rubysl-openssl 2.10 → 2.11
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/ext/rubysl/openssl/deprecation.rb +7 -3
- data/ext/rubysl/openssl/extconf.rb +148 -103
- data/ext/rubysl/openssl/openssl_missing.c +94 -275
- data/ext/rubysl/openssl/openssl_missing.h +167 -98
- data/ext/rubysl/openssl/ossl.c +266 -212
- data/ext/rubysl/openssl/ossl.h +27 -89
- data/ext/rubysl/openssl/ossl_asn1.c +157 -221
- data/ext/rubysl/openssl/ossl_asn1.h +11 -3
- data/ext/rubysl/openssl/ossl_bio.c +10 -40
- data/ext/rubysl/openssl/ossl_bio.h +1 -2
- data/ext/rubysl/openssl/ossl_bn.c +144 -100
- data/ext/rubysl/openssl/ossl_bn.h +3 -1
- data/ext/rubysl/openssl/ossl_cipher.c +270 -195
- data/ext/rubysl/openssl/ossl_config.c +7 -1
- data/ext/rubysl/openssl/ossl_config.h +0 -1
- data/ext/rubysl/openssl/ossl_digest.c +40 -29
- data/ext/rubysl/openssl/ossl_engine.c +23 -62
- data/ext/rubysl/openssl/ossl_hmac.c +82 -55
- data/ext/rubysl/openssl/ossl_ns_spki.c +22 -22
- data/ext/rubysl/openssl/ossl_ocsp.c +894 -144
- data/ext/rubysl/openssl/ossl_ocsp.h +1 -1
- data/ext/rubysl/openssl/ossl_pkcs12.c +47 -19
- data/ext/rubysl/openssl/ossl_pkcs5.c +7 -15
- data/ext/rubysl/openssl/ossl_pkcs7.c +38 -15
- data/ext/rubysl/openssl/ossl_pkey.c +151 -99
- data/ext/rubysl/openssl/ossl_pkey.h +123 -29
- data/ext/rubysl/openssl/ossl_pkey_dh.c +143 -92
- data/ext/rubysl/openssl/ossl_pkey_dsa.c +149 -104
- data/ext/rubysl/openssl/ossl_pkey_ec.c +646 -524
- data/ext/rubysl/openssl/ossl_pkey_rsa.c +180 -121
- data/ext/rubysl/openssl/ossl_rand.c +25 -21
- data/ext/rubysl/openssl/ossl_ssl.c +795 -413
- data/ext/rubysl/openssl/ossl_ssl.h +3 -0
- data/ext/rubysl/openssl/ossl_ssl_session.c +83 -77
- data/ext/rubysl/openssl/ossl_version.h +1 -1
- data/ext/rubysl/openssl/ossl_x509.c +92 -8
- data/ext/rubysl/openssl/ossl_x509.h +14 -5
- data/ext/rubysl/openssl/ossl_x509attr.c +77 -41
- data/ext/rubysl/openssl/ossl_x509cert.c +45 -46
- data/ext/rubysl/openssl/ossl_x509crl.c +51 -57
- data/ext/rubysl/openssl/ossl_x509ext.c +39 -33
- data/ext/rubysl/openssl/ossl_x509name.c +68 -45
- data/ext/rubysl/openssl/ossl_x509req.c +32 -38
- data/ext/rubysl/openssl/ossl_x509revoked.c +43 -9
- data/ext/rubysl/openssl/ossl_x509store.c +309 -104
- data/ext/rubysl/openssl/ruby_missing.h +8 -6
- data/lib/openssl/buffering.rb +11 -5
- data/lib/openssl/cipher.rb +23 -15
- data/lib/openssl/digest.rb +7 -10
- data/lib/openssl/pkey.rb +15 -8
- data/lib/openssl/ssl.rb +81 -105
- data/lib/rubysl/openssl.rb +1 -4
- data/lib/rubysl/openssl/version.rb +1 -1
- metadata +3 -4
@@ -7,19 +7,35 @@
|
|
7
7
|
* This program is licensed under the same licence as Ruby.
|
8
8
|
* (See the file 'LICENCE'.)
