ruby.git/test/openssl/test_pkey_rsa.rb, branch v4.0.4 The Ruby Programming Language [ruby/openssl] pkey: unify error classes into PKeyError 2025-11-06T13:33:15+00:00 Kazuki Yamaguchi k@rhe.jp 2024-12-02T14:23:20+00:00 16b1aa4e4ab1b81914c58eae8b2f31c963b4bd4c Remove the following subclasses of OpenSSL::PKey::PKeyError and make them aliases of it. - OpenSSL::PKey::DHError - OpenSSL::PKey::DSAError - OpenSSL::PKey::ECError - OpenSSL::PKey::RSAError Historically, methods defined on OpenSSL::PKey and OpenSSL::PKey::PKey raise OpenSSL::PKey::PKeyError, while methods on the subclasses raise their respective exception classes. However, this distinction is not particularly useful since all those exception classes represent the same kind of errors from the underlying EVP_PKEY API. I think this convention comes from the fact that OpenSSL::PKey::{DH, DSA,RSA} originally wrapped the corresponding OpenSSL structs DH, DSA, and RSA, before they were unified to wrap EVP_PKEY, way back in 2002. OpenSSL::PKey::EC::Group::Error and OpenSSL::PKey::EC::Point::Error are out of scope of this change, as they are not subclasses of OpenSSL::PKey::PKeyError and do not represent errors from the EVP_PKEY API. https://github.com/ruby/openssl/commit/e74ff3e272 
Remove the following subclasses of OpenSSL::PKey::PKeyError and make
them aliases of it.

 - OpenSSL::PKey::DHError
 - OpenSSL::PKey::DSAError
 - OpenSSL::PKey::ECError
 - OpenSSL::PKey::RSAError

Historically, methods defined on OpenSSL::PKey and OpenSSL::PKey::PKey
raise OpenSSL::PKey::PKeyError, while methods on the subclasses raise
their respective exception classes. However, this distinction is not
particularly useful since all those exception classes represent the
same kind of errors from the underlying EVP_PKEY API.

I think this convention comes from the fact that OpenSSL::PKey::{DH,
DSA,RSA} originally wrapped the corresponding OpenSSL structs DH, DSA,
and RSA, before they were unified to wrap EVP_PKEY, way back in 2002.

OpenSSL::PKey::EC::Group::Error and OpenSSL::PKey::EC::Point::Error
are out of scope of this change, as they are not subclasses of
OpenSSL::PKey::PKeyError and do not represent errors from the EVP_PKEY
API.

https://github.com/ruby/openssl/commit/e74ff3e272
[ruby/openssl] pkey: update keys used in tests 2025-10-27T06:54:45+00:00 Kazuki Yamaguchi k@rhe.jp 2025-07-25T11:12:37+00:00 a9ba78e4c29d3821d7e86e89993e30202892d851 Use generic keys whenever possible. https://github.com/ruby/openssl/commit/90d6af60b9 
Use generic keys whenever possible.

https://github.com/ruby/openssl/commit/90d6af60b9
[ruby/openssl] pkey: disallow {DH,DSA,EC,RSA}.new without arguments with OpenSSL 3.0 2025-09-30T11:59:28+00:00 Kazuki Yamaguchi k@rhe.jp 2025-01-29T17:26:41+00:00 ad35a4be82f9356045036875759874bfac6c483b Raise ArgumentError if this is attempted when the extension is compiled with OpenSSL 3.0 or later. The form will be fully removed when we drop support for OpenSSL 1.1.1. When OpenSSL::PKey::{DH,DSA,EC,RSA}.new is called without any arguments, it sets up an empty corresponding low-level struct and wraps it in an EVP_PKEY. This is useful when the user later fills the missing fields using low-level setter methods such as OpenSSL::PKey::RSA#set_key. Such setter methods are not compatible with OpenSSL 3.0 or later, where EVP_PKEY is immutable once created. This means that the ability to create an empty instance is useless. https://github.com/ruby/openssl/commit/affd569f78 
Raise ArgumentError if this is attempted when the extension is compiled
with OpenSSL 3.0 or later. The form will be fully removed when we drop
support for OpenSSL 1.1.1.

When OpenSSL::PKey::{DH,DSA,EC,RSA}.new is called without any arguments,
it sets up an empty corresponding low-level struct and wraps it in an
EVP_PKEY. This is useful when the user later fills the missing fields
using low-level setter methods such as OpenSSL::PKey::RSA#set_key.

