kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

* ext/openssl/ossl_pkcs5.c: New module.

Browse source 
* ext/openssl/ossl_{cipher,digest,pkcs7,pkcs12}.c:
  Remove redundant module namespace.

* ext/openssl/lib/openssl/{cipher,digest}.rb
  Add backwards compatibile classes for rearranged classes.

* ext/openssl/ossl_{pkcs7,pkcs12}.c: Add documentation.



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@12148 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
technorama 2007-04-05 05:59:22 +00:00
parent f1796fdb2c
commit 953e8aca2b
14 changed files with 245 additions and 56 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
ChangeLog
View file

@ -1,3 +1,15 @@
Thu Apr 5 14:58:49 2007 Technorama Ltd. <oss-ruby@technorama.net>
* ext/openssl/ossl_pkcs5.c: New module.
* ext/openssl/ossl_{cipher,digest,pkcs7,pkcs12}.c:
Remove redundant module namespace.
* ext/openssl/lib/openssl/{cipher,digest}.rb
Add backwards compatibile classes for rearranged classes.
* ext/openssl/ossl_{pkcs7,pkcs12}.c: Add documentation.
Thu Apr 5 00:42:48 2007 Nobuyoshi Nakada <nobu@ruby-lang.org>
* error.c (rb_notimplement), io.c (pipe_open): removed definite

2
ext/openssl/extconf.rb
View file

@ -83,6 +83,8 @@ have_func("HMAC_CTX_cleanup")
have_func("HMAC_CTX_copy")
have_func("HMAC_CTX_init")
have_func("PEM_def_callback")
have_func("PKCS5_PBKDF2_HMAC")
have_func("PKCS5_PBKDF2_HMAC_SHA1")
have_func("X509V3_set_nconf")
have_func("X509V3_EXT_nconf_nid")
have_func("X509_CRL_add0_revoked")

7
ext/openssl/lib/openssl/cipher.rb
View file

@ -19,7 +19,7 @@
#require 'openssl'
module OpenSSL
module Cipher
class Cipher
%w(AES CAST5 BF DES IDEA RC2 RC4 RC5).each{|name|
klass = Class.new(Cipher){
define_method(:initialize){|*args|
@ -41,7 +41,6 @@ module OpenSSL
const_set("AES#{keylen}", klass)
}
class Cipher
# Generate, set, and return a random key.
# You must call cipher.encrypt or cipher.decrypt before calling this method.
def random_key
@ -57,6 +56,10 @@ module OpenSSL
self.iv = str
return str
end
# This class is only provided for backwards compatibility. Use OpenSSL::Digest in the future.
class Cipher < Cipher
# add warning
end
end # Cipher
end # OpenSSL

7
ext/openssl/lib/openssl/digest.rb
View file

@ -19,7 +19,7 @@
#require 'openssl'
module OpenSSL
module Digest
class Digest
alg = %w(DSS DSS1 MD2 MD4 MD5 MDC2 RIPEMD160 SHA SHA1)
if OPENSSL_VERSION_NUMBER > 0x00908000
@ -44,6 +44,11 @@ module OpenSSL
const_set(name, klass)
}
# This class is only provided for backwards compatibility. Use OpenSSL::Digest in the future.
class Digest < Digest
# add warning
end
end # Digest
end # OpenSSL

1
ext/openssl/ossl.c
View file

@ -473,6 +473,7 @@ Init_openssl()
Init_ossl_ns_spki();
Init_ossl_pkcs12();
Init_ossl_pkcs7();
Init_ossl_pkcs5();
Init_ossl_pkey();
Init_ossl_rand();
Init_ossl_ssl();

8
ext/openssl/ossl_cipher.c
View file

@ -26,7 +26,6 @@
/*
* Classes
*/
VALUE mCipher;
VALUE cCipher;
VALUE eCipherError;
@ -540,13 +539,12 @@ Init_ossl_cipher(void)
#if 0 /* let rdoc know about mOSSL */
mOSSL = rb_define_module("OpenSSL");
#endif
mCipher = rb_define_module_under(mOSSL, "Cipher");
eCipherError = rb_define_class_under(mOSSL, "CipherError", eOSSLError);
cCipher = rb_define_class_under(mCipher, "Cipher", rb_cObject);
cCipher = rb_define_class_under(mOSSL, "Cipher", rb_cObject);
eCipherError = rb_define_class_under(cCipher, "CipherError", eOSSLError);
rb_define_alloc_func(cCipher, ossl_cipher_alloc);
rb_define_copy_func(cCipher, ossl_cipher_copy);
rb_define_module_function(mCipher, "ciphers", ossl_s_ciphers, 0);
rb_define_module_function(cCipher, "ciphers", ossl_s_ciphers, 0);
rb_define_method(cCipher, "initialize", ossl_cipher_initialize, 1);
rb_define_method(cCipher, "reset", ossl_cipher_reset, 0);
rb_define_method(cCipher, "encrypt", ossl_cipher_encrypt, -1);

