openssl_rsa_pss_verify 0.0.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (112) hide show
  1. data/.gitignore +5 -0
  2. data/.rspec +2 -0
  3. data/.ruby-gemset +1 -0
  4. data/.ruby-version +1 -0
  5. data/Gemfile +4 -0
  6. data/Gemfile.lock +35 -0
  7. data/README +1 -0
  8. data/Rakefile +4 -0
  9. data/ext/openssl_rsa_pss_verify/extconf.rb +15 -0
  10. data/ext/openssl_rsa_pss_verify/openssl_rsa_pss_verify_ext.c +56 -0
  11. data/lib/openssl_rsa_pss_verify/version.rb +3 -0
  12. data/lib/openssl_rsa_pss_verify.rb +2 -0
  13. data/openssl_rsa_pss_verify.gemspec +26 -0
  14. data/tasks/compile.rake +12 -0
  15. data/tasks/rspec.rake +12 -0
  16. data/vendor/openssl/include/openssl/aes.h +147 -0
  17. data/vendor/openssl/include/openssl/asn1.h +1404 -0
  18. data/vendor/openssl/include/openssl/asn1_mac.h +578 -0
  19. data/vendor/openssl/include/openssl/asn1t.h +960 -0
  20. data/vendor/openssl/include/openssl/bio.h +847 -0
  21. data/vendor/openssl/include/openssl/blowfish.h +129 -0
  22. data/vendor/openssl/include/openssl/bn.h +891 -0
  23. data/vendor/openssl/include/openssl/buffer.h +119 -0
  24. data/vendor/openssl/include/openssl/camellia.h +130 -0
  25. data/vendor/openssl/include/openssl/cast.h +107 -0
  26. data/vendor/openssl/include/openssl/cmac.h +82 -0
  27. data/vendor/openssl/include/openssl/cms.h +501 -0
  28. data/vendor/openssl/include/openssl/comp.h +80 -0
  29. data/vendor/openssl/include/openssl/conf.h +263 -0
  30. data/vendor/openssl/include/openssl/conf_api.h +89 -0
  31. data/vendor/openssl/include/openssl/crypto.h +611 -0
  32. data/vendor/openssl/include/openssl/des.h +248 -0
  33. data/vendor/openssl/include/openssl/des_old.h +446 -0
  34. data/vendor/openssl/include/openssl/dh.h +280 -0
  35. data/vendor/openssl/include/openssl/dsa.h +327 -0
  36. data/vendor/openssl/include/openssl/dso.h +409 -0
  37. data/vendor/openssl/include/openssl/dtls1.h +287 -0
  38. data/vendor/openssl/include/openssl/e_os2.h +315 -0
  39. data/vendor/openssl/include/openssl/ebcdic.h +19 -0
  40. data/vendor/openssl/include/openssl/ec.h +1167 -0
  41. data/vendor/openssl/include/openssl/ecdh.h +125 -0
  42. data/vendor/openssl/include/openssl/ecdsa.h +260 -0
  43. data/vendor/openssl/include/openssl/engine.h +842 -0
  44. data/vendor/openssl/include/openssl/err.h +386 -0
  45. data/vendor/openssl/include/openssl/evp.h +1409 -0
  46. data/vendor/openssl/include/openssl/hmac.h +110 -0
  47. data/vendor/openssl/include/openssl/idea.h +103 -0
  48. data/vendor/openssl/include/openssl/krb5_asn.h +256 -0
  49. data/vendor/openssl/include/openssl/kssl.h +183 -0
  50. data/vendor/openssl/include/openssl/lhash.h +241 -0
