rubysl-openssl 2.2.1 → 2.3.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (64) hide show
  1. checksums.yaml +4 -4
  2. data/.travis.yml +4 -4
  3. data/MRI_LICENSE +56 -0
  4. data/ext/rubysl/openssl/openssl_missing.c +1 -1
  5. data/ext/rubysl/openssl/openssl_missing.h +1 -1
  6. data/ext/rubysl/openssl/ossl.c +17 -16
  7. data/ext/rubysl/openssl/ossl.h +7 -7
  8. data/ext/rubysl/openssl/ossl_asn1.c +5 -5
  9. data/ext/rubysl/openssl/ossl_asn1.h +1 -1
  10. data/ext/rubysl/openssl/ossl_bio.c +2 -2
  11. data/ext/rubysl/openssl/ossl_bio.h +1 -1
  12. data/ext/rubysl/openssl/ossl_bn.c +37 -13
  13. data/ext/rubysl/openssl/ossl_bn.h +1 -1
  14. data/ext/rubysl/openssl/ossl_cipher.c +64 -17
  15. data/ext/rubysl/openssl/ossl_cipher.h +1 -1
  16. data/ext/rubysl/openssl/ossl_config.c +3 -3
  17. data/ext/rubysl/openssl/ossl_config.h +1 -1
  18. data/ext/rubysl/openssl/ossl_digest.c +19 -7
  19. data/ext/rubysl/openssl/ossl_digest.h +1 -1
  20. data/ext/rubysl/openssl/ossl_engine.c +24 -17
  21. data/ext/rubysl/openssl/ossl_engine.h +1 -1
  22. data/ext/rubysl/openssl/ossl_hmac.c +15 -7
  23. data/ext/rubysl/openssl/ossl_hmac.h +1 -1
  24. data/ext/rubysl/openssl/ossl_ns_spki.c +19 -4
  25. data/ext/rubysl/openssl/ossl_ns_spki.h +1 -1
  26. data/ext/rubysl/openssl/ossl_ocsp.c +518 -60
  27. data/ext/rubysl/openssl/ossl_ocsp.h +1 -1
  28. data/ext/rubysl/openssl/ossl_pkcs12.c +18 -4
  29. data/ext/rubysl/openssl/ossl_pkcs12.h +1 -1
  30. data/ext/rubysl/openssl/ossl_pkcs5.c +1 -1
  31. data/ext/rubysl/openssl/ossl_pkcs7.c +59 -15
  32. data/ext/rubysl/openssl/ossl_pkcs7.h +1 -1
  33. data/ext/rubysl/openssl/ossl_pkey.c +16 -2
  34. data/ext/rubysl/openssl/ossl_pkey.h +4 -3
  35. data/ext/rubysl/openssl/ossl_pkey_dh.c +3 -3
  36. data/ext/rubysl/openssl/ossl_pkey_dsa.c +3 -3
  37. data/ext/rubysl/openssl/ossl_pkey_ec.c +32 -12
  38. data/ext/rubysl/openssl/ossl_pkey_rsa.c +3 -3
  39. data/ext/rubysl/openssl/ossl_rand.c +58 -34
  40. data/ext/rubysl/openssl/ossl_rand.h +1 -1
  41. data/ext/rubysl/openssl/ossl_ssl.c +75 -46
  42. data/ext/rubysl/openssl/ossl_ssl.h +8 -2
  43. data/ext/rubysl/openssl/ossl_ssl_session.c +16 -15
  44. data/ext/rubysl/openssl/ossl_version.h +1 -1
  45. data/ext/rubysl/openssl/ossl_x509.c +2 -2
  46. data/ext/rubysl/openssl/ossl_x509.h +1 -1
  47. data/ext/rubysl/openssl/ossl_x509attr.c +18 -4
  48. data/ext/rubysl/openssl/ossl_x509cert.c +27 -33
  49. data/ext/rubysl/openssl/ossl_x509crl.c +18 -4
  50. data/ext/rubysl/openssl/ossl_x509ext.c +29 -7
  51. data/ext/rubysl/openssl/ossl_x509name.c +22 -7
  52. data/ext/rubysl/openssl/ossl_x509req.c +18 -4
  53. data/ext/rubysl/openssl/ossl_x509revoked.c +18 -4
  54. data/ext/rubysl/openssl/ossl_x509store.c +33 -8
  55. data/ext/rubysl/openssl/ruby_missing.h +1 -1
  56. data/lib/openssl/bn.rb +8 -1
  57. data/lib/openssl/buffering.rb +1 -1
  58. data/lib/openssl/cipher.rb +1 -1
  59. data/lib/openssl/digest.rb +1 -1
  60. data/lib/openssl/ssl.rb +65 -7
  61. data/lib/openssl/x509.rb +22 -2
  62. data/lib/rubysl/openssl.rb +1 -1
  63. data/lib/rubysl/openssl/version.rb +1 -1
  64. metadata +4 -3
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 632c3d85435c4df2102444ef385b965bbdea7b3e
4
- data.tar.gz: 9463e3d090bd2637c824cbf683369014d2be2f5b
3
+ metadata.gz: 4d527aa0692ff6cf741dd5e8e022855cc612797c
4
+ data.tar.gz: a9c9310c961f1062af965b9bc87cfd70a182ae3e
5
5
  SHA512:
6
- metadata.gz: 6ba772247db8461e4cbc59cb96c5ecf04a5f767c3a5de02723cba93e684d5102ace32f083e4eeb5719cf696df0700a651edaf36945d447247a82147e53d1470d
7
- data.tar.gz: 131dbc5eb9a6f9a7ea7c271c63985c2a2a3b553fc8e81e240706ac0440bfa48b66d5f3578fac801aac8923967fae0f0bd7132bd0f4eff1168d5fe1ed2d13566f
6
+ metadata.gz: 28fd7bbf496c13cc35bb1f24ec162a21d9516b01666c5f2b9abf4277862547fbbd9fc60fb494b067a93c0167ec92a079dfad423ecac332c06e772713fa452e94
7
