openssl 2.0.0.beta.2 → 2.0.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 0fb175be42485b5b6a9a5ded1672a24812be75b4
4
- data.tar.gz: 07d6597617677e14278d06045f922735881e465e
3
+ metadata.gz: 03d318590b847c8c1c1b994254b8e2487107bf31
4
+ data.tar.gz: 67dee2b7da3246aa429b2a35ec3fc44c93a7cc8f
5
5
  SHA512:
6
- metadata.gz: c9e75e005f17b9b69cf7d7db1d0aa344e65ec31f543f76fc8c0f99a0535f393bf1807a0301f186f68a08269390099b4d753aa51ed214cef8278d4d6756100d51
7
- data.tar.gz: b18c7445fff8461ef0fa7da91e20c7e7545b0cc228b2746dfb98d7f9d0ae8838271b38f264ff84eb78c93f7b579be4ce46b6307890434712a1a0dcf5e9981c87
6
+ metadata.gz: 2797a1a1a48b1ddd8181f668a4bbda6efa4362f20a8aaf05b8e9e14e403f25bc98eeec8a4749c98756ce88da465b21c5494432dcebcdbd52437805209f376b1d
7
+ data.tar.gz: e49508cdc45afcc6c564b4de70f1029b163c2660a583b06059f524b1a67e1295171bc253c2172d0ae7e77ac59d44a7b9edebc7415e135b5838120bca3dba3f05
@@ -44,7 +44,7 @@ Test cases are located under the
44
44
  You can run it with the following three commands:
45
45
 
46
46
  ```
47
- $ gem install rake-compiler test-unit
47
+ $ rake install_dependencies # installs rake-compiler, test-unit, ...
48
48
  $ rake compile
49
49
  $ rake test
50
50
  ```
data/History.md CHANGED
@@ -17,7 +17,7 @@ Supported platforms
17
17
 
18
18
  * OpenSSL 1.0.0, 1.0.1, 1.0.2, 1.1.0
19
19
  * OpenSSL < 0.9.8 is no longer supported.
20
- * LibreSSL 2.1, 2.2, 2.3, 2.4
20
+ * LibreSSL 2.3, 2.4, 2.5
21
21
  * Ruby 2.3, 2.4
22
22
 
23
23
  Notable changes
@@ -70,6 +70,9 @@ Notable changes
70
70
  linked with the EC key. Modifications to the EC::Group have no effect on the
71
71
  key. [[GH ruby/openssl#71]](https://github.com/ruby/openssl/pull/71)
72
72
 
73
+ - OpenSSL::PKey::EC::Point#to_bn allows specifying the point conversion form
74
+ by the optional argument.
75
+
73
76
  * OpenSSL::SSL
74
77
 
75
78
  - OpenSSL::SSL::SSLSocket#tmp_key is added. A client can call it after the
data/README.md CHANGED
@@ -1,6 +1,7 @@
1
- # OpenSSL
1
+ # OpenSSL for Ruby
2
2
 
3
3
  [![Build Status](https://travis-ci.org/ruby/openssl.svg?branch=master)](https://travis-ci.org/ruby/openssl)
4
+ [![Build status](https://ci.appveyor.com/api/projects/status/b8djtmwo7l26f88y/branch/master?svg=true)](https://ci.appveyor.com/project/ruby/openssl/branch/master)
4
5
 
5
6
  OpenSSL provides SSL, TLS and general purpose cryptography. It wraps the
6
7
  OpenSSL library.
@@ -48,14 +49,9 @@ gem "openssl"
48
49
  require "openssl"
49
50
  ```
50
51
 
51
- See the documentation on OpenSSL for more usage,
52
- and the official [OpenSSL library](http://www.openssl.org/).
52
+ ## Documentation
53
53
 
54
- ## Getting Started
55
-
56
- 1. `$ gem install rake-compiler test-unit`
57
- 2. `$ rake compile`
58
- 3. `$ rake test`
54
+ See https://ruby.github.io/openssl/.
