v3.2.0

What's Changed

• pkey/ec: constify by @nobu in #584
• [DOC] Remove repeated example from Digest by @Maumagnaguagno in #587
• Do not require a test file in a separately run test case by @andrykonchin in #591
• Update the latest version of EnvUtil by @hsbt in #593
• Improve GH Actions by @hsbt in #599
• Forward-port https://bugs.ruby-lang.org/issues/19386 by @hsbt in #596
• Skip failing test with truffleruby and ubuntu-22.04 by @hsbt in #600
• Stub gemspec for JRuby by @headius in #598
• .github/workflows/test.yml: Update OpenSSL versions by @junaruga in #602
• Relax error message for OpenSSL 3.1 by @nobu in #607
• Register global variables before assignment by @nobu in #613
• Add rdoc as a development dependency. by @junaruga in #616
• Implement FIPS functions, adding OpenSSL FIPS mode case on CI. by @junaruga in #608
• Fix warnings about the OPENSSL_FIPS macro in OpenSSL 1.1. by @junaruga in #621
• Revert "Skip OpenSSL::TestHMAC#test_dup when running with RHEL9" by @hsbt in #622
• CI: Enable the verbose mode in the mkmf.rb. by @junaruga in #623
• CI: Enable the verbose mode in the mkmf.rb by env MAKEFLAGS. by @junaruga in #624
• Remove usage of IO internals. by @ioquatix in #627
• Append flags from environment variables. by @junaruga in #629
• Print the Ruby and compiler info or the command itself before compiling. by @junaruga in #630
• Rakefile: Print the message with Rake.rake_output_message. by @junaruga in #632
• Fix OpenSSL::PKey.read that cannot parse PKey in the FIPS mode. by @junaruga in #615
• Implement Write Barrier for all OpenSSL types by @byroot in #604
• CI: Rename the key name "foo_bar" (underscore) to "foo-bar" (hyphen). by @junaruga in #634
• CI: Upgrade OpenSSL and LibreSSL versions. by @junaruga in #636
• extconf.rb: apply RUBY_OPENSSL_EXT{C,LD}FLAGS after checking features by @rhenium in #633
• pkey: use unsigned type for bit fields by @rhenium in #638
• Drop support for Ruby 2.6 by @rhenium in #639
• CI: Check compiler warnings. by @junaruga in #631
• CI: Fix a typo in the comment. [ci skip] by @junaruga in #641
• add OpenSSL Provider support by @QWYNG in #635
• Add support for raw private/public keys by @sylph01 in #646
• [DOC] remove top-level example for OpenSSL::Cipher#pkcs5_keyivgen by @rhenium in #647
• Always respect the openssl prefix chosen by truffle/openssl-prefix on TruffleRuby by @eregon in #653
• CI: Add OpenSSL 3.1 FIPS case. by @junaruga in #655
• CI: Upgrade OpenSSL versions. by @junaruga in #657
• Raise an error when the specified OpenSSL library directory doesn't exist. by @junaruga in #618
• CI: Add OpenSSL master branch head non-FIPS and FIPS cases. by @junaruga in #658
• Enhance printing OpenSSL versions. by @junaruga in #662
• Use openssl? instead of OpenSSL::OPENSSL_VERSION_NUMBER. by @junaruga in #663
• test/openssl/test_pkey.rb: Fix pending tests in FIPS case. by @junaruga in #664
• Include "additional data" message in OpenSSL errors by @rhenium in #648
• ssl: raise SSLError if loading ca_file or ca_path fails by @rhenium in #659
• [DOC] enhance RDoc for exporting pkeys by @rhenium in #645
• ssl: adjust "certificate verify failed" error on SSL_ERROR_SYSCALL by @rhenium in #640
• Fix LIBRESSL_VERSION_NUMBER document mistake. by @junaruga in #667
• Rakefile: Print FIPS information in the rake debug. by @junaruga in #666
• CI: Replace "mode" in "FIPS mode" with "module". by @junaruga in #670
• ossl_pkey.c: Workaround: Decode with non-zero selections. by @junaruga in #669
• Use the test-unit-ruby-core gem for Test::Unit::CoreAssertions by @rhenium in #673
• test/openssl/test_pkey_ec.rb: refactor tests for EC.builtin_curves by @rhenium in #675
• Refactor Buffering consume_rbuff and getbyte methods by @Maumagnaguagno in #585
• Prefer String#unpack1 by @Maumagnaguagno in #586
• ssl: use ffdhe2048 from RFC 7919 as the default DH group parameters by @rhenium in #674
• instead of looking of NIDs and then using X509V3_EXT_nconf_nid, by @mcr in #141
• Fix OCSP documentation by @p8 in #676
• Remove OSSL_DEBUG compile-time option by @rhenium in #677
• Fix test_pkey_ec.rb on FIPS. by @junaruga in #681
• Bump actions/checkout from 3 to 4 by @dependabot in #682
• Release 3.2.0 by @rhenium in #678

