putty-key 1.1.0 → 1.1.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 0e875308cd1e8bd154bb40ceccf856a1b91cfa74e1858c89b006735016980c10
-  data.tar.gz: 9306636667b1864c570bc467837e44e3d2490b965d4c3493ff1abe853832d419
+  metadata.gz: f1c65726c4468a416efcd8617dab76d88660cf732254089a5a342c16f9eabc5d
+  data.tar.gz: cb96dba0c50957fea7add686d9447fcbb65d42bd1bc5bfbd61d81feb98c79a69
 SHA512:
-  metadata.gz: 52426f86621cff16b7a55901144e987f8ecc8478c7204511449d8de3d19258c60f472deb98e85996d39f9a3a197e2a2832095d01e09e710454f30d00c99af820
-  data.tar.gz: acb9f8986b8c42e554e14d54d11cb6d6bde103256780dd31a81e4b828e6109b40d03b19460479868334028a9534a05eb729d04db555678c3db7a0a12651d9b32
+  metadata.gz: aa668b32837bb8aacd74d1623ede0b0bef2b6b38c06927b684ee69beb767d611bff059cb4a20b2ffce699523f217af8e815896187ebf1b0cb2b0aabb452ea61d
+  data.tar.gz: d1aec232b10f62cdaa62368144d550dee02de413509869731809cf1f314b3e538fa60b77a373751dffa45e36b0bdca06b08041d282c30cdf4e0d4a588779e261

data/CHANGES.md

@@ -1,5 +1,19 @@
 # Changes #
 
+## Version 1.1.2 - 16-Oct-2024 ##
+
+* Fix `Java::JavaLang::NullPointerException` being raised instead of
+  `PuTTY::Key::InvalidStateError` by `OpenSSL::PKey::EC#to_ppk` on JRuby 9.4
+  when the key is not initialized.
+
+
+## Version 1.1.1 - 23-Oct-2022 ##
+
+* Add support for Ruby 3.2.
+* Add support for OpenSSL 3 (requires either Ruby 3.1+, or version 3.0.0+ of the
+  openssl gem).
+
+
 ## Version 1.1.0 - 24-May-2021 ##
 
 * Add support for [format 3 .ppk files](https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/ppk3.html)

data/Gemfile

@@ -12,6 +12,33 @@ group :test do
 
   # coveralls is no longer maintained, but supports Ruby < 2.3.
   # coveralls_reborn is maintained, but requires Ruby >= 2.3.
-  gem 'coveralls', '~> 0.8', require: false if RUBY_VERSION < '2.3'
+  gem 'coveralls', git: 'https://github.com/philr/coveralls-ruby.git', require: false if RUBY_VERSION < '2.3'
   gem 'coveralls_reborn', '~> 0.13', require: false if RUBY_VERSION >= '2.3'
+
+  # term-ansicolor is a dependency of coveralls. All versions are falsely
+  # declared as compatible with any Ruby version.
+  #
+  # Limit to an earlier compatible version.
+  if RUBY_VERSION < '2.5'
+    gem 'term-ansicolor', '< 1.9'
+  end
+
+  # tins is a dependency of coveralls. From 1.33.0 it depends on bigdecimal,
+  # which can't be installed on old JRuby versions.
+  #
+  # Limit to an earlier compatible version.
+  if RUBY_ENGINE == 'jruby'
+    gem 'tins', '< 1.33'
+  end
+
+  # The source version of ffi 1.15.5 is declared as compatible with Ruby >= 2.3.
+  # The binary version of 1.15.5 is declared as compatible with Ruby >= 2.4, so
+  # doesn't get used. The using the source version results in a segmentation
+  # fault during libffi initialization.
+  #
+  # Binaries of 15.5.0 to 15.5.4 are declared as compatible with Ruby >= 2.3,
+  # but don't get used with Bundler 2.3.23 and Ruby 2.3 on Windows.
+  #
+  # Limit to earlier compatible versions.
+  gem 'ffi', '< 1.15.0' if RUBY_VERSION < '2.4' && RUBY_PLATFORM =~ /mingw/
 end

data/LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2016-2021 Philip Ross
+Copyright (c) 2016-2024 Philip Ross
 