+ data.tar.gz: 8b33c0eeb9f3f028467fc08843820adc8c622a993b7df4b28015d11f05d91d0cc46a1f9e791a91bd04838d072cb1ba4c290c7c2d9494c9187316e160441531db
data/.travis.yml CHANGED
@@ -4,11 +4,11 @@ env:
4
4
  - RUBYLIB=
5
5
  script: mspec spec
6
6
  rvm:
7
- - 2.0.0
8
- - rbx-2.2.1
7
+ - 2.2
8
+ - rbx-2
9
9
  matrix:
10
10
  exclude:
11
- - rvm: 2.0.0
11
+ - rvm: 2.2
12
12
  env: RUBYLIB=lib
13
- - rvm: rbx-2.2.1
13
+ - rvm: rbx-2
14
14
  env: RUBYLIB=
data/MRI_LICENSE ADDED
@@ -0,0 +1,56 @@
1
+ Ruby is copyrighted free software by Yukihiro Matsumoto <matz@netlab.jp>.
2
+ You can redistribute it and/or modify it under either the terms of the
3
+ 2-clause BSDL (see the file BSDL), or the conditions below:
4
+
5
+ 1. You may make and give away verbatim copies of the source form of the
6
+ software without restriction, provided that you duplicate all of the
7
+ original copyright notices and associated disclaimers.
8
+
9
+ 2. You may modify your copy of the software in any way, provided that
10
+ you do at least ONE of the following:
11
+
12
+ a) place your modifications in the Public Domain or otherwise
13
+ make them Freely Available, such as by posting said
14
+ modifications to Usenet or an equivalent medium, or by allowing
15
+ the author to include your modifications in the software.
16
+
17
+ b) use the modified software only within your corporation or
18
+ organization.
19
+
20
+ c) give non-standard binaries non-standard names, with
21
+ instructions on where to get the original software distribution.
22
+
23
+ d) make other distribution arrangements with the author.
24
+
25
+ 3. You may distribute the software in object code or binary form,
26
+ provided that you do at least ONE of the following:
27
+
28
+ a) distribute the binaries and library files of the software,
29
+ together with instructions (in the manual page or equivalent)
30
+ on where to get the original distribution.
31
+
32
+ b) accompany the distribution with the machine-readable source of
33
+ the software.
34
+
35
+ c) give non-standard binaries non-standard names, with
36
+ instructions on where to get the original software distribution.
37
+
38
+ d) make other distribution arrangements with the author.
39
+
40
+ 4. You may modify and include the part of the software into any other
41
+ software (possibly commercial). But some files in the distribution
42
+ are not written by the author, so that they are not under these terms.
43
+
44
+ For the list of those files and their copying conditions, see the
45
+ file LEGAL.
46
+
47
+ 5. The scripts and library files supplied as input to or produced as
48
+ output from the software do not automatically fall under the
49
+ copyright of the software, but belong to whomever generated them,
50
+ and may be sold commercially, and may be aggregated with this
51
+ software.
52
+
53
+ 6. THIS SOFTWARE IS PROVIDED "AS IS" AND WITHOUT ANY EXPRESS OR
54
+ IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
55
+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
56
+ PURPOSE.
@@ -1,5 +1,5 @@
1
1
  /*
2
- * $Id$
2
+ * $Id: openssl_missing.c 40625 2013-05-09 12:12:17Z akr $
3
3
  * 'OpenSSL for Ruby' project
4
4
  * Copyright (C) 2001-2002 Michal Rokos <m.rokos@sh.cvut.cz>
5
5
  * All rights reserved.
@@ -1,5 +1,5 @@
1
1
  /*
2
- * $Id$
2
+ * $Id: openssl_missing.h 32230 2011-06-26 01:32:03Z emboss $
3
3
  * 'OpenSSL for Ruby' project
4
4
  * Copyright (C) 2001-2002 Michal Rokos <m.rokos@sh.cvut.cz>
5
5
  * All rights reserved.
@@ -1,5 +1,5 @@
1
1
  /*
2
- * $Id$
2
+ * $Id: ossl.c 47744 2014-09-30 05:25:32Z nobu $
3
3
  * 'OpenSSL for Ruby' project
4
4
  * Copyright (C) 2001-2002 Michal Rokos <m.rokos@sh.cvut.cz>
5
5
  * All rights reserved.
@@ -18,11 +18,12 @@ int
18
18
  string2hex(const unsigned char *buf, int buf_len, char **hexbuf, int *hexbuf_len)
19
19
  {
20
20
  static const char hex[]="0123456789abcdef";
21
- int i, len = 2 * buf_len;
21
+ int i, len;
22
22
 
