diff options
author | technorama <technorama@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2007-04-05 05:59:22 +0000 |
---|---|---|
committer | technorama <technorama@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2007-04-05 05:59:22 +0000 |
commit | 953e8aca2be6a74a4829f8729cd4ba8e501207fe (patch) | |
tree | 6af3285c7c29d4fb458d3cb873f80fbdfcb942ab /ext/openssl/ossl_pkcs5.c | |
parent | f1796fdb2c0473f2362a79402e1d9417cf2b6f96 (diff) | |
download | ruby-953e8aca2be6a74a4829f8729cd4ba8e501207fe.tar.gz |
* ext/openssl/ossl_pkcs5.c: New module.
* ext/openssl/ossl_{cipher,digest,pkcs7,pkcs12}.c:
Remove redundant module namespace.
* ext/openssl/lib/openssl/{cipher,digest}.rb
Add backwards compatibile classes for rearranged classes.
* ext/openssl/ossl_{pkcs7,pkcs12}.c: Add documentation.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@12148 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext/openssl/ossl_pkcs5.c')
-rw-r--r-- | ext/openssl/ossl_pkcs5.c | 96 |
1 files changed, 96 insertions, 0 deletions
diff --git a/ext/openssl/ossl_pkcs5.c b/ext/openssl/ossl_pkcs5.c new file mode 100644 index 0000000000..ca02a18c67 --- /dev/null +++ b/ext/openssl/ossl_pkcs5.c @@ -0,0 +1,96 @@ +/* + * $Id$ + * Copyright (C) 2007 Technorama Ltd. <oss-ruby@technorama.net> + */ +#include "ossl.h" + +VALUE mPKCS5; +VALUE ePKCS5; + +/* + * call-seq: + * PKCS5.pbkdf2_hmac(pass, salt, iter, keylen, digest) => string + * + * === Parameters + * * +pass+ - string + * * +salt+ - string + * * +iter+ - integer - should be greater than 1000. 2000 is better. + * * +keylen+ - integer + * * +digest+ - a string or OpenSSL::Digest object. + * + * Available in OpenSSL 0.9.9?. + * + * Digests other than SHA1 may not be supported by other cryptography libraries. + */ +static VALUE +ossl_pkcs5_pbkdf2_hmac(VALUE self, VALUE pass, VALUE salt, VALUE iter, VALUE keylen, VALUE digest) +{ +#ifdef HAVE_PKCS5_PBKDF2_HMAC + VALUE str; + const EVP_MD md; + int len = NUM2INT(keylen); + + StringValue(pass); + StringValue(salt); + md = GetDigestPtr(digest); + + str = rb_str_new(0, len); + + if (PKCS5_PBKDF2_HMAC(RSTRING_PTR(pass), RSTRING_LEN(pass), RSTRING_PTR(salt), RSTRING_LEN(salt), NUM2INT(iter), md, len, RSTRING_PTR(str)) != 1) + ossl_raise(ePKCS5, "PKCS5_PBKDF2_HMAC"); + + return str; +#else + rb_notimplement(); +#endif +} + + +/* + * call-seq: + * PKCS5.pbkdf2_hmac_sha1(pass, salt, iter, keylen) => string + * + * === Parameters + * * +pass+ - string + * * +salt+ - string + * * +iter+ - integer - should be greater than 1000. 2000 is better. + * * +keylen+ - integer + * + * This method is available almost any version OpenSSL. + * + * Conforms to rfc2898. + */ +static VALUE +ossl_pkcs5_pbkdf2_hmac_sha1(VALUE self, VALUE pass, VALUE salt, VALUE iter, VALUE keylen) +{ +#ifdef HAVE_PKCS5_PBKDF2_HMAC_SHA1 + VALUE str; + int len = NUM2INT(keylen); + + StringValue(pass); + StringValue(salt); + + str = rb_str_new(0, len); + + if (PKCS5_PBKDF2_HMAC_SHA1(RSTRING_PTR(pass), RSTRING_LEN(pass), RSTRING_PTR(salt), RSTRING_LEN(salt), NUM2INT(iter), len, RSTRING_PTR(str)) != 1) + ossl_raise(ePKCS5, "PKCS5_PBKDF2_HMAC_SHA1"); + + return str; +#else + rb_notimplement(); +#endif +} + +void +Init_ossl_pkcs5() +{ + /* + * Password-based Encryption + * + */ + mPKCS5 = rb_define_module_under(mOSSL, "PKCS5"); + ePKCS5 = rb_define_class_under(mPKCS5, "PKCS5Error", eOSSLError); + + rb_define_module_function(mPKCS5, "pbkdf2_hmac", ossl_pkcs5_pbkdf2_hmac, 5); + rb_define_module_function(mPKCS5, "pbkdf2_hmac_sha1", ossl_pkcs5_pbkdf2_hmac_sha1, 4); +} |