Last active
August 29, 2015 14:16
-
-
Save tamird/84a1ed716862b4e96644 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| if defined?(JRUBY_VERSION) | |
| puts 'Applying https://github.com/jruby/jruby/wiki/UnlimitedStrengthCrypto' | |
| security_class = java.lang.Class.for_name('javax.crypto.JceSecurity') | |
| restricted_field = security_class.get_declared_field('isRestricted') | |
| restricted_field.accessible = true | |
| restricted_field.set(nil, false) | |
| end | |
| require 'openssl' | |
| require 'securerandom' | |
| algorithms = OpenSSL::Cipher.ciphers | |
| unless defined?(JRUBY_VERSION) | |
| algorithms &= %x(openssl list-cipher-commands).split | |
| end | |
| algorithms_with_working_iv = Set.new | |
| algorithms_with_working_key = Set.new | |
| algorithms_that_fully_work = Set.new | |
| iv_errors = Hash.new { |hash, key| hash[key] = Set.new } | |
| key_errors = Hash.new { |hash, key| hash[key] = Set.new } | |
| final_errors = Hash.new { |hash, key| hash[key] = Set.new } | |
| algorithms.each do |algorithm| | |
| cipher = OpenSSL::Cipher::Cipher.new(algorithm) | |
| cipher.encrypt | |
| 1.upto(64).each do |iv_len| | |
| break if algorithms_that_fully_work.include?(algorithm) | |
| begin | |
| cipher.iv = SecureRandom.random_bytes(iv_len) | |
| rescue OpenSSL::Cipher::CipherError => e | |
| iv_errors[algorithm] << e.message | |
| next | |
| else | |
| algorithms_with_working_iv << algorithm | |
| end | |
| 1.upto(64).each do |key_len| | |
| break if algorithms_that_fully_work.include?(algorithm) | |
| begin | |
| cipher.key = SecureRandom.random_bytes(key_len) | |
| rescue OpenSSL::Cipher::CipherError => e | |
| key_errors[algorithm] << e.message | |
| next | |
| else | |
| algorithms_with_working_key << algorithm | |
| end | |
| begin | |
| cipher.update(SecureRandom.random_bytes) | |
| rescue OpenSSL::Cipher::CipherError => e | |
| final_errors[algorithm] << e.message | |
| next | |
| else | |
| algorithms_that_fully_work << algorithm | |
| end | |
| end | |
| end | |
| end | |
| puts "RESULTS FOR #{RUBY_DESCRIPTION}" | |
| algorithms.each do |algorithm| | |
| unless algorithms_with_working_iv.include?(algorithm) | |
| puts "Algorithm #{algorithm} has IV errors: #{iv_errors.fetch(algorithm).inspect}" | |
| end | |
| unless algorithms_with_working_key.include?(algorithm) | |
| puts "Algorithm #{algorithm} has key errors: #{key_errors.fetch(algorithm).inspect}" | |
| end | |
| unless algorithms_that_fully_work.include?(algorithm) | |
| puts "Algorithm #{algorithm} has final errors: #{final_errors.fetch(algorithm).inspect}" | |
| end | |
| end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # WITH `gem 'jruby-openssl'` | |
| $ rvm jruby,2.2 do bundle exec ruby jruby_crypto.rb | |
| file:~/.rvm/rubies/jruby-1.7.19/lib/jruby.jar!/jruby/kernel19/kernel.rb:28 warning: unsupported exec option: close_others | |
| Applying https://github.com/jruby/jruby/wiki/UnlimitedStrengthCrypto | |
| RESULTS FOR jruby 1.7.19 (2.0.0p598) 2015-01-29 20786bd on Java HotSpot(TM) 64-Bit Server VM 1.8.0_25-b17 [darwin-x86_64] | |
| Algorithm AES-128-CFB1 has final errors: #<Set: {"/ by zero"}> | |
| Algorithm AES-192-CFB1 has final errors: #<Set: {"/ by zero"}> | |
| Algorithm AES-256-CFB1 has final errors: #<Set: {"/ by zero", "No message available"}> | |
| Algorithm BF-CFB1 has final errors: #<Set: {"No message available"}> | |
| Algorithm CAMELLIA-128-CBC has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAMELLIA-192-CBC has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAMELLIA-256-CBC has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAMELLIA-128-CFB has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAMELLIA-192-CFB has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAMELLIA-256-CFB has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAMELLIA-128-CFB1 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAMELLIA-192-CFB1 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAMELLIA-256-CFB1 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAMELLIA-128-CFB8 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAMELLIA-192-CFB8 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAMELLIA-256-CFB8 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAMELLIA-128-OFB has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAMELLIA-192-OFB has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAMELLIA-256-OFB has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAMELLIA128 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAMELLIA192 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAMELLIA256 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAST5-CFB1 has final errors: #<Set: {"No message available"}> | |
| Algorithm CAST6-CBC has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAST6-CFB has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAST6-CFB1 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAST6-CFB8 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm CAST6-OFB has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm DES-CFB1 has final errors: #<Set: {"No message available"}> | |