 Permission is hereby granted, free of charge, to any person obtaining a copy of
 this software and associated documentation files (the "Software"), to deal in

data/Rakefile

@@ -4,11 +4,11 @@ require 'rubygems/package_task'
 require 'rake/testtask'
 
 BASE_DIR = File.expand_path(File.dirname(__FILE__))
+GEMSPEC_PATH = File.join(BASE_DIR, 'putty-key.gemspec')
+spec = TOPLEVEL_BINDING.eval(File.read(GEMSPEC_PATH), GEMSPEC_PATH)
 
 task :default => :test
 
-spec = eval(File.read('putty-key.gemspec'))
-
 # Attempt to find the private key and return a spec with added options for
 # signing the gem if found.
 def add_signing_key(spec)

data/lib/putty/key/openssl.rb

@@ -25,10 +25,271 @@ module PuTTY
 
       private_constant :SSH_CURVES
 
+      # Either a real JRuby NullPointerException, or a fake class that won't be
+      # raised. Can be rescued to handle NullPointerException on jruby.
+      JavaNullPointerException = RUBY_ENGINE == 'jruby' ? Java::JavaLang::NullPointerException : Class.new(Exception)
+      private_constant :JavaNullPointerException
+
+      # OpenSSL version helper methods.
+      #
+      # @private
+      module Version
+        class << self
+          # Determines if the Ruby OpenSSL wrapper is using the OpenSSL library
+          # (not LibreSSL and not JRuby) and if the version matches the required
+          # version.
+          #
+          # @param major [Integer] The required major version. `nil` if any
+          #   version of OpenSSL is sufficient.
+          # @param minor [Integer] The required minor version.
+          # @param fix [Integer] The required fix version.
+          # @param patch [Integer] The required patch version.
+          # @return [Boolean] `true` if the requirements are met, otherwise
+          #   `false`.
+          def openssl?(major = nil, minor = 0, fix = 0, patch = 0)
+            return false if ::OpenSSL::OPENSSL_VERSION.include?('LibreSSL')
+            return false if ::OpenSSL::OPENSSL_VERSION.include?('JRuby')
+            return true unless major
+            required_version = major * 0x10000000 + minor * 0x100000 + fix * 0x1000 + patch * 0x10
+            ::OpenSSL::OPENSSL_VERSION_NUMBER >= required_version
+          end
+        end
+      end
+      private_constant :Version
+
+      # Methods to build OpenSSL private keys from a {PPK}.
+      #
+      # @private
+      module PKeyBuilding
+        class << self
+          # Creates a new OpenSSL DSA private key for the given DSA {PPK}.
+          #
+          # @param ppk [PPK] A DSA {PPK}.
+          # @return [::OpenSSL::PKey::DSA] The OpenSSL DSA private key.
+          def ppk_to_dsa(ppk)
+            _, p, q, g, pub_key = Util.ssh_unpack(ppk.public_blob, :string, :mpint, :mpint, :mpint, :mpint)
+            priv_key = Util.ssh_unpack(ppk.private_blob, :mpint).first
+            dsa_from_params(p, q, g, pub_key, priv_key)
+          end
+
+          # Creates a new OpenSSL RSA private key for the given RSA {PPK}.
+          #
+          # @param ppk [PPK] An RSA {PPK}.
+          # @return [::OpenSSL::PKey::RSA] The OpenSSL RSA private key.
+          def ppk_to_rsa(ppk)
+            _, e, n = Util.ssh_unpack(ppk.public_blob, :string, :mpint, :mpint)
+            d, p, q, iqmp = Util.ssh_unpack(ppk.private_blob, :mpint, :mpint, :mpint, :mpint)
+            dmp1 = d % (p - 1)
+            dmq1 = d % (q - 1)
+            rsa_from_params(e, n, d, p, q, iqmp, dmp1, dmq1)
+          end
+
+          # Creates a new OpenSSL EC private key for the given EC {PPK}.
+          #
+          # @param ppk [PPK] An EC {PPK}.
+          # @param ppk_curve [String] The PPK curve name extracted from the
+          #   PPK algorithm name.
+          # @return [::OpenSSL::PKey::EC] The OpenSSL EC private key.
+          def ppk_to_ec(ppk, ppk_curve)
+            curve = OPENSSL_CURVES[ppk_curve]
+            _, _, pub_key = Util.ssh_unpack(ppk.public_blob, :string, :string, :mpint)
+            priv_key = Util.ssh_unpack(ppk.private_blob, :mpint).first
+            ec_from_params(curve, pub_key, priv_key)
+          end
+
+          private
+
+          if Version.openssl?(3)
+            # OpenSSL v3 private keys are immutable. The Ruby OpenSSL wrapper
+            # doesn't provide a method to construct private keys using the
+            # parameters. Build DER (ASN.1) encoded versions of the keys.
+            #
+            # In theory this should be usable universally. However
+            # ::OpenSSL::PKey::EC::Point#to_octet_string is only supported from
+            # Ruby >= 2.4 and there are issues with JRuby's OpenSSL library
