1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00

* ext/openssl/extconf.rb: check for EVP_CIPHER_CTX_copy, ENGINE_add,

EVP_CIPHER_CTX_set_padding, EVP_CipherFinal_ex, EVP_CipherInit_ex,
  EVP_DigestFinal_ex and EVP_DigestInit_ex.

* ext/openssl/openssl_missing.c (EVP_CIPHER_CTX_copy): new function.

* ext/openssl/openssl_missing.h (EVP_DigestInit_ex, EVP_DigestFinal_ex,
  EVP_CipherInit_ex, EVP_CipherFinal_ex, HMAC_Init_ex): new macro for
  OpenSSL 0.9.6.

* ext/openssl/ossl_cipher.c (ossl_cipher_alloc, ossl_cipher_initialize,
  ossl_cipher_copy, ossl_cipher_reset, ossl_cipher_encrypt,
  ossl_cipher_decrypt, ossl_cipher_final, ossl_cipher_set_key,
  ossl_cipher_set_iv): replace all EVP_CipherInit and
  EVP_CipherFinal into EVP_CipherInit_ex and EVP_CipherFinal_ex.
  and EVP_CIPHER_CTX_init should only be called once.

* ext/openssl/ossl_cipher.c (ossl_cipher_set_padding): check for
  EVP_CIPHER_CTX_set_padding.

* ext/openssl/ossl_cipher.c (Init_ossl_cipher): Cipher#<< is deprecated.

* ext/openssl/ossl_digest.c: replace all EVP_DigestInit and
  EVP_DigestFinal into EVP_DigestInit_ex and EVP_DigestFinal_ex.
  and EVP_MD_CTX_init should only be called once.

* ext/openssl/ossl_digest.c (digest_final): should call
  EVP_MD_CTX_cleanup to avoid memory leak.

* ext/openssl/ossl_hmac.c (ossl_hmac_initialize): repalce HMAC_init
  into HMAC_init_ex. and HMAC_CTX_init is moved to ossl_hmac_alloc.

* ext/openssl/ossl_hmac.c (hmac_final): should call
  HMAC_CTX_cleanup to avoid memory leak.

* test/openssl/test_cipher.rb, test/openssl/test_digest.rb,
  test/openssl/test_hmac.rb: new file.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6548 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
gotoyuzo 2004-06-30 10:48:43 +00:00
parent ba0756ca01
commit 22ab58c03c
11 changed files with 319 additions and 68 deletions

View file

@ -1,3 +1,43 @@
Wed Jun 30 19:48:09 2004 GOTOU Yuuzou <gotoyuzo@notwork.org>
* ext/openssl/extconf.rb: check for EVP_CIPHER_CTX_copy, ENGINE_add,
EVP_CIPHER_CTX_set_padding, EVP_CipherFinal_ex, EVP_CipherInit_ex,
EVP_DigestFinal_ex and EVP_DigestInit_ex.
* ext/openssl/openssl_missing.c (EVP_CIPHER_CTX_copy): new function.
* ext/openssl/openssl_missing.h (EVP_DigestInit_ex, EVP_DigestFinal_ex,
EVP_CipherInit_ex, EVP_CipherFinal_ex, HMAC_Init_ex): new macro for
OpenSSL 0.9.6.
* ext/openssl/ossl_cipher.c (ossl_cipher_alloc, ossl_cipher_initialize,
ossl_cipher_copy, ossl_cipher_reset, ossl_cipher_encrypt,
ossl_cipher_decrypt, ossl_cipher_final, ossl_cipher_set_key,
ossl_cipher_set_iv): replace all EVP_CipherInit and
EVP_CipherFinal into EVP_CipherInit_ex and EVP_CipherFinal_ex.
and EVP_CIPHER_CTX_init should only be called once.
* ext/openssl/ossl_cipher.c (ossl_cipher_set_padding): check for
EVP_CIPHER_CTX_set_padding.
* ext/openssl/ossl_cipher.c (Init_ossl_cipher): Cipher#<< is deprecated.
* ext/openssl/ossl_digest.c: replace all EVP_DigestInit and
EVP_DigestFinal into EVP_DigestInit_ex and EVP_DigestFinal_ex.
and EVP_MD_CTX_init should only be called once.
* ext/openssl/ossl_digest.c (digest_final): should call
EVP_MD_CTX_cleanup to avoid memory leak.
* ext/openssl/ossl_hmac.c (ossl_hmac_initialize): repalce HMAC_init
into HMAC_init_ex. and HMAC_CTX_init is moved to ossl_hmac_alloc.
* ext/openssl/ossl_hmac.c (hmac_final): should call
HMAC_CTX_cleanup to avoid memory leak.
* test/openssl/test_cipher.rb, test/openssl/test_digest.rb,
test/openssl/test_hmac.rb: new file.
Wed Jun 30 16:59:39 Hirokazu Yamamoto <ocean@m2.ccsnet.ne.jp> Wed Jun 30 16:59:39 Hirokazu Yamamoto <ocean@m2.ccsnet.ne.jp>
* test/ruby/test_file.rb (test_fnmatch): some tests for File.fnmatch * test/ruby/test_file.rb (test_fnmatch): some tests for File.fnmatch