| Algorithm DES-EDE has final errors: #<Set: {"java.security.InvalidKeyException: key size must be 16 or 24 bytes.: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}> | |
| Algorithm DES-EDE-CBC has final errors: #<Set: {"java.security.InvalidKeyException: key size must be 16 or 24 bytes.: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}> | |
| Algorithm DES-EDE-CFB has final errors: #<Set: {"java.security.InvalidKeyException: key size must be 16 or 24 bytes.: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}> | |
| Algorithm DES-EDE-OFB has final errors: #<Set: {"java.security.InvalidKeyException: key size must be 16 or 24 bytes.: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}> | |
| Algorithm DES-EDE3-CFB1 has final errors: #<Set: {"No message available"}> | |
| Algorithm RC2-CFB1 has final errors: #<Set: {"No message available"}> | |
| Algorithm SEED has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm SEED-CBC has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm SEED-CFB has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm SEED-CFB1 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm SEED-CFB8 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm SEED-OFB has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm camellia-128-cbc has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm camellia-192-cbc has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm camellia-256-cbc has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm camellia-128-cfb has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm camellia-192-cfb has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm camellia-256-cfb has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm camellia-128-cfb1 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm camellia-192-cfb1 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm camellia-256-cfb1 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm camellia-128-cfb8 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm camellia-192-cfb8 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm camellia-256-cfb8 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm camellia-128-ofb has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm camellia-192-ofb has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm camellia-256-ofb has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm camellia128 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm camellia192 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm camellia256 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm cast6-cbc has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm cast6-cfb has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm cast6-cfb1 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm cast6-cfb8 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm cast6-ofb has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm des-ede has final errors: #<Set: {"java.security.InvalidKeyException: key size must be 16 or 24 bytes.: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}> | |
| Algorithm des-ede-cbc has final errors: #<Set: {"java.security.InvalidKeyException: key size must be 16 or 24 bytes.: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}> | |
| Algorithm des-ede-cfb has final errors: #<Set: {"java.security.InvalidKeyException: key size must be 16 or 24 bytes.: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}> | |
| Algorithm des-ede-ofb has final errors: #<Set: {"java.security.InvalidKeyException: key size must be 16 or 24 bytes.: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}> | |
| Algorithm des3 has final errors: #<Set: {"java.security.InvalidKeyException: key size must be 16 or 24 bytes.: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}> | |
| Algorithm seed has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm seed-cbc has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm seed-cfb has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm seed-cfb1 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm seed-cfb8 has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| Algorithm seed-ofb has final errors: #<Set: {"IV must be 16 bytes long."}> | |
| RESULTS FOR ruby 2.2.0p0 (2014-12-25 revision 49005) [x86_64-darwin14] | |
| # WITHOUT `gem 'jruby-openssl'` | |
| ~/Desktop/rubby rvm jruby,2.2 do bundle exec ruby jruby_crypto.rb | |
| file:~/.rvm/rubies/jruby-1.7.19/lib/jruby.jar!/jruby/kernel19/kernel.rb:28 warning: unsupported exec option: close_others | |
| Applying https://github.com/jruby/jruby/wiki/UnlimitedStrengthCrypto | |
| RESULTS FOR jruby 1.7.19 (2.0.0p598) 2015-01-29 20786bd on Java HotSpot(TM) 64-Bit Server VM 1.8.0_25-b17 [darwin-x86_64] | |
| Algorithm DES-EDE3 has final errors: #<Set: {"DES key too long - should be 8 bytes: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}> | |
| Algorithm des-ede3 has final errors: #<Set: {"DES key too long - should be 8 bytes: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}> | |
| RESULTS FOR ruby 2.2.0p0 (2014-12-25 revision 49005) [x86_64-darwin14] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment