds -DOSSL_DEBUG for compilation and some more targets when GCC is used
|
23
|
+
# To turn it on, use: --with-debug or --enable-debug
|
24
|
+
#
|
25
|
+
if with_config("debug") or enable_config("debug")
|
26
|
+
$defs.push("-DOSSL_DEBUG")
|
27
|
+
end
|
28
|
+
|
29
|
+
Logging::message "=== Checking for system dependent stuff... ===\n"
|
30
|
+
have_library("nsl", "t_open")
|
31
|
+
have_library("socket", "socket")
|
32
|
+
if $mswin || $mingw
|
33
|
+
have_library("ws2_32")
|
34
|
+
end
|
35
|
+
|
36
|
+
if $mingw
|
37
|
+
append_cflags '-D_FORTIFY_SOURCE=2'
|
38
|
+
append_ldflags '-fstack-protector'
|
39
|
+
have_library 'ssp'
|
40
|
+
end
|
41
|
+
|
42
|
+
def find_openssl_library
|
43
|
+
if $mswin || $mingw
|
44
|
+
# required for static OpenSSL libraries
|
45
|
+
have_library("gdi32") # OpenSSL <= 1.0.2 (for RAND_screen())
|
46
|
+
have_library("crypt32")
|
47
|
+
end
|
48
|
+
|
49
|
+
return false unless have_header("openssl/ssl.h")
|
50
|
+
|
51
|
+
ret = have_library("crypto", "CRYPTO_malloc") &&
|
52
|
+
have_library("ssl", "SSL_new")
|
53
|
+
return ret if ret
|
54
|
+
|
55
|
+
if $mswin
|
56
|
+
# OpenSSL >= 1.1.0: libcrypto.lib and libssl.lib.
|
57
|
+
if have_library("libcrypto", "CRYPTO_malloc") &&
|
58
|
+
have_library("libssl", "SSL_new")
|
59
|
+
return true
|
60
|
+
end
|
61
|
+
|
62
|
+
# OpenSSL <= 1.0.2: libeay32.lib and ssleay32.lib.
|
63
|
+
if have_library("libeay32", "CRYPTO_malloc") &&
|
64
|
+
have_library("ssleay32", "SSL_new")
|
65
|
+
return true
|
66
|
+
end
|
67
|
+
|
68
|
+
# LibreSSL: libcrypto-##.lib and libssl-##.lib, where ## is the ABI version
|
69
|
+
# number. We have to find the version number out by scanning libpath.
|
70
|
+
libpath = $LIBPATH.dup
|
71
|
+
libpath |= ENV["LIB"].split(File::PATH_SEPARATOR)
|
72
|
+
libpath.map! { |d| d.tr(File::ALT_SEPARATOR, File::SEPARATOR) }
|
73
|
+
|
74
|
+
ret = [
|
75
|
+
["crypto", "CRYPTO_malloc"],
|
76
|
+
["ssl", "SSL_new"]
|
77
|
+
].all? do |base, func|
|
78
|
+
result = false
|
79
|
+
libs = ["lib#{base}-[0-9][0-9]", "lib#{base}-[0-9][0-9][0-9]"]
|
80
|
+
libs = Dir.glob(libs.map{|l| libpath.map{|d| File.join(d, l + ".*")}}.flatten).map{|path| File.basename(path, ".*")}.uniq
|
81
|
+
libs.each do |lib|
|
82
|
+
result = have_library(lib, func)
|
83
|
+
break if result
|
84
|
+
end
|
85
|
+
result
|
86
|
+
end
|
87
|
+
return ret if ret
|
88
|
+
end
|
89
|
+
return false
|
90
|
+
end
|
91
|
+
|
92
|
+
Logging::message "=== Checking for required stuff... ===\n"
|
93
|
+
pkg_config_found = !dir_config_given && pkg_config("openssl") && have_header("openssl/ssl.h")
|
94
|
+
|
95
|
+
if !pkg_config_found && !find_openssl_library
|
96
|
+
Logging::message "=== Checking for required stuff failed. ===\n"
|
97
|
+
Logging::message "Makefile wasn't created. Fix the errors above.\n"
|
98
|
+
raise "OpenSSL library could not be found. You might want to use " \
|
99
|
+
"--with-openssl-dir=<dir> option to specify the prefix where OpenSSL " \
|
100
|
+
"is installed."
