openssl 2.2.1 → 3.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. checksums.yaml +4 -4
  2. data/CONTRIBUTING.md +33 -45
  3. data/History.md +248 -1
  4. data/README.md +36 -19
  5. data/ext/openssl/extconf.rb +101 -68
  6. data/ext/openssl/openssl_missing.c +0 -66
  7. data/ext/openssl/openssl_missing.h +26 -45
  8. data/ext/openssl/ossl.c +128 -237
  9. data/ext/openssl/ossl.h +31 -12
  10. data/ext/openssl/ossl_asn1.c +26 -13
  11. data/ext/openssl/ossl_bn.c +213 -139
  12. data/ext/openssl/ossl_cipher.c +13 -14
  13. data/ext/openssl/ossl_config.c +412 -41
  14. data/ext/openssl/ossl_config.h +4 -7
  15. data/ext/openssl/ossl_digest.c +10 -10
  16. data/ext/openssl/ossl_engine.c +17 -16
  17. data/ext/openssl/ossl_hmac.c +57 -136
  18. data/ext/openssl/ossl_kdf.c +12 -4
  19. data/ext/openssl/ossl_ns_spki.c +1 -1
  20. data/ext/openssl/ossl_ocsp.c +11 -59
  21. data/ext/openssl/ossl_pkcs12.c +22 -4
  22. data/ext/openssl/ossl_pkcs7.c +45 -62
  23. data/ext/openssl/ossl_pkey.c +1320 -196
  24. data/ext/openssl/ossl_pkey.h +36 -73
  25. data/ext/openssl/ossl_pkey_dh.c +152 -347
  26. data/ext/openssl/ossl_pkey_dsa.c +157 -413
  27. data/ext/openssl/ossl_pkey_ec.c +227 -343
  28. data/ext/openssl/ossl_pkey_rsa.c +159 -491
  29. data/ext/openssl/ossl_provider.c +211 -0
  30. data/ext/openssl/ossl_provider.h +5 -0
  31. data/ext/openssl/ossl_ssl.c +530 -450
  32. data/ext/openssl/ossl_ssl_session.c +29 -30
  33. data/ext/openssl/ossl_ts.c +38 -23
  34. data/ext/openssl/ossl_x509.c +0 -6
  35. data/ext/openssl/ossl_x509attr.c +1 -1
  36. data/ext/openssl/ossl_x509cert.c +168 -12
  37. data/ext/openssl/ossl_x509crl.c +14 -11
  38. data/ext/openssl/ossl_x509ext.c +14 -9
  39. data/ext/openssl/ossl_x509name.c +10 -3
  40. data/ext/openssl/ossl_x509req.c +14 -11
  41. data/ext/openssl/ossl_x509revoked.c +4 -4
  42. data/ext/openssl/ossl_x509store.c +166 -75
  43. data/lib/openssl/buffering.rb +9 -3
  44. data/lib/openssl/digest.rb +1 -5
  45. data/lib/openssl/hmac.rb +65 -0
  46. data/lib/openssl/pkey.rb +429 -0
  47. data/lib/openssl/ssl.rb +22 -17
  48. data/lib/openssl/version.rb +1 -1
  49. data/lib/openssl/x509.rb +22 -0
  50. data/lib/openssl.rb +0 -1
  51. metadata +10 -79
  52. data/ext/openssl/ruby_missing.h +0 -24
  53. data/lib/openssl/config.rb +0 -501
@@ -9,6 +9,10 @@
9
9
  */
10
10
  #include "ossl.h"
11
11
 
12
+ #ifdef OSSL_USE_ENGINE
13
+ # include <openssl/engine.h>
14
+ #endif
15
+
12
16
  /*
13
17
  * Classes
14
18
  */
@@ -17,64 +21,6 @@ VALUE cPKey;
17
21
  VALUE ePKeyError;
18
22
  static ID id_private_q;
19
23
 
20
- /*
21
- * callback for generating keys
22
- */
23
- static VALUE
24
- call_check_ints0(VALUE arg)
25
- {
26
- rb_thread_check_ints();
27
- return Qnil;
28
- }
29
-
30
- static void *
31
- call_check_ints(void *arg)
32
- {
33
- int state;
34
- rb_protect(call_check_ints0, Qnil, &state);
35
- return (void *)(VALUE)state;
36
- }
37
-
38
- int
39
- ossl_generate_cb_2(int p, int n, BN_GENCB *cb)
40
- {
41
- VALUE ary;
42
- struct ossl_generate_cb_arg *arg;
43
- int state;
44
-
45
- arg = (struct ossl_generate_cb_arg *)BN_GENCB_get_arg(cb);
46
- if (arg->yield) {
47
- ary = rb_ary_new2(2);
48
- rb_ary_store(ary, 0, INT2NUM(p));
49
- rb_ary_store(ary, 1, INT2NUM(n));
50
-
51
- /*
52
- * can be break by raising exception or 'break'
53
- */
54
- rb_protect(rb_yield, ary, &state);
55
- if (state) {
56
- arg->state = state;
57
- return 0;
58
- }
59
- }
60
- if (arg->interrupted) {
61
- arg->interrupted = 0;
62
- state = (int)(VALUE)rb_thread_call_with_gvl(call_check_ints, NULL);
63
- if (state) {
64
- arg->state = state;
65
- return 0;
66
- }
67
- }
68
- return 1;
69
- }
70
-
71
- void
72
- ossl_generate_cb_stop(void *ptr)
73
- {
74
- struct ossl_generate_cb_arg *arg = (struct ossl_generate_cb_arg *)ptr;
75
- arg->interrupted = 1;
76
- }
77
-
78
24
  static void
79
25
  ossl_evp_pkey_free(void *ptr)
80
26
  {
@@ -89,40 +35,33 @@ const rb_data_type_t ossl_evp_pkey_type = {
89
35
  {
90
36
  0, ossl_evp_pkey_free,
91
37
  },
92
- 0, 0, RUBY_TYPED_FREE_IMMEDIATELY,
38
+ 0, 0, RUBY_TYPED_FREE_IMMEDIATELY | RUBY_TYPED_WB_PROTECTED,
93
39
  };
94
40
 
95
41
  static VALUE
96
- pkey_new0(EVP_PKEY *pkey)
42
+ pkey_new0(VALUE arg)
97
43
  {
98
- VALUE obj;
99
- int type;
100
-
101
- if (!pkey || (type = EVP_PKEY_base_id(pkey)) == EVP_PKEY_NONE)
102
- ossl_raise(rb_eRuntimeError, "pkey is empty");
44
+ EVP_PKEY *pkey = (EVP_PKEY *)arg;
45
+ VALUE klass, obj;
103
46
 
104
- switch (type) {
47
+ switch (EVP_PKEY_base_id(pkey)) {
105
48
  #if !defined(OPENSSL_NO_RSA)
106
- case EVP_PKEY_RSA:
107
- return ossl_rsa_new(pkey);
49
+ case EVP_PKEY_RSA: klass = cRSA; break;
108
50
  #endif
109
51
  #if !defined(OPENSSL_NO_DSA)
110
- case EVP_PKEY_DSA:
111
- return ossl_dsa_new(pkey);
52
+ case EVP_PKEY_DSA: klass = cDSA; break;
112
53
  #endif
113
54
  #if !defined(OPENSSL_NO_DH)
114
- case EVP_PKEY_DH:
115
- return ossl_dh_new(pkey);
55
+ case EVP_PKEY_DH: klass = cDH; break;
116
56
  #endif
117
57
  #if !defined(OPENSSL_NO_EC)
118
- case EVP_PKEY_EC:
119
- return ossl_ec_new(pkey);
58
+ case EVP_PKEY_EC: klass = cEC; break;
120
59
  #endif
121
- default:
122
- obj = NewPKey(cPKey);
123
- SetPKey(obj, pkey);
124
- return obj;
60
+ default: klass = cPKey; break;
125
61
  }
62
+ obj = rb_obj_alloc(klass);
63
+ RTYPEDDATA_DATA(obj) = pkey;
64
+ return obj;
126
65
  }
127
66
 
128
67
  VALUE
@@ -131,7 +70,7 @@ ossl_pkey_new(EVP_PKEY *pkey)
131
70
  VALUE obj;
132
71
  int status;
133
72
 
134
- obj = rb_protect((VALUE (*)(VALUE))pkey_new0, (VALUE)pkey, &status);
73
+ obj = rb_protect(pkey_new0, (VALUE)pkey, &status);
135
74
  if (status) {
136
75
  EVP_PKEY_free(pkey);
137
76
  rb_jump_tag(status);
@@ -140,6 +79,137 @@ ossl_pkey_new(EVP_PKEY *pkey)
140
79
  return obj;
141
80
  }
142
81
 
