From: Martin Bosslet <redmine@...>
Date: 2011-02-22T08:36:21+09:00
Subject: [ruby-core:35329] [Ruby 1.9-Feature#4423][Open] [ext/openssl] Allow encryption for PEM-encoding Elliptic Curve private keys


--mimepart_4d62f6f3b74_1dc2ab0fc16330e0
Content-Type: text/plain
Content-Transfer-Encoding: Quoted-printable
Content-Disposition: inline

Feature #4423: [ext/openssl] Allow encryption for PEM-encoding Elliptic C=
urve private keys
http://redmine.ruby-lang.org/issues/show/4423

Author: Martin Bosslet
Status: Open, Priority: Normal
Category: ext, Target version: 1.9.3

There has already been some #if 0-excluded code that would actually
take care of this, but it has not been implemented yet. The attached =

patch allows to encrypt PEM-encoded private keys, Cipher and password
are ignored in the case of public keys (rather than raising an error).

The motivation for this patch is that it would provide uniform behavior =

of all three public key systems supported in Ruby, RSA, DSA (who already
support PEM encryption) and now also Elliptic Curve. RDoc has been =

supplemented.

Regards,
Martin


----------------------------------------
http://redmine.ruby-lang.org

--mimepart_4d62f6f3b74_1dc2ab0fc16330e0
Content-Type: text/x-patch; name=ec_pem_pwd.diff
Content-Transfer-Encoding: Base64
Content-Disposition: attachment; filename=ec_pem_pwd.diff