|
101
|
+
end
|
102
|
+
|
103
|
+
version_ok = if have_macro("LIBRESSL_VERSION_NUMBER", "openssl/opensslv.h")
|
104
|
+
is_libressl = true
|
105
|
+
checking_for("LibreSSL version >= 2.5.0") {
|
106
|
+
try_static_assert("LIBRESSL_VERSION_NUMBER >= 0x20500000L", "openssl/opensslv.h") }
|
107
|
+
else
|
108
|
+
checking_for("OpenSSL version >= 1.0.1 and < 3.0.0") {
|
109
|
+
try_static_assert("OPENSSL_VERSION_NUMBER >= 0x10001000L", "openssl/opensslv.h") &&
|
110
|
+
!try_static_assert("OPENSSL_VERSION_MAJOR >= 3", "openssl/opensslv.h") }
|
111
|
+
end
|
112
|
+
unless version_ok
|
113
|
+
raise "OpenSSL >= 1.0.1, < 3.0.0 or LibreSSL >= 2.5.0 is required"
|
114
|
+
end
|
115
|
+
|
116
|
+
# Prevent wincrypt.h from being included, which defines conflicting macro with openssl/x509.h
|
117
|
+
if is_libressl && ($mswin || $mingw)
|
118
|
+
$defs.push("-DNOCRYPT")
|
119
|
+
end
|
120
|
+
|
121
|
+
Logging::message "=== Checking for OpenSSL features... ===\n"
|
122
|
+
# compile options
|
123
|
+
have_func("RAND_egd")
|
124
|
+
engines = %w{dynamic 4758cca aep atalla chil
|
125
|
+
cswift nuron sureware ubsec padlock capi gmp gost cryptodev}
|
126
|
+
engines.each { |name|
|
127
|
+
have_func("ENGINE_load_#{name}()", "openssl/engine.h")
|
128
|
+
}
|
129
|
+
|
130
|
+
# added in 1.0.2
|
131
|
+
have_func("EC_curve_nist2nid")
|
132
|
+
have_func("X509_REVOKED_dup")
|
133
|
+
have_func("X509_STORE_CTX_get0_store")
|
134
|
+
have_func("SSL_CTX_set_alpn_select_cb")
|
135
|
+
have_func("SSL_CTX_set1_curves_list(NULL, NULL)", "openssl/ssl.h")
|
136
|
+
have_func("SSL_CTX_set_ecdh_auto(NULL, 0)", "openssl/ssl.h")
|
137
|
+
have_func("SSL_get_server_tmp_key(NULL, NULL)", "openssl/ssl.h")
|
138
|
+
have_func("SSL_is_server")
|
139
|
+
|
140
|
+
# added in 1.1.0
|
141
|
+
if !have_struct_member("SSL", "ctx", "openssl/ssl.h") ||
|
142
|
+
try_static_assert("LIBRESSL_VERSION_NUMBER >= 0x2070000fL", "openssl/opensslv.h")
|
143
|
+
$defs.push("-DHAVE_OPAQUE_OPENSSL")
|
144
|
+
end
|
145
|
+
have_func("CRYPTO_lock") || $defs.push("-DHAVE_OPENSSL_110_THREADING_API")
|
146
|
+
have_func("BN_GENCB_new")
|
147
|
+
have_func("BN_GENCB_free")
|
148
|
+
have_func("BN_GENCB_get_arg")
|
149
|
+
have_func("EVP_MD_CTX_new")
|
150
|
+
have_func("EVP_MD_CTX_free")
|
151
|
+
have_func("HMAC_CTX_new")
|
152
|
+
have_func("HMAC_CTX_free")
|
153
|
+
have_func("X509_STORE_get_ex_data")
|
154
|
+
have_func("X509_STORE_set_ex_data")
|
155
|
+
have_func("X509_STORE_get_ex_new_index")
