kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

openssl: adapt OpenSSL::PKey to OpenSSL 1.1.0 opaque structs

Browse source 
* ext/openssl/openssl_missing.[ch]: Implement EVP_PKEY_get0_*() and
  {RSA,DSA,EC_KEY,DH}_get0_*() functions.
  OpenSSL 1.1.0 makes EVP_PKEY/RSA/DSA/DH opaque. We used to provide
  setter methods for each parameter of each PKey type, for example
  PKey::RSA#e=, but this is no longer possible because the new API
  RSA_set0_key() requires the 'n' at the same time. This commit adds
  deprecation warning to them and adds PKey::*#set_* methods as direct
  wrapper for those new APIs. For example, 'rsa.e = 3' now needs to be
  rewritten as 'rsa.set_key(rsa.n, 3, rsa.d)'.
  [ruby-core:75225] [Feature #12324]

* ext/openssl/ossl_pkey*.[ch]: Use the new accessor functions. Implement
  RSA#set_{key,factors,crt_params}, DSA#set_{key,pqg}, DH#set_{key,pqg}.
  Emit a warning with rb_warning() when old setter methods are used.

* test/drb/ut_array_drbssl.rb, test/drb/ut_drb_drbssl.rb,
  test/rubygems/test_gem_remote_fetcher.rb: Don't set a priv_key for DH
  object that are used in tmp_dh_callback. Generating a new key pair
  every time should be fine - actually the private exponent is ignored
  in OpenSSL >= 1.0.2f/1.0.1r even if we explicitly set.
  https://www.openssl.org/news/secadv/20160128.txt

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55285 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
rhe 2016-06-05 15:00:47 +00:00
parent 3cb77c4b03
commit 63abe00785
14 changed files with 447 additions and 233 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
ChangeLog
View file

@ -1,3 +1,27 @@
Mon Jun 6 00:00:13 2016 Kazuki Yamaguchi <k@rhe.jp>
* ext/openssl/openssl_missing.[ch]: Implement EVP_PKEY_get0_*() and
{RSA,DSA,EC_KEY,DH}_get0_*() functions.
OpenSSL 1.1.0 makes EVP_PKEY/RSA/DSA/DH opaque. We used to provide
setter methods for each parameter of each PKey type, for example
PKey::RSA#e=, but this is no longer possible because the new API
RSA_set0_key() requires the 'n' at the same time. This commit adds
deprecation warning to them and adds PKey::*#set_* methods as direct
wrapper for those new APIs. For example, 'rsa.e = 3' now needs to be
rewritten as 'rsa.set_key(rsa.n, 3, rsa.d)'.
[ruby-core:75225] [Feature #12324]
* ext/openssl/ossl_pkey*.[ch]: Use the new accessor functions. Implement
RSA#set_{key,factors,crt_params}, DSA#set_{key,pqg}, DH#set_{key,pqg}.
Emit a warning with rb_warning() when old setter methods are used.
* test/drb/ut_array_drbssl.rb, test/drb/ut_drb_drbssl.rb,
test/rubygems/test_gem_remote_fetcher.rb: Don't set a priv_key for DH
object that are used in tmp_dh_callback. Generating a new key pair
every time should be fine - actually the private exponent is ignored
in OpenSSL >= 1.0.2f/1.0.1r even if we explicitly set.
https://www.openssl.org/news/secadv/20160128.txt
Sun Jun 5 22:06:00 2016 Kenta Murata <mrkn@mrkn.jp> Sun Jun 5 22:06:00 2016 Kenta Murata <mrkn@mrkn.jp>
* configure.in: Fix the timing to detect the appropriate C++ compiler * configure.in: Fix the timing to detect the appropriate C++ compiler

1
ext/openssl/extconf.rb
View file

@ -87,6 +87,7 @@ engines.each { |name|
# added in 1.0.0 # added in 1.0.0
have_func("ASN1_TIME_adj") have_func("ASN1_TIME_adj")
have_func("EVP_CIPHER_CTX_copy") have_func("EVP_CIPHER_CTX_copy")
have_func("EVP_PKEY_base_id")
have_func("HMAC_CTX_copy") have_func("HMAC_CTX_copy")
have_func("PKCS5_PBKDF2_HMAC") have_func("PKCS5_PBKDF2_HMAC")
have_func("X509_NAME_hash_old") have_func("X509_NAME_hash_old")

58
ext/openssl/openssl_missing.h
View file

@ -11,6 +11,10 @@
#define _OSSL_OPENSSL_MISSING_H_ #define _OSSL_OPENSSL_MISSING_H_
/* added in 1.0.0 */ /* added in 1.0.0 */
#if !defined(HAVE_EVP_PKEY_BASE_ID)
# define EVP_PKEY_base_id(pkey) EVP_PKEY_type((pkey)->type)
#endif
#if !defined(HAVE_EVP_CIPHER_CTX_COPY) #if !defined(HAVE_EVP_CIPHER_CTX_COPY)
int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in); int EVP_CIPHER_CTX_copy(EVP_CIPHER_CTX *out, const EVP_CIPHER_CTX *in);
#endif #endif
@ -70,4 +74,58 @@ int EC_curve_nist2nid(const char *);
CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_EVP_PKEY); CRYPTO_add(&(x)->references, 1, CRYPTO_LOCK_EVP_PKEY);
#endif #endif
#if !defined(HAVE_OPAQUE_OPENSSL)
#define IMPL_PKEY_GETTER(_type, _name) \
static inline _type *EVP_PKEY_get0_##_type(EVP_PKEY *pkey) { \
return pkey->pkey._name; }
#define IMPL_KEY_ACCESSOR2(_type, _group, a1, a2, _fail_cond) \
static inline void _type##_get0_##_group(_type *obj, BIGNUM **a1, BIGNUM **a2) { \
if (a1) *a1 = obj->a1; \
if (a2) *a2 = obj->a2; } \
static inline int _type##_set0_##_group(_type *obj, BIGNUM *a1, BIGNUM *a2) { \
if (_fail_cond) return 0; \
BN_clear_free(obj->a1); obj->a1 = a1; \
BN_clear_free(obj->a2); obj->a2 = a2; \
return 1; }
#define IMPL_KEY_ACCESSOR3(_type, _group, a1, a2, a3, _fail_cond) \
static inline void _type##_get0_##_group(_type *obj, BIGNUM **a1, BIGNUM **a2, BIGNUM **a3) { \
if (a1) *a1 = obj->a1; \
if (a2) *a2 = obj->a2; \
if (a3) *a3 = obj->a3; } \
static inline int _type##_set0_##_group(_type *obj, BIGNUM *a1, BIGNUM *a2, BIGNUM *a3) { \
if (_fail_cond) return 0; \
BN_clear_free(obj->a1); obj->a1 = a1; \
BN_clear_free(obj->a2); obj->a2 = a2; \
BN_clear_free(obj->a3); obj->a3 = a3; \
return 1; }
#if !defined(OPENSSL_NO_RSA)
IMPL_PKEY_GETTER(RSA, rsa)
IMPL_KEY_ACCESSOR3(RSA, key, n, e, d, (n == obj->n || e == obj->e || (obj->d && e == obj->d)))
IMPL_KEY_ACCESSOR2(RSA, factors, p, q, (p == obj->p || q == obj->q))
IMPL_KEY_ACCESSOR3(RSA, crt_params, dmp1, dmq1, iqmp, (dmp1 == obj->dmp1 || dmq1 == obj->dmq1 || iqmp == obj->iqmp))
#endif
#if !defined(OPENSSL_NO_DSA)
IMPL_PKEY_GETTER(DSA, dsa)
IMPL_KEY_ACCESSOR2(DSA, key, pub_key, priv_key, (pub_key == obj->pub_key || (obj->priv_key && priv_key == obj->priv_key)))
IMPL_KEY_ACCESSOR3(DSA, pqg, p, q, g, (p == obj->p || q == obj->q || g == obj->g))
#endif
#if !defined(OPENSSL_NO_DH)
IMPL_PKEY_GETTER(DH, dh)
IMPL_KEY_ACCESSOR2(DH, key, pub_key, priv_key, (pub_key == obj->pub_key || (obj->priv_key && priv_key == obj->priv_key)))
IMPL_KEY_ACCESSOR3(DH, pqg, p, q, g, (p == obj->p || q == obj->q || g == obj->g))
static inline ENGINE *DH_get0_engine(DH *dh) { return dh->engine; }
#endif
#if !defined(OPENSSL_NO_EC)
IMPL_PKEY_GETTER(EC_KEY, ec)
#endif
#undef IMPL_PKEY_GETTER
#undef IMPL_KEY_ACCESSOR2
#undef IMPL_KEY_ACCESSOR3
#endif /* HAVE_OPAQUE_OPENSSL */
#endif /* _OSSL_OPENSSL_MISSING_H_ */ #endif /* _OSSL_OPENSSL_MISSING_H_ */

2
ext/openssl/ossl_pkey.c
View file

@ -76,7 +76,7 @@ ossl_pkey_new(EVP_PKEY *pkey)
if (!pkey) { if (!pkey) {
ossl_raise(ePKeyError, "Cannot make new key from NULL."); ossl_raise(ePKeyError, "Cannot make new key from NULL.");
} }
switch (EVP_PKEY_type(pkey->type)) { switch (EVP_PKEY_base_id(pkey)) {
#if !defined(OPENSSL_NO_RSA) #if !defined(OPENSSL_NO_RSA)
case EVP_PKEY_RSA: case EVP_PKEY_RSA:
return ossl_rsa_new(pkey); return ossl_rsa_new(pkey);