59
55
 
60
56
  ## Contributing
61
57
 
@@ -33,14 +33,8 @@ end
33
33
  Logging::message "=== Checking for system dependent stuff... ===\n"
34
34
  have_library("nsl", "t_open")
35
35
  have_library("socket", "socket")
36
- have_header("assert.h")
37
36
 
38
37
  Logging::message "=== Checking for required stuff... ===\n"
39
- if $mingw
40
- have_library("wsock32")
41
- have_library("gdi32")
42
- end
43
-
44
38
  result = pkg_config("openssl") && have_header("openssl/ssl.h")
45
39
  unless result
46
40
  result = have_header("openssl/ssl.h")
@@ -149,7 +149,7 @@ ossl_pem_passwd_value(VALUE pass)
149
149
  /* PEM_BUFSIZE is currently used as the second argument of pem_password_cb,
150
150
  * that is +max_len+ of ossl_pem_passwd_cb() */
151
151
  if (RSTRING_LEN(pass) > PEM_BUFSIZE)
152
- ossl_raise(eOSSLError, "password must be shorter than %d bytes", PEM_BUFSIZE);
152
+ ossl_raise(eOSSLError, "password must not be longer than %d bytes", PEM_BUFSIZE);
153
153
 
154
154
  return pass;
155
155
  }
@@ -168,7 +168,8 @@ ossl_pem_passwd_cb0(VALUE flag)
168
168
  int
169
169
  ossl_pem_passwd_cb(char *buf, int max_len, int flag, void *pwd_)
170
170
  {
171
- int len, status;
171
+ long len;
172
+ int status;
172
173
  VALUE rflag, pass = (VALUE)pwd_;
173
174
 
174
175
  if (RTEST(pass)) {
@@ -176,7 +177,7 @@ ossl_pem_passwd_cb(char *buf, int max_len, int flag, void *pwd_)
176
177
  * work because it does not allow NUL characters and truncates to 1024
177
178
  * bytes silently if the input is over 1024 bytes */
178
179
  if (RB_TYPE_P(pass, T_STRING)) {
179
- len = RSTRING_LENINT(pass);
180
+ len = RSTRING_LEN(pass);
180
181
  if (len >= OSSL_MIN_PWD_LEN && len <= max_len) {
181
182
  memcpy(buf, RSTRING_PTR(pass), len);
182
183
  return len;
@@ -203,78 +204,19 @@ ossl_pem_passwd_cb(char *buf, int max_len, int flag, void *pwd_)
203
204
  rb_set_errinfo(Qnil);
204
205
  return -1;
205
206
  }
206
- len = RSTRING_LENINT(pass);
207
+ len = RSTRING_LEN(pass);
207
208
  if (len < OSSL_MIN_PWD_LEN) {
208
209
  rb_warning("password must be at least %d bytes", OSSL_MIN_PWD_LEN);
209
210
  continue;
210
211
  }
211
212
  if (len > max_len) {
212
- rb_warning("password must be shorter than %d bytes", max_len);
213
+ rb_warning("password must not be longer than %d bytes", max_len);
213
214
  continue;
214
215
  }
215
216
  memcpy(buf, RSTRING_PTR(pass), len);
216
217
  break;
217
218
  }
218
- return len;
219
- }
220
-
221
- /*
222
- * Verify callback
223
- */
224
- int ossl_store_ctx_ex_verify_cb_idx;
225
- int ossl_store_ex_verify_cb_idx;
226
-
227
- struct ossl_verify_cb_args {
228
- VALUE proc;
229
- VALUE preverify_ok;
230
- VALUE store_ctx;
231
- };
232
-
233
- static VALUE
234
- ossl_call_verify_cb_proc(struct ossl_verify_cb_args *args)
235
- {
236
- return rb_funcall(args->proc, rb_intern("call"), 2,
237
- args->preverify_ok, args->store_ctx);
238
- }
239
-
240
- int
241
- ossl_verify_cb_call(VALUE proc, int ok, X509_STORE_CTX *ctx)
242
- {
243
- VALUE rctx, ret;
244
- struct ossl_verify_cb_args args;
245
- int state;
246
-
247
- if (NIL_P(proc))
248
- return ok;
249
-
250
- ret = Qfalse;
251
- rctx = rb_protect((VALUE(*)(VALUE))ossl_x509stctx_new, (VALUE)ctx, &state);
252
- if (state) {
253
- rb_set_errinfo(Qnil);
254
- rb_warn("StoreContext initialization failure");
255
- }
256
- else {
257
- args.proc = proc;
258
- args.preverify_ok = ok ? Qtrue : Qfalse;
259
- args.store_ctx = rctx;
260
- ret = rb_protect((VALUE(*)(VALUE))ossl_call_verify_cb_proc, (VALUE)&args, &state);
261
- if (state) {
262
- rb_set_errinfo(Qnil);
263
- rb_warn("exception in verify_callback is ignored");
264
- }
265
- ossl_x509stctx_clear_ptr(rctx);
266
- }
267
- if (ret == Qtrue) {
268
- X509_STORE_CTX_set_error(ctx, X509_V_OK);
269
- ok = 1;
270
- }
271
- else {
272
- if (X509_STORE_CTX_get_error(ctx) == X509_V_OK)
273
- X509_STORE_CTX_set_error(ctx, X509_V_ERR_CERT_REJECTED);
274
- ok = 0;
275
- }
276
-
277
- return ok;
219
+ return (int)len;
278
220
  }
279
221
 
280
222
  /*
@@ -355,27 +297,32 @@ ossl_raise(VALUE exc, const char *fmt, ...)
