ruby.git/test/openssl/test_pkey_dsa.rb, branch v4.0.3 The Ruby Programming Language [ruby/openssl] pkey: unify error classes into PKeyError 2025-11-06T13:33:15+00:00 Kazuki Yamaguchi k@rhe.jp 2024-12-02T14:23:20+00:00 16b1aa4e4ab1b81914c58eae8b2f31c963b4bd4c Remove the following subclasses of OpenSSL::PKey::PKeyError and make them aliases of it. - OpenSSL::PKey::DHError - OpenSSL::PKey::DSAError - OpenSSL::PKey::ECError - OpenSSL::PKey::RSAError Historically, methods defined on OpenSSL::PKey and OpenSSL::PKey::PKey raise OpenSSL::PKey::PKeyError, while methods on the subclasses raise their respective exception classes. However, this distinction is not particularly useful since all those exception classes represent the same kind of errors from the underlying EVP_PKEY API. I think this convention comes from the fact that OpenSSL::PKey::{DH, DSA,RSA} originally wrapped the corresponding OpenSSL structs DH, DSA, and RSA, before they were unified to wrap EVP_PKEY, way back in 2002. OpenSSL::PKey::EC::Group::Error and OpenSSL::PKey::EC::Point::Error are out of scope of this change, as they are not subclasses of OpenSSL::PKey::PKeyError and do not represent errors from the EVP_PKEY API. https://github.com/ruby/openssl/commit/e74ff3e272 
Remove the following subclasses of OpenSSL::PKey::PKeyError and make
them aliases of it.

 - OpenSSL::PKey::DHError
 - OpenSSL::PKey::DSAError
 - OpenSSL::PKey::ECError
 - OpenSSL::PKey::RSAError

Historically, methods defined on OpenSSL::PKey and OpenSSL::PKey::PKey
raise OpenSSL::PKey::PKeyError, while methods on the subclasses raise
their respective exception classes. However, this distinction is not
particularly useful since all those exception classes represent the
same kind of errors from the underlying EVP_PKEY API.

I think this convention comes from the fact that OpenSSL::PKey::{DH,
DSA,RSA} originally wrapped the corresponding OpenSSL structs DH, DSA,
and RSA, before they were unified to wrap EVP_PKEY, way back in 2002.

OpenSSL::PKey::EC::Group::Error and OpenSSL::PKey::EC::Point::Error
are out of scope of this change, as they are not subclasses of
OpenSSL::PKey::PKeyError and do not represent errors from the EVP_PKEY
API.

https://github.com/ruby/openssl/commit/e74ff3e272
[ruby/openssl] pkey: update keys used in tests 2025-10-27T06:54:45+00:00 Kazuki Yamaguchi k@rhe.jp 2025-07-25T11:12:37+00:00 a9ba78e4c29d3821d7e86e89993e30202892d851 Use generic keys whenever possible. https://github.com/ruby/openssl/commit/90d6af60b9 
Use generic keys whenever possible.

https://github.com/ruby/openssl/commit/90d6af60b9
[ruby/openssl] pkey: disallow {DH,DSA,EC,RSA}.new without arguments with OpenSSL 3.0 2025-09-30T11:59:28+00:00 Kazuki Yamaguchi k@rhe.jp 2025-01-29T17:26:41+00:00 ad35a4be82f9356045036875759874bfac6c483b Raise ArgumentError if this is attempted when the extension is compiled with OpenSSL 3.0 or later. The form will be fully removed when we drop support for OpenSSL 1.1.1. When OpenSSL::PKey::{DH,DSA,EC,RSA}.new is called without any arguments, it sets up an empty corresponding low-level struct and wraps it in an EVP_PKEY. This is useful when the user later fills the missing fields using low-level setter methods such as OpenSSL::PKey::RSA#set_key. Such setter methods are not compatible with OpenSSL 3.0 or later, where EVP_PKEY is immutable once created. This means that the ability to create an empty instance is useless. https://github.com/ruby/openssl/commit/affd569f78 
Raise ArgumentError if this is attempted when the extension is compiled
with OpenSSL 3.0 or later. The form will be fully removed when we drop
support for OpenSSL 1.1.1.

When OpenSSL::PKey::{DH,DSA,EC,RSA}.new is called without any arguments,
it sets up an empty corresponding low-level struct and wraps it in an
EVP_PKEY. This is useful when the user later fills the missing fields
using low-level setter methods such as OpenSSL::PKey::RSA#set_key.

