mirror of
https://github.com/ruby/ruby.git
synced 2022-11-09 12:17:21 -05:00
* ext/openssl/extconf.rb: check for EVP_CIPHER_CTX_copy, ENGINE_add,
EVP_CIPHER_CTX_set_padding, EVP_CipherFinal_ex, EVP_CipherInit_ex, EVP_DigestFinal_ex and EVP_DigestInit_ex. * ext/openssl/openssl_missing.c (EVP_CIPHER_CTX_copy): new function. * ext/openssl/openssl_missing.h (EVP_DigestInit_ex, EVP_DigestFinal_ex, EVP_CipherInit_ex, EVP_CipherFinal_ex, HMAC_Init_ex): new macro for OpenSSL 0.9.6. * ext/openssl/ossl_cipher.c (ossl_cipher_alloc, ossl_cipher_initialize, ossl_cipher_copy, ossl_cipher_reset, ossl_cipher_encrypt, ossl_cipher_decrypt, ossl_cipher_final, ossl_cipher_set_key, ossl_cipher_set_iv): replace all EVP_CipherInit and EVP_CipherFinal into EVP_CipherInit_ex and EVP_CipherFinal_ex. and EVP_CIPHER_CTX_init should only be called once. * ext/openssl/ossl_cipher.c (ossl_cipher_set_padding): check for EVP_CIPHER_CTX_set_padding. * ext/openssl/ossl_cipher.c (Init_ossl_cipher): Cipher#<< is deprecated. * ext/openssl/ossl_digest.c: replace all EVP_DigestInit and EVP_DigestFinal into EVP_DigestInit_ex and EVP_DigestFinal_ex. and EVP_MD_CTX_init should only be called once. * ext/openssl/ossl_digest.c (digest_final): should call EVP_MD_CTX_cleanup to avoid memory leak. * ext/openssl/ossl_hmac.c (ossl_hmac_initialize): repalce HMAC_init into HMAC_init_ex. and HMAC_CTX_init is moved to ossl_hmac_alloc. * ext/openssl/ossl_hmac.c (hmac_final): should call HMAC_CTX_cleanup to avoid memory leak. * test/openssl/test_cipher.rb, test/openssl/test_digest.rb, test/openssl/test_hmac.rb: new file. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@6548 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
parent
ba0756ca01
commit
22ab58c03c
11 changed files with 319 additions and 68 deletions
40
ChangeLog
40
ChangeLog
|
@ -1,3 +1,43 @@
|
||||||
|
Wed Jun 30 19:48:09 2004 GOTOU Yuuzou <gotoyuzo@notwork.org>
|
||||||
|
|
||||||
|
* ext/openssl/extconf.rb: check for EVP_CIPHER_CTX_copy, ENGINE_add,
|
||||||
|
EVP_CIPHER_CTX_set_padding, EVP_CipherFinal_ex, EVP_CipherInit_ex,
|
||||||
|
EVP_DigestFinal_ex and EVP_DigestInit_ex.
|
||||||
|
|
||||||
|
* ext/openssl/openssl_missing.c (EVP_CIPHER_CTX_copy): new function.
|
||||||
|
|
||||||
|
* ext/openssl/openssl_missing.h (EVP_DigestInit_ex, EVP_DigestFinal_ex,
|
||||||
|
EVP_CipherInit_ex, EVP_CipherFinal_ex, HMAC_Init_ex): new macro for
|
||||||
|
OpenSSL 0.9.6.
|
||||||
|
|
||||||
|
* ext/openssl/ossl_cipher.c (ossl_cipher_alloc, ossl_cipher_initialize,
|
||||||
|
ossl_cipher_copy, ossl_cipher_reset, ossl_cipher_encrypt,
|
||||||
|
ossl_cipher_decrypt, ossl_cipher_final, ossl_cipher_set_key,
|
||||||
|
ossl_cipher_set_iv): replace all EVP_CipherInit and
|
||||||
|
EVP_CipherFinal into EVP_CipherInit_ex and EVP_CipherFinal_ex.
|
||||||
|
and EVP_CIPHER_CTX_init should only be called once.
|
||||||
|
|
||||||
|
* ext/openssl/ossl_cipher.c (ossl_cipher_set_padding): check for
|
||||||
|
EVP_CIPHER_CTX_set_padding.
|
||||||
|
|
||||||
|
* ext/openssl/ossl_cipher.c (Init_ossl_cipher): Cipher#<< is deprecated.
|
||||||
|
|
||||||
|
* ext/openssl/ossl_digest.c: replace all EVP_DigestInit and
|
||||||
|
EVP_DigestFinal into EVP_DigestInit_ex and EVP_DigestFinal_ex.
|
||||||
|
and EVP_MD_CTX_init should only be called once.
|
||||||
|
|
||||||
|
* ext/openssl/ossl_digest.c (digest_final): should call
|
||||||
|
EVP_MD_CTX_cleanup to avoid memory leak.
|
||||||
|
|
||||||
|
* ext/openssl/ossl_hmac.c (ossl_hmac_initialize): repalce HMAC_init
|
||||||
|
into HMAC_init_ex. and HMAC_CTX_init is moved to ossl_hmac_alloc.
|
||||||
|
|
||||||
|
* ext/openssl/ossl_hmac.c (hmac_final): should call
|
||||||
|
HMAC_CTX_cleanup to avoid memory leak.
|
||||||
|
|
||||||
|
* test/openssl/test_cipher.rb, test/openssl/test_digest.rb,
|
||||||
|
test/openssl/test_hmac.rb: new file.