355
297
  rb_exc_raise(err);
356
298
  }
357
299
 
358
- VALUE
359
- ossl_exc_new(VALUE exc, const char *fmt, ...)
360
- {
361
- va_list args;
362
- VALUE err;
363
- va_start(args, fmt);
364
- err = ossl_make_error(exc, fmt, args);
365
- va_end(args);
366
- return err;
367
- }
368
-
369
300
  void
370
301
  ossl_clear_error(void)
371
302
  {
372
303
  if (dOSSL == Qtrue) {
373
- long e;
374
- while ((e = ERR_get_error())) {
375
- rb_warn("error on stack: %s", ERR_error_string(e, NULL));
304
+ unsigned long e;
305
+ const char *file, *data, *errstr;
306
+ int line, flags;
307
+
308
+ while ((e = ERR_get_error_line_data(&file, &line, &data, &flags))) {
309
+ errstr = ERR_error_string(e, NULL);
310
+ if (!errstr)
311
+ errstr = "(null)";
312
+
313
+ if (flags & ERR_TXT_STRING) {
314
+ if (!data)
315
+ data = "(null)";
316
+ rb_warn("error on stack: %s (%s)", errstr, data);
317
+ }
318
+ else {
319
+ rb_warn("error on stack: %s", errstr);
320
+ }
376
321
  }
377
322
  }
378
- ERR_clear_error();
323
+ else {
324
+ ERR_clear_error();
325
+ }
379
326
  }
380
327
 
381
328
  /*
@@ -1151,14 +1098,6 @@ Init_openssl(void)
1151
1098
  rb_define_module_function(mOSSL, "debug=", ossl_debug_set, 1);
1152
1099
  rb_define_module_function(mOSSL, "errors", ossl_get_errors, 0);
1153
1100
 
1154
- /*
1155
- * Verify callback Proc index for ext-data
1156
- */
1157
- if ((ossl_store_ctx_ex_verify_cb_idx = X509_STORE_CTX_get_ex_new_index(0, (void *)"ossl_store_ctx_ex_verify_cb_idx", 0, 0, 0)) < 0)
1158
- ossl_raise(eOSSLError, "X509_STORE_CTX_get_ex_new_index");
1159
- if ((ossl_store_ex_verify_cb_idx = X509_STORE_get_ex_new_index(0, (void *)"ossl_store_ex_verify_cb_idx", 0, 0, 0)) < 0)
1160
- ossl_raise(eOSSLError, "X509_STORE_get_ex_new_index");
1161
-
1162
1101
  /*
1163
1102
  * Get ID of to_der
1164
1103
  */
@@ -12,37 +12,12 @@
12
12
 
13
13
  #include RUBY_EXTCONF_H
14
14
 
15
- #if 0
16
- mOSSL = rb_define_module("OpenSSL");
17
- mX509 = rb_define_module_under(mOSSL, "X509");
18
- #endif
19
-
20
- /*
21
- * OpenSSL has defined RFILE and Ruby has defined RFILE - so undef it!
