RubyGems - rubysl-openssl - Versions diffs - 0.0.1 → 1.0.1 - Mend

rubysl-openssl 0.0.1 → 1.0.1

Files changed (88) hide show

checksums.yaml +7 -0
data/.gitignore +0 -1
data/.travis.yml +7 -0
data/README.md +2 -2
data/Rakefile +0 -1
data/ext/rubysl/openssl/extconf.h +50 -0
data/ext/rubysl/openssl/extconf.rb +144 -0
data/ext/rubysl/openssl/openssl_missing.c +343 -0
data/ext/rubysl/openssl/openssl_missing.h +191 -0
data/ext/rubysl/openssl/ossl.c +552 -0
data/ext/rubysl/openssl/ossl.h +233 -0
data/ext/rubysl/openssl/ossl_asn1.c +1160 -0
data/ext/rubysl/openssl/ossl_asn1.h +59 -0
data/ext/rubysl/openssl/ossl_bio.c +86 -0
data/ext/rubysl/openssl/ossl_bio.h +21 -0
data/ext/rubysl/openssl/ossl_bn.c +852 -0
data/ext/rubysl/openssl/ossl_bn.h +25 -0
data/ext/rubysl/openssl/ossl_cipher.c +569 -0
data/ext/rubysl/openssl/ossl_cipher.h +22 -0
data/ext/rubysl/openssl/ossl_config.c +75 -0
data/ext/rubysl/openssl/ossl_config.h +22 -0
data/ext/rubysl/openssl/ossl_digest.c +259 -0
data/ext/rubysl/openssl/ossl_digest.h +22 -0
data/ext/rubysl/openssl/ossl_engine.c +411 -0
data/ext/rubysl/openssl/ossl_engine.h +20 -0
data/ext/rubysl/openssl/ossl_hmac.c +268 -0
data/ext/rubysl/openssl/ossl_hmac.h +19 -0
data/ext/rubysl/openssl/ossl_ns_spki.c +257 -0
data/ext/rubysl/openssl/ossl_ns_spki.h +21 -0
data/ext/rubysl/openssl/ossl_ocsp.c +769 -0
data/ext/rubysl/openssl/ossl_ocsp.h +24 -0
data/ext/rubysl/openssl/ossl_pkcs12.c +210 -0
data/ext/rubysl/openssl/ossl_pkcs12.h +15 -0
data/ext/rubysl/openssl/ossl_pkcs5.c +99 -0
data/ext/rubysl/openssl/ossl_pkcs5.h +6 -0
data/ext/rubysl/openssl/ossl_pkcs7.c +1039 -0
data/ext/rubysl/openssl/ossl_pkcs7.h +22 -0
data/ext/rubysl/openssl/ossl_pkey.c +240 -0
data/ext/rubysl/openssl/ossl_pkey.h +141 -0
data/ext/rubysl/openssl/ossl_pkey_dh.c +532 -0
data/ext/rubysl/openssl/ossl_pkey_dsa.c +484 -0
data/ext/rubysl/openssl/ossl_pkey_ec.c +1593 -0
data/ext/rubysl/openssl/ossl_pkey_rsa.c +593 -0
data/ext/rubysl/openssl/ossl_rand.c +202 -0
data/ext/rubysl/openssl/ossl_rand.h +20 -0
data/ext/rubysl/openssl/ossl_ssl.c +1484 -0
data/ext/rubysl/openssl/ossl_ssl.h +36 -0
data/ext/rubysl/openssl/ossl_ssl_session.c +307 -0
data/ext/rubysl/openssl/ossl_version.h +16 -0
data/ext/rubysl/openssl/ossl_x509.c +104 -0
data/ext/rubysl/openssl/ossl_x509.h +114 -0
data/ext/rubysl/openssl/ossl_x509attr.c +274 -0
data/ext/rubysl/openssl/ossl_x509cert.c +764 -0
data/ext/rubysl/openssl/ossl_x509crl.c +535 -0
data/ext/rubysl/openssl/ossl_x509ext.c +458 -0
data/ext/rubysl/openssl/ossl_x509name.c +399 -0
data/ext/rubysl/openssl/ossl_x509req.c +466 -0
data/ext/rubysl/openssl/ossl_x509revoked.c +229 -0
data/ext/rubysl/openssl/ossl_x509store.c +625 -0
data/ext/rubysl/openssl/ruby_missing.h +41 -0
data/lib/openssl.rb +1 -0
data/lib/openssl/bn.rb +35 -0
data/lib/openssl/buffering.rb +241 -0
data/lib/openssl/cipher.rb +65 -0
data/lib/openssl/config.rb +316 -0
data/lib/openssl/digest.rb +61 -0
data/lib/openssl/net/ftptls.rb +53 -0
data/lib/openssl/net/telnets.rb +251 -0
data/lib/openssl/pkcs7.rb +25 -0
data/lib/openssl/ssl-internal.rb +187 -0
data/lib/openssl/ssl.rb +1 -0
data/lib/openssl/x509-internal.rb +153 -0
data/lib/openssl/x509.rb +1 -0
data/lib/rubysl/openssl.rb +28 -0
data/lib/rubysl/openssl/version.rb +5 -0
data/rubysl-openssl.gemspec +19 -18
data/spec/cipher_spec.rb +16 -0
data/spec/config/freeze_spec.rb +17 -0
data/spec/hmac/digest_spec.rb +15 -0
data/spec/hmac/hexdigest_spec.rb +15 -0
data/spec/random/pseudo_bytes_spec.rb +5 -0
data/spec/random/random_bytes_spec.rb +5 -0
data/spec/random/shared/random_bytes.rb +28 -0
data/spec/shared/constants.rb +11 -0
data/spec/x509/name/parse_spec.rb +47 -0
metadata +153 -89
data/lib/rubysl-openssl.rb +0 -7
data/lib/rubysl-openssl/version.rb +0 -5