82
+ #if OSSL_OPENSSL_PREREQ(3, 0, 0)
83
+ # include <openssl/decoder.h>
84
+
85
+ static EVP_PKEY *
86
+ ossl_pkey_read(BIO *bio, const char *input_type, int selection, VALUE pass)
87
+ {
88
+ void *ppass = (void *)pass;
89
+ OSSL_DECODER_CTX *dctx;
90
+ EVP_PKEY *pkey = NULL;
91
+ int pos = 0, pos2;
92
+
93
+ dctx = OSSL_DECODER_CTX_new_for_pkey(&pkey, input_type, NULL, NULL,
94
+ selection, NULL, NULL);
95
+ if (!dctx)
96
+ goto out;
97
+ if (OSSL_DECODER_CTX_set_pem_password_cb(dctx, ossl_pem_passwd_cb,
98
+ ppass) != 1)
99
+ goto out;
100
+ while (1) {
101
+ if (OSSL_DECODER_from_bio(dctx, bio) == 1)
102
+ goto out;
103
+ if (BIO_eof(bio))
104
+ break;
105
+ pos2 = BIO_tell(bio);
106
+ if (pos2 < 0 || pos2 <= pos)
107
+ break;
108
+ ossl_clear_error();
109
+ pos = pos2;
110
+ }
111
+ out:
112
+ OSSL_BIO_reset(bio);
113
+ OSSL_DECODER_CTX_free(dctx);
114
+ return pkey;
115
+ }
116
+
117
+ EVP_PKEY *
118
+ ossl_pkey_read_generic(BIO *bio, VALUE pass)
119
+ {
120
+ EVP_PKEY *pkey = NULL;
121
+ /* First check DER, then check PEM. */
122
+ const char *input_types[] = {"DER", "PEM"};
123
+ int input_type_num = (int)(sizeof(input_types) / sizeof(char *));
124
+ /*
125
+ * Non-zero selections to try to decode.
126
+ *
127
+ * See EVP_PKEY_fromdata(3) - Selections to see all the selections.
128
+ *
129
+ * This is a workaround for the decoder failing to decode or returning
130
+ * bogus keys with selection 0, if a key management provider is different
131
+ * from a decoder provider. The workaround is to avoid using selection 0.
132
+ *
133
+ * Affected OpenSSL versions: >= 3.1.0, <= 3.1.2, or >= 3.0.0, <= 3.0.10
134
+ * Fixed OpenSSL versions: 3.2, next release of the 3.1.z and 3.0.z
135
+ *
136
+ * See https://github.com/openssl/openssl/pull/21519 for details.
137
+ *
138
+ * First check for private key formats (EVP_PKEY_KEYPAIR). This is to keep
139
+ * compatibility with ruby/openssl < 3.0 which decoded the following as a
140
+ * private key.
141
+ *
142
+ * $ openssl ecparam -name prime256v1 -genkey -outform PEM
143
+ * -----BEGIN EC PARAMETERS-----
144
+ * BggqhkjOPQMBBw==
145
+ * -----END EC PARAMETERS-----
146
+ * -----BEGIN EC PRIVATE KEY-----
147
+ * MHcCAQEEIAG8ugBbA5MHkqnZ9ujQF93OyUfL9tk8sxqM5Wv5tKg5oAoGCCqGSM49
148
+ * AwEHoUQDQgAEVcjhJfkwqh5C7kGuhAf8XaAjVuG5ADwb5ayg/cJijCgs+GcXeedj
149
+ * 86avKpGH84DXUlB23C/kPt+6fXYlitUmXQ==
150
+ * -----END EC PRIVATE KEY-----
151
+ *
152
+ * While the first PEM block is a proper encoding of ECParameters, thus
153
+ * OSSL_DECODER_from_bio() would pick it up, ruby/openssl used to return
154
+ * the latter instead. Existing applications expect this behavior.
155
+ *
156
+ * Note that normally, the input is supposed to contain a single decodable
157
+ * PEM block only, so this special handling should not create a new problem.
158
+ *
159
+ * Note that we need to create the OSSL_DECODER_CTX variable each time when
160
+ * we use the different selection as a workaround.
161
+ * See https://github.com/openssl/openssl/issues/20657 for details.
162
+ */
163
+ int selections[] = {
164
+ EVP_PKEY_KEYPAIR,
165
+ EVP_PKEY_KEY_PARAMETERS,
166
+ EVP_PKEY_PUBLIC_KEY
167
+ };
168
+ int selection_num = (int)(sizeof(selections) / sizeof(int));
169
+ int i, j;
170
+
171
+ for (i = 0; i < input_type_num; i++) {
172
+ for (j = 0; j < selection_num; j++) {
173
+ pkey = ossl_pkey_read(bio, input_types[i], selections[j], pass);
174
+ if (pkey) {
175
+ goto out;
176
+ }
177
+ }
178
+ }
179
+ out:
180
+ return pkey;
181
+ }
182
+ #else
183
+ EVP_PKEY *
184
+ ossl_pkey_read_generic(BIO *bio, VALUE pass)
185
+ {
186
+ void *ppass = (void *)pass;
187
+ EVP_PKEY *pkey;
188
+
189
+ if ((pkey = d2i_PrivateKey_bio(bio, NULL)))
190
+ goto out;
191
+ OSSL_BIO_reset(bio);
192
+ if ((pkey = d2i_PKCS8PrivateKey_bio(bio, NULL, ossl_pem_passwd_cb, ppass)))
193
+ goto out;
194
+ OSSL_BIO_reset(bio);
195
+ if ((pkey = d2i_PUBKEY_bio(bio, NULL)))
196
+ goto out;
197
+ OSSL_BIO_reset(bio);
198
+ /* PEM_read_bio_PrivateKey() also parses PKCS #8 formats */
199
+ if ((pkey = PEM_read_bio_PrivateKey(bio, NULL, ossl_pem_passwd_cb, ppass)))
200
+ goto out;
201
+ OSSL_BIO_reset(bio);
202
+ if ((pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL)))
203
+ goto out;
204
+ OSSL_BIO_reset(bio);
205
+ if ((pkey = PEM_read_bio_Parameters(bio, NULL)))
206
+ goto out;
207
+
208
+ out:
209
+ return pkey;
210
+ }
211
+ #endif
212
+
143
213
  /*
144
214
  * call-seq:
145
215
  * OpenSSL::PKey.read(string [, pwd ]) -> PKey
@@ -149,7 +219,7 @@ ossl_pkey_new(EVP_PKEY *pkey)
149
219
  * instance of the appropriate PKey class.
150
220
  *
151
221
  * === Parameters
152
- * * _string+ is a DER- or PEM-encoded string containing an arbitrary private
222
+ * * _string_ is a DER- or PEM-encoded string containing an arbitrary private
153
223
  * or public key.
154
224
  * * _io_ is an instance of IO containing a DER- or PEM-encoded
155
225
  * arbitrary private or public key.
@@ -164,36 +234,283 @@ ossl_pkey_new_from_data(int argc, VALUE *argv, VALUE self)
164
234
  VALUE data, pass;
165
235
 
166
236
  rb_scan_args(argc, argv, "11", &data, &pass);
167
- pass = ossl_pem_passwd_value(pass);
168
-
169
237
  bio = ossl_obj2bio(&data);
170
- if ((pkey = d2i_PrivateKey_bio(bio, NULL)))
171
- goto ok;
172
- OSSL_BIO_reset(bio);
173
- if ((pkey = d2i_PKCS8PrivateKey_bio(bio, NULL, ossl_pem_passwd_cb, (void *)pass)))
174
- goto ok;
175
- OSSL_BIO_reset(bio);
176
- if ((pkey = d2i_PUBKEY_bio(bio, NULL)))
177
- goto ok;
178
- OSSL_BIO_reset(bio);
179
- /* PEM_read_bio_PrivateKey() also parses PKCS #8 formats */
180
- if ((pkey = PEM_read_bio_PrivateKey(bio, NULL, ossl_pem_passwd_cb, (void *)pass)))
181
- goto ok;
182
- OSSL_BIO_reset(bio);
183
- if ((pkey = PEM_read_bio_PUBKEY(bio, NULL, NULL, NULL)))
184
- goto ok;
185
-
186
- BIO_free(bio);
187
- ossl_raise(ePKeyError, "Could not parse PKey");
188
-
189
- ok:
238
+ pkey = ossl_pkey_read_generic(bio, ossl_pem_passwd_value(pass));
190
239
  BIO_free(bio);
240
+ if (!pkey)
241
+ ossl_raise(ePKeyError, "Could not parse PKey");
191
242
  return ossl_pkey_new(pkey);
192
243
  }
193
244
 
