diff options
Diffstat (limited to 'OpenSSL/PKey/DSA.html')
| -rw-r--r-- | OpenSSL/PKey/DSA.html | 404 |
1 files changed, 151 insertions, 253 deletions
diff --git a/OpenSSL/PKey/DSA.html b/OpenSSL/PKey/DSA.html index 7a64485f..c969c747 100644 --- a/OpenSSL/PKey/DSA.html +++ b/OpenSSL/PKey/DSA.html @@ -95,7 +95,6 @@ <li ><a href="#method-i-to_der">#to_der</a> <li ><a href="#method-i-to_pem">#to_pem</a> <li ><a href="#method-i-to_s">#to_s</a> - <li ><a href="#method-i-to_text">#to_text</a> </ul> </div> @@ -135,25 +134,20 @@ <div class="method-description"> <p>Creates a new <a href="DSA.html"><code>DSA</code></a> instance by generating a private/public key pair from scratch.</p> -<h3 id="method-c-generate-label-Parameters">Parameters<span><a href="#method-c-generate-label-Parameters">¶</a> <a href="#top">↑</a></span></h3> -<ul><li> -<p><em>size</em> is an integer representing the desired key size.</p> -</li></ul> +<p>See also <a href="../PKey.html#method-c-generate_parameters"><code>OpenSSL::PKey.generate_parameters</code></a> and <a href="../PKey.html#method-c-generate_key"><code>OpenSSL::PKey.generate_key</code></a>.</p> +<dl class="rdoc-list note-list"><dt><code>size</code> +<dd> +<p>The desired key size in bits.</p> +</dd></dl> <div class="method-source-code" id="generate-source"> - <pre>static VALUE -ossl_dsa_s_generate(VALUE klass, VALUE size) -{ - DSA *dsa = dsa_generate(NUM2INT(size)); /* err handled by dsa_instance */ - VALUE obj = dsa_instance(klass, dsa); - - if (obj == Qfalse) { - DSA_free(dsa); - ossl_raise(eDSAError, NULL); - } - - return obj; -}</pre> + <pre><span class="ruby-comment"># File lib/openssl/pkey.rb, line 169</span> +<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">generate</span>(<span class="ruby-identifier">size</span>, <span class="ruby-operator">&</span><span class="ruby-identifier">blk</span>) + <span class="ruby-identifier">dsaparams</span> = <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">PKey</span>.<span class="ruby-identifier">generate_parameters</span>(<span class="ruby-string">"DSA"</span>, { + <span class="ruby-string">"dsa_paramgen_bits"</span> <span class="ruby-operator">=></span> <span class="ruby-identifier">size</span>, + }, <span class="ruby-operator">&</span><span class="ruby-identifier">blk</span>) + <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">PKey</span>.<span class="ruby-identifier">generate_key</span>(<span class="ruby-identifier">dsaparams</span>) +<span class="ruby-keyword">end</span></pre> </div> </div> @@ -169,33 +163,45 @@ ossl_dsa_s_generate(VALUE klass, VALUE size) </div> <div class="method-heading"> <span class="method-callseq"> - new(size) → dsa + new(string [, pass]) → dsa </span> </div> <div class="method-heading"> <span class="method-callseq"> - new(string [, pass]) → dsa + new(size) → dsa </span> </div> <div class="method-description"> <p>Creates a new <a href="DSA.html"><code>DSA</code></a> instance by reading an existing key from <em>string</em>.</p> -<h3 id="method-c-new-label-Parameters">Parameters<span><a href="#method-c-new-label-Parameters">¶</a> <a href="#top">↑</a></span></h3> -<ul><li> -<p><em>size</em> is an integer representing the desired key size.</p> -</li><li> -<p><em>string</em> contains a DER or PEM encoded key.</p> -</li><li> -<p><em>pass</em> is a string that contains an optional password.</p> -</li></ul> +<p>If called without arguments, creates a new instance with no key components set. They can be set individually by <a href="DSA.html#method-i-set_pqg"><code>set_pqg</code></a> and <a href="DSA.html#method-i-set_key"><code>set_key</code></a>.