| Age | Commit message (Collapse) | Author |
|---|
|
https://github.com/ruby/openssl/commit/5af1edab18
|
|
https://github.com/ruby/openssl/commit/b0de8ba9bd
|
|
https://github.com/ruby/openssl/commit/695126f582
|
|
When d2i_PKCS7_bio() and PEM_read_bio_PKCS7() fail to decode the input,
OpenSSL::PKCS7.new currently raises ArgumentError. The usual practice
in ruby/openssl where an error originates from the underlying OpenSSL
library is to raise OpenSSL::OpenSSLError.
Raise OpenSSL::PKCS7::PKCS7Error instead for consistency with
OpenSSL::PKCS7.read_smime and all other existing #initialize methods
that handle DER/PEM-encoded inputs.
https://github.com/ruby/openssl/commit/67a608ce53
|
|
Mention the underlying OpenSSL function. Add a note about the unreliable
comparison when called on an incomplete object.
Fixes https://github.com/ruby/openssl/issues/844
https://github.com/ruby/openssl/commit/736af5b3c7
|
|
An OpenSSL function sometimes puts more than one error entry into the
thread-local OpenSSL error queue. Currently, we use the highest-level
entry for generating the exception message and discard the rest.
Let ossl_make_error() capture all current OpenSSL error queue contents
into OpenSSL::OpenSSLError#errors and extend
OpenSSL::OpenSSLError#detailed_message to include the information.
An example:
$ ruby -Ilib -ropenssl -e'OpenSSL::X509::ExtensionFactory.new.create_ext("a", "b")'
-e:1:in 'OpenSSL::X509::ExtensionFactory#create_ext': a = b: error in extension (name=a, value=b) (OpenSSL::X509::ExtensionError)
OpenSSL error queue reported 2 errors:
error:11000082:X509 V3 routines:do_ext_nconf:unknown extension name
error:11000080:X509 V3 routines:X509V3_EXT_nconf_int:error in extension (name=a, value=b)
from -e:1:in '<main>'
https://github.com/ruby/openssl/commit/d28f7a9a13
|
|
ASN1_ENUMERATED_to_BN() has been const-correct for a long time in all
supported libcrytos, so we can remove this workaround.
https://github.com/ruby/openssl/commit/d0f36a7c65
|
|
https://github.com/ruby/openssl/commit/a41cf28bab
|
|
https://github.com/ruby/openssl/commit/8945f379b3
|
|
https://github.com/ruby/openssl/commit/0941ebbda5
|
|
This uses the normal accessors but leaves out BIT STRINGS, which will
need compat implementations for ASN1_BIT_STRING_get_length() and
ASN1_BIT_STRING_set1() for older libcryptos.
https://github.com/openssl/openssl/issues/29184
https://github.com/openssl/openssl/issues/29185
https://github.com/ruby/openssl/commit/ba3d1cc5c2
|
|
OpenSSL plans to make asn1_string_st opaque, the struct underlying most
ASN.1 types such as ASN1_*STRING, ASN1_ENUMERATED, ASN1_INTEGER, etc.
Most of ruby/openssl's C code can be straigtforwardly converted to use
accessors available since OpenSS
https://github.com/ruby/openssl/commit/374262435a
|
|
This helper only reads from its in parameter. Making that const
avoids a couple of casts in an upcoming change.
https://github.com/ruby/openssl/commit/970d5764e3
|
|
In a newly allocated OpenSSL X509 object, the notBefore and notAfter
fields contain an ASN1_STRING object with type V_ASN1_UNDEF rather than
an ASN1_TIME.
Commit https://github.com/ruby/openssl/commit/73484f67949a made asn1time_to_time() stricter and it now raises
an exception if the argument is not an ASN1_TIME. Previously, it would
print a verbose-mode warning and return nil.
OpenSSL::X509::Certificate#inspect should work even when the certificate
is invalid. Let's handle this.
https://github.com/ruby/openssl/commit/18c283f2b6
|
|
The current logic relies on sscanf() and error checks are almost
entirely missing. It also assumes that ASN1_STRING contents are NUL
terminated, which is undocumented and not guaranteed for all valid
ASN1_TIME objects.