+            # (that doesn't make use of OpenSSL).
+
+            # :nocov_no_openssl3:
+
+            # Creates a new OpenSSL DSA private key with the given parameters.
+            #
+            # @param p [::OpenSSL::BN] The p parameter (prime).
+            # @param q [::OpenSSL::BN] The q parameter (prime).
+            # @param g [::OpenSSL::BN] The g parameter.
+            # @param pub_key [::OpenSSL::BN] The public key.
+            # @param priv_key [::OpenSSL::BN] The private key.
+            # @return [::OpenSSL::PKey::DSA] The OpenSSL DSA private key.
+            def dsa_from_params(p, q, g, pub_key, priv_key)
+              # https://www.openssl.org/docs/man3.0/man1/openssl-dsa.html (outform parameter).
+              sequence = [
+                ::OpenSSL::ASN1::Integer.new(0),
+                ::OpenSSL::ASN1::Integer.new(p),
+                ::OpenSSL::ASN1::Integer.new(q),
+                ::OpenSSL::ASN1::Integer.new(g),
+                ::OpenSSL::ASN1::Integer.new(pub_key),
+                ::OpenSSL::ASN1::Integer.new(priv_key)
+              ]
+
+              ::OpenSSL::PKey::DSA.new(::OpenSSL::ASN1::Sequence.new(sequence).to_der)
+            end
+
+            # Creates a new OpenSSL RSA private key with the given parameters.
+            #
+            # @param e [::OpenSSL::BN] The public key exponent.
+            # @param n [::OpenSSL::BN] The modulus.
+            # @param d [::OpenSSL::BN] The private key exponent.
+            # @param p [::OpenSSL::BN] The p prime.
+            # @param q [::OpenSSL::BN] The q prime.
+            # @param iqmp [::OpenSSL::BN] The inverse of q, mod p.
+            # @param dmp1 [::OpenSSL::BN] `d` mod (`p` - 1).
+            # @param dmq1 [::OpenSSL::BN] `d` mod (`q` - 1).
+            # @return [::OpenSSL::PKey::RSA] The OpenSSL RSA private key.
+            def rsa_from_params(e, n, d, p, q, iqmp, dmp1, dmq1)
+              # RFC 3447 Appendix A.1.2
+              sequence = [
+                ::OpenSSL::ASN1::Integer.new(0),
+                ::OpenSSL::ASN1::Integer.new(n),
+                ::OpenSSL::ASN1::Integer.new(e),
+                ::OpenSSL::ASN1::Integer.new(d),
+                ::OpenSSL::ASN1::Integer.new(p),
+                ::OpenSSL::ASN1::Integer.new(q),
+                ::OpenSSL::ASN1::Integer.new(dmp1),
+                ::OpenSSL::ASN1::Integer.new(dmq1),
+                ::OpenSSL::ASN1::Integer.new(iqmp)
+              ]
+
+              ::OpenSSL::PKey::RSA.new(::OpenSSL::ASN1::Sequence.new(sequence).to_der)
+            end
+
+            # Creates a new OpenSSL EC private key with the given parameters.
+            #
+            # @param curve [String] The name of the OpenSSL EC curve.
+            # @param pub_key [::OpenSSL::BN] The public key.
+            # @param priv_key [::OpenSSL::BN] The private key.
+            # @return [::OpenSSL::PKey::EC] The OpenSSL EC private key.
+            def ec_from_params(curve, pub_key, priv_key)
+              group = ::OpenSSL::PKey::EC::Group.new(curve)
+              point = ::OpenSSL::PKey::EC::Point.new(group, pub_key)
+              point_string = point.to_octet_string(:uncompressed)
+
+              # RFC 5915 Section 3
+              sequence = [
+                ::OpenSSL::ASN1::Integer.new(1),
+                ::OpenSSL::ASN1::OctetString.new(priv_key.to_s(2)),
+                ::OpenSSL::ASN1::ObjectId.new(curve, 0, :EXPLICIT),
+                ::OpenSSL::ASN1::BitString.new(point_string, 1, :EXPLICIT)
+              ]
+
+              ::OpenSSL::PKey::EC.new(::OpenSSL::ASN1::Sequence.new(sequence).to_der)
+            end
+            # :nocov_no_openssl3:
+          else
+            # :nocov_openssl3:
+            if ::OpenSSL::PKey::DSA.new.respond_to?(:set_key)
+              # :nocov_no_openssl_pkey_dsa_set_key:
+
+              # Creates a new OpenSSL DSA private key with the given parameters.
+              #
+              # @param p [::OpenSSL::BN] The p parameter.
+              # @param q [::OpenSSL::BN] The q parameter.
+              # @param g [::OpenSSL::BN] The g parameter.
+              # @param pub_key [::OpenSSL::BN] The public key.
+              # @param priv_key [::OpenSSL::BN] The private key.
+              # @return [::OpenSSL::PKey::DSA] The OpenSSL DSA private key.
+              def dsa_from_params(p, q, g, pub_key, priv_key)
+                ::OpenSSL::PKey::DSA.new.tap do |pkey|
+                  pkey.set_key(pub_key, priv_key)
+                  pkey.set_pqg(p, q, g)
+                end
+              end