|
9
9
|
*/
|
10
|
-
#if !defined(OPENSSL_NO_DSA)
|
11
|
-
|
12
10
|
#include "ossl.h"
|
13
11
|
|
12
|
+
#if !defined(OPENSSL_NO_DSA)
|
13
|
+
|
14
14
|
#define GetPKeyDSA(obj, pkey) do { \
|
15
15
|
GetPKey((obj), (pkey)); \
|
16
|
-
if (
|
16
|
+
if (EVP_PKEY_base_id(pkey) != EVP_PKEY_DSA) { /* PARANOIA? */ \
|
17
17
|
ossl_raise(rb_eRuntimeError, "THIS IS NOT A DSA!"); \
|
18
18
|
} \
|
19
19
|
} while (0)
|
20
|
+
#define GetDSA(obj, dsa) do { \
|
21
|
+
EVP_PKEY *_pkey; \
|
22
|
+
GetPKeyDSA((obj), _pkey); \
|
23
|
+
(dsa) = EVP_PKEY_get0_DSA(_pkey); \
|
24
|
+
} while (0)
|
25
|
+
|
26
|
+
static inline int
|
27
|
+
DSA_HAS_PRIVATE(DSA *dsa)
|
28
|
+
{
|
29
|
+
const BIGNUM *bn;
|
30
|
+
DSA_get0_key(dsa, NULL, &bn);
|
31
|
+
return !!bn;
|
32
|
+
}
|
20
33
|
|
21
|
-
|
22
|
-
|
34
|
+
static inline int
|
35
|
+
DSA_PRIVATE(VALUE obj, DSA *dsa)
|
36
|
+
{
|
37
|
+
return DSA_HAS_PRIVATE(dsa) || OSSL_PKEY_IS_PRIVATE(obj);
|
38
|
+
}
|
23
39
|
|
24
40
|
/*
|
25
41
|
* Classes
|
@@ -61,7 +77,7 @@ ossl_dsa_new(EVP_PKEY *pkey)
|
|
61
77
|
obj = dsa_instance(cDSA, DSA_new());
|
62
78
|
} else {
|
63
79
|
obj = NewPKey(cDSA);
|
64
|
-
if (
|
80
|
+
if (EVP_PKEY_base_id(pkey) != EVP_PKEY_DSA) {
|
65
81
|
ossl_raise(rb_eTypeError, "Not a DSA key!");
|
66
82
|
}
|
67
83
|
SetPKey(obj, pkey);
|
@@ -76,12 +92,9 @@ ossl_dsa_new(EVP_PKEY *pkey)
|
|
76
92
|
/*
|
77
93
|
* Private
|
78
94
|
*/
|
79
|
-
#if defined(HAVE_DSA_GENERATE_PARAMETERS_EX) && HAVE_BN_GENCB
|
80
95
|
struct dsa_blocking_gen_arg {
|
81
96
|
DSA *dsa;
|
82
97
|
int size;
|
83
|
-
unsigned char* seed;
|
84
|
-
int seed_len;
|
85
98
|
int *counter;
|
86
99
|
unsigned long *h;
|
87
100
|
BN_GENCB *cb;
|
@@ -92,40 +105,35 @@ static void *
|
|
92
105
|
dsa_blocking_gen(void *arg)
|
93
106
|
{
|
94
107
|
struct dsa_blocking_gen_arg *gen = (struct dsa_blocking_gen_arg *)arg;
|
95
|
-
gen->result = DSA_generate_parameters_ex(gen->dsa, gen->size,
|
108
|
+
gen->result = DSA_generate_parameters_ex(gen->dsa, gen->size, NULL, 0,
|
109
|
+
gen->counter, gen->h, gen->cb);
|
96
110
|
return 0;
|
97
111
|
}
|
98
|
-
#endif
|
99
112
|
|
100
113
|
static DSA *
|
101
114
|
dsa_generate(int size)
|
102
115
|
{
|
103
|
-
|
104
|
-
BN_GENCB cb;
|
105
|
-
struct ossl_generate_cb_arg cb_arg;
|
116
|
+
struct ossl_generate_cb_arg cb_arg = { 0 };
|
106
117
|
struct dsa_blocking_gen_arg gen_arg;
|
107
118
|
DSA *dsa = DSA_new();
|
108
|
-
|
109
|
-
int
|
119
|
+
BN_GENCB *cb = BN_GENCB_new();
|
120
|
+
int counter;
