[#64210] Asking for clarification for exception handling usage — Rodrigo Rosenfeld Rosas <rr.rosas@...>
I've created a ticket for that but didn't get any feedback so I decided
5 messages
2014/08/05
[#64517] Fw: Re: Ruby and Rails to become Apache Incubator Project — Tetsuya Kitahata <[email protected]>
What do you think? >> Ruby developers
13 messages
2014/08/23
[#64524] Re: Fw: Re: Ruby and Rails to become Apache Incubator Project
— Henry Maddocks <hmaddocks@...>
2014/08/24
[#64525] Re: Fw: Re: Ruby and Rails to become Apache Incubator Project
— Brandon Weaver <keystonelemur@...>
2014/08/24
What benefits are there to this? I have a feeling that adding unnecessary
[#64526] Re: Fw: Re: Ruby and Rails to become Apache Incubator Project
— Tetsuya Kitahata <[email protected]>
2014/08/24
On Sat, 23 Aug 2014 22:43:46 -0700
[#64527] Re: Fw: Re: Ruby and Rails to become Apache Incubator Project
— Urabe Shyouhei <shyouhei@...>
2014/08/24
Here I am a Japanese. Before moving anywhere else answer to our question first: what benefits?
[#64528] Re: Fw: Re: Ruby and Rails to become Apache Incubator Project
— Tetsuya Kitahata <[email protected]>
2014/08/24
tax issue with each other.
[#64614] cowspace (work-in-progress) — Eric Wong <normalperson@...>
Hi all, I started working on a cowspace branch. Based on the mspace API
4 messages
2014/08/28
[#64615] [ruby-trunk - Feature #10181] [Open] New method File.openat() — oss-ruby-lang@...
Issue #10181 has been reported by Technorama Ltd..
10 messages
2014/08/28
[#64616] Re: [ruby-trunk - Feature #10181] [Open] New method File.openat()
— Eric Wong <normalperson@...>
2014/08/28
I like this feature.
[#64623] Re: [ruby-trunk - Feature #10181] [Open] New method File.openat()
— Joel VanderWerf <joelvanderwerf@...>
2014/08/29
On 08/28/2014 02:53 PM, Eric Wong wrote:
[#64634] Re: [ruby-trunk - Feature #10181] [Open] New method File.openat()
— Eric Wong <normalperson@...>
2014/08/29
Joel VanderWerf <[email protected]> wrote:
[#64635] Re: [ruby-trunk - Feature #10181] [Open] New method File.openat()
— Joel VanderWerf <joelvanderwerf@...>
2014/08/29
On 08/29/2014 12:55 AM, Eric Wong wrote:
[#64638] Re: [ruby-trunk - Feature #10181] [Open] New method File.openat()
— Eric Wong <normalperson@...>
2014/08/29
Joel VanderWerf <[email protected]> wrote:
[#64627] [ruby-trunk - Feature #10182] [PATCH] string.c: move frozen_strings table to rb_vm_t — ko1@...
Issue #10182 has been updated by Koichi Sasada.
3 messages
2014/08/29
[#64671] Fwd: [ruby-changes:35240] normal:r47322 (trunk): symbol.c (rb_sym2id): do not return garbage object — SASADA Koichi <ko1@...>
Why this fix solve your problem?
9 messages
2014/08/30
[#64672] Re: Fwd: [ruby-changes:35240] normal:r47322 (trunk): symbol.c (rb_sym2id): do not return garbage object
— SASADA Koichi <ko1@...>
2014/08/30
(2014/08/30 8:50), SASADA Koichi wrote:
[#64676] Re: Fwd: [ruby-changes:35240] normal:r47322 (trunk): symbol.c (rb_sym2id): do not return garbage object
— Eric Wong <normalperson@...>
2014/08/30
SASADA Koichi <[email protected]> wrote:
[#64684] Re: Fwd: [ruby-changes:35240] normal:r47322 (trunk): symbol.c (rb_sym2id): do not return garbage object
— Eric Wong <normalperson@...>
2014/08/31
Eric Wong <[email protected]> wrote:
[#64692] Re: Fwd: [ruby-changes:35240] normal:r47322 (trunk): symbol.c (rb_sym2id): do not return garbage object
— SASADA Koichi <ko1@...>
2014/08/31
(2014/08/31 0:18), Eric Wong wrote:
[ruby-core:64356] [ruby-trunk - Feature #9830] Support for GOST private/public keys
From:
envek@...