|
156
|
+
have_func("X509_CRL_get0_signature")
|
157
|
+
have_func("X509_REQ_get0_signature")
|
158
|
+
have_func("X509_REVOKED_get0_serialNumber")
|
159
|
+
have_func("X509_REVOKED_get0_revocationDate")
|
160
|
+
have_func("X509_get0_tbs_sigalg")
|
161
|
+
have_func("X509_STORE_CTX_get0_untrusted")
|
162
|
+
have_func("X509_STORE_CTX_get0_cert")
|
163
|
+
have_func("X509_STORE_CTX_get0_chain")
|
164
|
+
have_func("OCSP_SINGLERESP_get0_id")
|
165
|
+
have_func("SSL_CTX_get_ciphers")
|
166
|
+
have_func("X509_up_ref")
|
167
|
+
have_func("X509_CRL_up_ref")
|
168
|
+
have_func("X509_STORE_up_ref")
|
169
|
+
have_func("SSL_SESSION_up_ref")
|
170
|
+
have_func("EVP_PKEY_up_ref")
|
171
|
+
have_func("SSL_CTX_set_tmp_ecdh_callback(NULL, NULL)", "openssl/ssl.h") # removed
|
172
|
+
have_func("SSL_CTX_set_min_proto_version(NULL, 0)", "openssl/ssl.h")
|
173
|
+
have_func("SSL_CTX_get_security_level")
|
174
|
+
have_func("X509_get0_notBefore")
|
175
|
+
have_func("SSL_SESSION_get_protocol_version")
|
176
|
+
have_func("TS_STATUS_INFO_get0_status")
|
177
|
+
have_func("TS_STATUS_INFO_get0_text")
|
178
|
+
have_func("TS_STATUS_INFO_get0_failure_info")
|
179
|
+
have_func("TS_VERIFY_CTS_set_certs")
|
180
|
+
have_func("TS_VERIFY_CTX_set_store")
|
181
|
+
have_func("TS_VERIFY_CTX_add_flags")
|
182
|
+
have_func("TS_RESP_CTX_set_time_cb")
|
183
|
+
have_func("EVP_PBE_scrypt")
|
184
|
+
have_func("SSL_CTX_set_post_handshake_auth")
|
185
|
+
|
186
|
+
Logging::message "=== Checking done. ===\n"
|
187
|
+
|
188
|
+
create_header
|
189
|
+
create_makefile("openssl")
|
190
|
+
Logging::message "Done.\n"
|
@@ -0,0 +1,106 @@
|
|
1
|
+
/*
|
2
|
+
* 'OpenSSL for Ruby' project
|
3
|
+
* Copyright (C) 2001-2002 Michal Rokos <m.rokos@sh.cvut.cz>
|
4
|
+
* All rights reserved.
|
5
|
+
*/
|
6
|
+
/*
|
7
|
+
* This program is licensed under the same licence as Ruby.
|
8
|
+
* (See the file 'LICENCE'.)
|
9
|
+
*/
|
10
|
+
#include RUBY_EXTCONF_H
|
11
|
+
|
12
|
+
#include <string.h> /* memcpy() */
|
13
|
+
#if !defined(OPENSSL_NO_ENGINE)
|
14
|
+
# include <openssl/engine.h>
|
15
|
+
#endif
|
16
|
+
#if !defined(OPENSSL_NO_HMAC)
|
17
|
+
# include <openssl/hmac.h>
|
18
|
+
#endif
|
19
|
+
#include <openssl/x509_vfy.h>
|
20
|
+
|
21
|
+
#include "openssl_missing.h"
|
22
|
+
|
23
|
+
/* added in 1.0.2 */
|
24
|
+
#if !defined(OPENSSL_NO_EC)
|
25
|
+
#if !defined(HAVE_EC_CURVE_NIST2NID)
|
26
|
+
static struct {
|
27
|
+
const char *name;
|
28
|
+
int nid;
|
29
|
+