|
110
121
|
unsigned long h;
|
111
122
|
|
112
|
-
if (!dsa)
|
113
|
-
if (RAND_bytes(seed, seed_len) <= 0) {
|
123
|
+
if (!dsa || !cb) {
|
114
124
|
DSA_free(dsa);
|
115
|
-
|
125
|
+
BN_GENCB_free(cb);
|
126
|
+
return NULL;
|
116
127
|
}
|
117
128
|
|
118
|
-
memset(&cb_arg, 0, sizeof(struct ossl_generate_cb_arg));
|
119
129
|
if (rb_block_given_p())
|
120
130
|
cb_arg.yield = 1;
|
121
|
-
BN_GENCB_set(
|
131
|
+
BN_GENCB_set(cb, ossl_generate_cb_2, &cb_arg);
|
122
132
|
gen_arg.dsa = dsa;
|
123
133
|
gen_arg.size = size;
|
124
|
-
gen_arg.seed = seed;
|
125
|
-
gen_arg.seed_len = seed_len;
|
126
134
|
gen_arg.counter = &counter;
|
127
135
|
gen_arg.h = &h;
|
128
|
-
gen_arg.cb =
|
136
|
+
gen_arg.cb = cb;
|
129
137
|
if (cb_arg.yield == 1) {
|
130
138
|
/* we cannot release GVL when callback proc is supplied */
|
131
139
|
dsa_blocking_gen(&gen_arg);
|
@@ -133,28 +141,24 @@ dsa_generate(int size)
|
|
133
141
|
/* there's a chance to unblock */
|
134
142
|
rb_thread_call_without_gvl(dsa_blocking_gen, &gen_arg, ossl_generate_cb_stop, &cb_arg);
|
135
143
|
}
|
144
|
+
|
145
|
+
BN_GENCB_free(cb);
|
136
146
|
if (!gen_arg.result) {
|
137
147
|
DSA_free(dsa);
|
138
|
-
if (cb_arg.state)
|
139
|
-
|
140
|
-
|
141
|
-
|
142
|
-
|
143
|
-
|
144
|
-
|
145
|
-
|
146
|
-
|
147
|
-
if (RAND_bytes(seed, seed_len) <= 0) {
|
148
|
-
return 0;
|
148
|
+
if (cb_arg.state) {
|
149
|
+
/* Clear OpenSSL error queue before re-raising. By the way, the
|
150
|
+
* documentation of DSA_generate_parameters_ex() says the error code
|
151
|
+
* can be obtained by ERR_get_error(), but the default
|
152
|
+
* implementation, dsa_builtin_paramgen() doesn't put any error... */
|
153
|
+
ossl_clear_error();
|
154
|
+
rb_jump_tag(cb_arg.state);
|
155
|
+
}
|
156
|
+
return NULL;
|
149
157
|
}
|
150
|
-
dsa = DSA_generate_parameters(size, seed, seed_len, &counter, &h,
|
151
|
-
rb_block_given_p() ? ossl_generate_cb : NULL, NULL);
|
152
|
-
if(!dsa) return 0;
|
153
|
-
#endif
|
154
158
|
|
155
159
|
if (!DSA_generate_key(dsa)) {
|
156
160
|
DSA_free(dsa);
|
157
|
-
return
|
161
|
+
return NULL;
|
158
162
|
}
|
159
163
|
|
160
164
|
return dsa;
|
@@ -187,7 +191,9 @@ ossl_dsa_s_generate(VALUE klass, VALUE size)
|
|
187
191
|
|
188
192
|
/*
|
189
193
|
* call-seq:
|
190
|
-
* DSA.new
|
194
|
+
* DSA.new -> dsa
|
195
|
+
* DSA.new(size) -> dsa
|
196
|
+
* DSA.new(string [, pass]) -> dsa
|
191
197
|
*
|
192
198
|
* Creates a new DSA instance by reading an existing key from +string+.
