RubyGems - openssl - Versions diffs - 2.2.0 → 3.2.0 - Mend

openssl 2.2.0 → 3.2.0

Files changed (54) hide show

checksums.yaml +4 -4
data/CONTRIBUTING.md +33 -45
data/History.md +300 -0
data/README.md +36 -19
data/ext/openssl/extconf.rb +119 -79
data/ext/openssl/openssl_missing.c +0 -66
data/ext/openssl/openssl_missing.h +26 -45
data/ext/openssl/ossl.c +131 -233
data/ext/openssl/ossl.h +31 -12
data/ext/openssl/ossl_asn1.c +26 -13
data/ext/openssl/ossl_bn.c +279 -143
data/ext/openssl/ossl_bn.h +2 -1
data/ext/openssl/ossl_cipher.c +13 -14
data/ext/openssl/ossl_config.c +412 -41
data/ext/openssl/ossl_config.h +4 -7
data/ext/openssl/ossl_digest.c +16 -12
data/ext/openssl/ossl_engine.c +17 -16
data/ext/openssl/ossl_hmac.c +57 -136
data/ext/openssl/ossl_kdf.c +12 -4
data/ext/openssl/ossl_ns_spki.c +1 -1
data/ext/openssl/ossl_ocsp.c +11 -59
data/ext/openssl/ossl_pkcs12.c +22 -4
data/ext/openssl/ossl_pkcs7.c +45 -62
data/ext/openssl/ossl_pkey.c +1320 -196
data/ext/openssl/ossl_pkey.h +36 -73
data/ext/openssl/ossl_pkey_dh.c +152 -347
data/ext/openssl/ossl_pkey_dsa.c +157 -413
data/ext/openssl/ossl_pkey_ec.c +227 -343
data/ext/openssl/ossl_pkey_rsa.c +159 -491
data/ext/openssl/ossl_provider.c +211 -0
data/ext/openssl/ossl_provider.h +5 -0
data/ext/openssl/ossl_ssl.c +593 -467
data/ext/openssl/ossl_ssl_session.c +29 -30
data/ext/openssl/ossl_ts.c +67 -42
data/ext/openssl/ossl_x509.c +0 -6
data/ext/openssl/ossl_x509attr.c +1 -1
data/ext/openssl/ossl_x509cert.c +168 -12
data/ext/openssl/ossl_x509crl.c +14 -11
data/ext/openssl/ossl_x509ext.c +14 -9
data/ext/openssl/ossl_x509name.c +10 -3
data/ext/openssl/ossl_x509req.c +14 -11
data/ext/openssl/ossl_x509revoked.c +4 -4
data/ext/openssl/ossl_x509store.c +204 -94
data/lib/openssl/buffering.rb +10 -4
data/lib/openssl/digest.rb +1 -5
data/lib/openssl/hmac.rb +65 -0
data/lib/openssl/pkey.rb +429 -0
data/lib/openssl/ssl.rb +23 -18
data/lib/openssl/version.rb +1 -1
data/lib/openssl/x509.rb +22 -0
data/lib/openssl.rb +0 -1
metadata +13 -68
data/ext/openssl/ruby_missing.h +0 -24
data/lib/openssl/config.rb +0 -501