140
ext/openssl/ossl_pkey.h
View file

@ -95,53 +95,153 @@ extern VALUE eEC_POINT;
VALUE ossl_ec_new(EVP_PKEY *); VALUE ossl_ec_new(EVP_PKEY *);
void Init_ossl_ec(void); void Init_ossl_ec(void);
#define OSSL_PKEY_BN_DEF_GETTER0(_keytype, _type, _name, _get) \
#define OSSL_PKEY_BN(keytype, name) \
/* \ /* \
* call-seq: \ * call-seq: \
* key.##name -> aBN \ * _keytype##.##_name -> aBN \
*/ \ */ \
static VALUE ossl_##keytype##_get_##name(VALUE self) \ static VALUE ossl_##_keytype##_get_##_name(VALUE self) \
{ \ { \
EVP_PKEY *pkey; \ _type *obj; \
BIGNUM *bn; \ BIGNUM *bn; \
\ \
GetPKey(self, pkey); \ Get##_type(self, obj); \
bn = pkey->pkey.keytype->name; \ _get; \
if (bn == NULL) \ if (bn == NULL) \
return Qnil; \ return Qnil; \
return ossl_bn_new(bn); \ return ossl_bn_new(bn); \
} \ }
#define OSSL_PKEY_BN_DEF_GETTER3(_keytype, _type, _group, a1, a2, a3) \
OSSL_PKEY_BN_DEF_GETTER0(_keytype, _type, a1, \
_type##_get0_##_group(obj, &bn, NULL, NULL)) \
OSSL_PKEY_BN_DEF_GETTER0(_keytype, _type, a2, \
_type##_get0_##_group(obj, NULL, &bn, NULL)) \
OSSL_PKEY_BN_DEF_GETTER0(_keytype, _type, a3, \
_type##_get0_##_group(obj, NULL, NULL, &bn))
#define OSSL_PKEY_BN_DEF_GETTER2(_keytype, _type, _group, a1, a2) \
OSSL_PKEY_BN_DEF_GETTER0(_keytype, _type, a1, \
_type##_get0_##_group(obj, &bn, NULL)) \
OSSL_PKEY_BN_DEF_GETTER0(_keytype, _type, a2, \
_type##_get0_##_group(obj, NULL, &bn))
#define OSSL_PKEY_BN_DEF_SETTER3(_keytype, _type, _group, a1, a2, a3) \
/* \ /* \
* call-seq: \ * call-seq: \
* key.##name = bn -> bn \ * _keytype##.set_##_group(a1, a2, a3) -> self \
*/ \ */ \
static VALUE ossl_##keytype##_set_##name(VALUE self, VALUE bignum) \ static VALUE ossl_##_keytype##_set_##_group(VALUE self, VALUE v1, VALUE v2, VALUE v3) \
{ \ { \
EVP_PKEY *pkey; \ _type *obj; \
BIGNUM *bn1 = NULL, *orig_bn1 = NIL_P(v1) ? NULL : GetBNPtr(v1);\
BIGNUM *bn2 = NULL, *orig_bn2 = NIL_P(v2) ? NULL : GetBNPtr(v2);\
BIGNUM *bn3 = NULL, *orig_bn3 = NIL_P(v3) ? NULL : GetBNPtr(v3);\
\
Get##_type(self, obj); \
if (orig_bn1 && !(bn1 = BN_dup(orig_bn1)) || \
orig_bn2 && !(bn2 = BN_dup(orig_bn2)) || \
orig_bn3 && !(bn3 = BN_dup(orig_bn3))) { \
BN_clear_free(bn1); \
BN_clear_free(bn2); \
BN_clear_free(bn3); \
ossl_raise(eBNError, NULL); \
} \
\
if (!_type##_set0_##_group(obj, bn1, bn2, bn3)) { \
BN_clear_free(bn1); \
BN_clear_free(bn2); \
BN_clear_free(bn3); \
ossl_raise(ePKeyError, #_type"_set0_"#_group); \
} \
return self; \
}
#define OSSL_PKEY_BN_DEF_SETTER2(_keytype, _type, _group, a1, a2) \
/* \
* call-seq: \
* _keytype##.set_##_group(a1, a2) -> self \
*/ \
static VALUE ossl_##_keytype##_set_##_group(VALUE self, VALUE v1, VALUE v2) \
{ \
_type *obj; \
BIGNUM *bn1 = NULL, *orig_bn1 = NIL_P(v1) ? NULL : GetBNPtr(v1);\
BIGNUM *bn2 = NULL, *orig_bn2 = NIL_P(v2) ? NULL : GetBNPtr(v2);\
\
Get##_type(self, obj); \
if (orig_bn1 && !(bn1 = BN_dup(orig_bn1)) || \
orig_bn2 && !(bn2 = BN_dup(orig_bn2))) { \
BN_clear_free(bn1); \
BN_clear_free(bn2); \
ossl_raise(eBNError, NULL); \
} \
\
if (!_type##_set0_##_group(obj, bn1, bn2)) { \
BN_clear_free(bn1); \
BN_clear_free(bn2); \
ossl_raise(ePKeyError, #_type"_set0_"#_group); \
} \
return self; \
}
#define OSSL_PKEY_BN_DEF_SETTER_OLD(_keytype, _type, _group, _name) \
/* \
* call-seq: \
* _keytype##.##_name = bn -> bn \
*/ \
static VALUE ossl_##_keytype##_set_##_name(VALUE self, VALUE bignum) \
{ \
_type *obj; \
BIGNUM *bn; \ BIGNUM *bn; \
\ \
GetPKey(self, pkey); \ rb_warning("#"#_name"= is deprecated; use #set_"#_group); \
Get##_type(self, obj); \
if (NIL_P(bignum)) { \ if (NIL_P(bignum)) { \
BN_clear_free(pkey->pkey.keytype->name); \ BN_clear_free(obj->_name); \
pkey->pkey.keytype->name = NULL; \ obj->_name = NULL; \
return Qnil; \ return Qnil; \
} \ } \
\ \
bn = GetBNPtr(bignum); \ bn = GetBNPtr(bignum); \
if (pkey->pkey.keytype->name == NULL) \ if (obj->_name == NULL) \
pkey->pkey.keytype->name = BN_new(); \ obj->_name = BN_new(); \
if (pkey->pkey.keytype->name == NULL) \ if (obj->_name == NULL) \
ossl_raise(eBNError, NULL); \ ossl_raise(eBNError, NULL); \
if (BN_copy(pkey->pkey.keytype->name, bn) == NULL) \ if (BN_copy(obj->_name, bn) == NULL) \
ossl_raise(eBNError, NULL); \ ossl_raise(eBNError, NULL); \
return bignum; \ return bignum; \
} }
#if defined(HAVE_OPAQUE_OPENSSL) /* OpenSSL 1.1.0 */
#define OSSL_PKEY_BN_DEF3(_keytype, _type, _group, a1, a2, a3) \
OSSL_PKEY_BN_DEF_GETTER3(_keytype, _type, _group, a1, a2, a3) \
OSSL_PKEY_BN_DEF_SETTER3(_keytype, _type, _group, a1, a2, a3)
#define OSSL_PKEY_BN_DEF2(_keytype, _type, _group, a1, a2) \
OSSL_PKEY_BN_DEF_GETTER2(_keytype, _type, _group, a1, a2) \
OSSL_PKEY_BN_DEF_SETTER2(_keytype, _type, _group, a1, a2)
#define DEF_OSSL_PKEY_BN(class, keytype, name) \ #define DEF_OSSL_PKEY_BN(class, keytype, name) \
do { \ rb_define_method((class), #name, ossl_##keytype##_get_##name, 0)
rb_define_method((class), #name, ossl_##keytype##_get_##name, 0); \
#else
#define OSSL_PKEY_BN_DEF3(_keytype, _type, _group, a1, a2, a3) \
OSSL_PKEY_BN_DEF_GETTER3(_keytype, _type, _group, a1, a2, a3) \
OSSL_PKEY_BN_DEF_SETTER3(_keytype, _type, _group, a1, a2, a3) \
OSSL_PKEY_BN_DEF_SETTER_OLD(_keytype, _type, _group, a1) \
OSSL_PKEY_BN_DEF_SETTER_OLD(_keytype, _type, _group, a2) \
OSSL_PKEY_BN_DEF_SETTER_OLD(_keytype, _type, _group, a3)
#define OSSL_PKEY_BN_DEF2(_keytype, _type, _group, a1, a2) \
OSSL_PKEY_BN_DEF_GETTER2(_keytype, _type, _group, a1, a2) \
OSSL_PKEY_BN_DEF_SETTER2(_keytype, _type, _group, a1, a2) \
OSSL_PKEY_BN_DEF_SETTER_OLD(_keytype, _type, _group, a1) \
OSSL_PKEY_BN_DEF_SETTER_OLD(_keytype, _type, _group, a2)
#define DEF_OSSL_PKEY_BN(class, keytype, name) do { \
rb_define_method((class), #name, ossl_##keytype##_get_##name, 0);\
rb_define_method((class), #name "=", ossl_##keytype##_set_##name, 1);\ rb_define_method((class), #name "=", ossl_##keytype##_set_##name, 1);\
} while (0) } while (0)
#endif /* HAVE_OPAQUE_OPENSSL */
#endif /* _OSSL_PKEY_H_ */ #endif /* _OSSL_PKEY_H_ */