</p> + +<p>If called with a String, tries to parse as DER or PEM encoding of a DSA key. See also <a href="../PKey.html#method-c-read"><code>OpenSSL::PKey.read</code></a> which can parse keys of any kinds.</p> -<h3 id="method-c-new-label-Examples">Examples<span><a href="#method-c-new-label-Examples">¶</a> <a href="#top">↑</a></span></h3> +<p>If called with a number, generates random parameters and a key pair. This form works as an alias of <a href="DSA.html#method-c-generate"><code>DSA.generate</code></a>.</p> +<dl class="rdoc-list note-list"><dt><code>string</code> +<dd> +<p>A String that contains a DER or PEM encoded key.</p> +</dd><dt><code>pass</code> +<dd> +<p>A String that contains an optional password.</p> +</dd><dt><code>size</code> +<dd> +<p>See <a href="DSA.html#method-c-generate"><code>DSA.generate</code></a>.</p> +</dd></dl> -<pre>DSA.new -> dsa -DSA.new(1024) -> dsa -DSA.new(File.read('dsa.pem')) -> dsa -DSA.new(File.read('dsa.pem'), 'mypassword') -> dsa</pre> +<p>Examples:</p> + +<pre class="ruby"><span class="ruby-identifier">p</span> <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">PKey</span><span class="ruby-operator">::</span><span class="ruby-constant">DSA</span>.<span class="ruby-identifier">new</span>(<span class="ruby-value">1024</span>) +<span class="ruby-comment">#=> #<OpenSSL::PKey::DSA:0x000055a8d6025bf0 oid=DSA></span> + +<span class="ruby-identifier">p</span> <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">PKey</span><span class="ruby-operator">::</span><span class="ruby-constant">DSA</span>.<span class="ruby-identifier">new</span>(<span class="ruby-constant">File</span>.<span class="ruby-identifier">read</span>(<span class="ruby-string">'dsa.pem'</span>)) +<span class="ruby-comment">#=> #<OpenSSL::PKey::DSA:0x000055555d6b8110 oid=DSA></span> + +<span class="ruby-identifier">p</span> <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">PKey</span><span class="ruby-operator">::</span><span class="ruby-constant">DSA</span>.<span class="ruby-identifier">new</span>(<span class="ruby-constant">File</span>.<span class="ruby-identifier">read</span>(<span class="ruby-string">'dsa.pem'</span>), <span class="ruby-string">'mypassword'</span>) +<span class="ruby-comment">#=> #<OpenSSL::PKey::DSA:0x0000556f973c40b8 oid=DSA></span> +</pre> <div class="method-source-code" id="new-source"> <pre>static VALUE @@ -203,53 +209,57 @@ ossl_dsa_initialize(int argc, VALUE *argv, VALUE self) { EVP_PKEY *pkey; DSA *dsa; - BIO *in; + BIO *in = NULL; VALUE arg, pass; + int type; + + TypedData_Get_Struct(self, EVP_PKEY, &ossl_evp_pkey_type, pkey); + if (pkey) + rb_raise(rb_eTypeError, "pkey already initialized"); - GetPKey(self, pkey); - if(rb_scan_args(argc, argv, "02", &arg, &pass) == 0) { + /* The DSA.new(size, generator) form is handled by lib/openssl/pkey.rb */ + rb_scan_args(argc, argv, "02", &arg, &pass); + if (argc == 0) { dsa = DSA_new(); + if (!dsa) + ossl_raise(eDSAError, "DSA_new"); + goto legacy; } - else if (RB_INTEGER_TYPE_P(arg)) { - if (!