data/ext/rubysl/openssl/ossl_ssl.h ADDED

@@ -0,0 +1,36 @@
+/*
+ * $Id: ossl_ssl.h 12496 2007-06-08 15:02:04Z technorama $
+ * 'OpenSSL for Ruby' project
+ * Copyright (C) 2001-2002  Michal Rokos <m.rokos@sh.cvut.cz>
+ * All rights reserved.
+ */
+/*
+ * This program is licenced under the same licence as Ruby.
+ * (See the file 'LICENCE'.)
+ */
+#if !defined(_OSSL_SSL_H_)
+#define _OSSL_SSL_H_
+#define GetSSLSession(obj, sess) do { \
+	Data_Get_Struct(obj, SSL_SESSION, sess); \
+	if (!sess) { \
+		ossl_raise(rb_eRuntimeError, "SSL Session wasn't initialized."); \
+	} \
+} while (0)
+#define SafeGetSSLSession(obj, sess) do { \
+	OSSL_Check_Kind(obj, cSSLSession); \
+	GetSSLSession(obj, sess); \
+} while (0)
+extern VALUE mSSL;
+extern VALUE eSSLError;
+extern VALUE cSSLSocket;
+extern VALUE cSSLContext;
+extern VALUE cSSLSession;
+void Init_ossl_ssl(void);
+void Init_ossl_ssl_session(void);
+#endif /* _OSSL_SSL_H_ */