245
+ static VALUE
246
+ pkey_ctx_apply_options_i(RB_BLOCK_CALL_FUNC_ARGLIST(i, ctx_v))
247
+ {
248
+ VALUE key = rb_ary_entry(i, 0), value = rb_ary_entry(i, 1);
249
+ EVP_PKEY_CTX *ctx = (EVP_PKEY_CTX *)ctx_v;
250
+
251
+ if (SYMBOL_P(key))
252
+ key = rb_sym2str(key);
253
+ value = rb_String(value);
254
+
255
+ if (EVP_PKEY_CTX_ctrl_str(ctx, StringValueCStr(key), StringValueCStr(value)) <= 0)
256
+ ossl_raise(ePKeyError, "EVP_PKEY_CTX_ctrl_str(ctx, %+"PRIsVALUE", %+"PRIsVALUE")",
257
+ key, value);
258
+ return Qnil;
259
+ }
260
+
261
+ static VALUE
262
+ pkey_ctx_apply_options0(VALUE args_v)
263
+ {
264
+ VALUE *args = (VALUE *)args_v;
265
+ Check_Type(args[1], T_HASH);
266
+
267
+ rb_block_call(args[1], rb_intern("each"), 0, NULL,
268
+ pkey_ctx_apply_options_i, args[0]);
269
+ return Qnil;
270
+ }
271
+
272
+ static void
273
+ pkey_ctx_apply_options(EVP_PKEY_CTX *ctx, VALUE options, int *state)
274
+ {
275
+ VALUE args[2];
276
+ args[0] = (VALUE)ctx;
277
+ args[1] = options;
278
+
279
+ rb_protect(pkey_ctx_apply_options0, (VALUE)args, state);
280
+ }
281
+
282
+ struct pkey_blocking_generate_arg {
283
+ EVP_PKEY_CTX *ctx;
284
+ EVP_PKEY *pkey;
285
+ int state;
286
+ unsigned int yield: 1;
287
+ unsigned int genparam: 1;
288
+ unsigned int interrupted: 1;
289
+ };
290
+
291
+ static VALUE
292
+ pkey_gen_cb_yield(VALUE ctx_v)
293
+ {
294
+ EVP_PKEY_CTX *ctx = (void *)ctx_v;
295
+ int i, info_num;
296
+ VALUE *argv;
297
+
298
+ info_num = EVP_PKEY_CTX_get_keygen_info(ctx, -1);
299
+ argv = ALLOCA_N(VALUE, info_num);
300
+ for (i = 0; i < info_num; i++)
301
+ argv[i] = INT2NUM(EVP_PKEY_CTX_get_keygen_info(ctx, i));
302
+
303
+ return rb_yield_values2(info_num, argv);
304
+ }
305
+
306
+ static VALUE
307
+ call_check_ints0(VALUE arg)
308
+ {
309
+ rb_thread_check_ints();
310
+ return Qnil;
311
+ }
312
+
313
+ static void *
314
+ call_check_ints(void *arg)
315
+ {
316
+ int state;
317
+ rb_protect(call_check_ints0, Qnil, &state);
318
+ return (void *)(VALUE)state;
319
+ }
320
+
321
+ static int
322
+ pkey_gen_cb(EVP_PKEY_CTX *ctx)
323
+ {
324
+ struct pkey_blocking_generate_arg *arg = EVP_PKEY_CTX_get_app_data(ctx);
325
+ int state;
326
+
327
+ if (arg->yield) {
328
+ rb_protect(pkey_gen_cb_yield, (VALUE)ctx, &state);
329
+ if (state) {
330
+ arg->state = state;
331
+ return 0;
332
+ }
333
+ }
334
+ if (arg->interrupted) {
335
+ arg->interrupted = 0;
336
+ state = (int)(VALUE)rb_thread_call_with_gvl(call_check_ints, NULL);
337
+ if (state) {
338
+ arg->state = state;
339
+ return 0;
340
+ }
341
+ }
342
+ return 1;
343
+ }
344
+
345
+ static void
346
+ pkey_blocking_gen_stop(void *ptr)
347
+ {
348
+ struct pkey_blocking_generate_arg *arg = ptr;
349
+ arg->interrupted = 1;
350
+ }
351
+
352
+ static void *
353
+ pkey_blocking_gen(void *ptr)
354
+ {
355
+ struct pkey_blocking_generate_arg *arg = ptr;
356
+
357
+ if (arg->genparam && EVP_PKEY_paramgen(arg->ctx, &arg->pkey) <= 0)
358
+ return NULL;
359
+ if (!arg->genparam && EVP_PKEY_keygen(arg->ctx, &arg->pkey) <= 0)
360
+ return NULL;
361
+ return arg->pkey;
362
+ }
363
+
364
+ static VALUE
365
+ pkey_generate(int argc, VALUE *argv, VALUE self, int genparam)
366
+ {
367
+ EVP_PKEY_CTX *ctx;
368
+ VALUE alg, options;
369
+ struct pkey_blocking_generate_arg gen_arg = { 0 };
370
+ int state;
371
+
372
+ rb_scan_args(argc, argv, "11", &alg, &options);
373
+ if (rb_obj_is_kind_of(alg, cPKey)) {
374
+ EVP_PKEY *base_pkey;
375
+
376
+ GetPKey(alg, base_pkey);
377
+ ctx = EVP_PKEY_CTX_new(base_pkey, NULL/* engine */);
378
+ if (!ctx)
379
+ ossl_raise(ePKeyError, "EVP_PKEY_CTX_new");
380
+ }
381
+ else {
382
+ #if OSSL_OPENSSL_PREREQ(3, 0, 0)
383
+ ctx = EVP_PKEY_CTX_new_from_name(NULL, StringValueCStr(alg), NULL);
384
+ if (!ctx)
385
+ ossl_raise(ePKeyError, "EVP_PKEY_CTX_new_from_name");
386
+ #else
387
+ const EVP_PKEY_ASN1_METHOD *ameth;
388
+ ENGINE *tmpeng;
389
+ int pkey_id;
390
+
391
+ StringValue(alg);
392
+ ameth = EVP_PKEY_asn1_find_str(&tmpeng, RSTRING_PTR(alg),
393
+ RSTRING_LENINT(alg));
394
+ if (!ameth)
395
+ ossl_raise(ePKeyError, "algorithm %"PRIsVALUE" not found", alg);
396
+ EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth);
397
+ #if !defined(OPENSSL_NO_ENGINE)
398
+ if (tmpeng)
399
+ ENGINE_finish(tmpeng);
400
+ #endif
401
+
402
+ ctx = EVP_PKEY_CTX_new_id(pkey_id, NULL/* engine */);
403
+ if (!ctx)
404
+ ossl_raise(ePKeyError, "EVP_PKEY_CTX_new_id");
405
+ #endif
406
+ }
407
+
408
+ if (genparam && EVP_PKEY_paramgen_init(ctx) <= 0) {
409
+ EVP_PKEY_CTX_free(ctx);
410
+ ossl_raise(ePKeyError, "EVP_PKEY_paramgen_init");
411
+ }
412
+ if (!genparam && EVP_PKEY_keygen_init(ctx) <= 0) {
413
+ EVP_PKEY_CTX_free(ctx);
414
+ ossl_raise(ePKeyError, "EVP_PKEY_keygen_init");
415
+ }
416
+
417
+ if (!NIL_P(options)) {
418
+ pkey_ctx_apply_options(ctx, options, &state);
419
+ if (state) {
420
+ EVP_PKEY_CTX_free(ctx);
421
+ rb_jump_tag(state);
422
+ }
423
+ }
424
+
425
+ gen_arg.genparam = genparam;
426
+ gen_arg.ctx = ctx;
427
+ gen_arg.yield = rb_block_given_p();
428
+ EVP_PKEY_CTX_set_app_data(ctx, &gen_arg);
429
+ EVP_PKEY_CTX_set_cb(ctx, pkey_gen_cb);
430
+ if (gen_arg.yield)
431
+ pkey_blocking_gen(&gen_arg);
432
+ else
433
+ rb_thread_call_without_gvl(pkey_blocking_gen, &gen_arg,
434
+ pkey_blocking_gen_stop, &gen_arg);
435
+ EVP_PKEY_CTX_free(ctx);
436
+ if (!gen_arg.pkey) {
437
+ if (gen_arg.state) {
438
+ ossl_clear_error();
439
+ rb_jump_tag(gen_arg.state);
440
+ }
441
+ else {
442
+ ossl_raise(ePKeyError, genparam ? "EVP_PKEY_paramgen" : "EVP_PKEY_keygen");
443
+ }
444
+ }
445
+
446
+ return ossl_pkey_new(gen_arg.pkey);
447
+ }
448
+
449
+ /*
450
+ * call-seq:
451
+ * OpenSSL::PKey.generate_parameters(algo_name [, options]) -> pkey
452
+ *
453
+ * Generates new parameters for the algorithm. _algo_name_ is a String that
454
+ * represents the algorithm. The optional argument _options_ is a Hash that
455
+ * specifies the options specific to the algorithm. The order of the options
456
+ * can be important.
457
+ *
458
+ * A block can be passed optionally. The meaning of the arguments passed to
459
+ * the block varies depending on the implementation of the algorithm. The block
460
+ * may be called once or multiple times, or may not even be called.
461
+ *
462
+ * For the supported options, see the documentation for the 'openssl genpkey'
463
+ * utility command.
464
+ *
465
+ * == Example
466
+ * pkey = OpenSSL::PKey.generate_parameters("DSA", "dsa_paramgen_bits" => 2048)
467
+ * p pkey.p.num_bits #=> 2048
468
+ */
469
+ static VALUE
470
+ ossl_pkey_s_generate_parameters(int argc, VALUE *argv, VALUE self)
471
+ {
472
+ return pkey_generate(argc, argv, self, 1);
473
+ }
474
+
475
+ /*
476
+ * call-seq:
477
+ * OpenSSL::PKey.generate_key(algo_name [, options]) -> pkey
478
+ * OpenSSL::PKey.generate_key(pkey [, options]) -> pkey
479
+ *
480
+ * Generates a new key (pair).
481
+ *
482
+ * If a String is given as the first argument, it generates a new random key
483
+ * for the algorithm specified by the name just as ::generate_parameters does.
484
+ * If an OpenSSL::PKey::PKey is given instead, it generates a new random key
485
+ * for the same algorithm as the key, using the parameters the key contains.
486
+ *
487
+ * See ::generate_parameters for the details of _options_ and the given block.
488
+ *
489
+ * == Example
490
+ * pkey_params = OpenSSL::PKey.generate_parameters("DSA", "dsa_paramgen_bits" => 2048)
491
+ * pkey_params.priv_key #=> nil
492
+ * pkey = OpenSSL::PKey.generate_key(pkey_params)
493
+ * pkey.priv_key #=> #<OpenSSL::BN 6277...
494
+ */
495
+ static VALUE
496
+ ossl_pkey_s_generate_key(int argc, VALUE *argv, VALUE self)
497
+ {
498
+ return pkey_generate(argc, argv, self, 0);
499
+ }
500
+
501
+ /*
502
+ * TODO: There is no convenient way to check the presence of public key
503
+ * components on OpenSSL 3.0. But since keys are immutable on 3.0, pkeys without
504
+ * these should only be created by OpenSSL::PKey.generate_parameters or by
505
+ * parsing DER-/PEM-encoded string. We would need another flag for that.
506
+ */
194
507
  void
195
508
  ossl_pkey_check_public_key(const EVP_PKEY *pkey)
196
509
  {
510
+ #if OSSL_OPENSSL_PREREQ(3, 0, 0)
511
+ if (EVP_PKEY_missing_parameters(pkey))
512
+ ossl_raise(ePKeyError, "parameters missing");
513
+ #else
197
514
  void *ptr;
198
515
  const BIGNUM *n, *e, *pubkey;
199
516
 
@@ -229,6 +546,7 @@ ossl_pkey_check_public_key(const EVP_PKEY *pkey)
229
546
  return;
230
547
  }
231
548
  ossl_raise(ePKeyError, "public key missing");
549
+ #endif
232
550
  }
233
551
 
234
552
  EVP_PKEY *
@@ -246,12 +564,19 @@ GetPrivPKeyPtr(VALUE obj)
246
564
  {
247
565
  EVP_PKEY *pkey;
248
566
 
249
- if (rb_funcallv(obj, id_private_q, 0, NULL) != Qtrue) {
250
- ossl_raise(rb_eArgError, "Private key is needed.");
251
- }
252
567
  GetPKey(obj, pkey);
568
+ if (OSSL_PKEY_IS_PRIVATE(obj))
569
+ return pkey;
570
+ /*
571
+ * The EVP API does not provide a way to check if the EVP_PKEY has private
572
+ * components. Assuming it does...
573
+ */
574
+ if (!rb_respond_to(obj, id_private_q))
575
+ return pkey;
576
+ if (RTEST(rb_funcallv(obj, id_private_q, 0, NULL)))
577
+ return pkey;
253
578
 
254
- return pkey;
579
+ rb_raise(rb_eArgError, "private key is needed");
255
580
  }
256
581
 
257
582
  EVP_PKEY *
@@ -271,16 +596,7 @@ DupPKeyPtr(VALUE obj)
271
596
  static VALUE
272
597
  ossl_pkey_alloc(VALUE klass)
273
598
  {
274
- EVP_PKEY *pkey;
275
- VALUE obj;
276
-
277
- obj = NewPKey(klass);
278
- if (!(pkey = EVP_PKEY_new())) {
279
- ossl_raise(ePKeyError, NULL);
280
- }
281
- SetPKey(obj, pkey);
282
-
283
- return obj;
599
+ return TypedData_Wrap_Struct(klass, &ossl_evp_pkey_type, NULL);
284
600
  }
285
601
 
286
602
  /*
@@ -299,6 +615,92 @@ ossl_pkey_initialize(VALUE self)
299
615
  return self;
300
616
  }
301
617
 
