From: Martin Bosslet Date: 2011-02-22T08:36:21+09:00 Subject: [ruby-core:35329] [Ruby 1.9-Feature#4423][Open] [ext/openssl] Allow encryption for PEM-encoding Elliptic Curve private keys --mimepart_4d62f6f3b74_1dc2ab0fc16330e0 Content-Type: text/plain Content-Transfer-Encoding: Quoted-printable Content-Disposition: inline Feature #4423: [ext/openssl] Allow encryption for PEM-encoding Elliptic C= urve private keys http://redmine.ruby-lang.org/issues/show/4423 Author: Martin Bosslet Status: Open, Priority: Normal Category: ext, Target version: 1.9.3 There has already been some #if 0-excluded code that would actually take care of this, but it has not been implemented yet. The attached = patch allows to encrypt PEM-encoded private keys, Cipher and password are ignored in the case of public keys (rather than raising an error). The motivation for this patch is that it would provide uniform behavior = of all three public key systems supported in Ruby, RSA, DSA (who already support PEM encryption) and now also Elliptic Curve. RDoc has been = supplemented. Regards, Martin ---------------------------------------- http://redmine.ruby-lang.org --mimepart_4d62f6f3b74_1dc2ab0fc16330e0 Content-Type: text/x-patch; name=ec_pem_pwd.diff Content-Transfer-Encoding: Base64 Content-Disposition: attachment; filename=ec_pem_pwd.diff SW5kZXg6IHJ1YnkvZXh0L29wZW5zc2wvb3NzbF9wa2V5X2VjLmMKPT09PT09 PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09 PT09PT09PT09PT09PT09PQotLS0gcnVieS9leHQvb3BlbnNzbC9vc3NsX3Br ZXlfZWMuYwkocmV2aXNpb24gMzA5MzgpCisrKyBydWJ5L2V4dC9vcGVuc3Ns L29zc2xfcGtleV9lYy5jCSh3b3JraW5nIGNvcHkpCkBAIC00NTcsMTYgKzQ1 NywxMyBAQAogICAgIHJldHVybiAoRUNfS0VZX2dldDBfcHJpdmF0ZV9rZXko ZWMpID8gUXRydWUgOiBRZmFsc2UpOwogfQogCi1zdGF0aWMgVkFMVUUgb3Nz bF9lY19rZXlfdG9fc3RyaW5nKFZBTFVFIHNlbGYsIGludCBmb3JtYXQpCitz dGF0aWMgVkFMVUUgb3NzbF9lY19rZXlfdG9fc3RyaW5nKFZBTFVFIHNlbGYs IFZBTFVFIGNpcGgsIFZBTFVFIHBhc3MsIGludCBmb3JtYXQpCiB7CiAgICAg RUNfS0VZICplYzsKICAgICBCSU8gKm91dDsKICAgICBpbnQgaSA9IC0xOwog ICAgIGludCBwcml2YXRlID0gMDsKLSNpZiAwICAvKiB1bnVzZWQgbm93ICov Ci0gICAgRVZQX0NJUEhFUiAqY2lwaGVyID0gTlVMTDsKICAgICBjaGFyICpw YXNzd29yZCA9IE5VTEw7Ci0jZW5kaWYKICAgICBWQUxVRSBzdHI7CiAKICAg ICBSZXF1aXJlX0VDX0tFWShzZWxmLCBlYyk7CkBAIC00ODYsMzcgKzQ4Mywy NiBAQAogICAgIHN3aXRjaChmb3JtYXQpIHsKICAgICBjYXNlIEVYUE9SVF9Q RU06CiAgICAgCWlmIChwcml2YXRlKSB7Ci0jaWYgMCAgLyogdW51c2VkIG5v dyAqLwotICAgIAkgICAgaWYgKGNpcGhlciB8fCBwYXNzd29yZCkKLS8qIEJV RzogZmluaXNoIGNpcGhlci9wYXNzd29yZCBrZXkgZXhwb3J0ICovCi0gICAg CSAgICAgICAgcmJfbm90aW1wbGVtZW50KCk7CisJICAgIGNvbnN0IEVWUF9D SVBIRVIgKmNpcGhlcjsKKwkgICAgaWYgKCFOSUxfUChjaXBoKSkgeworCQlj aXBoZXIgPSBHZXRDaXBoZXJQdHIoY2lwaCk7CisJCWlmICghTklMX1AocGFz cykpIHsKKwkJICAgIHBhc3N3b3JkID0gU3RyaW5nVmFsdWVQdHIocGFzcyk7 CisJCX0KKwkgICAgfQorCSAgICBlbHNlIHsKKwkJY2lwaGVyID0gTlVMTDsK KwkgICAgfQogICAgICAgICAgICAgaSA9IFBFTV93cml0ZV9iaW9fRUNQcml2 YXRlS2V5KG91dCwgZWMsIGNpcGhlciwgTlVMTCwgMCwgTlVMTCwgcGFzc3dv cmQpOwotI2VuZGlmCi0gICAgICAgICAgICBpID0gUEVNX3dyaXRlX2Jpb19F Q1ByaXZhdGVLZXkob3V0LCBlYywgTlVMTCwgTlVMTCwgMCwgTlVMTCwgTlVM TCk7CiAgICAgCX0gZWxzZSB7Ci0jaWYgMCAgLyogdW51c2VkIG5vdyAqLwot ICAgIAkgICAgaWYgKGNpcGhlciB8fCBwYXNzd29yZCkKLSAgICAgICAgICAg ICAgICByYl9yYWlzZShyYl9lQXJnRXJyb3IsICJlbmNyeXB0aW9uIGlzIG5v dCBzdXBwb3J0ZWQgd2hlbiBleHBvcnRpbmcgdGhpcyBrZXkgdHlwZSIpOwot I2VuZGlmCi0KICAgICAgICAgICAgIGkgPSBQRU1fd3JpdGVfYmlvX0VDX1BV QktFWShvdXQsIGVjKTsKICAgICAgICAgfQogCiAgICAgCWJyZWFrOwogICAg IGNhc2UgRVhQT1JUX0RFUjoKICAgICAgICAgaWYgKHByaXZhdGUpIHsKLSNp ZiAwICAvKiB1bnVzZWQgbm93ICovCi0gICAgCSAgICBpZiAoY2lwaGVyIHx8 IHBhc3N3b3JkKQotICAgICAgICAgICAgICAgIHJiX3JhaXNlKHJiX2VBcmdF cnJvciwgImVuY3J5cHRpb24gaXMgbm90IHN1cHBvcnRlZCB3aGVuIGV4cG9y dGluZyB0aGlzIGtleSB0eXBlIik7Ci0jZW5kaWYKLQogICAgICAgICAgICAg aSA9IGkyZF9FQ1ByaXZhdGVLZXlfYmlvKG91dCwgZWMpOwogICAgICAgICB9 IGVsc2UgewotI2lmIDAgIC8qIHVudXNlZCBub3cgKi8KLSAgICAJICAgIGlm IChjaXBoZXIgfHwgcGFzc3dvcmQpCi0gICAgICAgICAgICAgICAgcmJfcmFp c2UocmJfZUFyZ0Vycm9yLCAiZW5jcnlwdGlvbiBpcyBub3Qgc3VwcG9ydGVk IHdoZW4gZXhwb3J0aW5nIHRoaXMga2V5IHR5cGUiKTsKLSNlbmRpZgotCiAg