View file

@ -805,6 +805,9 @@ test/logger/test_logger.rb
test/monitor/test_monitor.rb test/monitor/test_monitor.rb
test/net/http/test_httpheader.rb test/net/http/test_httpheader.rb
test/openssl/ssl_server.rb test/openssl/ssl_server.rb
test/openssl/test_cipher.rb
test/openssl/test_digest.rb
test/openssl/test_hmac.rb
test/openssl/test_ssl.rb test/openssl/test_ssl.rb
test/openssl/test_x509cert.rb test/openssl/test_x509cert.rb
test/openssl/test_x509crl.rb test/openssl/test_x509crl.rb

View file

@ -62,40 +62,54 @@ unless have_header("openssl/conf_api.h")
end end
message "=== Checking for OpenSSL features... ===\n" message "=== Checking for OpenSSL features... ===\n"
have_func("BN_mod_add")
have_func("BN_mod_sqr")
have_func("BN_mod_sub")
have_func("BN_pseudo_rand_range")
have_func("BN_rand_range")
have_func("CONF_get1_default_config_file")
have_func("EVP_CIPHER_CTX_copy")
have_func("EVP_CIPHER_CTX_set_padding")
have_func("EVP_CipherFinal_ex")
have_func("EVP_CipherInit_ex")
have_func("EVP_DigestFinal_ex")
have_func("EVP_DigestInit_ex")
have_func("EVP_MD_CTX_cleanup")
have_func("EVP_MD_CTX_create")
have_func("EVP_MD_CTX_destroy")
have_func("EVP_MD_CTX_init")
have_func("HMAC_CTX_cleanup")
have_func("HMAC_CTX_copy") have_func("HMAC_CTX_copy")
have_func("HMAC_CTX_init")
have_func("PEM_def_callback")
have_func("X509V3_set_nconf")
have_func("X509_CRL_add0_revoked")
have_func("X509_CRL_set_issuer_name")
have_func("X509_CRL_set_version")
have_func("X509_CRL_sort")
have_func("X509_STORE_get_ex_data") have_func("X509_STORE_get_ex_data")
have_func("X509_STORE_set_ex_data") have_func("X509_STORE_set_ex_data")
have_func("EVP_MD_CTX_create")
have_func("EVP_MD_CTX_cleanup")
have_func("EVP_MD_CTX_destroy")
have_func("PEM_def_callback")
have_func("EVP_MD_CTX_init")
have_func("HMAC_CTX_init")
have_func("HMAC_CTX_cleanup")
have_func("X509_CRL_set_version")
have_func("X509_CRL_set_issuer_name")
have_func("X509_CRL_sort")
have_func("X509_CRL_add0_revoked")
have_func("CONF_get1_default_config_file")
have_func("BN_mod_sqr")
have_func("BN_mod_add")
have_func("BN_mod_sub")
have_func("BN_rand_range")
have_func("BN_pseudo_rand_range")
have_func("CONF_get1_default_config_file")
have_func("X509V3_set_nconf")
if try_compile("#define FOO(a, ...) foo(a, ##__VA_ARGS__)\n int x(){FOO(1);FOO(1,2);FOO(1,2,3);}\n") if try_compile("#define FOO(a, ...) foo(a, ##__VA_ARGS__)\n int x(){FOO(1);FOO(1,2);FOO(1,2,3);}\n")
$defs.push("-DHAVE_VA_ARGS_MACRO") $defs.push("-DHAVE_VA_ARGS_MACRO")
end end
if have_header("openssl/engine.h") if have_header("openssl/engine.h")
have_func("ENGINE_add")
have_func("ENGINE_load_builtin_engines") have_func("ENGINE_load_builtin_engines")
have_func("ENGINE_load_openbsd_dev_crypto") have_func("ENGINE_load_openbsd_dev_crypto")
have_func("ENGINE_get_digest") have_func("ENGINE_get_digest")
have_func("ENGINE_get_cipher") have_func("ENGINE_get_cipher")
have_func("ENGINE_cleanup") have_func("ENGINE_cleanup")
end end
if try_compile(<<SRC)
#include <openssl/opensslv.h>
#if OPENSSL_VERSION_NUMBER < 0x00907000L
# error "OpenSSL version is less than 0.9.7."
#endif
SRC
have_header("openssl/ocsp.h") have_header("openssl/ocsp.h")
end
have_struct_member("EVP_CIPHER_CTX", "flags", "openssl/evp.h") have_struct_member("EVP_CIPHER_CTX", "flags", "openssl/evp.h")
have_struct_member("EVP_CIPHER_CTX", "engine", "openssl/evp.h")
have_struct_member("X509_ATTRIBUTE", "single", "openssl/x509.h") have_struct_member("X509_ATTRIBUTE", "single", "openssl/x509.h")
message "=== Checking done. ===\n" message "=== Checking done. ===\n"

