jruby
diff --git a/‎lib/jopenssl23/openssl.rb
Lines changed: 24 additions & 8 deletions b/‎lib/jopenssl23/openssl.rb
Lines changed: 24 additions & 8 deletions
diff --git a/‎lib/jopenssl23/openssl/bn.rb
Lines changed: 3 additions & 1 deletion b/‎lib/jopenssl23/openssl/bn.rb
Lines changed: 3 additions & 1 deletion
diff --git a/‎lib/jopenssl23/openssl/buffering.rb
Lines changed: 28 additions & 5 deletions b/‎lib/jopenssl23/openssl/buffering.rb
Lines changed: 28 additions & 5 deletions
diff --git a/‎lib/jopenssl23/openssl/cipher.rb
Lines changed: 43 additions & 1 deletion b/‎lib/jopenssl23/openssl/cipher.rb
Lines changed: 43 additions & 1 deletion
diff --git a/‎lib/jopenssl23/openssl/config.rb
Lines changed: 53 additions & 26 deletions b/‎lib/jopenssl23/openssl/config.rb
Lines changed: 53 additions & 26 deletions
diff --git a/‎lib/jopenssl23/openssl/digest.rb
Lines changed: 31 additions & 1 deletion b/‎lib/jopenssl23/openssl/digest.rb
Lines changed: 31 additions & 1 deletion
@@ -1,4 +1,4 @@
-# frozen_string_literal: false
+# frozen_string_literal: true
 =begin
 = Info
   'OpenSSL for Ruby 2' project
@@ -10,10 +10,26 @@
   (See the file 'LICENCE'.)
 =end
 
-require 'openssl/bn'
-require 'openssl/pkey'
-require 'openssl/cipher'
-require 'openssl/config' if OpenSSL.const_defined?(:Config, false)
-require 'openssl/digest'
-require 'openssl/x509'
-require 'openssl/ssl'
+require_relative 'openssl/bn'
+require_relative 'openssl/pkey'
+require_relative 'openssl/cipher'
+require_relative 'openssl/config' if OpenSSL.const_defined?(:Config, false)
+require_relative 'openssl/digest'
+require_relative 'openssl/hmac'
+require_relative 'openssl/x509'
+require_relative 'openssl/ssl'
+require_relative 'openssl/pkcs5'
+
+module OpenSSL
+  # call-seq:
+  #   OpenSSL.secure_compare(string, string) -> boolean
+  #
+  # Constant time memory comparison. Inputs are hashed using SHA-256 to mask
+  # the length of the secret. Returns +true+ if the strings are identical,
+  # +false+ otherwise.
+  def self.secure_compare(a, b)
+    hashed_a = OpenSSL::Digest.digest('SHA256', a)
+    hashed_b = OpenSSL::Digest.digest('SHA256', b)
+    OpenSSL.fixed_length_secure_compare(hashed_a, hashed_b) && a == b
+  end
+end
@@ -1,4 +1,4 @@
-# frozen_string_literal: false
+# frozen_string_literal: true
 #--
 #
 # = Ruby-space definitions that completes C-space funcs for BN
@@ -15,6 +15,8 @@
 
 module OpenSSL
   class BN
+    include Comparable
+
     def pretty_print(q)
       q.object_group(self) {
         q.text ' '
 
@@ -1,5 +1,5 @@
 # coding: binary
-# frozen_string_literal: false
+# frozen_string_literal: true
 #--
 #= Info
 #  'OpenSSL for Ruby 2' project
@@ -22,6 +22,29 @@
 module OpenSSL::Buffering
   include Enumerable
 
+  # A buffer which will retain binary encoding.
+  class Buffer < String
+    BINARY = Encoding::BINARY
+
+    def initialize
+      super
+
+      force_encoding(BINARY)
+    end
+    
+    def << string
+      if string.encoding == BINARY
+        super(string)
+      else
+        super(string.b)
+      end
+
+      return self
+    end
+
+    alias concat <<
+  end
+
   ##
   # The "sync mode" of the SSLSocket.
   #
@@ -40,7 +63,7 @@ module OpenSSL::Buffering
   def initialize(*)
     # super
     @eof = false
-    @rbuffer = ""
+    @rbuffer = Buffer.new
     @sync = @io.sync
   end
 
@@ -312,7 +335,7 @@ def eof?
   # buffer is flushed to the underlying socket.
 