+              # :nocov_no_openssl_pkey_dsa_set_key:
+            else
+              # :nocov_openssl_pkey_dsa_set_key:
+              # Creates a new OpenSSL DSA private key with the given parameters.
+              #
+              # @param p [::OpenSSL::BN] The p parameter.
+              # @param q [::OpenSSL::BN] The q parameter.
+              # @param g [::OpenSSL::BN] The g parameter.
+              # @param pub_key [::OpenSSL::BN] The public key.
+              # @param priv_key [::OpenSSL::BN] The private key.
+              # @return [::OpenSSL::PKey::DSA] The OpenSSL DSA private key.
+              def dsa_from_params(p, q, g, pub_key, priv_key)
+                ::OpenSSL::PKey::DSA.new.tap do |pkey|
+                  pkey.p, pkey.q, pkey.g, pkey.pub_key, pkey.priv_key = p, q, g, pub_key, priv_key
+                end
+              end
+              # :nocov_openssl_pkey_dsa_set_key:
+            end
+
+            if ::OpenSSL::PKey::RSA.new.respond_to?(:set_factors)
+              # :nocov_no_openssl_pkey_rsa_set_factors:
+
+              # Creates a new OpenSSL RSA private key with the given parameters.
+              #
+              # @param e [::OpenSSL::BN] The public key exponent.
+              # @param n [::OpenSSL::BN] The modulus.
+              # @param d [::OpenSSL::BN] The private key exponent.
+              # @param p [::OpenSSL::BN] The p prime.
+              # @param q [::OpenSSL::BN] The q prime.
+              # @param iqmp [::OpenSSL::BN] The inverse of q, mod p.
+              # @param dmp1 [::OpenSSL::BN] `d` mod (`p` - 1).
+              # @param dmq1 [::OpenSSL::BN] `d` mod (`q` - 1).
+              # @return [::OpenSSL::PKey::RSA] The OpenSSL RSA private key.
+              def rsa_from_params(e, n, d, p, q, iqmp, dmp1, dmq1)
+                ::OpenSSL::PKey::RSA.new.tap do |pkey|
+                  pkey.set_factors(p, q)
+                  pkey.set_key(n, e, d)
+                  pkey.set_crt_params(dmp1, dmq1, iqmp)
+                end
+              end
+              # :nocov_no_openssl_pkey_rsa_set_factors:
+            else
+              # :nocov_openssl_pkey_rsa_set_factors:
+
+              # Creates a new OpenSSL RSA private key with the given parameters.
+              #
+              # @param e [::OpenSSL::BN] The public key exponent.
+              # @param n [::OpenSSL::BN] The modulus.
+              # @param d [::OpenSSL::BN] The private key exponent.
+              # @param p [::OpenSSL::BN] The p prime.
+              # @param q [::OpenSSL::BN] The q prime.
+              # @param iqmp [::OpenSSL::BN] The inverse of q, mod p.
+              # @param dmp1 [::OpenSSL::BN] `d` mod (`p` - 1).
+              # @param dmq1 [::OpenSSL::BN] `d` mod (`q` - 1).
+              # @return [::OpenSSL::PKey::RSA] The OpenSSL RSA private key.
+              def rsa_from_params(e, n, d, p, q, iqmp, dmp1, dmq1)
+                ::OpenSSL::PKey::RSA.new.tap do |pkey|
+                  pkey.e, pkey.n, pkey.d, pkey.p, pkey.q, pkey.iqmp, pkey.dmp1, pkey.dmq1 = e, n, d, p, q, iqmp, dmp1, dmq1
+                end
+              end
+              # :nocov_openssl_pkey_rsa_set_factors:
+            end
+
+            # Creates a new OpenSSL EC private key with the given parameters.
+            #
+            # @param curve [String] The name of the OpenSSL EC curve.
+            # @param pub_key [::OpenSSL::BN] The public key.
+            # @param priv_key [::OpenSSL::BN] The private key.
+            # @return [::OpenSSL::PKey::EC] The OpenSSL EC private key.
+            def ec_from_params(curve, pub_key, priv_key)
+              # Old versions of jruby-openssl don't include an EC class (version 0.9.16).
+              ec_class = (::OpenSSL::PKey::EC rescue raise ArgumentError, "Unsupported algorithm: #{ppk.algorithm}")
+
+              ec_class.new(curve).tap do |pkey|
+                group = pkey.group || ::OpenSSL::PKey::EC::Group.new(curve)
+                pkey.public_key = ::OpenSSL::PKey::EC::Point.new(group, pub_key)
+                pkey.private_key = priv_key
+              end
+            end
+            # :nocov_openssl3:
+          end
+        end
+      end
+      private_constant :PKeyBuilding
+
       # The {ClassMethods} module is used to extend `OpenSSL::PKey` when
       # using the PuTTY::Key refinement or calling {PuTTY::Key.global_install}.
       # This adds a `from_ppk` class method to `OpenSSL::PKey`.
-      #
       module ClassMethods
         # Creates a new `OpenSSL::PKey` from a PuTTY private key (instance of
         # {PPK}).
@@ -50,53 +311,11 @@ module PuTTY
 