View file

@ -105,6 +105,29 @@ HMAC_CTX_cleanup(HMAC_CTX *ctx)
} }
#endif #endif
#if !defined(HAVE_EVP_CIPHER_CTX_COPY)
/*
* this function does not exist in OpenSSL yet... or ever?.
* a future version may break this function.
* tested on 0.9.7d.
*/
int
EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, EVP_CIPHER_CTX *in)
{
memcpy(out, in, sizeof(EVP_CIPHER_CTX));
#if defined(HAVE_ENGINE_ADD) && defined(HAVE_ST_ENGINE)
if (in->engine) ENGINE_add(out->engine);
if (in->cipher_data) {
out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);
memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
}
#endif
return 1;
}
#endif
#if !defined(HAVE_X509_CRL_SET_VERSION) #if !defined(HAVE_X509_CRL_SET_VERSION)
int int
X509_CRL_set_version(X509_CRL *x, long version) X509_CRL_set_version(X509_CRL *x, long version)

View file

@ -56,13 +56,33 @@ extern "C" {
(char *(*)())d2i_PKCS7_RECIP_INFO, (char *)ri) (char *(*)())d2i_PKCS7_RECIP_INFO, (char *)ri)
#endif #endif
void HMAC_CTX_init(HMAC_CTX *ctx);
int HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in); int HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in);
void *X509_STORE_get_ex_data(X509_STORE *str, int idx); void HMAC_CTX_cleanup(HMAC_CTX *ctx);
int X509_STORE_set_ex_data(X509_STORE *str, int idx, void *data);
EVP_MD_CTX *EVP_MD_CTX_create(void); EVP_MD_CTX *EVP_MD_CTX_create(void);
void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx); int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx); void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
#if !defined(HAVE_EVP_CIPHER_CTX_COPY)
int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, EVP_CIPHER_CTX *in);
#endif
#if !defined(HAVE_EVP_DIGESTINIT_EX)
# define EVP_DigestInit_ex(ctx, md, engine) EVP_DigestInit(ctx, md)
#endif
#if !defined(HAVE_EVP_DIGESTFINAL_EX)
# define EVP_DigestFinal_ex(ctx, buf, len) EVP_DigestFinal(ctx, buf, len)
#endif
#if !defined(HAVE_EVP_CIPHERINIT_EX)
# define EVP_CipherInit_ex(ctx, type, impl, key, iv, enc) EVP_CipherInit(ctx, type, key, iv, enc)
#endif
#if !defined(HAVE_EVP_CIPHERFINAL_EX)
# define EVP_CipherFinal_ex(ctx, outm, outl) EVP_CipherFinal(ctx, outm, outl)
#endif
#if !defined(EVP_CIPHER_name) #if !defined(EVP_CIPHER_name)
# define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e)) # define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e))
#endif #endif
@ -71,9 +91,9 @@ void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
# define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_type(e)) # define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_type(e))
#endif #endif
void EVP_MD_CTX_init(EVP_MD_CTX *ctx); #if !defined(HAVE_EVP_HMAC_INIT_EX)
void HMAC_CTX_init(HMAC_CTX *ctx); # define HMAC_Init_ex(ctx, key, len, digest, engine) HMAC_Init(ctx, key, len, digest)
void HMAC_CTX_cleanup(HMAC_CTX *ctx); #endif
#if !defined(PKCS7_is_detached) #if !defined(PKCS7_is_detached)
# define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7)) # define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7))
@ -83,6 +103,8 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx);
# define PKCS7_type_is_encrypted(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted) # define PKCS7_type_is_encrypted(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted)
#endif #endif
void *X509_STORE_get_ex_data(X509_STORE *str, int idx);
int X509_STORE_set_ex_data(X509_STORE *str, int idx, void *data);
int X509_CRL_set_version(X509_CRL *x, long version); int X509_CRL_set_version(X509_CRL *x, long version);
int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name); int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);
int X509_CRL_sort(X509_CRL *c); int X509_CRL_sort(X509_CRL *c);

