Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OpenSSL v3 Support #108

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

OpenSSL v3 Support #108

wants to merge 3 commits into from

Conversation

nscott
Copy link

@nscott nscott commented Jan 17, 2023

This allows usage of JWKs with OpenSSL v3, which is the default in Ubuntu 22.04. OpenSSL v1.1.1 (the current default in many OSes) is EOL later in 2023.

rake test successfully executes with OpenSSL v1.1.1, so this should be fully backwards compatible. None of that code has changed, but instead it's routed to if the OpenSSL version matches.

I haven't been able to make an isolated environment with OpenSSL v3; I think it would be much easier to do once PR 106 is merged.

That said, I did pull in this branch to my service which is running Ubuntu 22.04 with OpenSSL v3, and I was able to successfully generate QR codes once again.

The Ruby OpenSSL support for parameters is currently lacking, so using the ASN data to manually create keys seems to be "state of the art". See ruby/openssl#369 (comment) and ruby/openssl#369 (comment) for specifically using ASNs.

Once ruby/openssl#555 is merged it's likely that a lot of the "ugly" code with ASNs can be cleaned up and made simpler, but this gets everything working in the mean time.

@nscott nscott mentioned this pull request Jan 17, 2023
Open
@codecov
Copy link

codecov bot commented Jan 17, 2023

Codecov Report

Merging #108 (bd50dae) into main (ee12a25) will not change coverage.
The diff coverage is n/a.

❗ Current head bd50dae differs from pull request most recent head 8ceefc7. Consider uploading reports for the commit 8ceefc7 to get more accurate results

@@           Coverage Diff           @@
##             main     #108   +/-   ##
=======================================
  Coverage   96.35%   96.35%           
=======================================
  Files          24       24           
  Lines         548      548           
=======================================
  Hits          528      528           
  Misses         20       20

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

@nscott
Copy link
Author

nscott commented Jan 17, 2023

The tests failed due to a pdf generation issue on the test platform. Don't think I can help there, unfortunately. Please still review this PR.

@ssayer ssayer self-assigned this Jan 19, 2023
@ssayer
Copy link
Contributor

ssayer commented Jan 19, 2023

Hi @nscott, Thanks for the contribution! Let me poke around with the CI build, it looks like an issue with versioning.

@ssayer
Copy link
Contributor

ssayer commented Jan 26, 2023

@nscott It looks like the issue is an incompatibility between the version of wicked_pdf in the Gemfile and the Ubuntu version used by the GH CI workflow. PR #106 looks like it used a newer version to solve this problem. If you'd like to try updating the wicked_pdf version in this PR, please do, otherwise we'll look to rebase this once we have the Ruby 3.0 updates in.

@nscott
Copy link
Author

nscott commented Jun 16, 2023

Just a reminder: https://www.openssl.org/blog/blog/2023/06/15/1.1.1-EOL-Reminder/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@ssayer ssayer

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nscott @ssayer