| Age | Commit message (Collapse) | Author |
|---|
|
Both the X509 store and X509 store context were missing write barriers.
To the callback object being stored in the ex data.
These values were also being stored as an IV, however in Ruby HEAD we're
now storing the IVs for T_DATA (generic IVs) on a separate object. So we
need an additional write barrier.
I believe this was always necessary, because we could have done
incremental marking ahead of compaction, and without the write barrier
the mark function could have been run before @verify_callback was
assigned.
This was detected by wbcheck
https://github.com/ruby/openssl/commit/1fda3a99ef
|
|
Add a simple test case that creates an enveloped-data structure without
using the shorthand method, and fix two issues preventing this from
working correctly.
First, OpenSSL::PKey::PKCS7#add_recipient currently inserts an
incomplete PKCS7_RECIP_INFO object into the PKCS7 object. When
duplicating an unfinalized PKCS7_RECIP_INFO, the internal X509 reference
must also be copied, as it is later used by #add_data to fill the rest.
A similar issue with #add_signer was fixed in commit https://github.com/ruby/openssl/commit/20ca7a27a86e
(pkcs7: keep private key when duplicating PKCS7_SIGNER_INFO,
2021-03-24).
Second, #add_data calls PKCS7_dataFinal(), which for enveloped-data
appears to require the BIO to be flushed explicitly with BIO_flush().
Without this, the last block of the encrypted data would be missing.
https://github.com/ruby/openssl/commit/9595ecf643
|
|
Raise an exception right after an OpenSSL function returns an error.
Checking ERR_peek_error() is not reliable way to see if an error has
occurred or not, as OpenSSL functions do not always populate the error
queue.
https://github.com/ruby/openssl/commit/cc3f1af73e
|
|
Only call PKCS7_get_detached() if the PKCS7 object is a signed-data.
This is only useful for the content type, and leaves an error entry if
called on a PKCS7 object with a different content type.
https://github.com/ruby/openssl/commit/8997f6d5e6
|
|
Set the error_string attribute to nil if PKCS7_verify() succeeds, since
the error queue should be empty in that case.
With AWS-LC, OpenSSL::PKCS#verify currently sets error_string to
"invalid library (0)" when the verification succeeds, whereas with
OpenSSL and LibreSSL, it becomes nil. ERR_reason_error_string() appears
to behave differently when an invalid error code is passed.
The branch to raise OpenSSL::PKCS7::PKCS7Error is removed because it
does not appear to be reachable.
https://github.com/ruby/openssl/commit/c11c6631fa
|
|
ossl_x509{,attr,crl,ext,revoked,name}*_new(NULL)"
This reverts commit ec01cd9bbbaf3e6f324e0a6769b8383857d2bc07.
This should no longer break the tests, now that the following changes
have been applied:
- RubyGems change: 32977f3869ba1c44950f484ddbf3a12889c0b20b
- ruby/openssl change: e8261963c79ba61453f7f0dae281c33a1287b351
|
|
Commit https://github.com/ruby/openssl/commit/ef277083ba76 overlooked a caller of ossl_x509_new() with NULL
argument. OpenSSL::X509::StoreContext#current_cert may not have a
certificate to return if StoreContext#verify has not been called.
https://github.com/ruby/openssl/commit/4149b43890
|
|
ossl_x509{,attr,crl,ext,revoked,name}*_new(NULL)"
This reverts commit 4e8bbb07dd4936b97a6b39d54a6977a107518e1f.
It broke RubyGems tests:
https://rubyci.s3.amazonaws.com/debian/ruby-master/log/20250727T123003Z.fail.html.gz
OpenSSL::X509::StoreContext#current_cert incorrectly calls
ossl_x509_new() with NULL to create a bogus Certificate object, and a
test case in RubyGems relies on it. This will be reapplied when both
are fixed.
|
|
Among functions named ossl_*_new(), ossl_pkey_new() is now the only one
that takes ownership of the passed OpenSSL object instead of making a
copy or incrementing its reference counter. Rename it to make this
behavior easier to understand.
https://github.com/ruby/openssl/commit/54c1c26eb5
|
|
Likewise, let it take a const pointer and not the ownership of the
OpenSSL object.
This fixes potential memory leak in OpenSSL::OCSP::BasicResponse#status.
https://github.com/ruby/openssl/commit/7e0288ebbd
|
|
Similar to most of the other ossl_*_new() functions, let it take a const
pointer and make a copy of the object.