115
ext/openssl/ossl_pkey_dh.c
View file

@ -7,25 +7,21 @@
* This program is licensed under the same licence as Ruby. * This program is licensed under the same licence as Ruby.
* (See the file 'LICENCE'.) * (See the file 'LICENCE'.)
*/ */
#if !defined(OPENSSL_NO_DH)
#include "ossl.h" #include "ossl.h"
#if !defined(OPENSSL_NO_DH)
#define GetPKeyDH(obj, pkey) do { \ #define GetPKeyDH(obj, pkey) do { \
GetPKey((obj), (pkey)); \ GetPKey((obj), (pkey)); \
if (EVP_PKEY_type((pkey)->type) != EVP_PKEY_DH) { /* PARANOIA? */ \ if (EVP_PKEY_base_id(pkey) != EVP_PKEY_DH) { /* PARANOIA? */ \
ossl_raise(rb_eRuntimeError, "THIS IS NOT A DH!") ; \ ossl_raise(rb_eRuntimeError, "THIS IS NOT A DH!") ; \
} \ } \
} while (0) } while (0)
#define GetDH(obj, dh) do { \
#define DH_HAS_PRIVATE(dh) ((dh)->priv_key) EVP_PKEY *_pkey; \
GetPKeyDH((obj), _pkey); \
#if !defined(OPENSSL_NO_ENGINE) (dh) = EVP_PKEY_get0_DH(_pkey); \
# define DH_PRIVATE(dh) (DH_HAS_PRIVATE(dh) || (dh)->engine) } while (0)
#else
# define DH_PRIVATE(dh) DH_HAS_PRIVATE(dh)
#endif
/* /*
* Classes * Classes
@ -67,7 +63,7 @@ ossl_dh_new(EVP_PKEY *pkey)
obj = dh_instance(cDH, DH_new()); obj = dh_instance(cDH, DH_new());
} else { } else {
obj = NewPKey(cDH); obj = NewPKey(cDH);
if (EVP_PKEY_type(pkey->type) != EVP_PKEY_DH) { if (EVP_PKEY_base_id(pkey) != EVP_PKEY_DH) {
ossl_raise(rb_eTypeError, "Not a DH key!"); ossl_raise(rb_eTypeError, "Not a DH key!");
} }
SetPKey(obj, pkey); SetPKey(obj, pkey);
@ -248,11 +244,13 @@ ossl_dh_initialize(int argc, VALUE *argv, VALUE self)
static VALUE static VALUE
ossl_dh_is_public(VALUE self) ossl_dh_is_public(VALUE self)
{ {
EVP_PKEY *pkey; DH *dh;
BIGNUM *bn;
GetPKeyDH(self, pkey); GetDH(self, dh);
DH_get0_key(dh, &bn, NULL);
return (pkey->pkey.dh->pub_key) ? Qtrue : Qfalse; return bn ? Qtrue : Qfalse;
} }
/* /*
@ -265,11 +263,17 @@ ossl_dh_is_public(VALUE self)
static VALUE static VALUE
ossl_dh_is_private(VALUE self) ossl_dh_is_private(VALUE self)
{ {
EVP_PKEY *pkey; DH *dh;
BIGNUM *bn;
GetPKeyDH(self, pkey); GetDH(self, dh);
DH_get0_key(dh, NULL, &bn);
return (DH_PRIVATE(pkey->pkey.dh)) ? Qtrue : Qfalse; #if !defined(OPENSSL_NO_ENGINE)
return (bn || DH_get0_engine(dh)) ? Qtrue : Qfalse;
#else
return bn ? Qtrue : Qfalse;
#endif
} }
/* /*
@ -285,15 +289,15 @@ ossl_dh_is_private(VALUE self)
static VALUE static VALUE
ossl_dh_export(VALUE self) ossl_dh_export(VALUE self)
{ {
EVP_PKEY *pkey; DH *dh;
BIO *out; BIO *out;
VALUE str; VALUE str;
GetPKeyDH(self, pkey); GetDH(self, dh);
if (!(out = BIO_new(BIO_s_mem()))) { if (!(out = BIO_new(BIO_s_mem()))) {
ossl_raise(eDHError, NULL); ossl_raise(eDHError, NULL);
} }
if (!PEM_write_bio_DHparams(out, pkey->pkey.dh)) { if (!PEM_write_bio_DHparams(out, dh)) {
BIO_free(out); BIO_free(out);
ossl_raise(eDHError, NULL); ossl_raise(eDHError, NULL);
} }
@ -314,17 +318,17 @@ ossl_dh_export(VALUE self)
static VALUE static VALUE
ossl_dh_to_der(VALUE self) ossl_dh_to_der(VALUE self)
{ {
EVP_PKEY *pkey; DH *dh;
unsigned char *p; unsigned char *p;
long len; long len;
VALUE str; VALUE str;
GetPKeyDH(self, pkey); GetDH(self, dh);
if((len = i2d_DHparams(pkey->pkey.dh, NULL)) <= 0) if((len = i2d_DHparams(dh, NULL)) <= 0)
ossl_raise(eDHError, NULL); ossl_raise(eDHError, NULL);
str = rb_str_new(0, len); str = rb_str_new(0, len);
p = (unsigned char *)RSTRING_PTR(str); p = (unsigned char *)RSTRING_PTR(str);
if(i2d_DHparams(pkey->pkey.dh, &p) < 0) if(i2d_DHparams(dh, &p) < 0)
ossl_raise(eDHError, NULL); ossl_raise(eDHError, NULL);
ossl_str_adjust(str, p); ossl_str_adjust(str, p);
@ -342,17 +346,20 @@ ossl_dh_to_der(VALUE self)
static VALUE static VALUE
ossl_dh_get_params(VALUE self) ossl_dh_get_params(VALUE self)
{ {
EVP_PKEY *pkey; DH *dh;
VALUE hash; VALUE hash;
BIGNUM *p, *q, *g, *pub_key, *priv_key;
GetPKeyDH(self, pkey); GetDH(self, dh);
DH_get0_pqg(dh, &p, &q, &g);
DH_get0_key(dh, &pub_key, &priv_key);
hash = rb_hash_new(); hash = rb_hash_new();
rb_hash_aset(hash, rb_str_new2("p"), ossl_bn_new(p));
rb_hash_aset(hash, rb_str_new2("p"), ossl_bn_new(pkey->pkey.dh->p)); rb_hash_aset(hash, rb_str_new2("q"), ossl_bn_new(q));
rb_hash_aset(hash, rb_str_new2("g"), ossl_bn_new(pkey->pkey.dh->g)); rb_hash_aset(hash, rb_str_new2("g"), ossl_bn_new(g));
rb_hash_aset(hash, rb_str_new2("pub_key"), ossl_bn_new(pkey->pkey.dh->pub_key)); rb_hash_aset(hash, rb_str_new2("pub_key"), ossl_bn_new(pub_key));
rb_hash_aset(hash, rb_str_new2("priv_key"), ossl_bn_new(pkey->pkey.dh->priv_key)); rb_hash_aset(hash, rb_str_new2("priv_key"), ossl_bn_new(priv_key));
return hash; return hash;
} }
@ -368,15 +375,15 @@ ossl_dh_get_params(VALUE self)
static VALUE static VALUE
ossl_dh_to_text(VALUE self) ossl_dh_to_text(VALUE self)
{ {
EVP_PKEY *pkey; DH *dh;
BIO *out; BIO *out;
VALUE str; VALUE str;
GetPKeyDH(self, pkey); GetDH(self, dh);
if (!(out = BIO_new(BIO_s_mem()))) { if (!(out = BIO_new(BIO_s_mem()))) {
ossl_raise(eDHError, NULL); ossl_raise(eDHError, NULL);
} }
if (!DHparams_print(out, pkey->pkey.dh)) { if (!DHparams_print(out, dh)) {
BIO_free(out); BIO_free(out);
ossl_raise(eDHError, NULL); ossl_raise(eDHError, NULL);
} }
@ -409,12 +416,11 @@ ossl_dh_to_text(VALUE self)
static VALUE static VALUE
ossl_dh_to_public_key(VALUE self) ossl_dh_to_public_key(VALUE self)
{ {
EVP_PKEY *pkey; DH *orig_dh, *dh;
DH *dh;
VALUE obj; VALUE obj;
GetPKeyDH(self, pkey); GetDH(self, orig_dh);
dh = DHparams_dup(pkey->pkey.dh); /* err check perfomed by dh_instance */ dh = DHparams_dup(orig_dh); /* err check perfomed by dh_instance */
obj = dh_instance(CLASS_OF(self), dh); obj = dh_instance(CLASS_OF(self), dh);
if (obj == Qfalse) { if (obj == Qfalse) {
DH_free(dh); DH_free(dh);
@ -436,12 +442,9 @@ static VALUE
ossl_dh_check_params(VALUE self) ossl_dh_check_params(VALUE self)
{ {
DH *dh; DH *dh;
EVP_PKEY *pkey;
int codes; int codes;
GetPKeyDH(self, pkey); GetDH(self, dh);
dh = pkey->pkey.dh;
if (!DH_check(dh, &codes)) { if (!DH_check(dh, &codes)) {
return Qfalse; return Qfalse;
} }
@ -469,11 +472,8 @@ static VALUE
ossl_dh_generate_key(VALUE self) ossl_dh_generate_key(VALUE self)
{ {
DH *dh; DH *dh;
EVP_PKEY *pkey;
GetPKeyDH(self, pkey);
dh = pkey->pkey.dh;
GetDH(self, dh);
if (!DH_generate_key(dh)) if (!DH_generate_key(dh))
ossl_raise(eDHError, "Failed to generate key"); ossl_raise(eDHError, "Failed to generate key");
return self; return self;
@ -494,14 +494,13 @@ static VALUE
ossl_dh_compute_key(VALUE self, VALUE pub) ossl_dh_compute_key(VALUE self, VALUE pub)
{ {
DH *dh; DH *dh;
EVP_PKEY *pkey; BIGNUM *pub_key, *dh_p;
BIGNUM *pub_key;
VALUE str; VALUE str;
int len; int len;
GetPKeyDH(self, pkey); GetDH(self, dh);
dh = pkey->pkey.dh; DH_get0_pqg(dh, &dh_p, NULL, NULL);
if (!dh->p) if (!dh_p)
ossl_raise(eDHError, "incomplete DH"); ossl_raise(eDHError, "incomplete DH");
pub_key = GetBNPtr(pub); pub_key = GetBNPtr(pub);
len = DH_size(dh); len = DH_size(dh);
@ -514,10 +513,8 @@ ossl_dh_compute_key(VALUE self, VALUE pub)
return str; return str;
} }
OSSL_PKEY_BN(dh, p) OSSL_PKEY_BN_DEF3(dh, DH, pqg, p, q, g)
OSSL_PKEY_BN(dh, g) OSSL_PKEY_BN_DEF2(dh, DH, key, pub_key, priv_key)
OSSL_PKEY_BN(dh, pub_key)
OSSL_PKEY_BN(dh, priv_key)
/* /*
* INIT * INIT
@ -580,9 +577,13 @@ Init_ossl_dh(void)
rb_define_method(cDH, "compute_key", ossl_dh_compute_key, 1); rb_define_method(cDH, "compute_key", ossl_dh_compute_key, 1);
DEF_OSSL_PKEY_BN(cDH, dh, p); DEF_OSSL_PKEY_BN(cDH, dh, p);
DEF_OSSL_PKEY_BN(cDH, dh, q);
DEF_OSSL_PKEY_BN(cDH, dh, g); DEF_OSSL_PKEY_BN(cDH, dh, g);
DEF_OSSL_PKEY_BN(cDH, dh, pub_key); DEF_OSSL_PKEY_BN(cDH, dh, pub_key);
DEF_OSSL_PKEY_BN(cDH, dh, priv_key); DEF_OSSL_PKEY_BN(cDH, dh, priv_key);
rb_define_method(cDH, "set_pqg", ossl_dh_set_pqg, 3);
rb_define_method(cDH, "set_key", ossl_dh_set_key, 2);
rb_define_method(cDH, "params", ossl_dh_get_params, 0); rb_define_method(cDH, "params", ossl_dh_get_params, 0);
} }

