Modified: trunk/jopenssl/src/java/org/jruby/ext/openssl/ASN1.java (1036 => 1037)
--- trunk/jopenssl/src/java/org/jruby/ext/openssl/ASN1.java 2008-07-06 15:06:15 UTC (rev 1036)
+++ trunk/jopenssl/src/java/org/jruby/ext/openssl/ASN1.java 2008-07-06 15:06:18 UTC (rev 1037)
@@ -128,6 +128,15 @@
return obj2nid(runtime, new DERObjectIdentifier(oid));
}
+ synchronized static String ln2oid(Ruby runtime, String ln) {
+ Map<String, DERObjectIdentifier> val = SYM_TO_OID.get(runtime);
+ if(null == val) {
+ initMaps(runtime);
+ val = SYM_TO_OID.get(runtime);
+ }
+ return val.get(ln).getId();
+ }
+
synchronized static Integer obj2nid(Ruby runtime, DERObjectIdentifier oid) {
Map<DERObjectIdentifier, Integer> o2n = OID_TO_NID.get(runtime);
if(null == o2n) {
Modified: trunk/jopenssl/src/java/org/jruby/ext/openssl/Cipher.java (1036 => 1037)
--- trunk/jopenssl/src/java/org/jruby/ext/openssl/Cipher.java 2008-07-06 15:06:15 UTC (rev 1036)
+++ trunk/jopenssl/src/java/org/jruby/ext/openssl/Cipher.java 2008-07-06 15:06:18 UTC (rev 1037)
@@ -57,7 +57,7 @@
* @author <a href="" PROTECTED]">Ola Bini</a>
*/
public class Cipher extends RubyObject {
-
+
// set to enable debug output
private static final boolean DEBUG = false;
private static ObjectAllocator CIPHER_ALLOCATOR = new ObjectAllocator() {
@@ -200,7 +200,7 @@
private byte[] iv;
private String padding;
- private void dumpVars() {
+ void dumpVars() {
System.out.println("***** Cipher instance vars ****");
System.out.println("name = " + name);
System.out.println("cryptoBase = " + cryptoBase);
@@ -436,7 +436,7 @@
return this;
}
- private javax.crypto.Cipher getCipher() {
+ javax.crypto.Cipher getCipher() {
return (javax.crypto.Cipher) OpenSSLReal.getWithBCProvider(new Callable() {
public Object call() {
try {
@@ -592,4 +592,20 @@
String getAlgorithm() {
return this.ciph.getAlgorithm();
}
+
+ String getName() {
+ return this.name;
+ }
+
+ String getCryptoBase() {
+ return this.cryptoBase;
+ }
+
+ String getCryptoMode() {
+ return this.cryptoMode;
+ }
+
+ int getKeyLen() {
+ return this.keyLen;
+ }
}
Modified: trunk/jopenssl/src/java/org/jruby/ext/openssl/OpenSSLImpl.java (1036 => 1037)
--- trunk/jopenssl/src/java/org/jruby/ext/openssl/OpenSSLImpl.java 2008-07-06 15:06:15 UTC (rev 1036)
+++ trunk/jopenssl/src/java/org/jruby/ext/openssl/OpenSSLImpl.java 2008-07-06 15:06:18 UTC (rev 1037)
@@ -232,6 +232,18 @@
ASN1.addObject(runtime, 172, "OCSP", "OCSP","1.3.6.1.5.5.7.48.1");
ASN1.addObject(runtime, 173, "caIssuers", "CA Issuers","1.3.6.1.5.5.7.48.2");
ASN1.addObject(runtime, 174, "OCSPSigning", "OCSP Signing","1.3.6.1.5.5.7.3.9");
+ASN1.addObject(runtime, 175, "AES-128-EBC", "aes-128-ebc","2.16.840.1.101.3.4.1.1");
+ASN1.addObject(runtime, 176, "AES-128-CBC", "aes-128-cbc","2.16.840.1.101.3.4.1.2");
+ASN1.addObject(runtime, 177, "AES-128-OFB", "aes-128-ofb","2.16.840.1.101.3.4.1.3");
+ASN1.addObject(runtime, 178, "AES-128-CFB", "aes-128-cfb","2.16.840.1.101.3.4.1.4");
