rubysl-openssl 1.0.2 → 2.0.0

data/ext/rubysl/openssl/ossl_pkey_dsa.c

@@ -1,5 +1,5 @@
 /*
- * $Id: ossl_pkey_dsa.c 28004 2010-05-24 23:58:49Z shyouhei $
+ * $Id$
  * 'OpenSSL for Ruby' project
  * Copyright (C) 2001-2002  Michal Rokos <m.rokos@sh.cvut.cz>
  * All rights reserved.
@@ -13,8 +13,8 @@
 #include "ossl.h"
 
 #define GetPKeyDSA(obj, pkey) do { \
-    GetPKey(obj, pkey); \
-    if (EVP_PKEY_type(pkey->type) != EVP_PKEY_DSA) { /* PARANOIA? */ \
+    GetPKey((obj), (pkey)); \
+    if (EVP_PKEY_type((pkey)->type) != EVP_PKEY_DSA) { /* PARANOIA? */ \
 	ossl_raise(rb_eRuntimeError, "THIS IS NOT A DSA!"); \
     } \
 } while (0)
@@ -36,7 +36,7 @@ dsa_instance(VALUE klass, DSA *dsa)
 {
     EVP_PKEY *pkey;
     VALUE obj;
-	
+
     if (!dsa) {
 	return Qfalse;
     }
@@ -75,9 +75,69 @@ ossl_dsa_new(EVP_PKEY *pkey)
 /*
  * Private
  */
+#if defined(HAVE_DSA_GENERATE_PARAMETERS_EX) && HAVE_BN_GENCB
+struct dsa_blocking_gen_arg {
+    DSA *dsa;
+    int size;
+    unsigned char* seed;
+    int seed_len;
+    int *counter;
+    unsigned long *h;
+    BN_GENCB *cb;
+    int result;
+};
+
+static void *
+dsa_blocking_gen(void *arg)
+{
+    struct dsa_blocking_gen_arg *gen = (struct dsa_blocking_gen_arg *)arg;
+    gen->result = DSA_generate_parameters_ex(gen->dsa, gen->size, gen->seed, gen->seed_len, gen->counter, gen->h, gen->cb);
+    return 0;
+}
+#endif
+
 static DSA *
 dsa_generate(int size)
 {
+#if defined(HAVE_DSA_GENERATE_PARAMETERS_EX) && HAVE_BN_GENCB
+    BN_GENCB cb;
+    struct ossl_generate_cb_arg cb_arg;
+    struct dsa_blocking_gen_arg gen_arg;
+    DSA *dsa = DSA_new();
+    unsigned char seed[20];
+    int seed_len = 20, counter;
+    unsigned long h;
+
+    if (!dsa) return 0;
+    if (!RAND_bytes(seed, seed_len)) {
+	DSA_free(dsa);
+	return 0;
+    }
+
+    memset(&cb_arg, 0, sizeof(struct ossl_generate_cb_arg));
+    if (rb_block_given_p())
+	cb_arg.yield = 1;
+    BN_GENCB_set(&cb, ossl_generate_cb_2, &cb_arg);
+    gen_arg.dsa = dsa;
+    gen_arg.size = size;
+    gen_arg.seed = seed;
+    gen_arg.seed_len = seed_len;
+    gen_arg.counter = &counter;
+    gen_arg.h = &h;
+    gen_arg.cb = &cb;
+    if (cb_arg.yield == 1) {
+	/* we cannot release GVL when callback proc is supplied */
+	dsa_blocking_gen(&gen_arg);
+    } else {
+	/* there's a chance to unblock */
+	rb_thread_call_without_gvl(dsa_blocking_gen, &gen_arg, ossl_generate_cb_stop, &cb_arg);
+    }
+    if (!gen_arg.result) {
+	DSA_free(dsa);
+	if (cb_arg.state) rb_jump_tag(cb_arg.state);
+	return 0;
+    }
+#else
     DSA *dsa;
     unsigned char seed[20];
     int seed_len = 20, counter;
@@ -87,9 +147,9 @@ dsa_generate(int size)
 	return 0;
     }
     dsa = DSA_generate_parameters(size, seed, seed_len, &counter, &h,
-	    rb_block_given_p() ? ossl_generate_cb : NULL,
-	    NULL);
+	    rb_block_given_p() ? ossl_generate_cb : NULL, NULL);
     if(!dsa) return 0;
+#endif
 