} nist_curves[] = {
|
30
|
+
{"B-163", NID_sect163r2},
|
31
|
+
{"B-233", NID_sect233r1},
|
32
|
+
{"B-283", NID_sect283r1},
|
33
|
+
{"B-409", NID_sect409r1},
|
34
|
+
{"B-571", NID_sect571r1},
|
35
|
+
{"K-163", NID_sect163k1},
|
36
|
+
{"K-233", NID_sect233k1},
|
37
|
+
{"K-283", NID_sect283k1},
|
38
|
+
{"K-409", NID_sect409k1},
|
39
|
+
{"K-571", NID_sect571k1},
|
40
|
+
{"P-192", NID_X9_62_prime192v1},
|
41
|
+
{"P-224", NID_secp224r1},
|
42
|
+
{"P-256", NID_X9_62_prime256v1},
|
43
|
+
{"P-384", NID_secp384r1},
|
44
|
+
{"P-521", NID_secp521r1}
|
45
|
+
};
|
46
|
+
|
47
|
+
int
|
48
|
+
ossl_EC_curve_nist2nid(const char *name)
|
49
|
+
{
|
50
|
+
size_t i;
|
51
|
+
for (i = 0; i < (sizeof(nist_curves) / sizeof(nist_curves[0])); i++) {
|
52
|
+
if (!strcmp(nist_curves[i].name, name))
|
53
|
+
return nist_curves[i].nid;
|
54
|
+
}
|
55
|
+
return NID_undef;
|
56
|
+
}
|
57
|
+
#endif
|
58
|
+
#endif
|
59
|
+
|
60
|
+
/*** added in 1.1.0 ***/
|
61
|
+
#if !defined(HAVE_HMAC_CTX_NEW)
|
62
|
+
HMAC_CTX *
|
63
|
+
ossl_HMAC_CTX_new(void)
|
64
|
+
{
|
65
|
+
HMAC_CTX *ctx = OPENSSL_malloc(sizeof(HMAC_CTX));
|
66
|
+
if (!ctx)
|
67
|
+
return NULL;
|
68
|
+
HMAC_CTX_init(ctx);
|
69
|
+
return ctx;
|
70
|
+
}
|
71
|
+
#endif
|
72
|
+
|
73
|
+
#if !defined(HAVE_HMAC_CTX_FREE)
|
74
|
+
void
|
75
|
+
ossl_HMAC_CTX_free(HMAC_CTX *ctx)
|
76
|
+
{
|
77
|
+
if (ctx) {
|
78
|
+
HMAC_CTX_cleanup(ctx);
|
79
|
+
OPENSSL_free(ctx);
|
80
|
+
}
|
81
|
+
}
|
82
|
+
#endif
|
83
|
+
|
84
|
+
#if !defined(HAVE_X509_CRL_GET0_SIGNATURE)
|
85
|
+
void
|
86
|
+
ossl_X509_CRL_get0_signature(const X509_CRL *crl, const ASN1_BIT_STRING **psig,
|
87
|
+
const X509_ALGOR **palg)
|
88
|
+
{
|
89
|
+
if (psig != NULL)
|
90
|
+
*psig = crl->signature;
|
91
|
+
if (palg != NULL)
|
92
|
+
*palg = crl->sig_alg;
|
93
|
+
}
|
94
|
+
#endif
|
95
|
+
|
96
|
+
#if !defined(HAVE_X509_REQ_GET0_SIGNATURE)
|
97
|
+
void
|
98
|
+
ossl_X509_REQ_get0_signature(const X509_REQ *req, const ASN1_BIT_STRING **psig,
|
99
|
+
const X509_ALGOR **palg)
|
100
|
+
{
|
101
|
+
if (psig != NULL)
|
102
|
+
*psig = req->signature;
|
103
|
+
if (palg != NULL)
|
104
|
+
*palg = req->sig_alg;
|
105
|
+
}
|
106
|
+
#endif
|
@@ -0,0 +1,257 @@
|
|
1
|
+
/*
|
2
|
+
* 'OpenSSL for Ruby' project
|
3
|
+
* Copyright (C) 2001-2002 Michal Rokos <m.rokos@sh.cvut.cz>
|
4
|
+
* All rights reserved.
|
5
|
+
*/
|
6
|
+
/*
|
7
|
+
* This program is licensed under the same licence as Ruby.
|
8
|
+
* (See the file 'LICENCE'.)
