ruby-changes:43380
From: rhe <ko1@a...>
Date: Sun, 19 Jun 2016 18:30:06 +0900 (JST)
Subject: [ruby-changes:43380] rhe:r55454 (trunk): openssl: implement initialize_copy method for PKey classes
rhe 2016-06-19 18:29:59 +0900 (Sun, 19 Jun 2016) New Revision: 55454 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=55454 Log: openssl: implement initialize_copy method for PKey classes * ext/openssl/ossl_pkey_dh.c, ext/openssl/ossl_pkey_dsa.c, ext/openssl/ossl_pkey_ec.c, ext/openssl/ossl_pkey_rsa.c: Implement initialize_copy method for OpenSSL::PKey::*. [ruby-core:75504] [Bug #12381] * test/openssl/test_pkey_dh.rb, test/openssl/test_pkey_dsa.rb, test/openssl/test_pkey_ec.rb, test/openssl/test_pkey_rsa.rb: Test they actually copy the OpenSSL objects, and modifications to cloned object don't affect the original object. Modified files: trunk/ChangeLog trunk/ext/openssl/ossl_pkey_dh.c trunk/ext/openssl/ossl_pkey_dsa.c trunk/ext/openssl/ossl_pkey_ec.c trunk/ext/openssl/ossl_pkey_rsa.c trunk/test/openssl/test_pkey_dh.rb trunk/test/openssl/test_pkey_dsa.rb trunk/test/openssl/test_pkey_ec.rb trunk/test/openssl/test_pkey_rsa.rb Index: ext/openssl/ossl_pkey_dh.c =================================================================== --- ext/openssl/ossl_pkey_dh.c (revision 55453) +++ ext/openssl/ossl_pkey_dh.c (revision 55454) @@ -238,6 +238,39 @@ ossl_dh_initialize(int argc, VALUE *argv https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey_dh.c#L238 return self; } +static VALUE +ossl_dh_initialize_copy(VALUE self, VALUE other) +{ + EVP_PKEY *pkey; + DH *dh, *dh_other; + const BIGNUM *pub, *priv; + + GetPKey(self, pkey); + if (EVP_PKEY_base_id(pkey) != EVP_PKEY_NONE) + ossl_raise(eDHError, "DH already initialized"); + GetDH(other, dh_other); + + dh = DHparams_dup(dh_other); + if (!dh) + ossl_raise(eDHError, "DHparams_dup"); + EVP_PKEY_assign_DH(pkey, dh); + + DH_get0_key(dh_other, &pub, &priv); + if (pub) { + BIGNUM *pub2 = BN_dup(pub); + BIGNUM *priv2 = BN_dup(priv); + + if (!pub2 || priv && !priv2) { + BN_clear_free(pub2); + BN_clear_free(priv2); + ossl_raise(eDHError, "BN_dup"); + } + DH_set0_key(dh, pub2, priv2); + } + + return self; +} + /* * call-seq: * dh.public? -> true | false @@ -568,6 +601,7 @@ Init_ossl_dh(void) https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey_dh.c#L601 cDH = rb_define_class_under(mPKey, "DH", cPKey); rb_define_singleton_method(cDH, "generate", ossl_dh_s_generate, -1); rb_define_method(cDH, "initialize", ossl_dh_initialize, -1); + rb_define_copy_func(cDH, ossl_dh_initialize_copy); rb_define_method(cDH, "public?", ossl_dh_is_public, 0); rb_define_method(cDH, "private?", ossl_dh_is_private, 0); rb_define_method(cDH, "to_text", ossl_dh_to_text, 0); Index: ext/openssl/ossl_pkey_dsa.c =================================================================== --- ext/openssl/ossl_pkey_dsa.c (revision 55453) +++ ext/openssl/ossl_pkey_dsa.c (revision 55454) @@ -269,6 +269,26 @@ ossl_dsa_initialize(int argc, VALUE *arg https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey_dsa.c#L269 return self; } +static VALUE +ossl_dsa_initialize_copy(VALUE self, VALUE other) +{ + EVP_PKEY *pkey; + DSA *dsa, *dsa_new; + + GetPKey(self, pkey); + if (EVP_PKEY_base_id(pkey) != EVP_PKEY_NONE) + ossl_raise(eDSAError, "DSA already initialized"); + GetDSA(other, dsa); + + dsa_new = ASN1_dup((i2d_of_void *)i2d_DSAPrivateKey, (d2i_of_void *)d2i_DSAPrivateKey, (char *)dsa); + if (!dsa_new) + ossl_raise(eDSAError, "ASN1_dup"); + + EVP_PKEY_assign_DSA(pkey, dsa_new); + + return self; +} + /* * call-seq: * dsa.public? -> true | false @@ -610,6 +630,7 @@ Init_ossl_dsa(void) https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey_dsa.c#L630 rb_define_singleton_method(cDSA, "generate", ossl_dsa_s_generate, 1); rb_define_method(cDSA, "initialize", ossl_dsa_initialize, -1); + rb_define_copy_func(cDSA, ossl_dsa_initialize_copy); rb_define_method(cDSA, "public?", ossl_dsa_is_public, 0); rb_define_method(cDSA, "private?", ossl_dsa_is_private, 0); Index: ext/openssl/ossl_pkey_rsa.c =================================================================== --- ext/openssl/ossl_pkey_rsa.c (revision 55453) +++ ext/openssl/ossl_pkey_rsa.c (revision 55454) @@ -271,6 +271,26 @@ ossl_rsa_initialize(int argc, VALUE *arg https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey_rsa.c#L271 return self; } +static VALUE +ossl_rsa_initialize_copy(VALUE self, VALUE other) +{ + EVP_PKEY *pkey; + RSA *rsa, *rsa_new; + + GetPKey(self, pkey); + if (EVP_PKEY_base_id(pkey) != EVP_PKEY_NONE) + ossl_raise(eRSAError, "RSA already initialized"); + GetRSA(other, rsa); + + rsa_new = ASN1_dup((i2d_of_void *)i2d_RSAPrivateKey, (d2i_of_void *)d2i_RSAPrivateKey, (char *)rsa); + if (!rsa_new) + ossl_raise(eRSAError, "ASN1_dup"); + + EVP_PKEY_assign_RSA(pkey, rsa_new); + + return self; +} + /* * call-seq: * rsa.public? => true @@ -675,6 +695,7 @@ Init_ossl_rsa(void) https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey_rsa.c#L695 rb_define_singleton_method(cRSA, "generate", ossl_rsa_s_generate, -1); rb_define_method(cRSA, "initialize", ossl_rsa_initialize, -1); + rb_define_copy_func(cRSA, ossl_rsa_initialize_copy); rb_define_method(cRSA, "public?", ossl_rsa_is_public, 0); rb_define_method(cRSA, "private?", ossl_rsa_is_private, 0); Index: ext/openssl/ossl_pkey_ec.c =================================================================== --- ext/openssl/ossl_pkey_ec.c (revision 55453) +++ ext/openssl/ossl_pkey_ec.c (revision 55454) @@ -285,6 +285,29 @@ static VALUE ossl_ec_key_initialize(int https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey_ec.c#L285 return self; } +static VALUE +ossl_ec_key_initialize_copy(VALUE self, VALUE other) +{ + EVP_PKEY *pkey; + EC_KEY *ec, *ec_new; + + GetPKey(self, pkey); + if (EVP_PKEY_base_id(pkey) != EVP_PKEY_NONE) + ossl_raise(eECError, "EC already initialized"); + SafeRequire_EC_KEY(other, ec); + + ec_new = EC_KEY_dup(ec); + if (!ec_new) + ossl_raise(eECError, "EC_KEY_dup"); + if (!EVP_PKEY_assign_EC_KEY(pkey, ec_new)) { + EC_KEY_free(ec_new); + ossl_raise(eECError, "EVP_PKEY_assign_EC_KEY"); + } + rb_iv_set(self, "@group", Qnil); /* EC_KEY_dup() also copies the EC_GROUP */ + + return self; +} + /* * call-seq: * key.group => group @@ -903,6 +926,26 @@ static VALUE ossl_ec_group_initialize(in https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey_ec.c#L926 return self; } +static VALUE +ossl_ec_group_initialize_copy(VALUE self, VALUE other) +{ + ossl_ec_group *ec_group; + EC_GROUP *orig; + + TypedData_Get_Struct(self, ossl_ec_group, &ossl_ec_group_type, ec_group); + if (ec_group->group) + ossl_raise(eEC_GROUP, "EC::Group already initialized"); + SafeRequire_EC_GROUP(other, orig); + + ec_group->group = EC_GROUP_dup(orig); + if (!ec_group->group) + ossl_raise(eEC_GROUP, "EC_GROUP_dup"); + + rb_iv_set(self, "@key", Qnil); + + return self; +} + /* call-seq: * group1.eql?