|
193
199
|
*
|
@@ -209,23 +215,22 @@ ossl_dsa_initialize(int argc, VALUE *argv, VALUE self)
|
|
209
215
|
EVP_PKEY *pkey;
|
210
216
|
DSA *dsa;
|
211
217
|
BIO *in;
|
212
|
-
char *passwd = NULL;
|
213
218
|
VALUE arg, pass;
|
214
219
|
|
215
220
|
GetPKey(self, pkey);
|
216
221
|
if(rb_scan_args(argc, argv, "02", &arg, &pass) == 0) {
|
217
222
|
dsa = DSA_new();
|
218
223
|
}
|
219
|
-
else if (
|
220
|
-
if (!(dsa = dsa_generate(
|
224
|
+
else if (RB_INTEGER_TYPE_P(arg)) {
|
225
|
+
if (!(dsa = dsa_generate(NUM2INT(arg)))) {
|
221
226
|
ossl_raise(eDSAError, NULL);
|
222
227
|
}
|
223
228
|
}
|
224
229
|
else {
|
225
|
-
|
230
|
+
pass = ossl_pem_passwd_value(pass);
|
226
231
|
arg = ossl_to_der_if_possible(arg);
|
227
|
-
in = ossl_obj2bio(arg);
|
228
|
-
dsa = PEM_read_bio_DSAPrivateKey(in, NULL, ossl_pem_passwd_cb,
|
232
|
+
in = ossl_obj2bio(&arg);
|
233
|
+
dsa = PEM_read_bio_DSAPrivateKey(in, NULL, ossl_pem_passwd_cb, (void *)pass);
|
229
234
|
if (!dsa) {
|
230
235
|
OSSL_BIO_reset(in);
|
231
236
|
dsa = PEM_read_bio_DSA_PUBKEY(in, NULL, NULL, NULL);
|
@@ -240,11 +245,14 @@ ossl_dsa_initialize(int argc, VALUE *argv, VALUE self)
|
|
240
245
|
}
|
241
246
|
if (!dsa) {
|
242
247
|
OSSL_BIO_reset(in);
|
248
|
+
#define PEM_read_bio_DSAPublicKey(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \
|
249
|
+
(d2i_of_void *)d2i_DSAPublicKey, PEM_STRING_DSA_PUBLIC, (bp), (void **)(x), (cb), (u))
|
243
250
|
dsa = PEM_read_bio_DSAPublicKey(in, NULL, NULL, NULL);
|
251
|
+
#undef PEM_read_bio_DSAPublicKey
|
244
252
|
}
|
245
253
|
BIO_free(in);
|
246
254
|
if (!dsa) {
|
247
|
-
|
255
|
+
ossl_clear_error();
|
248
256
|
ossl_raise(eDSAError, "Neither PUB key nor PRIV key");
|
249
257
|
}
|
250
258
|
}
|
@@ -256,6 +264,26 @@ ossl_dsa_initialize(int argc, VALUE *argv, VALUE self)
|
|
256
264
|
return self;
|
257
265
|
}
|
258
266
|
|
267
|
+
static VALUE
|
268
|
+
ossl_dsa_initialize_copy(VALUE self, VALUE other)
|
269
|
+
{
|
270
|
+
EVP_PKEY *pkey;
|
271
|
+
DSA *dsa, *dsa_new;
|
272
|
+
|
273
|
+
GetPKey(self, pkey);
|
274
|
+
if (EVP_PKEY_base_id(pkey) != EVP_PKEY_NONE)
|
275
|
+
ossl_raise(eDSAError, "DSA already initialized");
|
276
|
+
GetDSA(other, dsa);
|
277
|
+
|
278
|
+
dsa_new = ASN1_dup((i2d_of_void *)i2d_DSAPrivateKey, (d2i_of_void *)d2i_DSAPrivateKey, (char *)dsa);
|
279
|
+
if (!dsa_new)
|
280
|
+
ossl_raise(eDSAError, "ASN1_dup");
|
281
|
+
|
282
|
+
EVP_PKEY_assign_DSA(pkey, dsa_new);