|
9
|
+
*/
|
10
|
+
#if !defined(_OSSL_OPENSSL_MISSING_H_)
|
11
|
+
#define _OSSL_OPENSSL_MISSING_H_
|
12
|
+
|
13
|
+
#include "ruby/config.h"
|
14
|
+
|
15
|
+
/* added in 1.0.2 */
|
16
|
+
#if !defined(OPENSSL_NO_EC)
|
17
|
+
#if !defined(HAVE_EC_CURVE_NIST2NID)
|
18
|
+
int ossl_EC_curve_nist2nid(const char *);
|
19
|
+
# define EC_curve_nist2nid ossl_EC_curve_nist2nid
|
20
|
+
#endif
|
21
|
+
#endif
|
22
|
+
|
23
|
+
#if !defined(HAVE_X509_REVOKED_DUP)
|
24
|
+
# define X509_REVOKED_dup(rev) (X509_REVOKED *)ASN1_dup((i2d_of_void *)i2d_X509_REVOKED, \
|
25
|
+
(d2i_of_void *)d2i_X509_REVOKED, (char *)(rev))
|
26
|
+
#endif
|
27
|
+
|
28
|
+
#if !defined(HAVE_X509_STORE_CTX_GET0_STORE)
|
29
|
+
# define X509_STORE_CTX_get0_store(x) ((x)->ctx)
|
30
|
+
#endif
|
31
|
+
|
32
|
+
#if !defined(HAVE_SSL_IS_SERVER)
|
33
|
+
# define SSL_is_server(s) ((s)->server)
|
34
|
+
#endif
|
35
|
+
|
36
|
+
/* added in 1.1.0 */
|
37
|
+
#if !defined(HAVE_BN_GENCB_NEW)
|
38
|
+
# define BN_GENCB_new() ((BN_GENCB *)OPENSSL_malloc(sizeof(BN_GENCB)))
|
39
|
+
#endif
|
40
|
+
|
41
|
+
#if !defined(HAVE_BN_GENCB_FREE)
|
42
|
+
# define BN_GENCB_free(cb) OPENSSL_free(cb)
|
43
|
+
#endif
|
44
|
+
|
45
|
+
#if !defined(HAVE_BN_GENCB_GET_ARG)
|
46
|
+
# define BN_GENCB_get_arg(cb) (cb)->arg
|
47
|
+
#endif
|
48
|
+
|
49
|
+
#if !defined(HAVE_EVP_MD_CTX_NEW)
|
50
|
+
# define EVP_MD_CTX_new EVP_MD_CTX_create
|
51
|
+
#endif
|
52
|
+
|
53
|
+
#if !defined(HAVE_EVP_MD_CTX_FREE)
|
54
|
+
# define EVP_MD_CTX_free EVP_MD_CTX_destroy
|
55
|
+
#endif
|
56
|
+
|
57
|
+
#if !defined(HAVE_HMAC_CTX_NEW)
|
58
|
+
HMAC_CTX *ossl_HMAC_CTX_new(void);
|
59
|
+
# define HMAC_CTX_new ossl_HMAC_CTX_new
|
60
|
+
#endif
|
61
|
+
|
62
|
+
#if !defined(HAVE_HMAC_CTX_FREE)
|
63
|
+
void ossl_HMAC_CTX_free(HMAC_CTX *);
|
64
|
+
# define HMAC_CTX_free ossl_HMAC_CTX_free
|
65
|
+
#endif
|
66
|
+
|
67
|
+
#if !defined(HAVE_X509_STORE_GET_EX_DATA)
|
68
|
+
# define X509_STORE_get_ex_data(x, idx) \
|
69
|
+
CRYPTO_get_ex_data(&(x)->ex_data, (idx))
|
70
|
+
#endif
|
71
|
+
|
72
|
+
#if !defined(HAVE_X509_STORE_SET_EX_DATA)
|
73
|
+
# define X509_STORE_set_ex_data(x, idx, data) \
|
74
|
+
CRYPTO_set_ex_data(&(x)->ex_data, (idx), (data))
|
75
|
+
#endif
|
76
|
+
|
77
|
+
#if !defined(HAVE_X509_STORE_GET_EX_NEW_INDEX) && !defined(X509_STORE_get_ex_new_index)
|
78
|
+
# define X509_STORE_get_ex_new_index(l, p, newf, dupf, freef) \
|
79
|
+
CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_X509_STORE, (l), (p), \
|
80
|
+
(newf), (dupf), (freef))
|
81
|
+
#endif
|
82
|
+
|
83
|
+
#if !defined(HAVE_X509_CRL_GET0_SIGNATURE)