+ASN1.addObject(runtime, 179, "AES-192-EBC", "aes-192-ebc","2.16.840.1.101.3.4.1.21");
+ASN1.addObject(runtime, 180, "AES-192-CBC", "aes-192-cbc","2.16.840.1.101.3.4.1.22");
+ASN1.addObject(runtime, 181, "AES-192-OFB", "aes-192-ofb","2.16.840.1.101.3.4.1.23");
+ASN1.addObject(runtime, 182, "AES-192-CFB", "aes-192-cfb","2.16.840.1.101.3.4.1.24");
+ASN1.addObject(runtime, 183, "AES-256-EBC", "aes-256-ebc","2.16.840.1.101.3.4.1.41");
+ASN1.addObject(runtime, 184, "AES-256-CBC", "aes-256-cbc","2.16.840.1.101.3.4.1.42");
+ASN1.addObject(runtime, 185, "AES-256-OFB", "aes-256-ofb","2.16.840.1.101.3.4.1.43");
+ASN1.addObject(runtime, 186, "AES-256-CFB", "aes-256-cfb","2.16.840.1.101.3.4.1.44");
}
public static interface KeyAndIv {
Modified: trunk/jopenssl/src/java/org/jruby/ext/openssl/PKCS7.java (1036 => 1037)
--- trunk/jopenssl/src/java/org/jruby/ext/openssl/PKCS7.java 2008-07-06 15:06:15 UTC (rev 1036)
+++ trunk/jopenssl/src/java/org/jruby/ext/openssl/PKCS7.java 2008-07-06 15:06:18 UTC (rev 1037)
@@ -41,17 +41,22 @@
import java.util.List;
import org.bouncycastle.asn1.ASN1InputStream;
+import org.bouncycastle.asn1.ASN1Object;
import org.bouncycastle.asn1.cms.ContentInfo;
+import org.bouncycastle.cms.CMSEnvelopedData;
+import org.bouncycastle.cms.CMSEnvelopedDataGenerator;
import org.bouncycastle.cms.CMSProcessableByteArray;
import org.bouncycastle.cms.CMSSignedData;
import org.bouncycastle.cms.CMSSignedDataGenerator;
import org.bouncycastle.cms.CMSException;
import org.bouncycastle.cms.SignerInformation;
import org.bouncycastle.cms.SignerInformationStore;
+import org.bouncycastle.asn1.x509.TBSCertificateStructure;
import org.jruby.Ruby;
import org.jruby.RubyArray;
import org.jruby.RubyClass;
import org.jruby.RubyModule;
+import org.jruby.RubyNumeric;
import org.jruby.RubyObject;
import org.jruby.RubyString;
import org.jruby.ext.openssl.x509store.PEMInputOutput;
@@ -170,16 +175,89 @@
return ret;
}
+ /** ossl_pkcs7_s_encrypt
+ *
+ */
@JRubyMethod(meta=true, rest=true)
- public static IRubyObject encrypt(IRubyObject recv, IRubyObject[] args) {
- System.err.println("WARNING: un-implemented method called PKCS7#encrypt");
- return recv.getRuntime().getNil();
+ public static IRubyObject encrypt(IRubyObject recv, IRubyObject[] args) throws Exception {
+ IRubyObject certs = recv.getRuntime().getNil();
+ IRubyObject data = ""
+ IRubyObject cipher = recv.getRuntime().getNil();
+ IRubyObject flags = recv.getRuntime().getNil();
+ org.jruby.runtime.Arity.checkArgumentCount(recv.getRuntime(),args,2,4);
+
+ String algo = "RC2-CBC";
+ int keySize = 40;
+
+ switch(args.length) {
+ case 4:
+ flags = args[3];
+ case 3:
+ cipher = args[2];
+ case 2:
+ data = ""
+ certs = args[0];
+ }
+
+ if(!cipher.isNil()) {
+ algo = ((Cipher)cipher).getName();
+ keySize = ((Cipher)cipher).getKeyLen() * 8;
+ System.err.println("BLAH: " + keySize);
+ }
