openssl 2.2.0 → 3.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (48) hide show
  1. checksums.yaml +4 -4
  2. data/CONTRIBUTING.md +33 -45
  3. data/History.md +260 -0
  4. data/ext/openssl/extconf.rb +85 -72
  5. data/ext/openssl/openssl_missing.c +0 -66
  6. data/ext/openssl/openssl_missing.h +26 -45
  7. data/ext/openssl/ossl.c +67 -47
  8. data/ext/openssl/ossl.h +26 -6
  9. data/ext/openssl/ossl_asn1.c +26 -13
  10. data/ext/openssl/ossl_bn.c +278 -142
  11. data/ext/openssl/ossl_bn.h +2 -1
  12. data/ext/openssl/ossl_cipher.c +12 -13
  13. data/ext/openssl/ossl_config.c +412 -41
  14. data/ext/openssl/ossl_config.h +4 -7
  15. data/ext/openssl/ossl_digest.c +15 -11
  16. data/ext/openssl/ossl_engine.c +16 -15
  17. data/ext/openssl/ossl_hmac.c +56 -135
  18. data/ext/openssl/ossl_kdf.c +11 -3
  19. data/ext/openssl/ossl_ocsp.c +5 -53
  20. data/ext/openssl/ossl_pkcs12.c +21 -3
  21. data/ext/openssl/ossl_pkcs7.c +42 -59
  22. data/ext/openssl/ossl_pkey.c +1142 -191
  23. data/ext/openssl/ossl_pkey.h +36 -73
  24. data/ext/openssl/ossl_pkey_dh.c +130 -340
  25. data/ext/openssl/ossl_pkey_dsa.c +100 -405
  26. data/ext/openssl/ossl_pkey_ec.c +163 -335
  27. data/ext/openssl/ossl_pkey_rsa.c +106 -493
  28. data/ext/openssl/ossl_ssl.c +529 -421
  29. data/ext/openssl/ossl_ssl_session.c +28 -29
  30. data/ext/openssl/ossl_ts.c +64 -39
  31. data/ext/openssl/ossl_x509.c +0 -6
  32. data/ext/openssl/ossl_x509cert.c +167 -11
  33. data/ext/openssl/ossl_x509crl.c +13 -10
  34. data/ext/openssl/ossl_x509ext.c +1 -2
  35. data/ext/openssl/ossl_x509name.c +9 -2
  36. data/ext/openssl/ossl_x509req.c +13 -10
  37. data/ext/openssl/ossl_x509revoked.c +3 -3
  38. data/ext/openssl/ossl_x509store.c +193 -90
  39. data/lib/openssl/buffering.rb +10 -1
  40. data/lib/openssl/hmac.rb +65 -0
  41. data/lib/openssl/pkey.rb +429 -0
  42. data/lib/openssl/ssl.rb +13 -8
  43. data/lib/openssl/version.rb +1 -1
  44. data/lib/openssl/x509.rb +22 -0
  45. data/lib/openssl.rb +0 -1
  46. metadata +8 -66
  47. data/ext/openssl/ruby_missing.h +0 -24
  48. data/lib/openssl/config.rb +0 -501
@@ -7,27 +7,18 @@
7
7
  * This program is licensed under the same licence as Ruby.
8
8
  * (See the file 'LICENCE'.)
9
9
  */
10
- #if !defined(_OSSL_PKEY_H_)
11
- #define _OSSL_PKEY_H_
10
+ #if !defined(OSSL_PKEY_H)
11
+ #define OSSL_PKEY_H
12
12
 
13
13
  extern VALUE mPKey;
14
14
  extern VALUE cPKey;
15
15
  extern VALUE ePKeyError;
16
16
  extern const rb_data_type_t ossl_evp_pkey_type;
17
17
 
18
- #define OSSL_PKEY_SET_PRIVATE(obj) rb_iv_set((obj), "private", Qtrue)
19
- #define OSSL_PKEY_SET_PUBLIC(obj) rb_iv_set((obj), "private", Qfalse)
20
- #define OSSL_PKEY_IS_PRIVATE(obj) (rb_iv_get((obj), "private") == Qtrue)
18
+ /* For ENGINE */
19
+ #define OSSL_PKEY_SET_PRIVATE(obj) rb_ivar_set((obj), rb_intern("private"), Qtrue)
20
+ #define OSSL_PKEY_IS_PRIVATE(obj) (rb_attr_get((obj), rb_intern("private")) == Qtrue)
21
21
 