(dsa = dsa_generate(NUM2INT(arg)))) { - ossl_raise(eDSAError, NULL); - } - } - else { - pass = ossl_pem_passwd_value(pass); - arg = ossl_to_der_if_possible(arg); - in = ossl_obj2bio(&arg); - dsa = PEM_read_bio_DSAPrivateKey(in, NULL, ossl_pem_passwd_cb, (void *)pass); - if (!dsa) { - OSSL_BIO_reset(in); - dsa = PEM_read_bio_DSA_PUBKEY(in, NULL, NULL, NULL); - } - if (!dsa) { - OSSL_BIO_reset(in); - dsa = d2i_DSAPrivateKey_bio(in, NULL); - } - if (!dsa) { - OSSL_BIO_reset(in); - dsa = d2i_DSA_PUBKEY_bio(in, NULL); - } - if (!dsa) { - OSSL_BIO_reset(in); -#define PEM_read_bio_DSAPublicKey(bp,x,cb,u) (DSA *)PEM_ASN1_read_bio( \ - (d2i_of_void *)d2i_DSAPublicKey, PEM_STRING_DSA_PUBLIC, (bp), (void **)(x), (cb), (u)) - dsa = PEM_read_bio_DSAPublicKey(in, NULL, NULL, NULL); -#undef PEM_read_bio_DSAPublicKey - } - BIO_free(in); - if (!dsa) { - ossl_clear_error(); - ossl_raise(eDSAError, "Neither PUB key nor PRIV key"); - } + + pass = ossl_pem_passwd_value(pass); + arg = ossl_to_der_if_possible(arg); + in = ossl_obj2bio(&arg); + + /* DER-encoded DSAPublicKey format isn't supported by the generic routine */ + dsa = (DSA *)PEM_ASN1_read_bio((d2i_of_void *)d2i_DSAPublicKey, + PEM_STRING_DSA_PUBLIC, + in, NULL, NULL, NULL); + if (dsa) + goto legacy; + OSSL_BIO_reset(in); + + pkey = ossl_pkey_read_generic(in, pass); + BIO_free(in); + if (!pkey) + ossl_raise(eDSAError, "Neither PUB key nor PRIV key"); + + type = EVP_PKEY_base_id(pkey); + if (type != EVP_PKEY_DSA) { + EVP_PKEY_free(pkey); + rb_raise(eDSAError, "incorrect pkey type: %s", OBJ_nid2sn(type)); } - if (!EVP_PKEY_assign_DSA(pkey, dsa)) { + RTYPEDDATA_DATA(self) = pkey; + return self; + + legacy: + BIO_free(in); + pkey = EVP_PKEY_new(); + if (!pkey || EVP_PKEY_assign_DSA(pkey, dsa) != 1) { + EVP_PKEY_free(pkey); DSA_free(dsa); - ossl_raise(eDSAError, NULL); + ossl_raise(eDSAError, "EVP_PKEY_assign_DSA"); } - + RTYPEDDATA_DATA(self) = pkey; return self; }</pre> </div> @@ -293,34 +303,12 @@ DSA.to_pem(cipher, 'mypassword') -> aString</pre> ossl_dsa_export(int argc, VALUE *argv, VALUE self) { DSA *dsa; - BIO *out; - const EVP_CIPHER *ciph = NULL; - VALUE cipher, pass, str; GetDSA(self, dsa); - rb_scan_args(argc, argv, "02", &cipher, &pass); - if (!NIL_P(cipher)) { - ciph = ossl_evp_get_cipherbyname(cipher); - pass = ossl_pem_passwd_value(pass); - } - if (!(out = BIO_new(BIO_s_mem()))) { - ossl_raise(eDSAError, NULL); - } - if (DSA_HAS_PRIVATE(dsa)) { - if (!PEM_write_bio_DSAPrivateKey(out, dsa, ciph, NULL, 0, - ossl_pem_passwd_cb, (void *)pass)){ - BIO_free(out); - ossl_raise(eDSAError, NULL); - } - } else { - if (!PEM_write_bio_DSA_PUBKEY(out, dsa)) { - BIO_free(out); - ossl_raise(eDSAError, NULL); - } - } - str = ossl_membio2str(out); - - return str; + if (DSA_HAS_PRIVATE(dsa)) + return ossl_pkey_export_traditional(argc, argv, self, 0); + else + return ossl_pkey_export_spki(self, 0); }</pre> </div> </div> @@ -348,16 +336,24 @@ ossl_dsa_initialize_copy(VALUE self, VALUE other) EVP_PKEY *pkey; DSA *dsa, *dsa_new; - GetPKey(self, pkey); - if (EVP_PKEY_base_id(pkey) != EVP_PKEY_NONE) - ossl_raise(eDSAError, "DSA already initialized"); + TypedData_Get_Struct(self, EVP_PKEY, &ossl_evp_pkey_type, pkey); + if (pkey) + rb_raise(rb_eTypeError, "pkey already initialized"); GetDSA(other, dsa); - dsa_new = ASN1_dup((i2d_of_void *)i2d_DSAPrivateKey, (d2i_of_void *)d2i_DSAPrivateKey, (char *)dsa); + dsa_new = (DSA *)ASN1_dup((i2d_of_void *)i2d_DSAPrivateKey, + (d2i_of_void *)d2i_DSAPrivateKey, + (char *)dsa); if (!dsa_new) ossl_raise(eDSAError, "ASN1_dup"); - EVP_PKEY_assign_DSA(pkey, dsa_new); + pkey = EVP_PKEY_new(); + if (!pkey || EVP_PKEY_assign_DSA(pkey, dsa_new) != 1) { + EVP_PKEY_free(pkey); + DSA_free(dsa_new); + ossl_raise(eDSAError, "EVP_PKEY_assign_DSA"); + } + RTYPEDDATA_DATA(self) = pkey; return self; }</pre> @@ -464,42 +460,23 @@ ossl_dsa_is_public(VALUE self) <div id="method-i-public_key" class="method-detail "> <div class="method-heading"> <span class="method-callseq"> - public_key → aDSA + public_key → dsanew </span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> - <p>Returns a new <a href="DSA.html"><code>DSA</code></a> instance that carries just the public key information. If the current instance has also private key information, this will no longer be present in the new instance. This feature is helpful for publishing the public key information without leaking any of the private information.