|
||||||
|
|
||||||
Wed Jun 30 16:59:39 Hirokazu Yamamoto <ocean@m2.ccsnet.ne.jp>
|
Wed Jun 30 16:59:39 Hirokazu Yamamoto <ocean@m2.ccsnet.ne.jp>
|
||||||
|
|
||||||
* test/ruby/test_file.rb (test_fnmatch): some tests for File.fnmatch
|
* test/ruby/test_file.rb (test_fnmatch): some tests for File.fnmatch
|
||||||
|
|
3
MANIFEST
3
MANIFEST
|
@ -805,6 +805,9 @@ test/logger/test_logger.rb
|
||||||
test/monitor/test_monitor.rb
|
test/monitor/test_monitor.rb
|
||||||
test/net/http/test_httpheader.rb
|
test/net/http/test_httpheader.rb
|
||||||
test/openssl/ssl_server.rb
|
test/openssl/ssl_server.rb
|
||||||
|
test/openssl/test_cipher.rb
|
||||||
|
test/openssl/test_digest.rb
|
||||||
|
test/openssl/test_hmac.rb
|
||||||
test/openssl/test_ssl.rb
|
test/openssl/test_ssl.rb
|
||||||
test/openssl/test_x509cert.rb
|
test/openssl/test_x509cert.rb
|
||||||
test/openssl/test_x509crl.rb
|
test/openssl/test_x509crl.rb
|
||||||
|
|
|
@ -62,40 +62,54 @@ unless have_header("openssl/conf_api.h")
|
||||||
end
|
end
|
||||||
|
|
||||||
message "=== Checking for OpenSSL features... ===\n"
|
message "=== Checking for OpenSSL features... ===\n"
|
||||||
|
have_func("BN_mod_add")
|
||||||
|
have_func("BN_mod_sqr")
|
||||||
|
have_func("BN_mod_sub")
|
||||||
|
have_func("BN_pseudo_rand_range")
|
||||||
|
have_func("BN_rand_range")
|
||||||
|
have_func("CONF_get1_default_config_file")
|
||||||
|
have_func("EVP_CIPHER_CTX_copy")
|
||||||
|
have_func("EVP_CIPHER_CTX_set_padding")
|
||||||
|
have_func("EVP_CipherFinal_ex")
|
||||||
|
have_func("EVP_CipherInit_ex")
|
||||||
|
have_func("EVP_DigestFinal_ex")
|
||||||
|
have_func("EVP_DigestInit_ex")
|
||||||
|
have_func("EVP_MD_CTX_cleanup")
|
||||||
|
have_func("EVP_MD_CTX_create")
|
||||||
|
have_func("EVP_MD_CTX_destroy")
|
||||||
|
have_func("EVP_MD_CTX_init")
|
||||||
|
have_func("HMAC_CTX_cleanup")
|
||||||
have_func("HMAC_CTX_copy")
|
have_func("HMAC_CTX_copy")
|
||||||
|
have_func("HMAC_CTX_init")
|
||||||
|
have_func("PEM_def_callback")
|
||||||
|
have_func("X509V3_set_nconf")
|
||||||
|
have_func("X509_CRL_add0_revoked")
|
||||||
|
have_func("X509_CRL_set_issuer_name")
|
||||||
|
have_func("X509_CRL_set_version")
|
||||||
|
have_func("X509_CRL_sort")
|
||||||
have_func("X509_STORE_get_ex_data")
|
have_func("X509_STORE_get_ex_data")
|
||||||
have_func("X509_STORE_set_ex_data")
|
have_func("X509_STORE_set_ex_data")
|
||||||
have_func("EVP_MD_CTX_create")
|
|
||||||
have_func("EVP_MD_CTX_cleanup")
|
|
||||||
have_func("EVP_MD_CTX_destroy")
|
|
||||||
have_func("PEM_def_callback")
|
|
||||||
have_func("EVP_MD_CTX_init")
|
|
||||||
have_func("HMAC_CTX_init")
|
|
||||||
have_func("HMAC_CTX_cleanup")
|
|
||||||
have_func("X509_CRL_set_version")
|
|
||||||
have_func("X509_CRL_set_issuer_name")
|
|
||||||
have_func("X509_CRL_sort")
|
|
||||||
have_func("X509_CRL_add0_revoked")
|
|
||||||
have_func("CONF_get1_default_config_file")
|
|
||||||
have_func("BN_mod_sqr")
|
|
||||||
have_func("BN_mod_add")
|
|
||||||
have_func("BN_mod_sub")
|
|
||||||
have_func("BN_rand_range")
|
|
||||||
have_func("BN_pseudo_rand_range")
|
|
||||||
have_func("CONF_get1_default_config_file")
|
|
||||||
have_func("X509V3_set_nconf")
|
|
||||||
if try_compile("#define FOO(a, ...) foo(a, ##__VA_ARGS__)\n int x(){FOO(1);FOO(1,2);FOO(1,2,3);}\n")
|
if try_compile("#define FOO(a, ...) foo(a, ##__VA_ARGS__)\n int x(){FOO(1);FOO(1,2);FOO(1,2,3);}\n")
|
||||||
$defs.push("-DHAVE_VA_ARGS_MACRO")
|
$defs.push("-DHAVE_VA_ARGS_MACRO")
|
||||||
end
|
end
|
||||||
if have_header("openssl/engine.h")
|
if have_header("openssl/engine.h")
|
||||||
|
have_func("ENGINE_add")
|
||||||
have_func("ENGINE_load_builtin_engines")
|
have_func("ENGINE_load_builtin_engines")
|
||||||
have_func("ENGINE_load_openbsd_dev_crypto")
|
have_func("ENGINE_load_openbsd_dev_crypto")
|
||||||
have_func("ENGINE_get_digest")
|
have_func("ENGINE_get_digest")
|
||||||
have_func("ENGINE_get_cipher")
|
have_func("ENGINE_get_cipher")
|
||||||
have_func("ENGINE_cleanup")
|
have_func("ENGINE_cleanup")
|
||||||
end
|
end
|
||||||
have_header("openssl/ocsp.h")
|
if try_compile(<<SRC)
