openssl 2.2.1 → 3.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. checksums.yaml +4 -4
  2. data/CONTRIBUTING.md +33 -45
  3. data/History.md +248 -1
  4. data/README.md +36 -19
  5. data/ext/openssl/extconf.rb +101 -68
  6. data/ext/openssl/openssl_missing.c +0 -66
  7. data/ext/openssl/openssl_missing.h +26 -45
  8. data/ext/openssl/ossl.c +128 -237
  9. data/ext/openssl/ossl.h +31 -12
  10. data/ext/openssl/ossl_asn1.c +26 -13
  11. data/ext/openssl/ossl_bn.c +213 -139
  12. data/ext/openssl/ossl_cipher.c +13 -14
  13. data/ext/openssl/ossl_config.c +412 -41
  14. data/ext/openssl/ossl_config.h +4 -7
  15. data/ext/openssl/ossl_digest.c +10 -10
  16. data/ext/openssl/ossl_engine.c +17 -16
  17. data/ext/openssl/ossl_hmac.c +57 -136
  18. data/ext/openssl/ossl_kdf.c +12 -4
  19. data/ext/openssl/ossl_ns_spki.c +1 -1
  20. data/ext/openssl/ossl_ocsp.c +11 -59
  21. data/ext/openssl/ossl_pkcs12.c +22 -4
  22. data/ext/openssl/ossl_pkcs7.c +45 -62
  23. data/ext/openssl/ossl_pkey.c +1320 -196
  24. data/ext/openssl/ossl_pkey.h +36 -73
  25. data/ext/openssl/ossl_pkey_dh.c +152 -347
  26. data/ext/openssl/ossl_pkey_dsa.c +157 -413
  27. data/ext/openssl/ossl_pkey_ec.c +227 -343
  28. data/ext/openssl/ossl_pkey_rsa.c +159 -491
  29. data/ext/openssl/ossl_provider.c +211 -0
  30. data/ext/openssl/ossl_provider.h +5 -0
  31. data/ext/openssl/ossl_ssl.c +530 -450
  32. data/ext/openssl/ossl_ssl_session.c +29 -30
  33. data/ext/openssl/ossl_ts.c +38 -23
  34. data/ext/openssl/ossl_x509.c +0 -6
  35. data/ext/openssl/ossl_x509attr.c +1 -1
  36. data/ext/openssl/ossl_x509cert.c +168 -12
  37. data/ext/openssl/ossl_x509crl.c +14 -11
  38. data/ext/openssl/ossl_x509ext.c +14 -9
  39. data/ext/openssl/ossl_x509name.c +10 -3
  40. data/ext/openssl/ossl_x509req.c +14 -11
  41. data/ext/openssl/ossl_x509revoked.c +4 -4
  42. data/ext/openssl/ossl_x509store.c +166 -75
  43. data/lib/openssl/buffering.rb +9 -3
  44. data/lib/openssl/digest.rb +1 -5
  45. data/lib/openssl/hmac.rb +65 -0
  46. data/lib/openssl/pkey.rb +429 -0
  47. data/lib/openssl/ssl.rb +22 -17
  48. data/lib/openssl/version.rb +1 -1
  49. data/lib/openssl/x509.rb +22 -0
  50. data/lib/openssl.rb +0 -1
  51. metadata +10 -79
  52. data/ext/openssl/ruby_missing.h +0 -24
  53. data/lib/openssl/config.rb +0 -501
@@ -24,7 +24,7 @@
24
24
  } while (0)
25
25
 
26
26
  static inline int
27
- RSA_HAS_PRIVATE(RSA *rsa)
27
+ RSA_HAS_PRIVATE(OSSL_3_const RSA *rsa)
28
28
  {
29
29
  const BIGNUM *e, *d;
30
30
 
@@ -33,7 +33,7 @@ RSA_HAS_PRIVATE(RSA *rsa)
33
33
  }
34
34
 
35
35
  static inline int
36
- RSA_PRIVATE(VALUE obj, RSA *rsa)
36
+ RSA_PRIVATE(VALUE obj, OSSL_3_const RSA *rsa)
37
37
  {
38
38
  return RSA_HAS_PRIVATE(rsa) || OSSL_PKEY_IS_PRIVATE(obj);
39
39
  }
@@ -44,252 +44,125 @@ RSA_PRIVATE(VALUE obj, RSA *rsa)
44
44
  VALUE cRSA;
45
45
  VALUE eRSAError;
46
46
 
