Merge pull request #5 from ClearlyClaire/openssl-3

Add support for OpenSSL 3.0

Author: brauliomartinezlm

.github/workflows/build.yml

@@ -22,6 +22,7 @@ jobs:
           - 2.5.8
           - 2.4.10
         gemfile:
+          - openssl_3_0
           - openssl_2_2
           - openssl_2_1
           - openssl_2_0

Appraisals

@@ -1,5 +1,9 @@
 # frozen_string_literal: true
 
+appraise "openssl_3_0" do
+  gem "openssl", "~> 3.0.0"
+end
+
 appraise "openssl_2_2" do
   gem "openssl", "~> 2.2.0"
 end

Gemfile.lock

@@ -2,7 +2,7 @@ PATH
   remote: .
   specs:
     openssl-signature_algorithm (1.1.1)
-      openssl (~> 2.0)
+      openssl (> 2.0, < 3.1)
 
 GEM
   remote: https://rubygems.org/
@@ -16,7 +16,7 @@ GEM
     diff-lcs (1.3)
     ed25519 (1.2.4)
     jaro_winkler (1.5.4)
-    openssl (2.2.0)
+    openssl (3.0.0)
     parallel (1.19.1)
     parser (2.7.0.5)
       ast (~> 2.4.0)

lib/openssl/signature_algorithm/ecdsa.rb

@@ -1,5 +1,6 @@
 # frozen_string_literal: true
 
+require "delegate"
 require "openssl"
 require "openssl/signature_algorithm/base"
 
@@ -8,17 +9,21 @@ module SignatureAlgorithm
     class ECDSA < Base
       BYTE_LENGTH = 8
 
-      class SigningKey < OpenSSL::PKey::EC
+      class SigningKey < DelegateClass(OpenSSL::PKey::EC)
         def initialize(*args)
-          super(*args).generate_key
+          super(OpenSSL::PKey::EC.generate(*args))
         end
 
         def verify_key
           VerifyKey.new(group, public_key.to_bn)
         end
       end
 
-      class VerifyKey < OpenSSL::PKey::EC::Point
+      class VerifyKey < DelegateClass(OpenSSL::PKey::EC::Point)
+        def initialize(*args)
+          super(OpenSSL::PKey::EC::Point.new(*args))
+        end
+
         def self.deserialize(pem_string)
           new(OpenSSL::PKey::EC.new(pem_string).public_key)
         end
@@ -30,10 +35,16 @@ def serialize
         def ec_key
           @ec_key ||=
             begin
-              ec_key = OpenSSL::PKey::EC.new(group)
-              ec_key.public_key = self
-
-              ec_key
+              # RFC5480 SubjectPublicKeyInfo
+              asn1 = OpenSSL::ASN1::Sequence([
+                OpenSSL::ASN1::Sequence([
+                  OpenSSL::ASN1::ObjectId("id-ecPublicKey"),
+                  OpenSSL::ASN1::ObjectId(group.curve_name),
+                ]),
+                OpenSSL::ASN1::BitString(to_octet_string(:uncompressed))
+              ])
+
+              OpenSSL::PKey::EC.new(asn1.to_der)
             end
         end
 

lib/openssl/signature_algorithm/rsa.rb

@@ -1,22 +1,31 @@
 # frozen_string_literal: true
 
+require "delegate"
 require "openssl"
 require "openssl/signature_algorithm/base"
 
 module OpenSSL
   module SignatureAlgorithm
     class RSA < Base
-      class SigningKey < OpenSSL::PKey::RSA
+      class SigningKey < DelegateClass(OpenSSL::PKey::RSA)
+        def initialize(*args)
+          super(OpenSSL::PKey::RSA.new(*args))
+        end
+
         def verify_key
           VerifyKey.new(public_key.to_pem)
         end
       end
 
-      class VerifyKey < OpenSSL::PKey::RSA
+      class VerifyKey < DelegateClass(OpenSSL::PKey::RSA)
         class << self
           alias_method :deserialize, :new
         end
 
+        def initialize(*args)
+          super(OpenSSL::PKey::RSA.new(*args))
+        end
+
         def serialize
           to_pem
         end

openssl-signature_algorithm.gemspec

@@ -28,5 +28,5 @@ Gem::Specification.new do |spec|
   spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
   spec.require_paths = ["lib"]
 
-  spec.add_runtime_dependency "openssl", "~> 2.0"
+  spec.add_runtime_dependency "openssl", "> 2.0", "< 3.1"
 end