SW5kZXg6IHJ1YnkvZXh0L29wZW5zc2wvb3NzbF9wa2V5X2VjLmMKPT09PT09
PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09
PT09PT09PT09PT09PT09PQotLS0gcnVieS9leHQvb3BlbnNzbC9vc3NsX3Br
ZXlfZWMuYwkocmV2aXNpb24gMzA5MzgpCisrKyBydWJ5L2V4dC9vcGVuc3Ns
L29zc2xfcGtleV9lYy5jCSh3b3JraW5nIGNvcHkpCkBAIC00NTcsMTYgKzQ1
NywxMyBAQAogICAgIHJldHVybiAoRUNfS0VZX2dldDBfcHJpdmF0ZV9rZXko
ZWMpID8gUXRydWUgOiBRZmFsc2UpOwogfQogCi1zdGF0aWMgVkFMVUUgb3Nz
bF9lY19rZXlfdG9fc3RyaW5nKFZBTFVFIHNlbGYsIGludCBmb3JtYXQpCitz
dGF0aWMgVkFMVUUgb3NzbF9lY19rZXlfdG9fc3RyaW5nKFZBTFVFIHNlbGYs
IFZBTFVFIGNpcGgsIFZBTFVFIHBhc3MsIGludCBmb3JtYXQpCiB7CiAgICAg
RUNfS0VZICplYzsKICAgICBCSU8gKm91dDsKICAgICBpbnQgaSA9IC0xOwog
ICAgIGludCBwcml2YXRlID0gMDsKLSNpZiAwICAvKiB1bnVzZWQgbm93ICov
Ci0gICAgRVZQX0NJUEhFUiAqY2lwaGVyID0gTlVMTDsKICAgICBjaGFyICpw
YXNzd29yZCA9IE5VTEw7Ci0jZW5kaWYKICAgICBWQUxVRSBzdHI7CiAKICAg
ICBSZXF1aXJlX0VDX0tFWShzZWxmLCBlYyk7CkBAIC00ODYsMzcgKzQ4Mywy
NiBAQAogICAgIHN3aXRjaChmb3JtYXQpIHsKICAgICBjYXNlIEVYUE9SVF9Q
RU06CiAgICAgCWlmIChwcml2YXRlKSB7Ci0jaWYgMCAgLyogdW51c2VkIG5v
dyAqLwotICAgIAkgICAgaWYgKGNpcGhlciB8fCBwYXNzd29yZCkKLS8qIEJV
RzogZmluaXNoIGNpcGhlci9wYXNzd29yZCBrZXkgZXhwb3J0ICovCi0gICAg
CSAgICAgICAgcmJfbm90aW1wbGVtZW50KCk7CisJICAgIGNvbnN0IEVWUF9D
SVBIRVIgKmNpcGhlcjsKKwkgICAgaWYgKCFOSUxfUChjaXBoKSkgeworCQlj
aXBoZXIgPSBHZXRDaXBoZXJQdHIoY2lwaCk7CisJCWlmICghTklMX1AocGFz
cykpIHsKKwkJICAgIHBhc3N3b3JkID0gU3RyaW5nVmFsdWVQdHIocGFzcyk7
CisJCX0KKwkgICAgfQorCSAgICBlbHNlIHsKKwkJY2lwaGVyID0gTlVMTDsK
KwkgICAgfQogICAgICAgICAgICAgaSA9IFBFTV93cml0ZV9iaW9fRUNQcml2
YXRlS2V5KG91dCwgZWMsIGNpcGhlciwgTlVMTCwgMCwgTlVMTCwgcGFzc3dv
cmQpOwotI2VuZGlmCi0gICAgICAgICAgICBpID0gUEVNX3dyaXRlX2Jpb19F
Q1ByaXZhdGVLZXkob3V0LCBlYywgTlVMTCwgTlVMTCwgMCwgTlVMTCwgTlVM
TCk7CiAgICAgCX0gZWxzZSB7Ci0jaWYgMCAgLyogdW51c2VkIG5vdyAqLwot
ICAgIAkgICAgaWYgKGNpcGhlciB8fCBwYXNzd29yZCkKLSAgICAgICAgICAg
ICAgICByYl9yYWlzZShyYl9lQXJnRXJyb3IsICJlbmNyeXB0aW9uIGlzIG5v
dCBzdXBwb3J0ZWQgd2hlbiBleHBvcnRpbmcgdGhpcyBrZXkgdHlwZSIpOwot
I2VuZGlmCi0KICAgICAgICAgICAgIGkgPSBQRU1fd3JpdGVfYmlvX0VDX1BV
QktFWShvdXQsIGVjKTsKICAgICAgICAgfQogCiAgICAgCWJyZWFrOwogICAg
IGNhc2UgRVhQT1JUX0RFUjoKICAgICAgICAgaWYgKHByaXZhdGUpIHsKLSNp
ZiAwICAvKiB1bnVzZWQgbm93ICovCi0gICAgCSAgICBpZiAoY2lwaGVyIHx8
IHBhc3N3b3JkKQotICAgICAgICAgICAgICAgIHJiX3JhaXNlKHJiX2VBcmdF
cnJvciwgImVuY3J5cHRpb24gaXMgbm90IHN1cHBvcnRlZCB3aGVuIGV4cG9y
dGluZyB0aGlzIGtleSB0eXBlIik7Ci0jZW5kaWYKLQogICAgICAgICAgICAg