122
ext/openssl/ossl_pkey_dsa.c
View file

@ -7,19 +7,35 @@
* This program is licensed under the same licence as Ruby. * This program is licensed under the same licence as Ruby.
* (See the file 'LICENCE'.) * (See the file 'LICENCE'.)
*/ */
#if !defined(OPENSSL_NO_DSA)
#include "ossl.h" #include "ossl.h"
#if !defined(OPENSSL_NO_DSA)
#define GetPKeyDSA(obj, pkey) do { \ #define GetPKeyDSA(obj, pkey) do { \
GetPKey((obj), (pkey)); \ GetPKey((obj), (pkey)); \
if (EVP_PKEY_type((pkey)->type) != EVP_PKEY_DSA) { /* PARANOIA? */ \ if (EVP_PKEY_base_id(pkey) != EVP_PKEY_DSA) { /* PARANOIA? */ \
ossl_raise(rb_eRuntimeError, "THIS IS NOT A DSA!"); \ ossl_raise(rb_eRuntimeError, "THIS IS NOT A DSA!"); \
} \ } \
} while (0) } while (0)
#define GetDSA(obj, dsa) do { \
EVP_PKEY *_pkey; \
GetPKeyDSA((obj), _pkey); \
(dsa) = EVP_PKEY_get0_DSA(_pkey); \
} while (0)
#define DSA_HAS_PRIVATE(dsa) ((dsa)->priv_key) static inline int
#define DSA_PRIVATE(obj,dsa) (DSA_HAS_PRIVATE(dsa)||OSSL_PKEY_IS_PRIVATE(obj)) DSA_HAS_PRIVATE(DSA *dsa)
{
BIGNUM *bn;
DSA_get0_key(dsa, NULL, &bn);
return !!bn;
}
static inline int
DSA_PRIVATE(VALUE obj, DSA *dsa)
{
return DSA_HAS_PRIVATE(dsa) || OSSL_PKEY_IS_PRIVATE(obj);
}
/* /*
* Classes * Classes
@ -61,7 +77,7 @@ ossl_dsa_new(EVP_PKEY *pkey)
obj = dsa_instance(cDSA, DSA_new()); obj = dsa_instance(cDSA, DSA_new());
} else { } else {
obj = NewPKey(cDSA); obj = NewPKey(cDSA);
if (EVP_PKEY_type(pkey->type) != EVP_PKEY_DSA) { if (EVP_PKEY_base_id(pkey) != EVP_PKEY_DSA) {
ossl_raise(rb_eTypeError, "Not a DSA key!"); ossl_raise(rb_eTypeError, "Not a DSA key!");
} }
SetPKey(obj, pkey); SetPKey(obj, pkey);
@ -259,11 +275,13 @@ ossl_dsa_initialize(int argc, VALUE *argv, VALUE self)
static VALUE static VALUE
ossl_dsa_is_public(VALUE self) ossl_dsa_is_public(VALUE self)
{ {
EVP_PKEY *pkey; DSA *dsa;
BIGNUM *bn;
GetPKeyDSA(self, pkey); GetDSA(self, dsa);
DSA_get0_key(dsa, &bn, NULL);
return (pkey->pkey.dsa->pub_key) ? Qtrue : Qfalse; return bn ? Qtrue : Qfalse;
} }
/* /*
@ -276,11 +294,11 @@ ossl_dsa_is_public(VALUE self)
static VALUE static VALUE
ossl_dsa_is_private(VALUE self) ossl_dsa_is_private(VALUE self)
{ {
EVP_PKEY *pkey; DSA *dsa;
GetPKeyDSA(self, pkey); GetDSA(self, dsa);
return (DSA_PRIVATE(self, pkey->pkey.dsa)) ? Qtrue : Qfalse; return DSA_PRIVATE(self, dsa) ? Qtrue : Qfalse;
} }
/* /*
@ -303,12 +321,12 @@ ossl_dsa_is_private(VALUE self)
static VALUE static VALUE
ossl_dsa_export(int argc, VALUE *argv, VALUE self) ossl_dsa_export(int argc, VALUE *argv, VALUE self)
{ {
EVP_PKEY *pkey; DSA *dsa;
BIO *out; BIO *out;
const EVP_CIPHER *ciph = NULL; const EVP_CIPHER *ciph = NULL;
VALUE cipher, pass, str; VALUE cipher, pass, str;
GetPKeyDSA(self, pkey); GetDSA(self, dsa);
rb_scan_args(argc, argv, "02", &cipher, &pass); rb_scan_args(argc, argv, "02", &cipher, &pass);
if (!NIL_P(cipher)) { if (!NIL_P(cipher)) {
ciph = GetCipherPtr(cipher); ciph = GetCipherPtr(cipher);
@ -317,14 +335,14 @@ ossl_dsa_export(int argc, VALUE *argv, VALUE self)
if (!(out = BIO_new(BIO_s_mem()))) { if (!(out = BIO_new(BIO_s_mem()))) {
ossl_raise(eDSAError, NULL); ossl_raise(eDSAError, NULL);
} }
if (DSA_HAS_PRIVATE(pkey->pkey.dsa)) { if (DSA_HAS_PRIVATE(dsa)) {
if (!PEM_write_bio_DSAPrivateKey(out, pkey->pkey.dsa, ciph, if (!PEM_write_bio_DSAPrivateKey(out, dsa, ciph, NULL, 0,
NULL, 0, ossl_pem_passwd_cb, (void *)pass)){ ossl_pem_passwd_cb, (void *)pass)){
BIO_free(out); BIO_free(out);
ossl_raise(eDSAError, NULL); ossl_raise(eDSAError, NULL);
} }
} else { } else {
if (!PEM_write_bio_DSA_PUBKEY(out, pkey->pkey.dsa)) { if (!PEM_write_bio_DSA_PUBKEY(out, dsa)) {
BIO_free(out); BIO_free(out);
ossl_raise(eDSAError, NULL); ossl_raise(eDSAError, NULL);
} }
@ -344,28 +362,29 @@ ossl_dsa_export(int argc, VALUE *argv, VALUE self)
static VALUE static VALUE
ossl_dsa_to_der(VALUE self) ossl_dsa_to_der(VALUE self)
{ {
EVP_PKEY *pkey; DSA *dsa;
int (*i2d_func)_((DSA*, unsigned char**)); int (*i2d_func)_((DSA*, unsigned char**));
unsigned char *p; unsigned char *p;
long len; long len;
VALUE str; VALUE str;
GetPKeyDSA(self, pkey); GetDSA(self, dsa);
if(DSA_HAS_PRIVATE(pkey->pkey.dsa)) if(DSA_HAS_PRIVATE(dsa))
i2d_func = (int(*)_((DSA*,unsigned char**)))i2d_DSAPrivateKey; i2d_func = (int(*)_((DSA*,unsigned char**)))i2d_DSAPrivateKey;
else else
i2d_func = i2d_DSA_PUBKEY; i2d_func = i2d_DSA_PUBKEY;
if((len = i2d_func(pkey->pkey.dsa, NULL)) <= 0) if((len = i2d_func(dsa, NULL)) <= 0)
ossl_raise(eDSAError, NULL); ossl_raise(eDSAError, NULL);
str = rb_str_new(0, len); str = rb_str_new(0, len);
p = (unsigned char *)RSTRING_PTR(str); p = (unsigned char *)RSTRING_PTR(str);
if(i2d_func(pkey->pkey.dsa, &p) < 0) if(i2d_func(dsa, &p) < 0)
ossl_raise(eDSAError, NULL); ossl_raise(eDSAError, NULL);
ossl_str_adjust(str, p); ossl_str_adjust(str, p);
return str; return str;
} }
/* /*
* call-seq: * call-seq:
* dsa.params -> hash * dsa.params -> hash
@ -377,18 +396,20 @@ ossl_dsa_to_der(VALUE self)
static VALUE static VALUE
ossl_dsa_get_params(VALUE self) ossl_dsa_get_params(VALUE self)
{ {
EVP_PKEY *pkey; DSA *dsa;
VALUE hash; VALUE hash;
BIGNUM *p, *q, *g, *pub_key, *priv_key;
GetPKeyDSA(self, pkey); GetDSA(self, dsa);
DSA_get0_pqg(dsa, &p, &q, &g);
DSA_get0_key(dsa, &pub_key, &priv_key);
hash = rb_hash_new(); hash = rb_hash_new();
rb_hash_aset(hash, rb_str_new2("p"), ossl_bn_new(p));
rb_hash_aset(hash, rb_str_new2("p"), ossl_bn_new(pkey->pkey.dsa->p)); rb_hash_aset(hash, rb_str_new2("q"), ossl_bn_new(q));
rb_hash_aset(hash, rb_str_new2("q"), ossl_bn_new(pkey->pkey.dsa->q)); rb_hash_aset(hash, rb_str_new2("g"), ossl_bn_new(g));
rb_hash_aset(hash, rb_str_new2("g"), ossl_bn_new(pkey->pkey.dsa->g)); rb_hash_aset(hash, rb_str_new2("pub_key"), ossl_bn_new(pub_key));
rb_hash_aset(hash, rb_str_new2("pub_key"), ossl_bn_new(pkey->pkey.dsa->pub_key)); rb_hash_aset(hash, rb_str_new2("priv_key"), ossl_bn_new(priv_key));
rb_hash_aset(hash, rb_str_new2("priv_key"), ossl_bn_new(pkey->pkey.dsa->priv_key));
return hash; return hash;
} }
@ -404,15 +425,15 @@ ossl_dsa_get_params(VALUE self)
static VALUE static VALUE
ossl_dsa_to_text(VALUE self) ossl_dsa_to_text(VALUE self)
{ {
EVP_PKEY *pkey; DSA *dsa;
BIO *out; BIO *out;
VALUE str; VALUE str;
GetPKeyDSA(self, pkey); GetDSA(self, dsa);
if (!(out = BIO_new(BIO_s_mem()))) { if (!(out = BIO_new(BIO_s_mem()))) {
ossl_raise(eDSAError, NULL); ossl_raise(eDSAError, NULL);
} }
if (!DSA_print(out, pkey->pkey.dsa, 0)) { /* offset = 0 */ if (!DSA_print(out, dsa, 0)) { /* offset = 0 */
BIO_free(out); BIO_free(out);
ossl_raise(eDSAError, NULL); ossl_raise(eDSAError, NULL);
} }
@ -449,7 +470,7 @@ ossl_dsa_to_public_key(VALUE self)
/* err check performed by dsa_instance */ /* err check performed by dsa_instance */
#define DSAPublicKey_dup(dsa) (DSA *)ASN1_dup( \ #define DSAPublicKey_dup(dsa) (DSA *)ASN1_dup( \
(i2d_of_void *)i2d_DSAPublicKey, (d2i_of_void *)d2i_DSAPublicKey, (char *)(dsa)) (i2d_of_void *)i2d_DSAPublicKey, (d2i_of_void *)d2i_DSAPublicKey, (char *)(dsa))
dsa = DSAPublicKey_dup(pkey->pkey.dsa); dsa = DSAPublicKey_dup(EVP_PKEY_get0_DSA(pkey));
#undef DSAPublicKey_dup #undef DSAPublicKey_dup
obj = dsa_instance(CLASS_OF(self), dsa); obj = dsa_instance(CLASS_OF(self), dsa);
if (obj == Qfalse) { if (obj == Qfalse) {
@ -459,7 +480,7 @@ ossl_dsa_to_public_key(VALUE self)
return obj; return obj;
} }
#define ossl_dsa_buf_size(pkey) (DSA_size((pkey)->pkey.dsa)+16) #define ossl_dsa_buf_size(dsa) (DSA_size(dsa) + 16)
/* /*
* call-seq: * call-seq:
@ -483,20 +504,22 @@ ossl_dsa_to_public_key(VALUE self)
static VALUE static VALUE
ossl_dsa_sign(VALUE self, VALUE data) ossl_dsa_sign(VALUE self, VALUE data)
{ {
EVP_PKEY *pkey; DSA *dsa;
BIGNUM *dsa_q;
unsigned int buf_len; unsigned int buf_len;
VALUE str; VALUE str;
GetPKeyDSA(self, pkey); GetDSA(self, dsa);
if (!pkey->pkey.dsa->q) DSA_get0_pqg(dsa, NULL, &dsa_q, NULL);
if (!dsa_q)
ossl_raise(eDSAError, "incomplete DSA"); ossl_raise(eDSAError, "incomplete DSA");
if (!DSA_PRIVATE(self, pkey->pkey.dsa)) if (!DSA_PRIVATE(self, dsa))
ossl_raise(eDSAError, "Private DSA key needed!"); ossl_raise(eDSAError, "Private DSA key needed!");
StringValue(data); StringValue(data);
str = rb_str_new(0, ossl_dsa_buf_size(pkey)); str = rb_str_new(0, ossl_dsa_buf_size(dsa));
if (!DSA_sign(0, (unsigned char *)RSTRING_PTR(data), RSTRING_LENINT(data), if (!DSA_sign(0, (unsigned char *)RSTRING_PTR(data), RSTRING_LENINT(data),
(unsigned char *)RSTRING_PTR(str), (unsigned char *)RSTRING_PTR(str),
&buf_len, pkey->pkey.dsa)) { /* type is ignored (0) */ &buf_len, dsa)) { /* type is ignored (0) */
ossl_raise(eDSAError, NULL); ossl_raise(eDSAError, NULL);
} }
rb_str_set_len(str, buf_len); rb_str_set_len(str, buf_len);
@ -526,15 +549,15 @@ ossl_dsa_sign(VALUE self, VALUE data)
static VALUE static VALUE
ossl_dsa_verify(VALUE self, VALUE digest, VALUE sig) ossl_dsa_verify(VALUE self, VALUE digest, VALUE sig)
{ {
EVP_PKEY *pkey; DSA *dsa;
int ret; int ret;
GetPKeyDSA(self, pkey); GetDSA(self, dsa);
StringValue(digest); StringValue(digest);
StringValue(sig); StringValue(sig);
/* type is ignored (0) */ /* type is ignored (0) */
ret = DSA_verify(0, (unsigned char *)RSTRING_PTR(digest), RSTRING_LENINT(digest), ret = DSA_verify(0, (unsigned char *)RSTRING_PTR(digest), RSTRING_LENINT(digest),
(unsigned char *)RSTRING_PTR(sig), RSTRING_LENINT(sig), pkey->pkey.dsa); (unsigned char *)RSTRING_PTR(sig), RSTRING_LENINT(sig), dsa);
if (ret < 0) { if (ret < 0) {
ossl_raise(eDSAError, NULL); ossl_raise(eDSAError, NULL);
} }
@ -545,11 +568,8 @@ ossl_dsa_verify(VALUE self, VALUE digest, VALUE sig)
return Qfalse; return Qfalse;
} }
OSSL_PKEY_BN(dsa, p) OSSL_PKEY_BN_DEF3(dsa, DSA, pqg, p, q, g)
OSSL_PKEY_BN(dsa, q) OSSL_PKEY_BN_DEF2(dsa, DSA, key, pub_key, priv_key)
OSSL_PKEY_BN(dsa, g)
OSSL_PKEY_BN(dsa, pub_key)
OSSL_PKEY_BN(dsa, priv_key)
/* /*
* INIT * INIT
@ -603,6 +623,8 @@ Init_ossl_dsa(void)
DEF_OSSL_PKEY_BN(cDSA, dsa, g); DEF_OSSL_PKEY_BN(cDSA, dsa, g);
DEF_OSSL_PKEY_BN(cDSA, dsa, pub_key); DEF_OSSL_PKEY_BN(cDSA, dsa, pub_key);
DEF_OSSL_PKEY_BN(cDSA, dsa, priv_key); DEF_OSSL_PKEY_BN(cDSA, dsa, priv_key);
rb_define_method(cDSA, "set_pqg", ossl_dsa_set_pqg, 3);
rb_define_method(cDSA, "set_key", ossl_dsa_set_key, 2);
rb_define_method(cDSA, "params", ossl_dsa_get_params, 0); rb_define_method(cDSA, "params", ossl_dsa_get_params, 0);
} }