data/ext/openssl/ossl_provider.c ADDED Viewed

@@ -0,0 +1,211 @@
+/*
+ * This program is licensed under the same licence as Ruby.
+ * (See the file 'LICENCE'.)
+ */
+#include "ossl.h"
+#ifdef OSSL_USE_PROVIDER
+# include <openssl/provider.h>
+#define NewProvider(klass) \
+    TypedData_Wrap_Struct((klass), &ossl_provider_type, 0)
+#define SetProvider(obj, provider) do { \
+    if (!(provider)) { \
+        ossl_raise(rb_eRuntimeError, "Provider wasn't initialized."); \
+    } \
+    RTYPEDDATA_DATA(obj) = (provider); \
+} while(0)
+#define GetProvider(obj, provider) do { \
+    TypedData_Get_Struct((obj), OSSL_PROVIDER, &ossl_provider_type, (provider)); \
+    if (!(provider)) { \
+        ossl_raise(rb_eRuntimeError, "PROVIDER wasn't initialized."); \
+    } \
+} while (0)
+static const rb_data_type_t ossl_provider_type = {
+    "OpenSSL/Provider",
+    {
+        0,
+    },
+    0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
+};
+/*
+ * Classes
+ */
+/* Document-class: OpenSSL::Provider
+ *
+ * This class is the access to openssl's Provider
+ * See also, https://www.openssl.org/docs/manmaster/man7/provider.html
+ */
+static VALUE cProvider;
+/* Document-class: OpenSSL::Provider::ProviderError
+ *
+ * This is the generic exception for OpenSSL::Provider related errors
+ */
+static VALUE eProviderError;
+/*
+ * call-seq:
+ *    OpenSSL::Provider.load(name) -> provider
+ *
+ * This method loads and initializes a provider
+ */
+static VALUE
+ossl_provider_s_load(VALUE klass, VALUE name)
+{
+    OSSL_PROVIDER *provider = NULL;
+    VALUE obj;
+    const char *provider_name_ptr = StringValueCStr(name);
+    provider = OSSL_PROVIDER_load(NULL, provider_name_ptr);
+    if (provider == NULL) {
+        ossl_raise(eProviderError, "Failed to load %s provider", provider_name_ptr);
+    }
+    obj = NewProvider(klass);
+    SetProvider(obj, provider);
+    return obj;
+}
+struct ary_with_state { VALUE ary; int state; };
+struct rb_push_provider_name_args { OSSL_PROVIDER *prov; VALUE ary; };
+static VALUE
+rb_push_provider_name(VALUE rb_push_provider_name_args)
+{
+    struct rb_push_provider_name_args *args = (struct rb_push_provider_name_args *)rb_push_provider_name_args;
+    VALUE name = rb_str_new2(OSSL_PROVIDER_get0_name(args->prov));
+    return rb_ary_push(args->ary, name);
+}
+static int
+push_provider(OSSL_PROVIDER *prov, void *cbdata)
+{
+    struct ary_with_state *ary_with_state = (struct ary_with_state *)cbdata;
+    struct rb_push_provider_name_args args = { prov, ary_with_state->ary };
+    rb_protect(rb_push_provider_name, (VALUE)&args, &ary_with_state->state);
+    if (ary_with_state->state) {
+        return 0;
+    } else {
+        return 1;
+    }
+}
+/*
+ * call-seq:
+ *    OpenSSL::Provider.provider_names -> [provider_name, ...]
+ *
+ * Returns an array of currently loaded provider names.
+ */
+static VALUE
+ossl_provider_s_provider_names(VALUE klass)
+{
+    VALUE ary = rb_ary_new();
+    struct ary_with_state cbdata = { ary, 0 };
+    int result = OSSL_PROVIDER_do_all(NULL, &push_provider, (void*)&cbdata);
+    if (result != 1 ) {
+        if (cbdata.state) {
+            rb_jump_tag(cbdata.state);
+        } else {
+            ossl_raise(eProviderError, "Failed to load provider names");
+        }
+    }
+    return ary;
+}
+/*
+ * call-seq:
+ *    provider.unload -> true
+ *
+ * This method unloads this provider.
+ *
+ * if provider unload fails or already unloaded, it raises OpenSSL::Provider::ProviderError
+ */
+static VALUE
+ossl_provider_unload(VALUE self)
+{
+    OSSL_PROVIDER *prov;
+    if (RTYPEDDATA_DATA(self) == NULL) {
+        ossl_raise(eProviderError, "Provider already unloaded.");
+    }
+    GetProvider(self, prov);
+    int result = OSSL_PROVIDER_unload(prov);
+    if (result != 1) {
+        ossl_raise(eProviderError, "Failed to unload provider");
+    }
+    RTYPEDDATA_DATA(self) = NULL;
+    return Qtrue;
+}
+/*
+ * call-seq:
+ *    provider.name -> string
+ *
+ * Get the name of this provider.
+ *
+ * if this provider is already unloaded, it raises OpenSSL::Provider::ProviderError
+ */
+static VALUE
+ossl_provider_get_name(VALUE self)
+{
+    OSSL_PROVIDER *prov;
+    if (RTYPEDDATA_DATA(self) == NULL) {
+        ossl_raise(eProviderError, "Provider already unloaded.");
+    }
+    GetProvider(self, prov);
+    return rb_str_new2(OSSL_PROVIDER_get0_name(prov));
+}
+/*
+ * call-seq:
+ *    provider.inspect -> string
+ *
+ * Pretty prints this provider.
+ */
+static VALUE
+ossl_provider_inspect(VALUE self)
+{
+    OSSL_PROVIDER *prov;
+    if (RTYPEDDATA_DATA(self) == NULL ) {
+        return rb_sprintf("#<%"PRIsVALUE" unloaded provider>", rb_obj_class(self));
+    }
+    GetProvider(self, prov);
+    return rb_sprintf("#<%"PRIsVALUE" name=\"%s\">",
+                      rb_obj_class(self), OSSL_PROVIDER_get0_name(prov));
+}
+void
+Init_ossl_provider(void)
+{
+#if 0
+    mOSSL = rb_define_module("OpenSSL");
+    eOSSLError = rb_define_class_under(mOSSL, "OpenSSLError", rb_eStandardError);
+#endif
+    cProvider = rb_define_class_under(mOSSL, "Provider", rb_cObject);
+    eProviderError = rb_define_class_under(cProvider, "ProviderError", eOSSLError);
+    rb_undef_alloc_func(cProvider);
+    rb_define_singleton_method(cProvider, "load", ossl_provider_s_load, 1);
+    rb_define_singleton_method(cProvider, "provider_names", ossl_provider_s_provider_names, 0);
+    rb_define_method(cProvider, "unload", ossl_provider_unload, 0);
+    rb_define_method(cProvider, "name", ossl_provider_get_name, 0);
+    rb_define_method(cProvider, "inspect", ossl_provider_inspect, 0);
+}
+#else
+void
+Init_ossl_provider(void)
+{
+}
+#endif

data/ext/openssl/ossl_provider.h ADDED Viewed

@@ -0,0 +1,5 @@
+#if !defined(OSSL_PROVIDER_H)
+#define OSSL_PROVIDER_H
+void Init_ossl_provider(void);
+#endif