Skip to content

Commit

Permalink
Merge pull request cedarcode#360 from ClearlyClaire/openssl-3
Browse files Browse the repository at this point in the history
Prepare for OpenSSL 3 compatibility
  • Loading branch information
brauliomartinezlm authored Jul 14, 2022
2 parents 0ae9489 + f8476eb commit f7e17bd
Show file tree
Hide file tree
Showing 9 changed files with 15 additions and 15 deletions.
4 changes: 2 additions & 2 deletions lib/webauthn/attestation_statement/tpm.rb
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ def valid_key_attestation?(certified_extra_data, key, aaguid)
OpenSSL::Digest.digest(cose_algorithm.hash_function, certified_extra_data),
signature_algorithm: tpm_algorithm[:signature],
hash_algorithm: tpm_algorithm[:hash],
root_certificates: root_certificates(aaguid: aaguid)
trusted_certificates: root_certificates(aaguid: aaguid)
)

key_attestation.valid? && key_attestation.key && key_attestation.key.to_pem == key.to_pem
Expand All @@ -54,7 +54,7 @@ def valid_certificate_chain?(**_)
end

def default_root_certificates
::TPM::KeyAttestation::ROOT_CERTIFICATES
::TPM::KeyAttestation::TRUSTED_CERTIFICATES
end

def tpm_algorithm
Expand Down
2 changes: 1 addition & 1 deletion lib/webauthn/fake_authenticator.rb
Original file line number Diff line number Diff line change
Expand Up @@ -95,7 +95,7 @@ def get_assertion(
attr_reader :credentials

def new_credential
[SecureRandom.random_bytes(16), OpenSSL::PKey::EC.new("prime256v1").generate_key, 0]
[SecureRandom.random_bytes(16), OpenSSL::PKey::EC.generate("prime256v1"), 0]
end

def hashed(target)
Expand Down
2 changes: 1 addition & 1 deletion lib/webauthn/fake_authenticator/authenticator_data.rb
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ def initialize(
rp_id_hash:,
credential: {
id: SecureRandom.random_bytes(16),
public_key: OpenSSL::PKey::EC.new("prime256v1").generate_key.public_key
public_key: OpenSSL::PKey::EC.generate("prime256v1").public_key
},
sign_count: 0,
user_present: true,
Expand Down
2 changes: 1 addition & 1 deletion spec/spec_helper.rb
Original file line number Diff line number Diff line change
Expand Up @@ -102,7 +102,7 @@ def create_rsa_key
end

def create_ec_key
OpenSSL::PKey::EC.new("prime256v1").generate_key
OpenSSL::PKey::EC.generate("prime256v1")
end

X509_V3 = 2
Expand Down
4 changes: 2 additions & 2 deletions spec/webauthn/attestation_statement/fido_u2f_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -87,7 +87,7 @@
let(:credential_public_key) do
WebAuthn.configuration.algorithms << "ES384"

OpenSSL::PKey::EC.new("secp384r1").generate_key.public_key
OpenSSL::PKey::EC.generate("secp384r1").public_key
end

it "fails" do
Expand Down Expand Up @@ -119,7 +119,7 @@
end

context "because it is not of the correct curve" do
let(:attestation_key) { OpenSSL::PKey::EC.new("secp384r1").generate_key }
let(:attestation_key) { OpenSSL::PKey::EC.generate("secp384r1") }

it "fails" do
expect(statement.valid?(authenticator_data, client_data_hash)).to be_falsy
Expand Down
2 changes: 1 addition & 1 deletion spec/webauthn/attestation_statement/packed_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@
let(:credential_key) do
WebAuthn.configuration.algorithms << "ES512"

OpenSSL::PKey::EC.new("secp521r1").generate_key
OpenSSL::PKey::EC.generate("secp521r1")
end

it "fails" do
Expand Down
6 changes: 3 additions & 3 deletions spec/webauthn/attestation_statement/tpm_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -139,10 +139,10 @@

around do |example|
silence_warnings do
original_tpm_certificates = ::TPM::KeyAttestation::ROOT_CERTIFICATES
::TPM::KeyAttestation::ROOT_CERTIFICATES = tpm_certificates
original_tpm_certificates = ::TPM::KeyAttestation::TRUSTED_CERTIFICATES
::TPM::KeyAttestation::TRUSTED_CERTIFICATES = tpm_certificates
example.run
::TPM::KeyAttestation::ROOT_CERTIFICATES = original_tpm_certificates
::TPM::KeyAttestation::TRUSTED_CERTIFICATES = original_tpm_certificates
end
end

Expand Down
4 changes: 2 additions & 2 deletions spec/webauthn/public_key_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -126,7 +126,7 @@

cose_key
end
let(:key) { OpenSSL::PKey::EC.new("prime256v1").generate_key }
let(:key) { OpenSSL::PKey::EC.generate("prime256v1") }
let(:webauthn_public_key) { WebAuthn::PublicKey.new(cose_key: cose_key) }

it "works" do
Expand All @@ -143,7 +143,7 @@

context "when it was signed with a different key" do
let(:signature) do
OpenSSL::PKey::EC.new("prime256v1").generate_key.sign(
OpenSSL::PKey::EC.generate("prime256v1").sign(
hash_algorithm,
to_be_signed
)
Expand Down
4 changes: 2 additions & 2 deletions webauthn.gemspec
Original file line number Diff line number Diff line change
Expand Up @@ -38,9 +38,9 @@ Gem::Specification.new do |spec|
spec.add_dependency "bindata", "~> 2.4"
spec.add_dependency "cbor", "~> 0.5.9"
spec.add_dependency "cose", "~> 1.1"
spec.add_dependency "openssl", "~> 2.2"
spec.add_dependency "openssl", ">= 2.2", "< 3.1"
spec.add_dependency "safety_net_attestation", "~> 0.4.0"
spec.add_dependency "tpm-key_attestation", "~> 0.10.0"
spec.add_dependency "tpm-key_attestation", "~> 0.11.0"

spec.add_development_dependency "bundler", ">= 1.17", "< 3.0"
spec.add_development_dependency "byebug", "~> 11.0"
Expand Down

0 comments on commit f7e17bd

Please sign in to comment.