Skip to content

0.9.6
Compare
Choose a tag to compare
@kares kares released this 28 Jul 07:55
· 936 commits to master since this release
v0.9.6
0c69405
  • ClassCastException still happen deep within BC - turn them into SignatureExeption
  • make sure empty object can be serialize via to_pem
  • use the classname as message in case the exception has no message (jruby/jruby#2249)
  • make sure X509Object list is synchronized properly
  • use JRubyFile to get input-stream to file-resource fixes #11
  • Cache the discovered classes for digest engines. Fixes #15.
  • avoid the rest of Ruby.getGlobalRuntime usages - only worked in 1 runtime envs
  • refactored CRL - using light-weight BC API (avoids deprecated X.509 generator)
  • implement X509::Certificate#to_text for happiness (the MRI-way - only RSA for now)
  • allow to "fake" our inspect() support and match MRI's X509::Certificate#inspect
  • decode BC's ASN1Enumarated into a OpenSSL::ASN1::Enumerated
  • we can (ASN.1) encode an infinite-length bit-string constructive
  • turns out all ASN1 primitives in MRI have the infinite_length attribute
  • support (so-far only dummy) @servername_cb attribute on SSLSocket
  • handle (CRL) extension's issuerAltName wrapping without an exception
  • fix SSL (cert) verification - now working on 1.8/1.9 better than before
  • do not skip first 2 bytes of key identifier hash when encoding to hex!
  • match X.509 extension short-comings of the Java API in order to align with MRI
  • improve cert.extension's value - extendedKeyUsage was not returned correctly
  • make sure ASN1::ObjectId.new(...).ln and ASN1::ObjectId.new(...).sn are correct!
  • better working to_der conversion esp. with constructives (indefinite lengths)
  • improve our ASN1 decoding for better MRI compatibility
  • avoiding Krypt gem dependency completely (was used for OpenSSL::PKCS5)
  • cleanup OpenSSL::Digest internals - make sure block_length works for more
  • OpenSSL deprecated_warning_flag and check_func API compatibility stubs
  • do not force loading of jar-dependencies + possibly respect jars skipped
  • X509::Name.to_a compatibility - MRI seems to never return "UNDEF"
    experimental support for passing down "real" Java JCE cipher names
  • rewriten Cipher internals - now faster, slimmer and more compatible than ever!
  • rebuilt our global ASN1Registry and refactored it (back) internally to use string oids
  • report OpenSSL::VERSION 1.1.0 since 1.9.3
  • fill RaiseException's cause whenever we use a factory passing down a Throwable
  • allow X509::Revoked.serial= to receive an integer
  • make sure X509::CRL's to_text representation si (fully) MRI compatible
  • handle authority key-id unwrapping correctly in X509::Extension#value
  • long time coming - OpenSSL::X509::CRL support for loading revoked entries (#5)
  • Reflect Java cacert location in DEFAULT_CERT_* constants (jruby/jruby#1953)
  • X509::Certificate.new MRI compatibility + make sure inspect works the same
  • BN.inspect() and make sure BN.new(0) works just fine (both as in MRI)
  • X509::CRL instantiation compatibility with MRI
  • inspect() X509::Certificate an X509::CRL just like MRI does
  • handle OpenSSL::X509::Store.add error messages correctly (fix based on #6)
  • update to using BC 1.49 by default (still compatible with older versions)
  • implement X509::StoreContext#current_crl method
  • support X509::StoreContext cleanup and error_depth instance methods
  • support disabling of warnings using system property -Djruby.openssl.warn
  • Throw error when chain certs are not OpenSSL::X509::Certificate (#3)
  • avoid using JRuby IO APIs (will likely not work in 9k)
  • make 'jopenssl/load' also work on jruby-1.6.8 mode 1.9
Assets 2
Loading