           case ppk.algorithm
           when 'ssh-dss'
-            ::OpenSSL::PKey::DSA.new.tap do |pkey|
-              _, p, q, g, pub_key = Util.ssh_unpack(ppk.public_blob, :string, :mpint, :mpint, :mpint, :mpint)
-              priv_key = Util.ssh_unpack(ppk.private_blob, :mpint).first
-
-              if pkey.respond_to?(:set_key)
-                # :nocov_no_openssl_pkey_dsa_set_key:
-                pkey.set_key(pub_key, priv_key)
-                pkey.set_pqg(p, q, g)
-                # :nocov_no_openssl_pkey_dsa_set_key:
-              else
-                # :nocov_openssl_pkey_dsa_set_key:
-                pkey.p, pkey.q, pkey.g, pkey.pub_key, pkey.priv_key = p, q, g, pub_key, priv_key
-                # :nocov_openssl_pkey_dsa_set_key:
-              end
-            end
+            PKeyBuilding.ppk_to_dsa(ppk)
           when 'ssh-rsa'
-            ::OpenSSL::PKey::RSA.new.tap do |pkey|
-              _, e, n = Util.ssh_unpack(ppk.public_blob, :string, :mpint, :mpint)
-              d, p, q, iqmp = Util.ssh_unpack(ppk.private_blob, :mpint, :mpint, :mpint, :mpint)
-
-              dmp1 = d % (p - 1)
-              dmq1 = d % (q - 1)
-
-              if pkey.respond_to?(:set_factors)
-                # :nocov_no_openssl_pkey_rsa_set_factors:
-                pkey.set_factors(p, q)
-                pkey.set_key(n, e, d)
-                pkey.set_crt_params(dmp1, dmq1, iqmp)
-                # :nocov_no_openssl_pkey_rsa_set_factors:
-              else
-                # :nocov_openssl_pkey_rsa_set_factors:
-                pkey.e, pkey.n, pkey.d, pkey.p, pkey.q, pkey.iqmp, pkey.dmp1, pkey.dmq1 = e, n, d, p, q, iqmp, dmp1, dmq1
-                # :nocov_openssl_pkey_rsa_set_factors:
-              end
-            end
+            PKeyBuilding.ppk_to_rsa(ppk)
           when /\Aecdsa-sha2-(nistp(?:256|384|521))\z/
-            curve = OPENSSL_CURVES[$1]
-
-            # Old versions of jruby-openssl don't include an EC class (version 0.9.16).
-            ec_class = (::OpenSSL::PKey::EC rescue raise ArgumentError, "Unsupported algorithm: #{ppk.algorithm}")
-
-            ec_class.new(curve).tap do |pkey|
-              _, _, point = Util.ssh_unpack(ppk.public_blob, :string, :string, :mpint)
-              group = pkey.group || ::OpenSSL::PKey::EC::Group.new(curve)
-              pkey.public_key = ::OpenSSL::PKey::EC::Point.new(group, point)
-              pkey.private_key = Util.ssh_unpack(ppk.private_blob, :mpint).first
-            end
+            PKeyBuilding.ppk_to_ec(ppk, $1)
           else
             raise ArgumentError, "Unsupported algorithm: #{ppk.algorithm}"
           end
@@ -141,7 +360,12 @@ module PuTTY
         # @raise [UnsupportedCurveError] If the key uses a curve that is not
         #   supported by PuTTY.
         def to_ppk
-          curve = group && group.curve_name
+          g = group
+          curve = g && begin
+            g.curve_name
+          rescue JavaNullPointerException
+            nil
+          end
           raise InvalidStateError, 'The key has not been fully initialized (a curve name must be assigned)' unless curve
           ssh_curve = SSH_CURVES[curve]
           raise UnsupportedCurveError, "The curve '#{curve}' is not supported" unless ssh_curve
@@ -201,13 +425,30 @@ module PuTTY
     end
 