618
+ #ifdef HAVE_EVP_PKEY_DUP
619
+ static VALUE
620
+ ossl_pkey_initialize_copy(VALUE self, VALUE other)
621
+ {
622
+ EVP_PKEY *pkey, *pkey_other;
623
+
624
+ TypedData_Get_Struct(self, EVP_PKEY, &ossl_evp_pkey_type, pkey);
625
+ TypedData_Get_Struct(other, EVP_PKEY, &ossl_evp_pkey_type, pkey_other);
626
+ if (pkey)
627
+ rb_raise(rb_eTypeError, "pkey already initialized");
628
+ if (pkey_other) {
629
+ pkey = EVP_PKEY_dup(pkey_other);
630
+ if (!pkey)
631
+ ossl_raise(ePKeyError, "EVP_PKEY_dup");
632
+ RTYPEDDATA_DATA(self) = pkey;
633
+ }
634
+ return self;
635
+ }
636
+ #endif
637
+
638
+ #ifdef HAVE_EVP_PKEY_NEW_RAW_PRIVATE_KEY
639
+ /*
640
+ * call-seq:
641
+ * OpenSSL::PKey.new_raw_private_key(algo, string) -> PKey
642
+ *
643
+ * See the OpenSSL documentation for EVP_PKEY_new_raw_private_key()
644
+ */
645
+
646
+ static VALUE
647
+ ossl_pkey_new_raw_private_key(VALUE self, VALUE type, VALUE key)
648
+ {
649
+ EVP_PKEY *pkey;
650
+ const EVP_PKEY_ASN1_METHOD *ameth;
651
+ int pkey_id;
652
+ size_t keylen;
653
+
654
+ StringValue(type);
655
+ StringValue(key);
656
+ ameth = EVP_PKEY_asn1_find_str(NULL, RSTRING_PTR(type), RSTRING_LENINT(type));
657
+ if (!ameth)
658
+ ossl_raise(ePKeyError, "algorithm %"PRIsVALUE" not found", type);
659
+ EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth);
660
+
661
+ keylen = RSTRING_LEN(key);
662
+
663
+ pkey = EVP_PKEY_new_raw_private_key(pkey_id, NULL, (unsigned char *)RSTRING_PTR(key), keylen);
664
+ if (!pkey)
665
+ ossl_raise(ePKeyError, "EVP_PKEY_new_raw_private_key");
666
+
667
+ return ossl_pkey_new(pkey);
668
+ }
669
+ #endif
670
+
671
+ #ifdef HAVE_EVP_PKEY_NEW_RAW_PRIVATE_KEY
672
+ /*
673
+ * call-seq:
674
+ * OpenSSL::PKey.new_raw_public_key(algo, string) -> PKey
675
+ *
676
+ * See the OpenSSL documentation for EVP_PKEY_new_raw_public_key()
677
+ */
678
+
679
+ static VALUE
680
+ ossl_pkey_new_raw_public_key(VALUE self, VALUE type, VALUE key)
681
+ {
682
+ EVP_PKEY *pkey;
683
+ const EVP_PKEY_ASN1_METHOD *ameth;
684
+ int pkey_id;
685
+ size_t keylen;
686
+
687
+ StringValue(type);
688
+ StringValue(key);
689
+ ameth = EVP_PKEY_asn1_find_str(NULL, RSTRING_PTR(type), RSTRING_LENINT(type));
690
+ if (!ameth)
691
+ ossl_raise(ePKeyError, "algorithm %"PRIsVALUE" not found", type);
692
+ EVP_PKEY_asn1_get0_info(&pkey_id, NULL, NULL, NULL, NULL, ameth);
693
+
694
+ keylen = RSTRING_LEN(key);
695
+
696
+ pkey = EVP_PKEY_new_raw_public_key(pkey_id, NULL, (unsigned char *)RSTRING_PTR(key), keylen);
697
+ if (!pkey)
698
+ ossl_raise(ePKeyError, "EVP_PKEY_new_raw_public_key");
699
+
700
+ return ossl_pkey_new(pkey);
701
+ }
702
+ #endif
703
+
302
704
  /*
303
705
  * call-seq:
304
706
  * pkey.oid -> string
@@ -328,11 +730,94 @@ ossl_pkey_inspect(VALUE self)
328
730
  EVP_PKEY *pkey;
329
731
  int nid;
330
732
 
331
- GetPKey(self, pkey);
332
- nid = EVP_PKEY_id(pkey);
333
- return rb_sprintf("#<%"PRIsVALUE":%p oid=%s>",
334
- rb_class_name(CLASS_OF(self)), (void *)self,
335
- OBJ_nid2sn(nid));
733
+ GetPKey(self, pkey);
734
+ nid = EVP_PKEY_id(pkey);
735
+ return rb_sprintf("#<%"PRIsVALUE":%p oid=%s>",
736
+ rb_class_name(CLASS_OF(self)), (void *)self,
737
+ OBJ_nid2sn(nid));
738
+ }
739
+
740
+ /*
741
+ * call-seq:
742
+ * pkey.to_text -> string
743
+ *
744
+ * Dumps key parameters, public key, and private key components contained in
745
+ * the key into a human-readable text.
746
+ *
747
+ * This is intended for debugging purpose.
748
+ *
749
+ * See also the man page EVP_PKEY_print_private(3).
750
+ */
751
+ static VALUE
752
+ ossl_pkey_to_text(VALUE self)
753
+ {
754
+ EVP_PKEY *pkey;
755
+ BIO *bio;
756
+
757
+ GetPKey(self, pkey);
758
+ if (!(bio = BIO_new(BIO_s_mem())))
759
+ ossl_raise(ePKeyError, "BIO_new");
760
+
761
+ if (EVP_PKEY_print_private(bio, pkey, 0, NULL) == 1)
762
+ goto out;
763
+ OSSL_BIO_reset(bio);
764
+ if (EVP_PKEY_print_public(bio, pkey, 0, NULL) == 1)
765
+ goto out;
766
+ OSSL_BIO_reset(bio);
767
+ if (EVP_PKEY_print_params(bio, pkey, 0, NULL) == 1)
768
+ goto out;
769
+
770
+ BIO_free(bio);
771
+ ossl_raise(ePKeyError, "EVP_PKEY_print_params");
772
+
773
+ out:
774
+ return ossl_membio2str(bio);
775
+ }
776
+
777
+ VALUE
778
+ ossl_pkey_export_traditional(int argc, VALUE *argv, VALUE self, int to_der)
779
+ {
780
+ EVP_PKEY *pkey;
781
+ VALUE cipher, pass;
782
+ const EVP_CIPHER *enc = NULL;
783
+ BIO *bio;
784
+
785
+ GetPKey(self, pkey);
786
+ rb_scan_args(argc, argv, "02", &cipher, &pass);
787
+ if (!NIL_P(cipher)) {
788
+ enc = ossl_evp_get_cipherbyname(cipher);
789
+ pass = ossl_pem_passwd_value(pass);
790
+ }
791
+
792
+ bio = BIO_new(BIO_s_mem());
793
+ if (!bio)
794
+ ossl_raise(ePKeyError, "BIO_new");
795
+ if (to_der) {
796
+ if (!i2d_PrivateKey_bio(bio, pkey)) {
797
+ BIO_free(bio);
798
+ ossl_raise(ePKeyError, "i2d_PrivateKey_bio");
799
+ }
800
+ }
801
+ else {
802
+ #if OSSL_OPENSSL_PREREQ(1, 1, 0) || OSSL_LIBRESSL_PREREQ(3, 5, 0)
803
+ if (!PEM_write_bio_PrivateKey_traditional(bio, pkey, enc, NULL, 0,
804
+ ossl_pem_passwd_cb,
805
+ (void *)pass)) {
806
+ #else
807
+ char pem_str[80];
808
+ const char *aname;
809
+
810
+ EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL, &aname, pkey->ameth);
811
+ snprintf(pem_str, sizeof(pem_str), "%s PRIVATE KEY", aname);
812
+ if (!PEM_ASN1_write_bio((i2d_of_void *)i2d_PrivateKey, pem_str, bio,
813
+ pkey, enc, NULL, 0, ossl_pem_passwd_cb,
814
+ (void *)pass)) {
815
+ #endif
816
+ BIO_free(bio);
817
+ ossl_raise(ePKeyError, "PEM_write_bio_PrivateKey_traditional");
818
+ }
819
+ }
820
+ return ossl_membio2str(bio);
336
821
  }
337
822
 
338
823
  static VALUE
@@ -397,6 +882,18 @@ ossl_pkey_private_to_der(int argc, VALUE *argv, VALUE self)
397
882
  *
398
883
  * Serializes the private key to PEM-encoded PKCS #8 format. See #private_to_der
399
884
  * for more details.
885
+ *
886
+ * An unencrypted PEM-encoded key will look like:
887
+ *
888
+ * -----BEGIN PRIVATE KEY-----
889
+ * [...]
890
+ * -----END PRIVATE KEY-----
891
+ *
892
+ * An encrypted PEM-encoded key will look like:
893
+ *
894
+ * -----BEGIN ENCRYPTED PRIVATE KEY-----
895
+ * [...]
896
+ * -----END ENCRYPTED PRIVATE KEY-----
400
897
  */
401
898
  static VALUE
402
899
  ossl_pkey_private_to_pem(int argc, VALUE *argv, VALUE self)
@@ -404,8 +901,37 @@ ossl_pkey_private_to_pem(int argc, VALUE *argv, VALUE self)
404
901
  return do_pkcs8_export(argc, argv, self, 0);
405
902
  }
406
903
 
904
+ #ifdef HAVE_EVP_PKEY_NEW_RAW_PRIVATE_KEY
905
+ /*
906
+ * call-seq:
907
+ * pkey.raw_private_key => string
908
+ *
909
+ * See the OpenSSL documentation for EVP_PKEY_get_raw_private_key()
910
+ */
911
+
407
912
  static VALUE
408
- do_spki_export(VALUE self, int to_der)
913
+ ossl_pkey_raw_private_key(VALUE self)
914
+ {
915
+ EVP_PKEY *pkey;
916
+ VALUE str;
917
+ size_t len;
918
+
919
+ GetPKey(self, pkey);
920
+ if (EVP_PKEY_get_raw_private_key(pkey, NULL, &len) != 1)
921
+ ossl_raise(ePKeyError, "EVP_PKEY_get_raw_private_key");
922
+ str = rb_str_new(NULL, len);
923
+
924
+ if (EVP_PKEY_get_raw_private_key(pkey, (unsigned char *)RSTRING_PTR(str), &len) != 1)
925
+ ossl_raise(ePKeyError, "EVP_PKEY_get_raw_private_key");
926
+
927
+ rb_str_set_len(str, len);
928
+
929
+ return str;
930
+ }
931
+ #endif
932
+
933
+ VALUE
934
+ ossl_pkey_export_spki(VALUE self, int to_der)
409
935
  {
410
936
  EVP_PKEY *pkey;
411
937
  BIO *bio;
@@ -438,7 +964,7 @@ do_spki_export(VALUE self, int to_der)
438
964
  static VALUE
439
965
  ossl_pkey_public_to_der(VALUE self)
440
966
  {
441
- return do_spki_export(self, 1);
967
+ return ossl_pkey_export_spki(self, 1);
442
968
  }
443
969
 