Switch to using ASN1_TIME_to_tm() added in OpenSSL 1.1.1. It is also
supported by LibreSSL and AWS-LC.
In the long term, we may want to replace ASN1_TIME_to_tm() with a
hand-rolled decoder, since the function is intended for a specific
use-case. It is too permissive for strict DER, yet still does not
support all valid DER inputs and silently drops information such as
fractional seconds. However, it handles everything that the current
sscanf() code could handle.
https://github.com/ruby/openssl/commit/73484f6794
|
|
Move variable declarations for OpenSSL::ASN1 classes to the top of the
file. asn1time_to_time() will need eASN1Error in the next patch.
https://github.com/ruby/openssl/commit/6c0ef87897
|
|
Since around 2018, we have been using spaces for indentation for newly
added code[1]. The mixed use of tabs and spaces has repeatedly confused
new contributors who configured their editors to use a different tab
size than 8. Since git blame can now skip specific commits, ruby/ruby
did a mass reformatting of tabs in 2022[2]. Do the same in ruby/openssl.
While at it, fix a few indentation issues, mainly in switch-case labels
and in ossl_ssl_session.c, which used doubled indentation size.
This patch contains white-space changes only. git diff -w output should
be empty.
[1] https://bugs.ruby-lang.org/issues/14246
[2] https://bugs.ruby-lang.org/issues/18891
https://github.com/ruby/openssl/commit/4d6214f507
|
|
This reverts commit https://github.com/ruby/openssl/commit/830505172882.
The commit is part of the bigger effort to rewrite OpenSSL::ASN1 in
Ruby. OpenSSL::ASN1 is relatively isolated from the rest of ruby/openssl
and is not tightly bound to the OpenSSL API. The current implementation
also needs a major refactor for several reasons, so this remains a
long-term goal.
However, the work is not yet complete. We are close to releasing v4.0.0,
and we want to avoid shipping fragmented code in a stable branch. The
changes can be reapplied when the rest is ready.
https://github.com/ruby/openssl/commit/362942dcbf
|
|
These declarations were added to every source file because older
versions of RDoc did not resolve ancestor tree across files. Since
RDoc 6.9.0 supports this, this workaround is no longer needed.
https://redirect.github.com/ruby/rdoc/pull/1217
https://github.com/ruby/openssl/commit/6491ce63be
|
|
Move attribute documentation out of the class-level section and into
the appropriate sections so that they attach correctly.
https://github.com/ruby/openssl/commit/61410acc50
|
|
ruby/openssl exposes OIDs to Ruby as strings in many places, but the
conversion logic has been duplicated and the behavior is inconsistent.
There are mainly two patterns:
- Returns the short name associated with the OID/NID, or the dotted
decimal notation if it is unknown to OpenSSL.
- Returns the long name, or the dotted decimal notation.
These patterns are implemented using different OpenSSL APIs and that
caused subtle differences. Add helper functions ossl_asn1obj_to_string()
and ossl_asn1obj_to_string_long_name() to unify the logic.
Also, document the current behaviors where it is not yet done. The
inconsistency was likely unintentional, but since it dates back to the
original implementations, standardizing it now would cause more issues
than it resolves.
https://github.com/ruby/openssl/commit/2ea36c21a4
|
|
obj_to_asn1obj() in ossl_ts.c and ossl_asn1.c are identical. Let's
remove one in ossl_ts.c.
eASN1Error can now be made static to ossl_asn1.c.
https://github.com/ruby/openssl/commit/dcb05c40c2
|
|
curves
EC_GROUP_get_curve_name() returns NID_undef when OpenSSL does not
recognize the curve and there is no associated OID.
Handle this case explicitly and return nil instead of the string
"UNDEF", which should not be exposed outside the extension.
https://github.com/ruby/openssl/commit/2c16821c07
|
|
This is a follow-up to commit https://github.com/ruby/openssl/commit/e74ff3e2722f, which missed the line added
in a different PR.
https://github.com/ruby/openssl/commit/1b01d19456
|
|
Remove the following subclasses of OpenSSL::PKey::PKeyError and make
them aliases of it.
