openssl 2.2.1 → 3.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CONTRIBUTING.md +33 -45
- data/History.md +248 -1
- data/README.md +36 -19
- data/ext/openssl/extconf.rb +101 -68
- data/ext/openssl/openssl_missing.c +0 -66
- data/ext/openssl/openssl_missing.h +26 -45
- data/ext/openssl/ossl.c +128 -237
- data/ext/openssl/ossl.h +31 -12
- data/ext/openssl/ossl_asn1.c +26 -13
- data/ext/openssl/ossl_bn.c +213 -139
- data/ext/openssl/ossl_cipher.c +13 -14
- data/ext/openssl/ossl_config.c +412 -41
- data/ext/openssl/ossl_config.h +4 -7
- data/ext/openssl/ossl_digest.c +10 -10
- data/ext/openssl/ossl_engine.c +17 -16
- data/ext/openssl/ossl_hmac.c +57 -136
- data/ext/openssl/ossl_kdf.c +12 -4
- data/ext/openssl/ossl_ns_spki.c +1 -1
- data/ext/openssl/ossl_ocsp.c +11 -59
- data/ext/openssl/ossl_pkcs12.c +22 -4
- data/ext/openssl/ossl_pkcs7.c +45 -62
- data/ext/openssl/ossl_pkey.c +1320 -196
- data/ext/openssl/ossl_pkey.h +36 -73
- data/ext/openssl/ossl_pkey_dh.c +152 -347
- data/ext/openssl/ossl_pkey_dsa.c +157 -413
- data/ext/openssl/ossl_pkey_ec.c +227 -343
- data/ext/openssl/ossl_pkey_rsa.c +159 -491
- data/ext/openssl/ossl_provider.c +211 -0
- data/ext/openssl/ossl_provider.h +5 -0
- data/ext/openssl/ossl_ssl.c +530 -450
- data/ext/openssl/ossl_ssl_session.c +29 -30
- data/ext/openssl/ossl_ts.c +38 -23
- data/ext/openssl/ossl_x509.c +0 -6
- data/ext/openssl/ossl_x509attr.c +1 -1
- data/ext/openssl/ossl_x509cert.c +168 -12
- data/ext/openssl/ossl_x509crl.c +14 -11
- data/ext/openssl/ossl_x509ext.c +14 -9
- data/ext/openssl/ossl_x509name.c +10 -3
- data/ext/openssl/ossl_x509req.c +14 -11
- data/ext/openssl/ossl_x509revoked.c +4 -4
- data/ext/openssl/ossl_x509store.c +166 -75
- data/lib/openssl/buffering.rb +9 -3
- data/lib/openssl/digest.rb +1 -5
- data/lib/openssl/hmac.rb +65 -0
- data/lib/openssl/pkey.rb +429 -0
- data/lib/openssl/ssl.rb +22 -17
- data/lib/openssl/version.rb +1 -1
- data/lib/openssl/x509.rb +22 -0
- data/lib/openssl.rb +0 -1
- metadata +10 -79
- data/ext/openssl/ruby_missing.h +0 -24
- data/lib/openssl/config.rb +0 -501
data/ext/openssl/ossl_pkcs7.c
CHANGED
@@ -65,7 +65,7 @@ const rb_data_type_t ossl_pkcs7_type = {
|
|
65
65
|
{
|
66
66
|
0, ossl_pkcs7_free,
|
67
67
|
},
|
68
|
-
0, 0, RUBY_TYPED_FREE_IMMEDIATELY,
|
68
|
+
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
|
69
69
|
};
|
70
70
|
|
71
71
|
static void
|
@@ -79,7 +79,7 @@ static const rb_data_type_t ossl_pkcs7_signer_info_type = {
|
|
79
79
|
{
|
80
80
|
0, ossl_pkcs7_signer_info_free,
|
81
81
|
},
|
82
|
-
0, 0, RUBY_TYPED_FREE_IMMEDIATELY,
|
82
|
+
