[compat] support PKey::EC#sign_raw and verify_raw

Author: kares

src/main/java/org/jruby/ext/openssl/PKeyEC.java

@@ -527,6 +527,48 @@ public IRubyObject dsa_verify_asn1(final ThreadContext context, final IRubyObjec
         }
     }
 
+    // sign_raw(digest, data) -- signs pre-hashed (raw) bytes with the EC private key.
+    // Produces a DER-encoded ASN.1 SEQUENCE [r, s], identical to dsa_sign_asn1.
+    // The digest argument is accepted for API parity with RSA/DSA sign_raw but is unused;
+    // ECDSASigner operates directly on the supplied bytes without additional hashing.
+    @JRubyMethod(name = "sign_raw")
+    public IRubyObject sign_raw(final ThreadContext context, final IRubyObject digest, final IRubyObject data) {
+        return dsa_sign_asn1(context, data);
+    }
+
+    // verify_raw(digest, signature, data) -- verifies a DER-encoded ECDSA signature over raw bytes.
+    // Returns true/false; returns false (rather than raising) for a malformed or invalid signature.
+    // Argument order matches PKey#verify_raw convention: (digest, signature, data), unlike
+    // dsa_verify_asn1 which takes (data, signature).
+    @JRubyMethod(name = "verify_raw")
+    public IRubyObject verify_raw(final ThreadContext context, final IRubyObject digest,
+                                  final IRubyObject sign, final IRubyObject data) {
+        final Ruby runtime = context.runtime;
+        try {
+            final ECNamedCurveParameterSpec params = getParameterSpec();
+
+            final ECDSASigner signer = new ECDSASigner();
+            signer.init(false, new ECPublicKeyParameters(
+                    EC5Util.convertPoint(publicKey.getParams(), publicKey.getW()),
+                    new ECDomainParameters(params.getCurve(), params.getG(), params.getN(), params.getH())
+            ));
+
+            ASN1Primitive vec = new ASN1InputStream(sign.convertToString().getBytes()).readObject();
+            if (!(vec instanceof ASN1Sequence)) return runtime.getFalse();
+
+            ASN1Sequence seq = (ASN1Sequence) vec;
+            ASN1Integer r = ASN1Integer.getInstance(seq.getObjectAt(0));
+            ASN1Integer s = ASN1Integer.getInstance(seq.getObjectAt(1));
+
+            boolean verified = signer.verifySignature(data.convertToString().getBytes(), r.getPositiveValue(), s.getPositiveValue());
+            return runtime.newBoolean(verified);
+        }
+        catch (IOException | IllegalArgumentException | IllegalStateException ex) {
+            debugStackTrace(runtime, ex);
+            return runtime.getFalse();
+        }
+    }
+
     @JRubyMethod(name = "dh_compute_key")
     public IRubyObject dh_compute_key(final ThreadContext context, final IRubyObject point) {
         try {

src/test/ruby/ec/test_ec.rb

@@ -521,6 +521,14 @@ def test_dsa_sign_verify_all
     end
   end
 
+  def assert_sign_verify_false_or_error
+    ret = yield
+  rescue => e
+    assert_kind_of(OpenSSL::PKey::PKeyError, e)
+  else
+    assert_equal(false, ret)
+  end
+
   def test_sign_verify_raw
     key = Fixtures.pkey("p256")
     data1 = "foo"
@@ -530,10 +538,21 @@ def test_sign_verify_raw
 
     # Sign by #dsa_sign_asn1
     sig = key.dsa_sign_asn1(data1)
+    assert_equal true, key.dsa_verify_asn1(data1, sig)
+    assert_equal false, key.dsa_verify_asn1(data2, sig)
+    assert_sign_verify_false_or_error { key.dsa_verify_asn1(data1, malformed_sig) }
+    assert_equal true, key.verify_raw(nil, sig, data1)
+    assert_equal false, key.verify_raw(nil, sig, data2)
+    assert_sign_verify_false_or_error { key.verify_raw(nil, malformed_sig, data1) }
 
+    # Sign by #sign_raw
+    sig = key.sign_raw(nil, data1)
     assert_equal true, key.dsa_verify_asn1(data1, sig)
     assert_equal false, key.dsa_verify_asn1(data2, sig)
-    assert_raise(OpenSSL::PKey::ECError) { key.dsa_verify_asn1(data1, malformed_sig) }
+    assert_sign_verify_false_or_error { key.dsa_verify_asn1(data1, malformed_sig) }
+    assert_equal true, key.verify_raw(nil, sig, data1)
+    assert_equal false, key.verify_raw(nil, sig, data2)
+    assert_sign_verify_false_or_error { key.verify_raw(nil, malformed_sig, data1) }
   end
 
   def test_new_from_der