This also fixes a potential memory leak when the wrapper object
allocation fails.
https://github.com/ruby/openssl/commit/eaabf6d8a3
|
|
These functions are not actually called with NULL.
https://github.com/ruby/openssl/commit/c089301e56
|
|
These functions are not actually called with NULL. It also doesn't make
sense to do so, so let's simplify the definitions.
https://github.com/ruby/openssl/commit/ef277083ba
|
|
Currently, calling ossl_bn_new() with a NULL argument allocates a new
OpenSSL::BN instance representing 0. This behavior is confusing. Raise
an exception if this is attempted, instead.
https://github.com/ruby/openssl/commit/6fa793d997
|
|
This list was originally in alphabetical order. Sort it again.
This change should be safe since the .rb sources should only depend on
the extension and not each other.
https://github.com/ruby/openssl/commit/eb3998728a
|
|
These methods are useful to test post-quantum cryptography (PQC) cases.
https://github.com/ruby/openssl/commit/434ef74452
|
|
ASN.1 UTCTime uses two-digit years. While X.680 does not specify how to
map them as far as I can tell, X.509/PKIX uses this type to represent
dates between year 1950-2049.
OpenSSL::ASN1.decode has used 1969-2068 since the initial
implementation. Given that ASN1::UTCTime#to_der relies on OpenSSL
ASN1_UTCTIME type, which assumes the 1950-2049 range, this was likely
unintentional.
Use the range 1950-2049 consistently, and fix decoding of X.509
certificates with dates in 1950-1968.
https://github.com/ruby/openssl/commit/b8b38e1438
|
|
|
|
Compare by the VALUE value instead of ID. Calling SYM2ID() on a dynamic
symbol will pin a permanent ID.
These methods only accept known static symbols, and passing anything
else is an incorrect usage that results in an exception. Nonetheless,
avoiding SYM2ID() seems to be a good idea since there is no runtime
cost.
https://github.com/ruby/openssl/commit/0d66296cdc
|
|
TLS 1.3 renamed the "elliptic_curves" extension to "supported_groups"
to reflect that it now covers more than just ECDH groups. OpenSSL 1.1.1
followed this change by renaming the corresponding API from
SSL_CTX_set1_curves_list() to SSL_CTX_set1_groups_list().
Update ruby/openssl to use the new name, too. The current method name
SSLContext#ecdh_curves= is retained as an alias for #group=.
https://github.com/ruby/openssl/commit/59e98604e0
|
|
https://github.com/ruby/openssl/commit/b6f56c4540
|
|
|
|
Algorithms implemented only in OpenSSL 3 providers may not have a
corresponding NID. The *_ex() variants have been added in OpenSSL 3.0
to handle such algorithms, by taking algorithm names as a string.
https://github.com/ruby/openssl/commit/e730e457cc
|
|
For algorithms implemented solely in an OpenSSL 3 provider, without an
associated EVP_PKEY_METHOD, EVP_PKEY_id() returns a special value
EVP_PKEY_KEYMGMT.
Let OpenSSL::PKey::PKey#oid raise an exception as necessary.
Update PKey#inspect to include the string returned by
EVP_PKEY_get0_type_name(), if available.
https://github.com/ruby/openssl/commit/bd3e32270e
|
|
Move the #include from ossl_provider.c to ossl.h. As OpenSSL 3 provider
functions will be used in multiple source files, having it in the
common header file is convenient.
https://github.com/ruby/openssl/commit/f831bb66bc
|
|
Add methods for setting supported signature algorithms, corresponding
to SSL_CTX_set1_sigalgs_list() and SSL_CTX_set1_client_sigalgs_list(),
respectively.
https://github.com/ruby/openssl/commit/6bbe58c492
Co-authored-by: Markus Jung <markus.jung@vivavis.com>
|
|
https://github.com/ruby/openssl/commit/54f22395e7
|
|
https://github.com/ruby/openssl/commit/9c9333c07d
|
|
If SSL_CTX_add_extra_chain_cert() fails, the refcount of x509 must be
handled by the caller. This should only occur due to a malloc failure
inside the function.
https://github.com/ruby/openssl/commit/80bcf727dc
|
|
OpenSSL::Cipher#encrypt and #decrypt have long supported a hidden
feature to derive a key and an IV from the String argument, but in an
inappropriate way.
This feature is undocumented, untested, and has been deprecated since
commit https://github.com/ruby/ruby/commit/0dc43217b189 on 2004-06-30,
which started printing a non-verbose warning. More than 20 years later,
it must be safe to remove it entirely.
