RubyGems - openssl - Versions diffs - 3.0.1 → 3.0.2 - Mend

openssl 3.0.1 → 3.0.2

Files changed (7) hide show

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b75bcd65f8742364f4a513c5ec991648ef6c859b185f2ae87b3eeb1551ab743b
-  data.tar.gz: 1e9674192c66fd95a3c201d9afd0d2d755da24ae2847e5abfd68734ba262c811
+  metadata.gz: b8568ca84395c137b32a22127dcaa2125265d1f5b61a62ba1d56e2373b7a96c4
+  data.tar.gz: 1cef2e5798b482c3096826306a3264b82626f6d6cb23f53d9a71025f5afa46b3
 SHA512:
-  metadata.gz: c28bc1d26bb1ae082481d1615d381bd2026b094eae39ddaadbe2791a9bade505bdc0431f19539254f66520feca5b073b675d93c53117b5df880460e029f2641c
-  data.tar.gz: b815b33563ece86bc99f7112db593765c8bc32c887511ef5caff77725d64fb3f78e470e1ae4fbec131d04eda464159852aac3373e485d36c47ef32b35f59d99c
+  metadata.gz: 1bb9f6a40f535f4331097321296028fc2bdc8e5f90e6366c8db5c8e6dca771b55932c01479f667bd0751940917c83a9c98ca9ea70d7c622688cbb24432afdb36
+  data.tar.gz: d9905167ac9e1ffc3201155d39d947e5b0e923797a09ba172a443d4a4040a5d8663edfdb30c935a6d2fa71438e8f8a0fec025c21b5af9290eb76b02a8c100326

data/History.md CHANGED Viewed

@@ -1,3 +1,17 @@
+Version 3.0.2
+=============
+Merged changes in 2.2.3. Additionally, the following issues are fixed by this
+release.
+Bug fixes
+---------
+* Fix OpenSSL::PKey::EC#check_key not working correctly on OpenSSL 3.0.
+  [[GitHub #563]](https://github.com/ruby/openssl/issues/563)
+  [[GitHub #580]](https://github.com/ruby/openssl/pull/580)
 Version 3.0.1
 =============
@@ -124,6 +138,21 @@ Notable changes
     [[GitHub #342]](https://github.com/ruby/openssl/issues/342)
+Version 2.2.3
+=============
+Bug fixes
+---------
+* Fix serveral methods in OpenSSL::PKey::EC::Point attempting to raise an error
+  with an incorrect class, which would end up with a TypeError.
+  [[GitHub #570]](https://github.com/ruby/openssl/pull/570)
+* Fix OpenSSL::PKey::EC::Point#eql? and OpenSSL::PKey::EC::Group#eql?
+  incorrectly treated OpenSSL's internal errors as "not equal".
+  [[GitHub #564]](https://github.com/ruby/openssl/pull/564)
+* Fix build with LibreSSL 3.5 or later.
 Version 2.2.2
 =============

data/ext/openssl/ossl.h CHANGED Viewed

@@ -43,13 +43,13 @@
 #ifndef LIBRESSL_VERSION_NUMBER
 # define OSSL_IS_LIBRESSL 0
 # define OSSL_OPENSSL_PREREQ(maj, min, pat) \
-      (OPENSSL_VERSION_NUMBER >= (maj << 28) | (min << 20) | (pat << 12))
+      (OPENSSL_VERSION_NUMBER >= ((maj << 28) | (min << 20) | (pat << 12)))
 # define OSSL_LIBRESSL_PREREQ(maj, min, pat) 0
 #else
 # define OSSL_IS_LIBRESSL 1
 # define OSSL_OPENSSL_PREREQ(maj, min, pat) 0
 # define OSSL_LIBRESSL_PREREQ(maj, min, pat) \
-      (LIBRESSL_VERSION_NUMBER >= (maj << 28) | (min << 20) | (pat << 12))
+      (LIBRESSL_VERSION_NUMBER >= ((maj << 28) | (min << 20) | (pat << 12)))
 #endif
 #if !defined(OPENSSL_NO_ENGINE) && !OSSL_OPENSSL_PREREQ(3, 0, 0)

data/ext/openssl/ossl_pkey.c CHANGED Viewed

@@ -710,7 +710,7 @@ ossl_pkey_export_traditional(int argc, VALUE *argv, VALUE self, int to_der)
 	}
     }
     else {
-#if OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(LIBRESSL_VERSION_NUMBER)
+#if OSSL_OPENSSL_PREREQ(1, 1, 0) || OSSL_LIBRESSL_PREREQ(3, 5, 0)
 	if (!PEM_write_bio_PrivateKey_traditional(bio, pkey, enc, NULL, 0,
 						  ossl_pem_passwd_cb,
 						  (void *)pass)) {