data/ext/rubysl/openssl/ossl_ssl_session.c ADDED

@@ -0,0 +1,307 @@
+/*
+ *  Copyright (C) 2004-2007 Technorama Ltd. <oss-ruby@technorama.net>
+ */
+#include "ossl.h"
+#define GetSSLSession(obj, sess) do { \
+	Data_Get_Struct(obj, SSL_SESSION, sess); \
+	if (!sess) { \
+		ossl_raise(rb_eRuntimeError, "SSL Session wasn't initialized."); \
+	} \
+} while (0)
+#define SafeGetSSLSession(obj, sess) do { \
+	OSSL_Check_Kind(obj, cSSLSession); \
+	GetSSLSession(obj, sess); \
+} while (0)
+VALUE cSSLSession;
+static VALUE eSSLSession;
+static VALUE ossl_ssl_session_alloc(VALUE klass)
+{
+	return Data_Wrap_Struct(klass, 0, SSL_SESSION_free, NULL);
+}
+/*
+ * call-seq:
+ *    Session.new(SSLSocket | string) => session
+ *
+ * === Parameters
+ * +SSLSocket+ is an OpenSSL::SSL::SSLSocket
+ * +string+ must be a DER or PEM encoded Session.
+*/
+static VALUE ossl_ssl_session_initialize(VALUE self, VALUE arg1)
+{
+	SSL_SESSION *ctx = NULL;
+	VALUE obj;
+	unsigned char *p;
+	if (RDATA(self)->data)
+		ossl_raise(eSSLSession, "SSL Session already initialized");
+	if (rb_obj_is_instance_of(arg1, cSSLSocket)) {
+		SSL *ssl;
+		Data_Get_Struct(arg1, SSL, ssl);
+		if (!ssl || (ctx = SSL_get1_session(ssl)) == NULL)
+			ossl_raise(eSSLSession, "no session available");
+	} else {
+		BIO *in = ossl_obj2bio(arg1);
+		ctx = PEM_read_bio_SSL_SESSION(in, NULL, NULL, NULL);
+		if (!ctx) {
+			BIO_reset(in);
+			ctx = d2i_SSL_SESSION_bio(in, NULL);
+		}
+		BIO_free(in);
+		if (!ctx)
+			ossl_raise(rb_eArgError, "unknown type");
+	}
+	/* should not happen */
+	if (ctx == NULL)
+		ossl_raise(eSSLSession, "ctx not set - internal error");
+	RDATA(self)->data = ctx;
+	return self;
+}
+/*
+ * call-seq:
+ *    session1 == session2 -> boolean
+ *
+*/
+static VALUE ossl_ssl_session_eq(VALUE val1, VALUE val2)
+{
+	SSL_SESSION *ctx1, *ctx2;
+	GetSSLSession(val1, ctx1);
+	SafeGetSSLSession(val2, ctx2);
+	/*
+	 * OpenSSL 1.0.0betas do not have non-static SSL_SESSION_cmp.
+	 * ssl_session_cmp (was SSL_SESSION_cmp in 0.9.8) is for lhash
+	 * comparing so we should not depend on it.  Just compare sessions
+	 * by version and id.
+	 */
+	if ((ctx1->ssl_version == ctx2->ssl_version) &&
+	    (ctx1->session_id_length == ctx2->session_id_length) &&
+	    (memcmp(ctx1->session_id, ctx2->session_id, ctx1->session_id_length) == 0)) {
