diff options
author | gotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2006-06-20 11:18:16 +0000 |
---|---|---|
committer | gotoyuzo <gotoyuzo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2006-06-20 11:18:16 +0000 |
commit | 128eaaad11bbd3d38e51400f824f87c0100f28ad (patch) | |
tree | 02bf956e2cf73a2ee74e3e56122e22afc843a2d9 | |
parent | d5a2139dfb854cf59192dfd36e16075786b9297e (diff) | |
download | ruby-128eaaad11bbd3d38e51400f824f87c0100f28ad.tar.gz |
* ext/openssl/extconf.rb: add check for OBJ_NAME_do_all_sorted.
* ext/openssl/ossl_cipher.c (ossl_s_ciphers): new method
OpenSSL::Cipher.ciphers. it returns all the cipher names.
* ext/openssl/lib/openssl/cipher.rb:
- add constants AES128, AES192, AES256. [ruby-dev:28610]
- reimplement without eval()
* ext/openssl/lib/openssl/digest.rb: reimplement without eval().
* test/openssl/test_cipher.rb, test_digest: fix about reimplemented
features.
* sample/openssl/cipher.rb: rewrite all.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@10339 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | ChangeLog | 18 | ||||
-rw-r--r-- | ext/openssl/extconf.rb | 1 | ||||
-rw-r--r-- | ext/openssl/lib/openssl/cipher.rb | 32 | ||||
-rw-r--r-- | ext/openssl/lib/openssl/digest.rb | 30 | ||||
-rw-r--r-- | ext/openssl/ossl_cipher.c | 25 | ||||
-rw-r--r-- | sample/openssl/cipher.rb | 12 | ||||
-rw-r--r-- | test/openssl/test_cipher.rb | 38 |
7 files changed, 119 insertions, 37 deletions
@@ -1,3 +1,21 @@ +Tue Jun 20 20:18:05 2006 GOTOU Yuuzou <gotoyuzo@notwork.org> + + * ext/openssl/extconf.rb: add check for OBJ_NAME_do_all_sorted. + + * ext/openssl/ossl_cipher.c (ossl_s_ciphers): new method + OpenSSL::Cipher.ciphers. it returns all the cipher names. + + * ext/openssl/lib/openssl/cipher.rb: + - add constants AES128, AES192, AES256. [ruby-dev:28610] + - reimplement without eval() + + * ext/openssl/lib/openssl/digest.rb: reimplement without eval(). + + * test/openssl/test_cipher.rb, test_digest: fix about reimplemented + features. + + * sample/openssl/cipher.rb: rewrite all. + Sat Jun 19 11:21:46 2006 Eric Hodel <drbrain@segment7.net> * lib/test/unit/assertions.rb: Merge RDoc from HEAD. diff --git a/ext/openssl/extconf.rb b/ext/openssl/extconf.rb index 6cee5b0573..11f74ff3d8 100644 --- a/ext/openssl/extconf.rb +++ b/ext/openssl/extconf.rb @@ -91,6 +91,7 @@ have_func("X509_CRL_set_version") have_func("X509_CRL_sort") have_func("X509_STORE_get_ex_data") have_func("X509_STORE_set_ex_data") +have_func("OBJ_NAME_do_all_sorted") have_func("OPENSSL_cleanse") if try_compile("#define FOO(a, ...) foo(a, ##__VA_ARGS__)\n int x(){FOO(1);FOO(1,2);FOO(1,2,3);}\n") $defs.push("-DHAVE_VA_ARGS_MACRO") diff --git a/ext/openssl/lib/openssl/cipher.rb b/ext/openssl/lib/openssl/cipher.rb index 9f8776d6fc..049533d06b 100644 --- a/ext/openssl/lib/openssl/cipher.rb +++ b/ext/openssl/lib/openssl/cipher.rb @@ -20,19 +20,25 @@ module OpenSSL module Cipher - %w(AES CAST5 BF DES IDEA RC2 RC4 RC5).each{|cipher| - eval(<<-EOD) - class #{cipher} < Cipher - def initialize(*args) - args = args.join('-') - if args.size == 0 - super(\"#{cipher}\") - else - super(\"#{cipher}-#\{args\}\") - end - end - end - EOD + %w(AES CAST5 BF DES IDEA RC2 RC4 RC5).each{|name| + klass = Class.new(Cipher){ + define_method(:initialize){|*args| + cipher_name = args.inject(name){|n, arg| "#{n}-#{arg}" } + super(cipher_name) + } + } + const_set(name, klass) + } + + %w(128 192 256).each{|keylen| + klass = Class.new(Cipher){ + define_method(:initialize){|mode| + mode ||= "CBC" + cipher_name = "AES-#{keylen}-#{mode}" + super(cipher_name) + } + } + const_set("AES#{keylen}", klass) } class Cipher diff --git a/ext/openssl/lib/openssl/digest.rb b/ext/openssl/lib/openssl/digest.rb index 5745661c3c..b3e4484805 100644 --- a/ext/openssl/lib/openssl/digest.rb +++ b/ext/openssl/lib/openssl/digest.rb @@ -26,22 +26,22 @@ module OpenSSL alg += %w(SHA224 SHA256 SHA384 SHA512) end - alg.each{|digest| - self.module_eval(<<-EOD) - class #{digest} < Digest - def initialize(data=nil) - super(\"#{digest}\", data) + alg.each{|name| + klass = Class.new(Digest){ + define_method(:initialize){|*data| + if data.length > 1 + raise ArgumentError, + "wrong number of arguments (#{data.length} for 1)" end - - def #{digest}::digest(data) - Digest::digest(\"#{digest}\", data) - end - - def #{digest}::hexdigest(data) - Digest::hexdigest(\"#{digest}\", data) - end - end - EOD + super(name, data.first) + } + } + singleton = (class <<klass; self; end) + singleton.class_eval{ + define_method(:digest){|data| Digest.digest(name, data) } + define_method(:hexdigest){|data| Digest.hexdigest(name, data) } + } + const_set(name, klass) } end # Digest diff --git a/ext/openssl/ossl_cipher.c b/ext/openssl/ossl_cipher.c index 221588fdb9..67e7573ae4 100644 --- a/ext/openssl/ossl_cipher.c +++ b/ext/openssl/ossl_cipher.c @@ -117,6 +117,30 @@ ossl_cipher_copy(VALUE self, VALUE other) return self; } +static void* +add_cipher_name_to_ary(const OBJ_NAME *name, VALUE ary) +{ + rb_ary_push(ary, rb_str_new2(name->name)); + return NULL; +} + +static VALUE +ossl_s_ciphers(VALUE self) +{ +#ifdef HAVE_OBJ_NAME_DO_ALL_SORTED + VALUE ary; + + ary = rb_ary_new(); + OBJ_NAME_do_all_sorted(OBJ_NAME_TYPE_CIPHER_METH, + (void(*)(const OBJ_NAME*,void*))add_cipher_name_to_ary, + (void*)ary); + + return ary; +#else + rb_notimplement(); +#endif +} + static VALUE ossl_cipher_reset(VALUE self) { @@ -362,6 +386,7 @@ Init_ossl_cipher(void) rb_define_alloc_func(cCipher, ossl_cipher_alloc); rb_define_copy_func(cCipher, ossl_cipher_copy); + rb_define_module_function(mCipher, "ciphers", ossl_s_ciphers, 0); rb_define_method(cCipher, "initialize", ossl_cipher_initialize, 1); rb_define_method(cCipher, "reset", ossl_cipher_reset, 0); rb_define_method(cCipher, "encrypt", ossl_cipher_encrypt, -1); diff --git a/sample/openssl/cipher.rb