openssl 2.1.3 → 3.0.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CONTRIBUTING.md +35 -45
- data/History.md +266 -1
- data/README.md +2 -2
- data/ext/openssl/extconf.rb +46 -38
- data/ext/openssl/openssl_missing.c +0 -66
- data/ext/openssl/openssl_missing.h +59 -43
- data/ext/openssl/ossl.c +110 -64
- data/ext/openssl/ossl.h +27 -10
- data/ext/openssl/ossl_asn1.c +41 -4
- data/ext/openssl/ossl_bn.c +251 -134
- data/ext/openssl/ossl_bn.h +2 -1
- data/ext/openssl/ossl_cipher.c +38 -29
- data/ext/openssl/ossl_config.c +412 -41
- data/ext/openssl/ossl_config.h +4 -7
- data/ext/openssl/ossl_digest.c +25 -60
- data/ext/openssl/ossl_engine.c +18 -27
- data/ext/openssl/ossl_hmac.c +60 -145
- data/ext/openssl/ossl_kdf.c +11 -19
- data/ext/openssl/ossl_ns_spki.c +1 -1
- data/ext/openssl/ossl_ocsp.c +9 -62
- data/ext/openssl/ossl_ocsp.h +3 -3
- data/ext/openssl/ossl_pkcs12.c +21 -3
- data/ext/openssl/ossl_pkcs7.c +45 -78
- data/ext/openssl/ossl_pkcs7.h +16 -0
- data/ext/openssl/ossl_pkey.c +1295 -178
- data/ext/openssl/ossl_pkey.h +35 -72
- data/ext/openssl/ossl_pkey_dh.c +124 -334
- data/ext/openssl/ossl_pkey_dsa.c +93 -398
- data/ext/openssl/ossl_pkey_ec.c +186 -329
- data/ext/openssl/ossl_pkey_rsa.c +105 -484
- data/ext/openssl/ossl_rand.c +2 -32
- data/ext/openssl/ossl_ssl.c +347 -394
- data/ext/openssl/ossl_ssl_session.c +24 -29
- data/ext/openssl/ossl_ts.c +1539 -0
- data/ext/openssl/ossl_ts.h +16 -0
- data/ext/openssl/ossl_x509.c +0 -6
- data/ext/openssl/ossl_x509cert.c +169 -13
- data/ext/openssl/ossl_x509crl.c +13 -10
- data/ext/openssl/ossl_x509ext.c +15 -2
- data/ext/openssl/ossl_x509name.c +15 -4
- data/ext/openssl/ossl_x509req.c +13 -10
- data/ext/openssl/ossl_x509revoked.c +3 -3
- data/ext/openssl/ossl_x509store.c +154 -70
- data/lib/openssl/bn.rb +1 -1
- data/lib/openssl/buffering.rb +37 -5
- data/lib/openssl/cipher.rb +1 -1
- data/lib/openssl/digest.rb +10 -12
- data/lib/openssl/hmac.rb +78 -0
- data/lib/openssl/marshal.rb +30 -0
- data/lib/openssl/pkcs5.rb +1 -1
- data/lib/openssl/pkey.rb +443 -1
- data/lib/openssl/ssl.rb +47 -9
- data/lib/openssl/version.rb +5 -0
- data/lib/openssl/x509.rb +177 -1
- data/lib/openssl.rb +24 -9
- metadata +10 -79
- data/ext/openssl/deprecation.rb +0 -27
- data/ext/openssl/ossl_version.h +0 -15
- data/ext/openssl/ruby_missing.h +0 -24
- data/lib/openssl/config.rb +0 -492
data/ext/openssl/ossl_pkcs7.c
CHANGED
@@ -9,21 +9,6 @@
|
|
9
9
|
*/
|
10
10
|
#include "ossl.h"
|
11
11
|
|
12
|
-
#define NewPKCS7(klass) \
|
13
|
-
TypedData_Wrap_Struct((klass), &ossl_pkcs7_type, 0)
|
14
|
-