47
- /*
48
- * Public
49
- */
50
- static VALUE
51
- rsa_instance(VALUE klass, RSA *rsa)
52
- {
53
- EVP_PKEY *pkey;
54
- VALUE obj;
55
-
56
- if (!rsa) {
57
- return Qfalse;
58
- }
59
- obj = NewPKey(klass);
60
- if (!(pkey = EVP_PKEY_new())) {
61
- return Qfalse;
62
- }
63
- if (!EVP_PKEY_assign_RSA(pkey, rsa)) {
64
- EVP_PKEY_free(pkey);
65
- return Qfalse;
66
- }
67
- SetPKey(obj, pkey);
68
-
69
- return obj;
70
- }
71
-
72
- VALUE
73
- ossl_rsa_new(EVP_PKEY *pkey)
74
- {
75
- VALUE obj;
76
-
77
- if (!pkey) {
78
- obj = rsa_instance(cRSA, RSA_new());
79
- }
80
- else {
81
- obj = NewPKey(cRSA);
82
- if (EVP_PKEY_base_id(pkey) != EVP_PKEY_RSA) {
83
- ossl_raise(rb_eTypeError, "Not a RSA key!");
84
- }
85
- SetPKey(obj, pkey);
86
- }
87
- if (obj == Qfalse) {
88
- ossl_raise(eRSAError, NULL);
89
- }
90
-
91
- return obj;
92
- }
93
-
94
47
  /*
95
48
  * Private
96
49
  */
97
- struct rsa_blocking_gen_arg {
98
- RSA *rsa;
99
- BIGNUM *e;
100
- int size;
101
- BN_GENCB *cb;
102
- int result;
103
- };
104
-
105
- static void *
106
- rsa_blocking_gen(void *arg)
107
- {
108
- struct rsa_blocking_gen_arg *gen = (struct rsa_blocking_gen_arg *)arg;
109
- gen->result = RSA_generate_key_ex(gen->rsa, gen->size, gen->e, gen->cb);
110
- return 0;
111
- }
112
-
113
- static RSA *
114
- rsa_generate(int size, unsigned long exp)
115
- {
116
- int i;
117
- struct ossl_generate_cb_arg cb_arg = { 0 };
118
- struct rsa_blocking_gen_arg gen_arg;
119
- RSA *rsa = RSA_new();
120
- BIGNUM *e = BN_new();
121
- BN_GENCB *cb = BN_GENCB_new();
122
-
123
- if (!rsa || !e || !cb) {
124
- RSA_free(rsa);
125
- BN_free(e);
126
- BN_GENCB_free(cb);
127
- return NULL;
128
- }
129
- for (i = 0; i < (int)sizeof(exp) * 8; ++i) {
130
- if (exp & (1UL << i)) {
131
- if (BN_set_bit(e, i) == 0) {
132
- BN_free(e);
133
- RSA_free(rsa);
134
- BN_GENCB_free(cb);
135
- return NULL;
136
- }
137
- }
138
- }
139
-
140
- if (rb_block_given_p())
141
- cb_arg.yield = 1;
142
- BN_GENCB_set(cb, ossl_generate_cb_2, &cb_arg);
143
- gen_arg.rsa = rsa;
144
- gen_arg.e = e;
145
- gen_arg.size = size;
146
- gen_arg.cb = cb;
147
- if (cb_arg.yield == 1) {
148
- /* we cannot release GVL when callback proc is supplied */
149
- rsa_blocking_gen(&gen_arg);
150
- } else {
151
- /* there's a chance to unblock */
152
- rb_thread_call_without_gvl(rsa_blocking_gen, &gen_arg, ossl_generate_cb_stop, &cb_arg);
153
- }
154
-
155
- BN_GENCB_free(cb);
156
- BN_free(e);
157
- if (!gen_arg.result) {
158
- RSA_free(rsa);
159
- if (cb_arg.state) {
160
- /* must clear OpenSSL error stack */
161
- ossl_clear_error();
162
- rb_jump_tag(cb_arg.state);
163
- }
164
- return NULL;
165
- }
166
-
167
- return rsa;
168
- }
169
-
170
50
  /*
171
51
  * call-seq:
172
- * RSA.generate(size) => RSA instance
173
- * RSA.generate(size, exponent) => RSA instance
52
+ * RSA.new -> rsa
53
+ * RSA.new(encoded_key [, password ]) -> rsa
54
+ * RSA.new(encoded_key) { password } -> rsa
55
+ * RSA.new(size [, exponent]) -> rsa
174
56
  *
175
- * Generates an RSA keypair. _size_ is an integer representing the desired key
176
- * size. Keys smaller than 1024 should be considered insecure. _exponent_ is
177
- * an odd number normally 3, 17, or 65537.
178
- */
179
- static VALUE
180
- ossl_rsa_s_generate(int argc, VALUE *argv, VALUE klass)
181
- {
182
- /* why does this method exist? why can't initialize take an optional exponent? */
183
- RSA *rsa;
184
- VALUE size, exp;
185
- VALUE obj;
186
-
187
- rb_scan_args(argc, argv, "11", &size, &exp);
188
-
189
- rsa = rsa_generate(NUM2INT(size), NIL_P(exp) ? RSA_F4 : NUM2ULONG(exp)); /* err handled by rsa_instance */
190
- obj = rsa_instance(klass, rsa);
191
-
192
- if (obj == Qfalse) {
193
- RSA_free(rsa);
194
- ossl_raise(eRSAError, NULL);
195
- }
196
-
197
- return obj;
198
- }
199
-
200
- /*
201
- * call-seq:
202
- * RSA.new(key_size) => RSA instance
203
- * RSA.new(encoded_key) => RSA instance
204
- * RSA.new(encoded_key, pass_phrase) => RSA instance
57
+ * Generates or loads an \RSA keypair.
205
58
  *
206
- * Generates or loads an RSA keypair. If an integer _key_size_ is given it
207
- * represents the desired key size. Keys less than 1024 bits should be
208
- * considered insecure.
59
+ * If called without arguments, creates a new instance with no key components
60
+ * set. They can be set individually by #set_key, #set_factors, and
61
+ * #set_crt_params.
209
62
  *
210
- * A key can instead be loaded from an _encoded_key_ which must be PEM or DER
211
- * encoded. A _pass_phrase_ can be used to decrypt the key. If none is given
212
- * OpenSSL will prompt for the pass phrase.
63
+ * If called with a String, tries to parse as DER or PEM encoding of an \RSA key.
64
+ * Note that if _password_ is not specified, but the key is encrypted with a
65
+ * password, \OpenSSL will prompt for it.
66
+ * See also OpenSSL::PKey.read which can parse keys of any kind.
213
67
  *
214
- * = Examples
68
+ * If called with a number, generates a new key pair. This form works as an
69
+ * alias of RSA.generate.
215
70
  *
71
+ * Examples:
216
72
  * OpenSSL::PKey::RSA.new 2048
217
73
  * OpenSSL::PKey::RSA.new File.read 'rsa.pem'
218
- * OpenSSL::PKey::RSA.new File.read('rsa.pem'), 'my pass phrase'
74
+ * OpenSSL::PKey::RSA.new File.read('rsa.pem'), 'my password'
219
75
  */
220
76
  static VALUE
221
77
  ossl_rsa_initialize(int argc, VALUE *argv, VALUE self)
222
78
  {
223
79
  EVP_PKEY *pkey;
224
80
  RSA *rsa;
225
- BIO *in;
81
+ BIO *in = NULL;
226
82
  VALUE arg, pass;
83
+ int type;
227
84
 
