diff options
| author | Kazuki Yamaguchi <k@rhe.jp> | 2020-05-18 15:43:18 +0900 |
|---|---|---|
| committer | Kazuki Yamaguchi <k@rhe.jp> | 2020-06-29 11:37:53 +0900 |
| commit | 812de4253d256a69037acb4e29195c6b67969feb (patch) | |
| tree | c6277aad71d7a6421117a5b067416da62952e4b2 | |
| parent | 93213b2730a45fe997b8e581c64c42e13cd9abde (diff) | |
| download | ruby-openssl-ky/pkey-ec-point-deprecate-mul-ary.tar.gz | |
pkey/ec: deprecate OpenSSL::PKey::EC::Point#mul(ary, ary [, bn])ky/pkey-ec-point-deprecate-mul-ary
Deprecate it for future removal. However, I do not expect any
application is affected by this.
The other form of calling it, PKey::EC::Point#mul(bn [, bn]) remains
untouched.
PKey::EC::Point#mul calls EC_POINTs_mul(3) when multiple BNs
are given as an array. LibreSSL 2.8.0 released on 2018-08 removed the
feature and OpenSSL 3.0 which is planned to be released in 2020 will
also deprecate the function as there is no real use-case.
| -rw-r--r-- | ext/openssl/ossl_pkey_ec.c | 8 | ||||
| -rw-r--r-- | test/openssl/test_pkey_ec.rb | 34 |
2 files changed, 27 insertions, 15 deletions
diff --git a/ext/openssl/ossl_pkey_ec.c b/ext/openssl/ossl_pkey_ec.c index c2534251..dfb46f8b 100644 --- a/ext/openssl/ossl_pkey_ec.c +++ b/ext/openssl/ossl_pkey_ec.c @@ -1505,6 +1505,10 @@ static VALUE ossl_ec_point_mul(int argc, VALUE *argv, VALUE self) if (EC_POINT_mul(group, point_result, bn_g, point_self, bn, ossl_bn_ctx) != 1) ossl_raise(eEC_POINT, NULL); } else { +#if OPENSSL_VERSION_MAJOR+0 >= 3 || defined(LIBRESSL_VERSION_NUMBER) + rb_raise(rb_eNotImpError, "calling #mul with arrays is not" \ + "supported by this OpenSSL version"); +#else /* * bignums | arg1[0] | arg1[1] | arg1[2] | ... * points | self | arg2[0] | arg2[1] | ... @@ -1519,6 +1523,9 @@ static VALUE ossl_ec_point_mul(int argc, VALUE *argv, VALUE self) if (RARRAY_LEN(arg1) != RARRAY_LEN(arg2) + 1) /* arg2 must be 1 larger */ ossl_raise(rb_eArgError, "bns must be 1 longer than points; see the documentation"); + rb_warning("OpenSSL::PKey::EC::Point#mul(ary, ary) is deprecated; " \ + "use #mul(bn) form instead"); + num = RARRAY_LEN(arg1); bns_tmp = rb_ary_tmp_new(num); bignums = ALLOCV_N(const BIGNUM *, tmp_b, num); @@ -1544,6 +1551,7 @@ static VALUE ossl_ec_point_mul(int argc, VALUE *argv, VALUE self) ALLOCV_END(tmp_b); ALLOCV_END(tmp_p); +#endif } return result; diff --git a/test/openssl/test_pkey_ec.rb b/test/openssl/test_pkey_ec.rb index 95d4338a..80ae9ffd 100644 --- a/test/openssl/test_pkey_ec.rb +++ b/test/openssl/test_pkey_ec.rb @@ -349,21 +349,28 @@ class OpenSSL::TestEC < OpenSSL::PKeyTestCase # 3 * (6, 3) + 3 * (5, 1) = (7, 6) result_a2 = point_a.mul(3, 3) assert_equal B(%w{ 04 07 06 }), result_a2.to_octet_string(:uncompressed) - # 3 * point_a = 3 * (6, 3) = (16, 13) - result_b1 = point_a.mul([3], []) - assert_equal B(%w{ 04 10 0D }), result_b1.to_octet_string(:uncompressed) - # 3 * point_a + 2 * point_a = 3 * (6, 3) + 2 * (6, 3) = (7, 11) - begin + EnvUtil.suppress_warning do # Point#mul(ary, ary [, bn]) is deprecated + begin + result_b1 = point_a.mul([3], []) + rescue NotImplementedError + # LibreSSL and OpenSSL 3.0 do no longer support this form of calling + next + end + + # 3 * point_a = 3 * (6, 3) = (16, 13) + result_b1 = point_a.mul([3], []) + assert_equal B(%w{ 04 10 0D }), result_b1.to_octet_string(:uncompressed) + # 3 * point_a + 2 * point_a = 3 * (6, 3) + 2 * (6, 3) = (7, 11) result_b1 = point_a.mul([3, 2], [point_a]) - rescue OpenSSL::PKey::EC::Point::Error - # LibreSSL doesn't support multiple entries in first argument - raise if $!.message !~ /called a function you should not call/ - else assert_equal B(%w{ 04 07 0B }), result_b1.to_octet_string(:uncompressed) + # 3 * point_a + 5 * point_a.group.generator = 3 * (6, 3) + 5 * (5, 1) = (13, 10) + result_b1 = point_a.mul([3], [], 5) + assert_equal B(%w{ 04 0D 0A }), result_b1.to_octet_string(:uncompressed) + + assert_raise(ArgumentError) { point_a.mul([1], [point_a]) } + assert_raise(TypeError) { point_a.mul([1], nil) } + assert_raise(TypeError) { point_a.mul([nil], []) } end - # 3 * point_a + 5 * point_a.group.generator = 3 * (6, 3) + 5 * (5, 1) = (13, 10) - result_b1 = point_a.mul([3], [], 5) - assert_equal B(%w{ 04 0D 0A }), result_b1.to_octet_string(:uncompressed) rescue OpenSSL::PKey::EC::Group::Error # CentOS patches OpenSSL to reject curves defined over Fp where p < 256 bits raise if $!.message !~ /unsupported field/ @@ -376,9 +383,6 @@ class OpenSSL::TestEC < OpenSSL::PKeyTestCase # invalid argument point = p256_key.public_key assert_raise(TypeError) { point.mul(nil) } - assert_raise(ArgumentError) { point.mul([1], [point]) } - assert_raise(TypeError) { point.mul([1], nil) } - assert_raise(TypeError) { point.mul([nil], []) } end # test Group: asn1_flag, point_conversion |