View file

@ -54,7 +54,7 @@ ossl_cipher_new(const EVP_CIPHER *cipher)
ret = ossl_cipher_alloc(cCipher); ret = ossl_cipher_alloc(cCipher);
GetCipher(ret, ctx); GetCipher(ret, ctx);
EVP_CIPHER_CTX_init(ctx); EVP_CIPHER_CTX_init(ctx);
if (EVP_CipherInit(ctx, cipher, NULL, NULL, -1) != 1) if (EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, -1) != 1)
ossl_raise(eCipherError, NULL); ossl_raise(eCipherError, NULL);
return ret; return ret;
@ -79,6 +79,7 @@ ossl_cipher_alloc(VALUE klass)
VALUE obj; VALUE obj;
MakeCipher(obj, klass, ctx); MakeCipher(obj, klass, ctx);
EVP_CIPHER_CTX_init(ctx);
return obj; return obj;
} }
@ -97,8 +98,7 @@ ossl_cipher_initialize(VALUE self, VALUE str)
if (!(cipher = EVP_get_cipherbyname(name))) { if (!(cipher = EVP_get_cipherbyname(name))) {
ossl_raise(rb_eRuntimeError, "Unsupported cipher algorithm (%s).", name); ossl_raise(rb_eRuntimeError, "Unsupported cipher algorithm (%s).", name);
} }
EVP_CIPHER_CTX_init(ctx); if (EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, -1) != 1)
if (EVP_CipherInit(ctx, cipher, NULL, NULL, -1) != 1)
ossl_raise(eCipherError, NULL); ossl_raise(eCipherError, NULL);
return self; return self;
@ -113,8 +113,8 @@ ossl_cipher_copy(VALUE self, VALUE other)
GetCipher(self, ctx1); GetCipher(self, ctx1);
SafeGetCipher(other, ctx2); SafeGetCipher(other, ctx2);
if (EVP_CIPHER_CTX_copy(ctx1, ctx2) != 1)
memcpy(ctx1, ctx2, sizeof(EVP_CIPHER_CTX)); ossl_raise(eCipherError, NULL);
return self; return self;
} }
@ -125,7 +125,7 @@ ossl_cipher_reset(VALUE self)
EVP_CIPHER_CTX *ctx; EVP_CIPHER_CTX *ctx;
GetCipher(self, ctx); GetCipher(self, ctx);
if (EVP_CipherInit(ctx, NULL, NULL, NULL, -1) != 1) if (EVP_CipherInit_ex(ctx, NULL, NULL, NULL, NULL, -1) != 1)
ossl_raise(eCipherError, NULL); ossl_raise(eCipherError, NULL);
return self; return self;
@ -166,7 +166,7 @@ ossl_cipher_encrypt(int argc, VALUE *argv, VALUE self)
} }
} }
if (EVP_CipherInit(ctx, NULL, NULL, NULL, 1) != 1) { if (EVP_CipherInit_ex(ctx, NULL, NULL, NULL, NULL, 1) != 1) {
ossl_raise(eCipherError, NULL); ossl_raise(eCipherError, NULL);
} }
@ -175,7 +175,7 @@ ossl_cipher_encrypt(int argc, VALUE *argv, VALUE self)
EVP_BytesToKey(EVP_CIPHER_CTX_cipher(ctx), EVP_md5(), iv, EVP_BytesToKey(EVP_CIPHER_CTX_cipher(ctx), EVP_md5(), iv,
RSTRING(pass)->ptr, RSTRING(pass)->len, 1, key, NULL); RSTRING(pass)->ptr, RSTRING(pass)->len, 1, key, NULL);
if (EVP_CipherInit(ctx, NULL, key, iv, -1) != 1) { if (EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, -1) != 1) {