444
970
  /*
@@ -446,123 +972,698 @@ ossl_pkey_public_to_der(VALUE self)
446
972
  * pkey.public_to_pem -> string
447
973
  *
448
974
  * Serializes the public key to PEM-encoded X.509 SubjectPublicKeyInfo format.
975
+ *
976
+ * A PEM-encoded key will look like:
977
+ *
978
+ * -----BEGIN PUBLIC KEY-----
979
+ * [...]
980
+ * -----END PUBLIC KEY-----
449
981
  */
450
982
  static VALUE
451
983
  ossl_pkey_public_to_pem(VALUE self)
452
984
  {
453
- return do_spki_export(self, 0);
985
+ return ossl_pkey_export_spki(self, 0);
986
+ }
987
+
988
+ #ifdef HAVE_EVP_PKEY_NEW_RAW_PRIVATE_KEY
989
+ /*
990
+ * call-seq:
991
+ * pkey.raw_public_key => string
992
+ *
993
+ * See the OpenSSL documentation for EVP_PKEY_get_raw_public_key()
994
+ */
995
+
996
+ static VALUE
997
+ ossl_pkey_raw_public_key(VALUE self)
998
+ {
999
+ EVP_PKEY *pkey;
1000
+ VALUE str;
1001
+ size_t len;
1002
+
1003
+ GetPKey(self, pkey);
1004
+ if (EVP_PKEY_get_raw_public_key(pkey, NULL, &len) != 1)
1005
+ ossl_raise(ePKeyError, "EVP_PKEY_get_raw_public_key");
1006
+ str = rb_str_new(NULL, len);
1007
+
1008
+ if (EVP_PKEY_get_raw_public_key(pkey, (unsigned char *)RSTRING_PTR(str), &len) != 1)
1009
+ ossl_raise(ePKeyError, "EVP_PKEY_get_raw_public_key");
1010
+
1011
+ rb_str_set_len(str, len);
1012
+
1013
+ return str;
454
1014
  }
1015
+ #endif
455
1016
 
456
1017
  /*
457
1018
  * call-seq:
458
- * pkey.sign(digest, data) -> String
1019
+ * pkey.compare?(another_pkey) -> true | false
459
1020
  *
460
- * To sign the String _data_, _digest_, an instance of OpenSSL::Digest, must
461
- * be provided. The return value is again a String containing the signature.
462
- * A PKeyError is raised should errors occur.
463
- * Any previous state of the Digest instance is irrelevant to the signature
464
- * outcome, the digest instance is reset to its initial state during the
465
- * operation.
1021
+ * Used primarily to check if an OpenSSL::X509::Certificate#public_key compares to its private key.
466
1022
  *
467
1023
  * == Example
468
- * data = 'Sign me!'
469
- * digest = OpenSSL::Digest.new('SHA256')
470
- * pkey = OpenSSL::PKey::RSA.new(2048)
471
- * signature = pkey.sign(digest, data)
1024
+ * x509 = OpenSSL::X509::Certificate.new(pem_encoded_certificate)
1025
+ * rsa_key = OpenSSL::PKey::RSA.new(pem_encoded_private_key)
1026
+ *
1027
+ * rsa_key.compare?(x509.public_key) => true | false
1028
+ */
1029
+ static VALUE
1030
+ ossl_pkey_compare(VALUE self, VALUE other)
1031
+ {
1032
+ int ret;
1033
+ EVP_PKEY *selfPKey;
1034
+ EVP_PKEY *otherPKey;
1035
+
1036
+ GetPKey(self, selfPKey);
1037
+ GetPKey(other, otherPKey);
1038
+
1039
+ /* Explicitly check the key type given EVP_PKEY_ASN1_METHOD(3)
1040
+ * docs param_cmp could return any negative number.
1041
+ */
1042
+ if (EVP_PKEY_id(selfPKey) != EVP_PKEY_id(otherPKey))
1043
+ ossl_raise(rb_eTypeError, "cannot match different PKey types");
1044
+
1045
+ ret = EVP_PKEY_eq(selfPKey, otherPKey);
1046
+
1047
+ if (ret == 0)
1048
+ return Qfalse;
1049
+ else if (ret == 1)
1050
+ return Qtrue;
1051
+ else
1052
+ ossl_raise(ePKeyError, "EVP_PKEY_eq");
1053
+ }
1054
+
1055
+ /*
1056
+ * call-seq:
1057
+ * pkey.sign(digest, data [, options]) -> string
1058
+ *
1059
+ * Hashes and signs the +data+ using a message digest algorithm +digest+ and
1060
+ * a private key +pkey+.
1061
+ *
1062
+ * See #verify for the verification operation.
1063
+ *
1064
+ * See also the man page EVP_DigestSign(3).
1065
+ *
1066
+ * +digest+::
1067
+ * A String that represents the message digest algorithm name, or +nil+
1068
+ * if the PKey type requires no digest algorithm.
1069
+ * For backwards compatibility, this can be an instance of OpenSSL::Digest.
1070
+ * Its state will not affect the signature.
1071
+ * +data+::
1072
+ * A String. The data to be hashed and signed.
1073
+ * +options+::
1074
+ * A Hash that contains algorithm specific control operations to \OpenSSL.
1075
+ * See OpenSSL's man page EVP_PKEY_CTX_ctrl_str(3) for details.
1076
+ * +options+ parameter was added in version 3.0.
1077
+ *
1078
+ * Example:
1079
+ * data = "Sign me!"
1080
+ * pkey = OpenSSL::PKey.generate_key("RSA", rsa_keygen_bits: 2048)
1081
+ * signopts = { rsa_padding_mode: "pss" }
1082
+ * signature = pkey.sign("SHA256", data, signopts)
1083
+ *
1084
+ * # Creates a copy of the RSA key pkey, but without the private components
1085
+ * pub_key = pkey.public_key
1086
+ * puts pub_key.verify("SHA256", signature, data, signopts) # => true
472
1087
  */
473
1088
  static VALUE
474
- ossl_pkey_sign(VALUE self, VALUE digest, VALUE data)
1089
+ ossl_pkey_sign(int argc, VALUE *argv, VALUE self)
475
1090
  {
476
1091
  EVP_PKEY *pkey;
477
- const EVP_MD *md;
1092
+ VALUE digest, data, options, sig;
1093
+ const EVP_MD *md = NULL;
478
1094
  EVP_MD_CTX *ctx;
479
- unsigned int buf_len;
480
- VALUE str;
481
- int result;
1095
+ EVP_PKEY_CTX *pctx;
1096
+ size_t siglen;
1097
+ int state;
482
1098
 
483
1099
  pkey = GetPrivPKeyPtr(self);
484
- md = ossl_evp_get_digestbyname(digest);
1100
+ rb_scan_args(argc, argv, "21", &digest, &data, &options);
1101
+ if (!NIL_P(digest))
1102
+ md = ossl_evp_get_digestbyname(digest);
485
1103
  StringValue(data);
486
- str = rb_str_new(0, EVP_PKEY_size(pkey));
487
1104
 
488
1105
  ctx = EVP_MD_CTX_new();
489
1106
  if (!ctx)
490
- ossl_raise(ePKeyError, "EVP_MD_CTX_new");
491
- if (!EVP_SignInit_ex(ctx, md, NULL)) {
492
- EVP_MD_CTX_free(ctx);
493
- ossl_raise(ePKeyError, "EVP_SignInit_ex");
1107
+ ossl_raise(ePKeyError, "EVP_MD_CTX_new");
1108
+ if (EVP_DigestSignInit(ctx, &pctx, md, /* engine */NULL, pkey) < 1) {
1109
+ EVP_MD_CTX_free(ctx);
1110
+ ossl_raise(ePKeyError, "EVP_DigestSignInit");
1111
+ }
1112
+ if (!NIL_P(options)) {
1113
+ pkey_ctx_apply_options(pctx, options, &state);
1114
+ if (state) {
1115
+ EVP_MD_CTX_free(ctx);
1116
+ rb_jump_tag(state);
1117
+ }
1118
+ }
1119
+ #if OSSL_OPENSSL_PREREQ(1, 1, 1) || OSSL_LIBRESSL_PREREQ(3, 4, 0)
1120
+ if (EVP_DigestSign(ctx, NULL, &siglen, (unsigned char *)RSTRING_PTR(data),
1121
+ RSTRING_LEN(data)) < 1) {
1122
+ EVP_MD_CTX_free(ctx);
1123
+ ossl_raise(ePKeyError, "EVP_DigestSign");
1124
+ }
1125
+ if (siglen > LONG_MAX) {
1126
+ EVP_MD_CTX_free(ctx);
1127
+ rb_raise(ePKeyError, "signature would be too large");
1128
+ }
1129
+ sig = ossl_str_new(NULL, (long)siglen, &state);
1130
+ if (state) {
1131
+ EVP_MD_CTX_free(ctx);
1132
+ rb_jump_tag(state);
1133
+ }
1134
+ if (EVP_DigestSign(ctx, (unsigned char *)RSTRING_PTR(sig), &siglen,
1135
+ (unsigned char *)RSTRING_PTR(data),
1136
+ RSTRING_LEN(data)) < 1) {
1137
+ EVP_MD_CTX_free(ctx);
1138
+ ossl_raise(ePKeyError, "EVP_DigestSign");
494
1139
  }
495
- if (!EVP_SignUpdate(ctx, RSTRING_PTR(data), RSTRING_LEN(data))) {
496
- EVP_MD_CTX_free(ctx);
497
- ossl_raise(ePKeyError, "EVP_SignUpdate");
1140
+ #else
1141
+ if (EVP_DigestSignUpdate(ctx, RSTRING_PTR(data), RSTRING_LEN(data)) < 1) {
1142
+ EVP_MD_CTX_free(ctx);
1143
+ ossl_raise(ePKeyError, "EVP_DigestSignUpdate");
498
1144
  }
499
- result = EVP_SignFinal(ctx, (unsigned char *)RSTRING_PTR(str), &buf_len, pkey);
1145
+ if (EVP_DigestSignFinal(ctx, NULL, &siglen) < 1) {
1146
+ EVP_MD_CTX_free(ctx);
1147
+ ossl_raise(ePKeyError, "EVP_DigestSignFinal");
1148
+ }
1149
+ if (siglen > LONG_MAX) {
1150
+ EVP_MD_CTX_free(ctx);
1151
+ rb_raise(ePKeyError, "signature would be too large");
1152
+ }
1153
+ sig = ossl_str_new(NULL, (long)siglen, &state);
1154
+ if (state) {
1155
+ EVP_MD_CTX_free(ctx);
1156
+ rb_jump_tag(state);
1157
+ }
1158
+ if (EVP_DigestSignFinal(ctx, (unsigned char *)RSTRING_PTR(sig),
1159
+ &siglen) < 1) {
1160
+ EVP_MD_CTX_free(ctx);
1161
+ ossl_raise(ePKeyError, "EVP_DigestSignFinal");
1162
+ }
1163
+ #endif
500
1164
  EVP_MD_CTX_free(ctx);
501
- if (!result)
502
- ossl_raise(ePKeyError, "EVP_SignFinal");
503
- rb_str_set_len(str, buf_len);
504
-
505
- return str;
1165
+ rb_str_set_len(sig, siglen);
1166
+ return sig;
506
1167
  }
507
1168
 
