openssl_rsa_pss_verify 0.0.3 → 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: 48c4bb71d22cbc145e4979556197252e5a843fd8
4
+ data.tar.gz: 7a64d7620ba2eefccfb4b112597aad5aec82876e
5
+ SHA512:
6
+ metadata.gz: d509de63265a6db4882985b2c3d3e40ab68f6f880738b7d537ad8e4fe56cef357aea8bb9b3aaab9ae7c5efa43234039f75ef81c27fd268bae591d4bc16e88cbc
7
+ data.tar.gz: d48eda8588b3bffe41e7e42217dbdb24de8c73e3818aa9558969b3dd8ce456828eaab9b877e0dc37158a50b93962822d9afbbc669130bcee5cf1785721011501
data/.ruby-version CHANGED
@@ -1 +1 @@
1
- ruby-1.9.3-p448
1
+ ruby-2.0.0-p247
data/Gemfile.lock CHANGED
@@ -1,7 +1,7 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- openssl_rsa_pss_verify (0.0.2)
4
+ openssl_rsa_pss_verify (0.1.0)
5
5
 
6
6
  GEM
7
7
  remote: http://rubygems.org/
@@ -3,5 +3,5 @@ require 'mkmf'
3
3
  if have_const("RSA_PKCS1_PSS_PADDING", "openssl/rsa.h")
4
4
  create_makefile('openssl_rsa_pss_verify')
5
5
  else
6
- fail "libcyrpto not found or too old!"
6
+ fail "libcrypto not found or too old!"
7
7
  end
@@ -1,8 +1,13 @@
1
1
  #include <ruby.h>
2
2
 
3
3
  #include <stdio.h>
4
+ #include <stdlib.h>
5
+ #include <string.h>
6
+ #include <limits.h>
4
7
  #include <openssl/rsa.h>
8
+ #include <openssl/pem.h>
5
9
  #include <openssl/evp.h>
10
+ #include <openssl/err.h>
6
11
  #include <openssl/engine.h>
7
12
  #include <openssl/opensslv.h>
8
13
 
@@ -11,38 +16,160 @@ static VALUE rb_mPKey;
11
16
  static VALUE rb_cRSA;
12
17
  static VALUE rb_cRSAError;
13
18
 
14
- VALUE openssl_rsa_pss_verify__verify_pss_sha1(VALUE self, VALUE vSig, VALUE vHashData, VALUE vSaltLen) {
15
- EVP_PKEY * pkey;
16
- EVP_PKEY_CTX * pkey_ctx;
17
- int verify_rval, salt_len;
19
+ static enum ORPV_errors {
20
+ OK,
21
+ KEY_OVERFLOW,
22
+ NOMEM,
23
+ PUBKEY_PARSE,
24
+ PKEY_INIT,
25
+ RSA_ASSIGN,
26
+ PKEY_CTX_INIT,
27
+ VERIFY_INIT,
28
+ SET_SIG_MD,
29
+ SET_PADDING,
30
+ SET_SALTLEN,
31
+ } err = OK;
18
32
 
19
- StringValue(vSig);
20
- StringValue(vHashData);
33
+ VALUE ORPV__verify_pss_sha1(VALUE self, VALUE vPubKey, VALUE vSig, VALUE vHashData, VALUE vSaltLen) {
34
+ BIO * pkey_bio = NULL;
35
+ RSA * rsa_pub_key = NULL;
36
+ EVP_PKEY * pkey = NULL;
37
+ EVP_PKEY_CTX * pkey_ctx = NULL;
38
+ char * pub_key = NULL;
39
+
40
+ int verify_rval = -1, salt_len;
41
+ unsigned long ossl_errcode;
42
+
43
+ vPubKey = StringValue(vPubKey);
44
+ vSig = StringValue(vSig);
45
+ vHashData = StringValue(vHashData);
21
46
  salt_len = NUM2INT(vSaltLen);
22
47
 
23
- Data_Get_Struct(self, EVP_PKEY, pkey);
48
+ if (RSTRING_LEN(vPubKey) > (long)INT_MAX) {
49
+ err = KEY_OVERFLOW;
50
+ goto Cleanup;
51
+ }
52
+
53
+ pub_key = malloc(RSTRING_LEN(vPubKey));
54
+ if (! pub_key) {
55
+ err = NOMEM;
56
+ goto Cleanup;
57
+ }
58
+ memcpy(pub_key, StringValuePtr(vPubKey), RSTRING_LEN(vPubKey));
59
+
60
+ pkey_bio = BIO_new_mem_buf(pub_key, (int)RSTRING_LEN(vPubKey));
61
+ rsa_pub_key = PEM_read_bio_RSA_PUBKEY(pkey_bio, NULL, NULL, NULL);
62
+ if (! rsa_pub_key) {
63
+ err = PUBKEY_PARSE;
64
+ goto Cleanup;
65
+ }
66
+
67
+ pkey = EVP_PKEY_new();
68
+ if (! pkey) {
69
+ err = PKEY_INIT;
70
+ goto Cleanup;
71
+ }
72
+
73
+ if (! EVP_PKEY_set1_RSA(pkey, rsa_pub_key)) {
74
+ err = RSA_ASSIGN;
75
+ goto Cleanup;
76
+ }
77
+
24
78
  pkey_ctx = EVP_PKEY_CTX_new(pkey, ENGINE_get_default_RSA());
79
+ if (! pkey_ctx) {
80
+ err = PKEY_CTX_INIT;
81
+ goto Cleanup;
82
+ }
83
+
84
+ if (EVP_PKEY_verify_init(pkey_ctx) <= 0) {
85
+ err = VERIFY_INIT;
86
+ goto Cleanup;
87
+ }
88
+
89
+ if (EVP_PKEY_CTX_set_signature_md(pkey_ctx, EVP_sha1()) <= 0) {
90
+ err = SET_SIG_MD;
91
+ goto Cleanup;
92
+ }
25
93
 