#define SetPKCS7(obj, pkcs7) do { \
|
15
|
-
if (!(pkcs7)) { \
|
16
|
-
ossl_raise(rb_eRuntimeError, "PKCS7 wasn't initialized."); \
|
17
|
-
} \
|
18
|
-
RTYPEDDATA_DATA(obj) = (pkcs7); \
|
19
|
-
} while (0)
|
20
|
-
#define GetPKCS7(obj, pkcs7) do { \
|
21
|
-
TypedData_Get_Struct((obj), PKCS7, &ossl_pkcs7_type, (pkcs7)); \
|
22
|
-
if (!(pkcs7)) { \
|
23
|
-
ossl_raise(rb_eRuntimeError, "PKCS7 wasn't initialized."); \
|
24
|
-
} \
|
25
|
-
} while (0)
|
26
|
-
|
27
12
|
#define NewPKCS7si(klass) \
|
28
13
|
TypedData_Wrap_Struct((klass), &ossl_pkcs7_signer_info_type, 0)
|
29
14
|
#define SetPKCS7si(obj, p7si) do { \
|
@@ -75,7 +60,7 @@ ossl_pkcs7_free(void *ptr)
|
|
75
60
|
PKCS7_free(ptr);
|
76
61
|
}
|
77
62
|
|
78
|
-
|
63
|
+
const rb_data_type_t ossl_pkcs7_type = {
|
79
64
|
"OpenSSL/PKCS7",
|
80
65
|
{
|
81
66
|
0, ossl_pkcs7_free,
|
@@ -116,19 +101,24 @@ static const rb_data_type_t ossl_pkcs7_recip_info_type = {
|
|
116
101
|
* (MADE PRIVATE UNTIL SOMEBODY WILL NEED THEM)
|
117
102
|
*/
|
118
103
|
static PKCS7_SIGNER_INFO *
|
119
|
-
ossl_PKCS7_SIGNER_INFO_dup(
|
104
|
+
ossl_PKCS7_SIGNER_INFO_dup(PKCS7_SIGNER_INFO *si)
|
120
105
|
{
|
121
|
-
|
122
|
-
|
123
|
-
|
106
|
+
PKCS7_SIGNER_INFO *si_new = ASN1_dup((i2d_of_void *)i2d_PKCS7_SIGNER_INFO,
|
107
|
+
(d2i_of_void *)d2i_PKCS7_SIGNER_INFO,
|
108
|
+
si);
|
109
|
+
if (si_new && si->pkey) {
|
110
|
+
EVP_PKEY_up_ref(si->pkey);
|
111
|
+
si_new->pkey = si->pkey;
|
112
|
+
}
|
113
|
+
return si_new;
|
124
114
|
}
|
125
115
|
|
126
116
|
static PKCS7_RECIP_INFO *
|
127
|
-
ossl_PKCS7_RECIP_INFO_dup(
|
117
|
+
ossl_PKCS7_RECIP_INFO_dup(PKCS7_RECIP_INFO *si)
|
128
118
|
{
|
129
|
-
return
|
130
|
-
|
131
|
-
|
119
|
+
return ASN1_dup((i2d_of_void *)i2d_PKCS7_RECIP_INFO,
|
120
|
+
(d2i_of_void *)d2i_PKCS7_RECIP_INFO,
|
121
|
+
si);
|
132
122
|
}
|
133
123
|
|
134
124
|
static VALUE
|
@@ -145,19 +135,6 @@ ossl_pkcs7si_new(PKCS7_SIGNER_INFO *p7si)
|
|
145
135
|
return obj;
|
146
136
|
}
|
147
137
|
|
148
|
-
static PKCS7_SIGNER_INFO *
|
149
|
-
DupPKCS7SignerPtr(VALUE obj)
|
150
|
-
{
|
151
|
-
PKCS7_SIGNER_INFO *p7si, *pkcs7;
|
152
|
-
|
153
|
-
GetPKCS7si(obj, p7si);
|
154
|
-
if (!(pkcs7 = ossl_PKCS7_SIGNER_INFO_dup(p7si))) {
|
155
|
-
ossl_raise(ePKCS7Error, NULL);
|
156
|
-
}
|
157
|
-
|
158
|
-
return pkcs7;
|
159
|
-
}
|
160
|
-
|
161
138
|
static VALUE
|
162
139
|
ossl_pkcs7ri_new(PKCS7_RECIP_INFO *p7ri)
|
163
140
|
{
|
@@ -172,19 +149,6 @@ ossl_pkcs7ri_new(PKCS7_RECIP_INFO *p7ri)
|
|
172
149
|
return obj;
|
173
150
|
}
|
174
151
|
|
175
|
-
static PKCS7_RECIP_INFO *