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
|
83
83
|
};
|
84
84
|
|
85
85
|
static void
|
@@ -93,7 +93,7 @@ static const rb_data_type_t ossl_pkcs7_recip_info_type = {
|
|
93
93
|
{
|
94
94
|
0, ossl_pkcs7_recip_info_free,
|
95
95
|
},
|
96
|
-
0, 0, RUBY_TYPED_FREE_IMMEDIATELY,
|
96
|
+
0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
|
97
97
|
};
|
98
98
|
|
99
99
|
/*
|
@@ -101,19 +101,24 @@ static const rb_data_type_t ossl_pkcs7_recip_info_type = {
|
|
101
101
|
* (MADE PRIVATE UNTIL SOMEBODY WILL NEED THEM)
|
102
102
|
*/
|
103
103
|
static PKCS7_SIGNER_INFO *
|
104
|
-
ossl_PKCS7_SIGNER_INFO_dup(
|
104
|
+
ossl_PKCS7_SIGNER_INFO_dup(PKCS7_SIGNER_INFO *si)
|
105
105
|
{
|
106
|
-
|
107
|
-
|
108
|
-
|
106
|
+
PKCS7_SIGNER_INFO *si_new = ASN1_dup((i2d_of_void *)i2d_PKCS7_SIGNER_INFO,
|
107
|
+
(d2i_of_void *)d2i_PKCS7_SIGNER_INFO,
|
108
|
+
si);
|
109
|
+
if (si_new && si->pkey) {
|
110
|
+
EVP_PKEY_up_ref(si->pkey);
|
111
|
+
si_new->pkey = si->pkey;
|
112
|
+
}
|
113
|
+
return si_new;
|
109
114
|
}
|
110
115
|
|
111
116
|
static PKCS7_RECIP_INFO *
|
112
|
-
ossl_PKCS7_RECIP_INFO_dup(
|
117
|
+
ossl_PKCS7_RECIP_INFO_dup(PKCS7_RECIP_INFO *si)
|
113
118
|
{
|
114
|
-
return
|
115
|
-
|
116
|
-
|
119
|
+
return ASN1_dup((i2d_of_void *)i2d_PKCS7_RECIP_INFO,
|
120
|
+
(d2i_of_void *)d2i_PKCS7_RECIP_INFO,
|
121
|
+
si);
|
117
122
|
}
|
118
123
|
|
119
124
|
static VALUE
|
@@ -130,19 +135,6 @@ ossl_pkcs7si_new(PKCS7_SIGNER_INFO *p7si)
|
|
130
135
|
return obj;
|
131
136
|
}
|
132
137
|
|
133
|
-
static PKCS7_SIGNER_INFO *
|
134
|
-
DupPKCS7SignerPtr(VALUE obj)
|
135
|
-
{
|
136
|
-
PKCS7_SIGNER_INFO *p7si, *pkcs7;
|
137
|
-
|
138
|
-
GetPKCS7si(obj, p7si);
|
139
|
-
if (!(pkcs7 = ossl_PKCS7_SIGNER_INFO_dup(p7si))) {
|
140
|
-
ossl_raise(ePKCS7Error, NULL);
|
141
|
-
}
|
142
|
-
|
143
|
-
return pkcs7;
|
144
|
-
}
|
145
|
-
|
146
138
|
static VALUE
|
147
139
|
ossl_pkcs7ri_new(PKCS7_RECIP_INFO *p7ri)
|
148
140
|
{
|
@@ -157,19 +149,6 @@ ossl_pkcs7ri_new(PKCS7_RECIP_INFO *p7ri)
|
|
157
149
|
return obj;
|
158
150
|
}
|
159
151
|
|
160
|
-
static PKCS7_RECIP_INFO *
|
161
|
-
DupPKCS7RecipientPtr(VALUE obj)
|
162
|
-
{
|
163
|
-
PKCS7_RECIP_INFO *p7ri, *pkcs7;
|
164
|
-
|
165
|
-
GetPKCS7ri(obj, p7ri);
|
166
|
-
if (!(pkcs7 = ossl_PKCS7_RECIP_INFO_dup(p7ri))) {
|
167
|
-
ossl_raise(ePKCS7Error, NULL);
|
168
|
-
}
|
169
|
-
|
170
|
-
return pkcs7;
|
171
|
-
}
|
172
|
-
|
173
152
|
/*
|
174
153
|
* call-seq:
|
175
154
|
* PKCS7.read_smime(string) => pkcs7
|
@@ -351,7 +330,7 @@ ossl_pkcs7_alloc(VALUE klass)
|
|
351
330
|
static VALUE
|
352
331
|
ossl_pkcs7_initialize(int argc, VALUE *argv, VALUE self)