Such setter methods are not compatible with OpenSSL 3.0 or later, where
EVP_PKEY is immutable once created. This means that the ability to
create an empty instance is useless.

https://github.com/ruby/openssl/commit/affd569f78
[ruby/openssl] Move slow tests to OSSL_TEST_ALL=1 only 2025-07-21T14:31:24+00:00 Kazuki Yamaguchi k@rhe.jp 2025-07-10T12:46:36+00:00 090825f5fc9fb40cc7d27c72ec8343ddcea51cda Update GitHub Actions workflows to set OSSL_TEST_ALL=1. Exclude a few slow tests that are not critical for local development, unless OSSL_TEST_ALL=1 is set. The bindings code paths are still reached by other tests with smaller inputs, and failures in those would likely indicate an issue in OpenSSL rather than in the bindings. Newly excluded tests include generating large DSA keys and measuring CRYPTO_memcmp() timing. These tests currently take nearly half of the total runtime. https://github.com/ruby/openssl/commit/382eca2aec 
Update GitHub Actions workflows to set OSSL_TEST_ALL=1.

Exclude a few slow tests that are not critical for local development,
unless OSSL_TEST_ALL=1 is set. The bindings code paths are still reached
by other tests with smaller inputs, and failures in those would likely
indicate an issue in OpenSSL rather than in the bindings.

Newly excluded tests include generating large DSA keys and measuring
CRYPTO_memcmp() timing. These tests currently take nearly half of the
total runtime.

https://github.com/ruby/openssl/commit/382eca2aec
[ruby/openssl] pkey: EVP_DigestVerify doesn't return -1 in AWS-LC 2025-02-22T15:11:39+00:00 Samuel Chiang sachiang@amazon.com 2025-02-12T01:52:40+00:00 841d9f259dbe70fa35b4634b5c90d2c33e51c3f9 EVP_DigestVerify in OpenSSL returns 0 to indicate a signature verification failure and can return -1 to indicate other failures, such as invalid ASN1 contents. ruby/openssl also reflects that by returning false with 0 and raising an error with -1. EVP_DigestVerify in AWS-LC simply returns 0 for any failure. https://github.com/ruby/openssl/commit/be8ba76dc1 
EVP_DigestVerify in OpenSSL returns 0 to indicate a signature
verification failure and can return -1  to indicate other
failures, such as invalid ASN1 contents. ruby/openssl also
reflects that by returning false with 0 and raising an error
with -1.
EVP_DigestVerify in AWS-LC simply returns 0 for any failure.

https://github.com/ruby/openssl/commit/be8ba76dc1
[ruby/openssl] pkey: avoid calling i2d_PUBKEY family on an incomplete key 2025-01-29T17:14:41+00:00 Kazuki Yamaguchi k@rhe.jp 2025-01-29T14:08:40+00:00 1b731c1f439c73f98d49b476b859a6ec22c81da0 Call ossl_pkey_check_public_key() to ensure that EVP_PKEY_missing_parameters() passes. This check should be cheap. DSA#{to_der,to_pem,export,to_s} and PKey#{public_to_der,public_to_pem} cause a segfault if the receiver is an empty DSA instance with no parameters set. Fixes <https://github.com/ruby/openssl/issues/845>. https://github.com/ruby/openssl/commit/5aeed935e5 
Call ossl_pkey_check_public_key() to ensure that
EVP_PKEY_missing_parameters() passes. This check should be cheap.

DSA#{to_der,to_pem,export,to_s} and PKey#{public_to_der,public_to_pem}
cause a segfault if the receiver is an empty DSA instance with no
parameters set.

Fixes <https://github.com/ruby/openssl/issues/845>.

https://github.com/ruby/openssl/commit/5aeed935e5
[ruby/openssl] pkey: change PKey::{RSA,DSA,DH}#params to use nil for missing parameters 2025-01-22T16:45:52+00:00 Kazuki Yamaguchi k@rhe.jp 2024-06-14T05:45:56+00:00 87316d58faa2d57e9f1c1df2f76584a129a60bcc The returned Hash from these methods contain 0 in place of a missing parameter in the key, for example: pkey = OpenSSL::PKey.read(OpenSSL::PKey::RSA.new(2048).public_to_pem) pp pkey.params #=> # {"n"=>#<OpenSSL::BN https://github.com/ruby/openssl/commit/286934673421[...snip]>, # "e"=>#<OpenSSL::BN 65537>, # "d"=>#<OpenSSL::BN 0>, # "p"=>#<OpenSSL::BN 0>, # "q"=>#<OpenSSL::BN 0>, # "dmp1"=>#<OpenSSL::BN 0>, # "dmq1"=>#<OpenSSL::BN 0>, # "iqmp"=>#<OpenSSL::BN 0>} Let's use nil instead, which is more appropriate for indicating a missing value. https://github.com/ruby/openssl/commit/f247ec3dec 
The returned Hash from these methods contain 0 in place of a missing
parameter in the key, for example:

	pkey = OpenSSL::PKey.read(OpenSSL::PKey::RSA.new(2048).public_to_pem)
	pp pkey.params
	#=>
	# {"n"=>#<OpenSSL::BN https://github.com/ruby/openssl/commit/286934673421[...snip]>,
	#  "e"=>#<OpenSSL::BN 65537>,
	#  "d"=>#<OpenSSL::BN 0>,
	#  "p"=>#<OpenSSL::BN 0>,
	#  "q"=>#<OpenSSL::BN 0>,
	#  "dmp1"=>#<OpenSSL::BN 0>,
	#  "dmq1"=>#<OpenSSL::BN 0>,
	#  "iqmp"=>#<OpenSSL::BN 0>}