+	    return Qtrue;
+	} else {
+	    return Qfalse;
+	}
+}
+/*
+ * call-seq:
+ *    session.time -> Time
+ *
+*/
+static VALUE ossl_ssl_session_get_time(VALUE self)
+{
+	SSL_SESSION *ctx;
+	long t;
+	GetSSLSession(self, ctx);
+	t = SSL_SESSION_get_time(ctx);
+	if (t == 0)
+		return Qnil;
+	return rb_funcall(rb_cTime, rb_intern("at"), 1, LONG2NUM(t));
+}
+/*
+ * call-seq:
+ *    session.timeout -> integer
+ *
+ * How long until the session expires in seconds.
+ *
+*/
+static VALUE ossl_ssl_session_get_timeout(VALUE self)
+{
+	SSL_SESSION *ctx;
+	long t;
+	GetSSLSession(self, ctx);
+	t = SSL_SESSION_get_timeout(ctx);
+	return LONG2NUM(t);
+}
+#define SSLSESSION_SET_TIME(func)						\
+	static VALUE ossl_ssl_session_set_##func(VALUE self, VALUE time_v)	\
+	{									\
+		SSL_SESSION *ctx;						\
+		long t;								\
+										\
+		GetSSLSession(self, ctx);					\
+										\
+		if (rb_obj_is_instance_of(time_v, rb_cTime)) {			\
+			time_v = rb_funcall(time_v, rb_intern("to_i"), 0);	\
+		} else if (FIXNUM_P(time_v)) {					\
+			;							\
+		} else {							\
+			rb_raise(rb_eArgError, "unknown type");			\
+		}								\
+										\
+		t = NUM2LONG(time_v);						\
+										\
+		SSL_SESSION_set_##func(ctx, t);					\
+										\
+		return ossl_ssl_session_get_##func(self);			\
+	}
+SSLSESSION_SET_TIME(time)
+SSLSESSION_SET_TIME(timeout)
+#ifdef HAVE_SSL_SESSION_GET_ID
+/*
+ * call-seq:
+ *    session.id -> aString
+ *
+ * Returns the Session ID.
+*/
+static VALUE ossl_ssl_session_get_id(VALUE self)
+{
+	SSL_SESSION *ctx;
+	const unsigned char *p = NULL;
+	unsigned int i = 0;
+	GetSSLSession(self, ctx);
+	p = SSL_SESSION_get_id(ctx, &i);
+	return rb_str_new((const char *) p, i);
+}
+#endif
+/*
+ * call-seq:
+ *    session.to_der -> aString
+ *
+ * Returns an ASN1 encoded String that contains the Session object.
+*/
+static VALUE ossl_ssl_session_to_der(VALUE self)
+{
+	SSL_SESSION *ctx;
+	unsigned char buf[1024*10], *p;
+	int len;
+	GetSSLSession(self, ctx);
+	p = buf;
+	len = i2d_SSL_SESSION(ctx, &p);
+	if (len <= 0)
+		ossl_raise(eSSLSession, "i2d_SSL_SESSION");
+	else if (len >= sizeof(buf))
+		ossl_raise(eSSLSession, "i2d_SSL_SESSION too large");
+	return rb_str_new((const char *) p, len);
+}
+/*
+ * call-seq:
+ *    session.to_pem -> String