     OpenSSL.const_get(:PKEY_CLASSES).each do |name, openssl_class|
+      mod = OpenSSL.const_get(name)
       refine openssl_class do
-        include OpenSSL.const_get(name)
+        if defined?(::Refinement) && kind_of?(::Refinement)
+          # :nocov_no_refinement_class:
+          import_methods(mod)
+          # :nocov_no_refinement_class:
+        else
+          # :nocov_refinement_class:
+          include mod
+          # :nocov_refinement_class:
+        end
       end if respond_to?(:refine, true)
     end
 
     refine ::OpenSSL::PKey.singleton_class do
-      include OpenSSL::ClassMethods
+      if defined?(::Refinement) && kind_of?(::Refinement)
+        # :nocov_no_refinement_class:
+        import_methods(OpenSSL::ClassMethods)
+        # :nocov_no_refinement_class:
+      else
+        # :nocov_refinement_class:
+        include OpenSSL::ClassMethods
+        # :nocov_refinement_class:
+      end
     end if respond_to?(:refine, true)
   end
 end

data/lib/putty/key/ppk.rb

@@ -319,7 +319,19 @@ module PuTTY
       def derive_keys(format, cipher = nil, passphrase = nil, argon2_params = nil)
         if format >= 3
           return derive_format_3_keys(cipher, passphrase, argon2_params) if cipher
-          return [''.b, nil, nil, nil]
+
+          # An empty string should work for the MAC, but ::OpenSSL::HMAC fails
+          # when used with OpenSSL 3:
+          #
+          #   EVP_PKEY_new_mac_key: malloc failure (OpenSSL::HMACError).
+          #
+          # See https://github.com/ruby/openssl/pull/538 and
+          # https://github.com/openssl/openssl/issues/13089.
+          #
+          # Ruby 3.1.3 should contain the workaround from ruby/openssl PR 538.
+          #
+          # Use "\0" as the MAC key for a workaround for Ruby < 3.1.3.
+          return ["\0".b, nil, nil, nil]
         end
 