228
- GetPKey(self, pkey);
229
- if(rb_scan_args(argc, argv, "02", &arg, &pass) == 0) {
85
+ TypedData_Get_Struct(self, EVP_PKEY, &ossl_evp_pkey_type, pkey);
86
+ if (pkey)
87
+ rb_raise(rb_eTypeError, "pkey already initialized");
88
+
89
+ /* The RSA.new(size, generator) form is handled by lib/openssl/pkey.rb */
90
+ rb_scan_args(argc, argv, "02", &arg, &pass);
91
+ if (argc == 0) {
230
92
  rsa = RSA_new();
93
+ if (!rsa)
94
+ ossl_raise(eRSAError, "RSA_new");
95
+ goto legacy;
231
96
  }
232
- else if (RB_INTEGER_TYPE_P(arg)) {
233
- rsa = rsa_generate(NUM2INT(arg), NIL_P(pass) ? RSA_F4 : NUM2ULONG(pass));
234
- if (!rsa) ossl_raise(eRSAError, NULL);
235
- }
236
- else {
237
- pass = ossl_pem_passwd_value(pass);
238
- arg = ossl_to_der_if_possible(arg);
239
- in = ossl_obj2bio(&arg);
240
- rsa = PEM_read_bio_RSAPrivateKey(in, NULL, ossl_pem_passwd_cb, (void *)pass);
241
- if (!rsa) {
242
- OSSL_BIO_reset(in);
243
- rsa = PEM_read_bio_RSA_PUBKEY(in, NULL, NULL, NULL);
244
- }
245
- if (!rsa) {
246
- OSSL_BIO_reset(in);
247
- rsa = d2i_RSAPrivateKey_bio(in, NULL);
248
- }
249
- if (!rsa) {
250
- OSSL_BIO_reset(in);
251
- rsa = d2i_RSA_PUBKEY_bio(in, NULL);
252
- }
253
- if (!rsa) {
254
- OSSL_BIO_reset(in);
255
- rsa = PEM_read_bio_RSAPublicKey(in, NULL, NULL, NULL);
256
- }
257
- if (!rsa) {
258
- OSSL_BIO_reset(in);
259
- rsa = d2i_RSAPublicKey_bio(in, NULL);
260
- }
261
- BIO_free(in);
262
- if (!rsa) {
263
- ossl_raise(eRSAError, "Neither PUB key nor PRIV key");
264
- }
265
- }
266
- if (!EVP_PKEY_assign_RSA(pkey, rsa)) {
267
- RSA_free(rsa);
268
- ossl_raise(eRSAError, NULL);
97
+
98
+ pass = ossl_pem_passwd_value(pass);
99
+ arg = ossl_to_der_if_possible(arg);
100
+ in = ossl_obj2bio(&arg);
101
+
102
+ /* First try RSAPublicKey format */
103
+ rsa = d2i_RSAPublicKey_bio(in, NULL);
104
+ if (rsa)
105
+ goto legacy;
106
+ OSSL_BIO_reset(in);
107
+ rsa = PEM_read_bio_RSAPublicKey(in, NULL, NULL, NULL);
108
+ if (rsa)
109
+ goto legacy;
110
+ OSSL_BIO_reset(in);
111
+
112
+ /* Use the generic routine */
113
+ pkey = ossl_pkey_read_generic(in, pass);
114
+ BIO_free(in);
115
+ if (!pkey)
116
+ ossl_raise(eRSAError, "Neither PUB key nor PRIV key");
117
+
118
+ type = EVP_PKEY_base_id(pkey);
119
+ if (type != EVP_PKEY_RSA) {
120
+ EVP_PKEY_free(pkey);
121
+ rb_raise(eRSAError, "incorrect pkey type: %s", OBJ_nid2sn(type));
269
122
  }
123
+ RTYPEDDATA_DATA(self) = pkey;
124
+ return self;
270
125
 