aSA9IGkyZF9FQ1ByaXZhdGVLZXlfYmlvKG91dCwgZWMpOwogICAgICAgICB9
IGVsc2UgewotI2lmIDAgIC8qIHVudXNlZCBub3cgKi8KLSAgICAJICAgIGlm
IChjaXBoZXIgfHwgcGFzc3dvcmQpCi0gICAgICAgICAgICAgICAgcmJfcmFp
c2UocmJfZUFyZ0Vycm9yLCAiZW5jcnlwdGlvbiBpcyBub3Qgc3VwcG9ydGVk
IHdoZW4gZXhwb3J0aW5nIHRoaXMga2V5IHR5cGUiKTsKLSNlbmRpZgotCiAg
ICAgICAgICAgICBpID0gaTJkX0VDX1BVQktFWV9iaW8ob3V0LCBlYyk7CiAg
ICAgICAgIH0KIApAQCAtNTM5LDEyICs1MjUsMjAgQEAKIC8qCiAgKiAgY2Fs
bC1zZXE6CiAgKiAgICAga2V5LnRvX3BlbSAgID0+IFN0cmluZworICogICAg
IGtleS50b19wZW0oY2lwaGVyLCBwYXNzX3BocmFzZSkgPT4gU3RyaW5nCiAg
KgotICogIFNlZSB0aGUgT3BlblNTTCBkb2N1bWVudGF0aW9uIGZvciBQRU1f
d3JpdGVfYmlvX0VDUHJpdmF0ZUtleSgpCisgKiBPdXRwdXRzIHRoZSBFQyBr
ZXkgaW4gUEVNIGVuY29kaW5nLiAgSWYgK2NpcGhlcisgYW5kICtwYXNzX3Bo
cmFzZSsgYXJlCisgKiBnaXZlbiB0aGV5IHdpbGwgYmUgdXNlZCB0byBlbmNy
eXB0IHRoZSBrZXkuICArY2lwaGVyKyBtdXN0IGJlIGFuCisgKiBPcGVuU1NM
OjpDaXBoZXI6OkNpcGhlciBpbnN0YW5jZS4gTm90ZSB0aGF0IGVuY3J5cHRp
b24gd2lsbCBvbmx5IGJlCisgKiBlZmZlY3RpdmUgZm9yIGEgcHJpdmF0ZSBr
ZXksIHB1YmxpYyBrZXlzIHdpbGwgYWx3YXlzIGJlIGVuY29kZWQgaW4gcGxh
aW4KKyAqIHRleHQuCisgKgogICovCi1zdGF0aWMgVkFMVUUgb3NzbF9lY19r
ZXlfdG9fcGVtKFZBTFVFIHNlbGYpCitzdGF0aWMgVkFMVUUgb3NzbF9lY19r
ZXlfdG9fcGVtKGludCBhcmdjLCBWQUxVRSAqYXJndiwgVkFMVUUgc2VsZikK
IHsKLSAgICByZXR1cm4gb3NzbF9lY19rZXlfdG9fc3RyaW5nKHNlbGYsIEVY
UE9SVF9QRU0pOworICAgIFZBTFVFIGNpcGhlciwgcGFzc3dkOworICAgIHJi
X3NjYW5fYXJncyhhcmdjLCBhcmd2LCAiMDIiLCAmY2lwaGVyLCAmcGFzc3dk
KTsKKyAgICByZXR1cm4gb3NzbF9lY19rZXlfdG9fc3RyaW5nKHNlbGYsIGNp
cGhlciwgcGFzc3dkLCBFWFBPUlRfUEVNKTsKIH0KIAogLyoKQEAgLTU1NSw3
ICs1NDksNyBAQAogICovCiBzdGF0aWMgVkFMVUUgb3NzbF9lY19rZXlfdG9f
ZGVyKFZBTFVFIHNlbGYpCiB7Ci0gICAgcmV0dXJuIG9zc2xfZWNfa2V5X3Rv
X3N0cmluZyhzZWxmLCBFWFBPUlRfREVSKTsKKyAgICByZXR1cm4gb3NzbF9l
Y19rZXlfdG9fc3RyaW5nKHNlbGYsIFFuaWwsIFFuaWwsIEVYUE9SVF9ERVIp
OwogfQogCiAvKgpAQCAtMTUyNiw3ICsxNTIwLDcgQEAKICAgICByYl9kZWZp
bmVfbWV0aG9kKGNFQywgImRzYV92ZXJpZnlfYXNuMSIsIG9zc2xfZWNfa2V5
X2RzYV92ZXJpZnlfYXNuMSwgMik7CiAvKiBkb19zaWduL2RvX3ZlcmlmeSAq
LwogCi0gICAgcmJfZGVmaW5lX21ldGhvZChjRUMsICJ0b19wZW0iLCBvc3Ns
X2VjX2tleV90b19wZW0sIDApOworICAgIHJiX2RlZmluZV9tZXRob2QoY0VD
LCAidG9fcGVtIiwgb3NzbF9lY19rZXlfdG9fcGVtLCAtMSk7CiAgICAgcmJf
ZGVmaW5lX21ldGhvZChjRUMsICJ0b19kZXIiLCBvc3NsX2VjX2tleV90b19k
ZXIsIDApOwogICAgIHJiX2RlZmluZV9tZXRob2QoY0VDLCAidG9fdGV4dCIs
IG9zc2xfZWNfa2V5X3RvX3RleHQsIDApOwogCgo=

--mimepart_4d62f6f3b74_1dc2ab0fc16330e0--