Merge branch 'maint-3.0'

* maint-3.0:
  Ruby/OpenSSL 3.0.2
  Fix build with LibreSSL 3.5
  Fix operator precedence in OSSL_OPENSSL_PREREQ and OSSL_LIBRESSL_PREREQ
  Ruby/OpenSSL 2.2.3
  ts: use TS_VERIFY_CTX_set_certs instead of TS_VERIFY_CTS_set_certs
  ocsp: disable OCSP_basic_verify() workaround on LibreSSL 3.5
  test/openssl/test_pkey.rb: allow failures in test_s_generate_parameters
  pkey/ec: check private key validity with OpenSSL 3
  Actions - update workflow to use OpenSSL 1.1.1, actions/checkout@v3
  pkey/ec: fix ossl_raise() calls using cEC_POINT instead of eEC_POINT
  raise when EC_POINT_cmp or EC_GROUP_cmp error instead of returning true

History.md

@@ -1,3 +1,17 @@
+Version 3.0.2
+=============
+
+Merged changes in 2.2.3. Additionally, the following issues are fixed by this
+release.
+
+Bug fixes
+---------
+
+* Fix OpenSSL::PKey::EC#check_key not working correctly on OpenSSL 3.0.
+ [[GitHub #563]](https:/ruby/openssl/issues/563)
+ [[GitHub #580]](https:/ruby/openssl/pull/580)
+
+
 Version 3.0.1
 =============
 
@@ -124,6 +138,21 @@ Notable changes
  [[GitHub #342]](https:/ruby/openssl/issues/342)
 
 
+Version 2.2.3
+=============
+
+Bug fixes
+---------
+
+* Fix serveral methods in OpenSSL::PKey::EC::Point attempting to raise an error
+ with an incorrect class, which would end up with a TypeError.
+ [[GitHub #570]](https:/ruby/openssl/pull/570)
+* Fix OpenSSL::PKey::EC::Point#eql? and OpenSSL::PKey::EC::Group#eql?
+ incorrectly treated OpenSSL's internal errors as "not equal".
+ [[GitHub #564]](https:/ruby/openssl/pull/564)
+* Fix build with LibreSSL 3.5 or later.
+
+
 Version 2.2.2
 =============
 

ext/openssl/ossl_pkey_ec.c

@@ -483,16 +483,28 @@ static VALUE ossl_ec_key_check_key(VALUE self)
 #ifdef HAVE_EVP_PKEY_CHECK
  EVP_PKEY *pkey;
  EVP_PKEY_CTX *pctx;
- int ret;
+ EC_KEY *ec;
 
  GetPKey(self, pkey);
+ GetEC(self, ec);
  pctx = EVP_PKEY_CTX_new(pkey, /* engine */NULL);
  if (!pctx)
- ossl_raise(eDHError, "EVP_PKEY_CTX_new");
- ret = EVP_PKEY_public_check(pctx);
+ ossl_raise(eECError, "EVP_PKEY_CTX_new");
+
+ if (EC_KEY_get0_private_key(ec) != NULL) {
+ if (EVP_PKEY_check(pctx) != 1) {
+ EVP_PKEY_CTX_free(pctx);
+ ossl_raise(eECError, "EVP_PKEY_check");
+ }
+ }
+ else {
+ if (EVP_PKEY_public_check(pctx) != 1) {
+ EVP_PKEY_CTX_free(pctx);
+ ossl_raise(eECError, "EVP_PKEY_public_check");
+ }
+ }
+
  EVP_PKEY_CTX_free(pctx);
- if (ret != 1)
- ossl_raise(eECError, "EVP_PKEY_public_check");
 #else
  EC_KEY *ec;
 
@@ -668,10 +680,11 @@ static VALUE ossl_ec_group_eql(VALUE a, VALUE b)
  GetECGroup(a, group1);
  GetECGroup(b, group2);
 
- if (EC_GROUP_cmp(group1, group2, ossl_bn_ctx) == 1)
- return Qfalse;
-
- return Qtrue;
+ switch (EC_GROUP_cmp(group1, group2, ossl_bn_ctx)) {
+ case 0: return Qtrue;
+ case 1: return Qfalse;
+ default: ossl_raise(eEC_GROUP, "EC_GROUP_cmp");
+ }
 }
 
 /*
@@ -1232,10 +1245,13 @@ static VALUE ossl_ec_point_eql(VALUE a, VALUE b)
  GetECPoint(b, point2);
  GetECGroup(group_v1, group);
 
- if (EC_POINT_cmp(group, point1, point2, ossl_bn_ctx) == 1)
- return Qfalse;
+ switch (EC_POINT_cmp(group, point1, point2, ossl_bn_ctx)) {
+ case 0: return Qtrue;
+ case 1: return Qfalse;
+ default: ossl_raise(eEC_POINT, "EC_POINT_cmp");
+ }
 
