From dc8f3147493a2ba249fea7557b1e0a371d7e2b0f Mon Sep 17 00:00:00 2001 From: Michal Rokos Date: Thu, 10 Jan 2002 13:45:36 +0000 Subject: * added OpenSSL-SNAPSHOT style NO_* (OPENSSL_NO_*) * added AES cipher when compiled under OpenSSL-SNAPSHOT * added warnings if the OpenSSL is compiled without some feature * handle NO_RSA, NO_DSA in openssl.rb * incremented version in ossl_version.h --- ChangeLog | 7 ++ lib/openssl.rb | 5 +- openssl_missing.c | 4 +- openssl_missing.h | 12 ++-- ossl.h | 10 +-- ossl_cipher.c | 188 +++++++++++++++++++++++++++++++++++++++++------------- ossl_digest.c | 62 ++++++++++++------ ossl_hmac.c | 4 +- ossl_pkey.c | 4 +- ossl_pkey_dsa.c | 5 +- ossl_pkey_rsa.c | 5 +- ossl_version.h | 2 +- 12 files changed, 223 insertions(+), 85 deletions(-) diff --git a/ChangeLog b/ChangeLog index a6e515a..114fe2f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -4,6 +4,13 @@ Copyright (C) 2001 Michal Rokos All rights reserved. $Log$ +Revision 1.21 2002/01/10 13:46:09 majkl + * added OpenSSL-SNAPSHOT style NO_* (OPENSSL_NO_*) + * added AES cipher when compiled under OpenSSL-SNAPSHOT + * added warnings if the OpenSSL is compiled without some feature + * handle NO_RSA, NO_DSA in openssl.rb + * incremented version in ossl_version.h + Revision 1.20 2002/01/10 00:44:17 majkl * OpenSSL 0.9.6c support (BN) * MS_CALLBACK to ossl_pkey_*.c diff --git a/lib/openssl.rb b/lib/openssl.rb index 57df6b5..9952ae6 100644 --- a/lib/openssl.rb +++ b/lib/openssl.rb @@ -6,6 +6,7 @@ require 'thread' module OpenSSL module PKey +if defined? DSA class DSA def DSA::new(arg, pass=nil) if arg.kind_of? Fixnum @@ -41,7 +42,8 @@ module OpenSSL self.verify_digest(digest.update(data.to_s).digest, signature) end # verify end # DSA - +end #defined? DSA +if defined? RSA class RSA def RSA::new(arg, pass=nil) if arg.kind_of? Fixnum @@ -79,6 +81,7 @@ module OpenSSL md_s == md_d end # verify end # RSA +end # defined? RSA end # PKey module SSL diff --git a/openssl_missing.c b/openssl_missing.c index 3fe4027..f538a4e 100644 --- a/openssl_missing.c +++ b/openssl_missing.c @@ -8,7 +8,7 @@ * This program is licenced under the same licence as Ruby. * (See the file 'LICENCE'.) */ -#ifndef NO_HMAC +#if !defined(NO_HMAC) && !defined(OPENSSL_NO_HMAC) #include @@ -25,5 +25,5 @@ HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in) return 1; } -#endif +#endif /* NO_HMAC */ diff --git a/openssl_missing.h b/openssl_missing.h index 95f8925..0d273a1 100644 --- a/openssl_missing.h +++ b/openssl_missing.h @@ -20,22 +20,22 @@ extern "C" { */ /* to pem.h */ -#ifndef NO_DSA +#if !(NO_DSA) && !(OPENSSL_NO_DSA) #define PEM_read_bio_DSAPublicKey(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \ (char *(*)())d2i_DSAPublicKey,PEM_STRING_DSA_PUBLIC,bp,(char **)x,cb,u) #define PEM_write_bio_DSAPublicKey(bp,x) \ PEM_ASN1_write_bio((int (*)())i2d_DSAPublicKey,\ PEM_STRING_DSA_PUBLIC,\ bp,(char *)x,NULL,NULL,0,NULL,NULL) -#endif +#endif /* NO_DSA */ /* to x509.h */ -#ifndef NO_DSA +#if !(NO_DSA) && !