22
- */
23
- #if defined(RFILE) /*&& !defined(OSSL_DEBUG)*/
24
- # undef RFILE
25
- #endif
15
+ #include <assert.h>
16
+ #include <errno.h>
26
17
  #include <ruby.h>
27
18
  #include <ruby/io.h>
28
19
  #include <ruby/thread.h>
29
-
30
20
  #include <openssl/opensslv.h>
31
-
32
- #ifdef HAVE_ASSERT_H
33
- # include <assert.h>
34
- #else
35
- # define assert(condition)
36
- #endif
37
-
38
- #if defined(_WIN32) && !defined(LIBRESSL_VERSION_NUMBER)
39
- # include <openssl/e_os2.h>
40
- # if !defined(OPENSSL_SYS_WIN32)
41
- # define OPENSSL_SYS_WIN32 1
42
- # endif
43
- # include <winsock2.h>
44
- #endif
45
- #include <errno.h>
46
21
  #include <openssl/err.h>
47
22
  #include <openssl/asn1.h>
48
23
  #include <openssl/x509v3.h>
@@ -53,9 +28,7 @@
53
28
  #include <openssl/rand.h>
54
29
  #include <openssl/conf.h>
55
30
  #include <openssl/conf_api.h>
56
- #if !defined(_WIN32)
57
- # include <openssl/crypto.h>
58
- #endif
31
+ #include <openssl/crypto.h>
59
32
  #if !defined(OPENSSL_NO_ENGINE)
60
33
  # include <openssl/engine.h>
61
34
  #endif
@@ -144,18 +117,9 @@ int ossl_pem_passwd_cb(char *, int, int, void *);
144
117
  */
145
118
  #define OSSL_ErrMsg() ERR_reason_error_string(ERR_get_error())
146
119
  NORETURN(void ossl_raise(VALUE, const char *, ...));
147
- VALUE ossl_exc_new(VALUE, const char *, ...);
148
120
  /* Clear OpenSSL error queue. If dOSSL is set, rb_warn() them. */
149
121
  void ossl_clear_error(void);
150
122
 
151
- /*
152
- * Verify callback
153
- */
154
- extern int ossl_store_ctx_ex_verify_cb_idx;
155
- extern int ossl_store_ex_verify_cb_idx;
156
-
157
- int ossl_verify_cb_call(VALUE, int, X509_STORE_CTX *);
158
-
159
123
  /*
160
124
  * String to DER String
161
125
  */
@@ -9,15 +9,6 @@
9
9
  */
10
10
  #include "ossl.h"
11
11
 
12
- #if defined(HAVE_SYS_TIME_H)
13
- # include <sys/time.h>
14
- #elif !defined(NT) && !defined(_WIN32)
15
- struct timeval {
16
- long tv_sec; /* seconds */
17
- long tv_usec; /* and microseconds */
18
- };
19
- #endif
20
-
21
12
  static VALUE join_der(VALUE enumerable);
22
13
  static VALUE ossl_asn1_decode0(unsigned char **pp, long length, long *offset,
23
14
  int depth, int yield, long *num_read);
@@ -110,16 +101,11 @@ asn1str_to_str(const ASN1_STRING *str)
110
101
 
111
102
  /*
112
103
  * ASN1_INTEGER conversions
113
- * TODO: Make a decision what's the right way to do this.
114
104
  */
115
- #define DO_IT_VIA_RUBY 0
116
105
  VALUE
117
106
  asn1integer_to_num(const ASN1_INTEGER *ai)
118
107
  {
119
108
  BIGNUM *bn;
120
- #if DO_IT_VIA_RUBY
121
- char *txt;
122
- #endif
123
109
  VALUE num;
124
110
 
125
111
  if (!ai) {
@@ -133,43 +119,12 @@ asn1integer_to_num(const ASN1_INTEGER *ai)
133
119
 
134
120
  if (!bn)
135
121
  ossl_raise(eOSSLError, NULL);
136
- #if DO_IT_VIA_RUBY
137
- if (!(txt = BN_bn2dec(bn))) {
138
- BN_free(bn);
139
- ossl_raise(eOSSLError, NULL);
140
- }
141
- num = rb_cstr_to_inum(txt, 10, Qtrue);
142
- OPENSSL_free(txt);
143
- #else
144
122
  num = ossl_bn_new(bn);
145
- #endif
146
123
  BN_free(bn);
147
124
 
148
125
  return num;
149
126
  }
150
127
 
151
- #if DO_IT_VIA_RUBY
152
- ASN1_INTEGER *
153
- num_to_asn1integer(VALUE obj, ASN1_INTEGER *ai)
154
- {
155
- BIGNUM *bn = NULL;
156
-
157
- if (RTEST(rb_obj_is_kind_of(obj, cBN))) {
158
- bn = GetBNPtr(obj);
159
- } else {
160
- obj = rb_String(obj);
161
