ruby.git/ext/openssl/ossl_pkey.h, branch v4.0.3 The Ruby Programming Language [ruby/openssl] Expand tabs in C source files 2025-12-04T17:46:59+00:00 Kazuki Yamaguchi k@rhe.jp 2025-07-29T18:40:32+00:00 5062c0c621d887367af8a054e5e5d83d7ec57dd3 Since around 2018, we have been using spaces for indentation for newly added code[1]. The mixed use of tabs and spaces has repeatedly confused new contributors who configured their editors to use a different tab size than 8. Since git blame can now skip specific commits, ruby/ruby did a mass reformatting of tabs in 2022[2]. Do the same in ruby/openssl. While at it, fix a few indentation issues, mainly in switch-case labels and in ossl_ssl_session.c, which used doubled indentation size. This patch contains white-space changes only. git diff -w output should be empty. [1] https://bugs.ruby-lang.org/issues/14246 [2] https://bugs.ruby-lang.org/issues/18891 https://github.com/ruby/openssl/commit/4d6214f507 
Since around 2018, we have been using spaces for indentation for newly
added code[1]. The mixed use of tabs and spaces has repeatedly confused
new contributors who configured their editors to use a different tab
size than 8. Since git blame can now skip specific commits, ruby/ruby
did a mass reformatting of tabs in 2022[2]. Do the same in ruby/openssl.

While at it, fix a few indentation issues, mainly in switch-case labels
and in ossl_ssl_session.c, which used doubled indentation size.

This patch contains white-space changes only. git diff -w output should
be empty.

[1] https://bugs.ruby-lang.org/issues/14246
[2] https://bugs.ruby-lang.org/issues/18891

https://github.com/ruby/openssl/commit/4d6214f507
[ruby/openssl] pkey: define and use OSSL_HAVE_IMMUTABLE_PKEY macro 2025-09-30T11:59:27+00:00 Kazuki Yamaguchi k@rhe.jp 2025-01-25T06:50:03+00:00 986d9177dd63aaecbbb6e3a02fe20370cbd21bc5 Introduce a useful macro indicating that the low-level struct wrapped in an EVP_PKEY cannot be modified. Currently, the macro is defined for OpenSSL 3.0 or later only. LibreSSL and AWS-LC can follow suit in the future. https://github.com/ruby/openssl/commit/032ed63096 
Introduce a useful macro indicating that the low-level struct wrapped
in an EVP_PKEY cannot be modified.

Currently, the macro is defined for OpenSSL 3.0 or later only. LibreSSL
and AWS-LC can follow suit in the future.

https://github.com/ruby/openssl/commit/032ed63096
[ruby/openssl] pkey: rename ossl_pkey_new() to ossl_pkey_wrap() 2025-07-27T12:17:25+00:00 Kazuki Yamaguchi k@rhe.jp 2025-07-21T14:52:03+00:00 1c18ab81dbf4a8006222d7f10752dde362ba05a6 Among functions named ossl_*_new(), ossl_pkey_new() is now the only one that takes ownership of the passed OpenSSL object instead of making a copy or incrementing its reference counter. Rename it to make this behavior easier to understand. https://github.com/ruby/openssl/commit/54c1c26eb5 
Among functions named ossl_*_new(), ossl_pkey_new() is now the only one
that takes ownership of the passed OpenSSL object instead of making a
copy or incrementing its reference counter. Rename it to make this
behavior easier to understand.

https://github.com/ruby/openssl/commit/54c1c26eb5
[ruby/openssl] Mark variables and functions as static whenever possible 2024-12-07T07:55:47+00:00 Kazuki Yamaguchi k@rhe.jp 2024-10-29T19:03:05+00:00 1df63d9451459209c00f5e8db033f18d145cc741 https://github.com/ruby/openssl/commit/85d6b7f192 
https://github.com/ruby/openssl/commit/85d6b7f192
[ruby/openssl] Fix references to the license text 2024-06-08T10:59:17+00:00 Kazuki Yamaguchi k@rhe.jp 2024-05-01T08:10:44+00:00 69c0b1438a45938e79e63407035f116de4634dcb Update the references to the file "LICENCE" with "COPYING". The file LICENCE doesn't exist in ruby/ruby nor ruby/openssl. This has been always the case since OpenSSL for Ruby 2 was merged to the ruby tree as a standard library in 2003. In OpenSSL for Ruby 2's CVS repository[1], the LICENCE file contained an old version of the Ruby License, identical to the COPYING file that was in Ruby's tree at that time (r4128[2]). [1] http://cvs.savannah.gnu.org/viewvc/rubypki/ossl2/LICENCE?revision=1.1.1.1&view=markup [2] https://github.com/ruby/ruby/blob/231247c010acba191b78ed2d1310c935e63ad919/COPYING https://github.com/ruby/openssl/commit/5bccf07d04 
Update the references to the file "LICENCE" with "COPYING".

The file LICENCE doesn't exist in ruby/ruby nor ruby/openssl. This has
been always the case since OpenSSL for Ruby 2 was merged to the ruby
tree as a standard library in 2003.

In OpenSSL for Ruby 2's CVS repository[1], the LICENCE file contained
an old version of the Ruby License, identical to the COPYING file that
was in Ruby's tree at that time (r4128[2]).