(group2) => true | false * group1 == group2 => true | false @@ -1381,6 +1424,31 @@ static VALUE ossl_ec_point_initialize(in https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey_ec.c#L1424 return self; } +static VALUE +ossl_ec_point_initialize_copy(VALUE self, VALUE other) +{ + ossl_ec_point *ec_point; + EC_POINT *orig; + EC_GROUP *group; + VALUE group_v; + + TypedData_Get_Struct(self, ossl_ec_point, &ossl_ec_point_type, ec_point); + if (ec_point->point) + ossl_raise(eEC_POINT, "EC::Point already initialized"); + SafeRequire_EC_POINT(other, orig); + + group_v = rb_obj_dup(rb_iv_get(other, "@group")); + SafeRequire_EC_GROUP(group_v, group); + + ec_point->point = EC_POINT_dup(orig, group); + if (!ec_point->point) + ossl_raise(eEC_POINT, "EC_POINT_dup"); + rb_iv_set(self, "@key", Qnil); + rb_iv_set(self, "@group", group_v); + + return self; +} + /* * call-seq: * point1.eql?(point2) => true | false @@ -1624,14 +1692,6 @@ static VALUE ossl_ec_point_mul(int argc, https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey_ec.c#L1692 return result; } -static void no_copy(VALUE klass) -{ - rb_undef_method(klass, "copy"); - rb_undef_method(klass, "clone"); - rb_undef_method(klass, "dup"); - rb_undef_method(klass, "initialize_copy"); -} - void Init_ossl_ec(void) { #ifdef DONT_NEED_RDOC_WORKAROUND @@ -1664,6 +1724,7 @@ void Init_ossl_ec(void) https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey_ec.c#L1724 rb_define_singleton_method(cEC, "generate", ossl_ec_key_s_generate, 1); rb_define_method(cEC, "initialize", ossl_ec_key_initialize, -1); + rb_define_copy_func(cEC, ossl_ec_key_initialize_copy); /* copy/dup/cmp */ rb_define_method(cEC, "group", ossl_ec_key_get_group, 0); @@ -1700,6 +1761,7 @@ void Init_ossl_ec(void) https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey_ec.c#L1761 rb_define_alloc_func(cEC_GROUP, ossl_ec_group_alloc); rb_define_method(cEC_GROUP, "initialize", ossl_ec_group_initialize, -1); + rb_define_copy_func(cEC_GROUP, ossl_ec_group_initialize_copy); rb_define_method(cEC_GROUP, "eql?", ossl_ec_group_eql, 1); rb_define_alias(cEC_GROUP, "==", "eql?"); /* copy/dup/cmp */ @@ -1735,6 +1797,7 @@ void Init_ossl_ec(void) https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey_ec.c#L1797 rb_define_alloc_func(cEC_POINT, ossl_ec_point_alloc); rb_define_method(cEC_POINT, "initialize", ossl_ec_point_initialize, -1); + rb_define_copy_func(cEC_POINT, ossl_ec_point_initialize_copy); rb_attr(cEC_POINT, rb_intern("group"), 1, 0, 0); rb_define_method(cEC_POINT, "eql?", ossl_ec_point_eql, 1); rb_define_alias(cEC_POINT, "==", "eql?"); @@ -1748,10 +1811,6 @@ void Init_ossl_ec(void) https://github.com/ruby/ruby/blob/trunk/ext/openssl/ossl_pkey_ec.c#L1811 rb_define_method(cEC_POINT, "to_bn", ossl_ec_point_to_bn, 0); rb_define_method(cEC_POINT, "mul", ossl_ec_point_mul, -1); - - no_copy(cEC); - no_copy(cEC_GROUP); - no_copy(cEC_POINT); } #else /* defined NO_EC */ Index: ChangeLog =================================================================== --- ChangeLog (revision 55453) +++ ChangeLog (revision 55454) @@ -1,3 +1,15 @@ https://github.com/ruby/ruby/blob/trunk/ChangeLog#L1 +Sun Jun 19 18:29:50 2016 Kazuki Yamaguchi <k@r...