|
||||||
|
#include <openssl/opensslv.h>
|
||||||
|
#if OPENSSL_VERSION_NUMBER < 0x00907000L
|
||||||
|
# error "OpenSSL version is less than 0.9.7."
|
||||||
|
#endif
|
||||||
|
SRC
|
||||||
|
have_header("openssl/ocsp.h")
|
||||||
|
end
|
||||||
have_struct_member("EVP_CIPHER_CTX", "flags", "openssl/evp.h")
|
have_struct_member("EVP_CIPHER_CTX", "flags", "openssl/evp.h")
|
||||||
|
have_struct_member("EVP_CIPHER_CTX", "engine", "openssl/evp.h")
|
||||||
have_struct_member("X509_ATTRIBUTE", "single", "openssl/x509.h")
|
have_struct_member("X509_ATTRIBUTE", "single", "openssl/x509.h")
|
||||||
|
|
||||||
message "=== Checking done. ===\n"
|
message "=== Checking done. ===\n"
|
||||||
|
|
|
@ -105,6 +105,29 @@ HMAC_CTX_cleanup(HMAC_CTX *ctx)
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#if !defined(HAVE_EVP_CIPHER_CTX_COPY)
|
||||||
|
/*
|
||||||
|
* this function does not exist in OpenSSL yet... or ever?.
|
||||||
|
* a future version may break this function.
|
||||||
|
* tested on 0.9.7d.
|
||||||
|
*/
|
||||||
|
int
|
||||||
|
EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, EVP_CIPHER_CTX *in)
|
||||||
|
{
|
||||||
|
memcpy(out, in, sizeof(EVP_CIPHER_CTX));
|
||||||
|
|
||||||
|
#if defined(HAVE_ENGINE_ADD) && defined(HAVE_ST_ENGINE)
|
||||||
|
if (in->engine) ENGINE_add(out->engine);
|
||||||
|
if (in->cipher_data) {
|
||||||
|
out->cipher_data = OPENSSL_malloc(in->cipher->ctx_size);
|
||||||
|
memcpy(out->cipher_data, in->cipher_data, in->cipher->ctx_size);
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
#endif
|
||||||
|
|
||||||
#if !defined(HAVE_X509_CRL_SET_VERSION)
|
#if !defined(HAVE_X509_CRL_SET_VERSION)
|
||||||
int
|
int
|
||||||
X509_CRL_set_version(X509_CRL *x, long version)
|
X509_CRL_set_version(X509_CRL *x, long version)
|
||||||
|
|
|
@ -56,13 +56,33 @@ extern "C" {
|
||||||
(char *(*)())d2i_PKCS7_RECIP_INFO, (char *)ri)
|
(char *(*)())d2i_PKCS7_RECIP_INFO, (char *)ri)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
void HMAC_CTX_init(HMAC_CTX *ctx);
|
||||||
int HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in);
|
int HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in);
|
||||||
void *X509_STORE_get_ex_data(X509_STORE *str, int idx);
|
void HMAC_CTX_cleanup(HMAC_CTX *ctx);
|
||||||
int X509_STORE_set_ex_data(X509_STORE *str, int idx, void *data);
|
|
||||||
EVP_MD_CTX *EVP_MD_CTX_create(void);
|
EVP_MD_CTX *EVP_MD_CTX_create(void);
|
||||||
|
void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
|
||||||
int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
|
int EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx);
|
||||||
void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
|
void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
|
||||||
|
|
||||||
|
#if !defined(HAVE_EVP_CIPHER_CTX_COPY)
|
||||||
|
int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, EVP_CIPHER_CTX *in);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if !defined(HAVE_EVP_DIGESTINIT_EX)
|
||||||
|
# define EVP_DigestInit_ex(ctx, md, engine) EVP_DigestInit(ctx, md)
|
||||||
|
#endif
|
||||||
|
#if !defined(HAVE_EVP_DIGESTFINAL_EX)
|
||||||
|
# define EVP_DigestFinal_ex(ctx, buf, len) EVP_DigestFinal(ctx, buf, len)
|
||||||
|
#endif
|
||||||
|
|
||||||
|
#if !defined(HAVE_EVP_CIPHERINIT_EX)
|
||||||
|
# define EVP_CipherInit_ex(ctx, type, impl, key, iv, enc) EVP_CipherInit(ctx, type, key, iv, enc)
|
||||||
|
#endif
|
||||||
|
#if !defined(HAVE_EVP_CIPHERFINAL_EX)
|
||||||
|
# define EVP_CipherFinal_ex(ctx, outm, outl) EVP_CipherFinal(ctx, outm, outl)
|
||||||
|
#endif
|
||||||
|
|
||||||
#if !defined(EVP_CIPHER_name)
|
#if !defined(EVP_CIPHER_name)
|
||||||
# define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e))
|
# define EVP_CIPHER_name(e) OBJ_nid2sn(EVP_CIPHER_nid(e))
|
||||||
#endif
|
#endif
|
||||||
|
@ -71,9 +91,9 @@ void EVP_MD_CTX_destroy(EVP_MD_CTX *ctx);
|
||||||
# define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_type(e))
|
