openssl 2.2.0 → 3.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CONTRIBUTING.md +33 -45
- data/History.md +260 -0
- data/ext/openssl/extconf.rb +85 -72
- data/ext/openssl/openssl_missing.c +0 -66
- data/ext/openssl/openssl_missing.h +26 -45
- data/ext/openssl/ossl.c +67 -47
- data/ext/openssl/ossl.h +26 -6
- data/ext/openssl/ossl_asn1.c +26 -13
- data/ext/openssl/ossl_bn.c +278 -142
- data/ext/openssl/ossl_bn.h +2 -1
- data/ext/openssl/ossl_cipher.c +12 -13
- data/ext/openssl/ossl_config.c +412 -41
- data/ext/openssl/ossl_config.h +4 -7
- data/ext/openssl/ossl_digest.c +15 -11
- data/ext/openssl/ossl_engine.c +16 -15
- data/ext/openssl/ossl_hmac.c +56 -135
- data/ext/openssl/ossl_kdf.c +11 -3
- data/ext/openssl/ossl_ocsp.c +5 -53
- data/ext/openssl/ossl_pkcs12.c +21 -3
- data/ext/openssl/ossl_pkcs7.c +42 -59
- data/ext/openssl/ossl_pkey.c +1142 -191
- data/ext/openssl/ossl_pkey.h +36 -73
- data/ext/openssl/ossl_pkey_dh.c +130 -340
- data/ext/openssl/ossl_pkey_dsa.c +100 -405
- data/ext/openssl/ossl_pkey_ec.c +163 -335
- data/ext/openssl/ossl_pkey_rsa.c +106 -493
- data/ext/openssl/ossl_ssl.c +529 -421
- data/ext/openssl/ossl_ssl_session.c +28 -29
- data/ext/openssl/ossl_ts.c +64 -39
- data/ext/openssl/ossl_x509.c +0 -6
- data/ext/openssl/ossl_x509cert.c +167 -11
- data/ext/openssl/ossl_x509crl.c +13 -10
- data/ext/openssl/ossl_x509ext.c +1 -2
- data/ext/openssl/ossl_x509name.c +9 -2
- data/ext/openssl/ossl_x509req.c +13 -10
- data/ext/openssl/ossl_x509revoked.c +3 -3
- data/ext/openssl/ossl_x509store.c +193 -90
- data/lib/openssl/buffering.rb +10 -1
- data/lib/openssl/hmac.rb +65 -0
- data/lib/openssl/pkey.rb +429 -0
- data/lib/openssl/ssl.rb +13 -8
- data/lib/openssl/version.rb +1 -1
- data/lib/openssl/x509.rb +22 -0
- data/lib/openssl.rb +0 -1
- metadata +8 -66
- data/ext/openssl/ruby_missing.h +0 -24
- data/lib/openssl/config.rb +0 -501
data/ext/openssl/ossl_pkey.h
CHANGED
@@ -7,27 +7,18 @@
|
|
7
7
|
* This program is licensed under the same licence as Ruby.
|
8
8
|
* (See the file 'LICENCE'.)
|
9
9
|
*/
|
10
|
-
#if !defined(
|
11
|
-
#define
|
10
|
+
#if !defined(OSSL_PKEY_H)
|
11
|
+
#define OSSL_PKEY_H
|
12
12
|
|
13
13
|
extern VALUE mPKey;
|
14
14
|
extern VALUE cPKey;
|
15
15
|
extern VALUE ePKeyError;
|
16
16
|
extern const rb_data_type_t ossl_evp_pkey_type;
|
17
17
|
|
18
|
-
|
19
|
-
#define
|
20
|
-
#define OSSL_PKEY_IS_PRIVATE(obj) (
|
18
|
+
/* For ENGINE */
|
19
|
+
#define OSSL_PKEY_SET_PRIVATE(obj) rb_ivar_set((obj), rb_intern("private"), Qtrue)
|
20
|
+
#define OSSL_PKEY_IS_PRIVATE(obj) (rb_attr_get((obj), rb_intern("private")) == Qtrue)
|
21
21
|
|
22
|
-
#define NewPKey(klass) \
|
23
|
-
TypedData_Wrap_Struct((klass), &ossl_evp_pkey_type, 0)
|
24
|
-
#define SetPKey(obj, pkey) do { \
|
25
|
-
if (!(pkey)) { \
|
26
|
-
rb_raise(rb_eRuntimeError, "PKEY wasn't initialized!"); \
|
27
|
-
} \
|
28
|
-
RTYPEDDATA_DATA(obj) = (pkey); \
|
29
|
-
OSSL_PKEY_SET_PUBLIC(obj); \
|
30
|
-
} while (0)
|
31
22
|
#define GetPKey(obj, pkey) do {\
|
32
23
|
TypedData_Get_Struct((obj), EVP_PKEY, &ossl_evp_pkey_type, (pkey)); \
|
33
24
|
if (!(pkey)) { \
|
@@ -35,19 +26,27 @@ extern const rb_data_type_t ossl_evp_pkey_type;
|
|
35
26
|
} \
|
36
27
|
} while (0)
|
37
28
|
|
38
|
-
|
39
|
-
int yield;
|
40
|
-
int interrupted;
|
41
|
-
int state;
|
42
|
-
};
|
43
|
-
int ossl_generate_cb_2(int p, int n, BN_GENCB *cb);
|
44
|
-
void ossl_generate_cb_stop(void *ptr);
|
45
|
-
|
29
|
+
/* Takes ownership of the EVP_PKEY */
|
46
30
|
VALUE ossl_pkey_new(EVP_PKEY *);
|
47
31
|
void ossl_pkey_check_public_key(const EVP_PKEY *);
|
32
|
+
EVP_PKEY *ossl_pkey_read_generic(BIO *, VALUE);
|
48
33
|
EVP_PKEY *GetPKeyPtr(VALUE);
|
49
34
|
EVP_PKEY *DupPKeyPtr(VALUE);
|
50
35
|
EVP_PKEY *GetPrivPKeyPtr(VALUE);
|
36
|
+
|
37
|
+
/*
|
38
|
+
* Serializes _self_ in X.509 SubjectPublicKeyInfo format and returns the
|
39
|
+
* resulting String. Sub-classes use this when overriding #to_der.
