ruby.git/test/openssl/test_ssl.rb, branch v4.0.4 The Ruby Programming Language [ruby/openssl] ssl: fix test_pqc_sigalg on RHEL 9.7 2025-11-18T12:49:38+00:00 Kazuki Yamaguchi k@rhe.jp 2025-11-18T12:18:26+00:00 522b7d823fb00821eea8d0cf13f33a73e91c0ab7 RHEL 9.7 ships OpenSSL 3.5.1 with ML-DSA support, but it is disabled for TLS by default, according to the system configuration file: /etc/crypto-policies/back-ends/opensslcnf.config Specify SSLContext#sigalgs to override the default list. https://github.com/ruby/openssl/commit/fac3a26748 
RHEL 9.7 ships OpenSSL 3.5.1 with ML-DSA support, but it is disabled
for TLS by default, according to the system configuration file:
/etc/crypto-policies/back-ends/opensslcnf.config

Specify SSLContext#sigalgs to override the default list.

https://github.com/ruby/openssl/commit/fac3a26748
[ruby/openssl] Replace Ruby 3.5 with Ruby 4.0 2025-11-11T13:08:02+00:00 Yasuo Honda yasuo.honda@gmail.com 2025-11-11T12:49:36+00:00 ca2fffd3a7c6cf138fd60e73320cfc8a87c5ff35 This commit updates the Ruby version in the error message to follow the commit in Ruby master branch. https://github.com/ruby/ruby/commit/6d81969b475262aba251e99b518181bdf7c5a523 https://github.com/ruby/openssl/commit/5a50a4d793 
This commit updates the Ruby version in the error message to follow the commit in Ruby master branch.
https://github.com/ruby/ruby/commit/6d81969b475262aba251e99b518181bdf7c5a523

https://github.com/ruby/openssl/commit/5a50a4d793
[ruby/openssl] ssl: update keys used in tests 2025-10-27T06:54:46+00:00 Kazuki Yamaguchi k@rhe.jp 2025-07-25T12:25:43+00:00 d0ea9c0cea1f5c70042a890177c9c29ada1a5927 Use generic keys whenever possible. https://github.com/ruby/openssl/commit/73d6a25360 
Use generic keys whenever possible.

https://github.com/ruby/openssl/commit/73d6a25360
[ruby/openssl] ssl: allow SSLContext#set_params to be used from non-main Ractors 2025-10-08T14:27:16+00:00 Kazuki Yamaguchi k@rhe.jp 2025-08-01T15:48:38+00:00 a8b34d9a9beb5c8edb59acf045968795c12d87b8 Freeze OpenSSL::SSL::SSLContext::DEFAULT_PARAMS so that it becomes Ractor-shareable. Also, prepare a new OpenSSL::X509::Store in Ractor-local storage, if called from a non-main Ractor. OpenSSL::X509::Store currently is not a shareable object. https://github.com/ruby/openssl/commit/3d5271327c 
Freeze OpenSSL::SSL::SSLContext::DEFAULT_PARAMS so that it becomes
Ractor-shareable.

Also, prepare a new OpenSSL::X509::Store in Ractor-local storage, if
called from a non-main Ractor. OpenSSL::X509::Store currently is not a
shareable object.

https://github.com/ruby/openssl/commit/3d5271327c
[ruby/openssl] ssl: use SSL_CTX_set_dh_auto() by default 2025-10-08T13:59:39+00:00 Kazuki Yamaguchi k@rhe.jp 2025-04-20T11:26:00+00:00 ea79fe225cc28960595b53cf20e698ec5bbddb0e Rely on OpenSSL's builtin DH parameters for TLS 1.2 and earlier instead of providing a default SSLContext#tmp_dh_callback proc. SSL_CTX_set_dh_auto() has been available since OpenSSL 1.1.0. The parameters can still be overridden by specifying SSLContext#tmp_dh_callback or #tmp_dh, as confirmed by existing tests. SSLContext#tmp_dh_callback depends on a deprecated OpenSSL feature. We also prefer not to hard-code parameters, which is a maintenance burden. This change also improves Ractor compatibility by removing the unshareable proc. https://github.com/ruby/openssl/commit/9cfec9bf5e 
Rely on OpenSSL's builtin DH parameters for TLS 1.2 and earlier instead
of providing a default SSLContext#tmp_dh_callback proc.
SSL_CTX_set_dh_auto() has been available since OpenSSL 1.1.0.