# define EVP_MD_name(e) OBJ_nid2sn(EVP_MD_type(e))
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
void EVP_MD_CTX_init(EVP_MD_CTX *ctx);
|
#if !defined(HAVE_EVP_HMAC_INIT_EX)
|
||||||
void HMAC_CTX_init(HMAC_CTX *ctx);
|
# define HMAC_Init_ex(ctx, key, len, digest, engine) HMAC_Init(ctx, key, len, digest)
|
||||||
void HMAC_CTX_cleanup(HMAC_CTX *ctx);
|
#endif
|
||||||
|
|
||||||
#if !defined(PKCS7_is_detached)
|
#if !defined(PKCS7_is_detached)
|
||||||
# define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7))
|
# define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7))
|
||||||
|
@ -83,6 +103,8 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx);
|
||||||
# define PKCS7_type_is_encrypted(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted)
|
# define PKCS7_type_is_encrypted(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
void *X509_STORE_get_ex_data(X509_STORE *str, int idx);
|
||||||
|
int X509_STORE_set_ex_data(X509_STORE *str, int idx, void *data);
|
||||||
int X509_CRL_set_version(X509_CRL *x, long version);
|
int X509_CRL_set_version(X509_CRL *x, long version);
|
||||||
int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);
|
int X509_CRL_set_issuer_name(X509_CRL *x, X509_NAME *name);
|
||||||
int X509_CRL_sort(X509_CRL *c);
|
int X509_CRL_sort(X509_CRL *c);
|
||||||
|
|
|
@ -54,7 +54,7 @@ ossl_cipher_new(const EVP_CIPHER *cipher)
|
||||||
ret = ossl_cipher_alloc(cCipher);
|
ret = ossl_cipher_alloc(cCipher);
|
||||||
GetCipher(ret, ctx);
|
GetCipher(ret, ctx);
|
||||||
EVP_CIPHER_CTX_init(ctx);
|
EVP_CIPHER_CTX_init(ctx);
|
||||||
if (EVP_CipherInit(ctx, cipher, NULL, NULL, -1) != 1)
|
if (EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, -1) != 1)
|
||||||
ossl_raise(eCipherError, NULL);
|
ossl_raise(eCipherError, NULL);
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
|
@ -79,6 +79,7 @@ ossl_cipher_alloc(VALUE klass)
|
||||||
VALUE obj;
|
VALUE obj;
|
||||||
|
|
||||||
MakeCipher(obj, klass, ctx);
|
MakeCipher(obj, klass, ctx);
|
||||||
|
EVP_CIPHER_CTX_init(ctx);
|
||||||
|
|
||||||
return obj;
|
return obj;
|
||||||
}
|
}
|
||||||
|
@ -97,9 +98,8 @@ ossl_cipher_initialize(VALUE self, VALUE str)
|
||||||
if (!(cipher = EVP_get_cipherbyname(name))) {
|
if (!(cipher = EVP_get_cipherbyname(name))) {
|
||||||
ossl_raise(rb_eRuntimeError, "Unsupported cipher algorithm (%s).", name);
|
ossl_raise(rb_eRuntimeError, "Unsupported cipher algorithm (%s).", name);
|
||||||
}
|
}
|
||||||
EVP_CIPHER_CTX_init(ctx);
|
if (EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, -1) != 1)
|
||||||
if (EVP_CipherInit(ctx, cipher, NULL, NULL, -1) != 1)
|
ossl_raise(eCipherError, NULL);
|
||||||
ossl_raise(eCipherError, NULL);
|
|
||||||
|
|
||||||
return self;
|
return self;
|
||||||
}
|
}
|
||||||
|
@ -113,8 +113,8 @@ ossl_cipher_copy(VALUE self, VALUE other)
|
||||||
|
|
||||||
GetCipher(self, ctx1);
|
GetCipher(self, ctx1);
|
||||||
SafeGetCipher(other, ctx2);
|
SafeGetCipher(other, ctx2);
|
||||||
|
if (EVP_CIPHER_CTX_copy(ctx1, ctx2) != 1)
|
||||||
memcpy(ctx1, ctx2, sizeof(EVP_CIPHER_CTX));
|
ossl_raise(eCipherError, NULL);
|
||||||
|
|
||||||
return self;
|
return self;
|
||||||
}
|
}
|
||||||
|
@ -125,7 +125,7 @@ ossl_cipher_reset(VALUE self)
|
||||||
EVP_CIPHER_CTX *ctx;
|
EVP_CIPHER_CTX *ctx;
|
||||||
|
|
||||||
GetCipher(self, ctx);
|
GetCipher(self, ctx);
|
||||||
if (EVP_CipherInit(ctx, NULL, NULL, NULL, -1) != 1)
|
if (EVP_CipherInit_ex(ctx, NULL, NULL, NULL, NULL, -1) != 1)
|
||||||
ossl_raise(eCipherError, NULL);
|
ossl_raise(eCipherError, NULL);
|
||||||
|
|
||||||
return self;
|
return self;
|
||||||
|
@ -166,7 +166,7 @@ ossl_cipher_encrypt(int argc, VALUE *argv, VALUE self)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (EVP_CipherInit(ctx, NULL, NULL, NULL, 1) != 1) {
|
if (EVP_CipherInit_ex(ctx, NULL, NULL, NULL, NULL, 1) != 1) {
|
||||||
ossl_raise(eCipherError, NULL);
|
ossl_raise(eCipherError, NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -175,7 +175,7 @@ ossl_cipher_encrypt(int argc, VALUE *argv, VALUE self)
|