(OPENSSL_NO_DSA) #define DSAPrivateKey_dup(dsa) (DSA *)ASN1_dup((int (*)())i2d_DSAPrivateKey, \ (char *(*)())d2i_DSAPrivateKey,(char *)dsa) #define DSAPublicKey_dup(dsa) (DSA *)ASN1_dup((int (*)())i2d_DSAPublicKey, \ (char *(*)())d2i_DSAPublicKey,(char *)dsa) -#endif +#endif /* NO_DSA */ #define X509_REVOKED_dup(rev) (X509_REVOKED *)ASN1_dup((int (*)())i2d_X509_REVOKED, \ (char *(*)())d2i_X509_REVOKED, (char *)rev) @@ -46,9 +46,9 @@ extern "C" { (char *(*)())d2i_PKCS7_RECIP_INFO,(char *)ri) /* to hmac.[ch] */ -#ifndef NO_HMAC +#if !defined(NO_HMAC) && !defined(OPENSSL_NO_HMAC) int HMAC_CTX_copy(HMAC_CTX *out, HMAC_CTX *in); -#endif +#endif /* NO_HMAC */ #ifdef __cplusplus } diff --git a/ossl.h b/ossl.h index bedbda0..10140ff 100644 --- a/ossl.h +++ b/ossl.h @@ -82,7 +82,7 @@ extern VALUE eSSLError; /* Cipher */ extern VALUE cCipher; extern VALUE eCipherError; -extern VALUE cDES, cRC4, cIdea, cRC2, cBlowFish, cCast5, cRC5; +extern VALUE cDES, cRC4, cIdea, cRC2, cBlowFish, cCast5, cRC5, cAES; /* Digest */ extern VALUE cDigest; extern VALUE eDigestError; @@ -250,23 +250,23 @@ void Init_ossl_pkey(VALUE); /* * RSA */ -#ifndef NO_RSA +#if !defined(NO_RSA) && !defined(OPENSSL_NO_RSA) VALUE ossl_rsa_new_null(); VALUE ossl_rsa_new(RSA *); RSA *ossl_rsa_get_RSA(VALUE); EVP_PKEY *ossl_rsa_get_EVP_PKEY(VALUE); -#endif /*NO_RSA*/ +#endif /* NO_RSA */ void Init_ossl_rsa(VALUE, VALUE, VALUE); /* * DSA */ -#ifndef NO_DSA +#if !defined(NO_DSA) && !defined(OPENSSL_NO_DSA) VALUE ossl_dsa_new_null(); VALUE ossl_dsa_new(DSA *); DSA *ossl_dsa_get_DSA(VALUE); EVP_PKEY *ossl_dsa_get_EVP_PKEY(VALUE); -#endif /*NO_RSA*/ +#endif /* NO_RSA */ void Init_ossl_dsa(VALUE, VALUE, VALUE); /* diff --git a/ossl_cipher.c b/ossl_cipher.c index 0a2f37e..c8dcbfb 100644 --- a/ossl_cipher.c +++ b/ossl_cipher.c @@ -19,31 +19,25 @@ * Constants */ /* BASIC TYPES */ -#define UNSPEC 0x00 -#define ECB 0x01 -#define CFB 0x02 -#define OFB 0x04 -#define CBC 0x08 -#define EDE 0x10 -#define EDE3 0x20 -#define BIT40 0x40 -#define BIT64 0x80 -/* COMBINATIONS */ -#define EDE_CFB 0x12 -#define EDE3_CFB 0x22 -#define EDE_OFB 0x14 -#define EDE3_OFB 0x24 -#define EDE_CBC 0x18 -#define EDE3_CBC 0x28 -#define BIT40_CBC 0x48 -#define BIT64_CBC 0x88 +#define UNSPEC 0x0000 +#define ECB 0x0001 +#define CFB 0x0002 +#define OFB 0x0004 +#define CBC 0x0008 +#define EDE 0x0010 +#define EDE3 0x0020 +#define BIT40 0x0100 +#define BIT64 0x0200 +#define BIT128 0x0400 +#define BIT192 0x0800 +#define BIT256 0x0F00 /* * Classes */ VALUE cCipher; VALUE eCipherError; -VALUE cDES, cRC4, cIdea, cRC2, cBlowFish, cCast5, cRC5; +VALUE cDES, cRC4, cIdea, cRC2, cBlowFish, cCast5, cRC5, cAES; /* * Struct @@ -271,28 +265,28 @@ ossl_des_initialize(int argc, VALUE *argv, VALUE self) case CFB: nid = NID_des_cfb64; break; - case EDE_CFB: + case EDE+CFB: nid = NID_des_ede_cfb64; break; - case EDE3_CFB: + case EDE3+CFB: nid = NID_des_ede3_cfb64; break; case OFB: nid = NID_des_ofb64; break; - case EDE_OFB: + case EDE+OFB: nid = NID_des_ede_ofb64; break; - case EDE3_OFB: + case EDE3+OFB: nid = NID_des_ede3_ofb64; break; case CBC: nid = NID_des_cbc; break; - case EDE_CBC: + case EDE+CBC: nid = NID_des_ede_cbc; break; - case EDE3_CBC: + case EDE3+CBC: nid = NID_des_ede3_cbc; break; default: @@ -393,10 +387,10 @@ ossl_rc2_initialize(int argc, VALUE *argv, VALUE self) case CBC: nid = NID_rc2_cbc; break; - case BIT40_CBC: + case BIT40+CBC: nid = NID_rc2_40_cbc; break; - case BIT64_CBC: + case BIT64+CBC: nid = NID_rc2_64_cbc; break; case CFB: @@ -521,6 +515,74 @@ ossl_rc5_initialize(int argc, VALUE *argv, VALUE self) return self; } +#if OPENSSL_VERSION_NUMBER >= 0x00907000L /* DEV version of OpenSSL has AES */ +/* + * AES + */ +static VALUE +ossl_aes_initialize(int argc, VALUE *argv, VALUE self) +{ + ossl_cipher *ciphp = NULL; + int spec = 0, nid = 0; + VALUE mode, type; + + GetCipher(self, ciphp); + + rb_scan_args(argc, argv, "20", &mode, &type); + spec = FIX2INT(mode) + FIX2INT(type); + + switch (spec) { + case BIT128+ECB: + nid = NID_aes128_ecb; + break; + /* + case BIT128+CFB: + nid = NID_aes128_cfb; + break; + case BIT128+OFB: + nid = NID_aes128_ofb; + break; + */ + case BIT128+CBC: + nid = NID_aes128_cbc; + break; + case BIT192+ECB: + nid = NID_aes192_ecb; + break; + /* + case BIT192+CFB: + nid = NID_aes192_cfb; + break; + case BIT192+OFB: + nid = NID_aes192_ofb; + break; + */ + case BIT192+CBC: + nid = NID_aes192_cbc; + break; + case BIT256+ECB: + nid = NID_aes256_ecb; + break; + /* + case BIT256+CFB: + nid = NID_aes256_cfb; + break; + case BIT256+OFB: + nid = NID_aes256_ofb; + break; + */ + case BIT256+CBC: + nid = NID_aes256_cbc; + break; + default: + rb_raise(rb_eTypeError, "unsupported combination of modes"); + } + ciphp->nid = nid; + + return self; +} +#endif /* OPENSSL_VERSION_NUMBER */ + /* * INIT */ @@ -551,6 +613,9 @@ Init_ossl_cipher(VALUE module) DefCipherConst(CBC); DefCipherConst(BIT40); DefCipherConst(BIT64); + DefCipherConst(BIT128); + DefCipherConst(BIT192); + DefCipherConst(BIT256); /* * automation for classes creation and initialize method binding @@ -562,26 +627,63 @@ Init_ossl_cipher(VALUE module) /* * create classes and bind initialize method */ -#ifndef NO_DES +#if !defined(NO_DES) && !defined(OPENSSL_NO_DES) DefCipher(DES, des); -#endif -#ifndef NO_RC4 - DefCipher(RC4, rc4); -#endif -#ifndef NO_RC2 +#else +# warning >>> OpenSSL is compiled without DES support <<< + rb_warning("OpenSSL is compiled without DES support"); +#endif /* NO_DES */ + +#if !defined(NO_RC2) && !defined(OPENSSL_NO_RC2) DefCipher(RC2, rc2); -#endif -#ifndef NO_RC5 +#else +# warning >>> OpenSSL is compiled without RC2 support <<< + rb_warning("OpenSSL is compiled without RC2 support"); +#endif /* NO_RC2 */ + +#if !defined(NO_RC4) && !defined(OPENSSL_NO_RC4) + DefCipher(RC4, rc4); +#else +# warning >>> OpenSSL is compiled without RC4 support <<< + rb_warning("OpenSSL is compiled without RC4 support"); +#endif /* NO_RC4 */ + +#if !defined(NO_RC5) && !defined(OPENSSL_NO_RC5) DefCipher(RC5, rc5); -#endif -#ifndef NO_BF +#else +# warning >>> OpenSSL is compiled without RC5 support <<< + rb_warning("OpenSSL is compiled without RC5 support"); +#endif /* NO_RC5 */ + +#if !defined(NO_BF) && !defined(OPENSSL_NO_BF) DefCipher(BlowFish, bf); -#endif -#ifndef NO_CAST +#else +# warning >>> OpenSSL