ruby.git/test/openssl/test_pkey_ec.rb, branch v3_2_11 The Ruby Programming Language [ruby/openssl] pkey/ec: check private key validity with OpenSSL 3 2022-12-23T00:39:15+00:00 Joe Truba joe@bannable.net 2022-11-20T00:54:32+00:00 0e11d2c3f8a74d2310efa67179b50c12acb3fa42 The behavior of EVP_PKEY_public_check changed between OpenSSL 1.1.1 and 3.0 so that it no longer validates the private key. Instead, private keys can be validated through EVP_PKEY_private_check and EVP_PKEY_pairwise_check. [ky: simplified condition to use either EVP_PKEY_check() or EVP_PKEY_public_check().] https://github.com/ruby/openssl/commit/e38a63ab3d 
The behavior of EVP_PKEY_public_check changed between OpenSSL 1.1.1
and 3.0 so that it no longer validates the private key. Instead, private
keys can be validated through EVP_PKEY_private_check and
EVP_PKEY_pairwise_check.

[ky: simplified condition to use either EVP_PKEY_check() or
EVP_PKEY_public_check().]

https://github.com/ruby/openssl/commit/e38a63ab3d
[ruby/openssl] Use SHA256 instead of SHA1 where needed in tests. 2022-12-13T09:07:41+00:00 Jarek Prokop jprokop@redhat.com 2022-10-18T07:52:13+00:00 ce025a5cb4a7aea62629fcf8685e931671a0672d Systems such as RHEL 9 are moving away from SHA1 disabling it completely in default configuration. https://github.com/ruby/openssl/commit/32648da2f6 
Systems such as RHEL 9 are moving away from SHA1
disabling it completely in default configuration.

https://github.com/ruby/openssl/commit/32648da2f6
[ruby/openssl] pkey/ec: check existence of public key component before exporting 2022-10-17T07:35:35+00:00 Kazuki Yamaguchi k@rhe.jp 2022-09-02T14:05:28+00:00 b69d41e1c433f9109b7c9237cde6ed8b4884cc06 i2d_PUBKEY_bio() against an EC_KEY without the public key component trggers a null dereference. This is a regression introduced by commit https://github.com/ruby/openssl/commit/56f0d34d63fb ("pkey: refactor #export/#to_pem and #to_der", 2017-06-14). Fixes https://github.com/ruby/openssl/pull/527#issuecomment-1220504524 Fixes https://github.com/ruby/openssl/issues/369#issuecomment-1221554057 https://github.com/ruby/openssl/commit/f6ee0fa4de 
i2d_PUBKEY_bio() against an EC_KEY without the public key component
trggers a null dereference.

This is a regression introduced by commit https://github.com/ruby/openssl/commit/56f0d34d63fb ("pkey:
refactor #export/#to_pem and #to_der", 2017-06-14).

Fixes https://github.com/ruby/openssl/pull/527#issuecomment-1220504524
Fixes https://github.com/ruby/openssl/issues/369#issuecomment-1221554057

https://github.com/ruby/openssl/commit/f6ee0fa4de
[ruby/openssl] pkey: restore support for decoding "openssl ecparam -genkey" output 2022-10-17T07:35:35+00:00 Kazuki Yamaguchi k@rhe.jp 2022-09-02T13:40:54+00:00 0677b2fb87fa4bdff64e650e5df0fd7bf684bd2e Scan through the input for a private key, then fallback to generic decoder. OpenSSL 3.0's OSSL_DECODER supports encoded key parameters. The PEM header "-----BEGIN EC PARAMETERS-----" is used by one of such encoding formats. While this is useful for OpenSSL::PKey::PKey, an edge case has been discovered. The openssl CLI command line "openssl ecparam -genkey" prints two PEM blocks in a row, one for EC parameters and another for the private key. Feeding the whole output into OSSL_DECODER results in only the first PEM block, the key parameters, being decoded. Previously, ruby/openssl did not support decoding key parameters and it would decode the private key PEM block instead. While the new behavior is technically correct, "openssl ecparam -genkey" is so widely used that ruby/openssl does not want to break existing applications. Fixes https://github.com/ruby/openssl/pull/535 https://github.com/ruby/openssl/commit/d486c82833 
Scan through the input for a private key, then fallback to generic
decoder.