||||||
|
|
||||||
EVP_BytesToKey(EVP_CIPHER_CTX_cipher(ctx), EVP_md5(), iv,
|
EVP_BytesToKey(EVP_CIPHER_CTX_cipher(ctx), EVP_md5(), iv,
|
||||||
RSTRING(pass)->ptr, RSTRING(pass)->len, 1, key, NULL);
|
RSTRING(pass)->ptr, RSTRING(pass)->len, 1, key, NULL);
|
||||||
if (EVP_CipherInit(ctx, NULL, key, iv, -1) != 1) {
|
if (EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, -1) != 1) {
|
||||||
ossl_raise(eCipherError, NULL);
|
ossl_raise(eCipherError, NULL);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -211,7 +211,7 @@ ossl_cipher_decrypt(int argc, VALUE *argv, VALUE self)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (EVP_CipherInit(ctx, NULL, NULL, NULL, 0) != 1) {
|
if (EVP_CipherInit_ex(ctx, NULL, NULL, NULL, NULL, 0) != 1) {
|
||||||
ossl_raise(eCipherError, NULL);
|
ossl_raise(eCipherError, NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -220,7 +220,7 @@ ossl_cipher_decrypt(int argc, VALUE *argv, VALUE self)
|
||||||
|
|
||||||
EVP_BytesToKey(EVP_CIPHER_CTX_cipher(ctx), EVP_md5(), iv,
|
EVP_BytesToKey(EVP_CIPHER_CTX_cipher(ctx), EVP_md5(), iv,
|
||||||
RSTRING(pass)->ptr, RSTRING(pass)->len, 1, key, NULL);
|
RSTRING(pass)->ptr, RSTRING(pass)->len, 1, key, NULL);
|
||||||
if (EVP_CipherInit(ctx, NULL, key, iv, -1) != 1) {
|
if (EVP_CipherInit_ex(ctx, NULL, NULL, key, iv, -1) != 1) {
|
||||||
ossl_raise(eCipherError, NULL);
|
ossl_raise(eCipherError, NULL);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -259,7 +259,7 @@ ossl_cipher_final(VALUE self)
|
||||||
|
|
||||||
GetCipher(self, ctx);
|
GetCipher(self, ctx);
|
||||||
str = rb_str_new(0, EVP_CIPHER_CTX_block_size(ctx));
|
str = rb_str_new(0, EVP_CIPHER_CTX_block_size(ctx));
|
||||||
if (!EVP_CipherFinal(ctx, RSTRING(str)->ptr, &out_len))
|
if (!EVP_CipherFinal_ex(ctx, RSTRING(str)->ptr, &out_len))
|
||||||
ossl_raise(eCipherError, NULL);
|
ossl_raise(eCipherError, NULL);
|
||||||
assert(out_len <= RSTRING(str)->len);
|
assert(out_len <= RSTRING(str)->len);
|
||||||
RSTRING(str)->len = out_len;
|
RSTRING(str)->len = out_len;
|
||||||
|
@ -289,7 +289,7 @@ ossl_cipher_set_key(VALUE self, VALUE key)
|
||||||
if (RSTRING(key)->len < EVP_CIPHER_CTX_key_length(ctx))
|
if (RSTRING(key)->len < EVP_CIPHER_CTX_key_length(ctx))
|
||||||
ossl_raise(eCipherError, "key length too short");
|
ossl_raise(eCipherError, "key length too short");
|
||||||
|
|
||||||
if (EVP_CipherInit(ctx, NULL, RSTRING(key)->ptr, NULL, -1) != 1)
|
if (EVP_CipherInit_ex(ctx, NULL, NULL, RSTRING(key)->ptr, NULL, -1) != 1)
|
||||||
ossl_raise(eCipherError, NULL);
|
ossl_raise(eCipherError, NULL);
|
||||||
|
|
||||||
return key;
|
return key;
|
||||||
|
@ -306,8 +306,8 @@ ossl_cipher_set_iv(VALUE self, VALUE iv)
|
||||||
if (RSTRING(iv)->len < EVP_CIPHER_CTX_iv_length(ctx))
|
if (RSTRING(iv)->len < EVP_CIPHER_CTX_iv_length(ctx))
|
||||||
ossl_raise(eCipherError, "iv length too short");
|
ossl_raise(eCipherError, "iv length too short");
|
||||||
|
|
||||||
if (EVP_CipherInit(ctx, NULL, NULL, RSTRING(iv)->ptr, -1) != 1)
|
if (EVP_CipherInit_ex(ctx, NULL, NULL, NULL, RSTRING(iv)->ptr, -1) != 1)
|
||||||
ossl_raise(eCipherError, NULL);
|
ossl_raise(eCipherError, NULL);
|
||||||
|
|
||||||
return iv;
|
return iv;
|
||||||
}
|
}
|
||||||
|
@ -315,13 +315,12 @@ ossl_cipher_set_iv(VALUE self, VALUE iv)
|
||||||
static VALUE
|
static VALUE
|
||||||
ossl_cipher_set_padding(VALUE self, VALUE padding)
|
ossl_cipher_set_padding(VALUE self, VALUE padding)
|
||||||
{
|
{
|
||||||
#if defined(HAVE_ST_FLAGS)
|
#if defined(HAVE_EVP_CIPHER_CTX_SET_PADDING)
|
||||||
EVP_CIPHER_CTX *ctx;
|
EVP_CIPHER_CTX *ctx;
|
||||||
|
|
||||||
GetCipher(self, ctx);
|
GetCipher(self, ctx);
|
||||||
|
|
||||||
if (EVP_CIPHER_CTX_set_padding(ctx, NUM2INT(padding)) != 1)
|
if (EVP_CIPHER_CTX_set_padding(ctx, NUM2INT(padding)) != 1)
|
||||||
ossl_raise(eCipherError, NULL);
|
ossl_raise(eCipherError, NULL);
|
||||||
#else
|
#else
|
||||||
rb_notimplement();
|
rb_notimplement();
|
||||||
#endif
|
#endif
|
||||||
|
@ -351,32 +350,18 @@ Init_ossl_cipher(void)