Such setter methods are not compatible with OpenSSL 3.0 or later, where
EVP_PKEY is immutable once created. This means that the ability to
create an empty instance is useless.

https://github.com/ruby/openssl/commit/affd569f78
[ruby/openssl] Fix the tests using SHA-1 Probabilistic Signature Scheme (PSS) parameters. 2025-04-08T17:46:42+00:00 Jun Aruga jaruga@redhat.com 2025-04-08T13:03:06+00:00 d5f94941d87743d6563fa1a038665917dea70201 Fedora OpenSSL 3.5 on rawhide stopped accepting SHA-1 PSS[1] parameters. This is different from the SHA-1 signatures which Fedora OpenSSL stopped accepting since Fedora 41.[2] This commit fixes the following test failures related to the SHA-1 PSS parameters with Fedora OpenSSL 3.5. Note these failures are the downstream Fedora OpenSSL RPM specific. The tests pass without this commit with the upstream OpenSSL 3.5. ``` $ rpm -q openssl-libs openssl-devel openssl-libs-3.5.0-2.fc43.x86_64 openssl-devel-3.5.0-2.fc43.x86_64 $ bundle exec rake test ... E =============================================================================================== Error: test_sign_verify_options(OpenSSL::TestPKeyRSA): OpenSSL::PKey::PKeyError: EVP_PKEY_CTX_ctrl_str(ctx, "rsa_mgf1_md", "SHA1"): digest not allowed (digest=SHA1) /mnt/git/ruby/openssl/test/openssl/test_pkey_rsa.rb:113:in 'Hash#each' /mnt/git/ruby/openssl/test/openssl/test_pkey_rsa.rb:113:in 'OpenSSL::PKey::PKey#sign' /mnt/git/ruby/openssl/test/openssl/test_pkey_rsa.rb:113:in 'OpenSSL::TestPKeyRSA#test_sign_verify_options' 110: "rsa_pss_saltlen" => 20, 111: "rsa_mgf1_md" => "SHA1" 112: } => 113: sig_pss = key.sign("SHA256", data, pssopts) 114: assert_equal 256, sig_pss.bytesize 115: assert_equal true, key.verify("SHA256", sig_pss, data, pssopts) 116: assert_equal true, key.verify_pss("SHA256", sig_pss, data, =============================================================================================== E =============================================================================================== Error: test_sign_verify_pss(OpenSSL::TestPKeyRSA): OpenSSL::PKey::RSAError: digest not allowed (digest=SHA1) /mnt/git/ruby/openssl/test/openssl/test_pkey_rsa.rb:191:in 'OpenSSL::PKey::RSA#sign_pss' /mnt/git/ruby/openssl/test/openssl/test_pkey_rsa.rb:191:in 'OpenSSL::TestPKeyRSA#test_sign_verify_pss' 188: data = "Sign me!" 189: invalid_data = "Sign me?" 190: => 191: signature = key.sign_pss("SHA256", data, salt_length: 20, mgf1_hash: "SHA1") 192: assert_equal 256, signature.bytesize 193: assert_equal true, 194: key.verify_pss("SHA256", signature, data, salt_length: 20, mgf1_hash: "SHA1") =============================================================================================== ... 577 tests, 4186 assertions, 0 failures, 2 errors, 0 pendings, 3 omissions, 0 notifications ``` [1] https://en.wikipedia.org/wiki/Probabilistic_signature_scheme [2] https://fedoraproject.org/wiki/Changes/OpenSSLDistrustSHA1SigVer https://github.com/ruby/openssl/commit/e0e771b76f 
Fedora OpenSSL 3.5 on rawhide stopped accepting SHA-1 PSS[1] parameters.
This is different from the SHA-1 signatures which Fedora OpenSSL stopped
accepting since Fedora 41.[2]