508
1169
  /*
509
- * call-seq:
510
- * pkey.verify(digest, signature, data) -> String
1170
+ * call-seq:
1171
+ * pkey.verify(digest, signature, data [, options]) -> true or false
511
1172
  *
512
- * To verify the String _signature_, _digest_, an instance of
513
- * OpenSSL::Digest, must be provided to re-compute the message digest of the
514
- * original _data_, also a String. The return value is +true+ if the
515
- * signature is valid, +false+ otherwise. A PKeyError is raised should errors
516
- * occur.
517
- * Any previous state of the Digest instance is irrelevant to the validation
518
- * outcome, the digest instance is reset to its initial state during the
519
- * operation.
1173
+ * Verifies the +signature+ for the +data+ using a message digest algorithm
1174
+ * +digest+ and a public key +pkey+.
520
1175
  *
521
- * == Example
522
- * data = 'Sign me!'
523
- * digest = OpenSSL::Digest.new('SHA256')
524
- * pkey = OpenSSL::PKey::RSA.new(2048)
525
- * signature = pkey.sign(digest, data)
526
- * pub_key = pkey.public_key
527
- * puts pub_key.verify(digest, signature, data) # => true
1176
+ * Returns +true+ if the signature is successfully verified, +false+ otherwise.
1177
+ * The caller must check the return value.
1178
+ *
1179
+ * See #sign for the signing operation and an example.
1180
+ *
1181
+ * See also the man page EVP_DigestVerify(3).
1182
+ *
1183
+ * +digest+::
1184
+ * See #sign.
1185
+ * +signature+::
1186
+ * A String containing the signature to be verified.
1187
+ * +data+::
1188
+ * See #sign.
1189
+ * +options+::
1190
+ * See #sign. +options+ parameter was added in version 3.0.
528
1191
  */
529
1192
  static VALUE
530
- ossl_pkey_verify(VALUE self, VALUE digest, VALUE sig, VALUE data)
1193
+ ossl_pkey_verify(int argc, VALUE *argv, VALUE self)
531
1194
  {
532
1195
  EVP_PKEY *pkey;
533
- const EVP_MD *md;
1196
+ VALUE digest, sig, data, options;
1197
+ const EVP_MD *md = NULL;
534
1198
  EVP_MD_CTX *ctx;
535
- int siglen, result;
1199
+ EVP_PKEY_CTX *pctx;
1200
+ int state, ret;
536
1201
 
537
1202
  GetPKey(self, pkey);
1203
+ rb_scan_args(argc, argv, "31", &digest, &sig, &data, &options);
538
1204
  ossl_pkey_check_public_key(pkey);
539
- md = ossl_evp_get_digestbyname(digest);
1205
+ if (!NIL_P(digest))
1206
+ md = ossl_evp_get_digestbyname(digest);
540
1207
  StringValue(sig);
541
- siglen = RSTRING_LENINT(sig);
542
1208
  StringValue(data);
543
1209
 