- if (!BN_dec2bn(&bn, StringValueCStr(obj))) {
162
- ossl_raise(eOSSLError, NULL);
163
- }
164
- }
165
- if (!(ai = BN_to_ASN1_INTEGER(bn, ai))) {
166
- BN_free(bn);
167
- ossl_raise(eOSSLError, NULL);
168
- }
169
- BN_free(bn);
170
- return ai;
171
- }
172
- #else
173
128
  ASN1_INTEGER *
174
129
  num_to_asn1integer(VALUE obj, ASN1_INTEGER *ai)
175
130
  {
@@ -185,7 +140,6 @@ num_to_asn1integer(VALUE obj, ASN1_INTEGER *ai)
185
140
 
186
141
  return ai;
187
142
  }
188
- #endif
189
143
 
190
144
  /********/
191
145
  /*
@@ -225,9 +179,10 @@ VALUE cASN1ObjectId; /* OBJECT IDENTIFIER */
225
179
  VALUE cASN1UTCTime, cASN1GeneralizedTime; /* TIME */
226
180
  VALUE cASN1Sequence, cASN1Set; /* CONSTRUCTIVE */
227
181
 
228
- static ID sIMPLICIT, sEXPLICIT;
229
- static ID sUNIVERSAL, sAPPLICATION, sCONTEXT_SPECIFIC, sPRIVATE;
182
+ static VALUE sym_IMPLICIT, sym_EXPLICIT;
183
+ static VALUE sym_UNIVERSAL, sym_APPLICATION, sym_CONTEXT_SPECIFIC, sym_PRIVATE;
230
184
  static ID sivVALUE, sivTAG, sivTAG_CLASS, sivTAGGING, sivINFINITE_LENGTH, sivUNUSED_BITS;
185
+ static ID id_each;
231
186
 
232
187
  /*
233
188
  * Ruby to ASN1 converters
@@ -364,13 +319,12 @@ decode_bool(unsigned char* der, long length)
364
319
  {
365
320
  const unsigned char *p = der;
366
321
 
367
- assert(length == 3);
368
- if (*p++ != 1)
369
- ossl_raise(eASN1Error, "not a boolean");
370
- if (*p++ != 1)
371
- ossl_raise(eASN1Error, "length is not 1");
322
+ if (length != 3)
323
+ ossl_raise(eASN1Error, "invalid length for BOOLEAN");
324
+ if (p[0] != 1 || p[1] != 1)
325
+ ossl_raise(eASN1Error, "invalid BOOLEAN");
372
326
 
373
- return *p ? Qtrue : Qfalse;
327
+ return p[2] ? Qtrue : Qfalse;
374
328
  }
375
329
 
376
330
  static VALUE
@@ -632,17 +586,14 @@ ossl_asn1_default_tag(VALUE obj)
632
586
  VALUE tmp_class, tag;
633
587
 
634
588
  tmp_class = CLASS_OF(obj);
635
- while (tmp_class) {
589
+ while (!NIL_P(tmp_class)) {
636
590
  tag = rb_hash_lookup(class_tag_map, tmp_class);
637
- if (tag != Qnil) {
638
- return NUM2INT(tag);
639
- }
640
- tmp_class = rb_class_superclass(tmp_class);
591
+ if (tag != Qnil)
592
+ return NUM2INT(tag);
593
+ tmp_class = rb_class_superclass(tmp_class);
641
594
  }
642
595
  ossl_raise(eASN1Error, "universal tag for %"PRIsVALUE" not found",
643
596
  rb_obj_class(obj));
644
-
645
- return -1; /* dummy */
646
597
  }
647
598
 
648
599
  static int
@@ -661,59 +612,45 @@ static int
661
612
  ossl_asn1_is_explicit(VALUE obj)
662
613
  {
663
614
  VALUE s;
664
- int ret = -1;
665
615
 
666
616
  s = ossl_asn1_get_tagging(obj);
667
- if(NIL_P(s)) return 0;
668
- else if(SYMBOL_P(s)){
669
- if (SYM2ID(s) == sIMPLICIT)
670
- ret = 0;
671
- else if (SYM2ID(s) == sEXPLICIT)
672
- ret = 1;
673
- }
674
- if(ret < 0){
617
+ if (NIL_P(s) || s == sym_IMPLICIT)
618
+ return 0;
619
+ else if (s == sym_EXPLICIT)
620
+ return 1;
621
+ else
675
622
  ossl_raise(eASN1Error, "invalid tag default");
676
- }
677
-
678
- return ret;
679
623
  }
680
624
 
681
625
  static int
682
626
  ossl_asn1_tag_class(VALUE obj)
683
627
  {
684
628
  VALUE s;
685
- int ret = -1;
686
629
 
687
630
  s = ossl_asn1_get_tag_class(obj);
688
- if(NIL_P(s)) ret = V_ASN1_UNIVERSAL;
689
- else if(SYMBOL_P(s)){
690
- if (SYM2ID(s) == sUNIVERSAL)
691
- ret = V_ASN1_UNIVERSAL;
692
- else if (SYM2ID(s) == sAPPLICATION)
693
- ret = V_ASN1_APPLICATION;
694
- else if (SYM2ID(s) == sCONTEXT_SPECIFIC)
