Skip to content

Instantly share code, notes, and snippets.

@tamird

tamird/jruby_crypto.rb

Last active August 29, 2015 14:16
Show Gist options
  • Save tamird/84a1ed716862b4e96644 to your computer and use it in GitHub Desktop.
Save tamird/84a1ed716862b4e96644 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
jruby_crypto.rb
if defined?(JRUBY_VERSION)
puts 'Applying https://github.com/jruby/jruby/wiki/UnlimitedStrengthCrypto'
security_class = java.lang.Class.for_name('javax.crypto.JceSecurity')
restricted_field = security_class.get_declared_field('isRestricted')
restricted_field.accessible = true
restricted_field.set(nil, false)
end
require 'openssl'
require 'securerandom'
algorithms = OpenSSL::Cipher.ciphers
unless defined?(JRUBY_VERSION)
algorithms &= %x(openssl list-cipher-commands).split
end
algorithms_with_working_iv = Set.new
algorithms_with_working_key = Set.new
algorithms_that_fully_work = Set.new
iv_errors = Hash.new { |hash, key| hash[key] = Set.new }
key_errors = Hash.new { |hash, key| hash[key] = Set.new }
final_errors = Hash.new { |hash, key| hash[key] = Set.new }
algorithms.each do |algorithm|
cipher = OpenSSL::Cipher::Cipher.new(algorithm)
cipher.encrypt
1.upto(64).each do |iv_len|
break if algorithms_that_fully_work.include?(algorithm)
begin
cipher.iv = SecureRandom.random_bytes(iv_len)
rescue OpenSSL::Cipher::CipherError => e
iv_errors[algorithm] << e.message
next
else
algorithms_with_working_iv << algorithm
end
1.upto(64).each do |key_len|
break if algorithms_that_fully_work.include?(algorithm)
begin
cipher.key = SecureRandom.random_bytes(key_len)
rescue OpenSSL::Cipher::CipherError => e
key_errors[algorithm] << e.message
next
else
algorithms_with_working_key << algorithm
end
begin
cipher.update(SecureRandom.random_bytes)
rescue OpenSSL::Cipher::CipherError => e
final_errors[algorithm] << e.message
next
else
algorithms_that_fully_work << algorithm
end
end
end
end
puts "RESULTS FOR #{RUBY_DESCRIPTION}"
algorithms.each do |algorithm|
unless algorithms_with_working_iv.include?(algorithm)
puts "Algorithm #{algorithm} has IV errors: #{iv_errors.fetch(algorithm).inspect}"
end
unless algorithms_with_working_key.include?(algorithm)
puts "Algorithm #{algorithm} has key errors: #{key_errors.fetch(algorithm).inspect}"
end
unless algorithms_that_fully_work.include?(algorithm)
puts "Algorithm #{algorithm} has final errors: #{final_errors.fetch(algorithm).inspect}"
end
end
Raw
run.sh
# WITH `gem 'jruby-openssl'`
$ rvm jruby,2.2 do bundle exec ruby jruby_crypto.rb
file:~/.rvm/rubies/jruby-1.7.19/lib/jruby.jar!/jruby/kernel19/kernel.rb:28 warning: unsupported exec option: close_others
Applying https://github.com/jruby/jruby/wiki/UnlimitedStrengthCrypto
RESULTS FOR jruby 1.7.19 (2.0.0p598) 2015-01-29 20786bd on Java HotSpot(TM) 64-Bit Server VM 1.8.0_25-b17 [darwin-x86_64]
Algorithm AES-128-CFB1 has final errors: #<Set: {"/ by zero"}>
Algorithm AES-192-CFB1 has final errors: #<Set: {"/ by zero"}>
Algorithm AES-256-CFB1 has final errors: #<Set: {"/ by zero", "No message available"}>
Algorithm BF-CFB1 has final errors: #<Set: {"No message available"}>
Algorithm CAMELLIA-128-CBC has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAMELLIA-192-CBC has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAMELLIA-256-CBC has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAMELLIA-128-CFB has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAMELLIA-192-CFB has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAMELLIA-256-CFB has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAMELLIA-128-CFB1 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAMELLIA-192-CFB1 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAMELLIA-256-CFB1 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAMELLIA-128-CFB8 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAMELLIA-192-CFB8 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAMELLIA-256-CFB8 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAMELLIA-128-OFB has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAMELLIA-192-OFB has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAMELLIA-256-OFB has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAMELLIA128 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAMELLIA192 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAMELLIA256 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAST5-CFB1 has final errors: #<Set: {"No message available"}>
Algorithm CAST6-CBC has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAST6-CFB has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAST6-CFB1 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAST6-CFB8 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm CAST6-OFB has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm DES-CFB1 has final errors: #<Set: {"No message available"}>
Algorithm DES-EDE has final errors: #<Set: {"java.security.InvalidKeyException: key size must be 16 or 24 bytes.: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}>
