ruby.git/ext/openssl/ossl_hmac.c, branch v3_4_9 The Ruby Programming Language [ruby/openssl] Mark variables and functions as static whenever possible 2024-12-07T07:55:47+00:00 Kazuki Yamaguchi k@rhe.jp 2024-10-29T19:03:05+00:00 1df63d9451459209c00f5e8db033f18d145cc741 https://github.com/ruby/openssl/commit/85d6b7f192 
https://github.com/ruby/openssl/commit/85d6b7f192
[ruby/openssl] Fix references to the license text 2024-06-08T10:59:17+00:00 Kazuki Yamaguchi k@rhe.jp 2024-05-01T08:10:44+00:00 69c0b1438a45938e79e63407035f116de4634dcb Update the references to the file "LICENCE" with "COPYING". The file LICENCE doesn't exist in ruby/ruby nor ruby/openssl. This has been always the case since OpenSSL for Ruby 2 was merged to the ruby tree as a standard library in 2003. In OpenSSL for Ruby 2's CVS repository[1], the LICENCE file contained an old version of the Ruby License, identical to the COPYING file that was in Ruby's tree at that time (r4128[2]). [1] http://cvs.savannah.gnu.org/viewvc/rubypki/ossl2/LICENCE?revision=1.1.1.1&view=markup [2] https://github.com/ruby/ruby/blob/231247c010acba191b78ed2d1310c935e63ad919/COPYING https://github.com/ruby/openssl/commit/5bccf07d04 
Update the references to the file "LICENCE" with "COPYING".

The file LICENCE doesn't exist in ruby/ruby nor ruby/openssl. This has
been always the case since OpenSSL for Ruby 2 was merged to the ruby
tree as a standard library in 2003.

In OpenSSL for Ruby 2's CVS repository[1], the LICENCE file contained
an old version of the Ruby License, identical to the COPYING file that
was in Ruby's tree at that time (r4128[2]).

[1] http://cvs.savannah.gnu.org/viewvc/rubypki/ossl2/LICENCE?revision=1.1.1.1&view=markup
[2] https://github.com/ruby/ruby/blob/231247c010acba191b78ed2d1310c935e63ad919/COPYING

https://github.com/ruby/openssl/commit/5bccf07d04
[ruby/openssl] Implement Write Barrier for all OpenSSL types 2023-06-18T16:57:09+00:00 Jean Boussier jean.boussier@gmail.com 2023-03-13T08:51:53+00:00 1965c09ee50b5202d45462cd8bc6224ca6e45ae9 The vast majority have no reference so it's just a matter of setting the flags. For the couple exception, they have very little references so it's easy. https://github.com/ruby/openssl/commit/2c7c6de69e 
The vast majority have no reference so it's just a matter of setting the flags.

For the couple exception, they have very little references so it's
easy.

https://github.com/ruby/openssl/commit/2c7c6de69e
[ruby/openssl] hmac: use EVP_PKEY_new_raw_private_key() if available 2022-10-17T07:35:35+00:00 Kazuki Yamaguchi k@rhe.jp 2022-09-01T06:59:52+00:00 65bba0ef6fa104324d34079f107f9c72ed8d0e2f Current OpenSSL 3.0.x release has a regression with zero-length MAC keys. While this issue should be fixed in a future release of OpenSSL, we can use EVP_PKEY_new_raw_private_key() in place of the problematic EVP_PKEY_new_mac_key() to avoid the issue. OpenSSL 3.0's man page recommends using it regardless: > EVP_PKEY_new_mac_key() works in the same way as > EVP_PKEY_new_raw_private_key(). New applications should use > EVP_PKEY_new_raw_private_key() instead. Fixes https://github.com/ruby/openssl/issues/369#issuecomment-1224912710 https://github.com/ruby/openssl/commit/4293f18b1f 
Current OpenSSL 3.0.x release has a regression with zero-length MAC
keys. While this issue should be fixed in a future release of OpenSSL,
we can use EVP_PKEY_new_raw_private_key() in place of the problematic
EVP_PKEY_new_mac_key() to avoid the issue. OpenSSL 3.0's man page
recommends using it regardless:

> EVP_PKEY_new_mac_key() works in the same way as
> EVP_PKEY_new_raw_private_key().  New applications should use
> EVP_PKEY_new_raw_private_key() instead.

