Skip to content
This repository

[JRUBY-6962] Implemented OpenSSL::PKCS7#type= and OpenSSL::PKCS7#add_data #355

Closed
wants to merge 1 commit into from

2 participants

Martin Ott Charles Oliver Nutter
Martin Ott

Methods are required to create a PKCS#7 degenerate structure which
contains only certificates. This is basically the same that 'openssl
crl2pkcs7
' does.

See also issue JRUBY-6962.

Martin Ott Implemented OpenSSL::PKCS7#type= and OpenSSL::PKCS7#add_data
Methods are required to create a PKCS#7 degenerate structure which
contains only certificates. This is basically the same that 'openssl
crl2pkcs7' [http://www.openssl.org/docs/apps/crl2pkcs7.html] does.
274641a
Charles Oliver Nutter
Owner

I incorporated your change in commit 48e96ad and added a pull request for MRI to include the tests in ruby/ruby#205. Thank you!

Charles Oliver Nutter headius referenced this pull request in ruby/ruby
Closed

Add tests for PKCS7#type= and add_data. #205

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Showing 1 unique commit by 1 author.

Oct 24, 2012
Martin Ott Implemented OpenSSL::PKCS7#type= and OpenSSL::PKCS7#add_data
Methods are required to create a PKCS#7 degenerate structure which
contains only certificates. This is basically the same that 'openssl
crl2pkcs7' [http://www.openssl.org/docs/apps/crl2pkcs7.html] does.
274641a
This page is out of date. Refresh to see the latest.
65 src/org/jruby/ext/openssl/PKCS7.java
@@ -300,8 +300,29 @@ public IRubyObject initialize_copy(IRubyObject obj) {
300 300
301 301 @JRubyMethod(name="type=")
302 302 public IRubyObject set_type(IRubyObject obj) {
303   - System.err.println("WARNING: unimplemented method called PKCS7#type=");
304   - return getRuntime().getNil();
  303 + int typeId = ASN1Registry.NID_undef;
  304 +
  305 + String type = obj.convertToString().asJavaString();
  306 +
  307 + if ("signed".equals(type)) {
  308 + typeId = ASN1Registry.NID_pkcs7_signed;
  309 + } else if ("data".equals(type)) {
  310 + typeId = ASN1Registry.NID_pkcs7_data;
  311 + } else if ("signedAndEnveloped".equals(type)) {
  312 + typeId = ASN1Registry.NID_pkcs7_signedAndEnveloped;
  313 + } else if ("enveloped".equals(type)) {
  314 + typeId = ASN1Registry.NID_pkcs7_enveloped;
  315 + } else if ("encrypted".equals(type)) {
  316 + typeId = ASN1Registry.NID_pkcs7_encrypted;
  317 + }
  318 +
  319 + try {
  320 + p7.setType(typeId);
  321 + } catch (PKCS7Exception pkcs7e) {
  322 + throw newPKCS7Exception(getRuntime(), pkcs7e);
  323 + }
  324 +
  325 + return obj;
305 326 }
306 327
307 328 @JRubyMethod(name="type")
@@ -479,8 +500,44 @@ public IRubyObject crls() {
479 500
480 501 @JRubyMethod(name={"add_data", "data="})
481 502 public IRubyObject add_data(IRubyObject obj) {
482   - System.err.println("WARNING: unimplemented method called PKCS7#add_data");
483   - return getRuntime().getNil();
  503 + if (p7.isSigned()) {
  504 + try {
  505 + p7.contentNew(ASN1Registry.NID_pkcs7_data);
  506 + } catch (PKCS7Exception pkcs7e) {
  507 + throw newPKCS7Exception(getRuntime(), pkcs7e);
  508 + }
  509 + }
  510 +
  511 + BIO in = obj2bio(obj);
  512 + BIO out = null;
  513 + try {
  514 + out = p7.dataInit(null);
  515 + } catch (PKCS7Exception pkcs7e) {
  516 + throw newPKCS7Exception(getRuntime(), pkcs7e);
  517 + }
  518 + byte[] buf = new byte[4096];
  519 + for(;;) {
  520 + try {
  521 + int i = in.read(buf, 0, buf.length);
  522 + if(i <= 0) {
  523 + break;
  524 + }
  525 + if(out != null) {
  526 + out.write(buf, 0, i);
  527 + }
  528 + } catch(IOException e) {
  529 + throw getRuntime().newIOErrorFromException(e);
  530 + }
  531 + }
  532 +
  533 + try {
  534 + p7.dataFinal(out);