   def do_write(s)
-    @wbuffer = "" unless defined? @wbuffer
+    @wbuffer = Buffer.new unless defined? @wbuffer
     @wbuffer << s
     @wbuffer.force_encoding(Encoding::BINARY)
     @sync ||= false
@@ -398,7 +421,7 @@ def <<(s)
   # See IO#puts for full details.
 
   def puts(*args)
-    s = ""
+    s = Buffer.new
     if args.empty?
       s << "\n"
     end
@@ -416,7 +439,7 @@ def puts(*args)
   # See IO#print for full details.
 
   def print(*args)
-    s = ""
+    s = Buffer.new
     args.each{ |arg| s << arg.to_s }
     do_write(s)
     nil
 
@@ -1,4 +1,4 @@
-# frozen_string_literal: false
+# frozen_string_literal: true
 #--
 # = Ruby-space predefined Cipher subclasses
 #
@@ -14,6 +14,48 @@
 
 module OpenSSL
   class Cipher
+    # %w(AES CAST5 BF DES IDEA RC2 RC4 RC5).each{|name|
+    #   klass = Class.new(Cipher){
+    #     define_method(:initialize){|*args|
+    #       cipher_name = args.inject(name){|n, arg| "#{n}-#{arg}" }
+    #       super(cipher_name.downcase)
+    #     }
+    #   }
+    #   const_set(name, klass)
+    # }
+    #
+    # %w(128 192 256).each{|keylen|
+    #   klass = Class.new(Cipher){
+    #     define_method(:initialize){|mode = "CBC"|
+    #       super("aes-#{keylen}-#{mode}".downcase)
+    #     }
+    #   }
+    #   const_set("AES#{keylen}", klass)
+    # }
+
+    # call-seq:
+    #   cipher.random_key -> key
+    #
+    # Generate a random key with OpenSSL::Random.random_bytes and sets it to
+    # the cipher, and returns it.
+    #
+    # You must call #encrypt or #decrypt before calling this method.
+    # def random_key
+    #   str = OpenSSL::Random.random_bytes(self.key_len)
+    #   self.key = str
+    # end
+
+    # call-seq:
+    #   cipher.random_iv -> iv
+    #
+    # Generate a random IV with OpenSSL::Random.random_bytes and sets it to the
+    # cipher, and returns it.
+    #
+    # You must call #encrypt or #decrypt before calling this method.
+    # def random_iv
+    #   str = OpenSSL::Random.random_bytes(self.iv_len)
+    #   self.iv = str
+    # end
 
     # Deprecated.
     #
 
@@ -1,4 +1,4 @@
-# frozen_string_literal: false
+# frozen_string_literal: true
 =begin
 = Ruby-space definitions that completes C-space funcs for Config
 
@@ -37,7 +37,7 @@ class << self
       def parse(string)
         c = new()
         parse_config(StringIO.new(string)).each do |section, hash|
-          c[section] = hash
+          c.set_section(section, hash)
         end
         c
       end
@@ -53,9 +53,8 @@ def parse(string)
       def parse_config(io)
         begin
           parse_config_lines(io)
-        rescue ConfigError => e
-          e.message.replace("error in line #{io.lineno}: " + e.message)
-          raise
+        rescue => error
+          raise ConfigError, "error in line #{io.lineno}: " + error.message
         end
       end
 
@@ -77,29 +76,44 @@ def get_key_string(data, section, key) # :nodoc:
       def parse_config_lines(io)
         section = 'default'
         data = {section => {}}
-        while definition = get_definition(io)
+        io_stack = [io]
+        while definition = get_definition(io_stack)
           definition = clear_comments(definition)
           next if definition.empty?
-          if definition[0] == ?[
+          case definition
+          when /\A\[/
             if /\[([^\]]*)\]/ =~ definition
               section = $1.strip
               data[section] ||= {}
             else
               raise ConfigError, "missing close square bracket"
             end
-          else
-            if /\A([^:\s]*)(?:::([^:\s]*))?\s*=(.*)\z/ =~ definition
-              if $2
-                section = $1
-                key = $2
-              else
-                key = $1
+          when /\A\.include (\s*=\s*)?(.+)\z/
+            path = $2
+            if File.directory?(path)
+              files = Dir.glob(File.join(path, "*.{cnf,conf}"), File::FNM_EXTGLOB)
+            else
+              files = [path]
+            end
+
+            files.each do |filename|
+              begin
+                io_stack << StringIO.new(File.read(filename))
+              rescue
+                raise ConfigError, "could not include file '%s'" % filename
               end
-              value = unescape_value(data, section, $3)
-              (data[section] ||= {})[key] = value.strip
+            end
+          when /\A([^:\s]*)(?:::([^:\s]*))?\s*=(.*)\z/
+            if $2
+              section = $1
+              key = $2
             else
-              raise ConfigError, "missing equal sign"
+              key = $1
             end
+            value = unescape_value(data, section, $3)
+            (data[section] ||= {})[key] = value.strip
+          else
+            raise ConfigError, "missing equal sign"
           end
         end
         data
@@ -212,10 +226,10 @@ def clear_comments(line)
         scanned.join
       end
 