|
283
|
+
|
284
|
+
return self;
|
285
|
+
}
|
286
|
+
|
259
287
|
/*
|
260
288
|
* call-seq:
|
261
289
|
* dsa.public? -> true | false
|
@@ -266,11 +294,13 @@ ossl_dsa_initialize(int argc, VALUE *argv, VALUE self)
|
|
266
294
|
static VALUE
|
267
295
|
ossl_dsa_is_public(VALUE self)
|
268
296
|
{
|
269
|
-
|
297
|
+
DSA *dsa;
|
298
|
+
const BIGNUM *bn;
|
270
299
|
|
271
|
-
|
300
|
+
GetDSA(self, dsa);
|
301
|
+
DSA_get0_key(dsa, &bn, NULL);
|
272
302
|
|
273
|
-
return
|
303
|
+
return bn ? Qtrue : Qfalse;
|
274
304
|
}
|
275
305
|
|
276
306
|
/*
|
@@ -283,11 +313,11 @@ ossl_dsa_is_public(VALUE self)
|
|
283
313
|
static VALUE
|
284
314
|
ossl_dsa_is_private(VALUE self)
|
285
315
|
{
|
286
|
-
|
316
|
+
DSA *dsa;
|
287
317
|
|
288
|
-
|
318
|
+
GetDSA(self, dsa);
|
289
319
|
|
290
|
-
return
|
320
|
+
return DSA_PRIVATE(self, dsa) ? Qtrue : Qfalse;
|
291
321
|
}
|
292
322
|
|
293
323
|
/*
|
@@ -310,34 +340,28 @@ ossl_dsa_is_private(VALUE self)
|
|
310
340
|
static VALUE
|
311
341
|
ossl_dsa_export(int argc, VALUE *argv, VALUE self)
|
312
342
|
{
|
313
|
-
|
343
|
+
DSA *dsa;
|
314
344
|
BIO *out;
|
315
345
|
const EVP_CIPHER *ciph = NULL;
|
316
|
-
char *passwd = NULL;
|
317
346
|
VALUE cipher, pass, str;
|
318
347
|
|
319
|
-
|
348
|
+
GetDSA(self, dsa);
|
320
349
|
rb_scan_args(argc, argv, "02", &cipher, &pass);
|
321
350
|
if (!NIL_P(cipher)) {
|
322
351
|
ciph = GetCipherPtr(cipher);
|
323
|
-
|
324
|
-
StringValue(pass);
|
325
|
-
if (RSTRING_LENINT(pass) < OSSL_MIN_PWD_LEN)
|
326
|
-
ossl_raise(eOSSLError, "OpenSSL requires passwords to be at least four characters long");
|
327
|
-
passwd = RSTRING_PTR(pass);
|
328
|
-
}
|
352
|
+
pass = ossl_pem_passwd_value(pass);
|
329
353
|
}
|
330
354
|
if (!(out = BIO_new(BIO_s_mem()))) {
|
331
355
|
ossl_raise(eDSAError, NULL);
|
332
356
|
}
|
333
|
-
if (DSA_HAS_PRIVATE(
|
334
|
-
if (!PEM_write_bio_DSAPrivateKey(out,
|
335
|
-
|
357
|
+
if (DSA_HAS_PRIVATE(dsa)) {
|
358
|
+
if (!PEM_write_bio_DSAPrivateKey(out, dsa, ciph, NULL, 0,
|
359
|
+
ossl_pem_passwd_cb, (void *)pass)){
|
336
360
|
BIO_free(out);
|
337
361
|
ossl_raise(eDSAError, NULL);
|
338
362
|
}
|
339
363
|
} else {
|
340
|
-
if (!PEM_write_bio_DSA_PUBKEY(out,
|
364
|
+
if (!PEM_write_bio_DSA_PUBKEY(out, dsa)) {
|
341
365
|
BIO_free(out);
|
342
366
|
ossl_raise(eDSAError, NULL);
|
343
367
|
}
|
@@ -357,28 +381,29 @@ ossl_dsa_export(int argc, VALUE *argv, VALUE self)
|
|
357
381
|