|
||||||
cCipher = rb_define_class_under(mCipher, "Cipher", rb_cObject);
|
cCipher = rb_define_class_under(mCipher, "Cipher", rb_cObject);
|
||||||
|
|
||||||
rb_define_alloc_func(cCipher, ossl_cipher_alloc);
|
rb_define_alloc_func(cCipher, ossl_cipher_alloc);
|
||||||
rb_define_method(cCipher, "initialize", ossl_cipher_initialize, 1);
|
|
||||||
|
|
||||||
rb_define_copy_func(cCipher, ossl_cipher_copy);
|
rb_define_copy_func(cCipher, ossl_cipher_copy);
|
||||||
|
rb_define_method(cCipher, "initialize", ossl_cipher_initialize, 1);
|
||||||
rb_define_method(cCipher, "reset", ossl_cipher_reset, 0);
|
rb_define_method(cCipher, "reset", ossl_cipher_reset, 0);
|
||||||
|
|
||||||
rb_define_method(cCipher, "encrypt", ossl_cipher_encrypt, -1);
|
rb_define_method(cCipher, "encrypt", ossl_cipher_encrypt, -1);
|
||||||
rb_define_method(cCipher, "decrypt", ossl_cipher_decrypt, -1);
|
rb_define_method(cCipher, "decrypt", ossl_cipher_decrypt, -1);
|
||||||
rb_define_method(cCipher, "update", ossl_cipher_update, 1);
|
rb_define_method(cCipher, "update", ossl_cipher_update, 1);
|
||||||
rb_define_alias(cCipher, "<<", "update");
|
|
||||||
rb_define_method(cCipher, "final", ossl_cipher_final, 0);
|
rb_define_method(cCipher, "final", ossl_cipher_final, 0);
|
||||||
|
|
||||||
rb_define_method(cCipher, "name", ossl_cipher_name, 0);
|
rb_define_method(cCipher, "name", ossl_cipher_name, 0);
|
||||||
|
|
||||||
rb_define_method(cCipher, "key=", ossl_cipher_set_key, 1);
|
rb_define_method(cCipher, "key=", ossl_cipher_set_key, 1);
|
||||||
rb_define_method(cCipher, "key_len", ossl_cipher_key_length, 0);
|
rb_define_method(cCipher, "key_len", ossl_cipher_key_length, 0);
|
||||||
/*
|
|
||||||
* TODO
|
|
||||||
* int EVP_CIPHER_CTX_set_key_length(EVP_CIPHER_CTX *x, int keylen);
|
|
||||||
*/
|
|
||||||
rb_define_method(cCipher, "iv=", ossl_cipher_set_iv, 1);
|
rb_define_method(cCipher, "iv=", ossl_cipher_set_iv, 1);
|
||||||
rb_define_method(cCipher, "iv_len", ossl_cipher_iv_length, 0);
|
rb_define_method(cCipher, "iv_len", ossl_cipher_iv_length, 0);
|
||||||
|
|
||||||
rb_define_method(cCipher, "block_size", ossl_cipher_block_size, 0);
|
rb_define_method(cCipher, "block_size", ossl_cipher_block_size, 0);
|
||||||
|
|
||||||
rb_define_method(cCipher, "padding=", ossl_cipher_set_padding, 1);
|
rb_define_method(cCipher, "padding=", ossl_cipher_set_padding, 1);
|
||||||
|
}
|
||||||
} /* Init_ossl_cipher */
|
|
||||||
|
|
||||||
|
|
|
@ -52,7 +52,7 @@ ossl_digest_new(const EVP_MD *md)
|
||||||
ret = ossl_digest_alloc(cDigest);
|
ret = ossl_digest_alloc(cDigest);
|
||||||
GetDigest(ret, ctx);
|
GetDigest(ret, ctx);
|
||||||
EVP_MD_CTX_init(ctx);
|
EVP_MD_CTX_init(ctx);
|
||||||
EVP_DigestInit(ctx, md);
|
EVP_DigestInit_ex(ctx, md, NULL);
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
}
|
}
|
||||||
|
@ -69,6 +69,7 @@ ossl_digest_alloc(VALUE klass)
|
||||||
ctx = EVP_MD_CTX_create();
|
ctx = EVP_MD_CTX_create();
|
||||||
if (ctx == NULL)
|
if (ctx == NULL)
|
||||||
ossl_raise(rb_eRuntimeError, "EVP_MD_CTX_create() failed");
|
ossl_raise(rb_eRuntimeError, "EVP_MD_CTX_create() failed");
|
||||||
|
EVP_MD_CTX_init(ctx);
|
||||||
obj = Data_Wrap_Struct(klass, 0, EVP_MD_CTX_destroy, ctx);
|
obj = Data_Wrap_Struct(klass, 0, EVP_MD_CTX_destroy, ctx);
|
||||||
|
|
||||||
return obj;
|
return obj;
|
||||||
|
@ -94,8 +95,7 @@ ossl_digest_initialize(int argc, VALUE *argv, VALUE self)
|
||||||
if (!md) {
|
if (!md) {
|
||||||
ossl_raise(rb_eRuntimeError, "Unsupported digest algorithm (%s).", name);
|
ossl_raise(rb_eRuntimeError, "Unsupported digest algorithm (%s).", name);
|
||||||
}
|
}
|
||||||
EVP_MD_CTX_init(ctx);
|
EVP_DigestInit_ex(ctx, md, NULL);
|
||||||
EVP_DigestInit(ctx, md);
|
|
||||||
|
|
||||||
if (!NIL_P(data)) return ossl_digest_update(self, data);
|
if (!NIL_P(data)) return ossl_digest_update(self, data);
|
||||||
return self;
|
return self;
|
||||||
|
@ -124,7 +124,7 @@ ossl_digest_reset(VALUE self)
|
||||||
EVP_MD_CTX *ctx;
|
EVP_MD_CTX *ctx;
|
||||||
|
|