  51. data/vendor/openssl/include/openssl/md4.h +120 -0
  52. data/vendor/openssl/include/openssl/md5.h +120 -0
  53. data/vendor/openssl/include/openssl/mdc2.h +98 -0
  54. data/vendor/openssl/include/openssl/modes.h +135 -0
  55. data/vendor/openssl/include/openssl/obj_mac.h +4032 -0
  56. data/vendor/openssl/include/openssl/objects.h +1138 -0
  57. data/vendor/openssl/include/openssl/ocsp.h +623 -0
  58. data/vendor/openssl/include/openssl/opensslconf.h +234 -0
  59. data/vendor/openssl/include/openssl/opensslv.h +89 -0
  60. data/vendor/openssl/include/openssl/ossl_typ.h +202 -0
  61. data/vendor/openssl/include/openssl/pem.h +641 -0
  62. data/vendor/openssl/include/openssl/pem2.h +70 -0
  63. data/vendor/openssl/include/openssl/pkcs12.h +331 -0
  64. data/vendor/openssl/include/openssl/pkcs7.h +499 -0
  65. data/vendor/openssl/include/openssl/pqueue.h +94 -0
  66. data/vendor/openssl/include/openssl/rand.h +149 -0
  67. data/vendor/openssl/include/openssl/rc2.h +103 -0
  68. data/vendor/openssl/include/openssl/rc4.h +90 -0
  69. data/vendor/openssl/include/openssl/ripemd.h +107 -0
  70. data/vendor/openssl/include/openssl/rsa.h +582 -0
  71. data/vendor/openssl/include/openssl/safestack.h +2663 -0
  72. data/vendor/openssl/include/openssl/seed.h +139 -0
  73. data/vendor/openssl/include/openssl/sha.h +214 -0
  74. data/vendor/openssl/include/openssl/srp.h +172 -0
  75. data/vendor/openssl/include/openssl/srtp.h +145 -0
  76. data/vendor/openssl/include/openssl/ssl.h +2579 -0
  77. data/vendor/openssl/include/openssl/ssl2.h +272 -0
  78. data/vendor/openssl/include/openssl/ssl23.h +83 -0
  79. data/vendor/openssl/include/openssl/ssl3.h +684 -0
  80. data/vendor/openssl/include/openssl/stack.h +108 -0
  81. data/vendor/openssl/include/openssl/symhacks.h +475 -0
  82. data/vendor/openssl/include/openssl/tls1.h +735 -0
  83. data/vendor/openssl/include/openssl/ts.h +858 -0
  84. data/vendor/openssl/include/openssl/txt_db.h +112 -0
  85. data/vendor/openssl/include/openssl/ui.h +383 -0
  86. data/vendor/openssl/include/openssl/ui_compat.h +83 -0
  87. data/vendor/openssl/include/openssl/whrlpool.h +41 -0
  88. data/vendor/openssl/include/openssl/x509.h +1297 -0
  89. data/vendor/openssl/include/openssl/x509_vfy.h +567 -0
  90. data/vendor/openssl/include/openssl/x509v3.h +1007 -0
  91. data/vendor/openssl/lib/engines/lib4758cca.so +0 -0
  92. data/vendor/openssl/lib/engines/libaep.so +0 -0
  93. data/vendor/openssl/lib/engines/libatalla.so +0 -0
  94. data/vendor/openssl/lib/engines/libcapi.so +0 -0
  95. data/vendor/openssl/lib/engines/libchil.so +0 -0
  96. data/vendor/openssl/lib/engines/libcswift.so +0 -0
  97. data/vendor/openssl/lib/engines/libgmp.so +0 -0