ossl_raise(eCipherError, NULL); ossl_raise(eCipherError, NULL);
} }
} }
@ -211,7 +211,7 @@ ossl_cipher_decrypt(int argc, VALUE *argv, VALUE self)
} }
} }
if (EVP_CipherInit(ctx, NULL, NULL, NULL, 0) != 1) { if (EVP_CipherInit_ex(ctx, NULL, NULL, NULL, NULL, 0) != 1) {
ossl_raise(eCipherError, NULL); ossl_raise(eCipherError, NULL);
} }
@ -220,7 +220,7 @@ ossl_cipher_decrypt(int argc, VALUE *argv, VALUE self)
EVP_BytesToKey(EVP_CIPHER_CTX_cipher(ctx), EVP_md5(), iv, EVP_BytesToKey(EVP_CIPHER_CTX_cipher(ctx), EVP_md5(), iv,
RSTRING(pass)->ptr, RSTRING(pass)->len, 1, key, NULL); RSTRING(pass)->ptr, RSTRING(pass)->len, 1, key, NULL);
if (EVP_CipherInit(ctx, NULL, key, iv, -1) != 1) { if (EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, -1) != 1) {
ossl_raise(eCipherError, NULL); ossl_raise(eCipherError, NULL);
} }
} }
@ -259,7 +259,7 @@ ossl_cipher_final(VALUE self)
GetCipher(self, ctx); GetCipher(self, ctx);
str = rb_str_new(0, EVP_CIPHER_CTX_block_size(ctx)); str = rb_str_new(0, EVP_CIPHER_CTX_block_size(ctx));
if (!EVP_CipherFinal(ctx, RSTRING(str)->ptr, &out_len)) if (!EVP_CipherFinal_ex(ctx, RSTRING(str)->ptr, &out_len))
ossl_raise(eCipherError, NULL); ossl_raise(eCipherError, NULL);
assert(out_len <= RSTRING(str)->len); assert(out_len <= RSTRING(str)->len);
RSTRING(str)->len = out_len; RSTRING(str)->len = out_len;
@ -289,7 +289,7 @@ ossl_cipher_set_key(VALUE self, VALUE key)
if (RSTRING(key)->len < EVP_CIPHER_CTX_key_length(ctx)) if (RSTRING(key)->len < EVP_CIPHER_CTX_key_length(ctx))
ossl_raise(eCipherError, "key length too short"); ossl_raise(eCipherError, "key length too short");
if (EVP_CipherInit(ctx, NULL, RSTRING(key)->ptr, NULL, -1) != 1) if (EVP_CipherInit_ex(ctx, NULL, NULL, RSTRING(key)->ptr, NULL, -1) != 1)
ossl_raise(eCipherError, NULL); ossl_raise(eCipherError, NULL);
return key; return key;
@ -306,7 +306,7 @@ ossl_cipher_set_iv(VALUE self, VALUE iv)
if (RSTRING(iv)->len < EVP_CIPHER_CTX_iv_length(ctx)) if (RSTRING(iv)->len < EVP_CIPHER_CTX_iv_length(ctx))
ossl_raise(eCipherError, "iv length too short"); ossl_raise(eCipherError, "iv length too short");
if (EVP_CipherInit(ctx, NULL, NULL, RSTRING(iv)->ptr, -1) != 1) if (EVP_CipherInit_ex(ctx, NULL, NULL, NULL, RSTRING(iv)->ptr, -1) != 1)
ossl_raise(eCipherError, NULL); ossl_raise(eCipherError, NULL);
return iv; return iv;
@ -315,11 +315,10 @@ ossl_cipher_set_iv(VALUE self, VALUE iv)
static VALUE static VALUE
ossl_cipher_set_padding(VALUE self, VALUE padding) ossl_cipher_set_padding(VALUE self, VALUE padding)