|
84
|
+
void ossl_X509_CRL_get0_signature(const X509_CRL *, const ASN1_BIT_STRING **, const X509_ALGOR **);
|
85
|
+
# define X509_CRL_get0_signature ossl_X509_CRL_get0_signature
|
86
|
+
#endif
|
87
|
+
|
88
|
+
#if !defined(HAVE_X509_REQ_GET0_SIGNATURE)
|
89
|
+
void ossl_X509_REQ_get0_signature(const X509_REQ *, const ASN1_BIT_STRING **, const X509_ALGOR **);
|
90
|
+
# define X509_REQ_get0_signature ossl_X509_REQ_get0_signature
|
91
|
+
#endif
|
92
|
+
|
93
|
+
#if !defined(HAVE_X509_REVOKED_GET0_SERIALNUMBER)
|
94
|
+
# define X509_REVOKED_get0_serialNumber(x) ((x)->serialNumber)
|
95
|
+
#endif
|
96
|
+
|
97
|
+
#if !defined(HAVE_X509_REVOKED_GET0_REVOCATIONDATE)
|
98
|
+
# define X509_REVOKED_get0_revocationDate(x) ((x)->revocationDate)
|
99
|
+
#endif
|
100
|
+
|
101
|
+
#if !defined(HAVE_X509_GET0_TBS_SIGALG)
|
102
|
+
# define X509_get0_tbs_sigalg(x) ((x)->cert_info->signature)
|
103
|
+
#endif
|
104
|
+
|
105
|
+
#if !defined(HAVE_X509_STORE_CTX_GET0_UNTRUSTED)
|
106
|
+
# define X509_STORE_CTX_get0_untrusted(x) ((x)->untrusted)
|
107
|
+
#endif
|
108
|
+
|
109
|
+
#if !defined(HAVE_X509_STORE_CTX_GET0_CERT)
|
110
|
+
# define X509_STORE_CTX_get0_cert(x) ((x)->cert)
|
111
|
+
#endif
|
112
|
+
|
113
|
+
#if !defined(HAVE_X509_STORE_CTX_GET0_CHAIN)
|
114
|
+
# define X509_STORE_CTX_get0_chain(ctx) X509_STORE_CTX_get_chain(ctx)
|
115
|
+
#endif
|
116
|
+
|
117
|
+
#if !defined(HAVE_OCSP_SINGLERESP_GET0_ID)
|
118
|
+
# define OCSP_SINGLERESP_get0_id(s) ((s)->certId)
|
119
|
+
#endif
|
120
|
+
|
121
|
+
#if !defined(HAVE_SSL_CTX_GET_CIPHERS)
|
122
|
+
# define SSL_CTX_get_ciphers(ctx) ((ctx)->cipher_list)
|
123
|
+
#endif
|
124
|
+
|
125
|
+
#if !defined(HAVE_X509_UP_REF)
|
126
|
+
# define X509_up_ref(x) \
|
127
|
+
CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_X509)
|
128
|
+
#endif
|
129
|
+
|
130
|
+
#if !defined(HAVE_X509_CRL_UP_REF)
|
131
|
+
# define X509_CRL_up_ref(x) \
|
132
|
+
CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_X509_CRL);
|
133
|
+
#endif
|
134
|
+
|
135
|
+
#if !defined(HAVE_X509_STORE_UP_REF)
|
136
|
+
# define X509_STORE_up_ref(x) \
|
137
|
+
CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_X509_STORE);
|
138
|
+
#endif
|
139
|
+
|
140
|
+
#if !defined(HAVE_SSL_SESSION_UP_REF)
|
141
|
+
# define SSL_SESSION_up_ref(x) \
|
142
|
+
CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_SSL_SESSION);
|
143
|
+
#endif
|
144
|
+
|
145
|
+
#if !defined(HAVE_EVP_PKEY_UP_REF)
|
146
|
+
# define EVP_PKEY_up_ref(x) \
|
147
|
+
CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_EVP_PKEY);
