ruby.git/ext/openssl/ossl_pkey_ec.c, branch ruby_1_8_7 The Ruby Programming Language merge revision(s) 26836:26859,26861,27921: 2010-06-21T09:18:59+00:00 shyouhei shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2010-06-21T09:18:59+00:00 1ae16961956c2459c0f29b676c5da9cb9cc875bf * ext/openssl/ossl_ssl_session.c (ossl_ssl_session_{get,set}_time{,out}): fixed a bug introduced by backporting. (see [ruby-dev:40573]) use long in according to OpenSSL API. (SSL_SESSION_{get,set}_time{,out}) * ext/openssl/ossl_x509name.c: added X509::Name#hash_old as a wrapper for X509_NAME_hash_old in OpenSSL 1.0.0. * test/openssl/test_x509name.rb (test_hash): make test pass with OpenSSL 1.0.0. * test/openssl/test_x509*: make tests pass with OpenSSL 1.0.0b5. * PKey::PKey#verify raises an exception when a given PKey does not match with signature. * PKey::DSA#sign accepts SHA1, SHA256 other than DSS1. * backport the commit from trunk: Sun Feb 28 11:49:35 2010 NARUSE, Yui <naruse@ruby-lang.org> * openssl/ossl.c (OSSL_IMPL_SK2ARY): for OpenSSL 1.0. patched by Jeroen van Meeuwen at [ruby-core:25210] fixed by Nobuyoshi Nakada [ruby-core:25238], Hongli Lai [ruby-core:27417], and Motohiro KOSAKI [ruby-core:28063] * ext/openssl/ossl_ssl.c (ossl_ssl_method_tab), (ossl_ssl_cipher_to_ary): constified. * ext/openssl/ossl_pkcs7.c (pkcs7_get_certs, pkcs7_get_crls): split pkcs7_get_certs_or_crls. * test/openssl/test_ec.rb: added test_dsa_sign_asn1_FIPS186_3. dgst is truncated with ec_key.group.order.size after openssl 0.9.8m for FIPS 186-3 compliance. WARNING: ruby-openssl aims to wrap an OpenSSL so when you're using openssl 0.9.8l or earlier version, EC.dsa_sign_asn1 raises OpenSSL::PKey::ECError as before and EC.dsa_verify_asn1 just returns false when you pass dgst longer than expected (no truncation performed). * ext/openssl/ossl_pkey_ec.c: rdoc typo fixed. * ext/openssl/ossl_config.c: defined own IMPLEMENT_LHASH_DOALL_ARG_FN_098 macro according to IMPLEMENT_LHASH_DOALL_ARG_FN in OpenSSL 0.9.8m. OpenSSL 1.0.0beta5 has a slightly different definiton so it could be a temporal workaround for 0.9.8 and 1.0.0 dual support. * ext/openssl/ossl_pkcs5.c (ossl_pkcs5_pbkdf2_hmac): follows function definition in OpenSSL 1.0.0beta5. PKCS5_PBKDF2_HMAC is from 1.0.0 (0.9.8 only has PKCS5_PBKDF2_HMAC_SHA1) * ext/openssl/ossl_ssl_session.c (ossl_ssl_session_eq): do not use SSL_SESSION_cmp and implement equality func by ousrself. See the comment. * ext/openssl/extconf.rb: check some functions added at OpenSSL 1.0.0. * ext/openssl/ossl_engine.c (ossl_engine_s_load): use engines which exists. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_7@28367 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl/ossl_ssl_session.c
	  (ossl_ssl_session_{get,set}_time{,out}): fixed a bug introduced by
	  backporting. (see [ruby-dev:40573])  use long in according to
	  OpenSSL API. (SSL_SESSION_{get,set}_time{,out})
	* ext/openssl/ossl_x509name.c: added X509::Name#hash_old as a wrapper
	  for X509_NAME_hash_old in OpenSSL 1.0.0.
	* test/openssl/test_x509name.rb (test_hash): make test pass with
	  OpenSSL 1.0.0.
	* test/openssl/test_x509*: make tests pass with OpenSSL 1.0.0b5.
	  * PKey::PKey#verify raises an exception when a given PKey does not
	    match with signature.