The parameters can still be overridden by specifying
SSLContext#tmp_dh_callback or #tmp_dh, as confirmed by existing tests.

SSLContext#tmp_dh_callback depends on a deprecated OpenSSL feature. We
also prefer not to hard-code parameters, which is a maintenance burden.
This change also improves Ractor compatibility by removing the
unshareable proc.

https://github.com/ruby/openssl/commit/9cfec9bf5e
[ruby/openssl] Fix test_ssl.rb in FIPS. 2025-09-17T12:33:01+00:00 Jun Aruga jaruga@redhat.com 2025-08-29T15:57:12+00:00 73b08ff423fb1f1779d5e17f47b0fb5478021151 test_post_connect_check_with_anon_ciphers: test_tmp_dh_callback: test_tmp_dh: DH missing the q value on unknown named parameters (ciphers) is not FIPS-approved, according to the FIPS-186-4 APPENDIX B: Key Pair Generation - B.1.1 Key Pair Generation Using Extra Random Bits, the inputs p, q, and g are required. However, TLS doesn't send q. https://csrc.nist.gov/pubs/fips/186-4/final OpenSSL has a special workaround to recover the missing "q" value for known named parameters, which is the reason why other tests that use the default parameters in `lib/openssl/ssl.rb` are working. Note that the test_post_connect_check_with_anon_ciphers test got the following error on `OpenSSL.debug = true` in FIPS. ``` /home/jaruga/var/git/ruby/openssl/lib/openssl/ssl.rb:551: warning: error on stack: error:0A0C0103:SSL routines:tls_construct_server_key_exchange:internal error ``` test_get_ephemeral_key: kRSA (PKCS1-v1_5 padding) is not allowed in FIPS according to the NIST SP 800-131A Rev. 2 - 6 Key Agreement and Key Transport Using RSA - Table 5: Approval Status for the RSA-based Key Agreement and Key Transport Schemes - PKCS1-v1_5 padding - Disallowed after 2023 https://csrc.nist.gov/pubs/sp/800/131/a/r2/final Note that the test_get_ephemeral_key test got the following error on `OpenSSL.debug = true` in FIPS. ``` test/openssl/test_ssl.rb:2326: warning: error on stack: error:1C8000A8:Provider routines:rsa_encrypt:invalid padding mode ``` https://github.com/ruby/openssl/commit/ac3559e51e 
test_post_connect_check_with_anon_ciphers:
test_tmp_dh_callback:
test_tmp_dh:

DH missing the q value on unknown named parameters (ciphers) is not
FIPS-approved, according to the FIPS-186-4 APPENDIX B: Key Pair Generation -
B.1.1 Key Pair Generation Using Extra Random Bits, the inputs p, q, and g are
required. However, TLS doesn't send q.
https://csrc.nist.gov/pubs/fips/186-4/final

OpenSSL has a special workaround to recover the missing "q" value for known
named parameters, which is the reason why other tests that use the default
parameters in `lib/openssl/ssl.rb` are working.

Note that the test_post_connect_check_with_anon_ciphers test got the following error on
`OpenSSL.debug = true` in FIPS.

```
/home/jaruga/var/git/ruby/openssl/lib/openssl/ssl.rb:551: warning: error on stack: error:0A0C0103:SSL routines:tls_construct_server_key_exchange:internal error
```

test_get_ephemeral_key:

kRSA (PKCS1-v1_5 padding) is not allowed in FIPS according to the
NIST SP 800-131A Rev. 2 - 6 Key Agreement and Key Transport Using RSA -
Table 5: Approval Status for the RSA-based Key Agreement and Key Transport
Schemes - PKCS1-v1_5 padding - Disallowed after 2023
https://csrc.nist.gov/pubs/sp/800/131/a/r2/final