|
148
|
+
#endif
|
149
|
+
|
150
|
+
#if !defined(HAVE_OPAQUE_OPENSSL) && \
|
151
|
+
(!defined(LIBRESSL_VERSION_NUMBER) || LIBRESSL_VERSION_NUMBER < 0x2070000fL)
|
152
|
+
#define IMPL_PKEY_GETTER(_type, _name) \
|
153
|
+
static inline _type *EVP_PKEY_get0_##_type(EVP_PKEY *pkey) { \
|
154
|
+
return pkey->pkey._name; }
|
155
|
+
#define IMPL_KEY_ACCESSOR2(_type, _group, a1, a2, _fail_cond) \
|
156
|
+
static inline void _type##_get0_##_group(const _type *obj, const BIGNUM **a1, const BIGNUM **a2) { \
|
157
|
+
if (a1) *a1 = obj->a1; \
|
158
|
+
if (a2) *a2 = obj->a2; } \
|
159
|
+
static inline int _type##_set0_##_group(_type *obj, BIGNUM *a1, BIGNUM *a2) { \
|
160
|
+
if (_fail_cond) return 0; \
|
161
|
+
BN_clear_free(obj->a1); obj->a1 = a1; \
|
162
|
+
BN_clear_free(obj->a2); obj->a2 = a2; \
|
163
|
+
return 1; }
|
164
|
+
#define IMPL_KEY_ACCESSOR3(_type, _group, a1, a2, a3, _fail_cond) \
|
165
|
+
static inline void _type##_get0_##_group(const _type *obj, const BIGNUM **a1, const BIGNUM **a2, const BIGNUM **a3) { \
|
166
|
+
if (a1) *a1 = obj->a1; \
|
167
|
+
if (a2) *a2 = obj->a2; \
|
168
|
+
if (a3) *a3 = obj->a3; } \
|
169
|
+
static inline int _type##_set0_##_group(_type *obj, BIGNUM *a1, BIGNUM *a2, BIGNUM *a3) { \
|
170
|
+
if (_fail_cond) return 0; \
|
171
|
+
BN_clear_free(obj->a1); obj->a1 = a1; \
|
172
|
+
BN_clear_free(obj->a2); obj->a2 = a2; \
|
173
|
+
BN_clear_free(obj->a3); obj->a3 = a3; \
|
174
|
+
return 1; }
|
175
|
+
|
176
|
+
#if !defined(OPENSSL_NO_RSA)
|
177
|
+
IMPL_PKEY_GETTER(RSA, rsa)
|
178
|
+
IMPL_KEY_ACCESSOR3(RSA, key, n, e, d, (n == obj->n || e == obj->e || (obj->d && d == obj->d)))
|
179
|
+
IMPL_KEY_ACCESSOR2(RSA, factors, p, q, (p == obj->p || q == obj->q))
|
180
|
+
IMPL_KEY_ACCESSOR3(RSA, crt_params, dmp1, dmq1, iqmp, (dmp1 == obj->dmp1 || dmq1 == obj->dmq1 || iqmp == obj->iqmp))
|
181
|
+
#endif
|
182
|
+
|
183
|
+
#if !defined(OPENSSL_NO_DSA)
|
184
|
+
IMPL_PKEY_GETTER(DSA, dsa)
|
185
|
+
IMPL_KEY_ACCESSOR2(DSA, key, pub_key, priv_key, (pub_key == obj->pub_key || (obj->priv_key && priv_key == obj->priv_key)))
|
186
|
+
IMPL_KEY_ACCESSOR3(DSA, pqg, p, q, g, (p == obj->p || q == obj->q || g == obj->g))
|
187
|
+
#endif
|
188
|
+
|
189
|
+
#if !defined(OPENSSL_NO_DH)
|
190
|
+
IMPL_PKEY_GETTER(DH, dh)
|
191
|
+
IMPL_KEY_ACCESSOR2(DH, key, pub_key, priv_key, (pub_key == obj->pub_key || (obj->priv_key && priv_key == obj->priv_key)))
|
192
|
+
IMPL_KEY_ACCESSOR3(DH, pqg, p, q, g, (p == obj->p || (obj->q && q == obj->q) || g == obj->g))
|
193
|
+
static inline ENGINE *DH_get0_engine(DH *dh) { return dh->engine; }
