openssl 2.1.3 → 3.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CONTRIBUTING.md +35 -45
- data/History.md +237 -1
- data/README.md +2 -2
- data/ext/openssl/extconf.rb +46 -38
- data/ext/openssl/openssl_missing.c +0 -66
- data/ext/openssl/openssl_missing.h +59 -43
- data/ext/openssl/ossl.c +110 -64
- data/ext/openssl/ossl.h +27 -10
- data/ext/openssl/ossl_asn1.c +41 -4
- data/ext/openssl/ossl_bn.c +251 -134
- data/ext/openssl/ossl_bn.h +2 -1
- data/ext/openssl/ossl_cipher.c +38 -29
- data/ext/openssl/ossl_config.c +412 -41
- data/ext/openssl/ossl_config.h +4 -7
- data/ext/openssl/ossl_digest.c +25 -60
- data/ext/openssl/ossl_engine.c +18 -27
- data/ext/openssl/ossl_hmac.c +60 -145
- data/ext/openssl/ossl_kdf.c +11 -19
- data/ext/openssl/ossl_ns_spki.c +1 -1
- data/ext/openssl/ossl_ocsp.c +9 -62
- data/ext/openssl/ossl_ocsp.h +3 -3
- data/ext/openssl/ossl_pkcs12.c +21 -3
- data/ext/openssl/ossl_pkcs7.c +45 -78
- data/ext/openssl/ossl_pkcs7.h +16 -0
- data/ext/openssl/ossl_pkey.c +1295 -178
- data/ext/openssl/ossl_pkey.h +35 -72
- data/ext/openssl/ossl_pkey_dh.c +124 -334
- data/ext/openssl/ossl_pkey_dsa.c +93 -398
- data/ext/openssl/ossl_pkey_ec.c +159 -318
- data/ext/openssl/ossl_pkey_rsa.c +105 -484
- data/ext/openssl/ossl_rand.c +2 -32
- data/ext/openssl/ossl_ssl.c +347 -394
- data/ext/openssl/ossl_ssl_session.c +24 -29
- data/ext/openssl/ossl_ts.c +1539 -0
- data/ext/openssl/ossl_ts.h +16 -0
- data/ext/openssl/ossl_x509.c +0 -6
- data/ext/openssl/ossl_x509cert.c +169 -13
- data/ext/openssl/ossl_x509crl.c +13 -10
- data/ext/openssl/ossl_x509ext.c +15 -2
- data/ext/openssl/ossl_x509name.c +15 -4
- data/ext/openssl/ossl_x509req.c +13 -10
- data/ext/openssl/ossl_x509revoked.c +3 -3
- data/ext/openssl/ossl_x509store.c +154 -70
- data/lib/openssl/bn.rb +1 -1
- data/lib/openssl/buffering.rb +37 -5
- data/lib/openssl/cipher.rb +1 -1
- data/lib/openssl/digest.rb +10 -12
- data/lib/openssl/hmac.rb +78 -0
- data/lib/openssl/marshal.rb +30 -0
- data/lib/openssl/pkcs5.rb +1 -1
- data/lib/openssl/pkey.rb +443 -1
- data/lib/openssl/ssl.rb +47 -9
- data/lib/openssl/version.rb +5 -0
- data/lib/openssl/x509.rb +177 -1
- data/lib/openssl.rb +24 -9
- metadata +10 -79
- data/ext/openssl/deprecation.rb +0 -27
- data/ext/openssl/ossl_version.h +0 -15
- data/ext/openssl/ruby_missing.h +0 -24
- data/lib/openssl/config.rb +0 -492
data/ext/openssl/ossl_pkcs7.c
CHANGED
@@ -9,21 +9,6 @@
|
|
9
9
|
*/
|
10
10
|
#include "ossl.h"
|
11
11
|
|
12
|
-
#define NewPKCS7(klass) \
|
13
|
-
TypedData_Wrap_Struct((klass), &ossl_pkcs7_type, 0)
|
14
|
-