1
ext/openssl/ossl_cipher.h
View file

@ -11,7 +11,6 @@
#if !defined(_OSSL_CIPHER_H_)
#define _OSSL_CIPHER_H_
extern VALUE mCipher;
extern VALUE cCipher;
extern VALUE eCipherError;

8
ext/openssl/ossl_digest.c
View file

@ -24,7 +24,6 @@
/*
* Classes
*/
VALUE mDigest;
VALUE cDigest;
VALUE eDigestError;
@ -321,11 +320,8 @@ Init_ossl_digest()
mOSSL = rb_define_module("OpenSSL");
#endif
mDigest = rb_define_module_under(mOSSL, "Digest");
eDigestError = rb_define_class_under(mDigest, "DigestError", eOSSLError);
cDigest = rb_define_class_under(mDigest, "Digest", rb_cObject);
cDigest = rb_define_class_under(mOSSL, "Digest", rb_cObject);
eDigestError = rb_define_class_under(cDigest, "DigestError", eOSSLError);
rb_define_alloc_func(cDigest, ossl_digest_alloc);
rb_define_singleton_method(cDigest, "digest", ossl_digest_s_digest, 2);

1
ext/openssl/ossl_digest.h
View file

@ -11,7 +11,6 @@
#if !defined(_OSSL_DIGEST_H_)
#define _OSSL_DIGEST_H_
extern VALUE mDigest;
extern VALUE cDigest;
extern VALUE eDigestError;