Algorithm DES-EDE-CBC has final errors: #<Set: {"java.security.InvalidKeyException: key size must be 16 or 24 bytes.: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}>
Algorithm DES-EDE-CFB has final errors: #<Set: {"java.security.InvalidKeyException: key size must be 16 or 24 bytes.: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}>
Algorithm DES-EDE-OFB has final errors: #<Set: {"java.security.InvalidKeyException: key size must be 16 or 24 bytes.: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}>
Algorithm DES-EDE3-CFB1 has final errors: #<Set: {"No message available"}>
Algorithm RC2-CFB1 has final errors: #<Set: {"No message available"}>
Algorithm SEED has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm SEED-CBC has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm SEED-CFB has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm SEED-CFB1 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm SEED-CFB8 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm SEED-OFB has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm camellia-128-cbc has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm camellia-192-cbc has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm camellia-256-cbc has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm camellia-128-cfb has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm camellia-192-cfb has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm camellia-256-cfb has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm camellia-128-cfb1 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm camellia-192-cfb1 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm camellia-256-cfb1 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm camellia-128-cfb8 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm camellia-192-cfb8 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm camellia-256-cfb8 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm camellia-128-ofb has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm camellia-192-ofb has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm camellia-256-ofb has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm camellia128 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm camellia192 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm camellia256 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm cast6-cbc has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm cast6-cfb has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm cast6-cfb1 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm cast6-cfb8 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm cast6-ofb has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm des-ede has final errors: #<Set: {"java.security.InvalidKeyException: key size must be 16 or 24 bytes.: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}>
Algorithm des-ede-cbc has final errors: #<Set: {"java.security.InvalidKeyException: key size must be 16 or 24 bytes.: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}>
Algorithm des-ede-cfb has final errors: #<Set: {"java.security.InvalidKeyException: key size must be 16 or 24 bytes.: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}>
Algorithm des-ede-ofb has final errors: #<Set: {"java.security.InvalidKeyException: key size must be 16 or 24 bytes.: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}>
Algorithm des3 has final errors: #<Set: {"java.security.InvalidKeyException: key size must be 16 or 24 bytes.: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}>
Algorithm seed has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm seed-cbc has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm seed-cfb has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm seed-cfb1 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm seed-cfb8 has final errors: #<Set: {"IV must be 16 bytes long."}>
Algorithm seed-ofb has final errors: #<Set: {"IV must be 16 bytes long."}>
RESULTS FOR ruby 2.2.0p0 (2014-12-25 revision 49005) [x86_64-darwin14]
# WITHOUT `gem 'jruby-openssl'`
~/Desktop/rubby rvm jruby,2.2 do bundle exec ruby jruby_crypto.rb
file:~/.rvm/rubies/jruby-1.7.19/lib/jruby.jar!/jruby/kernel19/kernel.rb:28 warning: unsupported exec option: close_others
Applying https://github.com/jruby/jruby/wiki/UnlimitedStrengthCrypto
RESULTS FOR jruby 1.7.19 (2.0.0p598) 2015-01-29 20786bd on Java HotSpot(TM) 64-Bit Server VM 1.8.0_25-b17 [darwin-x86_64]
Algorithm DES-EDE3 has final errors: #<Set: {"DES key too long - should be 8 bytes: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}>
Algorithm des-ede3 has final errors: #<Set: {"DES key too long - should be 8 bytes: possibly you need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JRE"}>
RESULTS FOR ruby 2.2.0p0 (2014-12-25 revision 49005) [x86_64-darwin14]
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment