From f3a0964ecad5b788c82431b3a4863957d9f1b233 Mon Sep 17 00:00:00 2001 From: Bridget Almas Date: Tue, 7 Jul 2015 16:27:27 -0400 Subject: [PATCH 1/3] fixing rsa --- src/main/java/org/jruby/ext/openssl/PKeyRSA.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/org/jruby/ext/openssl/PKeyRSA.java b/src/main/java/org/jruby/ext/openssl/PKeyRSA.java index ffdf8fe9..8eeed2a1 100644 --- a/src/main/java/org/jruby/ext/openssl/PKeyRSA.java +++ b/src/main/java/org/jruby/ext/openssl/PKeyRSA.java @@ -434,7 +434,7 @@ private String getPadding(final int padding) { if ( padding == 3 ) { p = "/ECB/NoPadding"; } else if ( padding == 4 ) { - p = "/ECB/OAEPWithMD5AndMGF1Padding"; + p = "/ECB/OAEPWithSHA1AndMGF1Padding"; } else if ( padding == 2 ) { p = "/ECB/ISO9796-1Padding"; } From d34d50222abce5e65b7cd1092f3ce2a017f9d3e9 Mon Sep 17 00:00:00 2001 From: Bridget Almas Date: Thu, 9 Jul 2015 13:54:55 -0400 Subject: [PATCH 2/3] adding test to confirm creation of Cipher withOAEPWithSha1AndMGF1Padding is possible --- src/test/ruby/test_cipher.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/test/ruby/test_cipher.rb b/src/test/ruby/test_cipher.rb index 6129ec67..8e6dcb4d 100644 --- a/src/test/ruby/test_cipher.rb +++ b/src/test/ruby/test_cipher.rb @@ -27,6 +27,7 @@ def test_cipher_extended_support OpenSSL::Cipher.new 'PBEWithSHA1AndRC2_40-CBC' # Sun JCE #OpenSSL::Cipher.new 'RSA/ECB' # Sun JCE OpenSSL::Cipher.new 'RSA/ECB/OAEPWITHSHA-512ANDMGF1PADDING' # Sun JCE + OpenSSL::Cipher.new 'RSA/ECB/OAEPWithSHA1AndMGF1Padding' # Sun JCE OpenSSL::Cipher.new 'DESedeWrap/CBC/NOPADDING' # Sun JCE OpenSSL::Cipher.new 'XTEA/CBC/PKCS7Padding' # BC OpenSSL::Cipher.new 'Noekeon/CBC/ZeroBytePadding' # BC @@ -349,4 +350,4 @@ def test_encrypt_aes_cfb_20_incompatibility end end -end \ No newline at end of file +end From f08699855a116ff8719f011ecc8155b795808b45 Mon Sep 17 00:00:00 2001 From: Bridget Almas Date: Thu, 9 Jul 2015 15:22:32 -0400 Subject: [PATCH 3/3] adding test for oaep decryption --- src/test/ruby/oaep/encrypted.key | 15 +++++++++++++++ src/test/ruby/oaep/test_oaep.rb | 22 ++++++++++++++++++++++ 2 files changed, 37 insertions(+) create mode 100644 src/test/ruby/oaep/encrypted.key create mode 100644 src/test/ruby/oaep/test_oaep.rb diff --git a/src/test/ruby/oaep/encrypted.key b/src/test/ruby/oaep/encrypted.key new file mode 100644 index 00000000..902d3b0f --- /dev/null +++ b/src/test/ruby/oaep/encrypted.key @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXAIBAAKBgQDo6m+QZvYQ/xL0ElLgupK1QDcYL4f5PckwsNgS9pUvV7fzTqCH +k8ThLxTk42MQ2McJsOeUJVP728KhymjFCqxgP4VuwRk9rpAl0+mhy6MPdyjyA6G1 +4jrDWS65ysLchK4t/vwpEDz0SQlEoG1kMzllSm7zZS3XregA7DjNaUYQqwIDAQAB +AoGBALGR6bRBit+yV5TUU3MZSrf8WQSLWDLgs/33FQSAEYSib4+DJke2lKbI6jkG +UoSJgFUXFbaQLtMY2+3VDsMKPBdAge9gIdvbkC4yoKjLGm/FBDOxxZcfLpR+9OPq +U3qM9D0CNuliBWI7Je+p/zs09HIYucpDXy9E18KA1KNF6rfhAkEA9KoNam6wAKnm +vMzz31ws3RuIOUeo2rx6aaVY95+P9tTxd6U+pNkwxy1aCGP+InVSwlYNA1aQ4Axi +/GdMIWMkxwJBAPO1CP7cQNZQmu7yusY+GUObDII5YK9WLaY4RAicn5378crPBFxv +Ukqf9G6FHo7u88iTCIp+vwa3Hn9Tumg3iP0CQQDgUXWBasCVqzCxU5wY4tMDWjXY +hpoLCpmVeRML3dDJt004rFm2HKe7Rhpw7PTZNQZOxUSjFeA4e0LaNf838UWLAkB8 +QfbHM3ffjhOg96PhhjINdVWoZCb230LBOHj/xxPfUmFTHcBEfQIBSJMxcrBFAnLL +9qPpMXymqOFk3ETz9DTlAj8E0qGbp78aVbTOtuwEwNJII+RPw+Zkc+lKR+yaWkAz +fIXw527NPHH3+rnBG72wyZr9ud4LAum9jh+5No1LQpk= +-----END RSA PRIVATE KEY----- diff --git a/src/test/ruby/oaep/test_oaep.rb b/src/test/ruby/oaep/test_oaep.rb new file mode 100644 index 00000000..a5d03da7 --- /dev/null +++ b/src/test/ruby/oaep/test_oaep.rb @@ -0,0 +1,22 @@ +# coding: US-ASCII +require 'base64' +class TestOaep < TestCase + + def setup + super + self.class.disable_security_restrictions! + end + + def test_oaep_decrypt + key = File::read(File.join(File.dirname(__FILE__), 'encrypted.key')) + base64_cipher_text = "s+ydnGyGfJlH6FPB21tYeAeeMKcqLuybw7lxArZIEGRjMNSn2LHNzUEwX/H6FQan5lKQPZxxU1tBuFP6sP27ektEIXgoIQm+PdxilJnNPVoDA9Wff93MMa9JG3VMsc0kbUNMmJf6SQcJ+IB3OyBPZfPrz6wbkwM2zVm9Y/oqFWM=" + + # create cleaned up key object + key = OpenSSL::PKey::RSA.new(key) + + cipher_text = Base64.decode64(base64_cipher_text) + assert_nothing_raised { + decrypted = key.private_decrypt(cipher_text, OpenSSL::PKey::RSA::PKCS1_OAEP_PADDING) + } + end +end