- OpenSSL::PKey::DHError
- OpenSSL::PKey::DSAError
- OpenSSL::PKey::ECError
- OpenSSL::PKey::RSAError
Historically, methods defined on OpenSSL::PKey and OpenSSL::PKey::PKey
raise OpenSSL::PKey::PKeyError, while methods on the subclasses raise
their respective exception classes. However, this distinction is not
particularly useful since all those exception classes represent the
same kind of errors from the underlying EVP_PKEY API.
I think this convention comes from the fact that OpenSSL::PKey::{DH,
DSA,RSA} originally wrapped the corresponding OpenSSL structs DH, DSA,
and RSA, before they were unified to wrap EVP_PKEY, way back in 2002.
OpenSSL::PKey::EC::Group::Error and OpenSSL::PKey::EC::Point::Error
are out of scope of this change, as they are not subclasses of
OpenSSL::PKey::PKeyError and do not represent errors from the EVP_PKEY
API.
https://github.com/ruby/openssl/commit/e74ff3e272
|
|
Likewise, use EVP_MD_fetch() if it is available.
This adds support for AES-GCM-SIV with OpenSSL 3.2 or later.
https://github.com/ruby/openssl/commit/0e565a215e
|
|
With the introduction of OpenSSL 3 providers, newly implemented
algorithms do not necessarily have a corresponding NID assigned. To use
such an algorithm, it has to be "fetched" from providers using the new
EVP_*_fetch() functions.
For digest algorithms, we have to use EVP_MD_fetch() instead of the
existing EVP_get_digestbyname(). However, it is not a drop-in
replacement because:
- EVP_MD_fetch() does not support all algorithm name aliases recognized
by EVP_get_digestbyname().
- Both return an EVP_MD, but the one returned by EVP_MD_fetch() is
sometimes reference counted and the user has to explicitly release
it with EVP_MD_free().
So, keep using EVP_get_digestbyname() for all OpenSSL versions for now,
and fall back to EVP_MD_fetch() if it fails. In the latter case, prepare
a T_DATA object to manage the fetched EVP_MD's lifetime.
https://github.com/ruby/openssl/commit/9fc2179403
|
|
Raise OpenSSL::Cipher::CipherError instead of ArgumentError or
RuntimeError for consistency.
https://github.com/ruby/openssl/commit/78601c9c34
|
|
We generally raise OpenSSL::OpenSSLError or its subclass for errors
originating from the OpenSSL library, which may include extra details
appended by ossl_raise().
https://github.com/ruby/openssl/commit/9427a05ce5
|
|
The EVP_CIPHER_CTX = OpenSSL::Cipher interface for AEAD ciphers is
notoriously complicated and full of pitfalls. I tried to clarify docs
so that users can hopefully connect the Ruby methods with the
corresponding OpenSSL man pages more easily.
- Call out the common mistakes with Cipher#iv= and Cipher#auth_tag=
with AES-GCM.
- Update outdated notes about the method calling order requirements
with AEAD ciphers.
- Add references to the man page where the behavior varies according to
the specific cipher algorithm and we cannot document every detail.
- Various style/wording updates.
https://github.com/ruby/openssl/commit/30e22d9bbb
|
|
|
|
In OpenSSL <= 1.1.1, EVP_PKEY_get0() always returned a valid object, so
a NULL check was not necessary. In OpenSSL 3.0, the function can return
NULL (https://docs.openssl.org/3.0/man7/migration_guide/#deprecated-function-mappings),
so guard against this issue.
https://github.com/ruby/openssl/commit/dc90b9c51e
|
|
https://github.com/ruby/openssl/commit/02ff964114
|
|
Freeze OpenSSL::SSL::SSLContext::DEFAULT_PARAMS so that it becomes
Ractor-shareable.