||||||
GetDigest(self, ctx);
|
GetDigest(self, ctx);
|
||||||
EVP_DigestInit(ctx, EVP_MD_CTX_md(ctx));
|
EVP_DigestInit_ex(ctx, EVP_MD_CTX_md(ctx), NULL);
|
||||||
|
|
||||||
return self;
|
return self;
|
||||||
}
|
}
|
||||||
|
@ -150,9 +150,10 @@ digest_final(EVP_MD_CTX *ctx, char **buf, int *buf_len)
|
||||||
ossl_raise(eDigestError, NULL);
|
ossl_raise(eDigestError, NULL);
|
||||||
}
|
}
|
||||||
if (!(*buf = OPENSSL_malloc(EVP_MD_CTX_size(&final)))) {
|
if (!(*buf = OPENSSL_malloc(EVP_MD_CTX_size(&final)))) {
|
||||||
|
EVP_MD_CTX_cleanup(&final);
|
||||||
ossl_raise(eDigestError, "Cannot allocate mem for digest");
|
ossl_raise(eDigestError, "Cannot allocate mem for digest");
|
||||||
}
|
}
|
||||||
EVP_DigestFinal(&final, *buf, buf_len);
|
EVP_DigestFinal_ex(&final, *buf, buf_len);
|
||||||
EVP_MD_CTX_cleanup(&final);
|
EVP_MD_CTX_cleanup(&final);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -41,8 +41,8 @@ VALUE eHMACError;
|
||||||
static void
|
static void
|
||||||
ossl_hmac_free(HMAC_CTX *ctx)
|
ossl_hmac_free(HMAC_CTX *ctx)
|
||||||
{
|
{
|
||||||
HMAC_CTX_cleanup(ctx);
|
HMAC_CTX_cleanup(ctx);
|
||||||
free(ctx);
|
free(ctx);
|
||||||
}
|
}
|
||||||
|
|
||||||
static VALUE
|
static VALUE
|
||||||
|
@ -52,6 +52,7 @@ ossl_hmac_alloc(VALUE klass)
|
||||||
VALUE obj;
|
VALUE obj;
|
||||||
|
|
||||||
MakeHMAC(obj, klass, ctx);
|
MakeHMAC(obj, klass, ctx);
|
||||||
|
HMAC_CTX_init(ctx);
|
||||||
|
|
||||||
return obj;
|
return obj;
|
||||||
}
|
}
|
||||||
|
@ -63,8 +64,8 @@ ossl_hmac_initialize(VALUE self, VALUE key, VALUE digest)
|
||||||
|
|
||||||
GetHMAC(self, ctx);
|
GetHMAC(self, ctx);
|
||||||
StringValue(key);
|
StringValue(key);
|
||||||
HMAC_CTX_init(ctx);
|
HMAC_Init_ex(ctx, RSTRING(key)->ptr, RSTRING(key)->len,
|
||||||
HMAC_Init(ctx, RSTRING(key)->ptr, RSTRING(key)->len, GetDigestPtr(digest));
|
GetDigestPtr(digest), NULL);
|
||||||
|
|
||||||
return self;
|
return self;
|
||||||
}
|
}
|
||||||
|
@ -107,6 +108,7 @@ hmac_final(HMAC_CTX *ctx, char **buf, int *buf_len)
|
||||||
ossl_raise(eHMACError, NULL);
|
ossl_raise(eHMACError, NULL);
|
||||||
}
|
}
|
||||||
if (!(*buf = OPENSSL_malloc(HMAC_size(&final)))) {
|
if (!(*buf = OPENSSL_malloc(HMAC_size(&final)))) {
|
||||||
|
HMAC_CTX_cleanup(&final);
|
||||||
OSSL_Debug("Allocating %d mem", HMAC_size(&final));
|
OSSL_Debug("Allocating %d mem", HMAC_size(&final));
|
||||||
ossl_raise(eHMACError, "Cannot allocate memory for hmac");
|
ossl_raise(eHMACError, "Cannot allocate memory for hmac");
|
||||||
}
|
}
|
||||||
|
|
62
test/openssl/test_cipher.rb
Normal file
62
test/openssl/test_cipher.rb
Normal file
|
@ -0,0 +1,62 @@
|
||||||
|
begin
|
||||||
|
require "openssl"
|
||||||
|
rescue LoadError
|
||||||
|
end
|
||||||
|
require "test/unit"
|
||||||
|
|
||||||
|
if defined?(OpenSSL)
|
||||||
|
|
||||||
|
class OpenSSL::TestCipher < Test::Unit::TestCase
|
||||||
|
def setup
|
||||||
|
@c1 = OpenSSL::Cipher::Cipher.new("DES-EDE3-CBC")
|
||||||
|
@c2 = OpenSSL::Cipher::DES.new(:EDE3, "CBC")
|
||||||
|
@key = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
|
||||||
|
@iv = @key
|
||||||
|
@hexkey = "0000000000000000000000000000000000000000000000"
|
||||||
|
@hexiv = "0000000000000000"
|
||||||
|
@data = "DATA"
|
||||||
|
end
|
||||||
|
|
||||||
|
def teardown
|
||||||
|
@c1 = @c2 = nil
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_crypt
|
||||||
|
s1 = @c1.encrypt(@key, @iv).update(@data) + @c1.final
|
||||||
|
s2 = @c2.encrypt(@key, @iv).update(@data) + @c2.final
|
||||||
|
assert_equal(s1, s2, "encrypt")
|
||||||
|
assert_equal(@data, @c1.decrypt(@key, @iv).update(s2)+@c1.final, "decrypt")
|
||||||
|
assert_equal(@data, @c2.decrypt(@key, @iv).update(s1)+@c2.final, "decrypt")
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_info
|
||||||
|
assert_equal("DES-EDE3-CBC", @c1.name, "name")
|
||||||
|
assert_equal("DES-EDE3-CBC", @c2.name, "name")
|
||||||
|
assert_kind_of(Fixnum, @c1.key_len, "key_len")
|
||||||
|
assert_kind_of(Fixnum, @c1.iv_len, "iv_len")
