kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

* ext/openssl/ossl_pkey_rsa.c (rsa_generate): [SECURITY] Set RSA

Browse source 
exponent value correctly.  Awful bug.  This bug caused exponent of
  generated key to be always '1'.  By default, and regardless of e
  given as a parameter.
    
  !!! Keys generated by this code (trunk after 2011-09-01) must be 
  re-generated !!! (ruby_1_9_3 is safe)
        
* test/openssl/test_pkey_rsa.rb: Add tests for default exponent and
  specifying exponent by a parameter.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33633 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
nahi 2011-11-04 05:12:31 +00:00
parent 3463615a69
commit ab682d95e0
3 changed files with 26 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
ChangeLog
View file

@ -1,3 +1,16 @@
Fri Nov 4 14:08:19 2011 Hiroshi Nakamura <nahi@ruby-lang.org>
* ext/openssl/ossl_pkey_rsa.c (rsa_generate): [SECURITY] Set RSA
exponent value correctly. Awful bug. This bug caused exponent of
generated key to be always '1'. By default, and regardless of e
given as a parameter.
!!! Keys generated by this code (trunk after 2011-09-01) must be
re-generated !!! (ruby_1_9_3 is safe)
* test/openssl/test_pkey_rsa.rb: Add tests for default exponent and
specifying exponent by a parameter.
Fri Nov 04 01:31:25 2011 Martin Bosslet <Martin.Bosslet@googlemail.com>
* test/openssl/test_engine.rb: add first tests for builtin "openssl"

2
ext/openssl/ossl_pkey_rsa.c
View file

@ -110,7 +110,7 @@ rsa_generate(int size, int exp)
if (rsa) RSA_free(rsa);
return 0;
}
for (i = 0; i < (int)sizeof(exp); ++i) {
for (i = 0; i < (int)sizeof(exp) * 8; ++i) {
if (exp & (1 << i)) {
if (BN_set_bit(e, i) == 0) {
BN_free(e);

12
test/openssl/test_pkey_rsa.rb
View file

@ -48,6 +48,18 @@ class OpenSSL::TestPKeyRSA < Test::Unit::TestCase
assert_equal([], OpenSSL.errors)
end
def test_new_exponent_default
assert_equal(65537, OpenSSL::PKey::RSA.new(512).e)
end
def test_new_with_exponent
1.upto(30) do |idx|
e = (2 ** idx) + 1
key = OpenSSL::PKey::RSA.new(512, e)
assert_equal(e, key.e)
end
end
def test_new_break
assert_nil(OpenSSL::PKey::RSA.new(1024) { break })
assert_raise(RuntimeError) do