	  * PKey::DSA#sign accepts SHA1, SHA256 other than DSS1.
	* backport the commit from trunk:
	  Sun Feb 28 11:49:35 2010  NARUSE, Yui  <naruse@ruby-lang.org>
	* openssl/ossl.c (OSSL_IMPL_SK2ARY): for OpenSSL 1.0.
	  patched by Jeroen van Meeuwen at [ruby-core:25210]
	  fixed by Nobuyoshi Nakada [ruby-core:25238],
	  Hongli Lai [ruby-core:27417],
	  and Motohiro KOSAKI [ruby-core:28063]
	* ext/openssl/ossl_ssl.c (ossl_ssl_method_tab),
	  (ossl_ssl_cipher_to_ary): constified.
	* ext/openssl/ossl_pkcs7.c (pkcs7_get_certs, pkcs7_get_crls):
	  split pkcs7_get_certs_or_crls.
	* test/openssl/test_ec.rb: added test_dsa_sign_asn1_FIPS186_3. dgst is
	  truncated with ec_key.group.order.size after openssl 0.9.8m for
	  FIPS 186-3 compliance.
	  WARNING: ruby-openssl aims to wrap an OpenSSL so when you're using
	  openssl 0.9.8l or earlier version, EC.dsa_sign_asn1 raises
	  OpenSSL::PKey::ECError as before and EC.dsa_verify_asn1 just returns
	  false when you pass dgst longer than expected (no truncation
	  performed).
	* ext/openssl/ossl_pkey_ec.c: rdoc typo fixed.
	* ext/openssl/ossl_config.c: defined own IMPLEMENT_LHASH_DOALL_ARG_FN_098
	  macro according to IMPLEMENT_LHASH_DOALL_ARG_FN in OpenSSL 0.9.8m.
	  OpenSSL 1.0.0beta5 has a slightly different definiton so it could
	  be a temporal workaround for 0.9.8 and 1.0.0 dual support.
	* ext/openssl/ossl_pkcs5.c (ossl_pkcs5_pbkdf2_hmac): follows function
	  definition in OpenSSL 1.0.0beta5. PKCS5_PBKDF2_HMAC is from 1.0.0
	  (0.9.8 only has PKCS5_PBKDF2_HMAC_SHA1)
	* ext/openssl/ossl_ssl_session.c (ossl_ssl_session_eq): do not use
	  SSL_SESSION_cmp and implement equality func by ousrself.  See the
	  comment.
	* ext/openssl/extconf.rb: check some functions added at OpenSSL 1.0.0.
	* ext/openssl/ossl_engine.c (ossl_engine_s_load): use engines which
	  exists.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_7@28367 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
merge revision(s) 26835: 2010-05-24T23:58:49+00:00 shyouhei shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2010-05-24T23:58:49+00:00 ffdcd1a4dc9ad1ea4d2a320461746dbe50fb5527 * ext/openssl: backport fixes in 1.9. * r25019 by marcandre * ossl_ocsp.c (ossl_ocspres_to_der): Bug fix in Response#to_def. Patch by Chris Chandler [ruby-core:18411] * r25017 by marcandre * ossl_config.c (ossl_config_add_value_m, ossl_config_set_section): Check if frozen (or untrusted for $SECURE >= 4) [ruby-core:18377] * r22925 by nobu * ext/openssl/openssl_missing.h (i2d_of_void): cast for callbacks. [ruby-core:22860] * ext/openssl/ossl_engine.c (ossl_engine_s_by_id): suppress a warning. * ext/openssl/ossl_ssl.c (ossl_sslctx_flush_sessions): time_t may be larger than long. * ext/openssl/ossl_ssl_session.c (ossl_ssl_session_get_time), (ossl_ssl_session_get_timeout): use TIMET2NUM() to convert time_t. * r22924 by nobu * ext/openssl/ossl_x509ext.c (ossl_x509ext_set_value): should use OPENSSL_free instead of free. a patch from Charlie Savage at [ruby-core:22858]. * r22918 by akr * ext/openssl: suppress warnings. * ext/openssl/ossl.h (OSSL_Debug): don't use gcc extention for variadic macro. * r22666 by akr * ext/openssl/lib/openssl/buffering.rb: define Buffering module under OpenSSL. [ruby-dev:37906] * r22440 by nobu * ext/openssl/ossl_ocsp.c (ossl_ocspbres_verify): OCSP_basic_verify returns positive value on success, not non-zero. [ruby-core:21762] * r22378 by akr * ext/openssl: avoid cyclic require. * ext/openssl/lib/openssl/ssl-internal.rb: renamed from ssl.rb * ext/openssl/lib/openssl/x509-internal.rb: renamed from x509.rb. [ruby-dev:38018] * r22101 by nobu * ext/openssl/ossl_cipher.c (add_cipher_name_to_ary): used conditionally. * r21510 by akr * ext/openssl/ossl.c (ossl_raise): abolish a warning. * r21208 by akr * ext/openssl/ossl_digest.c (GetDigestPtr): use StringValueCStr instead of STR2CSTR. * ext/openssl/ossl_pkey_ec.c (ossl_ec_key_initialize): ditto. (ossl_ec_group_initialize): ditto. * r19420 by mame * ext/openssl/ossl_pkey_ec.c (ossl_ec_key_to_string): comment out fragments of unused code. * r18975 by nobu * ext/openssl/ossl_ocsp.c (ossl_ocspres_initialize): fix for initialization of r18168. * r18971 by nobu * ext/openssl/ossl_config.c (Init_ossl_config): removed C99ism. * r18944 by matz * ext/openssl/ossl_config.c (Init_ossl_config): memory leak fixed. a patch <shinichiro.hamaji at gmail.com> in [ruby-dev:35880]. * ext/openssl/ossl_x509ext.c (ossl_x509ext_set_value): ditto. * r18917 by nobu * ext/openssl/ossl_x509attr.c (ossl_x509attr_initialize): fix for initialization of r18168. * ext/openssl/ossl_ocsp.c (ossl_ocspreq_initialize): ditto. * ext/openssl/ossl_x509name.c (ossl_x509name_initialize): ditto. * r18283 by nobu * ext/openssl/ossl_asn1.c (ossl_asn1_get_asn1type): suppress warnings on platforms which int size differs from pointer size. * r18181 by nobu * ext/openssl/openssl_missing.h (d2i_of_void): define for older versions. [ruby-dev:35637] * r18168 by nobu * ext/openssl: suppress warnings. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_7@28004 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
	* ext/openssl: backport fixes in 1.9.
	  * r25019 by marcandre
	    * ossl_ocsp.c (ossl_ocspres_to_der): Bug fix in Response#to_def.
	      Patch by Chris Chandler [ruby-core:18411]
	  * r25017 by marcandre
	    * ossl_config.c (ossl_config_add_value_m,
	      ossl_config_set_section): Check if frozen (or untrusted for
	      $SECURE >= 4) [ruby-core:18377]
	  * r22925 by nobu
	    * ext/openssl/openssl_missing.h (i2d_of_void): cast for callbacks.
	      [ruby-core:22860]
	    * ext/openssl/ossl_engine.c (ossl_engine_s_by_id): suppress a
	      warning.
	    * ext/openssl/ossl_ssl.c (ossl_sslctx_flush_sessions): time_t may
	      be larger than long.
	    * ext/openssl/ossl_ssl_session.c (ossl_ssl_session_get_time),
	      (ossl_ssl_session_get_timeout): use TIMET2NUM() to convert
	      time_t.
	  * r22924 by nobu
	    * ext/openssl/ossl_x509ext.c (ossl_x509ext_set_value): should use
	      OPENSSL_free instead of free.  a patch from Charlie Savage at
	      [ruby-core:22858].
	  * r22918 by akr
	    * ext/openssl: suppress warnings.
	    * ext/openssl/ossl.h (OSSL_Debug): don't use gcc extention for
	      variadic macro.
	  * r22666 by akr
	    * ext/openssl/lib/openssl/buffering.rb: define Buffering module
	      under OpenSSL.  [ruby-dev:37906]
	  * r22440 by nobu
	    * ext/openssl/ossl_ocsp.c (ossl_ocspbres_verify): OCSP_basic_verify
	      returns positive value on success, not non-zero.
	      [ruby-core:21762]
	  * r22378 by akr
	    * ext/openssl: avoid cyclic require.