8
ext/openssl/ossl_pkey_ec.c
View file

@ -25,7 +25,7 @@ static const rb_data_type_t ossl_ec_point_type;
#define GetPKeyEC(obj, pkey) do { \ #define GetPKeyEC(obj, pkey) do { \
GetPKey((obj), (pkey)); \ GetPKey((obj), (pkey)); \
if (EVP_PKEY_type((pkey)->type) != EVP_PKEY_EC) { \ if (EVP_PKEY_base_id(pkey) != EVP_PKEY_EC) { \
ossl_raise(rb_eRuntimeError, "THIS IS NOT A EC PKEY!"); \ ossl_raise(rb_eRuntimeError, "THIS IS NOT A EC PKEY!"); \
} \ } \
} while (0) } while (0)
@ -38,7 +38,7 @@ static const rb_data_type_t ossl_ec_point_type;
#define Get_EC_KEY(obj, key) do { \ #define Get_EC_KEY(obj, key) do { \
EVP_PKEY *pkey; \ EVP_PKEY *pkey; \
GetPKeyEC((obj), pkey); \ GetPKeyEC((obj), pkey); \
(key) = pkey->pkey.ec; \ (key) = EVP_PKEY_get0_EC_KEY(pkey); \
} while(0) } while(0)
#define Require_EC_KEY(obj, key) do { \ #define Require_EC_KEY(obj, key) do { \
@ -137,7 +137,7 @@ VALUE ossl_ec_new(EVP_PKEY *pkey)
obj = ec_instance(cEC, EC_KEY_new()); obj = ec_instance(cEC, EC_KEY_new());
} else { } else {
obj = NewPKey(cEC); obj = NewPKey(cEC);
if (EVP_PKEY_type(pkey->type) != EVP_PKEY_EC) { if (EVP_PKEY_base_id(pkey) != EVP_PKEY_EC) {
ossl_raise(rb_eTypeError, "Not a EC key!"); ossl_raise(rb_eTypeError, "Not a EC key!");
} }
SetPKey(obj, pkey); SetPKey(obj, pkey);
@ -232,7 +232,7 @@ static VALUE ossl_ec_key_initialize(int argc, VALUE *argv, VALUE self)
VALUE arg, pass; VALUE arg, pass;
GetPKey(self, pkey); GetPKey(self, pkey);
if (pkey->pkey.ec) if (EVP_PKEY_base_id(pkey) != EVP_PKEY_NONE)
ossl_raise(eECError, "EC_KEY already initialized"); ossl_raise(eECError, "EC_KEY already initialized");
rb_scan_args(argc, argv, "02", &arg, &pass); rb_scan_args(argc, argv, "02", &arg, &pass);

183
ext/openssl/ossl_pkey_rsa.c
View file

@ -7,19 +7,36 @@
* This program is licensed under the same licence as Ruby. * This program is licensed under the same licence as Ruby.
* (See the file 'LICENCE'.) * (See the file 'LICENCE'.)
*/ */
#if !defined(OPENSSL_NO_RSA)
#include "ossl.h" #include "ossl.h"
#if !defined(OPENSSL_NO_RSA)
#define GetPKeyRSA(obj, pkey) do { \ #define GetPKeyRSA(obj, pkey) do { \
GetPKey((obj), (pkey)); \ GetPKey((obj), (pkey)); \
if (EVP_PKEY_type((pkey)->type) != EVP_PKEY_RSA) { /* PARANOIA? */ \ if (EVP_PKEY_base_id(pkey) != EVP_PKEY_RSA) { /* PARANOIA? */ \
ossl_raise(rb_eRuntimeError, "THIS IS NOT A RSA!") ; \ ossl_raise(rb_eRuntimeError, "THIS IS NOT A RSA!") ; \
} \ } \
} while (0) } while (0)
#define GetRSA(obj, rsa) do { \
EVP_PKEY *_pkey; \
GetPKeyRSA((obj), _pkey); \
(rsa) = EVP_PKEY_get0_RSA(_pkey); \
} while (0)
#define RSA_HAS_PRIVATE(rsa) ((rsa)->p && (rsa)->q) static inline int
#define RSA_PRIVATE(obj,rsa) (RSA_HAS_PRIVATE(rsa)||OSSL_PKEY_IS_PRIVATE(obj)) RSA_HAS_PRIVATE(RSA *rsa)
{
BIGNUM *p, *q;
RSA_get0_factors(rsa, &p, &q);
return p && q; /* d? why? */
}
static inline int
RSA_PRIVATE(VALUE obj, RSA *rsa)
{
return RSA_HAS_PRIVATE(rsa) || OSSL_PKEY_IS_PRIVATE(obj);
}
/* /*
* Classes * Classes
@ -62,7 +79,7 @@ ossl_rsa_new(EVP_PKEY *pkey)
} }
else { else {
obj = NewPKey(cRSA); obj = NewPKey(cRSA);
if (EVP_PKEY_type(pkey->type) != EVP_PKEY_RSA) { if (EVP_PKEY_base_id(pkey) != EVP_PKEY_RSA) {
ossl_raise(rb_eTypeError, "Not a RSA key!"); ossl_raise(rb_eTypeError, "Not a RSA key!");
} }
SetPKey(obj, pkey); SetPKey(obj, pkey);
@ -262,12 +279,13 @@ ossl_rsa_initialize(int argc, VALUE *argv, VALUE self)
static VALUE static VALUE
ossl_rsa_is_public(VALUE self) ossl_rsa_is_public(VALUE self)
{ {
EVP_PKEY *pkey; RSA *rsa;
GetPKeyRSA(self, pkey); GetRSA(self, rsa);
/* /*
* This method should check for n and e. BUG. * This method should check for n and e. BUG.
*/ */
(void)rsa;
return Qtrue; return Qtrue;
} }
@ -280,11 +298,11 @@ ossl_rsa_is_public(VALUE self)
static VALUE static VALUE
ossl_rsa_is_private(VALUE self) ossl_rsa_is_private(VALUE self)
{ {
EVP_PKEY *pkey; RSA *rsa;
GetPKeyRSA(self, pkey); GetRSA(self, rsa);
return (RSA_PRIVATE(self, pkey->pkey.rsa)) ? Qtrue : Qfalse; return RSA_PRIVATE(self, rsa) ? Qtrue : Qfalse;
} }
/* /*
@ -300,12 +318,12 @@ ossl_rsa_is_private(VALUE self)
static VALUE static VALUE
ossl_rsa_export(int argc, VALUE *argv, VALUE self) ossl_rsa_export(int argc, VALUE *argv, VALUE self)
{ {
EVP_PKEY *pkey; RSA *rsa;
BIO *out; BIO *out;
const EVP_CIPHER *ciph = NULL; const EVP_CIPHER *ciph = NULL;
VALUE cipher, pass, str; VALUE cipher, pass, str;
GetPKeyRSA(self, pkey); GetRSA(self, rsa);
rb_scan_args(argc, argv, "02", &cipher, &pass); rb_scan_args(argc, argv, "02", &cipher, &pass);
@ -316,14 +334,14 @@ ossl_rsa_export(int argc, VALUE *argv, VALUE self)
if (!(out = BIO_new(BIO_s_mem()))) { if (!(out = BIO_new(BIO_s_mem()))) {
ossl_raise(eRSAError, NULL); ossl_raise(eRSAError, NULL);
} }
if (RSA_HAS_PRIVATE(pkey->pkey.rsa)) { if (RSA_HAS_PRIVATE(rsa)) {
if (!PEM_write_bio_RSAPrivateKey(out, pkey->pkey.rsa, ciph, if (!PEM_write_bio_RSAPrivateKey(out, rsa, ciph, NULL, 0,
NULL, 0, ossl_pem_passwd_cb, (void *)pass)) { ossl_pem_passwd_cb, (void *)pass)) {
BIO_free(out); BIO_free(out);
ossl_raise(eRSAError, NULL); ossl_raise(eRSAError, NULL);
} }
} else { } else {
if (!PEM_write_bio_RSA_PUBKEY(out, pkey->pkey.rsa)) { if (!PEM_write_bio_RSA_PUBKEY(out, rsa)) {
BIO_free(out); BIO_free(out);
ossl_raise(eRSAError, NULL); ossl_raise(eRSAError, NULL);
} }
@ -342,29 +360,29 @@ ossl_rsa_export(int argc, VALUE *argv, VALUE self)
static VALUE static VALUE
ossl_rsa_to_der(VALUE self) ossl_rsa_to_der(VALUE self)
{ {
EVP_PKEY *pkey; RSA *rsa;
int (*i2d_func)_((const RSA*, unsigned char**)); int (*i2d_func)_((const RSA*, unsigned char**));
unsigned char *p; unsigned char *p;
long len; long len;
VALUE str; VALUE str;
GetPKeyRSA(self, pkey); GetRSA(self, rsa);
if(RSA_HAS_PRIVATE(pkey->pkey.rsa)) if (RSA_HAS_PRIVATE(rsa))
i2d_func = i2d_RSAPrivateKey; i2d_func = i2d_RSAPrivateKey;
else else
i2d_func = (int (*)(const RSA*, unsigned char**))i2d_RSA_PUBKEY; i2d_func = (int (*)(const RSA*, unsigned char**))i2d_RSA_PUBKEY;
if((len = i2d_func(pkey->pkey.rsa, NULL)) <= 0) if((len = i2d_func(rsa, NULL)) <= 0)
ossl_raise(eRSAError, NULL); ossl_raise(eRSAError, NULL);
str = rb_str_new(0, len); str = rb_str_new(0, len);
p = (unsigned char *)RSTRING_PTR(str); p = (unsigned char *)RSTRING_PTR(str);
if(i2d_func(pkey->pkey.rsa, &p) < 0) if(i2d_func(rsa, &p) < 0)
ossl_raise(eRSAError, NULL); ossl_raise(eRSAError, NULL);
ossl_str_adjust(str, p); ossl_str_adjust(str, p);
return str; return str;
} }
#define ossl_rsa_buf_size(pkey) (RSA_size((pkey)->pkey.rsa)+16) #define ossl_rsa_buf_size(rsa) (RSA_size(rsa)+16)
/* /*
* call-seq: * call-seq:
@ -377,20 +395,21 @@ ossl_rsa_to_der(VALUE self)
static VALUE static VALUE
ossl_rsa_public_encrypt(int argc, VALUE *argv, VALUE self) ossl_rsa_public_encrypt(int argc, VALUE *argv, VALUE self)
{ {
EVP_PKEY *pkey; RSA *rsa;
BIGNUM *rsa_n;
int buf_len, pad; int buf_len, pad;
VALUE str, buffer, padding; VALUE str, buffer, padding;
GetPKeyRSA(self, pkey); GetRSA(self, rsa);
if (!pkey->pkey.rsa->n) RSA_get0_key(rsa, &rsa_n, NULL, NULL);
if (!rsa_n)
ossl_raise(eRSAError, "incomplete RSA"); ossl_raise(eRSAError, "incomplete RSA");
rb_scan_args(argc, argv, "11", &buffer, &padding); rb_scan_args(argc, argv, "11", &buffer, &padding);
pad = (argc == 1) ? RSA_PKCS1_PADDING : NUM2INT(padding); pad = (argc == 1) ? RSA_PKCS1_PADDING : NUM2INT(padding);
StringValue(buffer); StringValue(buffer);
str = rb_str_new(0, ossl_rsa_buf_size(pkey)); str = rb_str_new(0, ossl_rsa_buf_size(rsa));
buf_len = RSA_public_encrypt(RSTRING_LENINT(buffer), (unsigned char *)RSTRING_PTR(buffer), buf_len = RSA_public_encrypt(RSTRING_LENINT(buffer), (unsigned char *)RSTRING_PTR(buffer),
(unsigned char *)RSTRING_PTR(str), pkey->pkey.rsa, (unsigned char *)RSTRING_PTR(str), rsa, pad);
pad);
if (buf_len < 0) ossl_raise(eRSAError, NULL); if (buf_len < 0) ossl_raise(eRSAError, NULL);
rb_str_set_len(str, buf_len); rb_str_set_len(str, buf_len);
@ -408,20 +427,21 @@ ossl_rsa_public_encrypt(int argc, VALUE *argv, VALUE self)
static VALUE static VALUE
ossl_rsa_public_decrypt(int argc, VALUE *argv, VALUE self) ossl_rsa_public_decrypt(int argc, VALUE *argv, VALUE self)
{ {
EVP_PKEY *pkey; RSA *rsa;
BIGNUM *rsa_n;
int buf_len, pad; int buf_len, pad;
VALUE str, buffer, padding; VALUE str, buffer, padding;
GetPKeyRSA(self, pkey); GetRSA(self, rsa);
if (!pkey->pkey.rsa->n) RSA_get0_key(rsa, &rsa_n, NULL, NULL);
if (!rsa_n)
ossl_raise(eRSAError, "incomplete RSA"); ossl_raise(eRSAError, "incomplete RSA");
rb_scan_args(argc, argv, "11", &buffer, &padding); rb_scan_args(argc, argv, "11", &buffer, &padding);
pad = (argc == 1) ? RSA_PKCS1_PADDING : NUM2INT(padding); pad = (argc == 1) ? RSA_PKCS1_PADDING : NUM2INT(padding);
StringValue(buffer); StringValue(buffer);
str = rb_str_new(0, ossl_rsa_buf_size(pkey)); str = rb_str_new(0, ossl_rsa_buf_size(rsa));
buf_len = RSA_public_decrypt(RSTRING_LENINT(buffer), (unsigned char *)RSTRING_PTR(buffer), buf_len = RSA_public_decrypt(RSTRING_LENINT(buffer), (unsigned char *)RSTRING_PTR(buffer),
(unsigned char *)RSTRING_PTR(str), pkey->pkey.rsa, (unsigned char *)RSTRING_PTR(str), rsa, pad);
pad);