22
- #define NewPKey(klass) \
23
- TypedData_Wrap_Struct((klass), &ossl_evp_pkey_type, 0)
24
- #define SetPKey(obj, pkey) do { \
25
- if (!(pkey)) { \
26
- rb_raise(rb_eRuntimeError, "PKEY wasn't initialized!"); \
27
- } \
28
- RTYPEDDATA_DATA(obj) = (pkey); \
29
- OSSL_PKEY_SET_PUBLIC(obj); \
30
- } while (0)
31
22
  #define GetPKey(obj, pkey) do {\
32
23
  TypedData_Get_Struct((obj), EVP_PKEY, &ossl_evp_pkey_type, (pkey)); \
33
24
  if (!(pkey)) { \
@@ -35,19 +26,27 @@ extern const rb_data_type_t ossl_evp_pkey_type;
35
26
  } \
36
27
  } while (0)
37
28
 
38
- struct ossl_generate_cb_arg {
39
- int yield;
40
- int interrupted;
41
- int state;
42
- };
43
- int ossl_generate_cb_2(int p, int n, BN_GENCB *cb);
44
- void ossl_generate_cb_stop(void *ptr);
45
-
29
+ /* Takes ownership of the EVP_PKEY */
46
30
  VALUE ossl_pkey_new(EVP_PKEY *);
47
31
  void ossl_pkey_check_public_key(const EVP_PKEY *);
32
+ EVP_PKEY *ossl_pkey_read_generic(BIO *, VALUE);
48
33
  EVP_PKEY *GetPKeyPtr(VALUE);
49
34
  EVP_PKEY *DupPKeyPtr(VALUE);
50
35
  EVP_PKEY *GetPrivPKeyPtr(VALUE);
36
+
37
+ /*
38
+ * Serializes _self_ in X.509 SubjectPublicKeyInfo format and returns the
39
+ * resulting String. Sub-classes use this when overriding #to_der.
40
+ */
41
+ VALUE ossl_pkey_export_spki(VALUE self, int to_der);
42
+ /*
43
+ * Serializes the private key _self_ in the traditional private key format
44
+ * and returns the resulting String. Sub-classes use this when overriding
45
+ * #to_der.
46
+ */
47
+ VALUE ossl_pkey_export_traditional(int argc, VALUE *argv, VALUE self,
48
+ int to_der);
49
+
51
50
  void Init_ossl_pkey(void);
52
51
 
53
52
  /*
@@ -56,7 +55,6 @@ void Init_ossl_pkey(void);
56
55
  extern VALUE cRSA;
57
56
  extern VALUE eRSAError;
58
57
 
59
- VALUE ossl_rsa_new(EVP_PKEY *);
60
58
  void Init_ossl_rsa(void);
61
59
 
62
60
  /*
@@ -65,7 +63,6 @@ void Init_ossl_rsa(void);
65
63
  extern VALUE cDSA;
66
64
  extern VALUE eDSAError;
67
65
 
68
- VALUE ossl_dsa_new(EVP_PKEY *);
69
66
  void Init_ossl_dsa(void);
70
67
 
71
68
  /*
@@ -74,7 +71,6 @@ void Init_ossl_dsa(void);
74
71
  extern VALUE cDH;
75
72
  extern VALUE eDHError;
76
73
 
77
- VALUE ossl_dh_new(EVP_PKEY *);
78
74
  void Init_ossl_dh(void);
79
75
 
80
76
  /*
@@ -96,7 +92,7 @@ void Init_ossl_ec(void);
96
92
  */ \
97
93
  static VALUE ossl_##_keytype##_get_##_name(VALUE self) \
98
94
  { \
99
- _type *obj; \
95
+ const _type *obj; \
100
96
  const BIGNUM *bn; \
101
97
  \
102
98
  Get##_type(self, obj); \
@@ -120,6 +116,7 @@ static VALUE ossl_##_keytype##_get_##_name(VALUE self) \
120
116
  OSSL_PKEY_BN_DEF_GETTER0(_keytype, _type, a2, \
121
117
  _type##_get0_##_group(obj, NULL, &bn))
122
118
 
119
+ #if !OSSL_OPENSSL_PREREQ(3, 0, 0)
123
120
  #define OSSL_PKEY_BN_DEF_SETTER3(_keytype, _type, _group, a1, a2, a3) \
124
121
  /* \
125
122
  * call-seq: \
@@ -177,36 +174,22 @@ static VALUE ossl_##_keytype##_set_##_group(VALUE self, VALUE v1, VALUE v2) \
177
174
  } \
178
175
  return self; \
179
176
  }
177
+ #else
178
+ #define OSSL_PKEY_BN_DEF_SETTER3(_keytype, _type, _group, a1, a2, a3) \
179
+ static VALUE ossl_##_keytype##_set_##_group(VALUE self, VALUE v1, VALUE v2, VALUE v3) \
180
+ { \
181
+ rb_raise(ePKeyError, \
182
+ #_keytype"#set_"#_group"= is incompatible with OpenSSL 3.0"); \
183
+ }
180
184
 