74
ext/openssl/ossl_pkcs12.c
View file

@ -30,7 +30,6 @@
/*
* Classes
*/
VALUE mPKCS12;
VALUE cPKCS12;
VALUE ePKCS12Error;
@ -49,32 +48,85 @@ ossl_pkcs12_s_allocate(VALUE klass)
return obj;
}
/*
* call-seq:
* PKCS12.create(pass, name, key, cert [, ca, [, key_pbe [, cert_pbe [, key_iter [, mac_iter [, keytype]]]]]])
*
* === Parameters
* * +pass+ - string
* * +name+ - A string describing the key.
* * +key+ - Any PKey.
* * +cert+ - A X509::Certificate.
* * * The public_key portion of the certificate must contain a valid public key.
* * * The not_before and not_after fields must be filled in.
* * +ca+ - An optional array of X509::Certificate's.
* * +key_pbe+ - string
* * +cert_pbe+ - string
* * +key_iter+ - integer
* * +mac_iter+ - integer
* * +keytype+ - An integer representing an MSIE specific extension.
*
* Any optional arguments may be supplied as nil to preserve the OpenSSL defaults.
*
* See the OpenSSL documentation for PKCS12_create().
*/
static VALUE
ossl_pkcs12_s_create(int argc, VALUE *argv, VALUE self)
{
VALUE pass, name, pkey, cert, ca;
VALUE pass, name, pkey, cert, ca, key_nid, cert_nid, key_iter, mac_iter, keytype;
VALUE obj;
char *passphrase, *friendlyname;
EVP_PKEY *key;
X509 *x509;
STACK_OF(X509) *x509s;
int nkey = 0, ncert = 0, kiter = 0, miter = 0, ktype = 0;
PKCS12 *p12;
rb_scan_args(argc, argv, "41", &pass, &name, &pkey, &cert, &ca);
rb_scan_args(argc, argv, "46", &pass, &name, &pkey, &cert, &ca, &key_nid, &cert_nid, &key_iter, &mac_iter, &keytype);
passphrase = NIL_P(pass) ? NULL : StringValuePtr(pass);
friendlyname = NIL_P(name) ? NULL : StringValuePtr(name);
key = GetPKeyPtr(pkey);
x509 = GetX509CertPtr(cert);
x509s = NIL_P(ca) ? NULL : ossl_x509_ary2sk(ca);
/* TODO: make a VALUE to nid function */
if (!NIL_P(key_nid)) {
if ((nkey = OBJ_txt2nid(StringValuePtr(key_nid))) == NID_undef)
rb_raise(rb_eArgError, "Unknown PBE algorithm %s", StringValuePtr(key_nid));
}
if (!NIL_P(cert_nid)) {
if ((ncert = OBJ_txt2nid(StringValuePtr(cert_nid))) == NID_undef)
rb_raise(rb_eArgError, "Unknown PBE algorithm %s", StringValuePtr(cert_nid));
}
if (!NIL_P(key_iter))
kiter = NUM2INT(key_iter);
if (!NIL_P(mac_iter))
miter = NUM2INT(mac_iter);
if (!NIL_P(keytype))
ktype = NUM2INT(keytype);
p12 = PKCS12_create(passphrase, friendlyname, key, x509, x509s,
0, 0, 0, 0, 0);
nkey, ncert, kiter, miter, ktype);
sk_X509_pop_free(x509s, X509_free);
if(!p12) ossl_raise(ePKCS12Error, NULL);
WrapPKCS12(cPKCS12, obj, p12);
ossl_pkcs12_set_key(obj, pkey);
ossl_pkcs12_set_cert(obj, cert);
ossl_pkcs12_set_ca_certs(obj, ca);
return obj;
}
/*
* call-seq:
* PKCS12.new -> pkcs12
* PKCS12.new(str) -> pkcs12
* PKCS12.new(str, pass) -> pkcs12
*
* === Parameters
* * +str+ - Must be a DER encoded PKCS12 string.
* * +pass+ - string
*/
static VALUE
ossl_pkcs12_initialize(int argc, VALUE *argv, VALUE self)
{
@ -94,7 +146,7 @@ ossl_pkcs12_initialize(int argc, VALUE *argv, VALUE self)
pkey = cert = ca = Qnil;
if(!PKCS12_parse((PKCS12*)DATA_PTR(self), passphrase, &key, &x509, &x509s))
ossl_raise(ePKCS12Error, NULL);
ossl_raise(ePKCS12Error, "PKCS12_parse");
pkey = rb_protect((VALUE(*)_((VALUE)))ossl_pkey_new, (VALUE)key,
&st); /* NO DUP */
if(st) goto err;
@ -140,10 +192,14 @@ ossl_pkcs12_to_der(VALUE self)
void
Init_ossl_pkcs12()
{
mPKCS12 = rb_define_module_under(mOSSL, "PKCS12");
cPKCS12 = rb_define_class_under(mPKCS12, "PKCS12", rb_cObject);
ePKCS12Error = rb_define_class_under(mPKCS12, "PKCS12Error", eOSSLError);
rb_define_module_function(mPKCS12, "create", ossl_pkcs12_s_create, -1);
/*
* Defines a file format commonly used to store private keys with
* accompanying public key certificates, protected with a password-based
* symmetric key.
*/
cPKCS12 = rb_define_class_under(mOSSL, "PKCS12", rb_cObject);
ePKCS12Error = rb_define_class_under(cPKCS12, "PKCS12Error", eOSSLError);
rb_define_singleton_method(cPKCS12, "create", ossl_pkcs12_s_create, -1);
rb_define_alloc_func(cPKCS12, ossl_pkcs12_s_allocate);
rb_attr(cPKCS12, rb_intern("key"), 1, 0, Qfalse);

1
ext/openssl/ossl_pkcs12.h
View file

@ -6,7 +6,6 @@
#if !defined(_OSSL_PKCS12_H_)
#define _OSSL_PKCS12_H_
extern VALUE mPKCS12;
extern VALUE cPKCS12;
extern VALUE ePKCS12Error;