if (buf_len < 0) ossl_raise(eRSAError, NULL); if (buf_len < 0) ossl_raise(eRSAError, NULL);
rb_str_set_len(str, buf_len); rb_str_set_len(str, buf_len);
@ -439,22 +459,23 @@ ossl_rsa_public_decrypt(int argc, VALUE *argv, VALUE self)
static VALUE static VALUE
ossl_rsa_private_encrypt(int argc, VALUE *argv, VALUE self) ossl_rsa_private_encrypt(int argc, VALUE *argv, VALUE self)
{ {
EVP_PKEY *pkey; RSA *rsa;
BIGNUM *rsa_n;
int buf_len, pad; int buf_len, pad;
VALUE str, buffer, padding; VALUE str, buffer, padding;
GetPKeyRSA(self, pkey); GetRSA(self, rsa);
if (!pkey->pkey.rsa->n) RSA_get0_key(rsa, &rsa_n, NULL, NULL);
if (!rsa_n)
ossl_raise(eRSAError, "incomplete RSA"); ossl_raise(eRSAError, "incomplete RSA");
if (!RSA_PRIVATE(self, pkey->pkey.rsa)) if (!RSA_PRIVATE(self, rsa))
ossl_raise(eRSAError, "private key needed"); ossl_raise(eRSAError, "private key needed.");
rb_scan_args(argc, argv, "11", &buffer, &padding); rb_scan_args(argc, argv, "11", &buffer, &padding);
pad = (argc == 1) ? RSA_PKCS1_PADDING : NUM2INT(padding); pad = (argc == 1) ? RSA_PKCS1_PADDING : NUM2INT(padding);
StringValue(buffer); StringValue(buffer);
str = rb_str_new(0, ossl_rsa_buf_size(pkey)); str = rb_str_new(0, ossl_rsa_buf_size(rsa));
buf_len = RSA_private_encrypt(RSTRING_LENINT(buffer), (unsigned char *)RSTRING_PTR(buffer), buf_len = RSA_private_encrypt(RSTRING_LENINT(buffer), (unsigned char *)RSTRING_PTR(buffer),
(unsigned char *)RSTRING_PTR(str), pkey->pkey.rsa, (unsigned char *)RSTRING_PTR(str), rsa, pad);
pad);
if (buf_len < 0) ossl_raise(eRSAError, NULL); if (buf_len < 0) ossl_raise(eRSAError, NULL);
rb_str_set_len(str, buf_len); rb_str_set_len(str, buf_len);
@ -472,22 +493,23 @@ ossl_rsa_private_encrypt(int argc, VALUE *argv, VALUE self)
static VALUE static VALUE
ossl_rsa_private_decrypt(int argc, VALUE *argv, VALUE self) ossl_rsa_private_decrypt(int argc, VALUE *argv, VALUE self)
{ {
EVP_PKEY *pkey; RSA *rsa;
BIGNUM *rsa_n;
int buf_len, pad; int buf_len, pad;
VALUE str, buffer, padding; VALUE str, buffer, padding;
GetPKeyRSA(self, pkey); GetRSA(self, rsa);
if (!pkey->pkey.rsa->n) RSA_get0_key(rsa, &rsa_n, NULL, NULL);
if (!rsa_n)
ossl_raise(eRSAError, "incomplete RSA"); ossl_raise(eRSAError, "incomplete RSA");
if (!RSA_PRIVATE(self, pkey->pkey.rsa)) if (!RSA_PRIVATE(self, rsa))
ossl_raise(eRSAError, "private key needed"); ossl_raise(eRSAError, "private key needed.");
rb_scan_args(argc, argv, "11", &buffer, &padding); rb_scan_args(argc, argv, "11", &buffer, &padding);
pad = (argc == 1) ? RSA_PKCS1_PADDING : NUM2INT(padding); pad = (argc == 1) ? RSA_PKCS1_PADDING : NUM2INT(padding);
StringValue(buffer); StringValue(buffer);
str = rb_str_new(0, ossl_rsa_buf_size(pkey)); str = rb_str_new(0, ossl_rsa_buf_size(rsa));
buf_len = RSA_private_decrypt(RSTRING_LENINT(buffer), (unsigned char *)RSTRING_PTR(buffer), buf_len = RSA_private_decrypt(RSTRING_LENINT(buffer), (unsigned char *)RSTRING_PTR(buffer),
(unsigned char *)RSTRING_PTR(str), pkey->pkey.rsa, (unsigned char *)RSTRING_PTR(str), rsa, pad);
pad);
if (buf_len < 0) ossl_raise(eRSAError, NULL); if (buf_len < 0) ossl_raise(eRSAError, NULL);
rb_str_set_len(str, buf_len); rb_str_set_len(str, buf_len);
@ -508,21 +530,24 @@ ossl_rsa_private_decrypt(int argc, VALUE *argv, VALUE self)
static VALUE static VALUE
ossl_rsa_get_params(VALUE self) ossl_rsa_get_params(VALUE self)
{ {
EVP_PKEY *pkey; RSA *rsa;
VALUE hash; VALUE hash;
BIGNUM *n, *e, *d, *p, *q, *dmp1, *dmq1, *iqmp;
GetPKeyRSA(self, pkey); GetRSA(self, rsa);
RSA_get0_key(rsa, &n, &e, &d);
RSA_get0_factors(rsa, &p, &q);
RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
hash = rb_hash_new(); hash = rb_hash_new();
rb_hash_aset(hash, rb_str_new2("n"), ossl_bn_new(n));
rb_hash_aset(hash, rb_str_new2("n"), ossl_bn_new(pkey->pkey.rsa->n)); rb_hash_aset(hash, rb_str_new2("e"), ossl_bn_new(e));
rb_hash_aset(hash, rb_str_new2("e"), ossl_bn_new(pkey->pkey.rsa->e)); rb_hash_aset(hash, rb_str_new2("d"), ossl_bn_new(d));
rb_hash_aset(hash, rb_str_new2("d"), ossl_bn_new(pkey->pkey.rsa->d)); rb_hash_aset(hash, rb_str_new2("p"), ossl_bn_new(p));
rb_hash_aset(hash, rb_str_new2("p"), ossl_bn_new(pkey->pkey.rsa->p)); rb_hash_aset(hash, rb_str_new2("q"), ossl_bn_new(q));
rb_hash_aset(hash, rb_str_new2("q"), ossl_bn_new(pkey->pkey.rsa->q)); rb_hash_aset(hash, rb_str_new2("dmp1"), ossl_bn_new(dmp1));
rb_hash_aset(hash, rb_str_new2("dmp1"), ossl_bn_new(pkey->pkey.rsa->dmp1)); rb_hash_aset(hash, rb_str_new2("dmq1"), ossl_bn_new(dmq1));
rb_hash_aset(hash, rb_str_new2("dmq1"), ossl_bn_new(pkey->pkey.rsa->dmq1)); rb_hash_aset(hash, rb_str_new2("iqmp"), ossl_bn_new(iqmp));
rb_hash_aset(hash, rb_str_new2("iqmp"), ossl_bn_new(pkey->pkey.rsa->iqmp));
return hash; return hash;
} }
@ -540,15 +565,15 @@ ossl_rsa_get_params(VALUE self)
static VALUE static VALUE
ossl_rsa_to_text(VALUE self) ossl_rsa_to_text(VALUE self)
{ {
EVP_PKEY *pkey; RSA *rsa;
BIO *out; BIO *out;
VALUE str; VALUE str;
GetPKeyRSA(self, pkey); GetRSA(self, rsa);
if (!(out = BIO_new(BIO_s_mem()))) { if (!(out = BIO_new(BIO_s_mem()))) {
ossl_raise(eRSAError, NULL); ossl_raise(eRSAError, NULL);
} }
if (!RSA_print(out, pkey->pkey.rsa, 0)) { /* offset = 0 */ if (!RSA_print(out, rsa, 0)) { /* offset = 0 */
BIO_free(out); BIO_free(out);
ossl_raise(eRSAError, NULL); ossl_raise(eRSAError, NULL);
} }
@ -572,7 +597,7 @@ ossl_rsa_to_public_key(VALUE self)
GetPKeyRSA(self, pkey); GetPKeyRSA(self, pkey);
/* err check performed by rsa_instance */ /* err check performed by rsa_instance */
rsa = RSAPublicKey_dup(pkey->pkey.rsa); rsa = RSAPublicKey_dup(EVP_PKEY_get0_RSA(pkey));
obj = rsa_instance(CLASS_OF(self), rsa); obj = rsa_instance(CLASS_OF(self), rsa);
if (obj == Qfalse) { if (obj == Qfalse) {
RSA_free(rsa); RSA_free(rsa);
@ -587,11 +612,11 @@ ossl_rsa_to_public_key(VALUE self)
static VALUE static VALUE
ossl_rsa_blinding_on(VALUE self) ossl_rsa_blinding_on(VALUE self)
{ {
EVP_PKEY *pkey; RSA *rsa;
GetPKeyRSA(self, pkey); GetRSA(self, rsa);
if (RSA_blinding_on(pkey->pkey.rsa, ossl_bn_ctx) != 1) { if (RSA_blinding_on(rsa, ossl_bn_ctx) != 1) {
ossl_raise(eRSAError, NULL); ossl_raise(eRSAError, NULL);
} }
return self; return self;
@ -600,23 +625,18 @@ ossl_rsa_blinding_on(VALUE self)
static VALUE static VALUE
ossl_rsa_blinding_off(VALUE self) ossl_rsa_blinding_off(VALUE self)
{ {
EVP_PKEY *pkey; RSA *rsa;
GetPKeyRSA(self, pkey); GetRSA(self, rsa);
RSA_blinding_off(pkey->pkey.rsa); RSA_blinding_off(rsa);
return self; return self;
} }
*/ */
OSSL_PKEY_BN(rsa, n) OSSL_PKEY_BN_DEF3(rsa, RSA, key, n, e, d);
OSSL_PKEY_BN(rsa, e) OSSL_PKEY_BN_DEF2(rsa, RSA, factors, p, q);
OSSL_PKEY_BN(rsa, d) OSSL_PKEY_BN_DEF3(rsa, RSA, crt_params, dmp1, dmq1, iqmp);
OSSL_PKEY_BN(rsa, p)
OSSL_PKEY_BN(rsa, q)
OSSL_PKEY_BN(rsa, dmp1)
OSSL_PKEY_BN(rsa, dmq1)
OSSL_PKEY_BN(rsa, iqmp)
/* /*
* INIT * INIT
@ -675,6 +695,9 @@ Init_ossl_rsa(void)
DEF_OSSL_PKEY_BN(cRSA, rsa, dmp1); DEF_OSSL_PKEY_BN(cRSA, rsa, dmp1);
DEF_OSSL_PKEY_BN(cRSA, rsa, dmq1); DEF_OSSL_PKEY_BN(cRSA, rsa, dmq1);
DEF_OSSL_PKEY_BN(cRSA, rsa, iqmp); DEF_OSSL_PKEY_BN(cRSA, rsa, iqmp);
rb_define_method(cRSA, "set_key", ossl_rsa_set_key, 3);
rb_define_method(cRSA, "set_factors", ossl_rsa_set_factors, 2);
rb_define_method(cRSA, "set_crt_params", ossl_rsa_set_crt_params, 3);
rb_define_method(cRSA, "params", ossl_rsa_get_params, 0); rb_define_method(cRSA, "params", ossl_rsa_get_params, 0);