The deprecated usage:
# `password` is a String, `iv` is either a String or nil
cipher = OpenSSL::Cipher.new("aes-256-cbc")
cipher.encrypt(password, iv)
p cipher.update("data") << cipher.final
was equivalent to:
cipher = OpenSSL::Cipher.new("aes-256-cbc")
cipher.encrypt
iv ||= "OpenSSL for Ruby rulez!"
key = ((cipher.key_len + 15) / 16).times.inject([""]) { |ary, _|
ary << OpenSSL::Digest.digest("MD5", ary.last + password + iv[0, 8].ljust(8, "\0"))
}.join
cipher.key = key[...cipher.key_len]
cipher.iv = iv[...cipher.iv_len].ljust(cipher.iv_len, "\0")
p cipher.update("data") << cipher.final
https://github.com/ruby/openssl/commit/e46d992ea1
|
|
EOC octets are required at the end of contents of a constructed encoding
that uses the indefinite length form. This cannot be assumed from the
end of the input. Raise an exception when necessary.
https://github.com/ruby/openssl/commit/bc20c13a7c
|
|
Correctly pass the new object assigned by StringValue() to
ossl_ssl_write_internal_safe().
This is a follow-up to commit https://github.com/ruby/openssl/commit/0d8c17aa855d (Reduce
OpenSSL::Buffering#do_write overhead, 2024-12-21).
https://github.com/ruby/openssl/commit/3ff096196a
|
|
https://github.com/ruby/openssl/commit/17f87d2cf0
|
|
X509_NAME_entry_count()
The function never returns a negative number.
https://github.com/ruby/openssl/commit/895ce6fdfc
|
|
X509_*_get_ext_count()
These functions wrap X509v3_get_ext_count(). The implementation can
never return a negative number, and this behavior is documented in the
man page.
https://github.com/ruby/openssl/commit/5164725855
|
|
Always use explicit NULL checks before interacting with STACK_OF(*).
Even though most OpenSSL functions named sk_*() do not crash if we pass
NULL as the receiver object, depending on this behavior would be a bad
idea.
Checks for a negative number return from sk_*_num() are removed. This
can only happen when the stack is NULL.
ossl_*_sk2ary() must no longer be called with NULL.
https://github.com/ruby/openssl/commit/84cffd4f77
|
|
CI Changes
1. I've split the original patch up to make it easier to digest, but
that forces my hand to turn off testing in the AWS-LC CI for the time
being. However, do let me know if you would prefer to review the test
adjustments in the same PR and I can remove the temporary CI workaround.
2. AWS-LC has a few no-op functions and we use -Wdeprecated-declarations
to alert the consuming application of these. I've leveraged the
skip-warnings CI option so that the build doesn't fail.
Build Adjustments
1. AWS-LC FIPS mode is decided at compile time. This is different from
OpenSSL's togglable FIPS switch, so I've adjusted the build to account
for this.
2. AWS-LC does not support for the two KEY_SIG or KEY_EX flags that were
only ever supported by old MSIE.
3. AWS-LC has no current support for post handshake authentication in
TLS 1.3.
4. EC_GROUP structures for named curves in AWS-LC are constant, static,
and immutable by default. This means that the EC_GROUP_set_* functions
are essentially no-ops due to the immutability of the structure. We've
introduced a new API for consumers that depend on the OpenSSL's default
mutability of the EC_GROUP structure called
EC_GROUP_new_by_curve_name_mutable. Since Ruby has a bit of
functionality that's dependent on the mutability of these structures,
I've made the corresponding adjustments to allow things to work as
expected.
https://github.com/ruby/openssl/commit/e53ec5a101
|
|
bn]) form
The method has two forms, each corresponding to EC_POINT_mul() and
EC_POINTs_mul(). The latter form does not work with any OpenSSL or
LibreSSL versions that are still supported by upstream.
The latter form has an extremely confusing behavior, too, and using it
would print a deprecation warning since commit https://github.com/ruby/openssl/commit/812de4253d25 in 2020,
which went to 3.0.0. Let's remove it.
https://github.com/ruby/openssl/commit/7343d3c559
|
|
Make these methods simple wrappers around
SSL_CTX_set_{min,max}_proto_version().
When we introduced these methods in commit https://github.com/ruby/openssl/commit/18603949d316 [1], which went
to v2.1.0, we added a private method to SSLContext that set both the
minimum and maximum protocol versions at the same time. This was to
allow emulating the behavior using SSL options on older OpenSSL versions
that lack SSL_CTX_set_{min,max}_proto_version(). Since we no longer
support OpenSSL 1.0.2, the related code has already been removed.
In OpenSSL 1.1.1 or later, setting the minimum or maximum version to 0
is not equivalent to leaving it unset. Similar to SSL options, which we
avoid overwriting as of commit https://github.com/ruby/openssl/commit/00bec0d905d5 and commit https://github.com/ruby/openssl/commit/77c3db2d6587 [2],
a system-wide configuration file may define a default protocol version
bounds. Setting the minimum version should not unset the maximum
version, and vice versa.
[1] https://github.com/ruby/openssl/pull/142
[2] https://github.com/ruby/openssl/pull/767
https://github.com/ruby/openssl/commit/5766386321
|
|
Call ossl_pkey_check_public_key() to ensure that
EVP_PKEY_missing_parameters() passes. This check should be cheap.