OpenSSL 3.0's OSSL_DECODER supports encoded key parameters. The PEM
header "-----BEGIN EC PARAMETERS-----" is used by one of such encoding
formats. While this is useful for OpenSSL::PKey::PKey, an edge case has
been discovered.

The openssl CLI command line "openssl ecparam -genkey" prints two PEM
blocks in a row, one for EC parameters and another for the private key.
Feeding the whole output into OSSL_DECODER results in only the first PEM
block, the key parameters, being decoded. Previously, ruby/openssl did
not support decoding key parameters and it would decode the private key
PEM block instead.

While the new behavior is technically correct, "openssl ecparam -genkey"
is so widely used that ruby/openssl does not want to break existing
applications.

Fixes https://github.com/ruby/openssl/pull/535

https://github.com/ruby/openssl/commit/d486c82833
[ruby/openssl] pkey: deprecate PKey#set_* methods 2021-12-20T14:42:02+00:00 Kazuki Yamaguchi k@rhe.jp 2021-09-21T09:29:59+00:00 8ebf5978852e22358cbcdf74c0eb506f22e2c73f OpenSSL 3.0 made EVP_PKEY immutable. This means we can only have a const pointer of the low level struct and the following methods can no longer be provided when linked against OpenSSL 3.0: - OpenSSL::PKey::RSA#set_key - OpenSSL::PKey::RSA#set_factors - OpenSSL::PKey::RSA#set_crt_params - OpenSSL::PKey::DSA#set_pqg - OpenSSL::PKey::DSA#set_key - OpenSSL::PKey::DH#set_pqg - OpenSSL::PKey::DH#set_key - OpenSSL::PKey::EC#group= - OpenSSL::PKey::EC#private_key= - OpenSSL::PKey::EC#public_key= There is no direct replacement for this functionality at the moment. I plan to introduce a wrapper around EVP_PKEY_fromdata(), which takes all key components at once to construct an EVP_PKEY. https://github.com/ruby/openssl/commit/6848d2d969 
OpenSSL 3.0 made EVP_PKEY immutable. This means we can only have a const
pointer of the low level struct and the following methods can no longer
be provided when linked against OpenSSL 3.0:

 - OpenSSL::PKey::RSA#set_key
 - OpenSSL::PKey::RSA#set_factors
 - OpenSSL::PKey::RSA#set_crt_params
 - OpenSSL::PKey::DSA#set_pqg
 - OpenSSL::PKey::DSA#set_key
 - OpenSSL::PKey::DH#set_pqg
 - OpenSSL::PKey::DH#set_key
 - OpenSSL::PKey::EC#group=
 - OpenSSL::PKey::EC#private_key=
 - OpenSSL::PKey::EC#public_key=

There is no direct replacement for this functionality at the moment.
I plan to introduce a wrapper around EVP_PKEY_fromdata(), which takes
all key components at once to construct an EVP_PKEY.

https://github.com/ruby/openssl/commit/6848d2d969
[ruby/openssl] pkey/ec: deprecate OpenSSL::PKey::EC#generate_key! 2021-12-20T14:42:02+00:00 Kazuki Yamaguchi k@rhe.jp 2021-12-16T17:21:42+00:00 b93ae54258684d0c3d1501400af949c013f44fba OpenSSL::PKey::EC#generate_key! will not work on OpenSSL 3.0 because keys are made immutable. Users should use OpenSSL::PKey.generate_key instead. https://github.com/ruby/openssl/commit/5e2e66cce8 
OpenSSL::PKey::EC#generate_key! will not work on OpenSSL 3.0 because
keys are made immutable. Users should use OpenSSL::PKey.generate_key
instead.

https://github.com/ruby/openssl/commit/5e2e66cce8
[ruby/openssl] test/openssl/test_ssl: assume ECC support 2021-10-23T04:38:37+00:00 Kazuki Yamaguchi k@rhe.jp 2021-09-27T06:34:28+00:00 5a8e1c520ac71c76f6424f9ef5aef64a79527f78 Disabling ECC support of OpenSSL is impractical nowadays. We still try to have the C extension compile on no-ec builds (as well as no-dh or no-engine, etc.) as long as we can, but keeping test cases for such an extreme scenario is not worth the effort. https://github.com/ruby/openssl/commit/2cd01d4676 
Disabling ECC support of OpenSSL is impractical nowadays.