695
- ret = V_ASN1_CONTEXT_SPECIFIC;
696
- else if (SYM2ID(s) == sPRIVATE)
697
- ret = V_ASN1_PRIVATE;
698
- }
699
- if(ret < 0){
631
+ if (NIL_P(s) || s == sym_UNIVERSAL)
632
+ return V_ASN1_UNIVERSAL;
633
+ else if (s == sym_APPLICATION)
634
+ return V_ASN1_APPLICATION;
635
+ else if (s == sym_CONTEXT_SPECIFIC)
636
+ return V_ASN1_CONTEXT_SPECIFIC;
637
+ else if (s == sym_PRIVATE)
638
+ return V_ASN1_PRIVATE;
639
+ else
700
640
  ossl_raise(eASN1Error, "invalid tag class");
701
- }
702
-
703
- return ret;
704
641
  }
705
642
 
706
643
  static VALUE
707
644
  ossl_asn1_class2sym(int tc)
708
645
  {
709
646
  if((tc & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
710
- return ID2SYM(sPRIVATE);
647
+ return sym_PRIVATE;
711
648
  else if((tc & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
712
- return ID2SYM(sCONTEXT_SPECIFIC);
649
+ return sym_CONTEXT_SPECIFIC;
713
650
  else if((tc & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
714
- return ID2SYM(sAPPLICATION);
651
+ return sym_APPLICATION;
715
652
  else
716
- return ID2SYM(sUNIVERSAL);
653
+ return sym_UNIVERSAL;
717
654
  }
718
655
 
719
656
  /*
@@ -737,7 +674,7 @@ ossl_asn1data_initialize(VALUE self, VALUE value, VALUE tag, VALUE tag_class)
737
674
  {
738
675
  if(!SYMBOL_P(tag_class))
739
676
  ossl_raise(eASN1Error, "invalid tag class");
740
- if((SYM2ID(tag_class) == sUNIVERSAL) && NUM2INT(tag) > 31)
677
+ if (tag_class == sym_UNIVERSAL && NUM2INT(tag) > 31)
741
678
  ossl_raise(eASN1Error, "tag number for Universal too large");
742
679
  ossl_asn1_set_tag(self, tag);
743
680
  ossl_asn1_set_value(self, value);
@@ -760,7 +697,7 @@ static VALUE
760
697
  join_der(VALUE enumerable)
761
698
  {
762
699
  VALUE str = rb_str_new(0, 0);
763
- rb_block_call(enumerable, rb_intern("each"), 0, 0, join_der_i, str);
700
+ rb_block_call(enumerable, id_each, 0, 0, join_der_i, str);
764
701
  return str;
765
702
  }
766
703
 
@@ -816,7 +753,7 @@ int_ossl_asn1_decode0_prim(unsigned char **pp, long length, long hlen, int tag,
816
753
 
817
754
  p = *pp;
818
755
 
819
- if(tc == sUNIVERSAL && tag < ossl_asn1_info_size) {
756
+ if(tc == sym_UNIVERSAL && tag < ossl_asn1_info_size) {
820
757
  switch(tag){
821
758
  case V_ASN1_EOC:
822
759
  value = decode_eoc(p, hlen+length);
@@ -858,13 +795,14 @@ int_ossl_asn1_decode0_prim(unsigned char **pp, long length, long hlen, int tag,
858
795
  *pp += hlen + length;
859
796
  *num_read = hlen + length;
860
797
 
861
- if (tc == sUNIVERSAL && tag < ossl_asn1_info_size && ossl_asn1_info[tag].klass) {
798
+ if (tc == sym_UNIVERSAL &&
799
+ tag < ossl_asn1_info_size && ossl_asn1_info[tag].klass) {
862
800
  VALUE klass = *ossl_asn1_info[tag].klass;
863
801
  VALUE args[4];
864
802
  args[0] = value;
865
803
  args[1] = INT2NUM(tag);
866
804
  args[2] = Qnil;
867
- args[3] = ID2SYM(tc);
805
+ args[3] = tc;
868
806
  asn1data = rb_obj_alloc(klass);
869
807
  ossl_asn1_initialize(4, args, asn1data);
870
808
  if(tag == V_ASN1_BIT_STRING){
@@ -873,7 +811,7 @@ int_ossl_asn1_decode0_prim(unsigned char **pp, long length, long hlen, int tag,
873
811
  }
874
812
  else {
875
813
  asn1data = rb_obj_alloc(cASN1Data);
876
- ossl_asn1data_initialize(asn1data, value, INT2NUM(tag), ID2SYM(tc));
814
+ ossl_asn1data_initialize(asn1data, value, INT2NUM(tag), tc);
877
815
  }
878
816
 
879
817
  return asn1data;