  535 + } catch (PKCS7Exception pkcs7e) {
  536 + throw newPKCS7Exception(getRuntime(), pkcs7e);
  537 + }
  538 + setData(getRuntime().getNil());
  539 +
  540 + return obj;
484 541 }
485 542
486 543 @JRubyMethod(rest=true)
7 src/org/jruby/ext/openssl/impl/PKCS7.java
@@ -923,7 +923,12 @@ public BIO dataInit(BIO bio) throws PKCS7Exception {
923 923 bio.setMemEofReturn(0);
924 924 }
925 925 }
926   - out.push(bio);
  926 +
  927 + if (out != null) {
  928 + out.push(bio);
  929 + } else {
  930 + out = bio;
  931 + }
927 932 bio = null;
928 933 return out;
929 934 }
67 test/externals/ruby1.9/openssl/test_pkcs7.rb
@@ -192,6 +192,73 @@ def test_graceful_parsing_failure #[ruby-core:43250]
192 192 contents = File.read(__FILE__)
193 193 assert_raise(ArgumentError) { OpenSSL::PKCS7.new(contents) }
194 194 end
  195 +
  196 + def test_set_type_signed
  197 + p7 = OpenSSL::PKCS7.new
  198 + p7.type = "signed"
  199 + assert_equal(p7.type, :signed)
  200 + end
  201 +
  202 + def test_set_type_data
  203 + p7 = OpenSSL::PKCS7.new
  204 + p7.type = "data"
  205 + assert_equal(p7.type, :data)
  206 + end
  207 +
  208 + def test_set_type_signed_and_enveloped
  209 + p7 = OpenSSL::PKCS7.new
  210 + p7.type = "signedAndEnveloped"
  211 + assert_equal(p7.type, :signedAndEnveloped)
  212 + end
  213 +
  214 + def test_set_type_enveloped
  215 + p7 = OpenSSL::PKCS7.new
  216 + p7.type = "enveloped"
  217 + assert_equal(p7.type, :enveloped)
  218 + end
  219 +
  220 + def test_set_type_encrypted
  221 + p7 = OpenSSL::PKCS7.new
  222 + p7.type = "encrypted"
  223 + assert_equal(p7.type, :encrypted)
  224 + end
  225 +
  226 + def test_degenerate_pkcs7
  227 + ca_cert_pem = <<END
  228 +-----BEGIN CERTIFICATE-----
  229 +MIID4DCCAsigAwIBAgIJAL1oVI72wmQwMA0GCSqGSIb3DQEBBQUAMFMxCzAJBgNV
  230 +BAYTAkFVMQ4wDAYDVQQIEwVTdGF0ZTENMAsGA1UEBxMEQ2l0eTEQMA4GA1UEChMH
  231 +RXhhbXBsZTETMBEGA1UEAxMKRXhhbXBsZSBDQTAeFw0xMjEwMTgwOTE2NTBaFw0y
  232 +MjEwMTYwOTE2NTBaMFMxCzAJBgNVBAYTAkFVMQ4wDAYDVQQIEwVTdGF0ZTENMAsG
  233 +A1UEBxMEQ2l0eTEQMA4GA1UEChMHRXhhbXBsZTETMBEGA1UEAxMKRXhhbXBsZSBD
  234 +QTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMTSPNxOkd5NN19XO0fJ
  235 +tGVlWN4DWuvVL9WbWnXJXX9rU6X8sSOL9RrRA64eEZf2UBFjz9fMHZj/OGcxZpus
  236 +4YtzfSrMU6xfvsIHeqX+mT60ms2RfX4UXab50MQArBin3JVKHGnOi25uyAOylVFU
  237 +TuzzQJvKyB67vjuRPMlVAgVAZAP07ru9gW0ajt/ODxvUfvXxp5SFF68mVP2ipMBr
  238 +4fujUwQC6cVHmnuL6p87VFoo9uk87TSQVDOQGL8MK4moMFtEW9oUTU22CgnxnCsS
  239 +sCCELYhy9BdaTWQH26LzMfhnwSuIRHZyprW4WZtU0akrYXNiCj8o92rZmQWXJDbl
  240 +qNECAwEAAaOBtjCBszAdBgNVHQ4EFgQUNtVw4jvkZZbkdQbkYi2/F4QN79owgYMG
  241 +A1UdIwR8MHqAFDbVcOI75GWW5HUG5GItvxeEDe/aoVekVTBTMQswCQYDVQQGEwJB
  242 +VTEOMAwGA1UECBMFU3RhdGUxDTALBgNVBAcTBENpdHkxEDAOBgNVBAoTB0V4YW1w
  243 +bGUxEzARBgNVBAMTCkV4YW1wbGUgQ0GCCQC9aFSO9sJkMDAMBgNVHRMEBTADAQH/
  244 +MA0GCSqGSIb3DQEBBQUAA4IBAQBvJIsY9bIqliZ3WD1KoN4cvAQeRAPsoLXQkkHg
  245 +P6Nrcw9rJ5JvoHfYbo5aNlwbnkbt/B2xlVEXUYpJoBZFXafgxG2gJleioIgnaDS4
  246 +FPPwZf1C5ZrOgUBfxTGjHex4ghSAoNGOd35jQzin5NGKOvZclPjZ2vQ++LP3aA2l
  247 +9Fn2qASS46IzMGJlC75mlTOTQwDM16UunMAK26lNG9J6q02o4d/oU2a7x0fD80yF
  248 +64kNA1wDAwaVCYiUH541qKp+b4iDqer8nf8HqzYDFlpje18xYZMEd1hj8dVOharM
  249 +pISJ+D52hV/BGEYF8r5k3hpC5d76gSP2oCcaY0XvLBf97qik
  250 +-----END CERTIFICATE-----
  251 +END
  252 + p7 = OpenSSL::PKCS7.new
  253 + p7.type = "signed"
  254 + ca_cert = OpenSSL::X509::Certificate.new(ca_cert_pem)
  255 + p7.add_certificate ca_cert
  256 + p7.add_data ""
  257 +
  258 + assert_nothing_raised do
  259 + p7.to_pem
  260 + end
  261 + end
195 262 end
196 263
197 264 end

Tip: You can add notes to lines in a file. Hover to the left of a line to make a note

Something went wrong with that request. Please try again.