126
+ legacy:
127
+ BIO_free(in);
128
+ pkey = EVP_PKEY_new();
129
+ if (!pkey || EVP_PKEY_assign_RSA(pkey, rsa) != 1) {
130
+ EVP_PKEY_free(pkey);
131
+ RSA_free(rsa);
132
+ ossl_raise(eRSAError, "EVP_PKEY_assign_RSA");
133
+ }
134
+ RTYPEDDATA_DATA(self) = pkey;
271
135
  return self;
272
136
  }
273
137
 
138
+ #ifndef HAVE_EVP_PKEY_DUP
274
139
  static VALUE
275
140
  ossl_rsa_initialize_copy(VALUE self, VALUE other)
276
141
  {
277
142
  EVP_PKEY *pkey;
278
143
  RSA *rsa, *rsa_new;
279
144
 
280
- GetPKey(self, pkey);
281
- if (EVP_PKEY_base_id(pkey) != EVP_PKEY_NONE)
282
- ossl_raise(eRSAError, "RSA already initialized");
145
+ TypedData_Get_Struct(self, EVP_PKEY, &ossl_evp_pkey_type, pkey);
146
+ if (pkey)
147
+ rb_raise(rb_eTypeError, "pkey already initialized");
283
148
  GetRSA(other, rsa);
284
149
 
285
- rsa_new = ASN1_dup((i2d_of_void *)i2d_RSAPrivateKey, (d2i_of_void *)d2i_RSAPrivateKey, (char *)rsa);
150
+ rsa_new = (RSA *)ASN1_dup((i2d_of_void *)i2d_RSAPrivateKey,
151
+ (d2i_of_void *)d2i_RSAPrivateKey,
152
+ (char *)rsa);
286
153
  if (!rsa_new)
287
154
  ossl_raise(eRSAError, "ASN1_dup");
288
155
 
289
- EVP_PKEY_assign_RSA(pkey, rsa_new);
156
+ pkey = EVP_PKEY_new();
157
+ if (!pkey || EVP_PKEY_assign_RSA(pkey, rsa_new) != 1) {
158
+ RSA_free(rsa_new);
159
+ ossl_raise(eRSAError, "EVP_PKEY_assign_RSA");
160
+ }
161
+ RTYPEDDATA_DATA(self) = pkey;
290
162
 
291
163
  return self;
292
164
  }
165
+ #endif
293
166
 
294
167
  /*
295
168
  * call-seq:
@@ -301,7 +174,7 @@ ossl_rsa_initialize_copy(VALUE self, VALUE other)
301
174
  static VALUE
302
175
  ossl_rsa_is_public(VALUE self)
303
176
  {
304
- RSA *rsa;
177
+ OSSL_3_const RSA *rsa;
305
178
 
306
179
  GetRSA(self, rsa);
307
180
  /*
@@ -320,228 +193,115 @@ ossl_rsa_is_public(VALUE self)
320
193
  static VALUE
321
194
  ossl_rsa_is_private(VALUE self)
322
195
  {
323
- RSA *rsa;
196
+ OSSL_3_const RSA *rsa;
324
197
 
325
198
  GetRSA(self, rsa);
326
199
 
327
200
  return RSA_PRIVATE(self, rsa) ? Qtrue : Qfalse;
328
201
  }
329
202
 
330
- /*
331
- * call-seq:
332
- * rsa.export([cipher, pass_phrase]) => PEM-format String
333
- * rsa.to_pem([cipher, pass_phrase]) => PEM-format String
334
- * rsa.to_s([cipher, pass_phrase]) => PEM-format String
335
- *
336
- * Outputs this keypair in PEM encoding. If _cipher_ and _pass_phrase_ are
337
- * given they will be used to encrypt the key. _cipher_ must be an
338
- * OpenSSL::Cipher instance.
339
- */
340
- static VALUE
341
- ossl_rsa_export(int argc, VALUE *argv, VALUE self)
203
+ static int
204
+ can_export_rsaprivatekey(VALUE self)
342
205
  {
343
- RSA *rsa;
206
+ OSSL_3_const RSA *rsa;
344
207
  const BIGNUM *n, *e, *d, *p, *q, *dmp1, *dmq1, *iqmp;
345
- BIO *out;
346
- const EVP_CIPHER *ciph = NULL;
347
- VALUE cipher, pass, str;
348
208
 
349
209
  GetRSA(self, rsa);
350
210
 
351
- rb_scan_args(argc, argv, "02", &cipher, &pass);
352
-
353
- if (!NIL_P(cipher)) {
354
- ciph = ossl_evp_get_cipherbyname(cipher);
355
- pass = ossl_pem_passwd_value(pass);
356
- }
357
- if (!(out = BIO_new(BIO_s_mem()))) {
358
- ossl_raise(eRSAError, NULL);
359
- }
360
211
  RSA_get0_key(rsa, &n, &e, &d);
361
212
  RSA_get0_factors(rsa, &p, &q);
362
213
  RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
363
- if (n && e && d && p && q && dmp1 && dmq1 && iqmp) {
364
- if (!PEM_write_bio_RSAPrivateKey(out, rsa, ciph, NULL, 0,
365
- ossl_pem_passwd_cb, (void *)pass)) {
366
- BIO_free(out);
367
- ossl_raise(eRSAError, NULL);
368
- }
369
- } else {
370
- if (!PEM_write_bio_RSA_PUBKEY(out, rsa)) {
371
- BIO_free(out);
372
- ossl_raise(eRSAError, NULL);
373
- }
374
- }
375
- str = ossl_membio2str(out);
376
214
 
377
- return str;
215
+ return n && e && d && p && q && dmp1 && dmq1 && iqmp;
378
216
  }
379
217
 
380
218
  /*
381
219
  * call-seq:
382
- * rsa.to_der => DER-format String
220
+ * rsa.export([cipher, password]) => PEM-format String
221
+ * rsa.to_pem([cipher, password]) => PEM-format String
222
+ * rsa.to_s([cipher, password]) => PEM-format String
223
+ *
224
+ * Serializes a private or public key to a PEM-encoding.
225
+ *
226
+ * [When the key contains public components only]
227
+ *
228
+ * Serializes it into an X.509 SubjectPublicKeyInfo.
229
+ * The parameters _cipher_ and _password_ are ignored.
230
+ *
231
+ * A PEM-encoded key will look like:
232
+ *
233
+ * -----BEGIN PUBLIC KEY-----
234
+ * [...]
235
+ * -----END PUBLIC KEY-----
236
+ *
237
+ * Consider using #public_to_pem instead. This serializes the key into an
238
+ * X.509 SubjectPublicKeyInfo regardless of whether the key is a public key
239
+ * or a private key.
240
+ *
241
+ * [When the key contains private components, and no parameters are given]
242
+ *
243
+ * Serializes it into a PKCS #1 RSAPrivateKey.
244
+ *
245
+ * A PEM-encoded key will look like:
246
+ *
247
+ * -----BEGIN RSA PRIVATE KEY-----
248
+ * [...]
249
+ * -----END RSA PRIVATE KEY-----
383
250
  *
384
- * Outputs this keypair in DER encoding.
251
+ * [When the key contains private components, and _cipher_ and _password_ are given]
252
+ *
253
+ * Serializes it into a PKCS #1 RSAPrivateKey
254
+ * and encrypts it in OpenSSL's traditional PEM encryption format.
255
+ * _cipher_ must be a cipher name understood by OpenSSL::Cipher.new or an
256
+ * instance of OpenSSL::Cipher.
257
+ *
258
+ * An encrypted PEM-encoded key will look like:
259
+ *
260
+ * -----BEGIN RSA PRIVATE KEY-----
261
+ * Proc-Type: 4,ENCRYPTED
262
+ * DEK-Info: AES-128-CBC,733F5302505B34701FC41F5C0746E4C0
263
+ *
264
+ * [...]
265
+ * -----END RSA PRIVATE KEY-----
266
+ *
267
+ * Note that this format uses MD5 to derive the encryption key, and hence
268
+ * will not be available on FIPS-compliant systems.
269
+ *
270
+ * <b>This method is kept for compatibility.</b>
271
+ * This should only be used when the PKCS #1 RSAPrivateKey format is required.
272
+ *
273
+ * Consider using #public_to_pem (X.509 SubjectPublicKeyInfo) or #private_to_pem
274
+ * (PKCS #8 PrivateKeyInfo or EncryptedPrivateKeyInfo) instead.
385
275
  */
386
276
  static VALUE
387
- ossl_rsa_to_der(VALUE self)
277
+ ossl_rsa_export(int argc, VALUE *argv, VALUE self)
388
278
  {
389
- RSA *rsa;
390
- const BIGNUM *n, *e, *d, *p, *q, *dmp1, *dmq1, *iqmp;
391
- int (*i2d_func)(const RSA *, unsigned char **);
392
- unsigned char *ptr;
393
- long len;
394
- VALUE str;
395
-
396
- GetRSA(self, rsa);
397
- RSA_get0_key(rsa, &n, &e, &d);
398
- RSA_get0_factors(rsa, &p, &q);
399
- RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
400
- if (n && e && d && p && q && dmp1 && dmq1 && iqmp)
401
- i2d_func = i2d_RSAPrivateKey;
279
+ if (can_export_rsaprivatekey(self))
280
+ return ossl_pkey_export_traditional(argc, argv, self, 0);
402
281
  else
403
- i2d_func = (int (*)(const RSA *, unsigned char **))i2d_RSA_PUBKEY;
404
- if((len = i2d_func(rsa, NULL)) <= 0)
405
- ossl_raise(eRSAError, NULL);
406
- str = rb_str_new(0, len);
407
- ptr = (unsigned char *)RSTRING_PTR(str);
408
- if(i2d_func(rsa, &ptr) < 0)
409
- ossl_raise(eRSAError, NULL);
410
- ossl_str_adjust(str, ptr);
411
-
412
- return str;
282
+ return ossl_pkey_export_spki(self, 0);
413
283
  }
414
284
 