#define SetPKCS7(obj, pkcs7) do { \
|
15
|
-
if (!(pkcs7)) { \
|
16
|
-
ossl_raise(rb_eRuntimeError, "PKCS7 wasn't initialized."); \
|
17
|
-
} \
|
18
|
-
RTYPEDDATA_DATA(obj) = (pkcs7); \
|
19
|
-
} while (0)
|
20
|
-
#define GetPKCS7(obj, pkcs7) do { \
|
21
|
-
TypedData_Get_Struct((obj), PKCS7, &ossl_pkcs7_type, (pkcs7)); \
|
22
|
-
if (!(pkcs7)) { \
|
23
|
-
ossl_raise(rb_eRuntimeError, "PKCS7 wasn't initialized."); \
|
24
|
-
} \
|
25
|
-
} while (0)
|
26
|
-
|
27
12
|
#define NewPKCS7si(klass) \
|
28
13
|
TypedData_Wrap_Struct((klass), &ossl_pkcs7_signer_info_type, 0)
|
29
14
|
#define SetPKCS7si(obj, p7si) do { \
|
@@ -75,7 +60,7 @@ ossl_pkcs7_free(void *ptr)
|
|
75
60
|
PKCS7_free(ptr);
|
76
61
|
}
|
77
62
|
|
78
|
-
|
63
|
+
const rb_data_type_t ossl_pkcs7_type = {
|
79
64
|
"OpenSSL/PKCS7",
|
80
65
|
{
|
81
66
|
0, ossl_pkcs7_free,
|
@@ -116,19 +101,24 @@ static const rb_data_type_t ossl_pkcs7_recip_info_type = {
|
|
116
101
|
* (MADE PRIVATE UNTIL SOMEBODY WILL NEED THEM)
|
117
102
|
*/
|
118
103
|
static PKCS7_SIGNER_INFO *
|
119
|
-
ossl_PKCS7_SIGNER_INFO_dup(
|
104
|
+
ossl_PKCS7_SIGNER_INFO_dup(PKCS7_SIGNER_INFO *si)
|
120
105
|
{
|
121
|
-
|
122
|
-
|
123
|
-
|
106
|
+
PKCS7_SIGNER_INFO *si_new = ASN1_dup((i2d_of_void *)i2d_PKCS7_SIGNER_INFO,
|
107
|
+
(d2i_of_void *)d2i_PKCS7_SIGNER_INFO,
|
108
|
+
si);
|
109
|
+
if (si_new && si->pkey) {
|
110
|
+
EVP_PKEY_up_ref(si->pkey);
|
111
|
+
si_new->pkey = si->pkey;
|
112
|
+
}
|
113
|
+
return si_new;
|
124
114
|
}
|
125
115
|
|
126
116
|
static PKCS7_RECIP_INFO *
|
127
|
-
ossl_PKCS7_RECIP_INFO_dup(
|
117
|
+
ossl_PKCS7_RECIP_INFO_dup(PKCS7_RECIP_INFO *si)
|
128
118
|
{
|
129
|
-
return
|
130
|
-
|
131
|
-
|
119
|
+
return ASN1_dup((i2d_of_void *)i2d_PKCS7_RECIP_INFO,
|
120
|
+
(d2i_of_void *)d2i_PKCS7_RECIP_INFO,
|
121
|
+
si);
|
132
122
|
}
|
133
123
|
|
134
124
|
static VALUE
|
@@ -145,19 +135,6 @@ ossl_pkcs7si_new(PKCS7_SIGNER_INFO *p7si)
|
|
145
135
|
return obj;
|
146
136
|
}
|
147
137
|
|
148
|
-
static PKCS7_SIGNER_INFO *
|
149
|
-
DupPKCS7SignerPtr(VALUE obj)
|
150
|
-
{
|
151
|
-
PKCS7_SIGNER_INFO *p7si, *pkcs7;
|
152
|
-
|
153
|
-
GetPKCS7si(obj, p7si);
|
154
|
-
if (!(pkcs7 = ossl_PKCS7_SIGNER_INFO_dup(p7si))) {
|
155
|
-
ossl_raise(ePKCS7Error, NULL);
|
156
|
-
}
|
157
|
-
|
158
|
-
return pkcs7;
|
159
|
-
}
|
160
|
-
|
161
138
|
static VALUE
|
162
139
|
ossl_pkcs7ri_new(PKCS7_RECIP_INFO *p7ri)
|
163
140
|
{
|
@@ -172,19 +149,6 @@ ossl_pkcs7ri_new(PKCS7_RECIP_INFO *p7ri)
|
|
172
149
|
return obj;
|
173
150
|
}
|
174
151
|
|
175
|
-
static PKCS7_RECIP_INFO *