	    * ext/openssl/lib/openssl/ssl-internal.rb: renamed from ssl.rb
	    * ext/openssl/lib/openssl/x509-internal.rb: renamed from x509.rb.
	      [ruby-dev:38018]
	  * r22101 by nobu
	    * ext/openssl/ossl_cipher.c (add_cipher_name_to_ary): used
	      conditionally.
	  * r21510 by akr
	    * ext/openssl/ossl.c (ossl_raise): abolish a warning.
	  * r21208 by akr
	    * ext/openssl/ossl_digest.c (GetDigestPtr): use StringValueCStr
	      instead of STR2CSTR.
	    * ext/openssl/ossl_pkey_ec.c (ossl_ec_key_initialize): ditto.
	      (ossl_ec_group_initialize): ditto.
	  * r19420 by mame
	    * ext/openssl/ossl_pkey_ec.c (ossl_ec_key_to_string): comment out
	      fragments of unused code.
	  * r18975 by nobu
	    * ext/openssl/ossl_ocsp.c (ossl_ocspres_initialize): fix for
	      initialization of r18168.
	  * r18971 by nobu
	    * ext/openssl/ossl_config.c (Init_ossl_config): removed C99ism.
	  * r18944 by matz
	    * ext/openssl/ossl_config.c (Init_ossl_config): memory leak fixed.
	      a patch <shinichiro.hamaji at gmail.com> in [ruby-dev:35880].
	    * ext/openssl/ossl_x509ext.c (ossl_x509ext_set_value): ditto.
	  * r18917 by nobu
	    * ext/openssl/ossl_x509attr.c (ossl_x509attr_initialize): fix for
	      initialization of r18168.
	    * ext/openssl/ossl_ocsp.c (ossl_ocspreq_initialize): ditto.
	    * ext/openssl/ossl_x509name.c (ossl_x509name_initialize): ditto.
	  * r18283 by nobu
	    * ext/openssl/ossl_asn1.c (ossl_asn1_get_asn1type): suppress
	      warnings on platforms which int size differs from pointer size.
	  * r18181 by nobu
	    * ext/openssl/openssl_missing.h (d2i_of_void): define for older
	      versions.  [ruby-dev:35637]
	  * r18168 by nobu
	    * ext/openssl: suppress warnings.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_7@28004 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/ossl_pkey_{ec,dh,dsa,rsa}.c: Remove useless warnings. 2008-02-26T07:11:23+00:00 technorama technorama@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2008-02-26T07:11:23+00:00 14017831536e23d4d98c94edeffa720d869e88f8 * ext/openssl/ossl_asn1.c: Simplify code. * ext/openssl/ossl_ssl_session.c Fix compiler warnings. Undefine #id if SSL_SESSION_get_id is not supported. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@15611 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
* ext/openssl/ossl_asn1.c: Simplify code.

* ext/openssl/ossl_ssl_session.c Fix compiler warnings.
  Undefine #id if SSL_SESSION_get_id is not supported.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@15611 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* ext/openssl/{extconf.rb,ossl_ssl_session.c}: 2007-06-18T09:03:15+00:00 technorama technorama@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2007-06-18T09:03:15+00:00 7137a314b313310efcabe7d3a4df435b19af1aa1 Fix ruby-Bugs-11513. * ext/openssl/ossl_pkey_ec.c New methods EC::Point.[eql,make_affine!,invert!,on_curve?,infinity?] By default output the same key form as the openssl command. * ext/openssl/ossl_rand.c New method Random.status? * test/openssl/test_ec.rb New tests. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@12572 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
  Fix ruby-Bugs-11513.

* ext/openssl/ossl_pkey_ec.c
  New methods EC::Point.[eql,make_affine!,invert!,on_curve?,infinity?]
  By default output the same key form as the openssl command.

* ext/openssl/ossl_rand.c
  New method Random.status?

* test/openssl/test_ec.rb
  New tests.



git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@12572 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
import OpenSSL from trunk 2007-06-08T15:02:04+00:00 technorama technorama@b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2007-06-08T15:02:04+00:00 18342ff8e00ebe27584786276a68d99767a2c38d git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@12496 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@12496 b2dd03c8-39d4-4d8f-98ff-823fe69b080e