415
285
  /*
416
286
  * call-seq:
417
- * rsa.public_encrypt(string) => String
418
- * rsa.public_encrypt(string, padding) => String
287
+ * rsa.to_der => DER-format String
419
288
  *
420
- * Encrypt _string_ with the public key. _padding_ defaults to PKCS1_PADDING.
421
- * The encrypted string output can be decrypted using #private_decrypt.
422
- */
423
- static VALUE
424
- ossl_rsa_public_encrypt(int argc, VALUE *argv, VALUE self)
425
- {
426
- RSA *rsa;
427
- const BIGNUM *rsa_n;
428
- int buf_len, pad;
429
- VALUE str, buffer, padding;
430
-
431
- GetRSA(self, rsa);
432
- RSA_get0_key(rsa, &rsa_n, NULL, NULL);
433
- if (!rsa_n)
434
- ossl_raise(eRSAError, "incomplete RSA");
435
- rb_scan_args(argc, argv, "11", &buffer, &padding);
436
- pad = (argc == 1) ? RSA_PKCS1_PADDING : NUM2INT(padding);
437
- StringValue(buffer);
438
- str = rb_str_new(0, RSA_size(rsa));
439
- buf_len = RSA_public_encrypt(RSTRING_LENINT(buffer), (unsigned char *)RSTRING_PTR(buffer),
440
- (unsigned char *)RSTRING_PTR(str), rsa, pad);
441
- if (buf_len < 0) ossl_raise(eRSAError, NULL);
442
- rb_str_set_len(str, buf_len);
443
-
444
- return str;
445
- }
446
-
447
- /*
448
- * call-seq:
449
- * rsa.public_decrypt(string) => String
450
- * rsa.public_decrypt(string, padding) => String
289
+ * Serializes a private or public key to a DER-encoding.
451
290
  *
452
- * Decrypt _string_, which has been encrypted with the private key, with the
453
- * public key. _padding_ defaults to PKCS1_PADDING.
454
- */
455
- static VALUE
456
- ossl_rsa_public_decrypt(int argc, VALUE *argv, VALUE self)
457
- {
458
- RSA *rsa;
459
- const BIGNUM *rsa_n;
460
- int buf_len, pad;
461
- VALUE str, buffer, padding;
462
-
463
- GetRSA(self, rsa);
464
- RSA_get0_key(rsa, &rsa_n, NULL, NULL);
465
- if (!rsa_n)
466
- ossl_raise(eRSAError, "incomplete RSA");
467
- rb_scan_args(argc, argv, "11", &buffer, &padding);
468
- pad = (argc == 1) ? RSA_PKCS1_PADDING : NUM2INT(padding);
469
- StringValue(buffer);
470
- str = rb_str_new(0, RSA_size(rsa));
471
- buf_len = RSA_public_decrypt(RSTRING_LENINT(buffer), (unsigned char *)RSTRING_PTR(buffer),
472
- (unsigned char *)RSTRING_PTR(str), rsa, pad);
473
- if (buf_len < 0) ossl_raise(eRSAError, NULL);
474
- rb_str_set_len(str, buf_len);
475
-
476
- return str;
477
- }
478
-
479
- /*
480
- * call-seq:
481
- * rsa.private_encrypt(string) => String
482
- * rsa.private_encrypt(string, padding) => String
291
+ * See #to_pem for details.
483
292
  *
484
- * Encrypt _string_ with the private key. _padding_ defaults to PKCS1_PADDING.
485
- * The encrypted string output can be decrypted using #public_decrypt.
486
- */
487
- static VALUE
488
- ossl_rsa_private_encrypt(int argc, VALUE *argv, VALUE self)
489
- {
490
- RSA *rsa;
491
- const BIGNUM *rsa_n;
492
- int buf_len, pad;
493
- VALUE str, buffer, padding;
494
-
495
- GetRSA(self, rsa);
496
- RSA_get0_key(rsa, &rsa_n, NULL, NULL);
497
- if (!rsa_n)
498
- ossl_raise(eRSAError, "incomplete RSA");
499
- if (!RSA_PRIVATE(self, rsa))
500
- ossl_raise(eRSAError, "private key needed.");
501
- rb_scan_args(argc, argv, "11", &buffer, &padding);
502
- pad = (argc == 1) ? RSA_PKCS1_PADDING : NUM2INT(padding);
503
- StringValue(buffer);
504
- str = rb_str_new(0, RSA_size(rsa));
505
- buf_len = RSA_private_encrypt(RSTRING_LENINT(buffer), (unsigned char *)RSTRING_PTR(buffer),
506
- (unsigned char *)RSTRING_PTR(str), rsa, pad);
507
- if (buf_len < 0) ossl_raise(eRSAError, NULL);
508
- rb_str_set_len(str, buf_len);
509
-
510
- return str;
511
- }
512
-
513
- /*
514
- * call-seq:
515
- * rsa.private_decrypt(string) => String
516
- * rsa.private_decrypt(string, padding) => String
293
+ * <b>This method is kept for compatibility.</b>
294
+ * This should only be used when the PKCS #1 RSAPrivateKey format is required.
517
295
  *
518
- * Decrypt _string_, which has been encrypted with the public key, with the
519
- * private key. _padding_ defaults to PKCS1_PADDING.
296
+ * Consider using #public_to_der or #private_to_der instead.
520
297
  */
521
298
  static VALUE
522
- ossl_rsa_private_decrypt(int argc, VALUE *argv, VALUE self)
299
+ ossl_rsa_to_der(VALUE self)
523
300
  {
524
- RSA *rsa;
525
- const BIGNUM *rsa_n;
526
- int buf_len, pad;
527
- VALUE str, buffer, padding;
528
-
529
- GetRSA(self, rsa);
530
- RSA_get0_key(rsa, &rsa_n, NULL, NULL);
531
- if (!rsa_n)
532
- ossl_raise(eRSAError, "incomplete RSA");
533
- if (!RSA_PRIVATE(self, rsa))
534
- ossl_raise(eRSAError, "private key needed.");
535
- rb_scan_args(argc, argv, "11", &buffer, &padding);
536
- pad = (argc == 1) ? RSA_PKCS1_PADDING : NUM2INT(padding);
537
- StringValue(buffer);
538
- str = rb_str_new(0, RSA_size(rsa));
539
- buf_len = RSA_private_decrypt(RSTRING_LENINT(buffer), (unsigned char *)RSTRING_PTR(buffer),
540
- (unsigned char *)RSTRING_PTR(str), rsa, pad);
541
- if (buf_len < 0) ossl_raise(eRSAError, NULL);
542
- rb_str_set_len(str, buf_len);
543
-
544
- return str;
301
+ if (can_export_rsaprivatekey(self))
302
+ return ossl_pkey_export_traditional(0, NULL, self, 1);
303
+ else
304
+ return ossl_pkey_export_spki(self, 1);
545
305
  }
546
306
 