|
176
|
-
DupPKCS7RecipientPtr(VALUE obj)
|
177
|
-
{
|
178
|
-
PKCS7_RECIP_INFO *p7ri, *pkcs7;
|
179
|
-
|
180
|
-
GetPKCS7ri(obj, p7ri);
|
181
|
-
if (!(pkcs7 = ossl_PKCS7_RECIP_INFO_dup(p7ri))) {
|
182
|
-
ossl_raise(ePKCS7Error, NULL);
|
183
|
-
}
|
184
|
-
|
185
|
-
return pkcs7;
|
186
|
-
}
|
187
|
-
|
188
152
|
/*
|
189
153
|
* call-seq:
|
190
154
|
* PKCS7.read_smime(string) => pkcs7
|
@@ -366,7 +330,7 @@ ossl_pkcs7_alloc(VALUE klass)
|
|
366
330
|
static VALUE
|
367
331
|
ossl_pkcs7_initialize(int argc, VALUE *argv, VALUE self)
|
368
332
|
{
|
369
|
-
PKCS7 *p7, *
|
333
|
+
PKCS7 *p7, *p7_orig = RTYPEDDATA_DATA(self);
|
370
334
|
BIO *in;
|
371
335
|
VALUE arg;
|
372
336
|
|
@@ -374,19 +338,17 @@ ossl_pkcs7_initialize(int argc, VALUE *argv, VALUE self)
|
|
374
338
|
return self;
|
375
339
|
arg = ossl_to_der_if_possible(arg);
|
376
340
|
in = ossl_obj2bio(&arg);
|
377
|
-
p7 =
|
341
|
+
p7 = d2i_PKCS7_bio(in, NULL);
|
378
342
|
if (!p7) {
|
379
|
-
|
380
|
-
p7 =
|
381
|
-
if (!p7) {
|
382
|
-
BIO_free(in);
|
383
|
-
PKCS7_free(pkcs);
|
384
|
-
DATA_PTR(self) = NULL;
|
385
|
-
ossl_raise(rb_eArgError, "Could not parse the PKCS7");
|
386
|
-
}
|
343
|
+
OSSL_BIO_reset(in);
|
344
|
+
p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
|
387
345
|
}
|
388
|
-
DATA_PTR(self) = pkcs;
|
389
346
|
BIO_free(in);
|
347
|
+
if (!p7)
|
348
|
+
ossl_raise(rb_eArgError, "Could not parse the PKCS7");
|
349
|
+
|
350
|
+
RTYPEDDATA_DATA(self) = p7;
|
351
|
+
PKCS7_free(p7_orig);
|
390
352
|
ossl_pkcs7_set_data(self, Qnil);
|
391
353
|
ossl_pkcs7_set_err_string(self, Qnil);
|
392
354
|
|
@@ -536,17 +498,18 @@ static VALUE
|
|
536
498
|
ossl_pkcs7_add_signer(VALUE self, VALUE signer)
|
537
499
|
{
|
538
500
|
PKCS7 *pkcs7;
|
539
|
-
PKCS7_SIGNER_INFO *
|
501
|
+
PKCS7_SIGNER_INFO *si, *si_new;
|
540
502
|
|
541
|
-
p7si = DupPKCS7SignerPtr(signer); /* NEED TO DUP */
|
542
503
|
GetPKCS7(self, pkcs7);
|
543
|
-
|
544
|
-
|
545
|
-
|
546
|
-
|
547
|
-
|
548
|
-
|
549
|
-
|
504
|
+
GetPKCS7si(signer, si);
|
505
|
+
|
506
|
+
si_new = ossl_PKCS7_SIGNER_INFO_dup(si);
|
507
|
+
if (!si_new)
|
508
|
+
ossl_raise(ePKCS7Error, "PKCS7_SIGNER_INFO_dup");
|
509
|
+
|
510
|
+
if (PKCS7_add_signer(pkcs7, si_new) != 1) {
|
511
|
+
PKCS7_SIGNER_INFO_free(si_new);
|
512
|
+
ossl_raise(ePKCS7Error, "PKCS7_add_signer");
|
550
513
|
}
|
551
514
|
|
552
515
|
return self;
|
@@ -582,13 +545,18 @@ static VALUE
|
|
582
545
|
ossl_pkcs7_add_recipient(VALUE self, VALUE recip)
|
583
546
|
{
|
584
547
|
PKCS7 *pkcs7;
|
585
|
-
PKCS7_RECIP_INFO *ri;