We still try to have the C extension compile on no-ec builds (as well
as no-dh or no-engine, etc.) as long as we can, but keeping test cases
for such an extreme scenario is not worth the effort.

https://github.com/ruby/openssl/commit/2cd01d4676
[ruby/openssl] test/openssl/utils: remove dup_public helper method 2021-10-23T04:38:36+00:00 Kazuki Yamaguchi k@rhe.jp 2021-05-31T02:44:05+00:00 37632a0ac635082e4ca9ca5b1c8da6b6770ff0ed It uses deprecated PKey::{RSA,DSA,DH}#set_* methods, which will not work with OpenSSL 3.0. The same can easily be achieved using PKey#public_to_der regardless of the key kind. https://github.com/ruby/openssl/commit/7b66eaa2db 
It uses deprecated PKey::{RSA,DSA,DH}#set_* methods, which will not
work with OpenSSL 3.0. The same can easily be achieved using
PKey#public_to_der regardless of the key kind.

https://github.com/ruby/openssl/commit/7b66eaa2db
[ruby/openssl] pkey: implement PKey#sign_raw, #verify_raw, and #verify_recover 2021-07-18T08:44:58+00:00 Kazuki Yamaguchi k@rhe.jp 2020-05-22T07:10:35+00:00 4ebff35971d499f4ddd13f48bff0444f77d63421 Add a variant of PKey#sign and #verify that do not hash the data automatically. Sometimes the caller has the hashed data only, but not the plaintext to be signed. In that case, users would have to use the low-level API such as RSA#private_encrypt or #public_decrypt directly. OpenSSL 1.0.0 and later supports EVP_PKEY_sign() and EVP_PKEY_verify() which provide the same functionality as part of the EVP API. This patch adds wrappers for them. https://github.com/ruby/openssl/commit/16cca4e0c4 
Add a variant of PKey#sign and #verify that do not hash the data
automatically.

Sometimes the caller has the hashed data only, but not the plaintext
to be signed. In that case, users would have to use the low-level API
such as RSA#private_encrypt or #public_decrypt directly.

OpenSSL 1.0.0 and later supports EVP_PKEY_sign() and EVP_PKEY_verify()
which provide the same functionality as part of the EVP API. This patch
adds wrappers for them.

https://github.com/ruby/openssl/commit/16cca4e0c4
[ruby/openssl] pkey/ec: deprecate OpenSSL::PKey::EC::Point#mul(ary, ary [, bn]) 2021-03-16T10:16:11+00:00 Kazuki Yamaguchi k@rhe.jp 2020-05-18T06:43:18+00:00 fde9f806cb4fa9145e6eb73406ea4b932ddb8eb7 Deprecate it for future removal. However, I do not expect any application is affected by this. The other form of calling it, PKey::EC::Point#mul(bn [, bn]) remains untouched. PKey::EC::Point#mul calls EC_POINTs_mul(3) when multiple BNs are given as an array. LibreSSL 2.8.0 released on 2018-08 removed the feature and OpenSSL 3.0 which is planned to be released in 2020 will also deprecate the function as there is no real use-case. https://github.com/ruby/openssl/commit/812de4253d 
Deprecate it for future removal. However, I do not expect any
application is affected by this.

The other form of calling it, PKey::EC::Point#mul(bn [, bn]) remains
untouched.

PKey::EC::Point#mul calls EC_POINTs_mul(3) when multiple BNs
are given as an array. LibreSSL 2.8.0 released on 2018-08 removed the
feature and OpenSSL 3.0 which is planned to be released in 2020 will
also deprecate the function as there is no real use-case.

https://github.com/ruby/openssl/commit/812de4253d