Also, prepare a new OpenSSL::X509::Store in Ractor-local storage, if
called from a non-main Ractor. OpenSSL::X509::Store currently is not a
shareable object.
https://github.com/ruby/openssl/commit/3d5271327c
|
|
tmp_dh_callback no longer has a default value. It also no longer has to
share code with tmp_ecdh_callback, which has been removed in v3.0.0.
https://github.com/ruby/openssl/commit/b7cde6df2a
|
|
Rely on OpenSSL's builtin DH parameters for TLS 1.2 and earlier instead
of providing a default SSLContext#tmp_dh_callback proc.
SSL_CTX_set_dh_auto() has been available since OpenSSL 1.1.0.
The parameters can still be overridden by specifying
SSLContext#tmp_dh_callback or #tmp_dh, as confirmed by existing tests.
SSLContext#tmp_dh_callback depends on a deprecated OpenSSL feature. We
also prefer not to hard-code parameters, which is a maintenance burden.
This change also improves Ractor compatibility by removing the
unshareable proc.
https://github.com/ruby/openssl/commit/9cfec9bf5e
|
|
Check for the function we actually use. Both SSL_set0_tmp_dh_pkey() and
SSL_CTX_set0_tmp_dh_pkey() were added in OpenSSL 3.0.
https://github.com/ruby/openssl/commit/a9b6a64e5f
|
|
https://github.com/ruby/openssl/commit/64f4aae6bd
|
|
https://github.com/ruby/openssl/commit/2b88a6d444
|
|
default store
With OpenSSL 3.6.0, it causes nearly every certificate verification to
fail with the message "certificate verify failed (unable to get
certificate CRL)" because the CRLs are typically unavailable in the
default store used by OpenSSL::SSL::SSLContext#set_params.
OpenSSL::X509::V_FLAG_CRL_CHECK_ALL is a flag that extends the CRL
checking to all certificates in the chain. In OpenSSL < 3.6.0, the flag
alone has no effect, and OpenSSL::X509::V_FLAG_CRL_CHECK must also be
set to enable CRL checking.
In OpenSSL 3.6.0, OpenSSL::X509::V_FLAG_CRL_CHECK_ALL now implies
OpenSSL::X509::V_FLAG_CRL_CHECK. This is inconsistent with the man page
and may be fixed in a future OpenSSL 3.6.x release, but this flag is not
needed and should not be set by default.
Fixes https://github.com/ruby/openssl/issues/949
https://github.com/ruby/openssl/commit/e8481cd687
|
|
OpenSSL 3.0
Raise ArgumentError if this is attempted when the extension is compiled
with OpenSSL 3.0 or later. The form will be fully removed when we drop
support for OpenSSL 1.1.1.
When OpenSSL::PKey::{DH,DSA,EC,RSA}.new is called without any arguments,
it sets up an empty corresponding low-level struct and wraps it in an
EVP_PKEY. This is useful when the user later fills the missing fields
using low-level setter methods such as OpenSSL::PKey::RSA#set_key.
Such setter methods are not compatible with OpenSSL 3.0 or later, where
EVP_PKEY is immutable once created. This means that the ability to
create an empty instance is useless.
https://github.com/ruby/openssl/commit/affd569f78
|
|
Introduce a useful macro indicating that the low-level struct wrapped
in an EVP_PKEY cannot be modified.
Currently, the macro is defined for OpenSSL 3.0 or later only. LibreSSL
and AWS-LC can follow suit in the future.
https://github.com/ruby/openssl/commit/032ed63096
|
|
failures
(https://github.com/ruby/openssl/pull/939)
* Add AuthTagError exception for AEAD authentication failures
- Add OpenSSL::Cipher::AuthTagError as a subclass of CipherError
- Raise AuthTagError specifically for AEAD cipher authentication tag verification failures
- Enhanced error messages: 'AEAD authentication tag verification failed' for auth failures
- Precise detection: Only EVP_CipherFinal_ex failures in AEAD ciphers raise AuthTagError
- All other errors (key setup, IV setup, update failures, etc.) still raise CipherError
- Comprehensive test coverage for GCM/CCM modes and error inheritance
- Fully backwards compatible: AuthTagError < CipherError
https://github.com/ruby/openssl/commit/9663b09040
|
|
OSSL_DECODER"
This reverts commit https://github.com/ruby/openssl/commit/5347880c6eb0 and
https://github.com/ruby/openssl/commit/985ba27d6339.