544
1210
  ctx = EVP_MD_CTX_new();
545
1211
  if (!ctx)
546
- ossl_raise(ePKeyError, "EVP_MD_CTX_new");
547
- if (!EVP_VerifyInit_ex(ctx, md, NULL)) {
548
- EVP_MD_CTX_free(ctx);
549
- ossl_raise(ePKeyError, "EVP_VerifyInit_ex");
1212
+ ossl_raise(ePKeyError, "EVP_MD_CTX_new");
1213
+ if (EVP_DigestVerifyInit(ctx, &pctx, md, /* engine */NULL, pkey) < 1) {
1214
+ EVP_MD_CTX_free(ctx);
1215
+ ossl_raise(ePKeyError, "EVP_DigestVerifyInit");
550
1216
  }
551
- if (!EVP_VerifyUpdate(ctx, RSTRING_PTR(data), RSTRING_LEN(data))) {
552
- EVP_MD_CTX_free(ctx);
553
- ossl_raise(ePKeyError, "EVP_VerifyUpdate");
1217
+ if (!NIL_P(options)) {
1218
+ pkey_ctx_apply_options(pctx, options, &state);
1219
+ if (state) {
1220
+ EVP_MD_CTX_free(ctx);
1221
+ rb_jump_tag(state);
1222
+ }
1223
+ }
1224
+ #if OSSL_OPENSSL_PREREQ(1, 1, 1) || OSSL_LIBRESSL_PREREQ(3, 4, 0)
1225
+ ret = EVP_DigestVerify(ctx, (unsigned char *)RSTRING_PTR(sig),
1226
+ RSTRING_LEN(sig), (unsigned char *)RSTRING_PTR(data),
1227
+ RSTRING_LEN(data));
1228
+ EVP_MD_CTX_free(ctx);
1229
+ if (ret < 0)
1230
+ ossl_raise(ePKeyError, "EVP_DigestVerify");
1231
+ #else
1232
+ if (EVP_DigestVerifyUpdate(ctx, RSTRING_PTR(data), RSTRING_LEN(data)) < 1) {
1233
+ EVP_MD_CTX_free(ctx);
1234
+ ossl_raise(ePKeyError, "EVP_DigestVerifyUpdate");
554
1235
  }
555
- result = EVP_VerifyFinal(ctx, (unsigned char *)RSTRING_PTR(sig), siglen, pkey);
1236
+ ret = EVP_DigestVerifyFinal(ctx, (unsigned char *)RSTRING_PTR(sig),
1237
+ RSTRING_LEN(sig));
556
1238
  EVP_MD_CTX_free(ctx);
557
- switch (result) {
558
- case 0:
559
- ossl_clear_error();
560
- return Qfalse;
561
- case 1:
562
- return Qtrue;
563
- default:
564
- ossl_raise(ePKeyError, "EVP_VerifyFinal");
1239
+ if (ret < 0)
1240
+ ossl_raise(ePKeyError, "EVP_DigestVerifyFinal");
1241
+ #endif
1242
+ if (ret)
1243
+ return Qtrue;
1244
+ else {
1245
+ ossl_clear_error();
1246
+ return Qfalse;
1247
+ }
1248
+ }
1249
+
1250
+ /*
1251
+ * call-seq:
1252
+ * pkey.sign_raw(digest, data [, options]) -> string
1253
+ *
1254
+ * Signs +data+ using a private key +pkey+. Unlike #sign, +data+ will not be
1255
+ * hashed by +digest+ automatically.
1256
+ *
1257
+ * See #verify_raw for the verification operation.
1258
+ *
1259
+ * Added in version 3.0. See also the man page EVP_PKEY_sign(3).
1260
+ *
1261
+ * +digest+::
1262
+ * A String that represents the message digest algorithm name, or +nil+
1263
+ * if the PKey type requires no digest algorithm.
1264
+ * Although this method will not hash +data+ with it, this parameter may still
1265
+ * be required depending on the signature algorithm.
1266
+ * +data+::
1267
+ * A String. The data to be signed.
1268
+ * +options+::
1269
+ * A Hash that contains algorithm specific control operations to \OpenSSL.
1270
+ * See OpenSSL's man page EVP_PKEY_CTX_ctrl_str(3) for details.
1271
+ *
1272
+ * Example:
1273
+ * data = "Sign me!"
1274
+ * hash = OpenSSL::Digest.digest("SHA256", data)
1275
+ * pkey = OpenSSL::PKey.generate_key("RSA", rsa_keygen_bits: 2048)
1276
+ * signopts = { rsa_padding_mode: "pss" }
1277
+ * signature = pkey.sign_raw("SHA256", hash, signopts)
1278
+ *
1279
+ * # Creates a copy of the RSA key pkey, but without the private components
1280
+ * pub_key = pkey.public_key
1281
+ * puts pub_key.verify_raw("SHA256", signature, hash, signopts) # => true
1282
+ */
1283
+ static VALUE
1284
+ ossl_pkey_sign_raw(int argc, VALUE *argv, VALUE self)
1285
+ {
1286
+ EVP_PKEY *pkey;
1287
+ VALUE digest, data, options, sig;
1288
+ const EVP_MD *md = NULL;
1289
+ EVP_PKEY_CTX *ctx;
1290
+ size_t outlen;
1291
+ int state;
1292
+
1293
+ GetPKey(self, pkey);
1294
+ rb_scan_args(argc, argv, "21", &digest, &data, &options);
1295
+ if (!NIL_P(digest))
1296
+ md = ossl_evp_get_digestbyname(digest);
1297
+ StringValue(data);
1298
+
1299
+ ctx = EVP_PKEY_CTX_new(pkey, /* engine */NULL);
1300
+ if (!ctx)
1301
+ ossl_raise(ePKeyError, "EVP_PKEY_CTX_new");
1302
+ if (EVP_PKEY_sign_init(ctx) <= 0) {
1303
+ EVP_PKEY_CTX_free(ctx);
1304
+ ossl_raise(ePKeyError, "EVP_PKEY_sign_init");
565
1305
  }
1306
+ if (md && EVP_PKEY_CTX_set_signature_md(ctx, md) <= 0) {
1307
+ EVP_PKEY_CTX_free(ctx);
1308
+ ossl_raise(ePKeyError, "EVP_PKEY_CTX_set_signature_md");
1309
+ }
1310
+ if (!NIL_P(options)) {
1311
+ pkey_ctx_apply_options(ctx, options, &state);
1312
+ if (state) {
1313
+ EVP_PKEY_CTX_free(ctx);
1314
+ rb_jump_tag(state);
1315
+ }
1316
+ }
1317
+ if (EVP_PKEY_sign(ctx, NULL, &outlen, (unsigned char *)RSTRING_PTR(data),
1318
+ RSTRING_LEN(data)) <= 0) {
1319
+ EVP_PKEY_CTX_free(ctx);
1320
+ ossl_raise(ePKeyError, "EVP_PKEY_sign");
1321
+ }
1322
+ if (outlen > LONG_MAX) {
1323
+ EVP_PKEY_CTX_free(ctx);
1324
+ rb_raise(ePKeyError, "signature would be too large");
1325
+ }
1326
+ sig = ossl_str_new(NULL, (long)outlen, &state);
1327
+ if (state) {
1328
+ EVP_PKEY_CTX_free(ctx);
1329
+ rb_jump_tag(state);
1330
+ }
1331
+ if (EVP_PKEY_sign(ctx, (unsigned char *)RSTRING_PTR(sig), &outlen,
1332
+ (unsigned char *)RSTRING_PTR(data),
1333
+ RSTRING_LEN(data)) <= 0) {
1334
+ EVP_PKEY_CTX_free(ctx);
1335
+ ossl_raise(ePKeyError, "EVP_PKEY_sign");
1336
+ }
1337
+ EVP_PKEY_CTX_free(ctx);
1338
+ rb_str_set_len(sig, outlen);
1339
+ return sig;
1340
+ }
1341
+
1342
+ /*
1343
+ * call-seq:
1344
+ * pkey.verify_raw(digest, signature, data [, options]) -> true or false
1345
+ *
1346
+ * Verifies the +signature+ for the +data+ using a public key +pkey+. Unlike
1347
+ * #verify, this method will not hash +data+ with +digest+ automatically.
1348
+ *
1349
+ * Returns +true+ if the signature is successfully verified, +false+ otherwise.
1350
+ * The caller must check the return value.
1351
+ *
1352
+ * See #sign_raw for the signing operation and an example code.
1353
+ *
1354
+ * Added in version 3.0. See also the man page EVP_PKEY_verify(3).
1355
+ *
1356
+ * +signature+::
1357
+ * A String containing the signature to be verified.
1358
+ */
1359
+ static VALUE
1360
+ ossl_pkey_verify_raw(int argc, VALUE *argv, VALUE self)
1361
+ {
1362
+ EVP_PKEY *pkey;
1363
+ VALUE digest, sig, data, options;
1364
+ const EVP_MD *md = NULL;
1365
+ EVP_PKEY_CTX *ctx;
1366
+ int state, ret;
1367
+
1368
+ GetPKey(self, pkey);
1369
+ rb_scan_args(argc, argv, "31", &digest, &sig, &data, &options);
1370
+ ossl_pkey_check_public_key(pkey);
1371
+ if (!NIL_P(digest))
1372
+ md = ossl_evp_get_digestbyname(digest);
1373
+ StringValue(sig);
1374
+ StringValue(data);
1375
+
1376
+ ctx = EVP_PKEY_CTX_new(pkey, /* engine */NULL);
1377
+ if (!ctx)
1378
+ ossl_raise(ePKeyError, "EVP_PKEY_CTX_new");
1379
+ if (EVP_PKEY_verify_init(ctx) <= 0) {
1380
+ EVP_PKEY_CTX_free(ctx);
1381
+ ossl_raise(ePKeyError, "EVP_PKEY_verify_init");
1382
+ }
1383
+ if (md && EVP_PKEY_CTX_set_signature_md(ctx, md) <= 0) {
1384
+ EVP_PKEY_CTX_free(ctx);
1385
+ ossl_raise(ePKeyError, "EVP_PKEY_CTX_set_signature_md");
1386
+ }
1387
+ if (!NIL_P(options)) {
1388
+ pkey_ctx_apply_options(ctx, options, &state);
1389
+ if (state) {
1390
+ EVP_PKEY_CTX_free(ctx);
1391
+ rb_jump_tag(state);
1392
+ }
1393
+ }
1394
+ ret = EVP_PKEY_verify(ctx, (unsigned char *)RSTRING_PTR(sig),
1395
+ RSTRING_LEN(sig),
1396
+ (unsigned char *)RSTRING_PTR(data),
1397
+ RSTRING_LEN(data));
1398
+ EVP_PKEY_CTX_free(ctx);
1399
+ if (ret < 0)
1400
+ ossl_raise(ePKeyError, "EVP_PKEY_verify");
1401
+
1402
+ if (ret)
1403
+ return Qtrue;
1404
+ else {
1405
+ ossl_clear_error();
1406
+ return Qfalse;
1407
+ }
1408
+ }
1409
+
1410
+ /*
1411
+ * call-seq:
1412
+ * pkey.verify_recover(digest, signature [, options]) -> string
1413
+ *
1414
+ * Recovers the signed data from +signature+ using a public key +pkey+. Not all
1415
+ * signature algorithms support this operation.
1416
+ *
1417
+ * Added in version 3.0. See also the man page EVP_PKEY_verify_recover(3).
1418
+ *
1419
+ * +signature+::
1420
+ * A String containing the signature to be verified.
1421
+ */
1422
+ static VALUE
1423
+ ossl_pkey_verify_recover(int argc, VALUE *argv, VALUE self)
1424
+ {
1425
+ EVP_PKEY *pkey;
1426
+ VALUE digest, sig, options, out;
1427
+ const EVP_MD *md = NULL;
1428
+ EVP_PKEY_CTX *ctx;
1429
+ int state;
1430
+ size_t outlen;
1431
+
1432
+ GetPKey(self, pkey);
1433
+ rb_scan_args(argc, argv, "21", &digest, &sig, &options);
1434
+ ossl_pkey_check_public_key(pkey);
1435
+ if (!NIL_P(digest))
1436
+ md = ossl_evp_get_digestbyname(digest);
1437
+ StringValue(sig);
1438
+
1439
+ ctx = EVP_PKEY_CTX_new(pkey, /* engine */NULL);
1440
+ if (!ctx)
1441
+ ossl_raise(ePKeyError, "EVP_PKEY_CTX_new");
1442
+ if (EVP_PKEY_verify_recover_init(ctx) <= 0) {
1443
+ EVP_PKEY_CTX_free(ctx);
1444
+ ossl_raise(ePKeyError, "EVP_PKEY_verify_recover_init");
1445
+ }
1446
+ if (md && EVP_PKEY_CTX_set_signature_md(ctx, md) <= 0) {
1447
+ EVP_PKEY_CTX_free(ctx);
1448
+ ossl_raise(ePKeyError, "EVP_PKEY_CTX_set_signature_md");
1449
+ }
1450
+ if (!NIL_P(options)) {
1451
+ pkey_ctx_apply_options(ctx, options, &state);
1452
+ if (state) {
1453
+ EVP_PKEY_CTX_free(ctx);
1454
+ rb_jump_tag(state);
1455
+ }
1456
+ }
1457
+ if (EVP_PKEY_verify_recover(ctx, NULL, &outlen,
1458
+ (unsigned char *)RSTRING_PTR(sig),
1459
+ RSTRING_LEN(sig)) <= 0) {
1460
+ EVP_PKEY_CTX_free(ctx);
1461
+ ossl_raise(ePKeyError, "EVP_PKEY_verify_recover");
1462
+ }
1463
+ out = ossl_str_new(NULL, (long)outlen, &state);
1464
+ if (state) {
1465
+ EVP_PKEY_CTX_free(ctx);
1466
+ rb_jump_tag(state);
1467
+ }
1468
+ if (EVP_PKEY_verify_recover(ctx, (unsigned char *)RSTRING_PTR(out), &outlen,
1469
+ (unsigned char *)RSTRING_PTR(sig),
1470
+ RSTRING_LEN(sig)) <= 0) {
1471
+ EVP_PKEY_CTX_free(ctx);
1472
+ ossl_raise(ePKeyError, "EVP_PKEY_verify_recover");
1473
+ }
1474
+ EVP_PKEY_CTX_free(ctx);
1475
+ rb_str_set_len(out, outlen);
1476
+ return out;
1477
+ }
1478
+
1479
+ /*
1480
+ * call-seq:
1481
+ * pkey.derive(peer_pkey) -> string
1482
+ *
1483
+ * Derives a shared secret from _pkey_ and _peer_pkey_. _pkey_ must contain
1484
+ * the private components, _peer_pkey_ must contain the public components.
1485
+ */
1486
+ static VALUE
1487
+ ossl_pkey_derive(int argc, VALUE *argv, VALUE self)
1488
+ {
1489
+ EVP_PKEY *pkey, *peer_pkey;
1490
+ EVP_PKEY_CTX *ctx;
1491
+ VALUE peer_pkey_obj, str;
1492
+ size_t keylen;
1493
+ int state;
1494
+
1495
+ GetPKey(self, pkey);
1496
+ rb_scan_args(argc, argv, "1", &peer_pkey_obj);
1497
+ GetPKey(peer_pkey_obj, peer_pkey);
1498
+
1499
+ ctx = EVP_PKEY_CTX_new(pkey, /* engine */NULL);
1500
+ if (!ctx)
1501
+ ossl_raise(ePKeyError, "EVP_PKEY_CTX_new");
1502
+ if (EVP_PKEY_derive_init(ctx) <= 0) {
1503
+ EVP_PKEY_CTX_free(ctx);
1504
+ ossl_raise(ePKeyError, "EVP_PKEY_derive_init");
1505
+ }
1506
+ if (EVP_PKEY_derive_set_peer(ctx, peer_pkey) <= 0) {
1507
+ EVP_PKEY_CTX_free(ctx);
1508
+ ossl_raise(ePKeyError, "EVP_PKEY_derive_set_peer");
1509
+ }
1510
+ if (EVP_PKEY_derive(ctx, NULL, &keylen) <= 0) {
1511
+ EVP_PKEY_CTX_free(ctx);
1512
+ ossl_raise(ePKeyError, "EVP_PKEY_derive");
1513
+ }
1514
+ if (keylen > LONG_MAX)
1515
+ rb_raise(ePKeyError, "derived key would be too large");
1516
+ str = ossl_str_new(NULL, (long)keylen, &state);
1517
+ if (state) {
1518
+ EVP_PKEY_CTX_free(ctx);
1519
+ rb_jump_tag(state);
1520
+ }
1521
+ if (EVP_PKEY_derive(ctx, (unsigned char *)RSTRING_PTR(str), &keylen) <= 0) {
1522
+ EVP_PKEY_CTX_free(ctx);
1523
+ ossl_raise(ePKeyError, "EVP_PKEY_derive");
1524
+ }
1525
+ EVP_PKEY_CTX_free(ctx);
1526
+ rb_str_set_len(str, keylen);
1527
+ return str;
1528
+ }
1529
+
1530
+ /*
1531
+ * call-seq:
1532
+ * pkey.encrypt(data [, options]) -> string
1533
+ *
1534
+ * Performs a public key encryption operation using +pkey+.
1535
+ *
1536
+ * See #decrypt for the reverse operation.
1537
+ *
1538
+ * Added in version 3.0. See also the man page EVP_PKEY_encrypt(3).
1539
+ *
1540
+ * +data+::
1541
+ * A String to be encrypted.
1542
+ * +options+::
1543
+ * A Hash that contains algorithm specific control operations to \OpenSSL.
1544
+ * See OpenSSL's man page EVP_PKEY_CTX_ctrl_str(3) for details.
1545
+ *
1546
+ * Example:
1547
+ * pkey = OpenSSL::PKey.generate_key("RSA", rsa_keygen_bits: 2048)
1548
+ * data = "secret data"
1549
+ * encrypted = pkey.encrypt(data, rsa_padding_mode: "oaep")
1550
+ * decrypted = pkey.decrypt(data, rsa_padding_mode: "oaep")
1551
+ * p decrypted #=> "secret data"
1552
+ */
1553
+ static VALUE
1554
+ ossl_pkey_encrypt(int argc, VALUE *argv, VALUE self)
1555
+ {
1556
+ EVP_PKEY *pkey;
1557
+ EVP_PKEY_CTX *ctx;
1558
+ VALUE data, options, str;
1559
+ size_t outlen;
1560
+ int state;
1561
+
1562
+ GetPKey(self, pkey);
1563
+ rb_scan_args(argc, argv, "11", &data, &options);
1564
+ StringValue(data);
1565
+
1566
+ ctx = EVP_PKEY_CTX_new(pkey, /* engine */NULL);
1567
+ if (!ctx)
1568
+ ossl_raise(ePKeyError, "EVP_PKEY_CTX_new");
1569
+ if (EVP_PKEY_encrypt_init(ctx) <= 0) {
1570
+ EVP_PKEY_CTX_free(ctx);
1571
+ ossl_raise(ePKeyError, "EVP_PKEY_encrypt_init");
1572
+ }
1573
+ if (!NIL_P(options)) {
1574
+ pkey_ctx_apply_options(ctx, options, &state);
1575
+ if (state) {
1576
+ EVP_PKEY_CTX_free(ctx);
1577
+ rb_jump_tag(state);
1578
+ }
1579
+ }
1580
+ if (EVP_PKEY_encrypt(ctx, NULL, &outlen,
1581
+ (unsigned char *)RSTRING_PTR(data),
1582
+ RSTRING_LEN(data)) <= 0) {
1583
+ EVP_PKEY_CTX_free(ctx);
1584
+ ossl_raise(ePKeyError, "EVP_PKEY_encrypt");
1585
+ }
1586
+ if (outlen > LONG_MAX) {
1587
+ EVP_PKEY_CTX_free(ctx);
1588
+ rb_raise(ePKeyError, "encrypted data would be too large");
1589
+ }
1590
+ str = ossl_str_new(NULL, (long)outlen, &state);
1591
+ if (state) {
1592
+ EVP_PKEY_CTX_free(ctx);
1593
+ rb_jump_tag(state);
1594
+ }
1595
+ if (EVP_PKEY_encrypt(ctx, (unsigned char *)RSTRING_PTR(str), &outlen,
1596
+ (unsigned char *)RSTRING_PTR(data),
1597
+ RSTRING_LEN(data)) <= 0) {
1598
+ EVP_PKEY_CTX_free(ctx);
1599
+ ossl_raise(ePKeyError, "EVP_PKEY_encrypt");
1600
+ }
1601
+ EVP_PKEY_CTX_free(ctx);
1602
+ rb_str_set_len(str, outlen);
1603
+ return str;
1604
+ }
1605
+
1606
+ /*
1607
+ * call-seq:
1608
+ * pkey.decrypt(data [, options]) -> string
1609
+ *
1610
+ * Performs a public key decryption operation using +pkey+.
1611
+ *
1612
+ * See #encrypt for a description of the parameters and an example.
1613
+ *
1614
+ * Added in version 3.0. See also the man page EVP_PKEY_decrypt(3).
1615
+ */
1616
+ static VALUE
1617
+ ossl_pkey_decrypt(int argc, VALUE *argv, VALUE self)
1618
+ {
1619
+ EVP_PKEY *pkey;
1620
+ EVP_PKEY_CTX *ctx;
1621
+ VALUE data, options, str;
1622
+ size_t outlen;
1623
+ int state;
1624
+
1625
+ GetPKey(self, pkey);
1626
+ rb_scan_args(argc, argv, "11", &data, &options);
1627
+ StringValue(data);
1628
+
1629
+ ctx = EVP_PKEY_CTX_new(pkey, /* engine */NULL);
1630
+ if (!ctx)
1631
+ ossl_raise(ePKeyError, "EVP_PKEY_CTX_new");
1632
+ if (EVP_PKEY_decrypt_init(ctx) <= 0) {
1633
+ EVP_PKEY_CTX_free(ctx);
1634
+ ossl_raise(ePKeyError, "EVP_PKEY_decrypt_init");
1635
+ }
1636
+ if (!NIL_P(options)) {
1637
+ pkey_ctx_apply_options(ctx, options, &state);
1638
+ if (state) {
1639
+ EVP_PKEY_CTX_free(ctx);
1640
+ rb_jump_tag(state);
1641
+ }
1642
+ }
1643
+ if (EVP_PKEY_decrypt(ctx, NULL, &outlen,
1644
+ (unsigned char *)RSTRING_PTR(data),
1645
+ RSTRING_LEN(data)) <= 0) {
1646
+ EVP_PKEY_CTX_free(ctx);
1647
+ ossl_raise(ePKeyError, "EVP_PKEY_decrypt");
1648
+ }
1649
+ if (outlen > LONG_MAX) {
1650
+ EVP_PKEY_CTX_free(ctx);
1651
+ rb_raise(ePKeyError, "decrypted data would be too large");
1652
+ }
1653
+ str = ossl_str_new(NULL, (long)outlen, &state);
1654
+ if (state) {
1655
+ EVP_PKEY_CTX_free(ctx);
1656
+ rb_jump_tag(state);
1657
+ }
1658
+ if (EVP_PKEY_decrypt(ctx, (unsigned char *)RSTRING_PTR(str), &outlen,
1659
+ (unsigned char *)RSTRING_PTR(data),
1660
+ RSTRING_LEN(data)) <= 0) {
1661
+ EVP_PKEY_CTX_free(ctx);
1662
+ ossl_raise(ePKeyError, "EVP_PKEY_decrypt");
1663
+ }
1664
+ EVP_PKEY_CTX_free(ctx);
1665
+ rb_str_set_len(str, outlen);
1666
+ return str;
566
1667
  }
567
1668
 