     if (!DSA_generate_key(dsa)) {
 	DSA_free(dsa);
@@ -103,8 +163,11 @@ dsa_generate(int size)
  *  call-seq:
  *    DSA.generate(size) -> dsa
  *
- *  === Parameters
- *  * +size+ is an integer representing the desired key size.
+ * Creates a new DSA instance by generating a private/public key pair
+ * from scratch.
+ *
+ * === Parameters
+ * * +size+ is an integer representing the desired key size.
  *
  */
 static VALUE
@@ -125,16 +188,18 @@ ossl_dsa_s_generate(VALUE klass, VALUE size)
  *  call-seq:
  *    DSA.new([size | string [, pass]) -> dsa
  *
- *  === Parameters
- *  * +size+ is an integer representing the desired key size.
- *  * +string+ contains a DER or PEM encoded key.
- *  * +pass+ is a string that contains a optional password.
+ * Creates a new DSA instance by reading an existing key from +string+.
  *
- *  === Examples
- *  * DSA.new -> dsa
- *  * DSA.new(1024) -> dsa
- *  * DSA.new(File.read('dsa.pem')) -> dsa
- *  * DSA.new(File.read('dsa.pem'), 'mypassword') -> dsa
+ * === Parameters
+ * * +size+ is an integer representing the desired key size.
+ * * +string+ contains a DER or PEM encoded key.
+ * * +pass+ is a string that contains an optional password.
+ *
+ * === Examples
+ *  DSA.new -> dsa
+ *  DSA.new(1024) -> dsa
+ *  DSA.new(File.read('dsa.pem')) -> dsa
+ *  DSA.new(File.read('dsa.pem'), 'mypassword') -> dsa
  *
  */
 static VALUE
@@ -145,7 +210,7 @@ ossl_dsa_initialize(int argc, VALUE *argv, VALUE self)
     BIO *in;
     char *passwd = NULL;
     VALUE arg, pass;
-	
+
     GetPKey(self, pkey);
     if(rb_scan_args(argc, argv, "02", &arg, &pass) == 0) {
         dsa = DSA_new();
@@ -161,23 +226,26 @@ ossl_dsa_initialize(int argc, VALUE *argv, VALUE self)
 	in = ossl_obj2bio(arg);
 	dsa = PEM_read_bio_DSAPrivateKey(in, NULL, ossl_pem_passwd_cb, passwd);
 	if (!dsa) {
-	    BIO_reset(in);
-	    dsa = PEM_read_bio_DSAPublicKey(in, NULL, NULL, NULL);
-	}
-	if (!dsa) {
-	    BIO_reset(in);
+	    OSSL_BIO_reset(in);
 	    dsa = PEM_read_bio_DSA_PUBKEY(in, NULL, NULL, NULL);
 	}
 	if (!dsa) {
-	    BIO_reset(in);
+	    OSSL_BIO_reset(in);
 	    dsa = d2i_DSAPrivateKey_bio(in, NULL);
 	}
 	if (!dsa) {
-	    BIO_reset(in);
+	    OSSL_BIO_reset(in);
 	    dsa = d2i_DSA_PUBKEY_bio(in, NULL);
 	}
+	if (!dsa) {
+	    OSSL_BIO_reset(in);
+	    dsa = PEM_read_bio_DSAPublicKey(in, NULL, NULL, NULL);
+	}
 	BIO_free(in);
-	if (!dsa) ossl_raise(eDSAError, "Neither PUB key nor PRIV key:");
+	if (!dsa) {
+	    ERR_clear_error();
+	    ossl_raise(eDSAError, "Neither PUB key nor PRIV key");
+	}
     }
     if (!EVP_PKEY_assign_DSA(pkey, dsa)) {
 	DSA_free(dsa);
@@ -191,6 +259,8 @@ ossl_dsa_initialize(int argc, VALUE *argv, VALUE self)
  *  call-seq:
  *    dsa.public? -> true | false
  *
+ * Indicates whether this DSA instance has a public key associated with it or
+ * not. The public key may be retrieved with DSA#public_key.
  */
 static VALUE
 ossl_dsa_is_public(VALUE self)
@@ -206,14 +276,16 @@ ossl_dsa_is_public(VALUE self)
  *  call-seq:
  *    dsa.private? -> true | false
  *
+ * Indicates whether this DSA instance has a private key associated with it or
+ * not. The private key may be retrieved with DSA#private_key.
  */
 static VALUE
 ossl_dsa_is_private(VALUE self)
 {
     EVP_PKEY *pkey;
-	
+
     GetPKeyDSA(self, pkey);
-	
+
     return (DSA_PRIVATE(self, pkey->pkey.dsa)) ? Qtrue : Qfalse;
 }
 
@@ -221,13 +293,15 @@ ossl_dsa_is_private(VALUE self)
  *  call-seq:
  *    dsa.to_pem([cipher, password]) -> aString
  *
- *  === Parameters
- *  +cipher+ is an OpenSSL::Cipher.
- *  +password+ is a string containing your password.
+ * Encodes this DSA to its PEM encoding.
  *
- *  === Examples
- *  * DSA.to_pem -> aString
- *  * DSA.to_pem(cipher, 'mypassword') -> aString
+ * === Parameters
+ * * +cipher+ is an OpenSSL::Cipher.
+ * * +password+ is a string containing your password.
+ *
+ * === Examples
+ *  DSA.to_pem -> aString
+ *  DSA.to_pem(cipher, 'mypassword') -> aString
  *
  */
 static VALUE
@@ -244,7 +318,10 @@ ossl_dsa_export(int argc, VALUE *argv, VALUE self)
     if (!NIL_P(cipher)) {
 	ciph = GetCipherPtr(cipher);
 	if (!NIL_P(pass)) {
-	    passwd = StringValuePtr(pass);
+	    StringValue(pass);
+	    if (RSTRING_LENINT(pass) < OSSL_MIN_PWD_LEN)
+		ossl_raise(eOSSLError, "OpenSSL requires passwords to be at least four characters long");
+	    passwd = RSTRING_PTR(pass);
 	}
     }
     if (!(out = BIO_new(BIO_s_mem()))) {
@@ -257,7 +334,7 @@ ossl_dsa_export(int argc, VALUE *argv, VALUE self)
 	    ossl_raise(eDSAError, NULL);
 	}
     } else {
-	if (!PEM_write_bio_DSAPublicKey(out, pkey->pkey.dsa)) {
+	if (!PEM_write_bio_DSA_PUBKEY(out, pkey->pkey.dsa)) {
 	    BIO_free(out);
 	    ossl_raise(eDSAError, NULL);
 	}
@@ -271,6 +348,8 @@ ossl_dsa_export(int argc, VALUE *argv, VALUE self)
  *  call-seq:
  *    dsa.to_der -> aString
  *
+ * Encodes this DSA to its DER encoding.
+ *
  */
 static VALUE
 ossl_dsa_to_der(VALUE self)
@@ -289,7 +368,7 @@ ossl_dsa_to_der(VALUE self)
     if((len = i2d_func(pkey->pkey.dsa, NULL)) <= 0)
 	ossl_raise(eDSAError, NULL);
     str = rb_str_new(0, len);
-    p = RSTRING_PTR(str);
+    p = (unsigned char *)RSTRING_PTR(str);
     if(i2d_func(pkey->pkey.dsa, &p) < 0)
 	ossl_raise(eDSAError, NULL);
     ossl_str_adjust(str, p);
@@ -320,7 +399,7 @@ ossl_dsa_get_params(VALUE self)
     rb_hash_aset(hash, rb_str_new2("g"), ossl_bn_new(pkey->pkey.dsa->g));
     rb_hash_aset(hash, rb_str_new2("pub_key"), ossl_bn_new(pkey->pkey.dsa->pub_key));
     rb_hash_aset(hash, rb_str_new2("priv_key"), ossl_bn_new(pkey->pkey.dsa->priv_key));
-    
+
     return hash;
 }
 