  98. data/vendor/openssl/lib/engines/libgost.so +0 -0
  99. data/vendor/openssl/lib/engines/libnuron.so +0 -0
  100. data/vendor/openssl/lib/engines/libpadlock.so +0 -0
  101. data/vendor/openssl/lib/engines/libsureware.so +0 -0
  102. data/vendor/openssl/lib/engines/libubsec.so +0 -0
  103. data/vendor/openssl/lib/libcrypto.a +0 -0
  104. data/vendor/openssl/lib/libcrypto.so +0 -0
  105. data/vendor/openssl/lib/libcrypto.so.1.0.0 +0 -0
  106. data/vendor/openssl/lib/libssl.a +0 -0
  107. data/vendor/openssl/lib/libssl.so +0 -0
  108. data/vendor/openssl/lib/libssl.so.1.0.0 +0 -0
  109. data/vendor/openssl/lib/pkgconfig/libcrypto.pc +12 -0
  110. data/vendor/openssl/lib/pkgconfig/libssl.pc +12 -0
  111. data/vendor/openssl/lib/pkgconfig/openssl.pc +12 -0
  112. metadata +208 -0
data/.gitignore ADDED
@@ -0,0 +1,5 @@
1
+ /pkg
2
+ /tmp
3
+ *.bundle
4
+ *.o
5
+ *.dSYM
data/.rspec ADDED
@@ -0,0 +1,2 @@
1
+ --debug
2
+ --format Fuuber
data/.ruby-gemset ADDED
@@ -0,0 +1 @@
1
+ openssl_rsa_pss_verify
data/.ruby-version ADDED
@@ -0,0 +1 @@
1
+ ruby-1.9.3-p448
data/Gemfile ADDED
@@ -0,0 +1,4 @@
1
+ source "http://rubygems.org"
2
+
3
+ # Specify your gem's dependencies in bamfcsv.gemspec
4
+ gemspec
data/Gemfile.lock ADDED
@@ -0,0 +1,35 @@
1
+ PATH
2
+ remote: .
3
+ specs:
4
+ openssl_rsa_pss_verify (0.0.1)
5
+
6
+ GEM
7
+ remote: http://rubygems.org/
8
+ specs:
9
+ diff-lcs (1.2.4)
10
+ fuubar (1.1.1)
11
+ rspec (~> 2.0)
12
+ rspec-instafail (~> 0.2.0)
13
+ ruby-progressbar (~> 1.0)
14
+ rake (10.1.0)
15
+ rake-compiler (0.8.3)
16
+ rake
17
+ rspec (2.14.1)
18
+ rspec-core (~> 2.14.0)
19
+ rspec-expectations (~> 2.14.0)
20
+ rspec-mocks (~> 2.14.0)
21
+ rspec-core (2.14.4)
22
+ rspec-expectations (2.14.0)
23
+ diff-lcs (>= 1.1.3, < 2.0)
24
+ rspec-instafail (0.2.4)
25
+ rspec-mocks (2.14.2)
26
+ ruby-progressbar (1.1.1)
27
+
28
+ PLATFORMS
29
+ ruby
30
+
31
+ DEPENDENCIES
32
+ fuubar (~> 1.1.1)
33
+ openssl_rsa_pss_verify!
34
+ rake-compiler (~> 0.8.3)
35
+ rspec (~> 2.14.1)
data/README ADDED
@@ -0,0 +1 @@
1
+ Support PSS signatures in RSA verification
data/Rakefile ADDED
@@ -0,0 +1,4 @@
1
+ require 'bundler'
2
+ Bundler::GemHelper.install_tasks
3
+
4
+ Dir['tasks/*.rake'].sort.each { |f| load f }
@@ -0,0 +1,15 @@
1
+ require 'mkmf'
2
+
3
+ openssl_path = File.expand_path("../../../vendor/openssl", __FILE__)
4
+
5
+ if RUBY_PLATFORM =~ /linux/
6
+ $LDFLAGS << "-L#{openssl_path}/lib"
7
+ $LDFLAGS << "-lcrypto"
8
+ $CFLAGS << "-I#{openssl_path}/include"
9
+ end
10
+
11
+ if have_const("RSA_PKCS1_PSS_PADDING", "openssl/rsa.h")
12
+ create_makefile('openssl_rsa_pss_verify')
13
+ else
14
+ fail "libcyrpto not found or too old!"
15
+ end
@@ -0,0 +1,56 @@
1
+ #include <ruby.h>
2
+
3
+ #include <stdio.h>
4
+ #include <openssl/rsa.h>
5
+ #include <openssl/evp.h>
6
+ #include <openssl/engine.h>
7
+ #include <openssl/opensslv.h>
8
+
9
+ static VALUE rb_mOpenSSL;
10
+ static VALUE rb_mPKey;
11
+ static VALUE rb_cRSA;
12
+ static VALUE rb_cRSAError;
13
+
14
+ VALUE openssl_rsa_pss_verify__verify_pss_sha1(VALUE self, VALUE vSig, VALUE vHashData, VALUE vSaltLen) {
15
+ EVP_PKEY * pkey;
16
+ EVP_PKEY_CTX * pkey_ctx;
17
+ int verify_rval;
18
+
19
+ StringValue(vSig);
20
+ StringValue(vHashData);
21
+
22
+ Data_Get_Struct(self, EVP_PKEY, pkey);
23
+ pkey_ctx = EVP_PKEY_CTX_new(pkey, ENGINE_get_default_RSA());
24
+
25
+ EVP_PKEY_verify_init(pkey_ctx);
26
+ EVP_PKEY_CTX_set_signature_md(pkey_ctx, EVP_sha1());
27
+ EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING);
28
+ EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, NUM2INT(vSaltLen));
29
+
30
+ verify_rval = EVP_PKEY_verify(pkey_ctx,
31
+ (unsigned char*)RSTRING_PTR(vSig), RSTRING_LEN(vSig),
32
+ (unsigned char*)RSTRING_PTR(vHashData), RSTRING_LEN(vHashData));
33
+
34
+ EVP_PKEY_CTX_free(pkey_ctx);
35
+
36
+ switch (verify_rval) {
37
+ case 1:
38
+ return Qtrue;
39
+ case 0:
40
+ return Qfalse;
41
+ default:
42
+ rb_raise(rb_cRSAError, NULL);
43
+ }
44
+ return Qnil; //dummy
45
+ }
46
+
47
+
48
+ void Init_openssl_rsa_pss_verify() {
49
+ fprintf(stderr, "VERSION: %s\n", SSLeay_version(SSLEAY_VERSION));
50
+ rb_mOpenSSL = rb_const_get_at(rb_cObject, rb_intern("OpenSSL"));
51
+ rb_mPKey = rb_const_get_at(rb_mOpenSSL, rb_intern("PKey"));
52
+ rb_cRSA = rb_const_get_at(rb_mPKey, rb_intern("RSA"));
53
+ rb_cRSAError = rb_const_get_at(rb_mPKey, rb_intern("RSAError"));
54
+
55
+ rb_define_method(rb_cRSA, "verify_pss_sha1", openssl_rsa_pss_verify__verify_pss_sha1, 3);
56
+ }
@@ -0,0 +1,3 @@
1
+ module OpenSSL_RSA_PSS_Verify
2
+ VERSION = "0.0.1"
3
+ end
@@ -0,0 +1,2 @@
1
+ require 'openssl'
2
+ require "openssl_rsa_pss_verify/openssl_rsa_pss_verify"
@@ -0,0 +1,26 @@
1
+ # -*- encoding: utf-8 -*-
2
+ $:.push File.expand_path("../lib", __FILE__)
3
+ require "openssl_rsa_pss_verify/version"
4
+
5
+ Gem::Specification.new do |s|
6
+ s.name = "openssl_rsa_pss_verify"
7
+ s.version = OpenSSL_RSA_PSS_Verify::VERSION
8
+ s.platform = Gem::Platform::RUBY
9
+ s.authors = ["Jon Distad"]
10
+ s.email = ["jon.distad@gmail.com"]
11
+ s.homepage = "https://github.com/jondistad/openssl_rsa_pss_verify"
12
+ s.summary = %q{Adds support for verifying RSA signatures using the Probabilistic Signature Scheme (PSS)}
13
+ s.description = %q{Adds support for verifying RSA signatures using the Probabilistic Signature Scheme (PSS)}
14
+
15
+ s.rubyforge_project = "openssl_rsa_pss_verify"
16
+
17
+ s.files = `git ls-files`.split("\n")
18
+ s.test_files = `git ls-files -- {test,spec,features}/*`.split("\n")
19
+ s.executables = `git ls-files -- bin/*`.split("\n").map{ |f| File.basename(f) }
20
+ s.require_paths = ["lib", "ext"]
21
+ s.extensions = %w{ext/openssl_rsa_pss_verify/extconf.rb}
22
+
23
+ s.add_development_dependency "rspec", "~> 2.14.1"
24
+ s.add_development_dependency "fuubar", "~> 1.1.1"
25
+ s.add_development_dependency 'rake-compiler', "~> 0.8.3"
26
+ end
@@ -0,0 +1,12 @@
1
+ require "rake/extensiontask"
2
+ load File.expand_path("../rspec.rake", __FILE__)
3
+
4
+ def gemspec
5
+ @clean_gemspec ||= eval(File.read(File.expand_path('../../openssl_rsa_pss_verify.gemspec', __FILE__)))
6
+ end
7
+