96
ext/openssl/ossl_pkcs5.c Normal file
View file

@ -0,0 +1,96 @@
/*
* $Id$
* Copyright (C) 2007 Technorama Ltd. <oss-ruby@technorama.net>
*/
#include "ossl.h"
VALUE mPKCS5;
VALUE ePKCS5;
/*
* call-seq:
* PKCS5.pbkdf2_hmac(pass, salt, iter, keylen, digest) => string
*
* === Parameters
* * +pass+ - string
* * +salt+ - string
* * +iter+ - integer - should be greater than 1000. 2000 is better.
* * +keylen+ - integer
* * +digest+ - a string or OpenSSL::Digest object.
*
* Available in OpenSSL 0.9.9?.
*
* Digests other than SHA1 may not be supported by other cryptography libraries.
*/
static VALUE
ossl_pkcs5_pbkdf2_hmac(VALUE self, VALUE pass, VALUE salt, VALUE iter, VALUE keylen, VALUE digest)
{
#ifdef HAVE_PKCS5_PBKDF2_HMAC
VALUE str;
const EVP_MD md;
int len = NUM2INT(keylen);
StringValue(pass);
StringValue(salt);
md = GetDigestPtr(digest);
str = rb_str_new(0, len);
if (PKCS5_PBKDF2_HMAC(RSTRING_PTR(pass), RSTRING_LEN(pass), RSTRING_PTR(salt), RSTRING_LEN(salt), NUM2INT(iter), md, len, RSTRING_PTR(str)) != 1)
ossl_raise(ePKCS5, "PKCS5_PBKDF2_HMAC");
return str;
#else
rb_notimplement();
#endif
}
/*
* call-seq:
* PKCS5.pbkdf2_hmac_sha1(pass, salt, iter, keylen) => string
*
* === Parameters
* * +pass+ - string
* * +salt+ - string
* * +iter+ - integer - should be greater than 1000. 2000 is better.
* * +keylen+ - integer
*
* This method is available almost any version OpenSSL.
*
* Conforms to rfc2898.
*/
static VALUE
ossl_pkcs5_pbkdf2_hmac_sha1(VALUE self, VALUE pass, VALUE salt, VALUE iter, VALUE keylen)
{
#ifdef HAVE_PKCS5_PBKDF2_HMAC_SHA1
VALUE str;
int len = NUM2INT(keylen);
StringValue(pass);
StringValue(salt);
str = rb_str_new(0, len);
if (PKCS5_PBKDF2_HMAC_SHA1(RSTRING_PTR(pass), RSTRING_LEN(pass), RSTRING_PTR(salt), RSTRING_LEN(salt), NUM2INT(iter), len, RSTRING_PTR(str)) != 1)
ossl_raise(ePKCS5, "PKCS5_PBKDF2_HMAC_SHA1");
return str;
#else
rb_notimplement();
#endif
}
void
Init_ossl_pkcs5()
{
/*
* Password-based Encryption
*
*/
mPKCS5 = rb_define_module_under(mOSSL, "PKCS5");
ePKCS5 = rb_define_class_under(mPKCS5, "PKCS5Error", eOSSLError);
rb_define_module_function(mPKCS5, "pbkdf2_hmac", ossl_pkcs5_pbkdf2_hmac, 5);
rb_define_module_function(mPKCS5, "pbkdf2_hmac_sha1", ossl_pkcs5_pbkdf2_hmac_sha1, 4);
}