@@ -356,7 +435,18 @@ ossl_dsa_to_text(VALUE self)
  *  call-seq:
  *    dsa.public_key -> aDSA
  *
- * Makes new instance DSA PUBLIC_KEY from PRIVATE_KEY
+ * Returns a new DSA instance that carries just the public key information.
+ * If the current instance has also private key information, this will no
+ * longer be present in the new instance. This feature is helpful for
+ * publishing the public key information without leaking any of the private
+ * information.
+ *
+ * === Example
+ *  dsa = OpenSSL::PKey::DSA.new(2048) # has public and private information
+ *  pub_key = dsa.public_key # has only the public part available
+ *  pub_key_der = pub_key.to_der # it's safe to publish this
+ *
+ *
  */
 static VALUE
 ossl_dsa_to_public_key(VALUE self)
@@ -364,7 +454,7 @@ ossl_dsa_to_public_key(VALUE self)
     EVP_PKEY *pkey;
     DSA *dsa;
     VALUE obj;
-	
+
     GetPKeyDSA(self, pkey);
     /* err check performed by dsa_instance */
     dsa = DSAPublicKey_dup(pkey->pkey.dsa);
@@ -382,12 +472,26 @@ ossl_dsa_to_public_key(VALUE self)
  *  call-seq:
  *    dsa.syssign(string) -> aString
  *
+ * Computes and returns the DSA signature of +string+, where +string+ is
+ * expected to be an already-computed message digest of the original input
+ * data. The signature is issued using the private key of this DSA instance.
+ *
+ * === Parameters
+ * * +string+ is a message digest of the original input data to be signed
+ *
+ * === Example
+ *  dsa = OpenSSL::PKey::DSA.new(2048)
+ *  doc = "Sign me"
+ *  digest = OpenSSL::Digest::SHA1.digest(doc)
+ *  sig = dsa.syssign(digest)
+ *
+ *
  */
 static VALUE
 ossl_dsa_sign(VALUE self, VALUE data)
 {
     EVP_PKEY *pkey;
-    int buf_len;
+    unsigned int buf_len;
     VALUE str;
 
     GetPKeyDSA(self, pkey);
@@ -396,7 +500,8 @@ ossl_dsa_sign(VALUE self, VALUE data)
 	ossl_raise(eDSAError, "Private DSA key needed!");
     }
     str = rb_str_new(0, ossl_dsa_buf_size(pkey));
-    if (!DSA_sign(0, RSTRING_PTR(data), RSTRING_LEN(data), RSTRING_PTR(str),
+    if (!DSA_sign(0, (unsigned char *)RSTRING_PTR(data), RSTRING_LENINT(data),
+		  (unsigned char *)RSTRING_PTR(str),
 		  &buf_len, pkey->pkey.dsa)) { /* type is ignored (0) */
 	ossl_raise(eDSAError, NULL);
     }
@@ -409,6 +514,20 @@ ossl_dsa_sign(VALUE self, VALUE data)
  *  call-seq:
  *    dsa.sysverify(digest, sig) -> true | false
  *
+ * Verifies whether the signature is valid given the message digest input. It
+ * does so by validating +sig+ using the public key of this DSA instance.
+ *
+ * === Parameters
+ * * +digest+ is a message digest of the original input data to be signed
+ * * +sig+ is a DSA signature value
+ *
+ * === Example
+ *  dsa = OpenSSL::PKey::DSA.new(2048)
+ *  doc = "Sign me"
+ *  digest = OpenSSL::Digest::SHA1.digest(doc)
+ *  sig = dsa.syssign(digest)
+ *  puts dsa.sysverify(digest, sig) # => true
+ *
  */
 static VALUE
 ossl_dsa_verify(VALUE self, VALUE digest, VALUE sig)
@@ -420,8 +539,8 @@ ossl_dsa_verify(VALUE self, VALUE digest, VALUE sig)
     StringValue(digest);
     StringValue(sig);
     /* type is ignored (0) */
-    ret = DSA_verify(0, RSTRING_PTR(digest), RSTRING_LEN(digest),
-		     RSTRING_PTR(sig), RSTRING_LEN(sig), pkey->pkey.dsa);
+    ret = DSA_verify(0, (unsigned char *)RSTRING_PTR(digest), RSTRING_LENINT(digest),
+		     (unsigned char *)RSTRING_PTR(sig), RSTRING_LENINT(sig), pkey->pkey.dsa);
     if (ret < 0) {
 	ossl_raise(eDSAError, NULL);
     }
@@ -444,15 +563,33 @@ OSSL_PKEY_BN(dsa, priv_key)
 void
 Init_ossl_dsa()
 {
-#if 0 /* let rdoc know about mOSSL and mPKey */
-    mOSSL = rb_define_module("OpenSSL");
+#if 0
+    mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL and mPKey */
     mPKey = rb_define_module_under(mOSSL, "PKey");
 #endif
 
+    /* Document-class: OpenSSL::PKey::DSAError
+     *
+     * Generic exception that is raised if an operation on a DSA PKey
+     * fails unexpectedly or in case an instantiation of an instance of DSA
+     * fails due to non-conformant input data.
+     */
     eDSAError = rb_define_class_under(mPKey, "DSAError", ePKeyError);
 