23
- if (buf_len < 0 || len < buf_len) { /* PARANOIA? */
23
+ if (buf_len < 0 || buf_len > INT_MAX / 2) { /* PARANOIA? */
24
24
  return -1;
25
25
  }
26
+ len = 2 * buf_len;
26
27
  if (!hexbuf) { /* if no buf, return calculated len */
27
28
  if (hexbuf_len) {
28
29
  *hexbuf_len = len;
@@ -303,7 +304,7 @@ ossl_make_error(VALUE exc, const char *fmt, va_list args)
303
304
  e = ERR_peek_error();
304
305
  #endif
305
306
  if (fmt) {
306
- str = rb_sprintf(fmt, args);
307
+ str = rb_vsprintf(fmt, args);
307
308
  }
308
309
  if (e) {
309
310
  if (dOSSL == Qtrue) /* FULL INFO */
@@ -360,7 +361,7 @@ ossl_exc_new(VALUE exc, const char *fmt, ...)
360
361
  * Any errors you see here are probably due to a bug in ruby's OpenSSL implementation.
361
362
  */
362
363
  VALUE
363
- ossl_get_errors()
364
+ ossl_get_errors(void)
364
365
  {
365
366
  VALUE ary;
366
367
  long e;
@@ -747,27 +748,27 @@ static void Init_ossl_locks(void)
747
748
  *
748
749
  * First set up the cipher for encryption
749
750
  *
750
- * encrypter = OpenSSL::Cipher.new 'AES-128-CBC'
751
- * encrypter.encrypt
752
- * encrypter.pkcs5_keyivgen pass_phrase, salt
751
+ * encryptor = OpenSSL::Cipher.new 'AES-128-CBC'
752
+ * encryptor.encrypt
753
+ * encryptor.pkcs5_keyivgen pass_phrase, salt
753
754
  *
754
755
  * Then pass the data you want to encrypt through
755
756
  *
756
- * encrypted = encrypter.update 'top secret document'
757
- * encrypted << encrypter.final
757
+ * encrypted = encryptor.update 'top secret document'
758
+ * encrypted << encryptor.final
758
759
  *
759
760
  * === Decryption
760
761
  *
761
762
  * Use a new Cipher instance set up for decryption
762
763
  *
763
- * decrypter = OpenSSL::Cipher.new 'AES-128-CBC'
764
- * decrypter.decrypt
765
- * decrypter.pkcs5_keyivgen pass_phrase, salt
764
+ * decryptor = OpenSSL::Cipher.new 'AES-128-CBC'
765
+ * decryptor.decrypt
766
+ * decryptor.pkcs5_keyivgen pass_phrase, salt
766
767
  *
767
768
  * Then pass the data you want to decrypt through
768
769
  *
769
- * plain = decrypter.update encrypted
770
- * plain << decrypter.final
770
+ * plain = decryptor.update encrypted
771
+ * plain << decryptor.final
771
772
  *
772
773
  * == X509 Certificates
773
774
  *
@@ -1033,7 +1034,7 @@ static void Init_ossl_locks(void)
1033
1034
  *
1034
1035
  */
1035
1036
  void
1036
- Init_openssl()
1037
+ Init_openssl(void)
1037
1038
  {
1038
1039
  /*
1039
1040
  * Init timezone info
@@ -1,5 +1,5 @@
1
1
  /*
2
- * $Id$
2
+ * $Id: ossl.h 44582 2014-01-13 00:57:42Z nobu $
3
3
  * 'OpenSSL for Ruby' project
4
4
  * Copyright (C) 2001-2002 Michal Rokos <m.rokos@sh.cvut.cz>
5
5
  * All rights reserved.
@@ -95,15 +95,15 @@ extern VALUE eOSSLError;
95
95
  */
96
96
  #define OSSL_Check_Kind(obj, klass) do {\
97
97
  if (!rb_obj_is_kind_of((obj), (klass))) {\
98
- ossl_raise(rb_eTypeError, "wrong argument (%s)! (Expected kind of %s)",\
99
- rb_obj_classname(obj), RSTRING_PTR(rb_class_name(klass)));\
98
+ ossl_raise(rb_eTypeError, "wrong argument (%"PRIsVALUE")! (Expected kind of %"PRIsVALUE")",\
99
+ rb_obj_class(obj), (klass));\
100
100
  }\
101
101
  } while (0)
102
102
 