|
548
|
+
PKCS7_RECIP_INFO *ri, *ri_new;
|
586
549
|
|
587
|
-
ri = DupPKCS7RecipientPtr(recip); /* NEED TO DUP */
|
588
550
|
GetPKCS7(self, pkcs7);
|
589
|
-
|
590
|
-
|
591
|
-
|
551
|
+
GetPKCS7ri(recip, ri);
|
552
|
+
|
553
|
+
ri_new = ossl_PKCS7_RECIP_INFO_dup(ri);
|
554
|
+
if (!ri_new)
|
555
|
+
ossl_raise(ePKCS7Error, "PKCS7_RECIP_INFO_dup");
|
556
|
+
|
557
|
+
if (PKCS7_add_recipient_info(pkcs7, ri_new) != 1) {
|
558
|
+
PKCS7_RECIP_INFO_free(ri_new);
|
559
|
+
ossl_raise(ePKCS7Error, "PKCS7_add_recipient_info");
|
592
560
|
}
|
593
561
|
|
594
562
|
return self;
|
@@ -803,9 +771,9 @@ ossl_pkcs7_decrypt(int argc, VALUE *argv, VALUE self)
|
|
803
771
|
BIO *out;
|
804
772
|
VALUE str;
|
805
773
|
|
806
|
-
rb_scan_args(argc, argv, "
|
774
|
+
rb_scan_args(argc, argv, "12", &pkey, &cert, &flags);
|
807
775
|
key = GetPrivPKeyPtr(pkey); /* NO NEED TO DUP */
|
808
|
-
x509 = GetX509CertPtr(cert); /* NO NEED TO DUP */
|
776
|
+
x509 = NIL_P(cert) ? NULL : GetX509CertPtr(cert); /* NO NEED TO DUP */
|
809
777
|
flg = NIL_P(flags) ? 0 : NUM2INT(flags);
|
810
778
|
GetPKCS7(self, p7);
|
811
779
|
if(!(out = BIO_new(BIO_s_mem())))
|
@@ -1088,7 +1056,6 @@ Init_ossl_pkcs7(void)
|
|
1088
1056
|
rb_define_alloc_func(cPKCS7Signer, ossl_pkcs7si_alloc);
|
1089
1057
|
rb_define_method(cPKCS7Signer, "initialize", ossl_pkcs7si_initialize,3);
|
1090
1058
|
rb_define_method(cPKCS7Signer, "issuer", ossl_pkcs7si_get_issuer, 0);
|
1091
|
-
rb_define_alias(cPKCS7Signer, "name", "issuer");
|
1092
1059
|
rb_define_method(cPKCS7Signer, "serial", ossl_pkcs7si_get_serial,0);
|
1093
1060
|
rb_define_method(cPKCS7Signer,"signed_time",ossl_pkcs7si_get_signed_time,0);
|
1094
1061
|
|
data/ext/openssl/ossl_pkcs7.h
CHANGED
@@ -10,6 +10,22 @@
|
|
10
10
|
#if !defined(_OSSL_PKCS7_H_)
|
11
11
|
#define _OSSL_PKCS7_H_
|
12
12
|
|
13
|
+
#define NewPKCS7(klass) \
|
14
|
+
TypedData_Wrap_Struct((klass), &ossl_pkcs7_type, 0)
|
15
|
+
#define SetPKCS7(obj, pkcs7) do { \
|
16
|
+
if (!(pkcs7)) { \
|
17
|
+
ossl_raise(rb_eRuntimeError, "PKCS7 wasn't initialized."); \
|
18
|
+
} \
|
19
|
+
RTYPEDDATA_DATA(obj) = (pkcs7); \
|
20
|
+
} while (0)
|
21
|
+
#define GetPKCS7(obj, pkcs7) do { \
|
22
|
+
TypedData_Get_Struct((obj), PKCS7, &ossl_pkcs7_type, (pkcs7)); \
|
23
|
+
if (!(pkcs7)) { \
|
24
|
+
ossl_raise(rb_eRuntimeError, "PKCS7 wasn't initialized."); \
|
25
|
+
} \
|
26
|
+
} while (0)
|
27
|
+
|
28
|
+
extern const rb_data_type_t ossl_pkcs7_type;
|
13
29
|
extern VALUE cPKCS7;
|
14
30
|
extern VALUE cPKCS7Signer;
|
15
31
|
extern VALUE cPKCS7Recipient;
|