+    /* Document-class: OpenSSL::PKey::DSA
+     *
+     * DSA, the Digital Signature Algorithm, is specified in NIST's
+     * FIPS 186-3. It is an asymmetric public key algorithm that may be used
+     * similar to e.g. RSA.
+     * Please note that for OpenSSL versions prior to 1.0.0 the digest
+     * algorithms OpenSSL::Digest::DSS (equivalent to SHA) or
+     * OpenSSL::Digest::DSS1 (equivalent to SHA-1) must be used for issuing
+     * signatures with a DSA key using OpenSSL::PKey#sign.
+     * Starting with OpenSSL 1.0.0, digest algorithms are no longer restricted,
+     * any Digest may be used for signing.
+     */
     cDSA = rb_define_class_under(mPKey, "DSA", cPKey);
-	
+
     rb_define_singleton_method(cDSA, "generate", ossl_dsa_s_generate, 1);
     rb_define_method(cDSA, "initialize", ossl_dsa_initialize, -1);
 

data/ext/rubysl/openssl/ossl_pkey_ec.c

@@ -22,70 +22,70 @@ typedef struct {
 
 
 #define GetPKeyEC(obj, pkey) do { \
-    GetPKey(obj, pkey); \
-    if (EVP_PKEY_type(pkey->type) != EVP_PKEY_EC) { \
+    GetPKey((obj), (pkey)); \
+    if (EVP_PKEY_type((pkey)->type) != EVP_PKEY_EC) { \
 	ossl_raise(rb_eRuntimeError, "THIS IS NOT A EC PKEY!"); \
     } \
 } while (0)
 
 #define SafeGet_ec_group(obj, group) do { \
-    OSSL_Check_Kind(obj, cEC_GROUP); \
-    Data_Get_Struct(obj, ossl_ec_group, group); \
+    OSSL_Check_Kind((obj), cEC_GROUP); \
+    Data_Get_Struct((obj), ossl_ec_group, (group)); \
 } while(0)
 
 #define Get_EC_KEY(obj, key) do { \
     EVP_PKEY *pkey; \
-    GetPKeyEC(obj, pkey); \
-    key = pkey->pkey.ec; \
+    GetPKeyEC((obj), pkey); \
+    (key) = pkey->pkey.ec; \
 } while(0)
 
 #define Require_EC_KEY(obj, key) do { \
-    Get_EC_KEY(obj, key); \
-    if (key == NULL) \
-        rb_raise(eECError, "EC_KEY is not initialized"); \
+    Get_EC_KEY((obj), (key)); \
+    if ((key) == NULL) \
+        ossl_raise(eECError, "EC_KEY is not initialized"); \
 } while(0)
 
 #define SafeRequire_EC_KEY(obj, key) do { \
-    OSSL_Check_Kind(obj, cEC); \
-    Require_EC_KEY(obj, key); \
+    OSSL_Check_Kind((obj), cEC); \
+    Require_EC_KEY((obj), (key)); \
 } while (0)
 
 #define Get_EC_GROUP(obj, g) do { \
     ossl_ec_group *ec_group; \
-    Data_Get_Struct(obj, ossl_ec_group, ec_group); \
+    Data_Get_Struct((obj), ossl_ec_group, ec_group); \
     if (ec_group == NULL) \
-        rb_raise(eEC_GROUP, "missing ossl_ec_group structure"); \
-    g = ec_group->group; \
+        ossl_raise(eEC_GROUP, "missing ossl_ec_group structure"); \
+    (g) = ec_group->group; \
 } while(0)
 
 #define Require_EC_GROUP(obj, group) do { \
-    Get_EC_GROUP(obj, group); \
-    if (group == NULL) \
-        rb_raise(eEC_GROUP, "EC_GROUP is not initialized"); \
+    Get_EC_GROUP((obj), (group)); \
+    if ((group) == NULL) \
+        ossl_raise(eEC_GROUP, "EC_GROUP is not initialized"); \
 } while(0)
 
 #define SafeRequire_EC_GROUP(obj, group) do { \
-    OSSL_Check_Kind(obj, cEC_GROUP); \
-    Require_EC_GROUP(obj, group); \
+    OSSL_Check_Kind((obj), cEC_GROUP); \
+    Require_EC_GROUP((obj), (group)); \
 } while(0)
 
 #define Get_EC_POINT(obj, p) do { \
     ossl_ec_point *ec_point; \
-    Data_Get_Struct(obj, ossl_ec_point, ec_point); \
+    Data_Get_Struct((obj), ossl_ec_point, ec_point); \
     if (ec_point == NULL) \
-        rb_raise(eEC_POINT, "missing ossl_ec_point structure"); \
-    p = ec_point->point; \
+        ossl_raise(eEC_POINT, "missing ossl_ec_point structure"); \
+    (p) = ec_point->point; \
 } while(0)
 
 #define Require_EC_POINT(obj, point) do { \
-    Get_EC_POINT(obj, point); \
-    if (point == NULL) \
-        rb_raise(eEC_POINT, "EC_POINT is not initialized"); \
+    Get_EC_POINT((obj), (point)); \
+    if ((point) == NULL) \
+        ossl_raise(eEC_POINT, "EC_POINT is not initialized"); \
 } while(0)
 
 #define SafeRequire_EC_POINT(obj, point) do { \
-    OSSL_Check_Kind(obj, cEC_POINT); \
-    Require_EC_POINT(obj, point); \
+    OSSL_Check_Kind((obj), cEC_POINT); \
+    Require_EC_POINT((obj), (point)); \
 } while(0)
 