Note that the test_get_ephemeral_key test got the following error on
`OpenSSL.debug = true` in FIPS.

```
test/openssl/test_ssl.rb:2326: warning: error on stack: error:1C8000A8:Provider routines:rsa_encrypt:invalid padding mode
```

https://github.com/ruby/openssl/commit/ac3559e51e
[ruby/openssl] ssl: add post-quantum cryptography (PQC) tests 2025-07-27T12:15:02+00:00 Jun Aruga jaruga@redhat.com 2025-07-21T20:04:55+00:00 6e0181db3ac98e8415c0b130c90ae1bbc5089ee8 The key files were created by the following commands. ``` $ ${HOME}/.local/openssl-3.6.0-dev-fips-debug-8253b58d60/bin/openssl genpkey \ -algorithm mldsa65 \ -out mldsa65-1.pem $ ${HOME}/.local/openssl-3.6.0-dev-fips-debug-8253b58d60/bin/openssl genpkey \ -algorithm mldsa65 \ -out mldsa65-2.pem ``` PQC algorithms, ML-KEM (FIPS 203) and ML-DSA (FIPS 204) used in the PQC tests are supported on OpenSSL 3.5 or later. https://openssl-library.org/post/2025-04-08-openssl-35-final-release/ https://github.com/ruby/openssl/commit/f3bb316018 
The key files were created by the following commands.

```
$ ${HOME}/.local/openssl-3.6.0-dev-fips-debug-8253b58d60/bin/openssl genpkey \
  -algorithm mldsa65 \
  -out mldsa65-1.pem
$ ${HOME}/.local/openssl-3.6.0-dev-fips-debug-8253b58d60/bin/openssl genpkey \
  -algorithm mldsa65 \
  -out mldsa65-2.pem
```

PQC algorithms, ML-KEM (FIPS 203) and ML-DSA (FIPS 204) used in the PQC tests
are supported on OpenSSL 3.5 or later.
https://openssl-library.org/post/2025-04-08-openssl-35-final-release/

https://github.com/ruby/openssl/commit/f3bb316018
[ruby/openssl] ssl: add SSLSocket#sigalg, #peer_sigalg, #group 2025-07-22T16:51:02+00:00 Jun Aruga jaruga@redhat.com 2025-07-07T16:07:47+00:00 7bb48f87f35d4d99312c94e3982e2f483675a777 These methods are useful to test post-quantum cryptography (PQC) cases. https://github.com/ruby/openssl/commit/434ef74452 
These methods are useful to test post-quantum cryptography (PQC) cases.

https://github.com/ruby/openssl/commit/434ef74452
[ruby/openssl] ssl: rename SSLContext#ecdh_curves= to #groups= 2025-07-04T09:17:55+00:00 Kazuki Yamaguchi k@rhe.jp 2025-06-19T17:36:36+00:00 38993efb27a35b37ecb938f7791fa7c51fbf4bac TLS 1.3 renamed the "elliptic_curves" extension to "supported_groups" to reflect that it now covers more than just ECDH groups. OpenSSL 1.1.1 followed this change by renaming the corresponding API from SSL_CTX_set1_curves_list() to SSL_CTX_set1_groups_list(). Update ruby/openssl to use the new name, too. The current method name SSLContext#ecdh_curves= is retained as an alias for #group=. https://github.com/ruby/openssl/commit/59e98604e0 
TLS 1.3 renamed the "elliptic_curves" extension to "supported_groups"
to reflect that it now covers more than just ECDH groups. OpenSSL 1.1.1
followed this change by renaming the corresponding API from
SSL_CTX_set1_curves_list() to SSL_CTX_set1_groups_list().

Update ruby/openssl to use the new name, too. The current method name
SSLContext#ecdh_curves= is retained as an alias for #group=.

https://github.com/ruby/openssl/commit/59e98604e0
[ruby/openssl] ssl: add SSLContext#sigalgs= and #client_sigalgs= 2025-06-20T17:58:38+00:00 Kazuki Yamaguchi k@rhe.jp 2025-06-03T06:00:43+00:00 112ba7064718aa8e486ff1d953946ad5a5480f8c Add methods for setting supported signature algorithms, corresponding to SSL_CTX_set1_sigalgs_list() and SSL_CTX_set1_client_sigalgs_list(), respectively. https://github.com/ruby/openssl/commit/6bbe58c492 Co-authored-by: Markus Jung <markus.jung@vivavis.com> 
Add methods for setting supported signature algorithms, corresponding
to SSL_CTX_set1_sigalgs_list() and SSL_CTX_set1_client_sigalgs_list(),
respectively.

https://github.com/ruby/openssl/commit/6bbe58c492

Co-authored-by: Markus Jung <markus.jung@vivavis.com>