</p> + <p>Returns a new <a href="DSA.html"><code>DSA</code></a> instance that carries just the DSA parameters and the public key.</p> -<h3 id="method-i-public_key-label-Example">Example<span><a href="#method-i-public_key-label-Example">¶</a> <a href="#top">↑</a></span></h3> +<p>This method is provided for backwards compatibility. In most cases, there is no need to call this method.</p> -<pre class="ruby"><span class="ruby-identifier">dsa</span> = <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">PKey</span><span class="ruby-operator">::</span><span class="ruby-constant">DSA</span>.<span class="ruby-identifier">new</span>(<span class="ruby-value">2048</span>) <span class="ruby-comment"># has public and private information</span> -<span class="ruby-identifier">pub_key</span> = <span class="ruby-identifier">dsa</span>.<span class="ruby-identifier">public_key</span> <span class="ruby-comment"># has only the public part available</span> -<span class="ruby-identifier">pub_key_der</span> = <span class="ruby-identifier">pub_key</span>.<span class="ruby-identifier">to_der</span> <span class="ruby-comment"># it's safe to publish this</span> -</pre> +<p>For the purpose of serializing the public key, to PEM or DER encoding of X.509 SubjectPublicKeyInfo format, check <a href="PKey.html#method-i-public_to_pem"><code>PKey#public_to_pem</code></a> and <a href="PKey.html#method-i-public_to_der"><code>PKey#public_to_der</code></a>.</p> <div class="method-source-code" id="public_key-source"> - <pre>static VALUE -ossl_dsa_to_public_key(VALUE self) -{ - EVP_PKEY *pkey; - DSA *dsa; - VALUE obj; - - GetPKeyDSA(self, pkey); - /* err check performed by dsa_instance */ -#define DSAPublicKey_dup(dsa) (DSA *)ASN1_dup( \ - (i2d_of_void *)i2d_DSAPublicKey, (d2i_of_void *)d2i_DSAPublicKey, (char *)(dsa)) - dsa = DSAPublicKey_dup(EVP_PKEY_get0_DSA(pkey)); -#undef DSAPublicKey_dup - obj = dsa_instance(rb_obj_class(self), dsa); - if (obj == Qfalse) { - DSA_free(dsa); - ossl_raise(eDSAError, NULL); - } - return obj; -}</pre> + <pre><span class="ruby-comment"># File lib/openssl/pkey.rb, line 153</span> +<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">public_key</span> + <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">PKey</span>.<span class="ruby-identifier">read</span>(<span class="ruby-identifier">public_to_der</span>) +<span class="ruby-keyword">end</span></pre> </div> </div> @@ -539,53 +516,46 @@ ossl_dsa_to_public_key(VALUE self) <div id="method-i-syssign" class="method-detail "> <div class="method-heading"> <span class="method-callseq"> - syssign(string) → aString + syssign(string) → string </span> <span class="method-click-advice">click to toggle source</span> </div> <div class="method-description"> - <p>Computes and returns the <a href="DSA.html"><code>DSA</code></a> signature of <em>string</em>, where <em>string</em> is expected to be an already-computed message digest of the original input data. The signature is issued using the private key of this <a href="DSA.html"><code>DSA</code></a> instance.