ruby.git/test/openssl/test_pkey_ec.rb, branch v4.0.2 The Ruby Programming Language [ruby/openssl] pkey/ec: fix OpenSSL::PKey::EC::Group#curve_name for unknown curves 2025-11-22T14:25:15+00:00 Kazuki Yamaguchi k@rhe.jp 2025-11-22T13:11:31+00:00 f9efa0cc0468692739770e754c12edf46cdf7c8e EC_GROUP_get_curve_name() returns NID_undef when OpenSSL does not recognize the curve and there is no associated OID. Handle this case explicitly and return nil instead of the string "UNDEF", which should not be exposed outside the extension. https://github.com/ruby/openssl/commit/2c16821c07 
EC_GROUP_get_curve_name() returns NID_undef when OpenSSL does not
recognize the curve and there is no associated OID.

Handle this case explicitly and return nil instead of the string
"UNDEF", which should not be exposed outside the extension.

https://github.com/ruby/openssl/commit/2c16821c07
[ruby/openssl] pkey: unify error classes into PKeyError 2025-11-06T13:33:15+00:00 Kazuki Yamaguchi k@rhe.jp 2024-12-02T14:23:20+00:00 16b1aa4e4ab1b81914c58eae8b2f31c963b4bd4c Remove the following subclasses of OpenSSL::PKey::PKeyError and make them aliases of it. - OpenSSL::PKey::DHError - OpenSSL::PKey::DSAError - OpenSSL::PKey::ECError - OpenSSL::PKey::RSAError Historically, methods defined on OpenSSL::PKey and OpenSSL::PKey::PKey raise OpenSSL::PKey::PKeyError, while methods on the subclasses raise their respective exception classes. However, this distinction is not particularly useful since all those exception classes represent the same kind of errors from the underlying EVP_PKEY API. I think this convention comes from the fact that OpenSSL::PKey::{DH, DSA,RSA} originally wrapped the corresponding OpenSSL structs DH, DSA, and RSA, before they were unified to wrap EVP_PKEY, way back in 2002. OpenSSL::PKey::EC::Group::Error and OpenSSL::PKey::EC::Point::Error are out of scope of this change, as they are not subclasses of OpenSSL::PKey::PKeyError and do not represent errors from the EVP_PKEY API. https://github.com/ruby/openssl/commit/e74ff3e272 
Remove the following subclasses of OpenSSL::PKey::PKeyError and make
them aliases of it.

 - OpenSSL::PKey::DHError
 - OpenSSL::PKey::DSAError
 - OpenSSL::PKey::ECError
 - OpenSSL::PKey::RSAError

Historically, methods defined on OpenSSL::PKey and OpenSSL::PKey::PKey
raise OpenSSL::PKey::PKeyError, while methods on the subclasses raise
their respective exception classes. However, this distinction is not
particularly useful since all those exception classes represent the
same kind of errors from the underlying EVP_PKEY API.

I think this convention comes from the fact that OpenSSL::PKey::{DH,
DSA,RSA} originally wrapped the corresponding OpenSSL structs DH, DSA,
and RSA, before they were unified to wrap EVP_PKEY, way back in 2002.

OpenSSL::PKey::EC::Group::Error and OpenSSL::PKey::EC::Point::Error
are out of scope of this change, as they are not subclasses of
OpenSSL::PKey::PKeyError and do not represent errors from the EVP_PKEY
API.

https://github.com/ruby/openssl/commit/e74ff3e272
[ruby/openssl] pkey: disallow {DH,DSA,EC,RSA}.new without arguments with OpenSSL 3.0 2025-09-30T11:59:28+00:00 Kazuki Yamaguchi k@rhe.jp 2025-01-29T17:26:41+00:00 ad35a4be82f9356045036875759874bfac6c483b Raise ArgumentError if this is attempted when the extension is compiled with OpenSSL 3.0 or later. The form will be fully removed when we drop support for OpenSSL 1.1.1. When OpenSSL::PKey::{DH,DSA,EC,RSA}.new is called without any arguments, it sets up an empty corresponding low-level struct and wraps it in an EVP_PKEY. This is useful when the user later fills the missing fields using low-level setter methods such as OpenSSL::PKey::RSA#set_key. Such setter methods are not compatible with OpenSSL 3.0 or later, where EVP_PKEY is immutable once created. This means that the ability to create an empty instance is useless. https://github.com/ruby/openssl/commit/affd569f78 
Raise ArgumentError if this is attempted when the extension is compiled
with OpenSSL 3.0 or later. The form will be fully removed when we drop
support for OpenSSL 1.1.1.

When OpenSSL::PKey::{DH,DSA,EC,RSA}.new is called without any arguments,
it sets up an empty corresponding low-level struct and wraps it in an
EVP_PKEY. This is useful when the user later fills the missing fields
using low-level setter methods such as OpenSSL::PKey::RSA#set_key.

Such setter methods are not compatible with OpenSSL 3.0 or later, where
EVP_PKEY is immutable once created. This means that the ability to
create an empty instance is useless.

https://github.com/ruby/openssl/commit/affd569f78
[ruby/openssl] pkey: skip tests using invalid keys in the FIPS mode 2025-08-12T18:08:37+00:00 Kazuki Yamaguchi k@rhe.jp 2025-08-12T17:36:02+00:00 507b1e4bde074bdda3083df6b4c2190a385f84bf In OpenSSL's master branch, importing/loading a key in the FIPS mode automatically performs a pair-wise consistency check. This breaks tests for OpenSSL::PKey::EC#check_key and DH#params_ok? as they use deliberately invalid keys. These methods would not be useful in the FIPS mode anyway. Fixes https://github.com/ruby/openssl/issues/926 https://github.com/ruby/openssl/commit/25ad8f4bdb 
In OpenSSL's master branch, importing/loading a key in the FIPS mode
automatically performs a pair-wise consistency check. This breaks tests
for OpenSSL::PKey::EC#check_key and DH#params_ok? as they use
deliberately invalid keys. These methods would not be useful in the
FIPS mode anyway.