+
+
+ int flg = flags.isNil() ? 0 : RubyNumeric.fix2int(flags);
+
+ IRubyObject arg = OpenSSLImpl.to_der_if_possible(data);
+ byte[] contentBytes = arg.convertToString().getBytes();
+
+ ((Cipher)cipher).dumpVars();
+
+ final CMSEnvelopedDataGenerator fact = new CMSEnvelopedDataGenerator();
+
+ if(certs instanceof RubyArray) {
+ RubyArray arr = (RubyArray)certs;
+ for(Iterator iter = arr.getList().iterator();iter.hasNext();) {
+ X509Cert haha = (X509Cert)iter.next();
+ TBSCertificateStructure tbs = TBSCertificateStructure.getInstance(
+ ASN1Object.fromByteArray(haha.getAuxCert().getTBSCertificate()));
+ System.err.println( tbs.getSubjectPublicKeyInfo().getAlgorithmId().getObjectId() );
+
+ System.err.println("bladibla: " + haha.getAuxCert());
+ System.err.println("hm: " + haha.getAuxCert().getPublicKey());
+ fact.addKeyTransRecipient(haha.getAuxCert());
+ }
+ }
+
+ final CMSProcessableByteArray content = new CMSProcessableByteArray(contentBytes);
+ final String algo1 = ASN1.ln2oid(recv.getRuntime(), algo.toLowerCase());
+ final int keySize1 = keySize;
+
+ CMSEnvelopedData envdata = (CMSEnvelopedData)(OpenSSLReal.getWithBCProvider(new Callable() {
+ public Object call() {
+ try {
+ return fact.generate(content, algo1, keySize1, "BC");
+ } catch (Exception e) {
+ System.err.println(e);
+ e.getCause().printStackTrace();
+ return null;
+ }
+ }
+ }));
+
+ PKCS7 ret = new PKCS7(recv.getRuntime(),((RubyClass)((RubyModule)(recv.getRuntime().getModule("OpenSSL").getConstant("PKCS7"))).getConstant("PKCS7")));
+ ret.setInstanceVariable("@data",recv.getRuntime().getNil());
+ ret.setInstanceVariable("@error_string",recv.getRuntime().getNil());
+ ret.envelopedData = envdata;
+
+ return ret;
}
}
public PKCS7(Ruby runtime, RubyClass type) {
super(runtime,type);
}
+ private CMSEnvelopedData envelopedData;
private CMSSignedData signedData;
@JRubyMethod(name="initialize", rest=true)
@@ -191,7 +269,12 @@
byte[] b = arg.convertToString().getBytes();
signedData = PEMInputOutput.readPKCS7(new InputStreamReader(new ByteArrayInputStream(b)),null);
if(null == signedData) {
- signedData = new CMSSignedData(ContentInfo.getInstance(new ASN1InputStream(b).readObject()));
+ ContentInfo info = ContentInfo.getInstance(new ASN1InputStream(b).readObject());
+ try {
+ signedData = new CMSSignedData(info);
+ } catch(Exception e) {
+ envelopedData = new CMSEnvelopedData(info);
+ }
}
this.setInstanceVariable("@data",getRuntime().getNil());
this.setInstanceVariable("@error_string",getRuntime().getNil());
@@ -439,7 +522,11 @@
@JRubyMethod
public IRubyObject to_der() throws Exception {
- return RubyString.newString(getRuntime(), signedData.getEncoded());
+ if(signedData != null) {
+ return RubyString.newString(getRuntime(), signedData.getEncoded());
+ } else {
+ return RubyString.newString(getRuntime(), envelopedData.getEncoded());
+ }
}
public static class SignerInfo extends RubyObject {