This commit fixes the following test failures related to the SHA-1 PSS
parameters with Fedora OpenSSL 3.5.
Note these failures are the downstream Fedora OpenSSL RPM specific. The tests
pass without this commit with the upstream OpenSSL 3.5.

```
$ rpm -q openssl-libs openssl-devel
openssl-libs-3.5.0-2.fc43.x86_64
openssl-devel-3.5.0-2.fc43.x86_64

$ bundle exec rake test
...
E
===============================================================================================
Error: test_sign_verify_options(OpenSSL::TestPKeyRSA): OpenSSL::PKey::PKeyError: EVP_PKEY_CTX_ctrl_str(ctx, "rsa_mgf1_md", "SHA1"): digest not allowed (digest=SHA1)
/mnt/git/ruby/openssl/test/openssl/test_pkey_rsa.rb:113:in 'Hash#each'
/mnt/git/ruby/openssl/test/openssl/test_pkey_rsa.rb:113:in 'OpenSSL::PKey::PKey#sign'
/mnt/git/ruby/openssl/test/openssl/test_pkey_rsa.rb:113:in 'OpenSSL::TestPKeyRSA#test_sign_verify_options'
     110:       "rsa_pss_saltlen" => 20,
     111:       "rsa_mgf1_md" => "SHA1"
     112:     }
  => 113:     sig_pss = key.sign("SHA256", data, pssopts)
     114:     assert_equal 256, sig_pss.bytesize
     115:     assert_equal true, key.verify("SHA256", sig_pss, data, pssopts)
     116:     assert_equal true, key.verify_pss("SHA256", sig_pss, data,
===============================================================================================
E
===============================================================================================
Error: test_sign_verify_pss(OpenSSL::TestPKeyRSA): OpenSSL::PKey::RSAError: digest not allowed (digest=SHA1)
/mnt/git/ruby/openssl/test/openssl/test_pkey_rsa.rb:191:in 'OpenSSL::PKey::RSA#sign_pss'
/mnt/git/ruby/openssl/test/openssl/test_pkey_rsa.rb:191:in 'OpenSSL::TestPKeyRSA#test_sign_verify_pss'
     188:     data = "Sign me!"
     189:     invalid_data = "Sign me?"
     190:
  => 191:     signature = key.sign_pss("SHA256", data, salt_length: 20, mgf1_hash: "SHA1")
     192:     assert_equal 256, signature.bytesize
     193:     assert_equal true,
     194:       key.verify_pss("SHA256", signature, data, salt_length: 20, mgf1_hash: "SHA1")
===============================================================================================
...
577 tests, 4186 assertions, 0 failures, 2 errors, 0 pendings, 3 omissions, 0 notifications
```

[1] https://en.wikipedia.org/wiki/Probabilistic_signature_scheme
[2] https://fedoraproject.org/wiki/Changes/OpenSSLDistrustSHA1SigVer

https://github.com/ruby/openssl/commit/e0e771b76f
[ruby/openssl] pkey: change PKey::{RSA,DSA,DH}#params to use nil for missing parameters 2025-01-22T16:45:52+00:00 Kazuki Yamaguchi k@rhe.jp 2024-06-14T05:45:56+00:00 87316d58faa2d57e9f1c1df2f76584a129a60bcc The returned Hash from these methods contain 0 in place of a missing parameter in the key, for example: pkey = OpenSSL::PKey.read(OpenSSL::PKey::RSA.new(2048).public_to_pem) pp pkey.params #=> # {"n"=>#<OpenSSL::BN https://github.com/ruby/openssl/commit/286934673421[...snip]>, # "e"=>#<OpenSSL::BN 65537>, # "d"=>#<OpenSSL::BN 0>, # "p"=>#<OpenSSL::BN 0>, # "q"=>#<OpenSSL::BN 0>, # "dmp1"=>#<OpenSSL::BN 0>, # "dmq1"=>#<OpenSSL::BN 0>, # "iqmp"=>#<OpenSSL::BN 0>} Let's use nil instead, which is more appropriate for indicating a missing value. https://github.com/ruby/openssl/commit/f247ec3dec 
The returned Hash from these methods contain 0 in place of a missing
parameter in the key, for example:

	pkey = OpenSSL::PKey.read(OpenSSL::PKey::RSA.new(2048).public_to_pem)
	pp pkey.params
	#=>
	# {"n"=>#<OpenSSL::BN https://github.com/ruby/openssl/commit/286934673421[...snip]>,
	#  "e"=>#<OpenSSL::BN 65537>,
	#  "d"=>#<OpenSSL::BN 0>,
	#  "p"=>#<OpenSSL::BN 0>,
	#  "q"=>#<OpenSSL::BN 0>,
	#  "dmp1"=>#<OpenSSL::BN 0>,
	#  "dmq1"=>#<OpenSSL::BN 0>,
	#  "iqmp"=>#<OpenSSL::BN 0>}