data/ext/openssl/ossl_pkey_ec.c CHANGED Viewed

@@ -483,16 +483,28 @@ static VALUE ossl_ec_key_check_key(VALUE self)
 #ifdef HAVE_EVP_PKEY_CHECK
     EVP_PKEY *pkey;
     EVP_PKEY_CTX *pctx;
-    int ret;
+    EC_KEY *ec;
     GetPKey(self, pkey);
+    GetEC(self, ec);
     pctx = EVP_PKEY_CTX_new(pkey, /* engine */NULL);
     if (!pctx)
-        ossl_raise(eDHError, "EVP_PKEY_CTX_new");
-    ret = EVP_PKEY_public_check(pctx);
+        ossl_raise(eECError, "EVP_PKEY_CTX_new");
+    if (EC_KEY_get0_private_key(ec) != NULL) {
+        if (EVP_PKEY_check(pctx) != 1) {
+            EVP_PKEY_CTX_free(pctx);
+            ossl_raise(eECError, "EVP_PKEY_check");
+        }
+    }
+    else {
+        if (EVP_PKEY_public_check(pctx) != 1) {
+            EVP_PKEY_CTX_free(pctx);
+            ossl_raise(eECError, "EVP_PKEY_public_check");
+        }
+    }
     EVP_PKEY_CTX_free(pctx);
-    if (ret != 1)
-        ossl_raise(eECError, "EVP_PKEY_public_check");
 #else
     EC_KEY *ec;
@@ -668,10 +680,11 @@ static VALUE ossl_ec_group_eql(VALUE a, VALUE b)
     GetECGroup(a, group1);
     GetECGroup(b, group2);
-    if (EC_GROUP_cmp(group1, group2, ossl_bn_ctx) == 1)
-       return Qfalse;
-    return Qtrue;
+    switch (EC_GROUP_cmp(group1, group2, ossl_bn_ctx)) {
+    case 0: return Qtrue;
+    case 1: return Qfalse;
+    default: ossl_raise(eEC_GROUP, "EC_GROUP_cmp");
+    }
 }
 /*
@@ -1232,10 +1245,13 @@ static VALUE ossl_ec_point_eql(VALUE a, VALUE b)
     GetECPoint(b, point2);
     GetECGroup(group_v1, group);
-    if (EC_POINT_cmp(group, point1, point2, ossl_bn_ctx) == 1)
-        return Qfalse;
+    switch (EC_POINT_cmp(group, point1, point2, ossl_bn_ctx)) {
+    case 0: return Qtrue;
+    case 1: return Qfalse;
+    default: ossl_raise(eEC_POINT, "EC_POINT_cmp");
+    }
-    return Qtrue;
+    UNREACHABLE;
 }
 /*
@@ -1253,7 +1269,7 @@ static VALUE ossl_ec_point_is_at_infinity(VALUE self)
     switch (EC_POINT_is_at_infinity(group, point)) {
     case 1: return Qtrue;
     case 0: return Qfalse;
-    default: ossl_raise(cEC_POINT, "EC_POINT_is_at_infinity");
+    default: ossl_raise(eEC_POINT, "EC_POINT_is_at_infinity");
     }
     UNREACHABLE;
@@ -1274,7 +1290,7 @@ static VALUE ossl_ec_point_is_on_curve(VALUE self)
     switch (EC_POINT_is_on_curve(group, point, ossl_bn_ctx)) {
     case 1: return Qtrue;
     case 0: return Qfalse;
-    default: ossl_raise(cEC_POINT, "EC_POINT_is_on_curve");
+    default: ossl_raise(eEC_POINT, "EC_POINT_is_on_curve");
     }
     UNREACHABLE;
@@ -1297,7 +1313,7 @@ static VALUE ossl_ec_point_make_affine(VALUE self)
     rb_warn("OpenSSL::PKey::EC::Point#make_affine! is deprecated");
 #if !OSSL_OPENSSL_PREREQ(3, 0, 0)
     if (EC_POINT_make_affine(group, point, ossl_bn_ctx) != 1)
-        ossl_raise(cEC_POINT, "EC_POINT_make_affine");
+        ossl_raise(eEC_POINT, "EC_POINT_make_affine");
 #endif
     return self;
@@ -1316,7 +1332,7 @@ static VALUE ossl_ec_point_invert(VALUE self)
     GetECPointGroup(self, group);
     if (EC_POINT_invert(group, point, ossl_bn_ctx) != 1)
-        ossl_raise(cEC_POINT, "EC_POINT_invert");
+        ossl_raise(eEC_POINT, "EC_POINT_invert");
     return self;
 }
@@ -1334,7 +1350,7 @@ static VALUE ossl_ec_point_set_to_infinity(VALUE self)
     GetECPointGroup(self, group);
     if (EC_POINT_set_to_infinity(group, point) != 1)
-        ossl_raise(cEC_POINT, "EC_POINT_set_to_infinity");
+        ossl_raise(eEC_POINT, "EC_POINT_set_to_infinity");
     return self;
 }

data/lib/openssl/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module OpenSSL
-  VERSION = "3.0.1"
+  VERSION = "3.0.2"
 end

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: openssl
 version: !ruby/object:Gem::Version
-  version: 3.0.1
+  version: 3.0.2
 platform: ruby
 authors:
 - Martin Bosslet
@@ -11,7 +11,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2022-09-08 00:00:00.000000000 Z
+date: 2022-12-23 00:00:00.000000000 Z
 dependencies: []
 description: It wraps the OpenSSL library.
 email:
@@ -117,7 +117,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.3.8
+rubygems_version: 3.4.0.dev
 signing_key:
 specification_version: 4
 summary: OpenSSL provides SSL, TLS and general purpose cryptography.