ICAgICAgICAgICBpID0gaTJkX0VDX1BVQktFWV9iaW8ob3V0LCBlYyk7CiAg ICAgICAgIH0KIApAQCAtNTM5LDEyICs1MjUsMjAgQEAKIC8qCiAgKiAgY2Fs bC1zZXE6CiAgKiAgICAga2V5LnRvX3BlbSAgID0+IFN0cmluZworICogICAg IGtleS50b19wZW0oY2lwaGVyLCBwYXNzX3BocmFzZSkgPT4gU3RyaW5nCiAg KgotICogIFNlZSB0aGUgT3BlblNTTCBkb2N1bWVudGF0aW9uIGZvciBQRU1f d3JpdGVfYmlvX0VDUHJpdmF0ZUtleSgpCisgKiBPdXRwdXRzIHRoZSBFQyBr ZXkgaW4gUEVNIGVuY29kaW5nLiAgSWYgK2NpcGhlcisgYW5kICtwYXNzX3Bo cmFzZSsgYXJlCisgKiBnaXZlbiB0aGV5IHdpbGwgYmUgdXNlZCB0byBlbmNy eXB0IHRoZSBrZXkuICArY2lwaGVyKyBtdXN0IGJlIGFuCisgKiBPcGVuU1NM OjpDaXBoZXI6OkNpcGhlciBpbnN0YW5jZS4gTm90ZSB0aGF0IGVuY3J5cHRp b24gd2lsbCBvbmx5IGJlCisgKiBlZmZlY3RpdmUgZm9yIGEgcHJpdmF0ZSBr ZXksIHB1YmxpYyBrZXlzIHdpbGwgYWx3YXlzIGJlIGVuY29kZWQgaW4gcGxh aW4KKyAqIHRleHQuCisgKgogICovCi1zdGF0aWMgVkFMVUUgb3NzbF9lY19r ZXlfdG9fcGVtKFZBTFVFIHNlbGYpCitzdGF0aWMgVkFMVUUgb3NzbF9lY19r ZXlfdG9fcGVtKGludCBhcmdjLCBWQUxVRSAqYXJndiwgVkFMVUUgc2VsZikK IHsKLSAgICByZXR1cm4gb3NzbF9lY19rZXlfdG9fc3RyaW5nKHNlbGYsIEVY UE9SVF9QRU0pOworICAgIFZBTFVFIGNpcGhlciwgcGFzc3dkOworICAgIHJi X3NjYW5fYXJncyhhcmdjLCBhcmd2LCAiMDIiLCAmY2lwaGVyLCAmcGFzc3dk KTsKKyAgICByZXR1cm4gb3NzbF9lY19rZXlfdG9fc3RyaW5nKHNlbGYsIGNp cGhlciwgcGFzc3dkLCBFWFBPUlRfUEVNKTsKIH0KIAogLyoKQEAgLTU1NSw3 ICs1NDksNyBAQAogICovCiBzdGF0aWMgVkFMVUUgb3NzbF9lY19rZXlfdG9f ZGVyKFZBTFVFIHNlbGYpCiB7Ci0gICAgcmV0dXJuIG9zc2xfZWNfa2V5X3Rv X3N0cmluZyhzZWxmLCBFWFBPUlRfREVSKTsKKyAgICByZXR1cm4gb3NzbF9l Y19rZXlfdG9fc3RyaW5nKHNlbGYsIFFuaWwsIFFuaWwsIEVYUE9SVF9ERVIp OwogfQogCiAvKgpAQCAtMTUyNiw3ICsxNTIwLDcgQEAKICAgICByYl9kZWZp bmVfbWV0aG9kKGNFQywgImRzYV92ZXJpZnlfYXNuMSIsIG9zc2xfZWNfa2V5 X2RzYV92ZXJpZnlfYXNuMSwgMik7CiAvKiBkb19zaWduL2RvX3ZlcmlmeSAq LwogCi0gICAgcmJfZGVmaW5lX21ldGhvZChjRUMsICJ0b19wZW0iLCBvc3Ns X2VjX2tleV90b19wZW0sIDApOworICAgIHJiX2RlZmluZV9tZXRob2QoY0VD LCAidG9fcGVtIiwgb3NzbF9lY19rZXlfdG9fcGVtLCAtMSk7CiAgICAgcmJf ZGVmaW5lX21ldGhvZChjRUMsICJ0b19kZXIiLCBvc3NsX2VjX2tleV90b19k ZXIsIDApOwogICAgIHJiX2RlZmluZV9tZXRob2QoY0VDLCAidG9fdGV4dCIs IG9zc2xfZWNfa2V5X3RvX3RleHQsIDApOwogCgo= --mimepart_4d62f6f3b74_1dc2ab0fc16330e0--