diff options
| author | Kazuki Yamaguchi <k@rhe.jp> | 2020-07-10 13:43:20 +0900 |
|---|---|---|
| committer | Kazuki Yamaguchi <k@rhe.jp> | 2021-07-18 17:45:00 +0900 |
| commit | 0c23e4a7aa5ff260281be07873eaeaebfa5d5155 (patch) | |
| tree | 96d7bd89ed1a6a70cc86863e0b4043528c8c103d | |
| parent | 857a177b03dded0d56c395e979a35b9a27753e15 (diff) | |
[ruby/openssl] pkey/ec: refactor EC#dsa_{sign,verify}_asn1 with PKey#{sign,verify}_raw
With the newly added OpenSSL::PKey::PKey#{sign,verify}_raw,
OpenSSL::PKey::EC's low level signing operation methods can be
implemented in Ruby. The definitions are now in lib/openssl/pkey.rb.
https://github.com/ruby/openssl/commit/1f9da0cd9d
| -rw-r--r-- | ext/openssl/lib/openssl/pkey.rb | 22 | ||||
| -rw-r--r-- | ext/openssl/ossl_pkey_ec.c | 55 |
2 files changed, 22 insertions, 55 deletions
diff --git a/ext/openssl/lib/openssl/pkey.rb b/ext/openssl/lib/openssl/pkey.rb index dd8c7c0b09..e587109694 100644 --- a/ext/openssl/lib/openssl/pkey.rb +++ b/ext/openssl/lib/openssl/pkey.rb @@ -165,6 +165,28 @@ module OpenSSL::PKey include OpenSSL::Marshal # :call-seq: + # key.dsa_sign_asn1(data) -> String + # + # <b>Deprecated in version 3.0</b>. + # Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw instead. + def dsa_sign_asn1(data) + sign_raw(nil, data) + rescue OpenSSL::PKey::PKeyError + raise OpenSSL::PKey::ECError, $!.message + end + + # :call-seq: + # key.dsa_verify_asn1(data, sig) -> true | false + # + # <b>Deprecated in version 3.0</b>. + # Consider using PKey::PKey#sign_raw and PKey::PKey#verify_raw instead. + def dsa_verify_asn1(data, sig) + verify_raw(nil, sig, data) + rescue OpenSSL::PKey::PKeyError + raise OpenSSL::PKey::ECError, $!.message + end + + # :call-seq: # ec.dh_compute_key(pubkey) -> string # # Derives a shared secret by ECDH. _pubkey_ must be an instance of diff --git a/ext/openssl/ossl_pkey_ec.c b/ext/openssl/ossl_pkey_ec.c index 41f63289bd..9b461cb6a2 100644 --- a/ext/openssl/ossl_pkey_ec.c +++ b/ext/openssl/ossl_pkey_ec.c @@ -472,57 +472,6 @@ static VALUE ossl_ec_key_check_key(VALUE self) } /* - * call-seq: - * key.dsa_sign_asn1(data) => String - * - * See the OpenSSL documentation for ECDSA_sign() - */ -static VALUE ossl_ec_key_dsa_sign_asn1(VALUE self, VALUE data) -{ - EC_KEY *ec; - unsigned int buf_len; - VALUE str; - - GetEC(self, ec); - StringValue(data); - - if (EC_KEY_get0_private_key(ec) == NULL) - ossl_raise(eECError, "Private EC key needed!"); - - str = rb_str_new(0, ECDSA_size(ec)); - if (ECDSA_sign(0, (unsigned char *) RSTRING_PTR(data), RSTRING_LENINT(data), (unsigned char *) RSTRING_PTR(str), &buf_len, ec) != 1) - ossl_raise(eECError, "ECDSA_sign"); - rb_str_set_len(str, buf_len); - - return str; -} - -/* - * call-seq: - * key.dsa_verify_asn1(data, sig) => true or false - * - * See the OpenSSL documentation for ECDSA_verify() - */ -static VALUE ossl_ec_key_dsa_verify_asn1(VALUE self, VALUE data, VALUE sig) -{ - EC_KEY *ec; - - GetEC(self, ec); - StringValue(data); - StringValue(sig); - - switch (ECDSA_verify(0, (unsigned char *) RSTRING_PTR(data), RSTRING_LENINT(data), (unsigned char *) RSTRING_PTR(sig), (int)RSTRING_LEN(sig), ec)) { - case 1: return Qtrue; - case 0: return Qfalse; - default: break; - } - - ossl_raise(eECError, "ECDSA_verify"); - - UNREACHABLE; -} - -/* * OpenSSL::PKey::EC::Group */ static void @@ -1583,10 +1532,6 @@ void Init_ossl_ec(void) rb_define_alias(cEC, "generate_key", "generate_key!"); rb_define_method(cEC, "check_key", ossl_ec_key_check_key, 0); - rb_define_method(cEC, "dsa_sign_asn1", ossl_ec_key_dsa_sign_asn1, 1); - rb_define_method(cEC, "dsa_verify_asn1", ossl_ec_key_dsa_verify_asn1, 2); -/* do_sign/do_verify */ - rb_define_method(cEC, "export", ossl_ec_key_export, -1); rb_define_alias(cEC, "to_pem", "export"); rb_define_method(cEC, "to_der", ossl_ec_key_to_der, 0); |