static VALUE
|
358
382
|
ossl_dsa_to_der(VALUE self)
|
359
383
|
{
|
360
|
-
|
361
|
-
int (*i2d_func)
|
384
|
+
DSA *dsa;
|
385
|
+
int (*i2d_func)(DSA *, unsigned char **);
|
362
386
|
unsigned char *p;
|
363
387
|
long len;
|
364
388
|
VALUE str;
|
365
389
|
|
366
|
-
|
367
|
-
if(DSA_HAS_PRIVATE(
|
368
|
-
i2d_func = (int(*)
|
390
|
+
GetDSA(self, dsa);
|
391
|
+
if(DSA_HAS_PRIVATE(dsa))
|
392
|
+
i2d_func = (int (*)(DSA *,unsigned char **))i2d_DSAPrivateKey;
|
369
393
|
else
|
370
394
|
i2d_func = i2d_DSA_PUBKEY;
|
371
|
-
if((len = i2d_func(
|
395
|
+
if((len = i2d_func(dsa, NULL)) <= 0)
|
372
396
|
ossl_raise(eDSAError, NULL);
|
373
397
|
str = rb_str_new(0, len);
|
374
398
|
p = (unsigned char *)RSTRING_PTR(str);
|
375
|
-
if(i2d_func(
|
399
|
+
if(i2d_func(dsa, &p) < 0)
|
376
400
|
ossl_raise(eDSAError, NULL);
|
377
401
|
ossl_str_adjust(str, p);
|
378
402
|
|
379
403
|
return str;
|
380
404
|
}
|
381
405
|
|
406
|
+
|
382
407
|
/*
|
383
408
|
* call-seq:
|
384
409
|
* dsa.params -> hash
|
@@ -390,18 +415,20 @@ ossl_dsa_to_der(VALUE self)
|
|
390
415
|
static VALUE
|
391
416
|
ossl_dsa_get_params(VALUE self)
|
392
417
|
{
|
393
|
-
|
418
|
+
DSA *dsa;
|
394
419
|
VALUE hash;
|
420
|
+
const BIGNUM *p, *q, *g, *pub_key, *priv_key;
|
395
421
|
|
396
|
-
|
422
|
+
GetDSA(self, dsa);
|
423
|
+
DSA_get0_pqg(dsa, &p, &q, &g);
|
424
|
+
DSA_get0_key(dsa, &pub_key, &priv_key);
|
397
425
|
|
398
426
|
hash = rb_hash_new();
|
399
|
-
|
400
|
-
rb_hash_aset(hash, rb_str_new2("
|
401
|
-
rb_hash_aset(hash, rb_str_new2("
|
402
|
-
rb_hash_aset(hash, rb_str_new2("
|
403
|
-
rb_hash_aset(hash, rb_str_new2("
|
404
|
-
rb_hash_aset(hash, rb_str_new2("priv_key"), ossl_bn_new(pkey->pkey.dsa->priv_key));
|
427
|
+
rb_hash_aset(hash, rb_str_new2("p"), ossl_bn_new(p));
|
428
|
+
rb_hash_aset(hash, rb_str_new2("q"), ossl_bn_new(q));
|
429
|
+
rb_hash_aset(hash, rb_str_new2("g"), ossl_bn_new(g));
|
430
|
+
rb_hash_aset(hash, rb_str_new2("pub_key"), ossl_bn_new(pub_key));
|
431
|
+
rb_hash_aset(hash, rb_str_new2("priv_key"), ossl_bn_new(priv_key));
|
405
432
|
|
406
433
|
return hash;
|
407
434
|
}
|
@@ -417,15 +444,15 @@ ossl_dsa_get_params(VALUE self)
|
|
417
444
|
static VALUE
|
418
445
|
ossl_dsa_to_text(VALUE self)
|
419
446
|
{
|
420
|
-
|
447
|
+
DSA *dsa;
|
421
448
|
BIO *out;
|
422
449
|
VALUE str;
|
423
450
|
|
424
|
-
|
451
|
+
GetDSA(self, dsa);
|
425
452
|
if (!(out = BIO_new(BIO_s_mem()))) {
|
426
453