|
176
|
-
DupPKCS7RecipientPtr(VALUE obj)
|
177
|
-
{
|
178
|
-
PKCS7_RECIP_INFO *p7ri, *pkcs7;
|
179
|
-
|
180
|
-
GetPKCS7ri(obj, p7ri);
|
181
|
-
if (!(pkcs7 = ossl_PKCS7_RECIP_INFO_dup(p7ri))) {
|
182
|
-
ossl_raise(ePKCS7Error, NULL);
|
183
|
-
}
|
184
|
-
|
185
|
-
return pkcs7;
|
186
|
-
}
|
187
|
-
|
188
152
|
/*
|
189
153
|
* call-seq:
|
190
154
|
* PKCS7.read_smime(string) => pkcs7
|
@@ -366,7 +330,7 @@ ossl_pkcs7_alloc(VALUE klass)
|
|
366
330
|
static VALUE
|
367
331
|
ossl_pkcs7_initialize(int argc, VALUE *argv, VALUE self)
|
368
332
|
{
|
369
|
-
PKCS7 *p7, *
|
333
|
+
PKCS7 *p7, *p7_orig = RTYPEDDATA_DATA(self);
|
370
334
|
BIO *in;
|
371
335
|
VALUE arg;
|
372
336
|
|
@@ -374,19 +338,17 @@ ossl_pkcs7_initialize(int argc, VALUE *argv, VALUE self)
|
|
374
338
|
return self;
|
375
339
|
arg = ossl_to_der_if_possible(arg);
|
376
340
|
in = ossl_obj2bio(&arg);
|
377
|
-
p7 =
|
341
|
+
p7 = d2i_PKCS7_bio(in, NULL);
|
378
342
|
if (!p7) {
|
379
|
-
|
380
|
-
p7 =
|
381
|
-
if (!p7) {
|
382
|
-
BIO_free(in);
|
383
|
-
PKCS7_free(pkcs);
|
384
|
-
DATA_PTR(self) = NULL;
|
385
|
-
ossl_raise(rb_eArgError, "Could not parse the PKCS7");
|
386
|
-
}
|
343
|
+
OSSL_BIO_reset(in);
|
344
|
+
p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
|
387
345
|
}
|
388
|
-
DATA_PTR(self) = pkcs;
|
389
346
|
BIO_free(in);
|
347
|
+
if (!p7)
|
348
|
+
ossl_raise(rb_eArgError, "Could not parse the PKCS7");
|
349
|
+
|
350
|
+
RTYPEDDATA_DATA(self) = p7;
|
351
|
+
PKCS7_free(p7_orig);
|
390
352
|
ossl_pkcs7_set_data(self, Qnil);
|
391
353
|
ossl_pkcs7_set_err_string(self, Qnil);
|
392
354
|
|
@@ -536,17 +498,18 @@ static VALUE
|
|
536
498
|
ossl_pkcs7_add_signer(VALUE self, VALUE signer)
|
537
499
|
{
|
538
500
|
PKCS7 *pkcs7;
|
539
|
-
PKCS7_SIGNER_INFO *
|
501
|
+
PKCS7_SIGNER_INFO *si, *si_new;
|
540
502
|
|
541
|
-
p7si = DupPKCS7SignerPtr(signer); /* NEED TO DUP */
|
542
503
|
GetPKCS7(self, pkcs7);
|
543
|
-
|
544
|
-
|
545
|
-
|
546
|
-
|
547
|
-
|
548
|
-
|
549
|
-
|
504
|
+
GetPKCS7si(signer, si);
|
505
|
+
|
506
|
+
si_new = ossl_PKCS7_SIGNER_INFO_dup(si);
|
507
|
+
if (!si_new)
|
508
|
+
ossl_raise(ePKCS7Error, "PKCS7_SIGNER_INFO_dup");
|
509
|
+
|
510
|
+
if (PKCS7_add_signer(pkcs7, si_new) != 1) {
|
511
|
+
PKCS7_SIGNER_INFO_free(si_new);
|
512
|
+
ossl_raise(ePKCS7Error, "PKCS7_add_signer");
|
550
513
|
}
|
551
514
|
|
552
515
|
return self;
|
@@ -582,13 +545,18 @@ static VALUE
|
|
582
545
|
ossl_pkcs7_add_recipient(VALUE self, VALUE recip)
|
583
546
|
{
|
584
547
|
PKCS7 *pkcs7;
|
585
|
-
PKCS7_RECIP_INFO *ri;