Fixes https://github.com/ruby/openssl/issues/926

https://github.com/ruby/openssl/commit/25ad8f4bdb
[ruby/openssl] pkey/ec: AWS-LC disallows serialization of explicit curves 2025-02-22T15:11:40+00:00 Samuel Chiang sachiang@amazon.com 2025-02-12T02:00:46+00:00 4ec0e9e25d32f54f0778b3b78acbc1e002bde825 https://github.com/ruby/openssl/commit/65c5a772ea 
https://github.com/ruby/openssl/commit/65c5a772ea
[ruby/openssl] pkey: EVP_DigestVerify doesn't return -1 in AWS-LC 2025-02-22T15:11:39+00:00 Samuel Chiang sachiang@amazon.com 2025-02-12T01:52:40+00:00 841d9f259dbe70fa35b4634b5c90d2c33e51c3f9 EVP_DigestVerify in OpenSSL returns 0 to indicate a signature verification failure and can return -1 to indicate other failures, such as invalid ASN1 contents. ruby/openssl also reflects that by returning false with 0 and raising an error with -1. EVP_DigestVerify in AWS-LC simply returns 0 for any failure. https://github.com/ruby/openssl/commit/be8ba76dc1 
EVP_DigestVerify in OpenSSL returns 0 to indicate a signature
verification failure and can return -1  to indicate other
failures, such as invalid ASN1 contents. ruby/openssl also
reflects that by returning false with 0 and raising an error
with -1.
EVP_DigestVerify in AWS-LC simply returns 0 for any failure.

https://github.com/ruby/openssl/commit/be8ba76dc1
[ruby/openssl] pkey: AWS-LC disallows parsing of invalid keys and params 2025-02-22T15:11:38+00:00 Samuel Chiang sachiang@amazon.com 2025-02-12T01:45:15+00:00 f63a123606286eadd812313a4ea42af8ea8c686f OpenSSL allows invalid EC keys or DH params to be parsed. The consuming application can then run parameter/key checks to check the validity of the parameters. We happen to run tests to verify that this behaves as expected. AWS-LC on the other hand, directly raises an error and disallows the invalid state to be parsed, rather than making it parsable and checking the validity later. Relevant tests have been adjusted accordingly to reflect this. https://github.com/ruby/openssl/commit/febe50be1b 
OpenSSL allows invalid EC keys or DH params to be parsed. The consuming
application can then run parameter/key checks to check the validity of
the parameters. We happen to run tests to verify that this behaves as
expected.
AWS-LC on the other hand, directly raises an error and disallows the
invalid state to be parsed, rather than making it parsable and checking
the validity later. Relevant tests have been adjusted accordingly to
reflect this.

https://github.com/ruby/openssl/commit/febe50be1b
[ruby/openssl] pkey/ec: remove deprecated PKey::EC::Point#mul(ary, ary [, bn]) form 2025-02-03T09:47:48+00:00 Kazuki Yamaguchi k@rhe.jp 2025-01-22T16:49:05+00:00 f84d75eeccc38d298692c564d30f4e018d03f35d The method has two forms, each corresponding to EC_POINT_mul() and EC_POINTs_mul(). The latter form does not work with any OpenSSL or LibreSSL versions that are still supported by upstream. The latter form has an extremely confusing behavior, too, and using it would print a deprecation warning since commit https://github.com/ruby/openssl/commit/812de4253d25 in 2020, which went to 3.0.0. Let's remove it. https://github.com/ruby/openssl/commit/7343d3c559 
The method has two forms, each corresponding to EC_POINT_mul() and
EC_POINTs_mul(). The latter form does not work with any OpenSSL or
LibreSSL versions that are still supported by upstream.

The latter form has an extremely confusing behavior, too, and using it
would print a deprecation warning since commit https://github.com/ruby/openssl/commit/812de4253d25 in 2020,
which went to 3.0.0. Let's remove it.

https://github.com/ruby/openssl/commit/7343d3c559
[ruby/openssl] pkey/ec: use heredoc for invalid key example in test cases 2025-01-06T17:07:56+00:00 Kazuki Yamaguchi k@rhe.jp 2024-07-04T08:28:10+00:00 ff708f86fadd891869a96320f1de499dee1b1046 test/openssl/fixtures/pkey/p256_too_large.pem and p384_invalid.pem are invalid keys where the encoded public key doesn't match the private key. They are only useful for test cases for OpenSSL::PKey::EC#check_key and will not be reused elsewhere. Let's directly include the PEM encoding as a heredoc for clarity. p384_invalid.pem is dropped because it is redundant. https://github.com/ruby/openssl/commit/2f807ff30f 
test/openssl/fixtures/pkey/p256_too_large.pem and p384_invalid.pem are
invalid keys where the encoded public key doesn't match the private key.
They are only useful for test cases for OpenSSL::PKey::EC#check_key and
will not be reused elsewhere. Let's directly include the PEM encoding
as a heredoc for clarity.

p384_invalid.pem is dropped because it is redundant.

https://github.com/ruby/openssl/commit/2f807ff30f
[ruby/openssl] Fix test_pkey_ec.rb on FIPS. 2023-09-21T18:04:56+00:00 Jun Aruga jaruga@redhat.com 2023-09-19T17:19:27+00:00 7f407e0240ebd41d9fb1ea1bbd15442ed8744b34 https://github.com/ruby/openssl/commit/d07183f639 
https://github.com/ruby/openssl/commit/d07183f639