|
194
|
+
#endif
|
195
|
+
|
196
|
+
#if !defined(OPENSSL_NO_EC)
|
197
|
+
IMPL_PKEY_GETTER(EC_KEY, ec)
|
198
|
+
#endif
|
199
|
+
|
200
|
+
#undef IMPL_PKEY_GETTER
|
201
|
+
#undef IMPL_KEY_ACCESSOR2
|
202
|
+
#undef IMPL_KEY_ACCESSOR3
|
203
|
+
#endif /* HAVE_OPAQUE_OPENSSL */
|
204
|
+
|
205
|
+
#if !defined(EVP_CTRL_AEAD_GET_TAG)
|
206
|
+
# define EVP_CTRL_AEAD_GET_TAG EVP_CTRL_GCM_GET_TAG
|
207
|
+
# define EVP_CTRL_AEAD_SET_TAG EVP_CTRL_GCM_SET_TAG
|
208
|
+
# define EVP_CTRL_AEAD_SET_IVLEN EVP_CTRL_GCM_SET_IVLEN
|
209
|
+
#endif
|
210
|
+
|
211
|
+
#if !defined(HAVE_X509_GET0_NOTBEFORE)
|
212
|
+
# define X509_get0_notBefore(x) X509_get_notBefore(x)
|
213
|
+
# define X509_get0_notAfter(x) X509_get_notAfter(x)
|
214
|
+
# define X509_CRL_get0_lastUpdate(x) X509_CRL_get_lastUpdate(x)
|
215
|
+
# define X509_CRL_get0_nextUpdate(x) X509_CRL_get_nextUpdate(x)
|
216
|
+
# define X509_set1_notBefore(x, t) X509_set_notBefore(x, t)
|
217
|
+
# define X509_set1_notAfter(x, t) X509_set_notAfter(x, t)
|
218
|
+
# define X509_CRL_set1_lastUpdate(x, t) X509_CRL_set_lastUpdate(x, t)
|
219
|
+
# define X509_CRL_set1_nextUpdate(x, t) X509_CRL_set_nextUpdate(x, t)
|
220
|
+
#endif
|
221
|
+
|
222
|
+
#if !defined(HAVE_SSL_SESSION_GET_PROTOCOL_VERSION)
|
223
|
+
# define SSL_SESSION_get_protocol_version(s) ((s)->ssl_version)
|
224
|
+
#endif
|
225
|
+
|
226
|
+
#if !defined(HAVE_TS_STATUS_INFO_GET0_STATUS)
|
227
|
+
# define TS_STATUS_INFO_get0_status(a) ((a)->status)
|
228
|
+
#endif
|
229
|
+
|
230
|
+
#if !defined(HAVE_TS_STATUS_INFO_GET0_TEXT)
|
231
|
+
# define TS_STATUS_INFO_get0_text(a) ((a)->text)
|
232
|
+
#endif
|
233
|
+
|
234
|
+
#if !defined(HAVE_TS_STATUS_INFO_GET0_FAILURE_INFO)
|
235
|
+
# define TS_STATUS_INFO_get0_failure_info(a) ((a)->failure_info)
|
236
|
+
#endif
|
237
|
+
|
238
|
+
#if !defined(HAVE_TS_VERIFY_CTS_SET_CERTS)
|
239
|
+
# define TS_VERIFY_CTS_set_certs(ctx, crts) ((ctx)->certs=(crts))
|
240
|
+
#endif
|
241
|
+
|
242
|
+
#if !defined(HAVE_TS_VERIFY_CTX_SET_STORE)
|
243
|
+
# define TS_VERIFY_CTX_set_store(ctx, str) ((ctx)->store=(str))
|
244
|
+
#endif
|
245
|
+
|
246
|
+
#if !defined(HAVE_TS_VERIFY_CTX_ADD_FLAGS)
|
247
|
+
# define TS_VERIFY_CTX_add_flags(ctx, f) ((ctx)->flags |= (f))
|
248
|
+
#endif
|
249
|
+
|
250
|
+
#if !defined(HAVE_TS_RESP_CTX_SET_TIME_CB)
|
251
|
+
# define TS_RESP_CTX_set_time_cb(ctx, callback, dta) do { \
|
252
|
+
(ctx)->time_cb = (callback); \
|
253
|
+
(ctx)->time_cb_data = (dta); \
|
254
|
+
} while (0)
|
255
|
+
#endif
|
256
|
+
|
257
|
+
#endif /* _OSSL_OPENSSL_MISSING_H_ */
|