 VALUE cEC;
@@ -110,7 +110,7 @@ static VALUE ec_instance(VALUE klass, EC_KEY *ec)
 {
     EVP_PKEY *pkey;
     VALUE obj;
-	
+
     if (!ec) {
 	return Qfalse;
     }
@@ -152,6 +152,7 @@ VALUE ossl_ec_new(EVP_PKEY *pkey)
  *     OpenSSL::PKey::EC.new(ec_group)
  *     OpenSSL::PKey::EC.new("secp112r1")
  *     OpenSSL::PKey::EC.new(pem_string)
+ *     OpenSSL::PKey::EC.new(pem_string [, pwd])
  *     OpenSSL::PKey::EC.new(der_string)
  *
  *  See the OpenSSL documentation for:
@@ -163,10 +164,11 @@ static VALUE ossl_ec_key_initialize(int argc, VALUE *argv, VALUE self)
     EC_KEY *ec = NULL;
     VALUE arg, pass;
     VALUE group = Qnil;
-	
+    char *passwd = NULL;
+
     GetPKey(self, pkey);
     if (pkey->pkey.ec)
-        rb_raise(eECError, "EC_KEY already initialized");
+        ossl_raise(eECError, "EC_KEY already initialized");
 
     rb_scan_args(argc, argv, "02", &arg, &pass);
 
@@ -184,26 +186,30 @@ static VALUE ossl_ec_key_initialize(int argc, VALUE *argv, VALUE self)
         } else {
             BIO *in = ossl_obj2bio(arg);
 
-            ec = PEM_read_bio_ECPrivateKey(in, NULL, NULL, NULL);
+            if (!NIL_P(pass)) {
+		passwd = StringValuePtr(pass);
+	    }
+	    ec = PEM_read_bio_ECPrivateKey(in, NULL, ossl_pem_passwd_cb, passwd);
             if (!ec) {
-                BIO_reset(in);
-                ec = PEM_read_bio_EC_PUBKEY(in, NULL, NULL, NULL);
+		OSSL_BIO_reset(in);
+		ec = PEM_read_bio_EC_PUBKEY(in, NULL, ossl_pem_passwd_cb, passwd);
             }
             if (!ec) {
-                BIO_reset(in);
+		OSSL_BIO_reset(in);
                 ec = d2i_ECPrivateKey_bio(in, NULL);
             }
             if (!ec) {
-                BIO_reset(in);
+		OSSL_BIO_reset(in);
                 ec = d2i_EC_PUBKEY_bio(in, NULL);
             }
 
             BIO_free(in);
 
             if (ec == NULL) {
-                const char *name = STR2CSTR(arg);
+                const char *name = StringValueCStr(arg);
                 int nid = OBJ_sn2nid(name);
 
+                (void)ERR_get_error();
                 if (nid == NID_undef)
                     ossl_raise(eECError, "unknown curve name (%s)\n", name);
 
@@ -274,7 +280,7 @@ static VALUE ossl_ec_key_get_group(VALUE self)
  *  the group.
  *
  *  Setting the group will immediately destroy any previously assigned group object.
- *  The group is internally copied by OpenSSL.  Modifying the original group after 
+ *  The group is internally copied by OpenSSL.  Modifying the original group after
  *  assignment will not effect the internal key structure.
  *  (your changes may be lost).  BE CAREFUL.
  *
@@ -457,22 +463,19 @@ static VALUE ossl_ec_key_is_private_key(VALUE self)
     return (EC_KEY_get0_private_key(ec) ? Qtrue : Qfalse);
 }
 
-static VALUE ossl_ec_key_to_string(VALUE self, int format)
+static VALUE ossl_ec_key_to_string(VALUE self, VALUE ciph, VALUE pass, int format)
 {
     EC_KEY *ec;
     BIO *out;
     int i = -1;
     int private = 0;
-#if 0  /* unused now */
-    EVP_CIPHER *cipher = NULL;
     char *password = NULL;
-#endif
     VALUE str;
 
     Require_EC_KEY(self, ec);
 
     if (EC_KEY_get0_public_key(ec) == NULL)
-        rb_raise(eECError, "can't export - no public key set");
+        ossl_raise(eECError, "can't export - no public key set");
 
     if (EC_KEY_check_key(ec) != 1)
 	ossl_raise(eECError, "can't export - EC_KEY_check_key failed");
@@ -486,44 +489,36 @@ static VALUE ossl_ec_key_to_string(VALUE self, int format)
     switch(format) {
     case EXPORT_PEM:
     	if (private) {
-#if 0  /* unused now */
-    	    if (cipher || password)
-/* BUG: finish cipher/password key export */
-    	        rb_notimplement();
+	    const EVP_CIPHER *cipher;
+	    if (!NIL_P(ciph)) {
+		cipher = GetCipherPtr(ciph);
+		if (!NIL_P(pass)) {
+		    StringValue(pass);
+		    if (RSTRING_LENINT(pass) < OSSL_MIN_PWD_LEN)
+			ossl_raise(eOSSLError, "OpenSSL requires passwords to be at least four characters long");
+		    password = RSTRING_PTR(pass);
+		}
+	    }
+	    else {
+		cipher = NULL;
+	    }
             i = PEM_write_bio_ECPrivateKey(out, ec, cipher, NULL, 0, NULL, password);
-#endif
-            i = PEM_write_bio_ECPrivateKey(out, ec, NULL, NULL, 0, NULL, NULL);
     	} else {
-#if 0  /* unused now */
-    	    if (cipher || password)
-                rb_raise(rb_eArgError, "encryption is not supported when exporting this key type");
-#endif
-
             i = PEM_write_bio_EC_PUBKEY(out, ec);
         }
 
     	break;
     case EXPORT_DER:
         if (private) {
-#if 0  /* unused now */
-    	    if (cipher || password)
-                rb_raise(rb_eArgError, "encryption is not supported when exporting this key type");
-#endif
-
             i = i2d_ECPrivateKey_bio(out, ec);
         } else {
-#if 0  /* unused now */
-    	    if (cipher || password)
-                rb_raise(rb_eArgError, "encryption is not supported when exporting this key type");
-#endif
-
             i = i2d_EC_PUBKEY_bio(out, ec);
         }
 
     	break;
     default:
         BIO_free(out);
-    	rb_raise(rb_eRuntimeError, "unknown format (internal error)");
+    	ossl_raise(rb_eRuntimeError, "unknown format (internal error)");
     }
 
     if (i != 1) {
@@ -538,13 +533,21 @@ static VALUE ossl_ec_key_to_string(VALUE self, int format)
 