|
ossl_raise(eDSAError, NULL);
|
427
454
|
}
|
428
|
-
if (!DSA_print(out,
|
455
|
+
if (!DSA_print(out, dsa, 0)) { /* offset = 0 */
|
429
456
|
BIO_free(out);
|
430
457
|
ossl_raise(eDSAError, NULL);
|
431
458
|
}
|
@@ -460,8 +487,11 @@ ossl_dsa_to_public_key(VALUE self)
|
|
460
487
|
|
461
488
|
GetPKeyDSA(self, pkey);
|
462
489
|
/* err check performed by dsa_instance */
|
463
|
-
|
464
|
-
|
490
|
+
#define DSAPublicKey_dup(dsa) (DSA *)ASN1_dup( \
|
491
|
+
(i2d_of_void *)i2d_DSAPublicKey, (d2i_of_void *)d2i_DSAPublicKey, (char *)(dsa))
|
492
|
+
dsa = DSAPublicKey_dup(EVP_PKEY_get0_DSA(pkey));
|
493
|
+
#undef DSAPublicKey_dup
|
494
|
+
obj = dsa_instance(rb_obj_class(self), dsa);
|
465
495
|
if (obj == Qfalse) {
|
466
496
|
DSA_free(dsa);
|
467
497
|
ossl_raise(eDSAError, NULL);
|
@@ -469,8 +499,6 @@ ossl_dsa_to_public_key(VALUE self)
|
|
469
499
|
return obj;
|
470
500
|
}
|
471
501
|
|
472
|
-
#define ossl_dsa_buf_size(pkey) (DSA_size((pkey)->pkey.dsa)+16)
|
473
|
-
|
474
502
|
/*
|
475
503
|
* call-seq:
|
476
504
|
* dsa.syssign(string) -> aString
|
@@ -493,20 +521,22 @@ ossl_dsa_to_public_key(VALUE self)
|
|
493
521
|
static VALUE
|
494
522
|
ossl_dsa_sign(VALUE self, VALUE data)
|
495
523
|
{
|
496
|
-
|
524
|
+
DSA *dsa;
|
525
|
+
const BIGNUM *dsa_q;
|
497
526
|
unsigned int buf_len;
|
498
527
|
VALUE str;
|
499
528
|
|
500
|
-
|
501
|
-
|
529
|
+
GetDSA(self, dsa);
|
530
|
+
DSA_get0_pqg(dsa, NULL, &dsa_q, NULL);
|
531
|
+
if (!dsa_q)
|
502
532
|
ossl_raise(eDSAError, "incomplete DSA");
|
503
|
-
if (!DSA_PRIVATE(self,
|
533
|
+
if (!DSA_PRIVATE(self, dsa))
|
504
534
|
ossl_raise(eDSAError, "Private DSA key needed!");
|
505
535
|
StringValue(data);
|
506
|
-
str = rb_str_new(0,
|
536
|
+
str = rb_str_new(0, DSA_size(dsa));
|
507
537
|
if (!DSA_sign(0, (unsigned char *)RSTRING_PTR(data), RSTRING_LENINT(data),
|
508
538
|
(unsigned char *)RSTRING_PTR(str),
|
509
|
-
&buf_len,
|
539
|
+
&buf_len, dsa)) { /* type is ignored (0) */
|
510
540
|
ossl_raise(eDSAError, NULL);
|
511
541
|
}
|
512
542
|
rb_str_set_len(str, buf_len);
|
@@ -536,15 +566,15 @@ ossl_dsa_sign(VALUE self, VALUE data)
|
|
536
566
|
static VALUE
|
537
567
|
ossl_dsa_verify(VALUE self, VALUE digest, VALUE sig)
|
538
568
|
{
|
539
|
-
|
569
|
+
DSA *dsa;
|
540
570
|
int ret;
|
541
571
|
|
542
|
-
|
572
|
+
GetDSA(self, dsa);
|
543
573
|
StringValue(digest);
|
544
574
|
StringValue(sig);
|
545
575
|
/* type is ignored (0) */