8
ext/openssl/ossl_ssl.c
View file

@ -258,7 +258,7 @@ ossl_call_tmp_dh_callback(VALUE args)
if (NIL_P(cb)) return Qfalse; if (NIL_P(cb)) return Qfalse;
dh = rb_apply(cb, rb_intern("call"), args); dh = rb_apply(cb, rb_intern("call"), args);
pkey = GetPKeyPtr(dh); pkey = GetPKeyPtr(dh);
if (EVP_PKEY_type(pkey->type) != EVP_PKEY_DH) return Qfalse; if (EVP_PKEY_base_id(pkey) != EVP_PKEY_DH) return Qfalse;
return dh; return dh;
} }
@ -276,7 +276,7 @@ ossl_tmp_dh_callback(SSL *ssl, int is_export, int keylength)
if (!RTEST(dh)) return NULL; if (!RTEST(dh)) return NULL;
ossl_ssl_set_tmp_dh(rb_ssl, dh); ossl_ssl_set_tmp_dh(rb_ssl, dh);
return GetPKeyPtr(dh)->pkey.dh; return EVP_PKEY_get0_DH(GetPKeyPtr(dh));
} }
#endif /* OPENSSL_NO_DH */ #endif /* OPENSSL_NO_DH */
@ -292,7 +292,7 @@ ossl_call_tmp_ecdh_callback(VALUE args)
if (NIL_P(cb)) return Qfalse; if (NIL_P(cb)) return Qfalse;
ecdh = rb_apply(cb, rb_intern("call"), args); ecdh = rb_apply(cb, rb_intern("call"), args);
pkey = GetPKeyPtr(ecdh); pkey = GetPKeyPtr(ecdh);
if (EVP_PKEY_type(pkey->type) != EVP_PKEY_EC) return Qfalse; if (EVP_PKEY_base_id(pkey) != EVP_PKEY_EC) return Qfalse;
return ecdh; return ecdh;
} }
@ -310,7 +310,7 @@ ossl_tmp_ecdh_callback(SSL *ssl, int is_export, int keylength)
if (!RTEST(ecdh)) return NULL; if (!RTEST(ecdh)) return NULL;
ossl_ssl_set_tmp_ecdh(rb_ssl, ecdh); ossl_ssl_set_tmp_ecdh(rb_ssl, ecdh);
return GetPKeyPtr(ecdh)->pkey.ec; return EVP_PKEY_get0_EC_KEY(GetPKeyPtr(ecdh));
} }
#endif #endif

2
test/drb/ut_array_drbssl.rb
View file

@ -20,8 +20,6 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC
-----END DH PARAMETERS----- -----END DH PARAMETERS-----
_end_of_pem_ _end_of_pem_
TEST_KEY_DH1024.priv_key = OpenSSL::BN.new("48561834C67E65FFD2A9B47F41E5E78FDC95C387428FDB1E4B0188B64D1643C3A8D3455B945B7E8C4D166010C7C2CE23BFB9BEF43D0348FE7FA5284B0225E7FE1537546D114E3D8A4411B9B9351AB451E1A358F50ED61B1F00DA29336EEBBD649980AC86D76AF8BBB065298C2052672EEF3EF13AB47A15275FC2836F3AC74CEA", 16)
end end
config = Hash.new config = Hash.new

2
test/drb/ut_drb_drbssl.rb
View file

@ -19,8 +19,6 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC
-----END DH PARAMETERS----- -----END DH PARAMETERS-----
_end_of_pem_ _end_of_pem_
TEST_KEY_DH1024.priv_key = OpenSSL::BN.new("48561834C67E65FFD2A9B47F41E5E78FDC95C387428FDB1E4B0188B64D1643C3A8D3455B945B7E8C4D166010C7C2CE23BFB9BEF43D0348FE7FA5284B0225E7FE1537546D114E3D8A4411B9B9351AB451E1A358F50ED61B1F00DA29336EEBBD649980AC86D76AF8BBB065298C2052672EEF3EF13AB47A15275FC2836F3AC74CEA", 16)
end end
config = Hash.new config = Hash.new

3
test/openssl/utils.rb
View file

@ -105,7 +105,8 @@ AQjjxMXhwULlmuR/K+WwlaZPiLIBYalLAZQ7ZbOPeVkJ8ePao0eLAgEC
-----END DH PARAMETERS----- -----END DH PARAMETERS-----
_end_of_pem_ _end_of_pem_
TEST_KEY_DH1024.priv_key = OpenSSL::BN.new("48561834C67E65FFD2A9B47F41E5E78FDC95C387428FDB1E4B0188B64D1643C3A8D3455B945B7E8C4D166010C7C2CE23BFB9BEF43D0348FE7FA5284B0225E7FE1537546D114E3D8A4411B9B9351AB451E1A358F50ED61B1F00DA29336EEBBD649980AC86D76AF8BBB065298C2052672EEF3EF13AB47A15275FC2836F3AC74CEA", 16) TEST_KEY_DH1024.set_key(OpenSSL::BN.new("556AF1598AE69899867CEBA9F29CE4862B884C2B43C9019EA0231908F6EFA785E3C462A6ECB16DF676866E997FFB72B487DC7967C58C3CA38CE974473BF19B2AA5DCBF102735572EBA6F353F6F0BBE7FF1DE1B07FE1381A355C275C33405004317F9491B5955F191F6615A63B30E55A027FB88A1A4B25608E09EEE68A7DF32D", 16),
OpenSSL::BN.new("48561834C67E65FFD2A9B47F41E5E78FDC95C387428FDB1E4B0188B64D1643C3A8D3455B945B7E8C4D166010C7C2CE23BFB9BEF43D0348FE7FA5284B0225E7FE1537546D114E3D8A4411B9B9351AB451E1A358F50ED61B1F00DA29336EEBBD649980AC86D76AF8BBB065298C2052672EEF3EF13AB47A15275FC2836F3AC74CEA", 16))
DSA_SIGNATURE_DIGEST = OpenSSL::OPENSSL_VERSION_NUMBER > 0x10000000 ? DSA_SIGNATURE_DIGEST = OpenSSL::OPENSSL_VERSION_NUMBER > 0x10000000 ?
OpenSSL::Digest::SHA1 : OpenSSL::Digest::SHA1 :

12
test/rubygems/test_gem_remote_fetcher.rb
View file

@ -81,7 +81,6 @@ gems:
# Generated via: # Generated via:
# x = OpenSSL::PKey::DH.new(2048) # wait a while... # x = OpenSSL::PKey::DH.new(2048) # wait a while...
# x.to_s => pem # x.to_s => pem
# x.priv_key.to_s => hex for OpenSSL::BN.new
TEST_KEY_DH2048 = OpenSSL::PKey::DH.new <<-_end_of_pem_ TEST_KEY_DH2048 = OpenSSL::PKey::DH.new <<-_end_of_pem_
-----BEGIN DH PARAMETERS----- -----BEGIN DH PARAMETERS-----
MIIBCAKCAQEA3Ze2EHSfYkZLUn557torAmjBgPsqzbodaRaGZtgK1gEU+9nNJaFV MIIBCAKCAQEA3Ze2EHSfYkZLUn557torAmjBgPsqzbodaRaGZtgK1gEU+9nNJaFV
@ -93,17 +92,6 @@ PeIQQkFng2VVot/WAQbv3ePqWq07g1BBcwIBAg==
-----END DH PARAMETERS----- -----END DH PARAMETERS-----
_end_of_pem_ _end_of_pem_
TEST_KEY_DH2048.priv_key = OpenSSL::BN.new("108911488509734781344423639" \
"5585749502236089033416160524030987005037540379474123441273555416835" \
"4725688238369352738266590757370603937618499698665047757588998555345" \
"3446251978586372525530219375408331096098220027413238477359960428372" \
"0195464393332338164504352015535549496585792320286513563739305843396" \
"9294344974028713065472959376197728193162272314514335882399554394661" \
"5306385003430991221886779612878793446851681835397455333989268503748" \
"7862488679178398716189205737442996155432191656080664090596502674943" \
"7902481557157485795980326766117882761941455140582265347052939604724" \
"964857770053363840471912215799994973597613931991572884", 16)
def setup def setup
@proxies = %w[https_proxy http_proxy HTTP_PROXY http_proxy_user HTTP_PROXY_USER http_proxy_pass HTTP_PROXY_PASS no_proxy NO_PROXY] @proxies = %w[https_proxy http_proxy HTTP_PROXY http_proxy_user HTTP_PROXY_USER http_proxy_pass HTTP_PROXY_PASS no_proxy NO_PROXY]
@old_proxies = @proxies.map {|k| ENV[k] } @old_proxies = @proxies.map {|k| ENV[k] }