openssl-additions 0.6.0 → 0.7.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3af2a1bdc82b061267777ed93961fa411eaea3ddeeb4912a0be3772cadfacd48
-  data.tar.gz: '0860f6fa16eb240a6d3408f91a3637f48900dc06d4f2fbe550684df60bccd3f8'
+  metadata.gz: 960c29488ad97c87c67fa2b6aa7a286a51b4678ab190ebc628a3d55efcb9125a
+  data.tar.gz: 284c3dc79c7325406e06567c7e2c34d6439b3050f8bf25202b088e5a1fe802f7
 SHA512:
-  metadata.gz: d27ca892b2505c0fb88095936dd44e880f340d112b2df50e48deb2fc66c96aa8bf36a0ea3d4c599c621e36efa020045709783fb4c239e26a143bd3a08d8fc265
-  data.tar.gz: 7bb76838e1bc1eee2af1b813e3406827dc0fe08ce32defe633be1da3f7037f7f9485a0e534e2fef0d16d99f10a8f4e317711639ab6363fd8796a8e0b6d1eb130
+  metadata.gz: 578c11f9214f96bb30aed6332fb8893fdd547a66b5d0c6c10fff5df39dbcc5d48d71966dce0f88b2e52344d7ac4cf126fd829939fbf75783b61ae801b93eebb7
+  data.tar.gz: 788e22b2e62c2d1573ce49d4c6de45f56af518f1bb0476e7a83856164480d81a9f3cfbd6cad41b4d801817078069c75d76c7b20d8603ba8f9720bc9d9184fd83

data/lib/openssl/pkey/rsa.rb

@@ -15,6 +15,65 @@ class OpenSSL::PKey::RSA
     OpenSSL::X509::SPKI.new(self.public_key.to_der)
   end
 
+  # Give our best guess as to whether the given RSA private key is valid.
+  #
+  # Applies a set of heuristics to the (private) key, with a view to deciding
+  # whether it is correctly formed.
+  #
+  # Based on the RSA_check_key OpenSSL function.
+  #
+  # @param extended [Boolean] specify whether to only check problems which
+  #   cannot be corrected by re-calculating from the fundamental parameters of
+  #   the key (the private factors `p` and `q`, and the public exponent `e`).
+  #   The default is to consider any deviation from a completely correct key
+  #   to render the key invalid.
+  #
+  # @return [Boolean]
+  #
+  def valid?(extended = true)
+    # Must have factors and public exponent
+    return false if p.nil? || q.nil? || e.nil?
+
+    # Public exponent must be odd and greater than one
+    return false if e == 1
+
+    return false if e % 2 == 0
+
+    # Factors must be prime
+    return false unless p.prime?
+    return false unless q.prime?
+
+    # All the remaining checks are things that could be fixed with some
+    # arithmetic
+    return true if !extended
+
+    # Must have private exponent and a modulus
+    return false if d.nil? || n.nil?
+
+    # Public modulus must be the product of the two prime factors
+    return false unless n == p * q
+
+    # d * e must equal 1 mod (lcm(p-1,q-1))
+    return false unless e * d % (p.to_i-1).lcm(q.to_i-1) == 1
+
+    # CRT parameters are optional, but if present must be correct
+    unless dmp1.nil?
+      return false unless dmp1 == d % (p-1)
+    end
+
+    unless dmq1.nil?
+      return false unless dmq1 == d % (q-1)
+    end
+
+    unless iqmp.nil?
+      t, _ = self.class.egcd(q.to_i, p.to_i)
+      t %= p if t < 0
+      return false unless iqmp == t
+    end
+
+    return true
+  end
+
   # Construct a fully-featured RSA private key from fundamental values.
   #
   # Many parts of an RSA key are, in fact, derived from the basic numbers that

data/lib/openssl/ssh_pkey.rb

@@ -296,7 +296,7 @@ module OpenSSL::PKey
   end
 
   def self.decode_public_ssh_key(s)
-    if s =~ /\Assh-[a-z0-9-]+ /
+    if s =~ /\A(ssh|ecdsa)-[a-z0-9-]+ /
       # WHOOP WHOOP prefixed key detected.
       s = s.split(" ")[1]
     else

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: openssl-additions
 version: !ruby/object:Gem::Version
-  version: 0.6.0
+  version: 0.7.1
 platform: ruby
 authors:
 - Matt Palmer
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-05-07 00:00:00.000000000 Z
+date: 2024-05-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -191,7 +191,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.0.3
+rubygems_version: 3.2.5
 signing_key: 
 specification_version: 4
 summary: Quality-of-life improvements to the core openssl ruby library