[ruby/openssl] pkey: implement PKey::{RSA,DSA,DH}#params in Ruby
Move the definitions to lib/openssl/pkey.rb. They need not to be in the extension and can be implemented using existing methods. This reduces direct usage of the now-deprecated OpenSSL APIs around the low-level structs such as DH, DSA, or RSA. https://github.com/ruby/openssl/commit/c14178f387
This commit is contained in:
parent
47fe59cd82
commit
ec4592280f
@ -34,6 +34,18 @@ module OpenSSL::PKey
|
||||
DH.new(to_der)
|
||||
end
|
||||
|
||||
# :call-seq:
|
||||
# dh.params -> hash
|
||||
#
|
||||
# Stores all parameters of key to a Hash.
|
||||
#
|
||||
# The hash has keys 'p', 'q', 'g', 'pub_key', and 'priv_key'.
|
||||
def params
|
||||
%w{p q g pub_key priv_key}.map { |name|
|
||||
[name, send(name) || 0.to_bn]
|
||||
}.to_h
|
||||
end
|
||||
|
||||
# :call-seq:
|
||||
# dh.compute_key(pub_bn) -> string
|
||||
#
|
||||
@ -154,6 +166,18 @@ module OpenSSL::PKey
|
||||
OpenSSL::PKey.read(public_to_der)
|
||||
end
|
||||
|
||||
# :call-seq:
|
||||
# dsa.params -> hash
|
||||
#
|
||||
# Stores all parameters of key to a Hash.
|
||||
#
|
||||
# The hash has keys 'p', 'q', 'g', 'pub_key', and 'priv_key'.
|
||||
def params
|
||||
%w{p q g pub_key priv_key}.map { |name|
|
||||
[name, send(name) || 0.to_bn]
|
||||
}.to_h
|
||||
end
|
||||
|
||||
class << self
|
||||
# :call-seq:
|
||||
# DSA.generate(size) -> dsa
|
||||
@ -328,6 +352,18 @@ module OpenSSL::PKey
|
||||
OpenSSL::PKey.read(public_to_der)
|
||||
end
|
||||
|
||||
# :call-seq:
|
||||
# rsa.params -> hash
|
||||
#
|
||||
# Stores all parameters of key to a Hash.
|
||||
#
|
||||
# The hash has keys 'n', 'e', 'd', 'p', 'q', 'dmp1', 'dmq1', and 'iqmp'.
|
||||
def params
|
||||
%w{n e d p q dmp1 dmq1 iqmp}.map { |name|
|
||||
[name, send(name) || 0.to_bn]
|
||||
}.to_h
|
||||
end
|
||||
|
||||
class << self
|
||||
# :call-seq:
|
||||
# RSA.generate(size, exponent = 65537) -> RSA
|
||||
|
@ -284,35 +284,6 @@ ossl_dh_to_der(VALUE self)
|
||||
return str;
|
||||
}
|
||||
|
||||
/*
|
||||
* call-seq:
|
||||
* dh.params -> hash
|
||||
*
|
||||
* Stores all parameters of key to the hash
|
||||
* INSECURE: PRIVATE INFORMATIONS CAN LEAK OUT!!!
|
||||
* Don't use :-)) (I's up to you)
|
||||
*/
|
||||
static VALUE
|
||||
ossl_dh_get_params(VALUE self)
|
||||
{
|
||||
OSSL_3_const DH *dh;
|
||||
VALUE hash;
|
||||
const BIGNUM *p, *q, *g, *pub_key, *priv_key;
|
||||
|
||||
GetDH(self, dh);
|
||||
DH_get0_pqg(dh, &p, &q, &g);
|
||||
DH_get0_key(dh, &pub_key, &priv_key);
|
||||
|
||||
hash = rb_hash_new();
|
||||
rb_hash_aset(hash, rb_str_new2("p"), ossl_bn_new(p));
|
||||
rb_hash_aset(hash, rb_str_new2("q"), ossl_bn_new(q));
|
||||
rb_hash_aset(hash, rb_str_new2("g"), ossl_bn_new(g));
|
||||
rb_hash_aset(hash, rb_str_new2("pub_key"), ossl_bn_new(pub_key));
|
||||
rb_hash_aset(hash, rb_str_new2("priv_key"), ossl_bn_new(priv_key));
|
||||
|
||||
return hash;
|
||||
}
|
||||
|
||||
/*
|
||||
* call-seq:
|
||||
* dh.params_ok? -> true | false
|
||||
@ -443,8 +414,6 @@ Init_ossl_dh(void)
|
||||
DEF_OSSL_PKEY_BN(cDH, dh, priv_key);
|
||||
rb_define_method(cDH, "set_pqg", ossl_dh_set_pqg, 3);
|
||||
rb_define_method(cDH, "set_key", ossl_dh_set_key, 2);
|
||||
|
||||
rb_define_method(cDH, "params", ossl_dh_get_params, 0);
|
||||
}
|
||||
|
||||
#else /* defined NO_DH */
|
||||
|
@ -303,35 +303,6 @@ ossl_dsa_to_der(VALUE self)
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
* call-seq:
|
||||
* dsa.params -> hash
|
||||
*
|
||||
* Stores all parameters of key to the hash
|
||||
* INSECURE: PRIVATE INFORMATIONS CAN LEAK OUT!!!