547
307
  /*
@@ -573,7 +333,7 @@ ossl_rsa_private_decrypt(int argc, VALUE *argv, VALUE self)
573
333
  * data = "Sign me!"
574
334
  * pkey = OpenSSL::PKey::RSA.new(2048)
575
335
  * signature = pkey.sign_pss("SHA256", data, salt_length: :max, mgf1_hash: "SHA256")
576
- * pub_key = pkey.public_key
336
+ * pub_key = OpenSSL::PKey.read(pkey.public_to_der)
577
337
  * puts pub_key.verify_pss("SHA256", signature, data,
578
338
  * salt_length: :auto, mgf1_hash: "SHA256") # => true
579
339
  */
@@ -748,7 +508,7 @@ ossl_rsa_verify_pss(int argc, VALUE *argv, VALUE self)
748
508
  static VALUE
749
509
  ossl_rsa_get_params(VALUE self)
750
510
  {
751
- RSA *rsa;
511
+ OSSL_3_const RSA *rsa;
752
512
  VALUE hash;
753
513
  const BIGNUM *n, *e, *d, *p, *q, *dmp1, *dmq1, *iqmp;
754
514
 
@@ -770,88 +530,6 @@ ossl_rsa_get_params(VALUE self)
770
530
  return hash;
771
531
  }
772
532
 