</p> + <p>Computes and returns the DSA signature of <code>string</code>, where <code>string</code> is expected to be an already-computed message digest of the original input data. The signature is issued using the private key of this <a href="DSA.html"><code>DSA</code></a> instance.</p> -<h3 id="method-i-syssign-label-Parameters">Parameters<span><a href="#method-i-syssign-label-Parameters">¶</a> <a href="#top">↑</a></span></h3> -<ul><li> -<p><em>string</em> is a message digest of the original input data to be signed.</p> -</li></ul> +<p><strong>Deprecated in version 3.0</strong>. Consider using <a href="PKey.html#method-i-sign_raw"><code>PKey::PKey#sign_raw</code></a> and <a href="PKey.html#method-i-verify_raw"><code>PKey::PKey#verify_raw</code></a> instead.</p> +<dl class="rdoc-list note-list"><dt><code>string</code> +<dd> +<p>A message digest of the original input data to be signed.</p> +</dd></dl> -<h3 id="method-i-syssign-label-Example">Example<span><a href="#method-i-syssign-label-Example">¶</a> <a href="#top">↑</a></span></h3> +<p>Example:</p> <pre class="ruby"><span class="ruby-identifier">dsa</span> = <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">PKey</span><span class="ruby-operator">::</span><span class="ruby-constant">DSA</span>.<span class="ruby-identifier">new</span>(<span class="ruby-value">2048</span>) <span class="ruby-identifier">doc</span> = <span class="ruby-string">"Sign me"</span> <span class="ruby-identifier">digest</span> = <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">Digest</span>.<span class="ruby-identifier">digest</span>(<span class="ruby-string">'SHA1'</span>, <span class="ruby-identifier">doc</span>) + +<span class="ruby-comment"># With legacy #syssign and #sysverify:</span> <span class="ruby-identifier">sig</span> = <span class="ruby-identifier">dsa</span>.<span class="ruby-identifier">syssign</span>(<span class="ruby-identifier">digest</span>) +<span class="ruby-identifier">p</span> <span class="ruby-identifier">dsa</span>.<span class="ruby-identifier">sysverify</span>(<span class="ruby-identifier">digest</span>, <span class="ruby-identifier">sig</span>) <span class="ruby-comment">#=> true</span> + +<span class="ruby-comment"># With #sign_raw and #verify_raw:</span> +<span class="ruby-identifier">sig</span> = <span class="ruby-identifier">dsa</span>.<span class="ruby-identifier">sign_raw</span>(<span class="ruby-keyword">nil</span>, <span class="ruby-identifier">digest</span>) +<span class="ruby-identifier">p</span> <span class="ruby-identifier">dsa</span>.<span class="ruby-identifier">verify_raw</span>(<span class="ruby-keyword">nil</span>, <span class="ruby-identifier">sig</span>, <span class="ruby-identifier">digest</span>) <span class="ruby-comment">#=> true</span> </pre> <div class="method-source-code" id="syssign-source"> - <pre>static VALUE -ossl_dsa_sign(VALUE self, VALUE data) -{ - DSA *dsa; - const BIGNUM *dsa_q; - unsigned int buf_len; - VALUE str; - - GetDSA(self, dsa); - DSA_get0_pqg(dsa, NULL, &dsa_q, NULL); - if (!dsa_q) - ossl_raise(eDSAError, "incomplete DSA"); - if (!DSA_PRIVATE(self, dsa)) - ossl_raise(eDSAError, "Private DSA key needed!"); - StringValue(data); - str = rb_str_new(0, DSA_size(dsa)); - if (!DSA_sign(0, (unsigned char *)RSTRING_PTR(data), RSTRING_LENINT(data), - (unsigned char *)RSTRING_PTR(str), - &buf_len, dsa)) { /* type is ignored (0) */ - ossl_raise(eDSAError, NULL); - } - rb_str_set_len(str, buf_len); - - return str; -}</pre> + <pre><span class="ruby-comment"># File lib/openssl/pkey.rb, line 212</span> +<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">syssign</span>(<span class="ruby-identifier">string</span>) + <span class="ruby-identifier">q</span> <span class="ruby-keyword">or</span> <span class="ruby-identifier">raise</span> <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">PKey</span><span class="ruby-operator">::</span><span class="ruby-constant">DSAError</span>, <span class="ruby-string">"incomplete DSA"</span> + <span class="ruby-identifier">private?