{ {
#if defined(HAVE_ST_FLAGS) #if defined(HAVE_EVP_CIPHER_CTX_SET_PADDING)
EVP_CIPHER_CTX *ctx; EVP_CIPHER_CTX *ctx;
GetCipher(self, ctx); GetCipher(self, ctx);
if (EVP_CIPHER_CTX_set_padding(ctx, NUM2INT(padding)) != 1) if (EVP_CIPHER_CTX_set_padding(ctx, NUM2INT(padding)) != 1)
ossl_raise(eCipherError, NULL); ossl_raise(eCipherError, NULL);
#else #else
@ -351,32 +350,18 @@ Init_ossl_cipher(void)
cCipher = rb_define_class_under(mCipher, "Cipher", rb_cObject); cCipher = rb_define_class_under(mCipher, "Cipher", rb_cObject);
rb_define_alloc_func(cCipher, ossl_cipher_alloc); rb_define_alloc_func(cCipher, ossl_cipher_alloc);
rb_define_method(cCipher, "initialize", ossl_cipher_initialize, 1);
rb_define_copy_func(cCipher, ossl_cipher_copy); rb_define_copy_func(cCipher, ossl_cipher_copy);
rb_define_method(cCipher, "initialize", ossl_cipher_initialize, 1);
rb_define_method(cCipher, "reset", ossl_cipher_reset, 0); rb_define_method(cCipher, "reset", ossl_cipher_reset, 0);
rb_define_method(cCipher, "encrypt", ossl_cipher_encrypt, -1); rb_define_method(cCipher, "encrypt", ossl_cipher_encrypt, -1);
rb_define_method(cCipher, "decrypt", ossl_cipher_decrypt, -1); rb_define_method(cCipher, "decrypt", ossl_cipher_decrypt, -1);
rb_define_method(cCipher, "update", ossl_cipher_update, 1); rb_define_method(cCipher, "update", ossl_cipher_update, 1);
rb_define_alias(cCipher, "<<", "update");
rb_define_method(cCipher, "final", ossl_cipher_final, 0); rb_define_method(cCipher, "final", ossl_cipher_final, 0);
rb_define_method(cCipher, "name", ossl_cipher_name, 0); rb_define_method(cCipher, "name", ossl_cipher_name, 0);
rb_define_method(cCipher, "key=", ossl_cipher_set_key, 1); rb_define_method(cCipher, "key=", ossl_cipher_set_key, 1);
rb_define_method(cCipher, "key_len", ossl_cipher_key_length, 0); rb_define_method(cCipher, "key_len", ossl_cipher_key_length, 0);
/*
* TODO
* int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
*/
rb_define_method(cCipher, "iv=", ossl_cipher_set_iv, 1); rb_define_method(cCipher, "iv=", ossl_cipher_set_iv, 1);
rb_define_method(cCipher, "iv_len", ossl_cipher_iv_length, 0); rb_define_method(cCipher, "iv_len", ossl_cipher_iv_length, 0);
rb_define_method(cCipher, "block_size", ossl_cipher_block_size, 0); rb_define_method(cCipher, "block_size", ossl_cipher_block_size, 0);
rb_define_method(cCipher, "padding=", ossl_cipher_set_padding, 1); rb_define_method(cCipher, "padding=", ossl_cipher_set_padding, 1);
}
} /* Init_ossl_cipher */