@@ -886,28 +824,27 @@ int_ossl_asn1_decode0_cons(unsigned char **pp, long max_len, long length,
886
824
  {
887
825
  VALUE value, asn1data, ary;
888
826
  int infinite;
889
- long off = *offset;
827
+ long available_len, off = *offset;
890
828
 
891
829
  infinite = (j == 0x21);
892
830
  ary = rb_ary_new();
893
831
 
894
- while (length > 0 || infinite) {
832
+ available_len = infinite ? max_len : length;
833
+ while (available_len > 0) {
895
834
  long inner_read = 0;
896
- value = ossl_asn1_decode0(pp, max_len, &off, depth + 1, yield, &inner_read);
835
+ value = ossl_asn1_decode0(pp, available_len, &off, depth + 1, yield, &inner_read);
897
836
  *num_read += inner_read;
898
- max_len -= inner_read;
837
+ available_len -= inner_read;
899
838
  rb_ary_push(ary, value);
900
- if (length > 0)
901
- length -= inner_read;
902
839
 
903
840
  if (infinite &&
904
841
  NUM2INT(ossl_asn1_get_tag(value)) == V_ASN1_EOC &&
905
- SYM2ID(ossl_asn1_get_tag_class(value)) == sUNIVERSAL) {
842
+ ossl_asn1_get_tag_class(value) == sym_UNIVERSAL) {
906
843
  break;
907
844
  }
908
845
  }
909
846
 
910
- if (tc == sUNIVERSAL) {
847
+ if (tc == sym_UNIVERSAL) {
911
848
  VALUE args[4];
912
849
  int not_sequence_or_set;
913
850
 
@@ -929,12 +866,12 @@ int_ossl_asn1_decode0_cons(unsigned char **pp, long max_len, long length,
929
866
  args[0] = ary;
930
867
  args[1] = INT2NUM(tag);
931
868
  args[2] = Qnil;
932
- args[3] = ID2SYM(tc);
869
+ args[3] = tc;
933
870
  ossl_asn1_initialize(4, args, asn1data);
934
871
  }
935
872
  else {
936
873
  asn1data = rb_obj_alloc(cASN1Data);
937
- ossl_asn1data_initialize(asn1data, ary, INT2NUM(tag), ID2SYM(tc));
874
+ ossl_asn1data_initialize(asn1data, ary, INT2NUM(tag), tc);
938
875
  }
939
876
 
940
877
  if (infinite)
@@ -964,13 +901,13 @@ ossl_asn1_decode0(unsigned char **pp, long length, long *offset, int depth,
964
901
  if(j & 0x80) ossl_raise(eASN1Error, NULL);
965
902
  if(len > length) ossl_raise(eASN1Error, "value is too short");
966
903
  if((tc & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
967
- tag_class = sPRIVATE;
904
+ tag_class = sym_PRIVATE;
968
905
  else if((tc & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
969
- tag_class = sCONTEXT_SPECIFIC;
906
+ tag_class = sym_CONTEXT_SPECIFIC;
970
907
  else if((tc & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
971
- tag_class = sAPPLICATION;
908
+ tag_class = sym_APPLICATION;
972
909
  else
973
- tag_class = sUNIVERSAL;
910
+ tag_class = sym_UNIVERSAL;
974
911
 
975
912
  hlen = p - start;
976
913
 
@@ -989,7 +926,7 @@ ossl_asn1_decode0(unsigned char **pp, long length, long *offset, int depth,
989
926
  if(j & V_ASN1_CONSTRUCTED) {
990
927
  *pp += hlen;
991
928
  off += hlen;
992
- asn1data = int_ossl_asn1_decode0_cons(pp, length, len, &off, depth, yield, j, tag, tag_class, &inner_read);
929
+ asn1data = int_ossl_asn1_decode0_cons(pp, length - hlen, len, &off, depth, yield, j, tag, tag_class, &inner_read);
993
930
  inner_read += hlen;
994
931
  }
995
932
  else {
@@ -1162,19 +1099,19 @@ ossl_asn1_initialize(int argc, VALUE *argv, VALUE self)
1162
1099
  ossl_raise(eASN1Error, "invalid tagging method");
1163
1100
  if(NIL_P(tag_class)) {
1164
1101
  if (NIL_P(tagging))
1165
- tag_class = ID2SYM(sUNIVERSAL);
1102
+ tag_class = sym_UNIVERSAL;
1166
1103
  else
1167
- tag_class = ID2SYM(sCONTEXT_SPECIFIC);
1104