b/sample/openssl/cipher.rb index 844b6eea4e..6e8cdb9427 100644 --- a/sample/openssl/cipher.rb +++ b/sample/openssl/cipher.rb @@ -2,19 +2,22 @@ require 'openssl' text = "abcdefghijklmnopqrstuvwxyz" -key = "key" +pass = "secret password" +salt = "8 octets" # or nil alg = "DES-EDE3-CBC" #alg = "AES-128-CBC" puts "--Setup--" puts %(clear text: "#{text}") -puts %(symmetric key: "#{key}") +puts %(password: "#{pass}") +puts %(salt: "#{salt}") puts %(cipher alg: "#{alg}") puts puts "--Encrypting--" des = OpenSSL::Cipher::Cipher.new(alg) -des.encrypt(key) #, "iv12345678") +des.pkcs5_keyivgen(pass, salt) +des.encrypt cipher = des.update(text) cipher << des.final puts %(encrypted text: #{cipher.inspect}) @@ -22,7 +25,8 @@ puts puts "--Decrypting--" des = OpenSSL::Cipher::Cipher.new(alg) -des.decrypt(key) #, "iv12345678") +des.pkcs5_keyivgen(pass, salt) +des.decrypt out = des.update(cipher) out << des.final puts %(decrypted text: "#{out}") diff --git a/test/openssl/test_cipher.rb b/test/openssl/test_cipher.rb index c84b47b7f4..d671908165 100644 --- a/test/openssl/test_cipher.rb +++ b/test/openssl/test_cipher.rb @@ -11,7 +11,7 @@ class OpenSSL::TestCipher < Test::Unit::TestCase @c1 = OpenSSL::Cipher::Cipher.new("DES-EDE3-CBC") @c2 = OpenSSL::Cipher::DES.new(:EDE3, "CBC") @key = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0" - @iv = @key + @iv = "\0\0\0\0\0\0\0\0" @hexkey = "0000000000000000000000000000000000000000000000" @hexiv = "0000000000000000" @data = "DATA" @@ -22,11 +22,16 @@ class OpenSSL::TestCipher < Test::Unit::TestCase end def test_crypt - s1 = @c1.encrypt(@key, @iv).update(@data) + @c1.final - s2 = @c2.encrypt(@key, @iv).update(@data) + @c2.final + @c1.encrypt.pkcs5_keyivgen(@key, @iv) + @c2.encrypt.pkcs5_keyivgen(@key, @iv) + s1 = @c1.update(@data) + @c1.final + s2 = @c2.update(@data) + @c2.final assert_equal(s1, s2, "encrypt") - assert_equal(@data, @c1.decrypt(@key, @iv).update(s2)+@c1.final, "decrypt") - assert_equal(@data, @c2.decrypt(@key, @iv).update(s1)+@c2.final, "decrypt") + + @c1.decrypt.pkcs5_keyivgen(@key, @iv) + @c2.decrypt.pkcs5_keyivgen(@key, @iv) + assert_equal(@data, @c1.update(s1)+@c1.final, "decrypt") + assert_equal(@data, @c2.update(s2)+@c2.final, "decrypt") end def test_info @@ -62,6 +67,29 @@ class OpenSSL::TestCipher < Test::Unit::TestCase @c1.encrypt assert_raises(ArgumentError){ @c1.update("") } end + + if OpenSSL::OPENSSL_VERSION_NUMBER > 0x00907000 + def test_ciphers + OpenSSL::Cipher.ciphers.each{|name| + assert(OpenSSL::Cipher::Cipher.new(name).is_a?(OpenSSL::Cipher::Cipher)) + } + end + + def test_AES + pt = File.read(__FILE__) + %w(ECB CBC CFB OFB).each{|mode| + c1 = OpenSSL::Cipher::AES256.new(mode) + c1.encrypt + c1.pkcs5_keyivgen("passwd") + ct = c1.update(pt) + c1.final + + c2 = OpenSSL::Cipher::AES256.new(mode) + c2.decrypt + c2.pkcs5_keyivgen("passwd") + assert_equal(pt, c2.update(ct) + c2.final) + } + end + end end end |