103
103
  #define OSSL_Check_Instance(obj, klass) do {\
104
104
  if (!rb_obj_is_instance_of((obj), (klass))) {\
105
- ossl_raise(rb_eTypeError, "wrong argument (%s)! (Expected instance of %s)",\
106
- rb_obj_classname(obj), RSTRING_PTR(rb_class_name(klass)));\
105
+ ossl_raise(rb_eTypeError, "wrong argument (%"PRIsVALUE")! (Expected instance of %"PRIsVALUE")",\
106
+ rb_obj_class(obj), (klass));\
107
107
  }\
108
108
  } while (0)
109
109
 
@@ -137,8 +137,8 @@ VALUE ossl_x509name_sk2ary(STACK_OF(X509_NAME) *names);
137
137
  VALUE ossl_buf2str(char *buf, int len);
138
138
  #define ossl_str_adjust(str, p) \
139
139
  do{\
140
- int len = RSTRING_LENINT(str);\
141
- int newlen = rb_long2int((p) - (unsigned char*)RSTRING_PTR(str));\
140
+ long len = RSTRING_LEN(str);\
141
+ long newlen = (long)((p) - (unsigned char*)RSTRING_PTR(str));\
142
142
  assert(newlen <= len);\
143
143
  rb_str_set_len((str), newlen);\
144
144
  }while(0)
@@ -1,5 +1,5 @@
1
1
  /*
2
- * $Id$
2
+ * $Id: ossl_asn1.c 47744 2014-09-30 05:25:32Z nobu $
3
3
  * 'OpenSSL for Ruby' team members
4
4
  * Copyright (C) 2003
5
5
  * All rights reserved.
@@ -495,7 +495,7 @@ typedef struct {
495
495
  VALUE *klass;
496
496
  } ossl_asn1_info_t;
497
497
 