Let's use nil instead, which is more appropriate for indicating a
missing value.

https://github.com/ruby/openssl/commit/f247ec3dec
[ruby/openssl] pkey: add tests for PKey::{RSA,DSA,DH}#params 2025-01-22T16:45:51+00:00 Kazuki Yamaguchi k@rhe.jp 2024-06-14T05:50:21+00:00 47fe59cd8299a04dfa7af41131d0563c0e6f5b98 Add missing test cases to verify the current behavior. The next patch will rewrite those methods. https://github.com/ruby/openssl/commit/c0e0669f9b 
Add missing test cases to verify the current behavior. The next patch
will rewrite those methods.

https://github.com/ruby/openssl/commit/c0e0669f9b
[ruby/openssl] pkey: Use openssl generated pkcs8 key instead 2025-01-06T14:04:58+00:00 samuel40791765 sachiang@amazon.com 2024-12-21T00:29:33+00:00 5412501e3611b2a344bf2d71f385bc4f8f0e02ca https://github.com/ruby/openssl/commit/6a6fac9958 
https://github.com/ruby/openssl/commit/6a6fac9958
[ruby/openssl] Fix test_pkey_rsa.rb in FIPS. 2024-09-05T08:41:30+00:00 Jun Aruga jaruga@redhat.com 2024-07-26T14:57:39+00:00 2e5680d304a9cf9a6a2ba582091af6719e839351 * test_sign_verify I created the signature text (`signature_encoded.txt`), that is used as a text to create the `signature0` in the `test_sign_verify` by the following steps with the `openssl` CLI on FIPS module. ``` $ OPENSSL_DIR="${HOME}/.local/openssl-3.4.0-dev-fips-debug-3c6e114959" $ export OPENSSL_CONF="${OPENSSL_DIR}/ssl/openssl_fips.cnf" $ echo -n "Sign me!" > data.txt $ "${OPENSSL_DIR}/bin/openssl" dgst -sha256 -sign test/openssl/fixtures/pkey/rsa2048.pem data.txt > signature.txt $ cat signature.txt | base64 > signature_encoded.txt ``` https://github.com/ruby/openssl/commit/091f3eb421 
* test_sign_verify
  I created the signature text (`signature_encoded.txt`), that is used as a
  text to create the `signature0` in the `test_sign_verify` by the following
  steps with the `openssl` CLI on FIPS module.
  ```
  $ OPENSSL_DIR="${HOME}/.local/openssl-3.4.0-dev-fips-debug-3c6e114959"
  $ export OPENSSL_CONF="${OPENSSL_DIR}/ssl/openssl_fips.cnf"

  $ echo -n "Sign me!" > data.txt
  $ "${OPENSSL_DIR}/bin/openssl" dgst -sha256 -sign test/openssl/fixtures/pkey/rsa2048.pem data.txt > signature.txt
  $ cat signature.txt | base64 > signature_encoded.txt
  ```

https://github.com/ruby/openssl/commit/091f3eb421
[ruby/openssl] Prefer String#unpack1 2023-09-06T10:24:53+00:00 Mau Magnaguagno maumagnaguagno@gmail.com 2023-08-31T06:38:45+00:00 60a6de81a823cdb932d21fa5869c93853d3f2795 (https://github.com/ruby/openssl/pull/586) String#unpack1 avoids the intermediate array created by String#unpack for single elements, while also making a call to Array#first/[0] unnecessary. https://github.com/ruby/openssl/commit/8eb0715a42 
(https://github.com/ruby/openssl/pull/586)

String#unpack1 avoids the intermediate array created by String#unpack
for single elements, while also making a call to Array#first/[0]
unnecessary.

https://github.com/ruby/openssl/commit/8eb0715a42
[ruby/openssl] Use SHA256 instead of SHA1 where needed in tests. 2022-12-13T09:07:41+00:00 Jarek Prokop jprokop@redhat.com 2022-10-18T07:52:13+00:00 ce025a5cb4a7aea62629fcf8685e931671a0672d Systems such as RHEL 9 are moving away from SHA1 disabling it completely in default configuration. https://github.com/ruby/openssl/commit/32648da2f6 
Systems such as RHEL 9 are moving away from SHA1
disabling it completely in default configuration.

https://github.com/ruby/openssl/commit/32648da2f6