54
ext/openssl/ossl_pkcs7.c
View file

@ -71,7 +71,6 @@
/*
* Classes
*/
VALUE mPKCS7;
VALUE cPKCS7;
VALUE cPKCS7Signer;
VALUE cPKCS7Recipient;
@ -134,7 +133,8 @@ DupPKCS7RecipientPtr(VALUE obj)
}
/*
* Private
* call-seq:
* PKCS7.read_smime(string) => pkcs7
*/
static VALUE
ossl_pkcs7_s_read_smime(VALUE klass, VALUE arg)
@ -156,6 +156,10 @@ ossl_pkcs7_s_read_smime(VALUE klass, VALUE arg)
return ret;
}
/*
* call-seq:
* PKCS7.write_smime(pkcs7 [, data [, flags]]) => string
*/
static VALUE
ossl_pkcs7_s_write_smime(int argc, VALUE *argv, VALUE klass)
{
@ -187,6 +191,10 @@ ossl_pkcs7_s_write_smime(int argc, VALUE *argv, VALUE klass)
return str;
}
/*
* call-seq:
* PKCS7.sign(cert, key, data, [, certs [, flags]]) => pkcs7
*/
static VALUE
ossl_pkcs7_s_sign(int argc, VALUE *argv, VALUE klass)
{
@ -226,6 +234,10 @@ ossl_pkcs7_s_sign(int argc, VALUE *argv, VALUE klass)
return ret;
}
/*
* call-seq:
* PKCS7.encrypt(certs, data, [, cipher [, flags]]) => pkcs7
*/
static VALUE
ossl_pkcs7_s_encrypt(int argc, VALUE *argv, VALUE klass)
{
@ -287,6 +299,13 @@ ossl_pkcs7_alloc(VALUE klass)
return obj;
}
/*
* call-seq:
* PKCS7.new => pkcs7
* PKCS7.new(string) => pkcs7
*
* Many methods in this class aren't documented.
*/
static VALUE
ossl_pkcs7_initialize(int argc, VALUE *argv, VALUE self)
{
@ -364,6 +383,10 @@ ossl_pkcs7_sym2typeid(VALUE sym)
return ret;
}
/*
* call-seq:
* pkcs7.type = type => type
*/
static VALUE
ossl_pkcs7_set_type(VALUE self, VALUE type)
{
@ -376,6 +399,10 @@ ossl_pkcs7_set_type(VALUE self, VALUE type)
return type;
}
/*
* call-seq:
* pkcs7.type => string or nil
*/
static VALUE
ossl_pkcs7_get_type(VALUE self)
{
@ -926,15 +953,12 @@ ossl_pkcs7ri_get_enc_key(VALUE self)
void
Init_ossl_pkcs7()
{
mPKCS7 = rb_define_module_under(mOSSL, "PKCS7");
ePKCS7Error = rb_define_class_under(mPKCS7, "PKCS7Error", eOSSLError);
cPKCS7 = rb_define_class_under(mPKCS7, "PKCS7", rb_cObject);
rb_define_singleton_method(mPKCS7, "read_smime", ossl_pkcs7_s_read_smime, 1);
rb_define_singleton_method(mPKCS7, "write_smime", ossl_pkcs7_s_write_smime, -1);
rb_define_singleton_method(mPKCS7, "sign", ossl_pkcs7_s_sign, -1);
rb_define_singleton_method(mPKCS7, "encrypt", ossl_pkcs7_s_encrypt, -1);
cPKCS7 = rb_define_class_under(mOSSL, "PKCS7", rb_cObject);
ePKCS7Error = rb_define_class_under(cPKCS7, "PKCS7Error", eOSSLError);
rb_define_singleton_method(cPKCS7, "read_smime", ossl_pkcs7_s_read_smime, 1);
rb_define_singleton_method(cPKCS7, "write_smime", ossl_pkcs7_s_write_smime, -1);
rb_define_singleton_method(cPKCS7, "sign", ossl_pkcs7_s_sign, -1);
rb_define_singleton_method(cPKCS7, "encrypt", ossl_pkcs7_s_encrypt, -1);
rb_attr(cPKCS7, rb_intern("data"), 1, 0, Qfalse);
rb_attr(cPKCS7, rb_intern("error_string"), 1, 1, Qfalse);
rb_define_alloc_func(cPKCS7, ossl_pkcs7_alloc);
@ -964,8 +988,8 @@ Init_ossl_pkcs7()
rb_define_alias(cPKCS7, "to_s", "to_pem");
rb_define_method(cPKCS7, "to_der", ossl_pkcs7_to_der, 0);
cPKCS7Signer = rb_define_class_under(mPKCS7, "SignerInfo", rb_cObject);
rb_define_const(mPKCS7, "Signer", cPKCS7Signer);
cPKCS7Signer = rb_define_class_under(cPKCS7, "SignerInfo", rb_cObject);
rb_define_const(cPKCS7, "Signer", cPKCS7Signer);
rb_define_alloc_func(cPKCS7Signer, ossl_pkcs7si_alloc);
rb_define_method(cPKCS7Signer, "initialize", ossl_pkcs7si_initialize,3);
rb_define_method(cPKCS7Signer, "issuer", ossl_pkcs7si_get_issuer, 0);
@ -973,14 +997,14 @@ Init_ossl_pkcs7()
rb_define_method(cPKCS7Signer, "serial", ossl_pkcs7si_get_serial,0);
rb_define_method(cPKCS7Signer,"signed_time",ossl_pkcs7si_get_signed_time,0);
cPKCS7Recipient = rb_define_class_under(mPKCS7,"RecipientInfo",rb_cObject);
cPKCS7Recipient = rb_define_class_under(cPKCS7,"RecipientInfo",rb_cObject);
rb_define_alloc_func(cPKCS7Recipient, ossl_pkcs7ri_alloc);
rb_define_method(cPKCS7Recipient, "initialize", ossl_pkcs7ri_initialize,1);
rb_define_method(cPKCS7Recipient, "issuer", ossl_pkcs7ri_get_issuer,0);
rb_define_method(cPKCS7Recipient, "serial", ossl_pkcs7ri_get_serial,0);
rb_define_method(cPKCS7Recipient, "enc_key", ossl_pkcs7ri_get_enc_key,0);
#define DefPKCS7Const(x) rb_define_const(mPKCS7, #x, INT2NUM(PKCS7_##x))
#define DefPKCS7Const(x) rb_define_const(cPKCS7, #x, INT2NUM(PKCS7_##x))
DefPKCS7Const(TEXT);
DefPKCS7Const(NOCERTS);

1
ext/openssl/ossl_pkcs7.h
View file

@ -11,7 +11,6 @@
#if !defined(_OSSL_PKCS7_H_)
#define _OSSL_PKCS7_H_
extern VALUE mPKCS7;
extern VALUE cPKCS7;
extern VALUE cPKCS7Signer;
extern VALUE cPKCS7Recipient;