|
546
576
|
ret = DSA_verify(0, (unsigned char *)RSTRING_PTR(digest), RSTRING_LENINT(digest),
|
547
|
-
(unsigned char *)RSTRING_PTR(sig), RSTRING_LENINT(sig),
|
577
|
+
(unsigned char *)RSTRING_PTR(sig), RSTRING_LENINT(sig), dsa);
|
548
578
|
if (ret < 0) {
|
549
579
|
ossl_raise(eDSAError, NULL);
|
550
580
|
}
|
@@ -555,11 +585,22 @@ ossl_dsa_verify(VALUE self, VALUE digest, VALUE sig)
|
|
555
585
|
return Qfalse;
|
556
586
|
}
|
557
587
|
|
558
|
-
|
559
|
-
|
560
|
-
|
561
|
-
|
562
|
-
|
588
|
+
/*
|
589
|
+
* Document-method: OpenSSL::PKey::DSA#set_pqg
|
590
|
+
* call-seq:
|
591
|
+
* dsa.set_pqg(p, q, g) -> self
|
592
|
+
*
|
593
|
+
* Sets +p+, +q+, +g+ for the DSA instance.
|
594
|
+
*/
|
595
|
+
OSSL_PKEY_BN_DEF3(dsa, DSA, pqg, p, q, g)
|
596
|
+
/*
|
597
|
+
* Document-method: OpenSSL::PKey::DSA#set_key
|
598
|
+
* call-seq:
|
599
|
+
* dsa.set_key(pub_key, priv_key) -> self
|
600
|
+
*
|
601
|
+
* Sets +pub_key+ and +priv_key+ for the DSA instance. +priv_key+ may be nil.
|
602
|
+
*/
|
603
|
+
OSSL_PKEY_BN_DEF2(dsa, DSA, key, pub_key, priv_key)
|
563
604
|
|
564
605
|
/*
|
565
606
|
* INIT
|
@@ -568,8 +609,9 @@ void
|
|
568
609
|
Init_ossl_dsa(void)
|
569
610
|
{
|
570
611
|
#if 0
|
571
|
-
mOSSL = rb_define_module("OpenSSL"); /* let rdoc know about mOSSL and mPKey */
|
572
612
|
mPKey = rb_define_module_under(mOSSL, "PKey");
|
613
|
+
cPKey = rb_define_class_under(mPKey, "PKey", rb_cObject);
|
614
|
+
ePKeyError = rb_define_class_under(mPKey, "PKeyError", eOSSLError);
|
573
615
|
#endif
|
574
616
|
|
575
617
|
/* Document-class: OpenSSL::PKey::DSAError
|
@@ -596,6 +638,7 @@ Init_ossl_dsa(void)
|
|
596
638
|
|
597
639
|
rb_define_singleton_method(cDSA, "generate", ossl_dsa_s_generate, 1);
|
598
640
|
rb_define_method(cDSA, "initialize", ossl_dsa_initialize, -1);
|
641
|
+
rb_define_copy_func(cDSA, ossl_dsa_initialize_copy);
|
599
642
|
|
600
643
|
rb_define_method(cDSA, "public?", ossl_dsa_is_public, 0);
|
601
644
|
rb_define_method(cDSA, "private?", ossl_dsa_is_private, 0);
|
@@ -613,6 +656,8 @@ Init_ossl_dsa(void)
|
|
613
656
|
DEF_OSSL_PKEY_BN(cDSA, dsa, g);
|
614
657
|
DEF_OSSL_PKEY_BN(cDSA, dsa, pub_key);
|
615
658
|
DEF_OSSL_PKEY_BN(cDSA, dsa, priv_key);
|
659
|
+
rb_define_method(cDSA, "set_pqg", ossl_dsa_set_pqg, 3);
|
660
|
+
rb_define_method(cDSA, "set_key", ossl_dsa_set_key, 2);
|
616
661
|
|
617
662
|
rb_define_method(cDSA, "params", ossl_dsa_get_params, 0);
|
618
663
|
}
|