498
- static ossl_asn1_info_t ossl_asn1_info[] = {
498
+ static const ossl_asn1_info_t ossl_asn1_info[] = {
499
499
  { "EOC", &cASN1EndOfContent, }, /* 0 */
500
500
  { "BOOLEAN", &cASN1Boolean, }, /* 1 */
501
501
  { "INTEGER", &cASN1Integer, }, /* 2 */
@@ -529,7 +529,7 @@ static ossl_asn1_info_t ossl_asn1_info[] = {
529
529
  { "BMPSTRING", &cASN1BMPString, }, /* 30 */
530
530
  };
531
531
 
532
- int ossl_asn1_info_size = (sizeof(ossl_asn1_info)/sizeof(ossl_asn1_info[0]));
532
+ enum {ossl_asn1_info_size = (sizeof(ossl_asn1_info)/sizeof(ossl_asn1_info[0]))};
533
533
 
534
534
  static VALUE class_tag_map;
535
535
 
@@ -624,7 +624,7 @@ ossl_asn1_default_tag(VALUE obj)
624
624
  }
625
625
  tmp_class = rb_class_superclass(tmp_class);
626
626
  }
627
- ossl_raise(eASN1Error, "universal tag for %s not found",
627
+ ossl_raise(eASN1Error, "universal tag for %"PRIsVALUE" not found",
628
628
  rb_obj_class(obj));
629
629
 
630
630
  return -1; /* dummy */
@@ -1472,7 +1472,7 @@ OSSL_ASN1_IMPL_FACTORY_METHOD(Set)
1472
1472
  OSSL_ASN1_IMPL_FACTORY_METHOD(EndOfContent)
1473
1473
 
1474
1474
  void
1475
- Init_ossl_asn1()
1475
+ Init_ossl_asn1(void)
1476
1476
  {
1477
1477
  VALUE ary;
1478
1478
  int i;
@@ -1,5 +1,5 @@
1
1
  /*
2
- * $Id$
2
+ * $Id: ossl_asn1.h 27437 2010-04-22 08:04:13Z nobu $
3
3
  * 'OpenSSL for Ruby' team members
4
4
  * Copyright (C) 2003
5
5
  * All rights reserved.
@@ -1,5 +1,5 @@
1
1
  /*
2
- * $Id$
2
+ * $Id: ossl_bio.c 47042 2014-08-03 01:56:01Z nobu $
3
3
  * 'OpenSSL for Ruby' team members
4
4
  * Copyright (C) 2003
5
5
  * All rights reserved.
@@ -18,7 +18,7 @@ ossl_obj2bio(VALUE obj)
18
18
  {
19
19
  BIO *bio;
20
20
 
21
- if (TYPE(obj) == T_FILE) {
21
+ if (RB_TYPE_P(obj, T_FILE)) {
22
22
  rb_io_t *fptr;
23
23
  FILE *fp;
24
24
  int fd;
@@ -1,5 +1,5 @@
1
1
  /*
2
- * $Id$
2
+ * $Id: ossl_bio.h 25189 2009-10-02 12:04:37Z akr $
3
3
  * 'OpenSSL for Ruby' team members
4
4
  * Copyright (C) 2003
5
5
  * All rights reserved.
@@ -1,5 +1,5 @@
1
1
  /*
2
- * $Id$
2
+ * $Id: ossl_bn.c 48662 2014-12-01 06:38:04Z nobu $
3
3
  * 'OpenSSL for Ruby' project
4
4
  * Copyright (C) 2001-2002 Technorama team <oss-ruby@technorama.net>
5
5
  * All rights reserved.
@@ -15,11 +15,11 @@
15
15
  if (!(bn)) { \
16
16
  ossl_raise(rb_eRuntimeError, "BN wasn't initialized!"); \
17
17
  } \
18
- (obj) = Data_Wrap_Struct((klass), 0, BN_clear_free, (bn)); \
18
+ (obj) = TypedData_Wrap_Struct((klass), &ossl_bn_type, (bn)); \
19
19
  } while (0)
20
20
 
21
21
  #define GetBN(obj, bn) do { \
22
- Data_Get_Struct((obj), BIGNUM, (bn)); \
22
+ TypedData_Get_Struct((obj), BIGNUM, &ossl_bn_type, (bn)); \
23
23
  if (!(bn)) { \
24
24
  ossl_raise(rb_eRuntimeError, "BN wasn't initialized!"); \
25
25
  } \
@@ -30,6 +30,25 @@
30
30
  GetBN((obj), (bn)); \
31
31
  } while (0)
32
32
 