Let's use nil instead, which is more appropriate for indicating a
missing value.

https://github.com/ruby/openssl/commit/f247ec3dec
[ruby/openssl] pkey: add tests for PKey::{RSA,DSA,DH}#params 2025-01-22T16:45:51+00:00 Kazuki Yamaguchi k@rhe.jp 2024-06-14T05:50:21+00:00 47fe59cd8299a04dfa7af41131d0563c0e6f5b98 Add missing test cases to verify the current behavior. The next patch will rewrite those methods. https://github.com/ruby/openssl/commit/c0e0669f9b 
Add missing test cases to verify the current behavior. The next patch
will rewrite those methods.

https://github.com/ruby/openssl/commit/c0e0669f9b
[ruby/openssl] test/openssl/test_pkey_dsa.rb: skip all tests in FIPS mode 2024-08-06T06:38:03+00:00 Kazuki Yamaguchi k@rhe.jp 2024-07-30T16:05:32+00:00 65e3717db7bfd957660a5b3d9c5ac4fd22e8d858 OpenSSL running in the FIPS mode will stop supporting DSA key generation and signature generation due to a FIPS 140-3 requirement. Although it appears that FIPS 186-5 still allows signature verification in some cases, there would be little point in writing such a specific test case. DSA will still be tested if OpenSSL is not running in the FIPS mode. test_generate_on_non_fips is merged to test_generate again. https://github.com/ruby/openssl/commit/3651884fd2 
OpenSSL running in the FIPS mode will stop supporting DSA key
generation and signature generation due to a FIPS 140-3 requirement.
Although it appears that FIPS 186-5 still allows signature
verification in some cases, there would be little point in writing such
a specific test case.

DSA will still be tested if OpenSSL is not running in the FIPS mode.

test_generate_on_non_fips is merged to test_generate again.

https://github.com/ruby/openssl/commit/3651884fd2
[ruby/openssl] Fix test_pkey_dsa.rb in FIPS. 2024-03-27T03:16:11+00:00 Jun Aruga jaruga@redhat.com 2024-03-12T16:12:08+00:00 8896ac0289dcd7a6c9c4a7fd6ccd4cc2dae30507 Note that I created the `dsa2048.pem` and signature text (`signature_encoded.txt`), that is used as a text to create the `signature0` in the `test_sign_verify` by the following steps with the `openssl` CLI on FIPS module. ``` $ OPENSSL_DIR="${HOME}/.local/openssl-3.3.0-dev-fips-debug-1f03d33ef5" $ export OPENSSL_CONF="${OPENSSL_DIR}/ssl/openssl_fips.cnf" $ "${OPENSSL_DIR}/bin/openssl" dsaparam -out dsaparam2048.pem 2048 $ "${OPENSSL_DIR}/bin/openssl" gendsa -out dsa2048.pem dsaparam2048.pem $ echo -n "Sign me!" > data.txt $ "${OPENSSL_DIR}/bin/openssl" dgst -sha256 -sign dsa2048.pem data.txt > signature.txt $ cat signature.txt | base64 > signature_encoded.txt ``` Skip the `test_DSAPrivateKey_encrypted` on FIPS because AES-128-CBC, the password based encryption used in the PEM format uses MD5 for deriving the encryption key from the password, and MD5 is not FIPS-approved. See also the comment on the `test/openssl/utils.rb#omit_on_fips`. https://github.com/ruby/openssl/commit/4bdcb419a9 
Note that I created the `dsa2048.pem` and signature text
(`signature_encoded.txt`), that is used as a text to create the `signature0` in
the `test_sign_verify` by the following steps with the `openssl` CLI on FIPS
module.

```
$ OPENSSL_DIR="${HOME}/.local/openssl-3.3.0-dev-fips-debug-1f03d33ef5"
$ export OPENSSL_CONF="${OPENSSL_DIR}/ssl/openssl_fips.cnf"

$ "${OPENSSL_DIR}/bin/openssl" dsaparam -out dsaparam2048.pem 2048
$ "${OPENSSL_DIR}/bin/openssl" gendsa -out dsa2048.pem dsaparam2048.pem

$ echo -n "Sign me!" > data.txt
$ "${OPENSSL_DIR}/bin/openssl" dgst -sha256 -sign dsa2048.pem data.txt > signature.txt
$ cat signature.txt | base64 > signature_encoded.txt
```

Skip the `test_DSAPrivateKey_encrypted` on FIPS because AES-128-CBC, the
password based encryption used in the PEM format uses MD5 for deriving the
encryption key from the password, and MD5 is not FIPS-approved.
See also the comment on the `test/openssl/utils.rb#omit_on_fips`.

https://github.com/ruby/openssl/commit/4bdcb419a9