ruby.git/test/openssl/test_bn.rb, branch v4.0.2 The Ruby Programming Language Sync ruby/openssl 2025-06-06T02:11:38+00:00 Hiroshi SHIBATA hsbt@ruby-lang.org 2025-06-06T02:11:38+00:00 1dd8671c46c155920b141407ba442523758a7128 Pick https://github.com/ruby/openssl/pull/896 
Pick https://github.com/ruby/openssl/pull/896
[ruby/openssl] test_bn.rb: AWS-LC does not support BN::CONSTTIME 2025-02-22T15:11:37+00:00 Samuel Chiang sachiang@amazon.com 2025-02-12T01:13:38+00:00 ee5af8860f15485745a8e37c19f28704e94be7bd AWS-LC does not support BN_FLG_CONSTTIME due to its historically inconsistent constant-time guarantees. https://github.com/ruby/openssl/commit/9875a01b5f 
AWS-LC does not support BN_FLG_CONSTTIME due to its historically
inconsistent constant-time guarantees.

https://github.com/ruby/openssl/commit/9875a01b5f
[ruby/openssl] make bn shareable when frozen 2024-11-13T07:25:51+00:00 HoneyryderChuck cardoso_tiago@hotmail.com 2024-10-19T16:09:51+00:00 233576843721a551fa276ba5c3cf19b38fa4ead1 https://github.com/ruby/openssl/commit/d3c8e661e8 
https://github.com/ruby/openssl/commit/d3c8e661e8
[ruby/openssl] Fix modular square root test with LibreSSL >= 3.8 2023-06-18T16:57:09+00:00 Theo Buehler tb@openbsd.org 2023-04-11T17:43:49+00:00 bc0539a9b7538c5cb0c194cc0a700466cfa1b003 If x is a modular square root of a (mod p) then so is (p - x). Both answers are valid. In particular, both 2 and 3 are valid square roots of 4 (mod 5). Do not assume that a particular square root is chosen by the algorithm. Indeed, the algorithm in OpenSSL and LibreSSL <= 3.7 returns a non-deterministic answer in many cases. LibreSSL 3.8 and later will always return the smaller of the two possible answers. This breaks the current test case. Instead of checking for a particular square root, check that the square of the claimed square root is the given value. This is always true. Add the simplest test case where the answer is indeed non-deterministic. https://github.com/ruby/openssl/commit/93548ae959 
If x is a modular square root of a (mod p) then so is (p - x). Both
answers are valid. In particular, both 2 and 3 are valid square roots
of 4 (mod 5). Do not assume that a particular square root is chosen by
the algorithm. Indeed, the algorithm in OpenSSL and LibreSSL <= 3.7
returns a non-deterministic answer in many cases. LibreSSL 3.8 and
later will always return the smaller of the two possible answers. This
breaks the current test case.

Instead of checking for a particular square root, check that the square
of the claimed square root is the given value. This is always true. Add
the simplest test case where the answer is indeed non-deterministic.

https://github.com/ruby/openssl/commit/93548ae959
[ruby/openssl] add BN#mod_sqrt 2022-10-17T14:38:34+00:00 Ben Toews benjamin.toews@gmail.com 2022-10-17T13:31:40+00:00 149cb049f1d7f5fd2edf5ab467c33037ec993a47 https://github.com/ruby/openssl/commit/4619ab3e76 
https://github.com/ruby/openssl/commit/4619ab3e76
[ruby/openssl] Add tast cases to OpenSSL::BN using ractor 2021-12-24T18:31:59+00:00 Yusuke Nakamura yusuke1994525@gmail.com 2021-12-21T08:14:30+00:00 44bfe72892a5a07040d806c2aee89ee52955d86d OpenSSL::BN has been make ractor-safed in 9e7cf9e , but there was no test. And to use 'ractor' annotation, update test-unit to v3.4.6 or higher. https://github.com/ruby/openssl/commit/7541a66911 
OpenSSL::BN has been make ractor-safed in 9e7cf9e ,
but there was no test.
And to use 'ractor' annotation, update test-unit to v3.4.6 or higher.

https://github.com/ruby/openssl/commit/7541a66911
[ruby/openssl] bn: make BN.pseudo_rand{,_range} an alias of BN.rand{,_range} 2021-10-24T15:40:48+00:00 Kazuki Yamaguchi k@rhe.jp 2021-03-20T15:20:04+00:00 e19186707a78e6e739646dac1430dc3066cf9bad BN_pseudo_rand() and BN_pseudo_rand_range() are deprecated in OpenSSL 3.0. Since they are identical to their non-'pseudo' version anyway, let's make them alias. https://github.com/ruby/openssl/commit/2d34e85ddf 
BN_pseudo_rand() and BN_pseudo_rand_range() are deprecated in
OpenSSL 3.0. Since they are identical to their non-'pseudo' version
anyway, let's make them alias.

https://github.com/ruby/openssl/commit/2d34e85ddf
[ruby/openssl] Add OpenSSL::BN#set_flags and #get_flags 2021-07-18T08:45:02+00:00 Yusuke Endoh mame@ruby-lang.org 2021-02-16T09:21:51+00:00 3d37e5d11cdf02ed433493126e195e194d4000dc Also, OpenSSL::BN::CONSTTIME is added. OpenSSL itself had a feature that was vulnerable against a side-channel attack. The OpenSSL authors determined that it was not a security issue, and they have already fixed the issue by using BN_set_flags. https://github.com/openssl/openssl/pull/13888 If a Ruby OpenSSL user was faced with a similar issue, they couldn't prevent the issue because Ruby OpenSSL lacks a wrapper to BN_set_flags. For the case, this change introduces the wrapper. https://github.com/ruby/openssl/commit/1e565eba89 
Also, OpenSSL::BN::CONSTTIME is added.

OpenSSL itself had a feature that was vulnerable against a side-channel
attack. The OpenSSL authors determined that it was not a security issue,
and they have already fixed the issue by using BN_set_flags.

https://github.com/openssl/openssl/pull/13888

If a Ruby OpenSSL user was faced with a similar issue, they couldn't
prevent the issue because Ruby OpenSSL lacks a wrapper to BN_set_flags.
For the case, this change introduces the wrapper.

https://github.com/ruby/openssl/commit/1e565eba89
[ruby/openssl] BN.abs and BN uplus 2021-07-18T08:44:39+00:00 Rick Mark rick.mark@coinbase.com 2021-04-01T19:29:21+00:00 01fcb8f45b28d9b33e04c9b9873e47276faf5581 Adds standard math abs fuction and revises uplus to return a duplicated object due to BN mutability https://github.com/ruby/openssl/commit/0321b1e945 
Adds standard math abs fuction and revises uplus to return a duplicated object due to BN mutability

https://github.com/ruby/openssl/commit/0321b1e945
Defer to require prime for OpenSSL::TestBN 2021-05-27T05:42:11+00:00 Hiroshi SHIBATA hsbt@ruby-lang.org 2021-05-26T10:51:33+00:00 b8dcad8d32a5405cbbf29f6705c8975f1773170a