         mac_key = derive_format_2_mac_key(passphrase)
@@ -481,7 +493,7 @@ module PuTTY
       # after padding bytes have been appended prior to encryption).
       #
       # @param format [Integer] The format of the .ppk file.
-      # @param passphrase [String] The encryption passphrase.
+      # @param mac_key [String] The HMAC key.
       # @param encryption_type [String] The value of the Encryption field.
       # @param padded_private_blob [String] The private blob after padding bytes
       #   have been appended prior to encryption.

data/lib/putty/key/version.rb

@@ -3,6 +3,6 @@
 module PuTTY
   module Key
     # The PuTTY::Key version number.
-    VERSION = '1.1.0'
+    VERSION = '1.1.2'
   end
 end

data/putty-key.gemspec

@@ -1,4 +1,4 @@
-require File.expand_path(File.join('..', 'lib', 'putty', 'key', 'version'), __FILE__)
+require_relative 'lib/putty/key/version'
 
 Gem::Specification.new do |s|
   s.name = 'putty-key'

data/test/test_helper.rb

@@ -1,5 +1,7 @@
 # frozen_string_literal: true
 
+require 'putty/key'
+
 TEST_TYPE = (ENV['TEST_TYPE'] || 'refinement').to_sym
 raise "Unrecognized TEST_TYPE: #{TEST_TYPE}" unless [:refinement, :global].include?(TEST_TYPE)
 
@@ -15,6 +17,13 @@ if TEST_COVERAGE
     "#{object.respond_to?(method) ? '' : 'no_'}#{Regexp.escape(object.class.name.downcase.gsub('::', '_'))}_#{Regexp.escape(method)}"
   end
 
+  feature_support = [
+    ['openssl3', PuTTY::Key::OpenSSL.const_get(:Version).openssl?(3)],
+    ['refinement_class', defined?(Refinement)]
+  ].map do |feature, available|
+    "#{available ? '' : 'no_'}#{feature}"
+  end
+
   SimpleCov.command_name TEST_TYPE.to_s
 
   SimpleCov.formatters = [
@@ -23,13 +32,11 @@ if TEST_COVERAGE
 
   SimpleCov.start do
     add_filter 'test'
-    nocov_token "nocov_(#{method_support.join('|')})"
+    nocov_token "nocov_(#{(method_support + feature_support).join('|')})"
     project_name 'PuTTY::Key'
   end
 end
 
-require 'putty/key'
-
 require 'fileutils'
 require 'minitest/autorun'
 require 'tmpdir'

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: putty-key
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.1.2
 platform: ruby
 authors:
 - Philip Ross
@@ -29,7 +29,7 @@ cert_chain:
   J3Zn/kSTjTekiaspyGbczC3PUaeJNxr+yCvR4sk71Xmk/GaKKGOHedJ1uj/LAXrA
   MR0mpl7b8zCg0PFC1J73uw==
   -----END CERTIFICATE-----
-date: 2021-05-24 00:00:00.000000000 Z
+date: 2024-10-16 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ffi
@@ -139,9 +139,9 @@ licenses:
 metadata:
   bug_tracker_uri: https://github.com/philr/putty-key/issues
   changelog_uri: https://github.com/philr/putty-key/blob/master/CHANGES.md
-  documentation_uri: https://rubydoc.info/gems/putty-key/1.1.0
+  documentation_uri: https://rubydoc.info/gems/putty-key/1.1.2
   homepage_uri: https://github.com/philr/putty-key
-  source_code_uri: https://github.com/philr/putty-key/tree/v1.1.0
+  source_code_uri: https://github.com/philr/putty-key/tree/v1.1.2
 post_install_message: 
 rdoc_options:
 - "--title"
@@ -164,7 +164,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements:
 - libargon2 to handle format 3 .ppk files
-rubygems_version: 3.2.3
+rubygems_version: 3.5.16
 signing_key: 
 specification_version: 4
 summary: PuTTY private key (.ppk) library. Supports reading and writing with a refinement