> + + * ext/openssl/ossl_pkey_dh.c, ext/openssl/ossl_pkey_dsa.c, + ext/openssl/ossl_pkey_ec.c, ext/openssl/ossl_pkey_rsa.c: Implement + initialize_copy method for OpenSSL::PKey::*. + [ruby-core:75504] [Bug #12381] + + * test/openssl/test_pkey_dh.rb, test/openssl/test_pkey_dsa.rb, + test/openssl/test_pkey_ec.rb, test/openssl/test_pkey_rsa.rb: Test they + actually copy the OpenSSL objects, and modifications to cloned object + don't affect the original object. + Sun Jun 19 16:55:16 2016 Martin Duerst <duerst@i...> * test/ruby/test_dir_m17n.rb: Skip tests with non-UTF-8 encodings Index: test/openssl/test_pkey_rsa.rb =================================================================== --- test/openssl/test_pkey_rsa.rb (revision 55453) +++ test/openssl/test_pkey_rsa.rb (revision 55454) @@ -294,6 +294,14 @@ AwEAAQ== https://github.com/ruby/ruby/blob/trunk/test/openssl/test_pkey_rsa.rb#L294 assert(key3.private?) end + def test_dup + key = OpenSSL::PKey::RSA.generate(256, 17) + key2 = key.dup + assert_equal key.params, key2.params + key2.set_key(key2.n, 3, key2.d) + assert_not_equal key.params, key2.params + end + private def check_PUBKEY(asn1, key) Index: test/openssl/test_pkey_ec.rb =================================================================== --- test/openssl/test_pkey_ec.rb (revision 55453) +++ test/openssl/test_pkey_ec.rb (revision 55454) @@ -25,6 +25,29 @@ class OpenSSL::TestEC < OpenSSL::TestCas https://github.com/ruby/ruby/blob/trunk/test/openssl/test_pkey_ec.rb#L25 end end + def test_dup + key = OpenSSL::PKey::EC.new("prime256v1") + key.generate_key! + key2 = key.dup + assert_equal key.to_der, key2.to_der + key_tmp = OpenSSL::PKey::EC.new("prime256v1").generate_key! + key2.private_key = key_tmp.private_key + key2.public_key = key_tmp.public_key + assert_not_equal key.to_der, key2.to_der + + group = key.group + group2 = group.dup + assert_equal group.to_der, group2.to_der + group2.asn1_flag ^= OpenSSL::PKey::EC::NAMED_CURVE + assert_not_equal group.to_der, group2.to_der + + point = key.public_key + point2 = point.dup + assert_equal point.to_bn, point2.to_bn + point2.invert! + assert_not_equal point.to_bn, point2.to_bn + end + def compare_keys(k1, k2) assert_equal(k1.to_pem, k2.to_pem) end Index: test/openssl/test_pkey_dh.rb =================================================================== --- test/openssl/test_pkey_dh.rb (revision 55453) +++ test/openssl/test_pkey_dh.rb (revision 55454) @@ -83,6 +83,16 @@ YoaOffgTf5qxiwkjnlVZQc3whgnEt9FpVMvQ9ekn https://github.com/ruby/ruby/blob/trunk/test/openssl/test_pkey_dh.rb#L83 assert_equal(dh.compute_key(dh2.pub_key), dh2.compute_key(dh.pub_key)) end + def test_dup + dh = OpenSSL::PKey::DH.new(NEW_KEYLEN) + dh2 = dh.dup + assert_equal dh.to_der, dh2.to_der # params + assert_equal_params dh, dh2 # keys + dh2.set_pqg(dh2.p + 1, nil, dh2.g) + assert_not_equal dh2.p, dh.p + assert_equal dh2.g, dh.g + end + private def assert_equal_params(dh1, dh2) Index: test/openssl/test_pkey_dsa.rb =================================================================== --- test/openssl/test_pkey_dsa.rb (revision 55453) +++ test/openssl/test_pkey_dsa.rb (revision 55454) @@ -230,6 +230,14 @@ YNMbNw== https://github.com/ruby/ruby/blob/trunk/test/openssl/test_pkey_dsa.rb#L230 assert(key3.private?) end + def test_dup + key = OpenSSL::PKey::DSA.new(256) + key2 = key.dup + assert_equal key.params, key2.params + key2.set_pqg(key2.p + 1, key2.q, key2.g) + assert_not_equal key.params, key2.params + end + private def check_sign_verify(digest) -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/