|
||||
* Don't use :-)) (I's up to you)
|
||||
*/
|
||||
static VALUE
|
||||
ossl_dsa_get_params(VALUE self)
|
||||
{
|
||||
OSSL_3_const DSA *dsa;
|
||||
VALUE hash;
|
||||
const BIGNUM *p, *q, *g, *pub_key, *priv_key;
|
||||
|
||||
GetDSA(self, dsa);
|
||||
DSA_get0_pqg(dsa, &p, &q, &g);
|
||||
DSA_get0_key(dsa, &pub_key, &priv_key);
|
||||
|
||||
hash = rb_hash_new();
|
||||
rb_hash_aset(hash, rb_str_new2("p"), ossl_bn_new(p));
|
||||
rb_hash_aset(hash, rb_str_new2("q"), ossl_bn_new(q));
|
||||
rb_hash_aset(hash, rb_str_new2("g"), ossl_bn_new(g));
|
||||
rb_hash_aset(hash, rb_str_new2("pub_key"), ossl_bn_new(pub_key));
|
||||
rb_hash_aset(hash, rb_str_new2("priv_key"), ossl_bn_new(priv_key));
|
||||
|
||||
return hash;
|
||||
}
|
||||
|
||||
/*
|
||||
* Document-method: OpenSSL::PKey::DSA#set_pqg
|
||||
* call-seq:
|
||||
@ -396,8 +367,6 @@ Init_ossl_dsa(void)
|
||||
DEF_OSSL_PKEY_BN(cDSA, dsa, priv_key);
|
||||
rb_define_method(cDSA, "set_pqg", ossl_dsa_set_pqg, 3);
|
||||
rb_define_method(cDSA, "set_key", ossl_dsa_set_key, 2);
|
||||
|
||||
rb_define_method(cDSA, "params", ossl_dsa_get_params, 0);
|
||||
}
|
||||
|
||||
#else /* defined NO_DSA */
|
||||
|
@ -494,42 +494,6 @@ ossl_rsa_verify_pss(int argc, VALUE *argv, VALUE self)
|
||||
ossl_raise(eRSAError, NULL);
|
||||
}
|
||||
|
||||
/*
|
||||
* call-seq:
|
||||
* rsa.params => hash
|
||||
*
|
||||
* THIS METHOD IS INSECURE, PRIVATE INFORMATION CAN LEAK OUT!!!
|
||||
*
|
||||
* Stores all parameters of key to the hash. The hash has keys 'n', 'e', 'd',
|
||||
* 'p', 'q', 'dmp1', 'dmq1', 'iqmp'.
|
||||
*
|
||||
* Don't use :-)) (It's up to you)
|
||||
*/
|
||||
static VALUE
|
||||
ossl_rsa_get_params(VALUE self)
|
||||
{
|
||||
OSSL_3_const RSA *rsa;
|
||||
VALUE hash;
|
||||
const BIGNUM *n, *e, *d, *p, *q, *dmp1, *dmq1, *iqmp;
|
||||
|
||||
GetRSA(self, rsa);
|
||||
RSA_get0_key(rsa, &n, &e, &d);
|
||||
RSA_get0_factors(rsa, &p, &q);
|
||||
RSA_get0_crt_params(rsa, &dmp1, &dmq1, &iqmp);
|
||||
|
||||
hash = rb_hash_new();
|
||||
rb_hash_aset(hash, rb_str_new2("n"), ossl_bn_new(n));
|
||||
rb_hash_aset(hash, rb_str_new2("e"), ossl_bn_new(e));
|
||||
rb_hash_aset(hash, rb_str_new2("d"), ossl_bn_new(d));
|
||||
rb_hash_aset(hash, rb_str_new2("p"), ossl_bn_new(p));
|
||||
rb_hash_aset(hash, rb_str_new2("q"), ossl_bn_new(q));
|
||||
rb_hash_aset(hash, rb_str_new2("dmp1"), ossl_bn_new(dmp1));
|
||||
rb_hash_aset(hash, rb_str_new2("dmq1"), ossl_bn_new(dmq1));
|
||||
rb_hash_aset(hash, rb_str_new2("iqmp"), ossl_bn_new(iqmp));
|
||||
|
||||
return hash;
|
||||
}
|
||||
|
||||
/*
|
||||
* Document-method: OpenSSL::PKey::RSA#set_key
|
||||
* call-seq:
|
||||
@ -617,8 +581,6 @@ Init_ossl_rsa(void)
|
||||
rb_define_method(cRSA, "set_factors", ossl_rsa_set_factors, 2);
|
||||
rb_define_method(cRSA, "set_crt_params", ossl_rsa_set_crt_params, 3);
|
||||
|
||||
rb_define_method(cRSA, "params", ossl_rsa_get_params, 0);
|
||||
|
||||
/*
|
||||
* TODO: Test it
|
||||
rb_define_method(cRSA, "blinding_on!", ossl_rsa_blinding_on, 0);
|
||||
|
Loading…
x
Reference in New Issue
Block a user