Fixes https://github.com/ruby/openssl/issues/369#issuecomment-1224912710

https://github.com/ruby/openssl/commit/4293f18b1f
[ruby/openssl] hmac: fix wrong usage of EVP_DigestSignFinal() 2021-12-20T14:42:02+00:00 Kazuki Yamaguchi k@rhe.jp 2021-12-11T07:27:42+00:00 c1a7c6df18f6d6eb0c701443b1231ea2c0baf6ea According to the manpage, the "siglen" parameter must be initialized beforehand. https://github.com/ruby/openssl/commit/6a60c7b2e7 
According to the manpage, the "siglen" parameter must be initialized
beforehand.

https://github.com/ruby/openssl/commit/6a60c7b2e7
[ruby/openssl] hmac: use EVP_MD_CTX_get_pkey_ctx() instead of EVP_MD_CTX_pkey_ctx() 2021-10-24T15:40:46+00:00 Kazuki Yamaguchi k@rhe.jp 2021-06-22T09:50:17+00:00 16272d9ae98dfa8296d477a8e255d35f4a3d29e9 OpenSSL 3.0 renamed EVP_MD_CTX_pkey_ctx() to include "get" in the function name. Adjust compatibility macro so that we can use the new function name for all OpenSSL 1.0.2-3.0. https://github.com/ruby/openssl/commit/c106d888c6 
OpenSSL 3.0 renamed EVP_MD_CTX_pkey_ctx() to include "get" in the
function name. Adjust compatibility macro so that we can use the new
function name for all OpenSSL 1.0.2-3.0.

https://github.com/ruby/openssl/commit/c106d888c6
[ruby/openssl] digest: use EVP_MD_CTX_get0_md() instead of EVP_MD_CTX_md() if exists 2021-10-24T15:40:45+00:00 Kazuki Yamaguchi k@rhe.jp 2021-04-22T04:57:47+00:00 040387d265e405c769867dbedd47c723185bc944 The function was renamed in OpenSSL 3.0 due to the change of the lifetime of EVP_MD objects. They are no longer necessarily statically allocated and can be reference-counted -- when an EVP_MD_CTX is free'd, the associated EVP_MD can also become inaccessible. Currently Ruby/OpenSSL only handles builtin algorithms, so no special handling is needed except for adapting to the rename. https://github.com/ruby/openssl/commit/0a253027e6 
The function was renamed in OpenSSL 3.0 due to the change of the
lifetime of EVP_MD objects. They are no longer necessarily statically
allocated and can be reference-counted -- when an EVP_MD_CTX is free'd,
the associated EVP_MD can also become inaccessible.

Currently Ruby/OpenSSL only handles builtin algorithms, so no special
handling is needed except for adapting to the rename.

https://github.com/ruby/openssl/commit/0a253027e6
[ruby/openssl] hmac: migrate from the low-level HMAC API to the EVP API 2021-03-16T10:16:11+00:00 Kazuki Yamaguchi k@rhe.jp 2020-05-18T07:15:07+00:00 b91f62f3840582bb3e4fbece15654e1d852c829b Use the EVP API instead of the low-level HMAC API. Use of the HMAC API has been discouraged and is being marked as deprecated starting from OpenSSL 3.0.0. The two singleton methods OpenSSL::HMAC, HMAC.digest and HMAC.hexdigest are now in lib/openssl/hmac.rb. https://github.com/ruby/openssl/commit/0317e2fc02 
Use the EVP API instead of the low-level HMAC API. Use of the HMAC API
has been discouraged and is being marked as deprecated starting from
OpenSSL 3.0.0.

The two singleton methods OpenSSL::HMAC, HMAC.digest and HMAC.hexdigest
are now in lib/openssl/hmac.rb.

https://github.com/ruby/openssl/commit/0317e2fc02
[ruby/openssl] digest, hmac, ts, x509: use IO.binread in examples where appropriate 2021-03-16T10:16:11+00:00 Kazuki Yamaguchi k@rhe.jp 2020-05-13T09:15:08+00:00 15863069c90b1253021981b23d31f154d79f8fe6 IO.read may mangle line separator, which will corrupt binary data including DER-encoded X.509 certificates and such. Fixes: https://github.com/ruby/openssl/issues/243 https://github.com/ruby/openssl/commit/93213b2730 
IO.read may mangle line separator, which will corrupt binary data
including DER-encoded X.509 certificates and such.

Fixes: https://github.com/ruby/openssl/issues/243

https://github.com/ruby/openssl/commit/93213b2730
[ruby/openssl] Look up digest by name instead of constant 2020-05-13T06:47:51+00:00 Bart de Water bartdewater@gmail.com 2020-04-19T15:14:36+00:00 0b2c70eaa1e8e41fcb6332b22b084dabb81e637c https://github.com/ruby/openssl/commit/b28fb2f05c 
https://github.com/ruby/openssl/commit/b28fb2f05c