View file

@ -52,7 +52,7 @@ ossl_digest_new(const EVP_MD *md)
ret = ossl_digest_alloc(cDigest); ret = ossl_digest_alloc(cDigest);
GetDigest(ret, ctx); GetDigest(ret, ctx);
EVP_MD_CTX_init(ctx); EVP_MD_CTX_init(ctx);
EVP_DigestInit(ctx, md); EVP_DigestInit_ex(ctx, md, NULL);
return ret; return ret;
} }
@ -69,6 +69,7 @@ ossl_digest_alloc(VALUE klass)
ctx = EVP_MD_CTX_create(); ctx = EVP_MD_CTX_create();
if (ctx == NULL) if (ctx == NULL)
ossl_raise(rb_eRuntimeError, "EVP_MD_CTX_create() failed"); ossl_raise(rb_eRuntimeError, "EVP_MD_CTX_create() failed");
EVP_MD_CTX_init(ctx);
obj = Data_Wrap_Struct(klass, 0, EVP_MD_CTX_destroy, ctx); obj = Data_Wrap_Struct(klass, 0, EVP_MD_CTX_destroy, ctx);
return obj; return obj;
@ -94,8 +95,7 @@ ossl_digest_initialize(int argc, VALUE *argv, VALUE self)
if (!md) { if (!md) {
ossl_raise(rb_eRuntimeError, "Unsupported digest algorithm (%s).", name); ossl_raise(rb_eRuntimeError, "Unsupported digest algorithm (%s).", name);
} }
EVP_MD_CTX_init(ctx); EVP_DigestInit_ex(ctx, md, NULL);
EVP_DigestInit(ctx, md);
if (!NIL_P(data)) return ossl_digest_update(self, data); if (!NIL_P(data)) return ossl_digest_update(self, data);
return self; return self;
@ -124,7 +124,7 @@ ossl_digest_reset(VALUE self)
EVP_MD_CTX *ctx; EVP_MD_CTX *ctx;
GetDigest(self, ctx); GetDigest(self, ctx);
EVP_DigestInit(ctx, EVP_MD_CTX_md(ctx)); EVP_DigestInit_ex(ctx, EVP_MD_CTX_md(ctx), NULL);
return self; return self;
} }
@ -150,9 +150,10 @@ digest_final(EVP_MD_CTX *ctx, char **buf, int *buf_len)
ossl_raise(eDigestError, NULL); ossl_raise(eDigestError, NULL);
} }
if (!(*buf = OPENSSL_malloc(EVP_MD_CTX_size(&final)))) { if (!(*buf = OPENSSL_malloc(EVP_MD_CTX_size(&final)))) {
EVP_MD_CTX_cleanup(&final);
ossl_raise(eDigestError, "Cannot allocate mem for digest"); ossl_raise(eDigestError, "Cannot allocate mem for digest");
} }
EVP_DigestFinal(&final, *buf, buf_len); EVP_DigestFinal_ex(&final, *buf, buf_len);
EVP_MD_CTX_cleanup(&final); EVP_MD_CTX_cleanup(&final);
} }

View file

@ -52,6 +52,7 @@ ossl_hmac_alloc(VALUE klass)
VALUE obj; VALUE obj;
MakeHMAC(obj, klass, ctx); MakeHMAC(obj, klass, ctx);
HMAC_CTX_init(ctx);
return obj; return obj;
} }
@ -63,8 +64,8 @@ ossl_hmac_initialize(VALUE self, VALUE key, VALUE digest)
GetHMAC(self, ctx); GetHMAC(self, ctx);
StringValue(key); StringValue(key);
HMAC_CTX_init(ctx); HMAC_Init_ex(ctx, RSTRING(key)->ptr, RSTRING(key)->len,
HMAC_Init(ctx, RSTRING(key)->ptr, RSTRING(key)->len, GetDigestPtr(digest)); GetDigestPtr(digest), NULL);
return self; return self;
} }
@ -107,6 +108,7 @@ hmac_final(HMAC_CTX *ctx, char **buf, int *buf_len)
ossl_raise(eHMACError, NULL); ossl_raise(eHMACError, NULL);
} }
if (!(*buf = OPENSSL_malloc(HMAC_size(&final)))) { if (!(*buf = OPENSSL_malloc(HMAC_size(&final)))) {
HMAC_CTX_cleanup(&final);
OSSL_Debug("Allocating %d mem", HMAC_size(&final)); OSSL_Debug("Allocating %d mem", HMAC_size(&final));
ossl_raise(eHMACError, "Cannot allocate memory for hmac"); ossl_raise(eHMACError, "Cannot allocate memory for hmac");
} }