26
- EVP_PKEY_verify_init(pkey_ctx);
27
- EVP_PKEY_CTX_set_signature_md(pkey_ctx, EVP_sha1());
28
- EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING);
29
- EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, salt_len);
94
+ if (EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING) <= 0) {
95
+ err = SET_PADDING;
96
+ goto Cleanup;
97
+ }
98
+
99
+ if (EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, salt_len) <= 0) {
100
+ err = SET_SALTLEN;
101
+ goto Cleanup;
102
+ }
30
103
 
31
104
  verify_rval = EVP_PKEY_verify(pkey_ctx,
32
- (unsigned char*)RSTRING_PTR(vSig), RSTRING_LEN(vSig),
33
- (unsigned char*)RSTRING_PTR(vHashData), RSTRING_LEN(vHashData));
105
+ (unsigned char*)StringValuePtr(vSig), (size_t)RSTRING_LEN(vSig),
106
+ (unsigned char*)StringValuePtr(vHashData), (size_t)RSTRING_LEN(vHashData));
34
107
 
35
- EVP_PKEY_CTX_free(pkey_ctx);
108
+ Cleanup:
109
+ /*
110
+ * BIO * pkey_bio = NULL;
111
+ * RSA * rsa_pub_key = NULL;
112
+ * EVP_PKEY * pkey = NULL;
113
+ * EVP_PKEY_CTX * pkey_ctx = NULL;
114
+ * char * pub_key = NULL;
115
+ */
116
+ if (pkey_ctx) EVP_PKEY_CTX_free(pkey_ctx);
117
+ if (pkey) EVP_PKEY_free(pkey);
118
+ if (rsa_pub_key) RSA_free(rsa_pub_key);
119
+ if (pkey_bio) BIO_free(pkey_bio);
120
+ if (pub_key) free(pub_key);
36
121
 
37
- switch (verify_rval) {
38
- case 1:
39
- return Qtrue;
40
- case 0:
41
- return Qfalse;
122
+ switch (err) {
123
+ case OK:
124
+ switch (verify_rval) {
125
+ case 1:
126
+ return Qtrue;
127
+ case 0:
128
+ return Qfalse;
129
+ default:
130
+ ossl_errcode = ERR_get_error();
131
+ if (ossl_errcode)
132
+ rb_raise(rb_cRSAError, "%s", ERR_error_string(ossl_errcode, NULL));
133
+ else
134
+ rb_raise(rb_cRSAError, "An unknown error occurred during validation.");
135
+ }
136
+ break;
137
+
138
+ case KEY_OVERFLOW:
139
+ rb_raise(rb_cRSAError, "Your public key is too big. How is that even possible?");
140
+ break;
141
+ case NOMEM:
142
+ rb_raise(rb_const_get_at(rb_mErrno, rb_intern("ENOMEM")), NULL);
143
+ break;
144
+ case PUBKEY_PARSE:
145
+ rb_raise(rb_cRSAError, "Error parsing public key");
146
+ break;
147
+ case PKEY_INIT:
148
+ rb_raise(rb_cRSAError, "Failed to initialize PKEY");
149
+ break;
150
+ case RSA_ASSIGN:
151
+ rb_raise(rb_cRSAError, "Failed to assign RSA object to PKEY");
152
+ break;
153
+ case PKEY_CTX_INIT:
154
+ rb_raise(rb_cRSAError, "Failed to initialize PKEY context.");
155
+ break;
156
+ case VERIFY_INIT:
157
+ rb_raise(rb_cRSAError, "Failed to initialize verification process.");
158
+ break;
159
+ case SET_SIG_MD:
160
+ rb_raise(rb_cRSAError, "Failed to set signature message digest to SHA1.");
161
+ break;
162
+ case SET_PADDING:
163
+ rb_raise(rb_cRSAError, "Failed to set PSS padding.");
164
+ break;
165
+ case SET_SALTLEN:
166
+ rb_raise(rb_cRSAError, "Failed to set salt length.");
167
+ break;
42
168
  default:
43
- rb_raise(rb_cRSAError, NULL);
169
+ rb_raise(rb_eRuntimeError, "Something has gone horribly wrong.");
44
170
  }
45
- return Qnil; //dummy
171
+
172
+ return Qnil;
46
173
  }
47
174
 
