* ext/openssl/extconf.rb: add check for OBJ_NAME_do_all_sorted.

* ext/openssl/ossl_cipher.c (ossl_s_ciphers): new method
  OpenSSL::Cipher.ciphers. it returns all the cipher names.

* ext/openssl/lib/openssl/cipher.rb:
  - add constants AES128, AES192, AES256. [ruby-dev:28610]
  - reimplement without eval()

* ext/openssl/lib/openssl/digest.rb: reimplement without eval().

* test/openssl/test_cipher.rb, test_digest: fix about reimplemented
  features.

* sample/openssl/cipher.rb: rewrite all.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@10339 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

ChangeLog

@@ -1,3 +1,21 @@
+Tue Jun 20 20:18:05 2006  GOTOU Yuuzou  <gotoyuzo@notwork.org>
+
+	* ext/openssl/extconf.rb: add check for OBJ_NAME_do_all_sorted.
+
+	* ext/openssl/ossl_cipher.c (ossl_s_ciphers): new method
+	  OpenSSL::Cipher.ciphers. it returns all the cipher names.
+
+	* ext/openssl/lib/openssl/cipher.rb:
+	  - add constants AES128, AES192, AES256. [ruby-dev:28610]
+	  - reimplement without eval()
+
+	* ext/openssl/lib/openssl/digest.rb: reimplement without eval().
+
+	* test/openssl/test_cipher.rb, test_digest: fix about reimplemented
+	  features.
+
+	* sample/openssl/cipher.rb: rewrite all.
+
 Sat Jun 19 11:21:46 2006  Eric Hodel <drbrain@segment7.net>
 
 	* lib/test/unit/assertions.rb: Merge RDoc from HEAD.

ext/openssl/extconf.rb

@@ -91,6 +91,7 @@ have_func("X509_CRL_set_version")
 have_func("X509_CRL_sort")
 have_func("X509_STORE_get_ex_data")
 have_func("X509_STORE_set_ex_data")
+have_func("OBJ_NAME_do_all_sorted")
 have_func("OPENSSL_cleanse")
 if try_compile("#define FOO(a, ...) foo(a, ##__VA_ARGS__)\n int x(){FOO(1);FOO(1,2);FOO(1,2,3);}\n")
   $defs.push("-DHAVE_VA_ARGS_MACRO")

ext/openssl/lib/openssl/cipher.rb

@@ -20,19 +20,25 @@
 
 module OpenSSL
   module Cipher
-    %w(AES CAST5 BF DES IDEA RC2 RC4 RC5).each{|cipher|
+    %w(AES CAST5 BF DES IDEA RC2 RC4 RC5).each{|name|
-      eval(<<-EOD)
+      klass = Class.new(Cipher){
-        class #{cipher} < Cipher
+        define_method(:initialize){|*args|
-          def initialize(*args)
+          cipher_name = args.inject(name){|n, arg| "#{n}-#{arg}" }
-            args = args.join('-')
+          super(cipher_name)
-            if args.size == 0
+        }
-              super(\"#{cipher}\")
+      }
-            else
+      const_set(name, klass)
-              super(\"#{cipher}-#\{args\}\")
+    }
-            end
+
-          end
+    %w(128 192 256).each{|keylen|
-        end
+      klass = Class.new(Cipher){
-      EOD
+        define_method(:initialize){|mode|
+          mode ||= "CBC"
+          cipher_name = "AES-#{keylen}-#{mode}"
+          super(cipher_name)
+        }
+      }
+      const_set("AES#{keylen}", klass)
     }
 
     class Cipher

ext/openssl/lib/openssl/digest.rb

@@ -26,22 +26,22 @@ module OpenSSL
       alg += %w(SHA224 SHA256 SHA384 SHA512)
     end
 
-    alg.each{|digest|
+    alg.each{|name|
-      self.module_eval(<<-EOD)
+      klass = Class.new(Digest){
-        class #{digest} < Digest
+        define_method(:initialize){|*data|
-          def initialize(data=nil)
+          if data.length > 1
-            super(\"#{digest}\", data)
+            raise ArgumentError,
+              "wrong number of arguments (#{data.length} for 1)"
           end
-
+          super(name, data.first)
-          def #{digest}::digest(data)
+        }
-            Digest::digest(\"#{digest}\", data)
+      }
-          end
+      singleton = (class <<klass; self; end)
-
+      singleton.class_eval{
-          def #{digest}::hexdigest(data)
+        define_method(:digest){|data| Digest.digest(name, data) }
-            Digest::hexdigest(\"#{digest}\", data)
+        define_method(:hexdigest){|data| Digest.hexdigest(name, data) }
-          end
+      }
-        end
+      const_set(name, klass)
-      EOD
     }
 
   end # Digest

ext/openssl/ossl_cipher.c

@@ -117,6 +117,30 @@ ossl_cipher_copy(VALUE self, VALUE other)
     return self;
 }
 