|
353
332
|
{
|
354
|
-
PKCS7 *p7, *
|
333
|
+
PKCS7 *p7, *p7_orig = RTYPEDDATA_DATA(self);
|
355
334
|
BIO *in;
|
356
335
|
VALUE arg;
|
357
336
|
|
@@ -359,19 +338,17 @@ ossl_pkcs7_initialize(int argc, VALUE *argv, VALUE self)
|
|
359
338
|
return self;
|
360
339
|
arg = ossl_to_der_if_possible(arg);
|
361
340
|
in = ossl_obj2bio(&arg);
|
362
|
-
p7 =
|
341
|
+
p7 = d2i_PKCS7_bio(in, NULL);
|
363
342
|
if (!p7) {
|
364
|
-
|
365
|
-
p7 =
|
366
|
-
if (!p7) {
|
367
|
-
BIO_free(in);
|
368
|
-
PKCS7_free(pkcs);
|
369
|
-
DATA_PTR(self) = NULL;
|
370
|
-
ossl_raise(rb_eArgError, "Could not parse the PKCS7");
|
371
|
-
}
|
343
|
+
OSSL_BIO_reset(in);
|
344
|
+
p7 = PEM_read_bio_PKCS7(in, NULL, NULL, NULL);
|
372
345
|
}
|
373
|
-
DATA_PTR(self) = pkcs;
|
374
346
|
BIO_free(in);
|
347
|
+
if (!p7)
|
348
|
+
ossl_raise(rb_eArgError, "Could not parse the PKCS7");
|
349
|
+
|
350
|
+
RTYPEDDATA_DATA(self) = p7;
|
351
|
+
PKCS7_free(p7_orig);
|
375
352
|
ossl_pkcs7_set_data(self, Qnil);
|
376
353
|
ossl_pkcs7_set_err_string(self, Qnil);
|
377
354
|
|
@@ -521,17 +498,18 @@ static VALUE
|
|
521
498
|
ossl_pkcs7_add_signer(VALUE self, VALUE signer)
|
522
499
|
{
|
523
500
|
PKCS7 *pkcs7;
|
524
|
-
PKCS7_SIGNER_INFO *
|
501
|
+
PKCS7_SIGNER_INFO *si, *si_new;
|
525
502
|
|
526
|
-
p7si = DupPKCS7SignerPtr(signer); /* NEED TO DUP */
|
527
503
|
GetPKCS7(self, pkcs7);
|
528
|
-
|
529
|
-
|
530
|
-
|
531
|
-
|
532
|
-
|
533
|
-
|
534
|
-
|
504
|
+
GetPKCS7si(signer, si);
|
505
|
+
|
506
|
+
si_new = ossl_PKCS7_SIGNER_INFO_dup(si);
|
507
|
+
if (!si_new)
|
508
|
+
ossl_raise(ePKCS7Error, "PKCS7_SIGNER_INFO_dup");
|
509
|
+
|
510
|
+
if (PKCS7_add_signer(pkcs7, si_new) != 1) {
|
511
|
+
PKCS7_SIGNER_INFO_free(si_new);
|
512
|
+
ossl_raise(ePKCS7Error, "PKCS7_add_signer");
|
535
513
|
}
|
536
514
|
|
537
515
|
return self;
|
@@ -567,13 +545,18 @@ static VALUE
|
|
567
545
|
ossl_pkcs7_add_recipient(VALUE self, VALUE recip)
|
568
546
|
{
|
569
547
|
PKCS7 *pkcs7;
|
570
|
-
PKCS7_RECIP_INFO *ri;
|
548
|
+
PKCS7_RECIP_INFO *ri, *ri_new;
|
571
549
|
|
572
|
-
ri = DupPKCS7RecipientPtr(recip); /* NEED TO DUP */
|
573
550
|
GetPKCS7(self, pkcs7);
|
574
|
-
|
575
|
-
|
576
|
-
|
551
|
+
GetPKCS7ri(recip, ri);
|
552
|
+
|
553
|
+
ri_new = ossl_PKCS7_RECIP_INFO_dup(ri);
|
554
|
+
if (!ri_new)
|
555
|
+
ossl_raise(ePKCS7Error, "PKCS7_RECIP_INFO_dup");
|
556
|
+
|
557
|
+
if (PKCS7_add_recipient_info(pkcs7, ri_new) != 1) {
|
558
|
+
PKCS7_RECIP_INFO_free(ri_new);
|
559
|
+
ossl_raise(ePKCS7Error, "PKCS7_add_recipient_info");
|
577
560
|
}
|
578
561
|
|
579
562
|
return self;
|