diff options
| author | Kazuki Yamaguchi <[email protected]> | 2025-01-21 02:08:54 +0900 |
|---|---|---|
| committer | git <[email protected]> | 2025-01-21 18:14:14 +0000 |
| commit | 43c48e3030c513c17bfcf4c37bbe533097fa1a22 (patch) | |
| tree | f94f24f5fbbc42ea4e7ba5c2b79b9e5c7e408657 /ext/openssl/ossl_pkey.c | |
| parent | e7bd1d1a9a59e7af71b7f994dbea3697b70225f0 (diff) | |
[ruby/openssl] Require OpenSSL 1.1.1 or later
Drop support for OpenSSL 1.1.0. OpenSSL 1.1.0 was a non-LTS release and
it has reached upstream EOL in 2019-12 along with OpenSSL 1.0.2.
Distributions that shipped with OpenSSL 1.1.0 include:
- Debian 9 (EOL 2022-06)
- Ubuntu 18.04 LTS (EOL 2023-04)
https://github.com/ruby/openssl/commit/ba83abe920
Diffstat (limited to 'ext/openssl/ossl_pkey.c')
| -rw-r--r-- | ext/openssl/ossl_pkey.c | 49 |
1 files changed, 0 insertions, 49 deletions
diff --git a/ext/openssl/ossl_pkey.c b/ext/openssl/ossl_pkey.c index f7862002bb..207d1fa361 100644 --- a/ext/openssl/ossl_pkey.c +++ b/ext/openssl/ossl_pkey.c @@ -634,7 +634,6 @@ ossl_pkey_initialize_copy(VALUE self, VALUE other) } #endif -#ifdef HAVE_EVP_PKEY_NEW_RAW_PRIVATE_KEY /* * call-seq: * OpenSSL::PKey.new_raw_private_key(algo, string) -> PKey @@ -665,9 +664,7 @@ ossl_pkey_new_raw_private_key(VALUE self, VALUE type, VALUE key) return ossl_pkey_new(pkey); } -#endif -#ifdef HAVE_EVP_PKEY_NEW_RAW_PRIVATE_KEY /* * call-seq: * OpenSSL::PKey.new_raw_public_key(algo, string) -> PKey @@ -698,7 +695,6 @@ ossl_pkey_new_raw_public_key(VALUE self, VALUE type, VALUE key) return ossl_pkey_new(pkey); } -#endif /* * call-seq: @@ -889,7 +885,6 @@ ossl_pkey_private_to_pem(int argc, VALUE *argv, VALUE self) return do_pkcs8_export(argc, argv, self, 0); } -#ifdef HAVE_EVP_PKEY_NEW_RAW_PRIVATE_KEY /* * call-seq: * pkey.raw_private_key => string @@ -916,7 +911,6 @@ ossl_pkey_raw_private_key(VALUE self) return str; } -#endif VALUE ossl_pkey_export_spki(VALUE self, int to_der) @@ -973,7 +967,6 @@ ossl_pkey_public_to_pem(VALUE self) return ossl_pkey_export_spki(self, 0); } -#ifdef HAVE_EVP_PKEY_NEW_RAW_PRIVATE_KEY /* * call-seq: * pkey.raw_public_key => string @@ -1000,7 +993,6 @@ ossl_pkey_raw_public_key(VALUE self) return str; } -#endif /* * call-seq: @@ -1104,7 +1096,6 @@ ossl_pkey_sign(int argc, VALUE *argv, VALUE self) rb_jump_tag(state); } } -#if OSSL_OPENSSL_PREREQ(1, 1, 1) || OSSL_IS_LIBRESSL if (EVP_DigestSign(ctx, NULL, &siglen, (unsigned char *)RSTRING_PTR(data), RSTRING_LEN(data)) < 1) { EVP_MD_CTX_free(ctx); @@ -1125,30 +1116,6 @@ ossl_pkey_sign(int argc, VALUE *argv, VALUE self) EVP_MD_CTX_free(ctx); ossl_raise(ePKeyError, "EVP_DigestSign"); } -#else - if (EVP_DigestSignUpdate(ctx, RSTRING_PTR(data), RSTRING_LEN(data)) < 1) { - EVP_MD_CTX_free(ctx); - ossl_raise(ePKeyError, "EVP_DigestSignUpdate"); - } - if (EVP_DigestSignFinal(ctx, NULL, &siglen) < 1) { - EVP_MD_CTX_free(ctx); - ossl_raise(ePKeyError, "EVP_DigestSignFinal"); - } - if (siglen > LONG_MAX) { - EVP_MD_CTX_free(ctx); - rb_raise(ePKeyError, "signature would be too large"); - } - sig = ossl_str_new(NULL, (long)siglen, &state); - if (state) { - EVP_MD_CTX_free(ctx); - rb_jump_tag(state); - } - if (EVP_DigestSignFinal(ctx, (unsigned char *)RSTRING_PTR(sig), - &siglen) < 1) { - EVP_MD_CTX_free(ctx); - ossl_raise(ePKeyError, "EVP_DigestSignFinal"); - } -#endif EVP_MD_CTX_free(ctx); rb_str_set_len(sig, siglen); return sig; @@ -1209,24 +1176,12 @@ ossl_pkey_verify(int argc, VALUE *argv, VALUE self) rb_jump_tag(state); } } -#if OSSL_OPENSSL_PREREQ(1, 1, 1) || OSSL_IS_LIBRESSL ret = EVP_DigestVerify(ctx, (unsigned char *)RSTRING_PTR(sig), RSTRING_LEN(sig), (unsigned char *)RSTRING_PTR(data), RSTRING_LEN(data)); EVP_MD_CTX_free(ctx); if (ret < 0) ossl_raise(ePKeyError, "EVP_DigestVerify"); -#else - if (EVP_DigestVerifyUpdate(ctx, RSTRING_PTR(data), RSTRING_LEN(data)) < 1) { - EVP_MD_CTX_free(ctx); - ossl_raise(ePKeyError, "EVP_DigestVerifyUpdate"); - } - ret = EVP_DigestVerifyFinal(ctx, (unsigned char *)RSTRING_PTR(sig), - RSTRING_LEN(sig)); - EVP_MD_CTX_free(ctx); - if (ret < 0) - ossl_raise(ePKeyError, "EVP_DigestVerifyFinal"); -#endif if (ret) return Qtrue; else { @@ -1739,10 +1694,8 @@ Init_ossl_pkey(void) rb_define_module_function(mPKey, "read", ossl_pkey_new_from_data, -1); rb_define_module_function(mPKey, "generate_parameters", ossl_pkey_s_generate_parameters, -1); rb_define_module_function(mPKey, "generate_key", ossl_pkey_s_generate_key, -1); -#ifdef HAVE_EVP_PKEY_NEW_RAW_PRIVATE_KEY rb_define_module_function(mPKey, "new_raw_private_key", ossl_pkey_new_raw_private_key, 2); rb_define_module_function(mPKey, "new_raw_public_key", ossl_pkey_new_raw_public_key, 2); -#endif rb_define_alloc_func(cPKey, ossl_pkey_alloc); rb_define_method(cPKey, "initialize", ossl_pkey_initialize, 0); @@ -1758,10 +1711,8 @@ Init_ossl_pkey(void) rb_define_method(cPKey, "private_to_pem", ossl_pkey_private_to_pem, -1); rb_define_method(cPKey, "public_to_der", ossl_pkey_public_to_der, 0); rb_define_method(cPKey, "public_to_pem", ossl_pkey_public_to_pem, 0); -#ifdef HAVE_EVP_PKEY_NEW_RAW_PRIVATE_KEY rb_define_method(cPKey, "raw_private_key", ossl_pkey_raw_private_key, 0); rb_define_method(cPKey, "raw_public_key", ossl_pkey_raw_public_key, 0); -#endif rb_define_method(cPKey, "compare?", ossl_pkey_compare, 1); rb_define_method(cPKey, "sign", ossl_pkey_sign, -1); |