+ tag_class = sym_CONTEXT_SPECIFIC;
1168
1105
  }
1169
1106
  if(!SYMBOL_P(tag_class))
1170
1107
  ossl_raise(eASN1Error, "invalid tag class");
1171
- if(!NIL_P(tagging) && SYM2ID(tagging) == sIMPLICIT && NUM2INT(tag) > 31)
1108
+ if (tagging == sym_IMPLICIT && NUM2INT(tag) > 31)
1172
1109
  ossl_raise(eASN1Error, "tag number for Universal too large");
1173
1110
  }
1174
1111
  else{
1175
1112
  tag = INT2NUM(ossl_asn1_default_tag(self));
1176
1113
  tagging = Qnil;
1177
- tag_class = ID2SYM(sUNIVERSAL);
1114
+ tag_class = sym_UNIVERSAL;
1178
1115
  }
1179
1116
  ossl_asn1_set_tag(self, tag);
1180
1117
  ossl_asn1_set_value(self, value);
@@ -1190,7 +1127,7 @@ ossl_asn1eoc_initialize(VALUE self) {
1190
1127
  VALUE tag, tagging, tag_class, value;
1191
1128
  tag = INT2NUM(ossl_asn1_default_tag(self));
1192
1129
  tagging = Qnil;
1193
- tag_class = ID2SYM(sUNIVERSAL);
1130
+ tag_class = sym_UNIVERSAL;
1194
1131
  value = rb_str_new("", 0);
1195
1132
  ossl_asn1_set_tag(self, tag);
1196
1133
  ossl_asn1_set_value(self, value);
@@ -1264,8 +1201,8 @@ ossl_asn1cons_to_der(VALUE self)
1264
1201
  if (inf_length == Qtrue) {
1265
1202
  VALUE ary, example;
1266
1203
  constructed = 2;
1267
- if (CLASS_OF(self) == cASN1Sequence ||
1268
- CLASS_OF(self) == cASN1Set) {
1204
+ if (rb_obj_class(self) == cASN1Sequence ||
1205
+ rb_obj_class(self) == cASN1Set) {
1269
1206
  tag = ossl_asn1_default_tag(self);
1270
1207
  }
1271
1208
  else { /* must be a constructive encoding of a primitive value */
@@ -1294,7 +1231,7 @@ ossl_asn1cons_to_der(VALUE self)
1294
1231
  }
1295
1232
  }
1296
1233
  else {
1297
- if (CLASS_OF(self) == cASN1Constructive)
1234
+ if (rb_obj_class(self) == cASN1Constructive)
1298
1235
  ossl_raise(eASN1Error, "Constructive shall only be used with infinite length");
1299
1236
  tag = ossl_asn1_default_tag(self);
1300
1237
  }
@@ -1348,7 +1285,8 @@ ossl_asn1cons_to_der(VALUE self)
1348
1285
  static VALUE
1349
1286
  ossl_asn1cons_each(VALUE self)
1350
1287
  {
1351
- rb_ary_each(ossl_asn1_get_value(self));
1288
+ rb_funcall(ossl_asn1_get_value(self), id_each, 0);
1289
+
1352
1290
  return self;
1353
1291
  }
1354
1292
 
@@ -1476,12 +1414,12 @@ Init_ossl_asn1(void)
1476
1414
  eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError);
1477
1415
  #endif
1478
1416
 
1479
- sUNIVERSAL = rb_intern("UNIVERSAL");
1480
- sCONTEXT_SPECIFIC = rb_intern("CONTEXT_SPECIFIC");
1481
- sAPPLICATION = rb_intern("APPLICATION");
1482
- sPRIVATE = rb_intern("PRIVATE");
1483
- sEXPLICIT = rb_intern("EXPLICIT");
1484
- sIMPLICIT = rb_intern("IMPLICIT");
1417
+ sym_UNIVERSAL = ID2SYM(rb_intern_const("UNIVERSAL"));
1418
+ sym_CONTEXT_SPECIFIC = ID2SYM(rb_intern_const("CONTEXT_SPECIFIC"));
1419
+ sym_APPLICATION = ID2SYM(rb_intern_const("APPLICATION"));
1420
+ sym_PRIVATE = ID2SYM(rb_intern_const("PRIVATE"));
1421
+ sym_EXPLICIT = ID2SYM(rb_intern_const("EXPLICIT"));
1422
+ sym_IMPLICIT = ID2SYM(rb_intern_const("IMPLICIT"));
1485
1423
 
1486
1424
  sivVALUE = rb_intern("@value");
1487
1425
  sivTAG = rb_intern("@tag");
@@ -1989,4 +1927,6 @@ do{\
1989
1927
  rb_hash_aset(class_tag_map, cASN1UniversalString, INT2NUM(V_ASN1_UNIVERSALSTRING));
1990
1928
  rb_hash_aset(class_tag_map, cASN1BMPString, INT2NUM(V_ASN1_BMPSTRING));
1991
1929
  rb_global_variable(&class_tag_map);
1930
+
1931
+ id_each = rb_intern_const("each");
1992
1932
  }