is compiled without BF support <<< + rb_warning("OpenSSL is compiled without BlowFish support"); +#endif /* NO_BF */ + +#if !defined(NO_CAST) && !defined(OPENSSL_NO_CAST) DefCipher(Cast5, cast5); -#endif -#ifndef NO_IDEA +#else +# warning >>> OpenSSL is compiled without CAST support <<< + rb_warning("OpenSSL is compiled without Cast5 support"); +#endif /* NO_CAST */ + +#if !defined(NO_IDEA) && !defined(OPENSSL_NO_IDEA) DefCipher(Idea, idea); -#endif -} +#else +# warning >>> OpenSSL is compiled without IDEA support <<< + rb_warning("OpenSSL is compiled without Idea support"); +#endif /* NO_IDEA */ + +#if OPENSSL_VERSION_NUMBER >= 0x00907000L /* DEV version of OpenSSL has AES */ +# if !defined(OPENSSL_NO_AES) + DefCipher(AES, aes); +# else +# warning >>> OpenSSL is compiled without AES support <<< + rb_warning("OpenSSL is compiled without AES support"); +# endif /* NO_AES */ +#endif /* OPENSSL_VERSION_NUMBER */ + +} /* Init_ */ diff --git a/ossl_digest.c b/ossl_digest.c index 98c878c..14027cf 100644 --- a/ossl_digest.c +++ b/ossl_digest.c @@ -220,25 +220,25 @@ ossl_digest_hexdigest(VALUE self) /* * Define digest initialize methods */ -#ifndef NO_MD2 +#if !defined(NO_MD2) && !defined(OPENSSL_NO_MD2) DefDigestInit(md2); #endif -#ifndef NO_MD4 +#if !defined(NO_MD4) && !defined(OPENSSL_NO_MD4) DefDigestInit(md4); #endif -#ifndef NO_MD5 +#if !defined(NO_MD5) && !defined(OPENSSL_NO_MD5) DefDigestInit(md5); #endif -#ifndef NO_SHA +#if !defined(NO_SHA) && !defined(OPENSSL_NO_SHA) DefDigestInit(sha); DefDigestInit(sha1); DefDigestInit(dss); DefDigestInit(dss1); #endif -#ifndef NO_RIPEMD +#if !defined(NO_RIPEMD) && !defined(OPENSSL_NO_RIPEMD) DefDigestInit(ripemd160); #endif -#ifndef NO_MDC2 +#if !defined(NO_MDC2) && !defined(OPENSSL_NO_MDC2) DefDigestInit(mdc2); #endif @@ -275,26 +275,50 @@ Init_ossl_digest(VALUE module) /* * create classes and bind initialize method */ -#ifndef NO_MD2 +#if !defined(NO_MD2) && !defined(OPENSSL_NO_MD2) DefDigest(MD2, md2); -#endif -#ifndef NO_MD4 +#else +# warning >>> OpenSSL is compiled without MD2 support <<< + rb_warning("OpenSSL is compiled without MD2 support"); +#endif /* NO_MD2 */ + +#if !defined(NO_MD4) && !defined(OPENSSL_NO_MD4) DefDigest(MD4, md4); -#endif -#ifndef NO_MD5 +#else +# warning >>> OpenSSL is compiled without MD4 support <<< + rb_warning("OpenSSL is compiled without MD4 support"); +#endif /* NO_MD4 */ + +#if !defined(NO_MD5) && !defined(OPENSSL_NO_MD5) DefDigest(MD5, md5); -#endif -#ifndef NO_SHA +#else +# warning >>> OpenSSL is compiled without MD5 support <<< + rb_warning("OpenSSL is compiled without MD5 support"); +#endif /* NO_MD5 */ + +#if !defined(NO_SHA) && !defined(OPENSSL_NO_SHA) DefDigest(SHA, sha); DefDigest(SHA1, sha1); DefDigest(DSS, dss); DefDigest(DSS1, dss1); -#endif -#ifndef NO_RIPEMD +#else +# warning >>> OpenSSL is compiled without SHA, DSS support <<< + rb_warning("OpenSSL is compiled without SHA, DSS support"); +#endif /* NO_SHA */ + +#if !defined(NO_RIPEMD) && !defined(OPENSSL_NO_RIPEMD) DefDigest(RIPEMD160, ripemd160); -#endif -#ifndef NO_MDC2 +#else +# warning >>> OpenSSL is