kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

[ruby/openssl] pkey/ec: refactor EC#dsa_{sign,verify}_asn1 with PKey#{sign,verify}_raw

Browse source 
With the newly added OpenSSL::PKey::PKey#{sign,verify}_raw,
OpenSSL::PKey::EC's low level signing operation methods can be
implemented in Ruby. The definitions are now in lib/openssl/pkey.rb.

1f9da0cd9d
This commit is contained in:
Kazuki Yamaguchi 2020-07-10 13:43:20 +09:00
parent 857a177b03
commit 0c23e4a7aa
2 changed files with 22 additions and 55 deletions
Download patch file Download diff file Expand all files Collapse all files

22
ext/openssl/lib/openssl/pkey.rb
View file

@ -164,6 +164,28 @@ module OpenSSL::PKey
class EC class EC
include OpenSSL::Marshal include OpenSSL::Marshal
# :call-seq:
# key.dsa_sign_asn1(data) -> String
#
# <b>Deprecated in version 3.0</b>.
# Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw instead.
def dsa_sign_asn1(data)
sign_raw(nil, data)
rescue OpenSSL::PKey::PKeyError
raise OpenSSL::PKey::ECError, $!.message
end
# :call-seq:
# key.dsa_verify_asn1(data, sig) -> true | false
#
# <b>Deprecated in version 3.0</b>.
# Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw instead.
def dsa_verify_asn1(data, sig)
verify_raw(nil, sig, data)
rescue OpenSSL::PKey::PKeyError
raise OpenSSL::PKey::ECError, $!.message
end
# :call-seq: # :call-seq:
# ec.dh_compute_key(pubkey) -> string # ec.dh_compute_key(pubkey) -> string
# #

55
ext/openssl/ossl_pkey_ec.c
View file

@ -471,57 +471,6 @@ static VALUE ossl_ec_key_check_key(VALUE self)
return Qtrue; return Qtrue;
} }
/*
* call-seq:
* key.dsa_sign_asn1(data) => String
*
* See the OpenSSL documentation for ECDSA_sign()
*/
static VALUE ossl_ec_key_dsa_sign_asn1(VALUE self, VALUE data)
{
EC_KEY *ec;
unsigned int buf_len;
VALUE str;
GetEC(self, ec);
StringValue(data);
if (EC_KEY_get0_private_key(ec) == NULL)
ossl_raise(eECError, "Private EC key needed!");
str = rb_str_new(0, ECDSA_size(ec));
if (ECDSA_sign(0, (unsigned char *) RSTRING_PTR(data), RSTRING_LENINT(data), (unsigned char *) RSTRING_PTR(str), &buf_len, ec) != 1)
ossl_raise(eECError, "ECDSA_sign");
rb_str_set_len(str, buf_len);
return str;
}
/*
* call-seq:
* key.dsa_verify_asn1(data, sig) => true or false
*
* See the OpenSSL documentation for ECDSA_verify()
*/
static VALUE ossl_ec_key_dsa_verify_asn1(VALUE self, VALUE data, VALUE sig)
{
EC_KEY *ec;
GetEC(self, ec);
StringValue(data);
StringValue(sig);
switch (ECDSA_verify(0, (unsigned char *) RSTRING_PTR(data), RSTRING_LENINT(data), (unsigned char *) RSTRING_PTR(sig), (int)RSTRING_LEN(sig), ec)) {
case 1: return Qtrue;
case 0: return Qfalse;
default: break;
}
ossl_raise(eECError, "ECDSA_verify");
UNREACHABLE;
}
/* /*
* OpenSSL::PKey::EC::Group * OpenSSL::PKey::EC::Group
*/ */
@ -1583,10 +1532,6 @@ void Init_ossl_ec(void)
rb_define_alias(cEC, "generate_key", "generate_key!"); rb_define_alias(cEC, "generate_key", "generate_key!");
rb_define_method(cEC, "check_key", ossl_ec_key_check_key, 0); rb_define_method(cEC, "check_key", ossl_ec_key_check_key, 0);
rb_define_method(cEC, "dsa_sign_asn1", ossl_ec_key_dsa_sign_asn1, 1);
rb_define_method(cEC, "dsa_verify_asn1", ossl_ec_key_dsa_verify_asn1, 2);
/* do_sign/do_verify */
rb_define_method(cEC, "export", ossl_ec_key_export, -1); rb_define_method(cEC, "export", ossl_ec_key_export, -1);
rb_define_alias(cEC, "to_pem", "export"); rb_define_alias(cEC, "to_pem", "export");
rb_define_method(cEC, "to_der", ossl_ec_key_to_der, 0); rb_define_method(cEC, "to_der", ossl_ec_key_to_der, 0);