8
+ Rake::ExtensionTask.new("openssl_rsa_pss_verify", gemspec) do |ext|
9
+ ext.lib_dir = File.join 'lib', 'openssl_rsa_pss_verify'
10
+ CLEAN.include "#{ext.lib_dir}/*.#{RbConfig::CONFIG['DLEXT']}"
11
+ end
12
+ Rake::Task[:spec].prerequisites << :compile
data/tasks/rspec.rake ADDED
@@ -0,0 +1,12 @@
1
+ begin
2
+ require 'rspec'
3
+ require 'rspec/core/rake_task'
4
+
5
+ RSpec::Core::RakeTask.new('spec') do |t|
6
+ t.verbose = true
7
+ end
8
+
9
+ task :default => :spec
10
+ rescue LoadError
11
+ puts "rspec, or one of its dependencies, is not available. Install it with: sudo gem install rspec"
12
+ end
@@ -0,0 +1,147 @@
1
+ /* crypto/aes/aes.h -*- mode:C; c-file-style: "eay" -*- */
2
+ /* ====================================================================
3
+ * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved.
4
+ *
5
+ * Redistribution and use in source and binary forms, with or without
6
+ * modification, are permitted provided that the following conditions
7
+ * are met:
8
+ *
9
+ * 1. Redistributions of source code must retain the above copyright
10
+ * notice, this list of conditions and the following disclaimer.
11
+ *
12
+ * 2. Redistributions in binary form must reproduce the above copyright
13
+ * notice, this list of conditions and the following disclaimer in
14
+ * the documentation and/or other materials provided with the
15
+ * distribution.
16
+ *
17
+ * 3. All advertising materials mentioning features or use of this
18
+ * software must display the following acknowledgment:
19
+ * "This product includes software developed by the OpenSSL Project
20
+ * for use in the OpenSSL Toolkit. (http://www.openssl.org/)"
21
+ *
22
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
23
+ * endorse or promote products derived from this software without
24
+ * prior written permission. For written permission, please contact
25
+ * openssl-core@openssl.org.
26
+ *
27
+ * 5. Products derived from this software may not be called "OpenSSL"
28
+ * nor may "OpenSSL" appear in their names without prior written
29
+ * permission of the OpenSSL Project.
30
+ *
31
+ * 6. Redistributions of any form whatsoever must retain the following
32
+ * acknowledgment:
33
+ * "This product includes software developed by the OpenSSL Project
34
+ * for use in the OpenSSL Toolkit (http://www.openssl.org/)"
35
+ *
36
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
37
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
38
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
39
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
40
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
41
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
42
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
43
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
44
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
45
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
46
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
47
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
48
+ * ====================================================================
49
+ *
50
+ */
51
+
52
+ #ifndef HEADER_AES_H
53
+ #define HEADER_AES_H
54
+
55
+ #include <openssl/opensslconf.h>
56
+
57
+ #ifdef OPENSSL_NO_AES
58
+ #error AES is disabled.
59
+ #endif
60
+
61
+ #include <stddef.h>
62
+
63
+ #define AES_ENCRYPT 1
64
+ #define AES_DECRYPT 0
65
+
66
+ /* Because array size can't be a const in C, the following two are macros.