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_dup
|
||||||
|
assert_equal(@c1.name, @c1.dup.name, "dup")
|
||||||
|
assert_equal(@c1.name, @c1.clone.name, "clone")
|
||||||
|
@c1.encrypt
|
||||||
|
@c1.key = @key
|
||||||
|
@c1.iv = @iv
|
||||||
|
tmpc = @c1.dup
|
||||||
|
s1 = @c1.update(@data) + @c1.final
|
||||||
|
s2 = tmpc.update(@data) + tmpc.final
|
||||||
|
assert_equal(s1, s2, "encrypt dup")
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_reset
|
||||||
|
@c1.encrypt
|
||||||
|
@c1.key = @key
|
||||||
|
@c1.iv = @iv
|
||||||
|
s1 = @c1.update(@data) + @c1.final
|
||||||
|
@c1.reset
|
||||||
|
s2 = @c1.update(@data) + @c1.final
|
||||||
|
assert_equal(s1, s2, "encrypt reset")
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
65
test/openssl/test_digest.rb
Normal file
65
test/openssl/test_digest.rb
Normal file
|
@ -0,0 +1,65 @@
|
||||||
|
begin
|
||||||
|
require "openssl"
|
||||||
|
rescue LoadError
|
||||||
|
end
|
||||||
|
require "digest/md5"
|
||||||
|
require "test/unit"
|
||||||
|
|
||||||
|
if defined?(OpenSSL)
|
||||||
|
|
||||||
|
class OpenSSL::TestDigest < Test::Unit::TestCase
|
||||||
|
def setup
|
||||||
|
@d1 = OpenSSL::Digest::Digest::new("MD5")
|
||||||
|
@d2 = OpenSSL::Digest::MD5.new
|
||||||
|
@md = Digest::MD5.new
|
||||||
|
@data = "DATA"
|
||||||
|
end
|
||||||
|
|
||||||
|
def teardown
|
||||||
|
@d1 = @d2 = @md = nil
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_digest
|
||||||
|
assert_equal(@md.digest, @d1.digest)
|
||||||
|
assert_equal(@md.hexdigest, @d1.hexdigest)
|
||||||
|
@d1 << @data
|
||||||
|
@d2 << @data
|
||||||
|
@md << @data
|
||||||
|
assert_equal(@md.digest, @d1.digest)
|
||||||
|
assert_equal(@md.hexdigest, @d1.hexdigest)
|
||||||
|
assert_equal(@d1.digest, @d2.digest)
|
||||||
|
assert_equal(@d1.hexdigest, @d2.hexdigest)
|
||||||
|
assert_equal(@md.digest, OpenSSL::Digest::MD5.digest(@data))
|
||||||
|
assert_equal(@md.hexdigest, OpenSSL::Digest::MD5.hexdigest(@data))
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_eql
|
||||||
|
assert(@d1 == @d2, "==")
|
||||||
|
d = @d1.clone
|
||||||
|
assert(d == @d1, "clone")
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_info
|
||||||
|
assert_equal("MD5", @d1.name, "name")
|
||||||
|
assert_equal("MD5", @d2.name, "name")
|
||||||
|
assert_equal(16, @d1.size, "size")
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_dup
|
||||||
|
@d1.update(@data)
|
||||||
|
assert_equal(@d1.name, @d1.dup.name, "dup")
|
||||||
|
assert_equal(@d1.name, @d1.clone.name, "clone")
|
||||||
|
assert_equal(@d1.digest, @d1.clone.digest, "clone .digest")
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_reset
|
||||||
|
@d1.update(@data)
|
||||||
|
dig1 = @d1.digest
|
||||||
|
@d1.reset
|
||||||
|
@d1.update(@data)
|
||||||
|
dig2 = @d1.digest
|
||||||
|
assert_equal(dig1, dig2, "reset")
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
34
test/openssl/test_hmac.rb
Normal file
34
test/openssl/test_hmac.rb
Normal file
|
@ -0,0 +1,34 @@
|
||||||
|
begin
|
||||||
|
require "openssl"
|
||||||
|
rescue LoadError
|
||||||
|
end
|
||||||
|
require "test/unit"
|
||||||
|
|
||||||
|
if defined?(OpenSSL)
|
||||||
|
|
||||||
|
class OpenSSL::TestHMAC < Test::Unit::TestCase
|
||||||
|
def setup
|
||||||
|
@digest = OpenSSL::Digest::MD5.new
|
||||||
|
@key = "KEY"
|
||||||
|
@data = "DATA"
|
||||||
|
@h1 = OpenSSL::HMAC.new(@key, @digest)
|
||||||
|
@h2 = OpenSSL::HMAC.new(@key, @digest)
|
||||||
|
end
|
||||||
|
|
||||||
|
def teardown
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_hmac
|
||||||
|
@h1.update(@data)
|
||||||
|
assert_equal(OpenSSL::HMAC.digest(@digest, @key, @data), @h1.digest, "digest")
|
||||||
|
assert_equal(OpenSSL::HMAC.hexdigest(@digest, @key, @data), @h1.hexdigest, "hexdigest")
|
||||||
|
end
|
||||||
|
|
||||||
|
def test_dup
|
||||||
|
@h1.update(@data)
|
||||||
|
h = @h1.dup
|
||||||
|
assert_equal(@h1.digest, h.digest, "dup digest")
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
|
end
|
Loading…
Reference in a new issue