48
175
 
@@ -53,5 +180,5 @@ void Init_openssl_rsa_pss_verify() {
53
180
  rb_cRSA = rb_const_get_at(rb_mPKey, rb_intern("RSA"));
54
181
  rb_cRSAError = rb_const_get_at(rb_mPKey, rb_intern("RSAError"));
55
182
 
56
- rb_define_method(rb_cRSA, "verify_pss_sha1", openssl_rsa_pss_verify__verify_pss_sha1, 3);
183
+ rb_define_private_method(rb_cRSA, "__verify_pss_sha1", ORPV__verify_pss_sha1, 4);
57
184
  }
@@ -1,3 +1,3 @@
1
1
  module OpenSSL_RSA_PSS_Verify
2
- VERSION = "0.0.3"
2
+ VERSION = "0.1.0"
3
3
  end
@@ -1,2 +1,8 @@
1
1
  require 'openssl'
2
2
  require "openssl_rsa_pss_verify/openssl_rsa_pss_verify"
3
+
4
+ class OpenSSL::PKey::RSA
5
+ def verify_pss_sha1(signature, data, saltlen)
6
+ __verify_pss_sha1(public_key.to_pem, signature, OpenSSL::Digest::SHA1.digest(data), saltlen)
7
+ end
8
+ end
metadata CHANGED
@@ -1,20 +1,18 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: openssl_rsa_pss_verify
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.0.3
5
- prerelease:
4
+ version: 0.1.0
6
5
  platform: ruby
7
6
  authors:
8
7
  - Jon Distad
9
8
  autorequire:
10
9
  bindir: bin
11
10
  cert_chain: []
12
- date: 2013-08-05 00:00:00.000000000 Z
11
+ date: 2013-08-24 00:00:00.000000000 Z
13
12
  dependencies:
14
13
  - !ruby/object:Gem::Dependency
15
14
  name: rspec
16
15
  requirement: !ruby/object:Gem::Requirement
17
- none: false
18
16
  requirements:
19
17
  - - ~>
20
18
  - !ruby/object:Gem::Version
@@ -22,7 +20,6 @@ dependencies:
22
20
  type: :development
23
21
  prerelease: false
24
22
  version_requirements: !ruby/object:Gem::Requirement
25
- none: false
26
23
  requirements:
27
24
  - - ~>
28
25
  - !ruby/object:Gem::Version
@@ -30,7 +27,6 @@ dependencies:
30
27
  - !ruby/object:Gem::Dependency
31
28
  name: fuubar
32
29
  requirement: !ruby/object:Gem::Requirement
33
- none: false
34
30
  requirements:
35
31
  - - ~>
36
32
  - !ruby/object:Gem::Version
@@ -38,7 +34,6 @@ dependencies:
38
34
  type: :development
39
35
  prerelease: false
40
36
  version_requirements: !ruby/object:Gem::Requirement
41
- none: false
42
37
  requirements:
43
38
  - - ~>
44
39
  - !ruby/object:Gem::Version
@@ -46,7 +41,6 @@ dependencies:
46
41
  - !ruby/object:Gem::Dependency
47
42
  name: rake-compiler
48
43
  requirement: !ruby/object:Gem::Requirement
49
- none: false
50
44
  requirements:
51
45
  - - ~>
52
46
  - !ruby/object:Gem::Version
@@ -54,7 +48,6 @@ dependencies:
54
48
  type: :development
55
49
  prerelease: false
56
50
  version_requirements: !ruby/object:Gem::Requirement
57
- none: false
58
51
  requirements:
59
52
  - - ~>
60
53
  - !ruby/object:Gem::Version
@@ -85,28 +78,27 @@ files:
85
78
  - tasks/rspec.rake
86
79
  homepage: https://github.com/jondistad/openssl_rsa_pss_verify
87
80
  licenses: []
81
+ metadata: {}
88
82
  post_install_message:
89
83
  rdoc_options: []
90
84
  require_paths:
91
85
  - lib
92
86
  - ext
93
87
  required_ruby_version: !ruby/object:Gem::Requirement
94
- none: false
95
88
  requirements:
96
- - - ! '>='
89
+ - - '>='
97
90
  - !ruby/object:Gem::Version
98
91
  version: '0'
99
92
  required_rubygems_version: !ruby/object:Gem::Requirement
100
- none: false
101
93
  requirements:
102
- - - ! '>='
94
+ - - '>='
103
95
  - !ruby/object:Gem::Version
104
96
  version: '0'
105
97
  requirements: []
106
98
  rubyforge_project: openssl_rsa_pss_verify
107
- rubygems_version: 1.8.25
99
+ rubygems_version: 2.0.7
108
100
  signing_key:
109
- specification_version: 3
101
+ specification_version: 4
110
102
  summary: Adds support for verifying RSA signatures using the Probabilistic Signature
111
103
  Scheme (PSS)
112
104
  test_files: []