+ *
+ * Returns a PEM encoded String that contains the Session object.
+*/
+static VALUE ossl_ssl_session_to_pem(VALUE self)
+{
+	SSL_SESSION *ctx;
+	BIO *out;
+	BUF_MEM *buf;
+	VALUE str;
+	int i;
+	GetSSLSession(self, ctx);
+	if (!(out = BIO_new(BIO_s_mem()))) {
+		ossl_raise(eSSLSession, "BIO_s_mem()");
+	}
+	if (!(i=PEM_write_bio_SSL_SESSION(out, ctx))) {
+		BIO_free(out);
+		ossl_raise(eSSLSession, "SSL_SESSION_print()");
+	}
+	BIO_get_mem_ptr(out, &buf);
+	str = rb_str_new(buf->data, buf->length);
+	BIO_free(out);
+	return str;
+}
+/*
+ * call-seq:
+ *    session.to_text -> String
+ *
+ * Shows everything in the Session object.
+*/
+static VALUE ossl_ssl_session_to_text(VALUE self)
+{
+	SSL_SESSION *ctx;
+	BIO *out;
+	BUF_MEM *buf;
+	VALUE str;
+	GetSSLSession(self, ctx);
+	if (!(out = BIO_new(BIO_s_mem()))) {
+		ossl_raise(eSSLSession, "BIO_s_mem()");
+	}
+	if (!SSL_SESSION_print(out, ctx)) {
+		BIO_free(out);
+		ossl_raise(eSSLSession, "SSL_SESSION_print()");
+	}
+	BIO_get_mem_ptr(out, &buf);
+	str = rb_str_new(buf->data, buf->length);
+	BIO_free(out);
+	return str;
+}
+void Init_ossl_ssl_session(void)
+{
+#if 0 /* let rdoc know about mOSSL */
+	mOSSL = rb_define_module("OpenSSL");
+	mSSL = rb_define_module_under(mOSSL, "SSL");
+#endif
+	cSSLSession = rb_define_class_under(mSSL, "Session", rb_cObject);
+	eSSLSession = rb_define_class_under(cSSLSession, "SessionError", eOSSLError);
+	rb_define_alloc_func(cSSLSession, ossl_ssl_session_alloc);
+	rb_define_method(cSSLSession, "initialize", ossl_ssl_session_initialize, 1);
+	rb_define_method(cSSLSession, "==", ossl_ssl_session_eq, 1);
+	rb_define_method(cSSLSession, "time", ossl_ssl_session_get_time, 0);
+	rb_define_method(cSSLSession, "time=", ossl_ssl_session_set_time, 1);
+	rb_define_method(cSSLSession, "timeout", ossl_ssl_session_get_timeout, 0);
+	rb_define_method(cSSLSession, "timeout=", ossl_ssl_session_set_timeout, 1);
+#ifdef HAVE_SSL_SESSION_GET_ID
+	rb_define_method(cSSLSession, "id", ossl_ssl_session_get_id, 0);
+#else
+	rb_undef_method(cSSLSession, "id");
+#endif
+	rb_define_method(cSSLSession, "to_der", ossl_ssl_session_to_der, 0);
+	rb_define_method(cSSLSession, "to_pem", ossl_ssl_session_to_pem, 0);
+	rb_define_method(cSSLSession, "to_text", ossl_ssl_session_to_text, 0);
+}