 /*
  *  call-seq:
- *     key.to_pem   => String
+ *     key.export   => String
+ *     key.export(cipher, pass_phrase) => String
+ *
+ * Outputs the EC key in PEM encoding.  If +cipher+ and +pass_phrase+ are
+ * given they will be used to encrypt the key.  +cipher+ must be an
+ * OpenSSL::Cipher::Cipher instance. Note that encryption will only be
+ * effective for a private key, public keys will always be encoded in plain
+ * text.
  *
- *  See the OpenSSL documentation for PEM_write_bio_ECPrivateKey()
  */
-static VALUE ossl_ec_key_to_pem(VALUE self)
+static VALUE ossl_ec_key_export(int argc, VALUE *argv, VALUE self)
 {
-    return ossl_ec_key_to_string(self, EXPORT_PEM);
+    VALUE cipher, passwd;
+    rb_scan_args(argc, argv, "02", &cipher, &passwd);
+    return ossl_ec_key_to_string(self, cipher, passwd, EXPORT_PEM);
 }
 
 /*
@@ -555,7 +558,7 @@ static VALUE ossl_ec_key_to_pem(VALUE self)
  */
 static VALUE ossl_ec_key_to_der(VALUE self)
 {
-    return ossl_ec_key_to_string(self, EXPORT_DER);
+    return ossl_ec_key_to_string(self, Qnil, Qnil, EXPORT_DER);
 }
 
 /*
@@ -671,7 +674,7 @@ static VALUE ossl_ec_key_dsa_sign_asn1(VALUE self, VALUE data)
 	ossl_raise(eECError, "Private EC key needed!");
 
     str = rb_str_new(0, ECDSA_size(ec) + 16);
-    if (ECDSA_sign(0, (unsigned char *) RSTRING_PTR(data), RSTRING_LEN(data), (unsigned char *) RSTRING_PTR(str), &buf_len, ec) != 1)
+    if (ECDSA_sign(0, (unsigned char *) RSTRING_PTR(data), RSTRING_LENINT(data), (unsigned char *) RSTRING_PTR(str), &buf_len, ec) != 1)
          ossl_raise(eECError, "ECDSA_sign");
 
     rb_str_resize(str, buf_len);
@@ -693,13 +696,15 @@ static VALUE ossl_ec_key_dsa_verify_asn1(VALUE self, VALUE data, VALUE sig)
     StringValue(data);
     StringValue(sig);
 
-    switch (ECDSA_verify(0, (unsigned char *) RSTRING_PTR(data), RSTRING_LEN(data), (unsigned char *) RSTRING_PTR(sig), RSTRING_LEN(sig), ec)) {
+    switch (ECDSA_verify(0, (unsigned char *) RSTRING_PTR(data), RSTRING_LENINT(data), (unsigned char *) RSTRING_PTR(sig), (int)RSTRING_LEN(sig), ec)) {
     case 1:	return Qtrue;
     case 0:	return Qfalse;
     default:	break;
     }
 
     ossl_raise(eECError, "ECDSA_verify");
+
+    UNREACHABLE;
 }
 
 static void ossl_ec_group_free(ossl_ec_group *ec_group)
@@ -743,7 +748,7 @@ static VALUE ossl_ec_group_initialize(int argc, VALUE *argv, VALUE self)
 
     Data_Get_Struct(self, ossl_ec_group, ec_group);
     if (ec_group->group != NULL)
-        rb_raise(rb_eRuntimeError, "EC_GROUP is already initialized");
+        ossl_raise(rb_eRuntimeError, "EC_GROUP is already initialized");
 
     switch (rb_scan_args(argc, argv, "13", &arg1, &arg2, &arg3, &arg4)) {
     case 1:
@@ -765,7 +770,7 @@ static VALUE ossl_ec_group_initialize(int argc, VALUE *argv, VALUE self)
                 if ((group = EC_GROUP_new(method)) == NULL)
                     ossl_raise(eEC_GROUP, "EC_GROUP_new");
             } else {
-                rb_raise(rb_eArgError, "unknown symbol, must be :GFp_simple, :GFp_mont, :GFp_nist or :GF2m_simple");
+                ossl_raise(rb_eArgError, "unknown symbol, must be :GFp_simple, :GFp_mont, :GFp_nist or :GF2m_simple");
             }
         } else if (rb_obj_is_kind_of(arg1, cEC_GROUP)) {
             const EC_GROUP *arg1_group;
@@ -778,16 +783,17 @@ static VALUE ossl_ec_group_initialize(int argc, VALUE *argv, VALUE self)
 
             group = PEM_read_bio_ECPKParameters(in, NULL, NULL, NULL);
             if (!group) {
-                BIO_reset(in);
+		OSSL_BIO_reset(in);
                 group = d2i_ECPKParameters_bio(in, NULL);
             }
 
             BIO_free(in);
 
             if (!group) {
-                const char *name = STR2CSTR(arg1);
+                const char *name = StringValueCStr(arg1);
                 int nid = OBJ_sn2nid(name);
 
+		(void)ERR_get_error();
                 if (nid == NID_undef)
                     ossl_raise(eEC_GROUP, "unknown curve name (%s)", name);
 