33
+ static void
34
+ ossl_bn_free(void *ptr)
35
+ {
36
+ BN_clear_free(ptr);
37
+ }
38
+
39
+ static size_t
40
+ ossl_bn_size(const void *ptr)
41
+ {
42
+ return sizeof(BIGNUM);
43
+ }
44
+
45
+ static const rb_data_type_t ossl_bn_type = {
46
+ "OpenSSL/BN",
47
+ {0, ossl_bn_free, ossl_bn_size,},
48
+ 0, 0,
49
+ RUBY_TYPED_FREE_IMMEDIATELY,
50
+ };
51
+
33
52
  /*
34
53
  * Classes
35
54
  */
@@ -140,19 +159,24 @@ ossl_bn_initialize(int argc, VALUE *argv, VALUE self)
140
159
  return self;
141
160
  }
142
161
  else if (RB_TYPE_P(str, T_BIGNUM)) {
143
- int len = rb_big_bytes_used(str);
144
- unsigned char* bin = (unsigned char*)XMALLOC(len);
162
+ size_t len = rb_absint_size(str, NULL);
163
+ unsigned char *bin;
164
+ VALUE buf;
165
+ int sign;
145
166
 
146
- rb_big_pack(str, (unsigned long*)bin, len / sizeof(long));
167
+ if (INT_MAX < len) {
168
+ rb_raise(eBNError, "bignum too long");
169
+ }
170
+ bin = (unsigned char*)ALLOCV_N(unsigned char, buf, len);
171
+ sign = rb_integer_pack(str, bin, len, 1, 0, INTEGER_PACK_BIG_ENDIAN);
147
172
 
148
- GetBN(self, bn);
149
- if (!BN_bin2bn(bin, len, bn)) {
150
- XFREE(bin);
173
+ GetBN(self, bn);
174
+ if (!BN_bin2bn(bin, (int)len, bn)) {
175
+ ALLOCV_END(buf);
151
176
  ossl_raise(eBNError, NULL);
152
177
  }
153
- XFREE(bin);
154
-
155
- if (!RBIGNUM_SIGN(str)) BN_set_negative(bn, 1);
178
+ ALLOCV_END(buf);
179
+ if (sign < 0) BN_set_negative(bn, 1);
156
180
  return self;
157
181
  }
158
182
  if (RTEST(rb_obj_is_kind_of(str, cBN))) {
@@ -768,7 +792,7 @@ ossl_bn_is_prime_fasttest(int argc, VALUE *argv, VALUE self)
768
792
  * (NOTE: ordering of methods is the same as in 'man bn')
769
793
  */
770
794
  void
771
- Init_ossl_bn()
795
+ Init_ossl_bn(void)
772
796
  {
773
797
  #if 0
774
798
  mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL */
@@ -1,5 +1,5 @@
1
1
  /*
2
- * $Id$
2
+ * $Id: ossl_bn.h 25189 2009-10-02 12:04:37Z akr $
3
3
  * 'OpenSSL for Ruby' project
4
4
  * Copyright (C) 2001-2002 Michal Rokos <m.rokos@sh.cvut.cz>
5
5
  * All rights reserved.
@@ -1,5 +1,5 @@
1
1
  /*
2
- * $Id$
2
+ * $Id: ossl_cipher.c 48923 2014-12-23 02:42:16Z nobu $
3
3
  * 'OpenSSL for Ruby' project
4
4
  * Copyright (C) 2001-2002 Michal Rokos <m.rokos@sh.cvut.cz>
5
5
  * All rights reserved.
@@ -11,13 +11,13 @@
11
11
  #include "ossl.h"
12
12
 