View file

@ -0,0 +1,62 @@
begin
require "openssl"
rescue LoadError
end
require "test/unit"
if defined?(OpenSSL)
class OpenSSL::TestCipher < Test::Unit::TestCase
def setup
@c1 = OpenSSL::Cipher::Cipher.new("DES-EDE3-CBC")
@c2 = OpenSSL::Cipher::DES.new(:EDE3, "CBC")
@key = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
@iv = @key
@hexkey = "0000000000000000000000000000000000000000000000"
@hexiv = "0000000000000000"
@data = "DATA"
end
def teardown
@c1 = @c2 = nil
end
def test_crypt
s1 = @c1.encrypt(@key, @iv).update(@data) + @c1.final
s2 = @c2.encrypt(@key, @iv).update(@data) + @c2.final
assert_equal(s1, s2, "encrypt")
assert_equal(@data, @c1.decrypt(@key, @iv).update(s2)+@c1.final, "decrypt")
assert_equal(@data, @c2.decrypt(@key, @iv).update(s1)+@c2.final, "decrypt")
end
def test_info
assert_equal("DES-EDE3-CBC", @c1.name, "name")
assert_equal("DES-EDE3-CBC", @c2.name, "name")
assert_kind_of(Fixnum, @c1.key_len, "key_len")
assert_kind_of(Fixnum, @c1.iv_len, "iv_len")
end
def test_dup
assert_equal(@c1.name, @c1.dup.name, "dup")
assert_equal(@c1.name, @c1.clone.name, "clone")
@c1.encrypt
@c1.key = @key
@c1.iv = @iv
tmpc = @c1.dup
s1 = @c1.update(@data) + @c1.final
s2 = tmpc.update(@data) + tmpc.final
assert_equal(s1, s2, "encrypt dup")
end
def test_reset
@c1.encrypt
@c1.key = @key
@c1.iv = @iv
s1 = @c1.update(@data) + @c1.final
@c1.reset
s2 = @c1.update(@data) + @c1.final
assert_equal(s1, s2, "encrypt reset")
end
end
end

View file

@ -0,0 +1,65 @@
begin
require "openssl"
rescue LoadError
end
require "digest/md5"
require "test/unit"
if defined?(OpenSSL)
class OpenSSL::TestDigest < Test::Unit::TestCase
def setup
@d1 = OpenSSL::Digest::Digest::new("MD5")
@d2 = OpenSSL::Digest::MD5.new
@md = Digest::MD5.new
@data = "DATA"
end
def teardown
@d1 = @d2 = @md = nil
end
def test_digest
assert_equal(@md.digest, @d1.digest)
assert_equal(@md.hexdigest, @d1.hexdigest)
@d1 << @data
@d2 << @data
@md << @data
assert_equal(@md.digest, @d1.digest)
assert_equal(@md.hexdigest, @d1.hexdigest)
assert_equal(@d1.digest, @d2.digest)
assert_equal(@d1.hexdigest, @d2.hexdigest)
assert_equal(@md.digest, OpenSSL::Digest::MD5.digest(@data))
assert_equal(@md.hexdigest, OpenSSL::Digest::MD5.hexdigest(@data))
end
def test_eql
assert(@d1 == @d2, "==")
d = @d1.clone
assert(d == @d1, "clone")
end
def test_info
assert_equal("MD5", @d1.name, "name")
assert_equal("MD5", @d2.name, "name")
assert_equal(16, @d1.size, "size")
end
def test_dup
@d1.update(@data)
assert_equal(@d1.name, @d1.dup.name, "dup")
assert_equal(@d1.name, @d1.clone.name, "clone")
assert_equal(@d1.digest, @d1.clone.digest, "clone .digest")
end
def test_reset
@d1.update(@data)
dig1 = @d1.digest
@d1.reset
@d1.update(@data)
dig2 = @d1.digest
assert_equal(dig1, dig2, "reset")
end
end
end

34
test/openssl/test_hmac.rb Normal file
View file

@ -0,0 +1,34 @@
begin
require "openssl"
rescue LoadError
end
require "test/unit"
if defined?(OpenSSL)
class OpenSSL::TestHMAC < Test::Unit::TestCase
def setup
@digest = OpenSSL::Digest::MD5.new
@key = "KEY"
@data = "DATA"
@h1 = OpenSSL::HMAC.new(@key, @digest)
@h2 = OpenSSL::HMAC.new(@key, @digest)
end
def teardown
end
def test_hmac
@h1.update(@data)
assert_equal(OpenSSL::HMAC.digest(@digest, @key, @data), @h1.digest, "digest")
assert_equal(OpenSSL::HMAC.hexdigest(@digest, @key, @data), @h1.hexdigest, "hexdigest")
end
def test_dup
@h1.update(@data)
h = @h1.dup
assert_equal(@h1.digest, h.digest, "dup digest")
end
end
end