DSA#{to_der,to_pem,export,to_s} and PKey#{public_to_der,public_to_pem}
cause a segfault if the receiver is an empty DSA instance with no
parameters set.
Fixes <https://github.com/ruby/openssl/issues/845>.
https://github.com/ruby/openssl/commit/5aeed935e5
|
|
In OpenSSL 3.4, TS_VERIFY_CTX_set_certs() and TS_VERIFY_CTX_set_store()
are deprecated in favor of the new functions with "set0" in the names.
The new functions have a slightly different behavior. They will free the
previous value automatically. Increment the reference counter of
X509_STORE before setting it to TS_VERIFY_CTX, and do not try to
manually unset it.
We avoided doing this to work around a bug that was present in older
versions of OpenSSL, which has now been fixed in OpenSSL 1.0.2 by commit
https://github.com/openssl/openssl/commit/bff9ce4db38b.
https://github.com/ruby/openssl/commit/ce37f7d93a
|
|
parameters
The returned Hash from these methods contain 0 in place of a missing
parameter in the key, for example:
pkey = OpenSSL::PKey.read(OpenSSL::PKey::RSA.new(2048).public_to_pem)
pp pkey.params
#=>
# {"n"=>#<OpenSSL::BN https://github.com/ruby/openssl/commit/286934673421[...snip]>,
# "e"=>#<OpenSSL::BN 65537>,
# "d"=>#<OpenSSL::BN 0>,
# "p"=>#<OpenSSL::BN 0>,
# "q"=>#<OpenSSL::BN 0>,
# "dmp1"=>#<OpenSSL::BN 0>,
# "dmq1"=>#<OpenSSL::BN 0>,
# "iqmp"=>#<OpenSSL::BN 0>}
Let's use nil instead, which is more appropriate for indicating a
missing value.
https://github.com/ruby/openssl/commit/f247ec3dec
|
|
Move the definitions to lib/openssl/pkey.rb. They need not to be in the
extension and can be implemented using existing methods.
This reduces direct usage of the now-deprecated OpenSSL APIs around the
low-level structs such as DH, DSA, or RSA.
https://github.com/ruby/openssl/commit/c14178f387
|
|
Commit https://github.com/ruby/openssl/commit/3bbf5178a90e made blocking methods on SSLSocket follow the
IO#timeout= value. The commit changed io_wait_readable() to potentially
raise an exception without unlocking the String.
The String is currently locked for the entire duration of a #sysread
method call. This does not seem to be necessary, as SSL_read() does not
require that the same buffer is specified when retrying. Locking the
String during each SSL_read() call should be sufficient.
https://github.com/ruby/openssl/commit/8f791d73f5
|
|
While the struct is currently still public in OpenSSL, there has been
an accessor since OpenSSL 0.9.8h. It would be nice if this accessor
could be used so that the struct can be made opaque at some point in
the future.
https://github.com/ruby/openssl/commit/812aeab2f5
|
|
Drop support for OpenSSL 1.1.0. OpenSSL 1.1.0 was a non-LTS release and
it has reached upstream EOL in 2019-12 along with OpenSSL 1.0.2.
Distributions that shipped with OpenSSL 1.1.0 include:
- Debian 9 (EOL 2022-06)
- Ubuntu 18.04 LTS (EOL 2023-04)
https://github.com/ruby/openssl/commit/ba83abe920
|
|
The dir_config was introduced by Ruby trunk r4181. Since support for
Kerberos cipher suites has been removed in OpenSSL 1.1.0, it is no
longer necessary.
Although ruby/openssl did not directly depend on the MIT Kerberos
library, it was an optional transitive dependency. Unless it was
disabled by a compile-time option, the OpenSSL headers would try to
include <krb5.h>.
https://github.com/ruby/openssl/commit/78d028c332
|
|
Drop support for OpenSSL 1.0.2. It has reached upstream EOL in 2019-12.
Most distributions that shipped with OpenSSL 1.0.2 have also reached
EOL, or provide a newer version in the package repository:
- RHEL 7 (EOL 2024-06)
- Ubuntu 16.04 LTS (EOL 2021-04)
- Amazon Linux 2 (EOL 2026-06, but OpenSSL 1.1.1 can be installed via
the openssl11{,-devel} package)
https://github.com/ruby/openssl/commit/38ec6fd50e
|
|
PKCS7_encrypt() and PKCS7_SIGNER_INFO_set() take const EVP_CIPHER and
EVP_MD at least since OpenSSL 0.9.7.
https://github.com/ruby/openssl/commit/9db621a5c0
|
|
These macros do not exist in OpenSSL 0.9.7 or later, which was released
in 2002.
https://github.com/ruby/openssl/commit/938a1e6aab
|