67
+ Both sizes are in bytes. */
68
+ #define AES_MAXNR 14
69
+ #define AES_BLOCK_SIZE 16
70
+
71
+ #ifdef __cplusplus
72
+ extern "C" {
73
+ #endif
74
+
75
+ /* This should be a hidden type, but EVP requires that the size be known */
76
+ struct aes_key_st {
77
+ #ifdef AES_LONG
78
+ unsigned long rd_key[4 *(AES_MAXNR + 1)];
79
+ #else
80
+ unsigned int rd_key[4 *(AES_MAXNR + 1)];
81
+ #endif
82
+ int rounds;
83
+ };
84
+ typedef struct aes_key_st AES_KEY;
85
+
86
+ const char *AES_options(void);
87
+
88
+ int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
89
+ AES_KEY *key);
90
+ int AES_set_decrypt_key(const unsigned char *userKey, const int bits,
91
+ AES_KEY *key);
92
+
93
+ int private_AES_set_encrypt_key(const unsigned char *userKey, const int bits,
94
+ AES_KEY *key);
95
+ int private_AES_set_decrypt_key(const unsigned char *userKey, const int bits,
96
+ AES_KEY *key);
97
+
98
+ void AES_encrypt(const unsigned char *in, unsigned char *out,
99
+ const AES_KEY *key);
100
+ void AES_decrypt(const unsigned char *in, unsigned char *out,
101
+ const AES_KEY *key);
102
+
103
+ void AES_ecb_encrypt(const unsigned char *in, unsigned char *out,
104
+ const AES_KEY *key, const int enc);
105
+ void AES_cbc_encrypt(const unsigned char *in, unsigned char *out,
106
+ size_t length, const AES_KEY *key,
107
+ unsigned char *ivec, const int enc);
108
+ void AES_cfb128_encrypt(const unsigned char *in, unsigned char *out,
109
+ size_t length, const AES_KEY *key,
110
+ unsigned char *ivec, int *num, const int enc);
111
+ void AES_cfb1_encrypt(const unsigned char *in, unsigned char *out,
112
+ size_t length, const AES_KEY *key,
113
+ unsigned char *ivec, int *num, const int enc);
114
+ void AES_cfb8_encrypt(const unsigned char *in, unsigned char *out,
115
+ size_t length, const AES_KEY *key,
116
+ unsigned char *ivec, int *num, const int enc);
117
+ void AES_ofb128_encrypt(const unsigned char *in, unsigned char *out,
118
+ size_t length, const AES_KEY *key,
119
+ unsigned char *ivec, int *num);
120
+ void AES_ctr128_encrypt(const unsigned char *in, unsigned char *out,
121
+ size_t length, const AES_KEY *key,
122
+ unsigned char ivec[AES_BLOCK_SIZE],
123
+ unsigned char ecount_buf[AES_BLOCK_SIZE],
124
+ unsigned int *num);
125
+ /* NB: the IV is _two_ blocks long */
126
+ void AES_ige_encrypt(const unsigned char *in, unsigned char *out,
127
+ size_t length, const AES_KEY *key,
128
+ unsigned char *ivec, const int enc);
129
+ /* NB: the IV is _four_ blocks long */
130
+ void AES_bi_ige_encrypt(const unsigned char *in, unsigned char *out,
131
+ size_t length, const AES_KEY *key,
132
+ const AES_KEY *key2, const unsigned char *ivec,
133
+ const int enc);
134
+
135
+ int AES_wrap_key(AES_KEY *key, const unsigned char *iv,
136
+ unsigned char *out,
137
+ const unsigned char *in, unsigned int inlen);
138
+ int AES_unwrap_key(AES_KEY *key, const unsigned char *iv,
139
+ unsigned char *out,
140
+ const unsigned char *in, unsigned int inlen);
141
+
142
+
143
+ #ifdef __cplusplus
144
+ }
145
+ #endif
146
+
147
+ #endif /* !HEADER_AES_H */