+static void*
+add_cipher_name_to_ary(const OBJ_NAME *name, VALUE ary)
+{
+    rb_ary_push(ary, rb_str_new2(name->name));
+    return NULL;
+}
+
+static VALUE
+ossl_s_ciphers(VALUE self)
+{
+#ifdef HAVE_OBJ_NAME_DO_ALL_SORTED
+    VALUE ary;
+
+    ary = rb_ary_new();
+    OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH,
+                    (void(*)(const OBJ_NAME*,void*))add_cipher_name_to_ary,
+                    (void*)ary);
+
+    return ary;
+#else
+    rb_notimplement();
+#endif
+}
+
 static VALUE
 ossl_cipher_reset(VALUE self)
 {
@@ -362,6 +386,7 @@ Init_ossl_cipher(void)
 
     rb_define_alloc_func(cCipher, ossl_cipher_alloc);
     rb_define_copy_func(cCipher, ossl_cipher_copy);
+    rb_define_module_function(mCipher, "ciphers", ossl_s_ciphers, 0);
     rb_define_method(cCipher, "initialize", ossl_cipher_initialize, 1);
     rb_define_method(cCipher, "reset", ossl_cipher_reset, 0);
     rb_define_method(cCipher, "encrypt", ossl_cipher_encrypt, -1);

sample/openssl/cipher.rb

@@ -2,19 +2,22 @@
 require 'openssl'
 
 text = "abcdefghijklmnopqrstuvwxyz"
-key = "key"
+pass = "secret password"
+salt = "8 octets"        # or nil
 alg = "DES-EDE3-CBC"
 #alg = "AES-128-CBC"
 
 puts "--Setup--"
 puts %(clear text:    "#{text}")
-puts %(symmetric key: "#{key}")
+puts %(password:      "#{pass}")
+puts %(salt:          "#{salt}")
 puts %(cipher alg:    "#{alg}")
 puts
 
 puts "--Encrypting--"
 des = OpenSSL::Cipher::Cipher.new(alg)
-des.encrypt(key) #, "iv12345678")
+des.pkcs5_keyivgen(pass, salt)
+des.encrypt
 cipher =  des.update(text)
 cipher << des.final
 puts %(encrypted text: #{cipher.inspect})
@@ -22,7 +25,8 @@ puts
 
 puts "--Decrypting--"
 des = OpenSSL::Cipher::Cipher.new(alg)
-des.decrypt(key) #, "iv12345678")
+des.pkcs5_keyivgen(pass, salt)
+des.decrypt
 out =  des.update(cipher)
 out << des.final
 puts %(decrypted text: "#{out}")

test/openssl/test_cipher.rb

@@ -11,7 +11,7 @@ class OpenSSL::TestCipher < Test::Unit::TestCase
     @c1 = OpenSSL::Cipher::Cipher.new("DES-EDE3-CBC")
     @c2 = OpenSSL::Cipher::DES.new(:EDE3, "CBC")
     @key = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
-    @iv = @key
+    @iv = "\0\0\0\0\0\0\0\0"
     @hexkey = "0000000000000000000000000000000000000000000000"
     @hexiv = "0000000000000000"
     @data = "DATA"
@@ -22,11 +22,16 @@ class OpenSSL::TestCipher < Test::Unit::TestCase
   end
 
   def test_crypt
-    s1 = @c1.encrypt(@key, @iv).update(@data) + @c1.final
+    @c1.encrypt.pkcs5_keyivgen(@key, @iv)
-    s2 = @c2.encrypt(@key, @iv).update(@data) + @c2.final
+    @c2.encrypt.pkcs5_keyivgen(@key, @iv)
+    s1 = @c1.update(@data) + @c1.final
+    s2 = @c2.update(@data) + @c2.final
     assert_equal(s1, s2, "encrypt")
-    assert_equal(@data, @c1.decrypt(@key, @iv).update(s2)+@c1.final, "decrypt")
+
-    assert_equal(@data, @c2.decrypt(@key, @iv).update(s1)+@c2.final, "decrypt")
+    @c1.decrypt.pkcs5_keyivgen(@key, @iv)
+    @c2.decrypt.pkcs5_keyivgen(@key, @iv)
+    assert_equal(@data, @c1.update(s1)+@c1.final, "decrypt")
+    assert_equal(@data, @c2.update(s2)+@c2.final, "decrypt")
   end
 
   def test_info
@@ -62,6 +67,29 @@ class OpenSSL::TestCipher < Test::Unit::TestCase
     @c1.encrypt
     assert_raises(ArgumentError){ @c1.update("") }
   end
+
+  if OpenSSL::OPENSSL_VERSION_NUMBER > 0x00907000
+    def test_ciphers
+      OpenSSL::Cipher.ciphers.each{|name|
+        assert(OpenSSL::Cipher::Cipher.new(name).is_a?(OpenSSL::Cipher::Cipher))
+      }
+    end
+
+    def test_AES
+      pt = File.read(__FILE__)
+      %w(ECB CBC CFB OFB).each{|mode|
+        c1 = OpenSSL::Cipher::AES256.new(mode)
+        c1.encrypt
+        c1.pkcs5_keyivgen("passwd")
+        ct = c1.update(pt) + c1.final
+
+        c2 = OpenSSL::Cipher::AES256.new(mode)
+        c2.decrypt
+        c2.pkcs5_keyivgen("passwd")
+        assert_equal(pt, c2.update(ct) + c2.final)
+      }
+    end
+  end
 end
 
 end