| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
OpenSSL::PKey::RSA#set_key does not exist when built with OpenSSL 3.0,
so it is not possible to create an RSA object with incomplete state.
|
|
|
|
|
|
| |
It uses deprecated PKey::{RSA,DSA,DH}#set_* methods, which will not
work with OpenSSL 3.0. The same can easily be achieved using
PKey#public_to_der regardless of the key kind.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add a variant of PKey#sign and #verify that do not hash the data
automatically.
Sometimes the caller has the hashed data only, but not the plaintext
to be signed. In that case, users would have to use the low-level API
such as RSA#private_encrypt or #public_decrypt directly.
OpenSSL 1.0.0 and later supports EVP_PKEY_sign() and EVP_PKEY_verify()
which provide the same functionality as part of the EVP API. This patch
adds wrappers for them.
|
|
|
|
|
| |
Support public key encryption and decryption operations using the EVP
API.
|
|
|
|
|
|
|
|
|
|
|
| |
The low-level API that is used to implement #public_key is deprecated
in OpenSSL 3.0. It is actually very simple to implement in another way,
using existing methods only, in much shorter code. Let's do it.
While we are at it, the documentation is updated to recommend against
using #public_key. Now that OpenSSL::PKey::PKey implements public_to_der
method, there is no real use case for #public_key in newly written Ruby
programs.
|
|
|
|
|
|
| |
Similarly to OpenSSL::PKey.generate_key and .generate_parameters, let
OpenSSL::PKey::PKey#sign and #verify take an optional parameter for
specifying control strings for EVP_PKEY_CTX_ctrl_str().
|
| |
|
| |
|
|
|