@@ -814,18 +820,18 @@ static VALUE ossl_ec_group_initialize(int argc, VALUE *argv, VALUE self)
             } else if (id == s_GF2m) {
                 new_curve = EC_GROUP_new_curve_GF2m;
             } else {
-                rb_raise(rb_eArgError, "unknown symbol, must be :GFp or :GF2m");
+                ossl_raise(rb_eArgError, "unknown symbol, must be :GFp or :GF2m");
             }
 
             if ((group = new_curve(p, a, b, ossl_bn_ctx)) == NULL)
                 ossl_raise(eEC_GROUP, "EC_GROUP_new_by_GF*");
         } else {
-             rb_raise(rb_eArgError, "unknown argument, must be :GFp or :GF2m");
+             ossl_raise(rb_eArgError, "unknown argument, must be :GFp or :GF2m");
         }
 
         break;
     default:
-        rb_raise(rb_eArgError, "wrong number of arguments");
+        ossl_raise(rb_eArgError, "wrong number of arguments");
     }
 
     if (group == NULL)
@@ -965,7 +971,7 @@ static VALUE ossl_s_builtin_curves(VALUE self)
 {
     EC_builtin_curve *curves = NULL;
     int n;
-    int crv_len = EC_get_builtin_curves(NULL, 0);
+    int crv_len = rb_long2int(EC_get_builtin_curves(NULL, 0));
     VALUE ary, ret;
 
     curves = ALLOCA_N(EC_builtin_curve, crv_len);
@@ -1023,7 +1029,7 @@ static VALUE ossl_ec_group_set_asn1_flag(VALUE self, VALUE flag_v)
 }
 
 /*  call-seq:
- *     group.point_conversion_form  => :uncompressed | :compressed | :hybrid 
+ *     group.point_conversion_form  => :uncompressed | :compressed | :hybrid
  *
  *  See the OpenSSL documentation for EC_GROUP_get_point_conversion_form()
  */
@@ -1041,9 +1047,9 @@ static VALUE ossl_ec_group_get_point_conversion_form(VALUE self)
     case POINT_CONVERSION_UNCOMPRESSED:	ret = ID_uncompressed; break;
     case POINT_CONVERSION_COMPRESSED:	ret = ID_compressed; break;
     case POINT_CONVERSION_HYBRID:	ret = ID_hybrid; break;
-    default:	rb_raise(eEC_GROUP, "unsupported point conversion form: %d, this module should be updated", form);
+    default:	ossl_raise(eEC_GROUP, "unsupported point conversion form: %d, this module should be updated", form);
     }
-    
+
    return ID2SYM(ret);
 }
 
@@ -1067,7 +1073,7 @@ static VALUE ossl_ec_group_set_point_conversion_form(VALUE self, VALUE form_v)
     } else if (form_id == ID_hybrid) {
         form = POINT_CONVERSION_HYBRID;
     } else {
-        rb_raise(rb_eArgError, "form must be :compressed, :uncompressed, or :hybrid");
+        ossl_raise(rb_eArgError, "form must be :compressed, :uncompressed, or :hybrid");
     }
 
     EC_GROUP_set_point_conversion_form(group, form);
@@ -1092,7 +1098,7 @@ static VALUE ossl_ec_group_get_seed(VALUE self)
     if (seed_len == 0)
         return Qnil;
 
-    return rb_str_new(EC_GROUP_get0_seed(group), seed_len);
+    return rb_str_new((const char *)EC_GROUP_get0_seed(group), seed_len);
 }
 
 /*  call-seq:
@@ -1107,7 +1113,7 @@ static VALUE ossl_ec_group_set_seed(VALUE self, VALUE seed)
     Require_EC_GROUP(self, group);
     StringValue(seed);
 
-    if (EC_GROUP_set_seed(group, RSTRING_PTR(seed), RSTRING_LEN(seed)) != RSTRING_LEN(seed))
+    if (EC_GROUP_set_seed(group, (unsigned char *)RSTRING_PTR(seed), RSTRING_LEN(seed)) != (size_t)RSTRING_LEN(seed))
         ossl_raise(eEC_GROUP, "EC_GROUP_set_seed");
 
     return seed;
@@ -1150,7 +1156,7 @@ static VALUE ossl_ec_group_to_string(VALUE self, int format)
     	break;
     default:
         BIO_free(out);
-    	rb_raise(rb_eRuntimeError, "unknown format (internal error)");
+    	ossl_raise(rb_eRuntimeError, "unknown format (internal error)");
     }
 
     if (i != 1) {
@@ -1243,7 +1249,7 @@ static VALUE ossl_ec_point_initialize(int argc, VALUE *argv, VALUE self)
 
     Data_Get_Struct(self, ossl_ec_point, ec_point);
     if (ec_point->point)
-        rb_raise(eEC_POINT, "EC_POINT already initialized");
+        ossl_raise(eEC_POINT, "EC_POINT already initialized");
 
     switch (rb_scan_args(argc, argv, "11", &arg1, &arg2)) {
     case 1:
@@ -1261,16 +1267,16 @@ static VALUE ossl_ec_point_initialize(int argc, VALUE *argv, VALUE self)
 
             point = EC_POINT_new(group);
         } else {
-            rb_raise(eEC_POINT, "wrong argument type: must be OpenSSL::PKey::EC::Point or OpenSSL::Pkey::EC::Group");
+            ossl_raise(eEC_POINT, "wrong argument type: must be OpenSSL::PKey::EC::Point or OpenSSL::Pkey::EC::Group");
         }
 
         break;
      case 2:
         if (!rb_obj_is_kind_of(arg1, cEC_GROUP))
-            rb_raise(rb_eArgError, "1st argument must be OpenSSL::PKey::EC::Group");
+            ossl_raise(rb_eArgError, "1st argument must be OpenSSL::PKey::EC::Group");
         group_v = arg1;
         SafeRequire_EC_GROUP(group_v, group);
-        
+
         if (rb_obj_is_kind_of(arg2, cBN)) {
             const BIGNUM *bn = GetBNPtr(arg2);
 