Date:
2014-08-14 09:24:48 UTC
List:
ruby-core #64356
Issue #9830 has been updated by Andrey Novikov.
I've tried to subclass OpenSSL::PKey::EC, it compiles, but new class is not=
available: https://github.com/Envek/ruby/commit/ecd27db1578ecc2722442a262b=
7078f92066d5f6
----------------------------------------
Feature #9830: Support for GOST private/public keys
https://bugs.ruby-lang.org/issues/9830#change-48332
* Author: Andrey Novikov
* Status: Assigned
* Priority: Normal
* Assignee: Martin Bosslet
* Category: ext/openssl
* Target version: current: 2.2.0
----------------------------------------
Hello everyone.
We're required to use GOST encryption algorithms for signing requests, inte=
racting with HTTPS services with client certificate authentication and so o=
n.
OpenSSL 1.0.0 is bundled with GOST engine, and, if correctly configured, ca=
n handle all of these tasks from command line. Also see #9822.
**Issue**
Ruby can't read GOST private and public keys:
~~~
ruby> privkey =3D OpenSSL::PKey.read(File.read('gost_r_34_10_2001_private_k=
ey.pem'))
OpenSSL::PKey::PKeyError: unsupported key type
ruby> # Same for public keys
ruby> crt =3D OpenSSL::X509::Certificate.new(File.read('gost_r_34_10_2001_c=
ertificate.pem'))
ruby> crt.public_key
OpenSSL::PKey::PKeyError: unsupported key type
~~~
The problem is there is no "Generic PKey" class in Ruby's OpenSSL.
In source in `ext/openssl/openssl_pkey.c` at line 76 in method `ossl_pkey_n=
ew` there is examination of key type and creating appropriate Ruby classes.=
But GOST R 34.10-2001 key type have type `NID_id_GostR3410_2001` (811), an=
d Ruby fails.
**Possible solution**
GOST keys are EC keys in fact (at least for GOST R 34.10-2001). And, if I a=
dd `case NID_id_GostR3410_2001:` right before `case EVP_PKEY_EC:` and remov=
e checks about key type in `ext/openssl/openssl_pkey_ec.c` =E2=80=93 everyt=
hing will work.
To illustrate this, I've attached required patches (one from issue #9822), =
self-signed GOST R 34.10-2001 certificate with private key and two test scr=
ipts.
**NOTE**: You will need OpenSSL version 1.0.0 or newer with correct configu=
ration, see links below!
**Question**
How should GOST keys support implemented in Ruby? Should it even use `OpenS=
SL::PKey::EC`, or, may be, subclass from it?
I'm not experienced neither in C programming nor in cryptography, but I wou=
ld be glad to help with the implementation of this.
**Further information**
* **README.gost**: Instructions for setting up OpenSSL and usage: https://g=
ithub.com/openssl/openssl/blob/master/engines/ccgost/README.gost
* **OpenSSL GOST engine source**: https://github.com/openssl/openssl/tree/m=
aster/engines/ccgost
* **RFC 5830**: GOST 28147-89: Encryption, Decryption, and Message Authenti=
cation Code (MAC) Algorithms:
http://tools.ietf.org/html/rfc5830
* **RFC 5831**: GOST R 34.11-94: Hash Function Algorithm:
http://tools.ietf.org/html/rfc5831
* **RFC 5832**: GOST R 34.10-2001: Digital Signature Algorithm:
http://tools.ietf.org/html/rfc5832
* **RFC 4491**: Using the GOST Algorithms with the Internet X.509 Public Ke=
y Infrastructure:
http://tools.ietf.org/html/rfc4491
* **RFC 4490**: Using the GOST Algorithms with Cryptographic Message Syntax=
(CMS):
http://tools.ietf.org/html/rfc4490
* **RFC 4357**: Additional Cryptographic Algorithms for Use with GOST Algor=
ithms
* Some stackoverflow.com related questions: http://stackoverflow.com/questi=
ons/12868384/openssl-gost-parameter-set and http://stackoverflow.com/questi=
ons/14580340/generate-gost-34-10-2001-keypair-and-save-it-to-some-keystore
---Files--------------------------------
gost_keys_support_draft.patch (1.92 KB)
gost_r_34_10_2001_certificate.pem (826 Bytes)
gost_r_34_10_2001_private_key.pem (152 Bytes)
gost_sigining.rb (541 Bytes)
gost_ssl_example_with_certs.rb (742 Bytes)
respect_system_openssl_settings.patch (430 Bytes)
--=20
https://bugs.ruby-lang.org/