|
40
|
+
*/
|
41
|
+
VALUE ossl_pkey_export_spki(VALUE self, int to_der);
|
42
|
+
/*
|
43
|
+
* Serializes the private key _self_ in the traditional private key format
|
44
|
+
* and returns the resulting String. Sub-classes use this when overriding
|
45
|
+
* #to_der.
|
46
|
+
*/
|
47
|
+
VALUE ossl_pkey_export_traditional(int argc, VALUE *argv, VALUE self,
|
48
|
+
int to_der);
|
49
|
+
|
51
50
|
void Init_ossl_pkey(void);
|
52
51
|
|
53
52
|
/*
|
@@ -56,7 +55,6 @@ void Init_ossl_pkey(void);
|
|
56
55
|
extern VALUE cRSA;
|
57
56
|
extern VALUE eRSAError;
|
58
57
|
|
59
|
-
VALUE ossl_rsa_new(EVP_PKEY *);
|
60
58
|
void Init_ossl_rsa(void);
|
61
59
|
|
62
60
|
/*
|
@@ -65,7 +63,6 @@ void Init_ossl_rsa(void);
|
|
65
63
|
extern VALUE cDSA;
|
66
64
|
extern VALUE eDSAError;
|
67
65
|
|
68
|
-
VALUE ossl_dsa_new(EVP_PKEY *);
|
69
66
|
void Init_ossl_dsa(void);
|
70
67
|
|
71
68
|
/*
|
@@ -74,7 +71,6 @@ void Init_ossl_dsa(void);
|
|
74
71
|
extern VALUE cDH;
|
75
72
|
extern VALUE eDHError;
|
76
73
|
|
77
|
-
VALUE ossl_dh_new(EVP_PKEY *);
|
78
74
|
void Init_ossl_dh(void);
|
79
75
|
|
80
76
|
/*
|
@@ -96,7 +92,7 @@ void Init_ossl_ec(void);
|
|
96
92
|
*/ \
|
97
93
|
static VALUE ossl_##_keytype##_get_##_name(VALUE self) \
|
98
94
|
{ \
|
99
|
-
_type *obj;
|
95
|
+
const _type *obj; \
|
100
96
|
const BIGNUM *bn; \
|
101
97
|
\
|
102
98
|
Get##_type(self, obj); \
|
@@ -120,6 +116,7 @@ static VALUE ossl_##_keytype##_get_##_name(VALUE self) \
|
|
120
116
|
OSSL_PKEY_BN_DEF_GETTER0(_keytype, _type, a2, \
|
121
117
|
_type##_get0_##_group(obj, NULL, &bn))
|
122
118
|
|
119
|
+
#if !OSSL_OPENSSL_PREREQ(3, 0, 0)
|
123
120
|
#define OSSL_PKEY_BN_DEF_SETTER3(_keytype, _type, _group, a1, a2, a3) \
|
124
121
|
/* \
|
125
122
|
* call-seq: \
|
@@ -177,36 +174,22 @@ static VALUE ossl_##_keytype##_set_##_group(VALUE self, VALUE v1, VALUE v2) \
|
|
177
174
|
} \
|
178
175
|
return self; \
|
179
176
|
}
|
177
|
+
#else
|
178
|
+
#define OSSL_PKEY_BN_DEF_SETTER3(_keytype, _type, _group, a1, a2, a3) \
|
179
|
+
static VALUE ossl_##_keytype##_set_##_group(VALUE self, VALUE v1, VALUE v2, VALUE v3) \
|
180
|
+
{ \
|
181
|
+
rb_raise(ePKeyError, \
|
182
|
+
#_keytype"#set_"#_group"= is incompatible with OpenSSL 3.0"); \
|
183
|
+
}
|
180
184
|
|
181
|
-
#define
|
182
|
-
|
183
|
-
* call-seq: \
|
184
|
-
* _keytype##.##_name = bn -> bn \
|
185
|
-
*/ \
|
186
|
-
static VALUE ossl_##_keytype##_set_##_name(VALUE self, VALUE bignum) \
|
185
|
+
#define OSSL_PKEY_BN_DEF_SETTER2(_keytype, _type, _group, a1, a2) \
|
186
|
+
