ruby-changes:65578
From: Kazuki <ko1@a...>
Date: Tue, 16 Mar 2021 20:39:08 +0900 (JST)
Subject: [ruby-changes:65578] 4756ac00b7 (master): [ruby/openssl] pkey/ec: remove OpenSSL::PKey::EC::Group.new(ec_method) form
https://git.ruby-lang.org/ruby.git/commit/?id=4756ac00b7 From 4756ac00b7c016dfd85b69720486141a7c78d661 Mon Sep 17 00:00:00 2001 From: Kazuki Yamaguchi <k@r...> Date: Tue, 30 Jun 2020 15:46:14 +0900 Subject: [ruby/openssl] pkey/ec: remove OpenSSL::PKey::EC::Group.new(ec_method) form The form created an empty EC_GROUP object with the specified EC_METHOD. However, the feature was unfinished and not useful in any way because OpenSSL::PKey::EC::Group did not implement wrappers for necessary functions to set actual parameters for the group, namely EC_GROUP_set_curve() family. EC_GROUP object creation with EC_METHOD explicitly specified is deprecated in OpenSSL 3.0, as it was apparently not intended for use outside OpenSSL. It is still possible to create EC_GROUP, but without EC_METHOD explicitly specified - OpenSSL chooses the appropriate EC_METHOD for the curve type. The OpenSSL::PKey::EC::Group.new(<:GFp|:GF2m>, p, a, b) form will continue to work. https://github.com/ruby/openssl/commit/df4bec841f --- ext/openssl/ossl_pkey_ec.c | 44 ++------------------------------------------ 1 file changed, 2 insertions(+), 42 deletions(-) diff --git a/ext/openssl/ossl_pkey_ec.c b/ext/openssl/ossl_pkey_ec.c index dfb46f8..deca4f4 100644 --- a/ext/openssl/ossl_pkey_ec.c +++ b/ext/openssl/ossl_pkey_ec.c @@ -47,12 +47,7 @@ VALUE eEC_GROUP; https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey_ec.c#L47 VALUE cEC_POINT; VALUE eEC_POINT; -static ID s_GFp; -static ID s_GFp_simple; -static ID s_GFp_mont; -static ID s_GFp_nist; -static ID s_GF2m; -static ID s_GF2m_simple; +static ID s_GFp, s_GF2m; static ID ID_uncompressed; static ID ID_compressed; @@ -580,20 +575,11 @@ ec_group_new(const EC_GROUP *group) https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey_ec.c#L575 * call-seq: * OpenSSL::PKey::EC::Group.new(ec_group) * OpenSSL::PKey::EC::Group.new(pem_or_der_encoded) - * OpenSSL::PKey::EC::Group.new(ec_method) * OpenSSL::PKey::EC::Group.new(:GFp, bignum_p, bignum_a, bignum_b) * OpenSSL::PKey::EC::Group.new(:GF2m, bignum_p, bignum_a, bignum_b) * * Creates a new EC::Group object. * - * _ec_method_ is a symbol that represents an EC_METHOD. Currently the following - * are supported: - * - * * :GFp_simple - * * :GFp_mont - * * :GFp_nist - * * :GF2m_simple - * * If the first argument is :GFp or :GF2m, creates a new curve with given * parameters. */ @@ -608,29 +594,7 @@ static VALUE ossl_ec_group_initialize(int argc, VALUE *argv, VALUE self) https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey_ec.c#L594 switch (rb_scan_args(argc, argv, "13", &arg1, &arg2, &arg3, &arg4)) { case 1: - if (SYMBOL_P(arg1)) { - const EC_METHOD *method = NULL; - ID id = SYM2ID(arg1); - - if (id == s_GFp_simple) { - method = EC_GFp_simple_method(); - } else if (id == s_GFp_mont) { - method = EC_GFp_mont_method(); - } else if (id == s_GFp_nist) { - method = EC_GFp_nist_method(); -#if !defined(OPENSSL_NO_EC2M) - } else if (id == s_GF2m_simple) { - method = EC_GF2m_simple_method(); -#endif - } - - if (method) { - if ((group = EC_GROUP_new(method)) == NULL) - ossl_raise(eEC_GROUP, "EC_GROUP_new"); - } else { - ossl_raise(rb_eArgError, "unknown symbol, must be :GFp_simple, :GFp_mont, :GFp_nist or :GF2m_simple"); - } - } else if (rb_obj_is_kind_of(arg1, cEC_GROUP)) { + if (rb_obj_is_kind_of(arg1, cEC_GROUP)) { const EC_GROUP *arg1_group; GetECGroup(arg1, arg1_group); @@ -1592,10 +1556,6 @@ void Init_ossl_ec(void) https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey_ec.c#L1556 s_GFp = rb_intern("GFp"); s_GF2m = rb_intern("GF2m"); - s_GFp_simple = rb_intern("GFp_simple"); - s_GFp_mont = rb_intern("GFp_mont"); - s_GFp_nist = rb_intern("GFp_nist"); - s_GF2m_simple = rb_intern("GF2m_simple"); ID_uncompressed = rb_intern("uncompressed"); ID_compressed = rb_intern("compressed"); -- cgit v1.1 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/