</span> <span class="ruby-keyword">or</span> <span class="ruby-identifier">raise</span> <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">PKey</span><span class="ruby-operator">::</span><span class="ruby-constant">DSAError</span>, <span class="ruby-string">"Private DSA key needed!"</span> + <span class="ruby-keyword">begin</span> + <span class="ruby-identifier">sign_raw</span>(<span class="ruby-keyword">nil</span>, <span class="ruby-identifier">string</span>) + <span class="ruby-keyword">rescue</span> <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">PKey</span><span class="ruby-operator">::</span><span class="ruby-constant">PKeyError</span> + <span class="ruby-identifier">raise</span> <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">PKey</span><span class="ruby-operator">::</span><span class="ruby-constant">DSAError</span>, <span class="ruby-identifier">$!</span>.<span class="ruby-identifier">message</span> + <span class="ruby-keyword">end</span> +<span class="ruby-keyword">end</span></pre> </div> </div> @@ -601,46 +571,24 @@ ossl_dsa_sign(VALUE self, VALUE data) </div> <div class="method-description"> - <p>Verifies whether the signature is valid given the message digest input. It does so by validating <em>sig</em> using the public key of this <a href="DSA.html"><code>DSA</code></a> instance.</p> + <p>Verifies whether the signature is valid given the message digest input. It does so by validating <code>sig</code> using the public key of this <a href="DSA.html"><code>DSA</code></a> instance.</p> -<h3 id="method-i-sysverify-label-Parameters">Parameters<span><a href="#method-i-sysverify-label-Parameters">¶</a> <a href="#top">↑</a></span></h3> -<ul><li> -<p><em>digest</em> is a message digest of the original input data to be signed</p> -</li><li> -<p><em>sig</em> is a <a href="DSA.html"><code>DSA</code></a> signature value</p> -</li></ul> - -<h3 id="method-i-sysverify-label-Example">Example<span><a href="#method-i-sysverify-label-Example">¶</a> <a href="#top">↑</a></span></h3> - -<pre class="ruby"><span class="ruby-identifier">dsa</span> = <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">PKey</span><span class="ruby-operator">::</span><span class="ruby-constant">DSA</span>.<span class="ruby-identifier">new</span>(<span class="ruby-value">2048</span>) -<span class="ruby-identifier">doc</span> = <span class="ruby-string">"Sign me"</span> -<span class="ruby-identifier">digest</span> = <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">Digest</span>.<span class="ruby-identifier">digest</span>(<span class="ruby-string">'SHA1'</span>, <span class="ruby-identifier">doc</span>) -<span class="ruby-identifier">sig</span> = <span class="ruby-identifier">dsa</span>.<span class="ruby-identifier">syssign</span>(<span class="ruby-identifier">digest</span>) -<span class="ruby-identifier">puts</span> <span class="ruby-identifier">dsa</span>.<span class="ruby-identifier">sysverify</span>(<span class="ruby-identifier">digest</span>, <span class="ruby-identifier">sig</span>) <span class="ruby-comment"># => true</span> -</pre> +<p><strong>Deprecated in version 3.0</strong>. Consider using <a href="PKey.html#method-i-sign_raw"><code>PKey::PKey#sign_raw</code></a> and <a href="PKey.html#method-i-verify_raw"><code>PKey::PKey#verify_raw</code></a> instead.