jruby-openssl
jruby-openssl copied to clipboard
jruby
JRuby's OpenSSL gem
If you do not call set_params on an SSLContext, jruby-openssl supports ECDHE cipher suites, although it does prefer EXPORT cipher suites over better cipher suites. If you do call set_params,...
When trying to use https://github.com/pushpad/web-push, I get the following error: undefined method `hkdf' for OpenSSL::KDF:Module (NoMethodError) At this line: https://github.com/pushpad/web-push/blob/537267741b8b8cdd4ecedeb3f2da82e1145566d8/lib/web_push/encryption.rb#L29 (there's no stack trace past that) I'm guessing its just...
```ruby #!/usr/bin/env ruby require "rubygems" require "openssl" puts OpenSSL::VERSION oid = OpenSSL::ASN1::ObjectId.new("2.5.29.14") pp oid pp oid == OpenSSL::ASN1::ObjectId.new("2.5.29.14") ``` prints true on MRI, and the following on JRuby ``` 2.2.1...
With Ruby MRI, we can do: `OpenSSL::Config.parse_config("") # also accepts a String` but not with JRuby: ``` NoMethodError: undefined method `lineno' for "":String Did you mean? lines ```
The ...EC::Group class should support a four-element constructor, as seen in several tests for ...EC::Point: https://github.com/ruby/ruby/blob/7f407e0240ebd41d9fb1ea1bbd15442ed8744b34/test/openssl/test_pkey_ec.rb#L351 I've got a broken attempt to implement that form coming in a PR, but...
Starting in April we started seeing lots of "read would block" and OpenSSL::SSL::SSLErrorWaitReadable errors in our Sentry instance. The errors occur only with TLS 1.3 and not with TLS 1.2....
``` #!/usr/bin/env ruby require "rubygems" require "openssl" pem = "-----BEGIN PUBLIC KEY-----\n" + "MCowBQYDK2VwAyEAVHg6pXoV4tdz99QgYcF9FamXBw4ialK0qABPkbQf9po=\n" + "-----END PUBLIC KEY-----\n" pp OpenSSL::PKey.read(pem) ``` on jruby: ``` OpenSSL::PKey::PKeyError: Could not parse PKey: unsupported...
If multiple certificates with the same subjectdn are added to the store and used to verify, this can still fail based on the order they were placed in the store....
There seems to be no reason to consider a local hostname as case sensitive when other hostnames are compared case insensitive. If the behavior needs to be more strict it...
