Skip to content

Releases: jruby/jruby-openssl

0.15.2

24 Nov 09:46
29cedb9
Compare
Choose a tag to compare
  • [deps] upgrade BC to version 1.79
  • [fix] avoid PKey::EC.new failing with specific DER (#318)
  • [fix] have a useful OPENSSL_VERSION_NUMBER

0.15.1

27 Sep 11:23
d805c4b
Compare
Choose a tag to compare
  • [deps] upgrade BC to version 1.78.1

0.15.0

21 Jun 09:52
60932f1
Compare
Choose a tag to compare

This version upgraded to latest Bouncy-Castle (1.78) and the minimum supported JRuby is now 9.2.

  • [refactor] propagate IOError from selector exception
  • [fix] convert IOException to Ruby exception correctly
    follow up on the fix (#242) in 0.14.6
  • [fix] implement OpenSSL::PKey::EC::Point#mul and #add (#307)
  • [fix] ASN.1 BitString pad bits being out of range
  • [compat] support base64digest on OpenSSL::HMAC
  • [compat] add Buffering#getbyte for SSLSocket
  • [refactor] drop (unused) Config native impl
  • [refactor] less locking when there's a shared SSLContext
  • [fix] encoding of ASN1::Null primitive to_der
  • [fix] ASN.1 tagged object tag-class encoding/decoding
  • [fix] ASN1 primitive tagging (encoding) part (#122)
  • [fix] encoding/decoding of all ASN1 string types
  • [fix] ASN1Data encoding with Array primitive value (#119)
  • [refactor] drop security restriction JCE work-around
  • [refactor] drop long deprecated OpenSSLReal Java class
  • [deps] upgrade BC to version 1.78

0.14.6

27 May 09:20
bbf5ccc
Compare
Choose a tag to compare
  • [compat] OpenSSL::ConfigError and DEFAULT_CONFIG_FILE (#304)
  • [fix] OpenSSL::PKey::DH#set_pqg regression (#300)
  • Convert IOException to Ruby exception correctly (#242)
  • [refactor] add exception debugging within SSLSocket#waitSelect
  • [fix] sync SSLContext#setup as it could be shared (#302)
  • [refactor] organize i-var sets (set @context after setup)

0.14.5

20 Apr 12:12
e7dc8d7
Compare
Choose a tag to compare
  • [fix] OpenSSL::X509::Request#verify with DSA public key
    (this was a regression introduced in JOSSL 0.14.4)

0.14.4

11 Apr 13:01
3370a45
Compare
Choose a tag to compare
  • [fix] convert OpenSSL::ASN1::Sequence to an array on #to_der (#265)
  • [feat] implement PKey::DH.generate and (dummy) q reader (#254)
  • [fix] raise TypeError when arg isn't a Group
  • [refactor] make sure ASN1Error has native cause
  • [fix] stop assuming (JDK) EC key identifier
    "EC" with Sun provider but "ECDSA" with BC
  • [fix] do not check empty string as curve name
  • [fix] make sure PKeyEC#group.curve_name is always set
  • [refactor] PKey.read to use BC fully when reading public keys
  • [fix] OpenSSL::X509::CRL#sign to accept string digest
  • [fix] OpenSSL::X509::Request#version default is -1
  • [fix] resolving EC key from X509::Request.new(pem)
  • [feat] implement OpenSSL::X509::Request#signature_algorithm
  • [fix] work-around CSR failing with EC key (#294)
  • [feat] implement OpenSSL::PKey::EC#to_text (#280)
  • [feat] partial support for PKey::EC::Point#to_octet_string(form)
  • [feat] implement OpenSSL::PKCS7::SignerInfo#signed_time (#269)
  • [feat] implement #oid method for PKey classes (#281)
  • [fix] raise PKeyError from PKey.read when no key (#285)
  • [fix] restore PKCS#8 EC key handling (see #292)
  • [fix] revert readPrivateKey so public key is not lost (#292)

0.14.3

13 Feb 16:56
055f575
Compare
Choose a tag to compare
  • [fix] SSLSocket#alpn_protocol to be nil when not used (#287)
  • [feat] try resolving curve-name from EC public key
  • [feat] implement missing PKey::EC#dsa_verify_asn1 (#241)
  • [feat] implement support for PKey::EC.generate (#255)
  • [refactor] make sure curveName is set when using PKey.read (#289)
  • [fix] add Cipher#auth_data(arg) override (Rails 7.x compatibility) (#290)
  • [fix] raise TypeError when arg not of expected type (jruby/jruby#7875)

0.14.2

07 Jul 11:03
b0ca8d8
Compare
Choose a tag to compare
  • [deps] upgrade BC to latest 1.74
  • [fix] for CRL verify when signed with EC key (#276)
  • [fix] OpenSSL::X509::Certificate#public_key raises for EC keys (#273)

0.14.1

13 Apr 10:57
ada944e
Compare
Choose a tag to compare
  • [refactor] improve performance of Diffie-Hellman key exchange (#272)

  • Try to use JDK console to prompt for pass (#270)

  • [fix] for PKCS8 EC private key support (#267)

  • [fix] Java's default session timeout in 24h

  • [fix] handle ArgumentError on SSLSession#timeout=

  • [fix] buffer overflow after wrap-ing data - wait

  • [refactor] try a few tricks to detect session re-use

0.14.0

30 Jun 13:20
e497cc1
Compare
Choose a tag to compare

This version upgraded to latest Bouncy-Castle (1.71) and is only compatible with the new version mostly due artifact naming and breaking changes in BC itself.

  • [deps] upgrade BC to latest 1.71
  • [fix] make set_minmax_proto_version private