|
548
|
+
PKCS7_RECIP_INFO *ri, *ri_new;
|
586
549
|
|
587
|
-
ri = DupPKCS7RecipientPtr(recip); /* NEED TO DUP */
|
588
550
|
GetPKCS7(self, pkcs7);
|
589
|
-
|
590
|
-
|
591
|
-
|
551
|
+
GetPKCS7ri(recip, ri);
|
552
|
+
|
553
|
+
ri_new = ossl_PKCS7_RECIP_INFO_dup(ri);
|
554
|
+
if (!ri_new)
|
555
|
+
ossl_raise(ePKCS7Error, "PKCS7_RECIP_INFO_dup");
|
556
|
+
|
557
|
+
if (PKCS7_add_recipient_info(pkcs7, ri_new) != 1) {
|
558
|
+
PKCS7_RECIP_INFO_free(ri_new);
|
559
|
+
ossl_raise(ePKCS7Error, "PKCS7_add_recipient_info");
|
592
560
|
}
|
593
561
|
|
594
562
|
return self;
|
@@ -803,9 +771,9 @@ ossl_pkcs7_decrypt(int argc, VALUE *argv, VALUE self)
|
|
803
771
|
BIO *out;
|
804
772
|
VALUE str;
|
805
773
|
|
806
|
-
rb_scan_args(argc, argv, "
|
774
|
+
rb_scan_args(argc, argv, "12", &pkey, &cert, &flags);
|
807
775
|
key = GetPrivPKeyPtr(pkey); /* NO NEED TO DUP */
|
808
|
-
x509 = GetX509CertPtr(cert); /* NO NEED TO DUP */
|
776
|
+
x509 = NIL_P(cert) ? NULL : GetX509CertPtr(cert); /* NO NEED TO DUP */
|
809
777
|
flg = NIL_P(flags) ? 0 : NUM2INT(flags);
|
810
778
|
GetPKCS7(self, p7);
|
811
779
|
if(!(out = BIO_new(BIO_s_mem())))
|
@@ -1088,7 +1056,6 @@ Init_ossl_pkcs7(void)
|
|
1088
1056
|
rb_define_alloc_func(cPKCS7Signer, ossl_pkcs7si_alloc);
|
1089
1057
|
rb_define_method(cPKCS7Signer, "initialize", ossl_pkcs7si_initialize,3);
|
1090
1058
|
rb_define_method(cPKCS7Signer, "issuer", ossl_pkcs7si_get_issuer, 0);
|
1091
|
-
rb_define_alias(cPKCS7Signer, "name", "issuer");
|
1092
1059
|
rb_define_method(cPKCS7Signer, "serial", ossl_pkcs7si_get_serial,0);
|
1093
1060
|
rb_define_method(cPKCS7Signer,"signed_time",ossl_pkcs7si_get_signed_time,0);
|
1094
1061
|
|
data/ext/openssl/ossl_pkcs7.h
CHANGED
@@ -10,6 +10,22 @@
|
|
10
10
|
#if !defined(_OSSL_PKCS7_H_)
|
11
11
|
#define _OSSL_PKCS7_H_
|
12
12
|
|
13
|
+
#define NewPKCS7(klass) \
|
14
|
+
TypedData_Wrap_Struct((klass), &ossl_pkcs7_type, 0)
|
15
|
+
#define SetPKCS7(obj, pkcs7) do { \
|
16
|
+
if (!(pkcs7)) { \
|
17
|
+
ossl_raise(rb_eRuntimeError, "PKCS7 wasn't initialized."); \
|
18
|
+
} \
|
19
|
+
RTYPEDDATA_DATA(obj) = (pkcs7); \
|
20
|
+
} while (0)
|
21
|
+
#define GetPKCS7(obj, pkcs7) do { \
|
22
|
+
TypedData_Get_Struct((obj), PKCS7, &ossl_pkcs7_type, (pkcs7)); \
|
23
|
+
if (!(pkcs7)) { \
|
24
|
+
ossl_raise(rb_eRuntimeError, "PKCS7 wasn't initialized."); \
|
25
|
+
} \
|
26
|
+
} while (0)
|
27
|
+
|
28
|
+
extern const rb_data_type_t ossl_pkcs7_type;
|
13
29
|
extern VALUE cPKCS7;
|
14
30
|
extern VALUE cPKCS7Signer;
|
15
31
|
extern VALUE cPKCS7Recipient;
|