</p> +<dl class="rdoc-list note-list"><dt><code>digest</code> +<dd> +<p>A message digest of the original input data to be signed.</p> +</dd><dt><code>sig</code> +<dd> +<p>A DSA signature value.</p> +</dd></dl> <div class="method-source-code" id="sysverify-source"> - <pre>static VALUE -ossl_dsa_verify(VALUE self, VALUE digest, VALUE sig) -{ - DSA *dsa; - int ret; - - GetDSA(self, dsa); - StringValue(digest); - StringValue(sig); - /* type is ignored (0) */ - ret = DSA_verify(0, (unsigned char *)RSTRING_PTR(digest), RSTRING_LENINT(digest), - (unsigned char *)RSTRING_PTR(sig), RSTRING_LENINT(sig), dsa); - if (ret < 0) { - ossl_raise(eDSAError, NULL); - } - else if (ret == 1) { - return Qtrue; - } - - return Qfalse; -}</pre> + <pre><span class="ruby-comment"># File lib/openssl/pkey.rb, line 235</span> +<span class="ruby-keyword">def</span> <span class="ruby-identifier ruby-title">sysverify</span>(<span class="ruby-identifier">digest</span>, <span class="ruby-identifier">sig</span>) + <span class="ruby-identifier">verify_raw</span>(<span class="ruby-keyword">nil</span>, <span class="ruby-identifier">sig</span>, <span class="ruby-identifier">digest</span>) +<span class="ruby-keyword">rescue</span> <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">PKey</span><span class="ruby-operator">::</span><span class="ruby-constant">PKeyError</span> + <span class="ruby-identifier">raise</span> <span class="ruby-constant">OpenSSL</span><span class="ruby-operator">::</span><span class="ruby-constant">PKey</span><span class="ruby-operator">::</span><span class="ruby-constant">DSAError</span>, <span class="ruby-identifier">$!</span>.<span class="ruby-identifier">message</span> +<span class="ruby-keyword">end</span></pre> </div> </div> @@ -663,25 +611,12 @@ ossl_dsa_verify(VALUE self, VALUE digest, VALUE sig) ossl_dsa_to_der(VALUE self) { DSA *dsa; - int (*i2d_func)(DSA *, unsigned char **); - unsigned char *p; - long len; - VALUE str; GetDSA(self, dsa); - if(DSA_HAS_PRIVATE(dsa)) - i2d_func = (int (*)(DSA *,unsigned char **))i2d_DSAPrivateKey; + if (DSA_HAS_PRIVATE(dsa)) + return ossl_pkey_export_traditional(0, NULL, self, 1); else - i2d_func = i2d_DSA_PUBKEY; - if((len = i2d_func(dsa, NULL)) <= 0) - ossl_raise(eDSAError, NULL); - str = rb_str_new(0, len); - p = (unsigned char *)RSTRING_PTR(str); - if(i2d_func(dsa, &p) < 0) - ossl_raise(eDSAError, NULL); - ossl_str_adjust(str, p); - - return str; + return ossl_pkey_export_spki(self, 1); }</pre> </div> </div> @@ -749,43 +684,6 @@ DSA.to_pem(cipher, 'mypassword') -> aString</pre> </div> </div> - <div id="method-i-to_text" class="method-detail "> - <div class="method-heading"> - <span class="method-callseq"> - to_text → aString - </span> - <span class="method-click-advice">click to toggle source</span> - </div> - - <div class="method-description"> - <p>Prints all parameters of key to buffer INSECURE: PRIVATE INFORMATIONS CAN LEAK OUT!!! Don’t use :-)) (I’s up to you)</p> - - <div class="method-source-code" id="to_text-source"> - <pre>static VALUE -ossl_dsa_to_text(VALUE self) -{ - DSA *dsa; - BIO *out; - VALUE str; - - GetDSA(self, dsa); - if (!(out = BIO_new(BIO_s_mem()))) { - ossl_raise(eDSAError, NULL); - } - if (!DSA_print(out, dsa, 0)) { /* offset = 0 */ - BIO_free(out); - ossl_raise(eDSAError, NULL); - } - str = ossl_membio2str(out); - - return str; -}</pre> - </div> - </div> - - - </div> - </section> </section> |