Releases: jruby/jruby-openssl
Releases · jruby/jruby-openssl
0.15.2
0.15.1
0.15.0
This version upgraded to latest Bouncy-Castle (1.78) and the minimum supported JRuby is now 9.2.
- [refactor] propagate IOError from selector exception
- [fix] convert IOException to Ruby exception correctly
follow up on the fix (#242) in 0.14.6 - [fix] implement
OpenSSL::PKey::EC::Point#mul
and#add
(#307) - [fix] ASN.1 BitString pad bits being out of range
- [compat] support base64digest on
OpenSSL::HMAC
- [compat] add
Buffering#getbyte
forSSLSocket
- [refactor] drop (unused) Config native impl
- [refactor] less locking when there's a shared SSLContext
- [fix] encoding of ASN1::Null primitive to_der
- [fix] ASN.1 tagged object tag-class encoding/decoding
- [fix] ASN1 primitive tagging (encoding) part (#122)
- [fix] encoding/decoding of all ASN1 string types
- [fix] ASN1Data encoding with Array primitive value (#119)
- [refactor] drop security restriction JCE work-around
- [refactor] drop long deprecated OpenSSLReal Java class
- [deps] upgrade BC to version 1.78
0.14.6
- [compat] OpenSSL::ConfigError and DEFAULT_CONFIG_FILE (#304)
- [fix]
OpenSSL::PKey::DH#set_pqg
regression (#300) - Convert
IOException
to Ruby exception correctly (#242) - [refactor] add exception debugging within SSLSocket#waitSelect
- [fix] sync
SSLContext#setup
as it could be shared (#302) - [refactor] organize i-var sets (set
@context
after setup)
0.14.5
0.14.4
- [fix] convert
OpenSSL::ASN1::Sequence
to an array on #to_der (#265) - [feat] implement
PKey::DH.generate
and (dummy)q
reader (#254) - [fix] raise
TypeError
when arg isn't aGroup
- [refactor] make sure
ASN1Error
has native cause - [fix] stop assuming (JDK) EC key identifier
"EC" with Sun provider but "ECDSA" with BC - [fix] do not check empty string as curve name
- [fix] make sure
PKeyEC#group.curve_name
is always set - [refactor]
PKey.read
to use BC fully when reading public keys - [fix]
OpenSSL::X509::CRL#sign
to accept string digest - [fix]
OpenSSL::X509::Request#version
default is -1 - [fix] resolving EC key from
X509::Request.new(pem)
- [feat] implement
OpenSSL::X509::Request#signature_algorithm
- [fix] work-around CSR failing with EC key (#294)
- [feat] implement
OpenSSL::PKey::EC#to_text
(#280) - [feat] partial support for
PKey::EC::Point#to_octet_string(form)
- [feat] implement
OpenSSL::PKCS7::SignerInfo#signed_time
(#269) - [feat] implement #oid method for
PKey
classes (#281) - [fix] raise
PKeyError
fromPKey.read
when no key (#285) - [fix] restore PKCS#8 EC key handling (see #292)
- [fix] revert
readPrivateKey
so public key is not lost (#292)
0.14.3
- [fix]
SSLSocket#alpn_protocol
to be nil when not used (#287) - [feat] try resolving curve-name from EC public key
- [feat] implement missing
PKey::EC#dsa_verify_asn1
(#241) - [feat] implement support for
PKey::EC.generate
(#255) - [refactor] make sure curveName is set when using
PKey.read
(#289) - [fix] add
Cipher#auth_data(arg)
override (Rails 7.x compatibility) (#290) - [fix] raise
TypeError
when arg not of expected type (jruby/jruby#7875)
0.14.2
0.14.1
-
[refactor] improve performance of Diffie-Hellman key exchange (#272)
-
Try to use JDK console to prompt for pass (#270)
-
[fix] for PKCS8 EC private key support (#267)
-
[fix] Java's default session timeout in 24h
-
[fix] handle ArgumentError on
SSLSession#timeout=
-
[fix] buffer overflow after wrap-ing data - wait
-
[refactor] try a few tricks to detect session re-use