568
1669
  /*
@@ -648,18 +1749,41 @@ Init_ossl_pkey(void)
648
1749
  cPKey = rb_define_class_under(mPKey, "PKey", rb_cObject);
649
1750
 
650
1751
  rb_define_module_function(mPKey, "read", ossl_pkey_new_from_data, -1);
1752
+ rb_define_module_function(mPKey, "generate_parameters", ossl_pkey_s_generate_parameters, -1);
1753
+ rb_define_module_function(mPKey, "generate_key", ossl_pkey_s_generate_key, -1);
1754
+ #ifdef HAVE_EVP_PKEY_NEW_RAW_PRIVATE_KEY
1755
+ rb_define_module_function(mPKey, "new_raw_private_key", ossl_pkey_new_raw_private_key, 2);
1756
+ rb_define_module_function(mPKey, "new_raw_public_key", ossl_pkey_new_raw_public_key, 2);
1757
+ #endif
651
1758
 
652
1759
  rb_define_alloc_func(cPKey, ossl_pkey_alloc);
653
1760
  rb_define_method(cPKey, "initialize", ossl_pkey_initialize, 0);
1761
+ #ifdef HAVE_EVP_PKEY_DUP
1762
+ rb_define_method(cPKey, "initialize_copy", ossl_pkey_initialize_copy, 1);
1763
+ #else
1764
+ rb_undef_method(cPKey, "initialize_copy");
1765
+ #endif
654
1766
  rb_define_method(cPKey, "oid", ossl_pkey_oid, 0);
655
1767
  rb_define_method(cPKey, "inspect", ossl_pkey_inspect, 0);
1768
+ rb_define_method(cPKey, "to_text", ossl_pkey_to_text, 0);
656
1769
  rb_define_method(cPKey, "private_to_der", ossl_pkey_private_to_der, -1);
657
1770
  rb_define_method(cPKey, "private_to_pem", ossl_pkey_private_to_pem, -1);
658
1771
  rb_define_method(cPKey, "public_to_der", ossl_pkey_public_to_der, 0);
659
1772
  rb_define_method(cPKey, "public_to_pem", ossl_pkey_public_to_pem, 0);
660
-
661
- rb_define_method(cPKey, "sign", ossl_pkey_sign, 2);
662
- rb_define_method(cPKey, "verify", ossl_pkey_verify, 3);
1773
+ #ifdef HAVE_EVP_PKEY_NEW_RAW_PRIVATE_KEY
1774
+ rb_define_method(cPKey, "raw_private_key", ossl_pkey_raw_private_key, 0);
1775
+ rb_define_method(cPKey, "raw_public_key", ossl_pkey_raw_public_key, 0);
1776
+ #endif
1777
+ rb_define_method(cPKey, "compare?", ossl_pkey_compare, 1);
1778
+
1779
+ rb_define_method(cPKey, "sign", ossl_pkey_sign, -1);
1780
+ rb_define_method(cPKey, "verify", ossl_pkey_verify, -1);
1781
+ rb_define_method(cPKey, "sign_raw", ossl_pkey_sign_raw, -1);
1782
+ rb_define_method(cPKey, "verify_raw", ossl_pkey_verify_raw, -1);
1783
+ rb_define_method(cPKey, "verify_recover", ossl_pkey_verify_recover, -1);
1784
+ rb_define_method(cPKey, "derive", ossl_pkey_derive, -1);
1785
+ rb_define_method(cPKey, "encrypt", ossl_pkey_encrypt, -1);
1786
+ rb_define_method(cPKey, "decrypt", ossl_pkey_decrypt, -1);
663
1787
 
664
1788
  id_private_q = rb_intern("private?");
665
1789