773
- /*
774
- * call-seq:
775
- * rsa.to_text => String
776
- *
777
- * THIS METHOD IS INSECURE, PRIVATE INFORMATION CAN LEAK OUT!!!
778
- *
779
- * Dumps all parameters of a keypair to a String
780
- *
781
- * Don't use :-)) (It's up to you)
782
- */
783
- static VALUE
784
- ossl_rsa_to_text(VALUE self)
785
- {
786
- RSA *rsa;
787
- BIO *out;
788
- VALUE str;
789
-
790
- GetRSA(self, rsa);
791
- if (!(out = BIO_new(BIO_s_mem()))) {
792
- ossl_raise(eRSAError, NULL);
793
- }
794
- if (!RSA_print(out, rsa, 0)) { /* offset = 0 */
795
- BIO_free(out);
796
- ossl_raise(eRSAError, NULL);
797
- }
798
- str = ossl_membio2str(out);
799
-
800
- return str;
801
- }
802
-
803
- /*
804
- * call-seq:
805
- * rsa.public_key -> RSA
806
- *
807
- * Makes new RSA instance containing the public key from the private key.
808
- */
809
- static VALUE
810
- ossl_rsa_to_public_key(VALUE self)
811
- {
812
- EVP_PKEY *pkey;
813
- RSA *rsa;
814
- VALUE obj;
815
-
816
- GetPKeyRSA(self, pkey);
817
- /* err check performed by rsa_instance */
818
- rsa = RSAPublicKey_dup(EVP_PKEY_get0_RSA(pkey));
819
- obj = rsa_instance(rb_obj_class(self), rsa);
820
- if (obj == Qfalse) {
821
- RSA_free(rsa);
822
- ossl_raise(eRSAError, NULL);
823
- }
824
- return obj;
825
- }
826
-
827
- /*
828
- * TODO: Test me
829
-
830
- static VALUE
831
- ossl_rsa_blinding_on(VALUE self)
832
- {
833
- RSA *rsa;
834
-
835
- GetRSA(self, rsa);
836
-
837
- if (RSA_blinding_on(rsa, ossl_bn_ctx) != 1) {
838
- ossl_raise(eRSAError, NULL);
839
- }
840
- return self;
841
- }
842
-
843
- static VALUE
844
- ossl_rsa_blinding_off(VALUE self)
845
- {
846
- RSA *rsa;
847
-
848
- GetRSA(self, rsa);
849
- RSA_blinding_off(rsa);
850
-
851
- return self;
852
- }
853
- */
854
-
855
533
  /*
856
534
  * Document-method: OpenSSL::PKey::RSA#set_key
857
535
  * call-seq:
@@ -913,22 +591,17 @@ Init_ossl_rsa(void)
913
591
  */
914
592
  cRSA = rb_define_class_under(mPKey, "RSA", cPKey);
915
593
 
916
- rb_define_singleton_method(cRSA, "generate", ossl_rsa_s_generate, -1);
917
594
  rb_define_method(cRSA, "initialize", ossl_rsa_initialize, -1);
595
+ #ifndef HAVE_EVP_PKEY_DUP
918
596
  rb_define_method(cRSA, "initialize_copy", ossl_rsa_initialize_copy, 1);
597
+ #endif
919
598
 
920
599
  rb_define_method(cRSA, "public?", ossl_rsa_is_public, 0);
921
600
  rb_define_method(cRSA, "private?", ossl_rsa_is_private, 0);
922
- rb_define_method(cRSA, "to_text", ossl_rsa_to_text, 0);
923
601
  rb_define_method(cRSA, "export", ossl_rsa_export, -1);
924
602
  rb_define_alias(cRSA, "to_pem", "export");
925
603
  rb_define_alias(cRSA, "to_s", "export");
926
604
  rb_define_method(cRSA, "to_der", ossl_rsa_to_der, 0);
927
- rb_define_method(cRSA, "public_key", ossl_rsa_to_public_key, 0);
928
- rb_define_method(cRSA, "public_encrypt", ossl_rsa_public_encrypt, -1);
929
- rb_define_method(cRSA, "public_decrypt", ossl_rsa_public_decrypt, -1);
930
- rb_define_method(cRSA, "private_encrypt", ossl_rsa_private_encrypt, -1);
931
- rb_define_method(cRSA, "private_decrypt", ossl_rsa_private_decrypt, -1);
932
605
  rb_define_method(cRSA, "sign_pss", ossl_rsa_sign_pss, -1);
933
606
  rb_define_method(cRSA, "verify_pss", ossl_rsa_verify_pss, -1);
934
607
 
@@ -946,11 +619,6 @@ Init_ossl_rsa(void)
946
619
 
947
620
  rb_define_method(cRSA, "params", ossl_rsa_get_params, 0);
948
621
 
949
- DefRSAConst(PKCS1_PADDING);
950
- DefRSAConst(SSLV23_PADDING);
951
- DefRSAConst(NO_PADDING);
952
- DefRSAConst(PKCS1_OAEP_PADDING);
953
-
954
622
  /*
955
623
  * TODO: Test it
956
624
  rb_define_method(cRSA, "blinding_on!", ossl_rsa_blinding_on, 0);