[1] http://cvs.savannah.gnu.org/viewvc/rubypki/ossl2/LICENCE?revision=1.1.1.1&view=markup
[2] https://github.com/ruby/ruby/blob/231247c010acba191b78ed2d1310c935e63ad919/COPYING

https://github.com/ruby/openssl/commit/5bccf07d04
[ruby/openssl] Constify when building with OpenSSL 3 2022-12-23T00:39:15+00:00 Nobuyoshi Nakada nobu@ruby-lang.org 2022-07-08T15:17:25+00:00 d7d1bb3e871108b787d67da1f0d11d317bdfacf7 https://github.com/ruby/openssl/commit/c0023822fe 
https://github.com/ruby/openssl/commit/c0023822fe
[ruby/openssl] pkey: deprecate PKey#set_* methods 2021-12-20T14:42:02+00:00 Kazuki Yamaguchi k@rhe.jp 2021-09-21T09:29:59+00:00 8ebf5978852e22358cbcdf74c0eb506f22e2c73f OpenSSL 3.0 made EVP_PKEY immutable. This means we can only have a const pointer of the low level struct and the following methods can no longer be provided when linked against OpenSSL 3.0: - OpenSSL::PKey::RSA#set_key - OpenSSL::PKey::RSA#set_factors - OpenSSL::PKey::RSA#set_crt_params - OpenSSL::PKey::DSA#set_pqg - OpenSSL::PKey::DSA#set_key - OpenSSL::PKey::DH#set_pqg - OpenSSL::PKey::DH#set_key - OpenSSL::PKey::EC#group= - OpenSSL::PKey::EC#private_key= - OpenSSL::PKey::EC#public_key= There is no direct replacement for this functionality at the moment. I plan to introduce a wrapper around EVP_PKEY_fromdata(), which takes all key components at once to construct an EVP_PKEY. https://github.com/ruby/openssl/commit/6848d2d969 
OpenSSL 3.0 made EVP_PKEY immutable. This means we can only have a const
pointer of the low level struct and the following methods can no longer
be provided when linked against OpenSSL 3.0:

 - OpenSSL::PKey::RSA#set_key
 - OpenSSL::PKey::RSA#set_factors
 - OpenSSL::PKey::RSA#set_crt_params
 - OpenSSL::PKey::DSA#set_pqg
 - OpenSSL::PKey::DSA#set_key
 - OpenSSL::PKey::DH#set_pqg
 - OpenSSL::PKey::DH#set_key
 - OpenSSL::PKey::EC#group=
 - OpenSSL::PKey::EC#private_key=
 - OpenSSL::PKey::EC#public_key=

There is no direct replacement for this functionality at the moment.
I plan to introduce a wrapper around EVP_PKEY_fromdata(), which takes
all key components at once to construct an EVP_PKEY.

https://github.com/ruby/openssl/commit/6848d2d969
[ruby/openssl] pkey: allocate EVP_PKEY on #initialize 2021-12-20T14:42:01+00:00 Kazuki Yamaguchi k@rhe.jp 2021-04-12T09:32:40+00:00 c1a36ebfda8ba570173e2844bc584786852e6190 Allocate an EVP_PKEY when the content is ready: when #initialize or #initialize_copy is called, rather than when a T_DATA is allocated. This is more natural because the lower level API has been deprecated and an EVP_PKEY is becoming the minimum unit of handling keys. https://github.com/ruby/openssl/commit/74f6c61756 
Allocate an EVP_PKEY when the content is ready: when #initialize
or #initialize_copy is called, rather than when a T_DATA is allocated.
This is more natural because the lower level API has been deprecated
and an EVP_PKEY is becoming the minimum unit of handling keys.

https://github.com/ruby/openssl/commit/74f6c61756
[ruby/openssl] pkey: do not check NULL argument in ossl_pkey_new() 2021-12-20T14:42:00+00:00 Kazuki Yamaguchi k@rhe.jp 2021-04-12T04:55:10+00:00 02a58fbfd1406acde30bb7ca4d019f2bd09bfacd Passing NULL to ossl_pkey_new() makes no sense in the first place, and in fact it is ensured not to be NULL in all cases. https://github.com/ruby/openssl/commit/316cb2a41f 
Passing NULL to ossl_pkey_new() makes no sense in the first place, and
in fact it is ensured not to be NULL in all cases.

https://github.com/ruby/openssl/commit/316cb2a41f
[ruby/openssl] pkey: remove deprecated parameter setters 2021-07-18T08:44:56+00:00 Kazuki Yamaguchi k@rhe.jp 2021-05-25T08:31:08+00:00 eac7fd57f807cc9e0ec4307efcaa412b343971a5 Remove the following methods, which have been marked as deprecated and produced a warning since version 2.0, commit 7ea72f1f5084 ("adapt OpenSSL::PKey to OpenSSL 1.1.0 opaque structs", 2016-06-05). - OpenSSL::PKey::RSA#n=, #e=, #d=, #p=, #q=, #dmp1=, #dmq1=, #iqmp= - OpenSSL::PKey::DSA#p=, #q=, #g=, #priv_key=, #pub_key= - OpenSSL::PKey::DH#p=, #g=, #priv_key=, #pub_key= These methods could only work with OpenSSL 1.0.2 or older, which is now EOL. https://github.com/ruby/openssl/commit/2334862cc0 
Remove the following methods, which have been marked as deprecated and
produced a warning since version 2.0, commit 7ea72f1f5084 ("adapt
OpenSSL::PKey to OpenSSL 1.1.0 opaque structs", 2016-06-05).

 - OpenSSL::PKey::RSA#n=, #e=, #d=, #p=, #q=, #dmp1=, #dmq1=, #iqmp=
 - OpenSSL::PKey::DSA#p=, #q=, #g=, #priv_key=, #pub_key=
 - OpenSSL::PKey::DH#p=, #g=, #priv_key=, #pub_key=

These methods could only work with OpenSSL 1.0.2 or older, which is now
EOL.

https://github.com/ruby/openssl/commit/2334862cc0