- return Qtrue;
+ UNREACHABLE;
 }
 
 /*
@@ -1253,7 +1269,7 @@ static VALUE ossl_ec_point_is_at_infinity(VALUE self)
  switch (EC_POINT_is_at_infinity(group, point)) {
  case 1: return Qtrue;
  case 0: return Qfalse;
- default: ossl_raise(cEC_POINT, "EC_POINT_is_at_infinity");
+ default: ossl_raise(eEC_POINT, "EC_POINT_is_at_infinity");
  }
 
  UNREACHABLE;
@@ -1274,7 +1290,7 @@ static VALUE ossl_ec_point_is_on_curve(VALUE self)
  switch (EC_POINT_is_on_curve(group, point, ossl_bn_ctx)) {
  case 1: return Qtrue;
  case 0: return Qfalse;
- default: ossl_raise(cEC_POINT, "EC_POINT_is_on_curve");
+ default: ossl_raise(eEC_POINT, "EC_POINT_is_on_curve");
  }
 
  UNREACHABLE;
@@ -1297,7 +1313,7 @@ static VALUE ossl_ec_point_make_affine(VALUE self)
  rb_warn("OpenSSL::PKey::EC::Point#make_affine! is deprecated");
 #if !OSSL_OPENSSL_PREREQ(3, 0, 0)
  if (EC_POINT_make_affine(group, point, ossl_bn_ctx) != 1)
- ossl_raise(cEC_POINT, "EC_POINT_make_affine");
+ ossl_raise(eEC_POINT, "EC_POINT_make_affine");
 #endif
 
  return self;
@@ -1316,7 +1332,7 @@ static VALUE ossl_ec_point_invert(VALUE self)
  GetECPointGroup(self, group);
 
  if (EC_POINT_invert(group, point, ossl_bn_ctx) != 1)
- ossl_raise(cEC_POINT, "EC_POINT_invert");
+ ossl_raise(eEC_POINT, "EC_POINT_invert");
 
  return self;
 }
@@ -1334,7 +1350,7 @@ static VALUE ossl_ec_point_set_to_infinity(VALUE self)
  GetECPointGroup(self, group);
 
  if (EC_POINT_set_to_infinity(group, point) != 1)
- ossl_raise(cEC_POINT, "EC_POINT_set_to_infinity");
+ ossl_raise(eEC_POINT, "EC_POINT_set_to_infinity");
 
  return self;
 }

test/openssl/fixtures/pkey/p256_too_large.pem

@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEIP+TT0V8Fndsnacji9tyf6hmhHywcOWTee9XkiBeJoVloAoGCCqGSM49
+AwEHoUQDQgAEBkhhJIU/2/YdPSlY2I1k25xjK4trr5OXSgXvBC21PtY0HQ7lor7A
+jzT0giJITqmcd81fwGw5+96zLcdxTF1hVQ==
+-----END EC PRIVATE KEY-----

test/openssl/fixtures/pkey/p384_invalid.pem

@@ -0,0 +1,6 @@
+-----BEGIN EC PRIVATE KEY-----
+MIGkAgEBBDDA1Tm0m7YhkfeVpFuarAJYVlHp2tQj+1fOBiLa10t9E8TiQO/hVfxB
+vGaVEQwOheWgBwYFK4EEACKhZANiAASyGqmryZGqdpsq5gEDIfNvgC3AwSJxiBCL
+XKHBTFRp+tCezLDOK/6V8KK/vVGBJlGFW6/I7ahyXprxS7xs7hPA9iz5YiuqXlu+
+lbrIpZOz7b73hyQQCkvbBO/Avg+hPAk=
+-----END EC PRIVATE KEY-----

test/openssl/test_pkey.rb

@@ -47,6 +47,11 @@ def test_s_generate_parameters
  raise "exit!" if cb_called.size == 3
  }
  }
+ if !cb_called && openssl?(3, 0, 0) && !openssl?(3, 0, 6)
+ # Errors in BN_GENCB were not properly handled. This special pend is to
+ # suppress failures on Ubuntu 22.04, which uses OpenSSL 3.0.2.
+ pend "unstable test on OpenSSL 3.0.[0-5]"
+ end
  assert_not_empty cb_called
  end
 

test/openssl/test_pkey_ec.rb

@@ -90,6 +90,13 @@ def test_check_key
  assert_equal(true, key2.public?)
  assert_equal(true, key2.check_key)
 
+ # Behavior of EVP_PKEY_public_check changes between OpenSSL 1.1.1 and 3.0
+ key4 = Fixtures.pkey("p256_too_large")
+ assert_raise(OpenSSL::PKey::ECError) { key4.check_key }
+
+ key5 = Fixtures.pkey("p384_invalid")
+ assert_raise(OpenSSL::PKey::ECError) { key5.check_key }
+
  # EC#private_key= is deprecated in 3.0 and won't work on OpenSSL 3.0
  if !openssl?(3, 0, 0)
  key2.private_key += 1