@@ -1288,14 +1294,14 @@ static VALUE ossl_ec_point_initialize(int argc, VALUE *argv, VALUE self)
         }
         break;
     default:
-        rb_raise(rb_eArgError, "wrong number of arguments");
+        ossl_raise(rb_eArgError, "wrong number of arguments");
     }
 
     if (point == NULL)
         ossl_raise(eEC_POINT, NULL);
 
     if (NIL_P(group_v))
-        rb_raise(rb_eRuntimeError, "missing group (internal error)");
+        ossl_raise(rb_eRuntimeError, "missing group (internal error)");
 
     ec_point->point = point;
 
@@ -1348,6 +1354,8 @@ static VALUE ossl_ec_point_is_at_infinity(VALUE self)
     case 0: return Qfalse;
     default: ossl_raise(cEC_POINT, "EC_POINT_is_at_infinity");
     }
+
+    UNREACHABLE;
 }
 
 /*
@@ -1369,6 +1377,8 @@ static VALUE ossl_ec_point_is_on_curve(VALUE self)
     case 0: return Qfalse;
     default: ossl_raise(cEC_POINT, "EC_POINT_is_on_curve");
     }
+
+    UNREACHABLE;
 }
 
 /*
@@ -1460,6 +1470,78 @@ static VALUE ossl_ec_point_to_bn(VALUE self)
     return bn_obj;
 }
 
+/*
+ *  call-seq:
+ *     point.mul(bn)  => point
+ *     point.mul(bn, bn) => point
+ *     point.mul([bn], [point]) => point
+ *     point.mul([bn], [point], bn) => point
+ */
+static VALUE ossl_ec_point_mul(int argc, VALUE *argv, VALUE self)
+{
+    EC_POINT *point1, *point2;
+    const EC_GROUP *group;
+    VALUE group_v = rb_iv_get(self, "@group");
+    VALUE bn_v1, bn_v2, r, points_v;
+    BIGNUM *bn1 = NULL, *bn2 = NULL;
+
+    Require_EC_POINT(self, point1);
+    SafeRequire_EC_GROUP(group_v, group);
+
+    r = rb_obj_alloc(cEC_POINT);
+    ossl_ec_point_initialize(1, &group_v, r);
+    Require_EC_POINT(r, point2);
+
+    argc = rb_scan_args(argc, argv, "12", &bn_v1, &points_v, &bn_v2);
+
+    if (rb_obj_is_kind_of(bn_v1, cBN)) {
+        bn1 = GetBNPtr(bn_v1);
+        if (argc >= 2) {
+            bn2 = GetBNPtr(points_v);
+        }
+        if (EC_POINT_mul(group, point2, bn2, point1, bn1, ossl_bn_ctx) != 1)
+            ossl_raise(eEC_POINT, "Multiplication failed");
+    } else {
+        size_t i, points_len, bignums_len;
+        const EC_POINT **points;
+        const BIGNUM **bignums;
+
+        Check_Type(bn_v1, T_ARRAY);
+        bignums_len = RARRAY_LEN(bn_v1);
+        bignums = (const BIGNUM **)OPENSSL_malloc(bignums_len * (int)sizeof(BIGNUM *));
+
+        for (i = 0; i < bignums_len; ++i) {
+            bignums[i] = GetBNPtr(rb_ary_entry(bn_v1, i));
+        }
+
+        if (!rb_obj_is_kind_of(points_v, rb_cArray)) {
+            OPENSSL_free((void *)bignums);
+            rb_raise(rb_eTypeError, "Argument2 must be an array");
+        }
+
+        rb_ary_unshift(points_v, self);
+        points_len = RARRAY_LEN(points_v);
+        points = (const EC_POINT **)OPENSSL_malloc(points_len * (int)sizeof(EC_POINT *));
+
+        for (i = 0; i < points_len; ++i) {
+            Get_EC_POINT(rb_ary_entry(points_v, i), points[i]);
+        }
+
+        if (argc >= 3) {
+            bn2 = GetBNPtr(bn_v2);
+        }
+        if (EC_POINTs_mul(group, point2, bn2, points_len, points, bignums, ossl_bn_ctx) != 1) {
+            OPENSSL_free((void *)bignums);
+            OPENSSL_free((void *)points);
+            ossl_raise(eEC_POINT, "Multiplication failed");
+        }
+        OPENSSL_free((void *)bignums);
+        OPENSSL_free((void *)points);
+    }
+
+    return r;
+}
+
 static void no_copy(VALUE klass)
 {
     rb_undef_method(klass, "copy");
@@ -1526,7 +1608,8 @@ void Init_ossl_ec()
     rb_define_method(cEC, "dsa_verify_asn1", ossl_ec_key_dsa_verify_asn1, 2);
 /* do_sign/do_verify */
 
-    rb_define_method(cEC, "to_pem", ossl_ec_key_to_pem, 0);
+    rb_define_method(cEC, "export", ossl_ec_key_export, -1);
+    rb_define_alias(cEC, "to_pem", "export");
     rb_define_method(cEC, "to_der", ossl_ec_key_to_der, 0);
     rb_define_method(cEC, "to_text", ossl_ec_key_to_text, 0);
 
@@ -1580,6 +1663,7 @@ void Init_ossl_ec()
 /* all the other methods */
 
     rb_define_method(cEC_POINT, "to_bn", ossl_ec_point_to_bn, 0);
+    rb_define_method(cEC_POINT, "mul", ossl_ec_point_mul, -1);
 
     no_copy(cEC);
     no_copy(cEC_GROUP);