data/ext/rubysl/openssl/ossl_version.h ADDED

@@ -0,0 +1,16 @@
+/*
+ * $Id: ossl_version.h 11708 2007-02-12 23:01:19Z shyouhei $
+ * 'OpenSSL for Ruby' project
+ * Copyright (C) 2001-2002  Michal Rokos <m.rokos@sh.cvut.cz>
+ * All rights reserved.
+ */
+/*
+ * This program is licenced under the same licence as Ruby.
+ * (See the file 'LICENCE'.)
+ */
+#if !defined(_OSSL_VERSION_H_)
+#define _OSSL_VERSION_H_
+#define OSSL_VERSION "1.0.0"
+#endif /* _OSSL_VERSION_H_ */

data/ext/rubysl/openssl/ossl_x509.c ADDED

@@ -0,0 +1,104 @@
+/*
+ * $Id: ossl_x509.c 11708 2007-02-12 23:01:19Z shyouhei $
+ * 'OpenSSL for Ruby' project
+ * Copyright (C) 2001-2002  Michal Rokos <m.rokos@sh.cvut.cz>
+ * All rights reserved.
+ */
+/*
+ * This program is licenced under the same licence as Ruby.
+ * (See the file 'LICENCE'.)
+ */
+#include "ossl.h"
+VALUE mX509;
+#define DefX509Const(x) rb_define_const(mX509, #x,INT2FIX(X509_##x))
+#define DefX509Default(x,i) \
+  rb_define_const(mX509, "DEFAULT_" #x, rb_str_new2(X509_get_default_##i()))
+void
+Init_ossl_x509()
+{
+    mX509 = rb_define_module_under(mOSSL, "X509");
+    Init_ossl_x509attr();
+    Init_ossl_x509cert();
+    Init_ossl_x509crl();
+    Init_ossl_x509ext();
+    Init_ossl_x509name();
+    Init_ossl_x509req();
+    Init_ossl_x509revoked();
+    Init_ossl_x509store();
+    DefX509Const(V_OK);
+    DefX509Const(V_ERR_UNABLE_TO_GET_ISSUER_CERT);
+    DefX509Const(V_ERR_UNABLE_TO_GET_CRL);
+    DefX509Const(V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE);
+    DefX509Const(V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE);
+    DefX509Const(V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY);
+    DefX509Const(V_ERR_CERT_SIGNATURE_FAILURE);
+    DefX509Const(V_ERR_CRL_SIGNATURE_FAILURE);
+    DefX509Const(V_ERR_CERT_NOT_YET_VALID);
+    DefX509Const(V_ERR_CERT_HAS_EXPIRED);
+    DefX509Const(V_ERR_CRL_NOT_YET_VALID);
+    DefX509Const(V_ERR_CRL_HAS_EXPIRED);
+    DefX509Const(V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD);
+    DefX509Const(V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD);
+    DefX509Const(V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD);
+    DefX509Const(V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD);
+    DefX509Const(V_ERR_OUT_OF_MEM);
+    DefX509Const(V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT);
+    DefX509Const(V_ERR_SELF_SIGNED_CERT_IN_CHAIN);
+    DefX509Const(V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY);
+    DefX509Const(V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE);
+    DefX509Const(V_ERR_CERT_CHAIN_TOO_LONG);
+    DefX509Const(V_ERR_CERT_REVOKED);
+    DefX509Const(V_ERR_INVALID_CA);
+    DefX509Const(V_ERR_PATH_LENGTH_EXCEEDED);
+    DefX509Const(V_ERR_INVALID_PURPOSE);
+    DefX509Const(V_ERR_CERT_UNTRUSTED);
+    DefX509Const(V_ERR_CERT_REJECTED);
+    DefX509Const(V_ERR_SUBJECT_ISSUER_MISMATCH);
+    DefX509Const(V_ERR_AKID_SKID_MISMATCH);
+    DefX509Const(V_ERR_AKID_ISSUER_SERIAL_MISMATCH);
+    DefX509Const(V_ERR_KEYUSAGE_NO_CERTSIGN);
+    DefX509Const(V_ERR_APPLICATION_VERIFICATION);
+#if defined(X509_V_FLAG_CRL_CHECK)
+    DefX509Const(V_FLAG_CRL_CHECK);
+#endif
+#if defined(X509_V_FLAG_CRL_CHECK_ALL)
+    DefX509Const(V_FLAG_CRL_CHECK_ALL);
+#endif
+    DefX509Const(PURPOSE_SSL_CLIENT);
+    DefX509Const(PURPOSE_SSL_SERVER);
+    DefX509Const(PURPOSE_NS_SSL_SERVER);
+    DefX509Const(PURPOSE_SMIME_SIGN);
+    DefX509Const(PURPOSE_SMIME_ENCRYPT);
+    DefX509Const(PURPOSE_CRL_SIGN);
+    DefX509Const(PURPOSE_ANY);
+#if defined(X509_PURPOSE_OCSP_HELPER)
+    DefX509Const(PURPOSE_OCSP_HELPER);
+#endif
+    DefX509Const(TRUST_COMPAT);
+    DefX509Const(TRUST_SSL_CLIENT);
+    DefX509Const(TRUST_SSL_SERVER);
+    DefX509Const(TRUST_EMAIL);
+    DefX509Const(TRUST_OBJECT_SIGN);
+#if defined(X509_TRUST_OCSP_SIGN)
+    DefX509Const(TRUST_OCSP_SIGN);
+#endif
+#if defined(X509_TRUST_OCSP_REQUEST)
+    DefX509Const(TRUST_OCSP_REQUEST);
+#endif
+    DefX509Default(CERT_AREA, cert_area);
+    DefX509Default(CERT_DIR, cert_dir);
+    DefX509Default(CERT_FILE, cert_file);
+    DefX509Default(CERT_DIR_ENV, cert_dir_env);
+    DefX509Default(CERT_FILE_ENV, cert_file_env);
+    DefX509Default(PRIVATE_DIR, private_dir);
+}