-      def get_definition(io)
-        if line = get_line(io)
+      def get_definition(io_stack)
+        if line = get_line(io_stack)
           while /[^\\]\\\z/ =~ line
-            if extra = get_line(io)
+            if extra = get_line(io_stack)
               line += extra
             else
               break
@@ -225,9 +239,12 @@ def get_definition(io)
         end
       end
 
-      def get_line(io)
-        if line = io.gets
-          line.gsub(/[\r\n]*/, '')
+      def get_line(io_stack)
+        while io = io_stack.last
+          if line = io.gets
+            return line.gsub(/[\r\n]*/, '')
+          end
+          io_stack.pop
         end
       end
     end
@@ -249,7 +266,7 @@ def initialize(filename = nil)
       if filename
         File.open(filename.to_s) do |file|
           Config.parse_config(file).each do |section, hash|
-            self[section] = hash
+            set_section(section, hash)
           end
         end
       end
@@ -298,6 +315,8 @@ def value(arg1, arg2 = nil) # :nodoc:
     end
 
     ##
+    # *Deprecated in v2.2.0*. This method will be removed in a future release.
+    #
     # Set the target _key_ with a given _value_ under a specific _section_.
     #
     # Given the following configurating file being loaded:
@@ -352,6 +371,8 @@ def section(name) # :nodoc:
     end
 
     ##
+    # *Deprecated in v2.2.0*. This method will be removed in a future release.
+    #
     # Sets a specific _section_ name with a Hash _pairs_.
     #
     # Given the following configuration being created:
@@ -377,9 +398,13 @@ def section(name) # :nodoc:
     #
     def []=(section, pairs)
       check_modify
-      @data[section] ||= {}
+      set_section(section, pairs)
+    end
+
+    def set_section(section, pairs) # :nodoc:
+      hash = @data[section] ||= {}
       pairs.each do |key, value|
-        self.add_value(section, key, value)
+        hash[key] = value
       end
     end
 
@@ -464,6 +489,8 @@ def initialize_copy(other)
     end
 
     def check_modify
+      warn "#{caller(2, 1)[0]}: warning: do not modify OpenSSL::Config; this " \
+        "method is deprecated and will be removed in a future release."
       raise TypeError.new("Insecure: can't modify OpenSSL config") if frozen?
     end
 
 
@@ -1,4 +1,4 @@
-# frozen_string_literal: false
+# frozen_string_literal: true
 #--
 # = Ruby-space predefined Digest subclasses
 #
@@ -15,6 +15,36 @@
 module OpenSSL
   class Digest
 
+    # Return the hash value computed with _name_ Digest. _name_ is either the
+    # long name or short name of a supported digest algorithm.
+    #
+    # === Examples
+    #
+    #   OpenSSL::Digest.digest("SHA256", "abc")
+    #
+    # which is equivalent to:
+    #
+    #   OpenSSL::Digest.digest('SHA256', "abc")
+    # 
+    # def self.digest(name, data)
+    #   super(data, name)
+    # end
+    #
+    # %w(MD4 MD5 RIPEMD160 SHA1 SHA224 SHA256 SHA384 SHA512).each do |name|
+    #   klass = Class.new(self) {
+    #     define_method(:initialize, ->(data = nil) {super(name, data)})
+    #   }
+    #
+    #   singleton = (class << klass; self; end)
+    #
+    #   singleton.class_eval{
+    #     define_method(:digest) {|data| new.digest(data)}
+    #     define_method(:hexdigest) {|data| new.hexdigest(data)}
+    #   }
+    #
+    #   const_set(name.tr('-', '_'), klass)
+    # end
+
     # Deprecated.
     #
     # This class is only provided for backwards compatibility.