13
13
  #define WrapCipher(obj, klass, ctx) \
14
- (obj) = Data_Wrap_Struct((klass), 0, ossl_cipher_free, (ctx))
14
+ (obj) = TypedData_Wrap_Struct((klass), &ossl_cipher_type, (ctx))
15
15
  #define MakeCipher(obj, klass, ctx) \
16
- (obj) = Data_Make_Struct((klass), EVP_CIPHER_CTX, 0, ossl_cipher_free, (ctx))
16
+ (obj) = TypedData_Make_Struct((klass), EVP_CIPHER_CTX, &ossl_cipher_type, (ctx))
17
17
  #define AllocCipher(obj, ctx) \
18
- memset(DATA_PTR(obj) = (ctx) = ALLOC(EVP_CIPHER_CTX), 0, sizeof(EVP_CIPHER_CTX))
18
+ (DATA_PTR(obj) = (ctx) = ZALLOC(EVP_CIPHER_CTX))
19
19
  #define GetCipherInit(obj, ctx) do { \
20
- Data_Get_Struct((obj), EVP_CIPHER_CTX, (ctx)); \
20
+ TypedData_Get_Struct((obj), EVP_CIPHER_CTX, &ossl_cipher_type, (ctx)); \
21
21
  } while (0)
22
22
  #define GetCipher(obj, ctx) do { \
23
23
  GetCipherInit((obj), (ctx)); \
@@ -37,6 +37,15 @@ VALUE cCipher;
37
37
  VALUE eCipherError;
38
38
 
39
39
  static VALUE ossl_cipher_alloc(VALUE klass);
40
+ static void ossl_cipher_free(void *ptr);
41
+ static size_t ossl_cipher_memsize(const void *ptr);
42
+
43
+ static const rb_data_type_t ossl_cipher_type = {
44
+ "OpenSSL/Cipher",
45
+ {0, ossl_cipher_free, ossl_cipher_memsize,},
46
+ 0, 0,
47
+ RUBY_TYPED_FREE_IMMEDIATELY,
48
+ };
40
49
 
41
50
  /*
42
51
  * PUBLIC
@@ -70,14 +79,22 @@ ossl_cipher_new(const EVP_CIPHER *cipher)
70
79
  * PRIVATE
71
80
  */
72
81
  static void
73
- ossl_cipher_free(EVP_CIPHER_CTX *ctx)
82
+ ossl_cipher_free(void *ptr)
74
83
  {
84
+ EVP_CIPHER_CTX *ctx = ptr;
75
85
  if (ctx) {
76
86
  EVP_CIPHER_CTX_cleanup(ctx);
77
87
  ruby_xfree(ctx);
78
88
  }
79
89
  }
80
90
 
91
+ static size_t
92
+ ossl_cipher_memsize(const void *ptr)
93
+ {
94
+ const EVP_CIPHER_CTX *ctx = ptr;
95
+ return ctx ? sizeof(*ctx) : 0;
96
+ }
97
+
81
98
  static VALUE
82
99
  ossl_cipher_alloc(VALUE klass)
83
100
  {
@@ -158,7 +175,7 @@ add_cipher_name_to_ary(const OBJ_NAME *name, VALUE ary)
158
175
  #ifdef HAVE_OBJ_NAME_DO_ALL_SORTED
159
176
  /*
160
177
  * call-seq:
161
- * Cipher.ciphers -> array[string...]
178
+ * OpenSSL::Cipher.ciphers -> array[string...]
162
179
  *
163
180
  * Returns the names of all available ciphers in an array.
164
181
  */
@@ -183,7 +200,7 @@ ossl_s_ciphers(VALUE self)
183
200
  * cipher.reset -> self
184
201
  *
185
202
  * Fully resets the internal state of the Cipher. By using this, the same
186
- * Cipher instance may be used several times for en- or decryption tasks.
203
+ * Cipher instance may be used several times for encryption or decryption tasks.
187
204
  *
188
205
  * Internally calls EVP_CipherInit_ex(ctx, NULL, NULL, NULL, NULL, -1).
189
206
  */
@@ -214,8 +231,8 @@ ossl_cipher_init(int argc, VALUE *argv, VALUE self, int mode)
214
231
  * keeping this behaviour for backward compatibility.
215
232
  */
216
233
  VALUE cname = rb_class_path(rb_obj_class(self));
217
- rb_warn("arguments for %s#encrypt and %s#decrypt were deprecated; "
218
- "use %s#pkcs5_keyivgen to derive key and IV",
234
+ rb_warn("arguments for %"PRIsVALUE"#encrypt and %"PRIsVALUE"#decrypt were deprecated; "
235
+ "use %"PRIsVALUE"#pkcs5_keyivgen to derive key and IV",
219
236
  cname, cname, cname);
220
237
  StringValue(pass);
221
238
  GetCipher(self, ctx);
@@ -329,6 +346,33 @@ ossl_cipher_pkcs5_keyivgen(int argc, VALUE *argv, VALUE self)
329
346
  return Qnil;
330
347
  }
331
348
 
349
+ static int
350
+ ossl_cipher_update_long(EVP_CIPHER_CTX *ctx, unsigned char *out, long *out_len_ptr,
351
+ const unsigned char *in, long in_len)
352
+ {
353
+ int out_part_len;
354
+ long out_len = 0;
355
+ #define UPDATE_LENGTH_LIMIT INT_MAX
356
+
357
+ #if SIZEOF_LONG > UPDATE_LENGTH_LIMIT
358
+ if (in_len > UPDATE_LENGTH_LIMIT) {
359
+ const int in_part_len = (UPDATE_LENGTH_LIMIT / 2 + 1) & ~1;
360
+ do {
361
+ if (!EVP_CipherUpdate(ctx, out ? (out + out_len) : 0,
362
+ &out_part_len, in, in_part_len))
363
+ return 0;
364
+ out_len += out_part_len;
365
+ in += in_part_len;
366
+ } while ((in_len -= in_part_len) > UPDATE_LENGTH_LIMIT);
367
+ }
368
+ #endif
369
+ if (!EVP_CipherUpdate(ctx, out ? (out + out_len) : 0,
370
+ &out_part_len, in, (int)in_len))
371
+ return 0;
372
+ if (out_len_ptr) *out_len_ptr = out_len += out_part_len;
373
+ return 1;
374
+ }
375
+
332
376
  /*
333
377
  * call-seq:
334
378
  * cipher.update(data [, buffer]) -> string or buffer
@@ -347,17 +391,21 @@ ossl_cipher_update(int argc, VALUE *argv, VALUE self)
347
391
  {
348
392
  EVP_CIPHER_CTX *ctx;
349
393
  unsigned char *in;
350
- int in_len, out_len;
394
+ long in_len, out_len;
351
395
  VALUE data, str;
352
396
 
353
397
  rb_scan_args(argc, argv, "11", &data, &str);
354
398
 
355
399
  StringValue(data);
356
400
  in = (unsigned char *)RSTRING_PTR(data);
357
- if ((in_len = RSTRING_LENINT(data)) == 0)
401
+ if ((in_len = RSTRING_LEN(data)) == 0)
358
402
  ossl_raise(rb_eArgError, "data must not be empty");
359
403
  GetCipher(self, ctx);
360
404
  out_len = in_len+EVP_CIPHER_CTX_block_size(ctx);
405
+ if (out_len <= 0) {
406
+ ossl_raise(rb_eRangeError,
407
+ "data too big to make output buffer: %ld bytes", in_len);
408
+ }
361
409
 
362
410
  if (NIL_P(str)) {
363
411
  str = rb_str_new(0, out_len);
@@ -366,7 +414,7 @@ ossl_cipher_update(int argc, VALUE *argv, VALUE self)
366
414
  rb_str_resize(str, out_len);
367
415
  }
368
416
 
369
- if (!EVP_CipherUpdate(ctx, (unsigned char *)RSTRING_PTR(str), &out_len, in, in_len))
417
+ if (!ossl_cipher_update_long(ctx, (unsigned char *)RSTRING_PTR(str), &out_len, in, in_len))
370
418
  ossl_raise(eCipherError, NULL);
371
419
  assert(out_len < RSTRING_LEN(str));
372
420
  rb_str_set_len(str, out_len);
@@ -506,17 +554,16 @@ ossl_cipher_set_auth_data(VALUE self, VALUE data)
506
554
  {
507
555
  EVP_CIPHER_CTX *ctx;
508
556
  unsigned char *in;
509
- int in_len;
510
- int out_len;
557
+ long in_len, out_len;
511
558
 
512
559
  StringValue(data);
513
560
 
514
561
  in = (unsigned char *) RSTRING_PTR(data);
515
- in_len = RSTRING_LENINT(data);
562
+ in_len = RSTRING_LEN(data);
516
563
 
517
564
  GetCipher(self, ctx);
518
565
 
519
- if (!EVP_CipherUpdate(ctx, NULL, &out_len, in, in_len))
566
+ if (!ossl_cipher_update_long(ctx, NULL, &out_len, in, in_len))
520
567
  ossl_raise(eCipherError, "couldn't set additional authenticated data");
521
568
 
522
569
  return data;