static VALUE ossl_##_keytype##_set_##_group(VALUE self, VALUE v1, VALUE v2) \
|
187
187
|
{ \
|
188
|
-
|
189
|
-
|
190
|
-
\
|
191
|
-
rb_warning("#"#_name"= is deprecated; use #set_"#_group); \
|
192
|
-
Get##_type(self, obj); \
|
193
|
-
if (NIL_P(bignum)) { \
|
194
|
-
BN_clear_free(obj->_name); \
|
195
|
-
obj->_name = NULL; \
|
196
|
-
return Qnil; \
|
197
|
-
} \
|
198
|
-
\
|
199
|
-
bn = GetBNPtr(bignum); \
|
200
|
-
if (obj->_name == NULL) \
|
201
|
-
obj->_name = BN_new(); \
|
202
|
-
if (obj->_name == NULL) \
|
203
|
-
ossl_raise(eBNError, NULL); \
|
204
|
-
if (BN_copy(obj->_name, bn) == NULL) \
|
205
|
-
ossl_raise(eBNError, NULL); \
|
206
|
-
return bignum; \
|
188
|
+
rb_raise(ePKeyError, \
|
189
|
+
#_keytype"#set_"#_group"= is incompatible with OpenSSL 3.0"); \
|
207
190
|
}
|
191
|
+
#endif
|
208
192
|
|
209
|
-
#if defined(HAVE_OPAQUE_OPENSSL) /* OpenSSL 1.1.0 */
|
210
193
|
#define OSSL_PKEY_BN_DEF3(_keytype, _type, _group, a1, a2, a3) \
|
211
194
|
OSSL_PKEY_BN_DEF_GETTER3(_keytype, _type, _group, a1, a2, a3) \
|
212
195
|
OSSL_PKEY_BN_DEF_SETTER3(_keytype, _type, _group, a1, a2, a3)
|
@@ -218,24 +201,4 @@ static VALUE ossl_##_keytype##_set_##_name(VALUE self, VALUE bignum) \
|
|
218
201
|
#define DEF_OSSL_PKEY_BN(class, keytype, name) \
|
219
202
|
rb_define_method((class), #name, ossl_##keytype##_get_##name, 0)
|
220
203
|
|
221
|
-
#
|
222
|
-
#define OSSL_PKEY_BN_DEF3(_keytype, _type, _group, a1, a2, a3) \
|
223
|
-
OSSL_PKEY_BN_DEF_GETTER3(_keytype, _type, _group, a1, a2, a3) \
|
224
|
-
OSSL_PKEY_BN_DEF_SETTER3(_keytype, _type, _group, a1, a2, a3) \
|
225
|
-
OSSL_PKEY_BN_DEF_SETTER_OLD(_keytype, _type, _group, a1) \
|
226
|
-
OSSL_PKEY_BN_DEF_SETTER_OLD(_keytype, _type, _group, a2) \
|
227
|
-
OSSL_PKEY_BN_DEF_SETTER_OLD(_keytype, _type, _group, a3)
|
228
|
-
|
229
|
-
#define OSSL_PKEY_BN_DEF2(_keytype, _type, _group, a1, a2) \
|
230
|
-
OSSL_PKEY_BN_DEF_GETTER2(_keytype, _type, _group, a1, a2) \
|
231
|
-
OSSL_PKEY_BN_DEF_SETTER2(_keytype, _type, _group, a1, a2) \
|
232
|
-
OSSL_PKEY_BN_DEF_SETTER_OLD(_keytype, _type, _group, a1) \
|
233
|
-
OSSL_PKEY_BN_DEF_SETTER_OLD(_keytype, _type, _group, a2)
|
234
|
-
|
235
|
-
#define DEF_OSSL_PKEY_BN(class, keytype, name) do { \
|
236
|
-
rb_define_method((class), #name, ossl_##keytype##_get_##name, 0);\
|
237
|
-
rb_define_method((class), #name "=", ossl_##keytype##_set_##name, 1);\
|
238
|
-
} while (0)
|
239
|
-
#endif /* HAVE_OPAQUE_OPENSSL */
|
240
|
-
|
241
|
-
#endif /* _OSSL_PKEY_H_ */
|
204
|
+
#endif /* OSSL_PKEY_H */
|