compiled without RIPEMD160 support <<< + rb_warning("OpenSSL is compiled without RIPEMD160 support"); +#endif /* NO_RIPEMD */ + +#if !defined(NO_MDC2) && !defined(OPENSSL_NO_MDC2) DefDigest(MDC2, mdc2); -#endif -} +#else +# warning >>> OpenSSL is compiled without MDC2 support <<< + rb_warning("OpenSSL is compiled without MDC2 support"); +#endif /* NO_MDC2 */ + +} /* Init_ */ diff --git a/ossl_hmac.c b/ossl_hmac.c index caf89f0..4999e99 100644 --- a/ossl_hmac.c +++ b/ossl_hmac.c @@ -8,7 +8,7 @@ * This program is licenced under the same licence as Ruby. * (See the file 'LICENCE'.) */ -#ifndef NO_HMAC +#if !defined(NO_HMAC) && !defined(OPENSSL_NO_HMAC) #include "ossl.h" @@ -177,7 +177,7 @@ Init_hmac(VALUE module) rb_define_alias(cHMAC, "to_str", "hexhmac"); } -#else /* NO_HMAC is defined */ +#else /* NO_HMAC */ void Init_hmac(VALUE module) diff --git a/ossl_pkey.c b/ossl_pkey.c index 53dbe76..387762b 100644 --- a/ossl_pkey.c +++ b/ossl_pkey.c @@ -37,11 +37,11 @@ ossl_pkey_new(EVP_PKEY *key) rb_raise(ePKeyError, "Empty key!"); switch (key->type) { -#ifndef NO_RSA +#if !defined(NO_RSA) && !defined(OPENSSL_NO_RSA) case EVP_PKEY_RSA: return ossl_rsa_new(key->pkey.rsa); #endif -#ifndef NO_DSA +#if !defined(NO_DSA) && !defined(OPENSSL_NO_DSA) case EVP_PKEY_DSA: return ossl_dsa_new(key->pkey.dsa); #endif diff --git a/ossl_pkey_dsa.c b/ossl_pkey_dsa.c index 484bf01..07448c5 100644 --- a/ossl_pkey_dsa.c +++ b/ossl_pkey_dsa.c @@ -8,7 +8,7 @@ * This program is licenced under the same licence as Ruby. * (See the file 'LICENCE'.) */ -#ifndef NO_DSA +#if !defined(NO_DSA) && !defined(OPENSSL_NO_DSA) #include "ossl.h" #include "ossl_pkey.h" @@ -444,11 +444,12 @@ Init_ossl_dsa(VALUE mPKey, VALUE cPKey, VALUE ePKeyError) } #else /* defined NO_DSA */ +# warning >>> OpenSSL is compiled without DSA support <<< void Init_ossl_dsa(VALUE mPKey, VALUE cPKey, VALUE ePKeyError) { - rb_warning("DSA keys will NOT be avaible: OpenSSL is compiled without DSA support."); + rb_warning("OpenSSL is compiled without DSA support"); } #endif /* NO_DSA */ diff --git a/ossl_pkey_rsa.c b/ossl_pkey_rsa.c index 0f32e5d..8901bec 100644 --- a/ossl_pkey_rsa.c +++ b/ossl_pkey_rsa.c @@ -8,7 +8,7 @@ * This program is licenced under the same licence as Ruby. * (See the file 'LICENCE'.) */ -#ifndef NO_RSA +#if !defined(NO_RSA) && !defined(OPENSSL_NO_RSA) #include "ossl.h" #include "ossl_pkey.h" @@ -580,11 +580,12 @@ Init_ossl_rsa(VALUE mPKey, VALUE cPKey, VALUE ePKeyError) } #else /* defined NO_RSA */ +# warning >>> OpenSSL is compiled without RSA support <<< void Init_ossl_rsa(VALUE mPKey, VALUE cPKey, VALUE ePKeyError) { - rb_warning("RSA keys will NOT be avaible: OpenSSL is compiled without RSA support."); + rb_warning("OpenSSL is compiled without RSA support"); } #endif /* NO_RSA */ diff --git a/ossl_version.h b/ossl_version.h index b7b9491..9ac1ee2 100644 --- a/ossl_version.h +++ b/ossl_version.h @@ -1,7 +1,7 @@ #ifndef OSSL_VERSION_H #define OSSL_VERSION_H -/*#define OSSL_VERSION "0.0.10"*/ +/*#define OSSL_VERSION "0.1.1"*/ #define OSSL_VERSION "CVS SNAPSHOT ($Date$)" #endif -- cgit v1.2.3