These commits attempted to stop processing after the first relevant PEM
block, whether it is successful or not, when the input contains multiple
keys.
It turned out that it cannot be reliably determined using the
OSSL_DECODER API. There is an edge case where OSSL_DECODER_from_bio()
reports "unsupported" even though the input actually contains an error:
https://redirect.github.com/ruby/openssl/pull/931#discussion_r2347813807
Revert the changes for now and keep the existing behavior, as partial
support does not seem worth the added complexity.
https://github.com/ruby/openssl/commit/319cd4952a
|
|
Treat an empty error queue after calling OSSL_DECODER_from_bio() as a
retryable error.
This is a follow-up to the previous commit https://github.com/ruby/openssl/commit/985ba27d6339 (pkey: stop
retrying after non-retryable error from OSSL_DECODER). The commit broke
loading public keys on Ubuntu 22.04 LTS, which ships OpenSSL 3.0.2.
https://github.com/ruby/openssl/commit/5347880c6e
|
|
Continue processing only when OSSL_DECODER_from_bio() returns the error
code ERR_R_UNSUPPORTED. Otherwise, raise an exception without retrying
decoding the input in another format.
This fixes another case where OpenSSL::PKey.read prompts for a
passphrase multiple times when the input contains multiple
passphrase-protected PEM blocks and the first one cannot be decoded.
I am not entirely sure if the error code ERR_R_UNSUPPORTED is considered
part of the public interface of OpenSSL, but this seems to be the only
option available and is the approach used internally by the
PEM_read_bio_*() functions.
Fixes https://github.com/ruby/openssl/issues/927
https://github.com/ruby/openssl/commit/985ba27d63
|
|
Specify OSSL_DECODER_CTX_set_pem_password_cb() only when we expect a
passphrase-protected private key.
OSSL_DECODER appears to try to decrypt every PEM block in the input even
when the PEM header does not match the requested selection. This can
cause repeated prompts for a passphrase in a single OpenSSL::PKey.read
call.
https://github.com/ruby/openssl/commit/933503f49f
|
|
Both the X509 store and X509 store context were missing write barriers.
To the callback object being stored in the ex data.
These values were also being stored as an IV, however in Ruby HEAD we're
now storing the IVs for T_DATA (generic IVs) on a separate object. So we
need an additional write barrier.
I believe this was always necessary, because we could have done
incremental marking ahead of compaction, and without the write barrier
the mark function could have been run before @verify_callback was
assigned.
This was detected by wbcheck
https://github.com/ruby/openssl/commit/1fda3a99ef
|
|
Add a simple test case that creates an enveloped-data structure without
using the shorthand method, and fix two issues preventing this from
working correctly.
First, OpenSSL::PKey::PKCS7#add_recipient currently inserts an
incomplete PKCS7_RECIP_INFO object into the PKCS7 object. When
duplicating an unfinalized PKCS7_RECIP_INFO, the internal X509 reference
must also be copied, as it is later used by #add_data to fill the rest.
A similar issue with #add_signer was fixed in commit https://github.com/ruby/openssl/commit/20ca7a27a86e
(pkcs7: keep private key when duplicating PKCS7_SIGNER_INFO,
2021-03-24).
Second, #add_data calls PKCS7_dataFinal(), which for enveloped-data
appears to require the BIO to be flushed explicitly with BIO_flush().
Without this, the last block of the encrypted data would be missing.
https://github.com/ruby/openssl/commit/9595ecf643
|
|
Raise an exception right after an OpenSSL function returns an error.
Checking ERR_peek_error() is not reliable way to see if an error has
occurred or not, as OpenSSL functions do not always populate the error
queue.
https://github.com/ruby/openssl/commit/cc3f1af73e
|