181
- #define OSSL_PKEY_BN_DEF_SETTER_OLD(_keytype, _type, _group, _name) \
182
- /* \
183
- * call-seq: \
184
- * _keytype##.##_name = bn -> bn \
185
- */ \
186
- static VALUE ossl_##_keytype##_set_##_name(VALUE self, VALUE bignum) \
185
+ #define OSSL_PKEY_BN_DEF_SETTER2(_keytype, _type, _group, a1, a2) \
186
+ static VALUE ossl_##_keytype##_set_##_group(VALUE self, VALUE v1, VALUE v2) \
187
187
  { \
188
- _type *obj; \
189
- BIGNUM *bn; \
190
- \
191
- rb_warning("#"#_name"= is deprecated; use #set_"#_group); \
192
- Get##_type(self, obj); \
193
- if (NIL_P(bignum)) { \
194
- BN_clear_free(obj->_name); \
195
- obj->_name = NULL; \
196
- return Qnil; \
197
- } \
198
- \
199
- bn = GetBNPtr(bignum); \
200
- if (obj->_name == NULL) \
201
- obj->_name = BN_new(); \
202
- if (obj->_name == NULL) \
203
- ossl_raise(eBNError, NULL); \
204
- if (BN_copy(obj->_name, bn) == NULL) \
205
- ossl_raise(eBNError, NULL); \
206
- return bignum; \
188
+ rb_raise(ePKeyError, \
189
+ #_keytype"#set_"#_group"= is incompatible with OpenSSL 3.0"); \
207
190
  }
191
+ #endif
208
192
 
209
- #if defined(HAVE_OPAQUE_OPENSSL) /* OpenSSL 1.1.0 */
210
193
  #define OSSL_PKEY_BN_DEF3(_keytype, _type, _group, a1, a2, a3) \
211
194
  OSSL_PKEY_BN_DEF_GETTER3(_keytype, _type, _group, a1, a2, a3) \
212
195
  OSSL_PKEY_BN_DEF_SETTER3(_keytype, _type, _group, a1, a2, a3)
@@ -218,24 +201,4 @@ static VALUE ossl_##_keytype##_set_##_name(VALUE self, VALUE bignum) \
218
201
  #define DEF_OSSL_PKEY_BN(class, keytype, name) \
219
202
  rb_define_method((class), #name, ossl_##keytype##_get_##name, 0)
220
203
 
221
- #else
222
- #define OSSL_PKEY_BN_DEF3(_keytype, _type, _group, a1, a2, a3) \
223
- OSSL_PKEY_BN_DEF_GETTER3(_keytype, _type, _group, a1, a2, a3) \
224
- OSSL_PKEY_BN_DEF_SETTER3(_keytype, _type, _group, a1, a2, a3) \
225
- OSSL_PKEY_BN_DEF_SETTER_OLD(_keytype, _type, _group, a1) \
226
- OSSL_PKEY_BN_DEF_SETTER_OLD(_keytype, _type, _group, a2) \
227
- OSSL_PKEY_BN_DEF_SETTER_OLD(_keytype, _type, _group, a3)
228
-
229
- #define OSSL_PKEY_BN_DEF2(_keytype, _type, _group, a1, a2) \
230
- OSSL_PKEY_BN_DEF_GETTER2(_keytype, _type, _group, a1, a2) \
231
- OSSL_PKEY_BN_DEF_SETTER2(_keytype, _type, _group, a1, a2) \
232
- OSSL_PKEY_BN_DEF_SETTER_OLD(_keytype, _type, _group, a1) \
233
- OSSL_PKEY_BN_DEF_SETTER_OLD(_keytype, _type, _group, a2)
234
-
235
- #define DEF_OSSL_PKEY_BN(class, keytype, name) do { \
236
- rb_define_method((class), #name, ossl_##keytype##_get_##name, 0);\
237
- rb_define_method((class), #name "=", ossl_##keytype##_set_##name, 1);\
238
- } while (0)
239
- #endif /* HAVE_OPAQUE_OPENSSL */
240
-
241
- #endif /* _OSSL_PKEY_H_ */
204
+ #endif /* OSSL_PKEY_H */