New Contributors

• @Maumagnaguagno made their first contribution in #587
• @andrykonchin made their first contribution in #591
• @headius made their first contribution in #598
• @byroot made their first contribution in #604
• @QWYNG made their first contribution in #635
• @sylph01 made their first contribution in #646
• @mcr made their first contribution in #141
• @p8 made their first contribution in #676
• @dependabot made their first contribution in #682

Full Changelog: v3.1.0...v3.2.0

v3.1.0

What's Changed

• Added 'ciphersuites=' method to allow setting of TLSv1.3 cipher suites along with some unit tests by @kmdz1 in #493
• Install openssl with vcpkg on mswin by @nobu in #504
• Make tests pass on LibreSSL 3.5 and 3.4 by @jeremyevans in #506
• Fix formatting in docs by @peterzhu2118 in #508
• Update actions at 2022/3 by @hsbt in #505
• Use SHA256 for OCSP BasicResponse and Request by @jackorp in #507
• [CI] add Ubuntu-22.04 and update mswin, all are OpenSSL 3 by @MSP-Greg in #514
• ignore pkgconfig when openssl-dir option is specified by @skaes in #486
• Skip a new test when old OpenSSL by @nobu in #524
• Check for OpenSSL functions in headers by @XrXr in #520
• [CI] test.yml - test-openssls - use 1.1.1q, 3.0.5 by @MSP-Greg in #528
• [CI] TestHMAC#test_dup - remove 'pend' for OpenSSL 3 by @MSP-Greg in #529
• implement SSLSocket#export_keying_material for doing RFC 5705 operations by @madblobfish in #530
• Add support to SSL_CTX_set_keylog_callback() by @cdelafuente-r7 in #536
• Use default IO#timeout if possible. by @ioquatix in #547
• Use default IO#timeout if possible. by @ioquatix in #548
• Call out insecure PKCS #1 v1.5 default padding for RSA by @bdewater in #549
• Add BN#mod_sqrt by @btoews in #553
• Use SHA256 instead of SHA1 where needed in tests. by @jackorp in #554
• Enable HKDF support for LibreSSL 3.6 and later by @botovq in #569
• Allow empty string to OpenSSL::Cipher#update by @unasuke in #568
• Fixes OPENSSL_LIBRARY_VERSION description on documentation by @hbontempo-br in #559
• Use EVP_Digest{Sign,Verify} when available by @botovq in #560
• Added dependebot for github actions by @hsbt in #574
• Rake and test-unit are only for development by @nobu in #578
• Actions - Use Ubuntu 20.04 for 1.1.1 CI, misc fixes by @MSP-Greg in #573
• Fix test failures with LibreSSL 3.6 by @rhenium in #579
• Check for functions with arguments by @nobu in #575
• Suppress OpenSSL-3 warnings by @nobu in #576
• Undefine OpenSSL::SSL for no socket platforms by @kateinoigakukun in #558
• Ruby/OpenSSL 3.1.0 by @rhenium in #583

New Contributors

• @kmdz1 made their first contribution in #493
• @peterzhu2118 made their first contribution in #508
• @jackorp made their first contribution in #507
• @skaes made their first contribution in #486
• @XrXr made their first contribution in #520
• @madblobfish made their first contribution in #530
• @cdelafuente-r7 made their first contribution in #536
• @botovq made their first contribution in #569
• @hbontempo-br made their first contribution in #559
• @kateinoigakukun made their first contribution in #558

Full Changelog: v3.0.2...v3.1.0

v3.0.2

What's Changed

• pkey/ec: fix multiple ossl_raise() calls using cEC_POINT instead of eEC_POINT by @bannable in #570
• raise when EC_POINT_cmp or EC_GROUP_cmp error instead of returning true by @bannable in #564
• maint-2.2 Actions - update workflow to use OpenSSL 1.1.1, actions/checkout@v3 by @MSP-Greg in #572
• pkey/ec: check private key validity with OpenSSL 3 by @rhenium in #580
• Ruby/OpenSSL 2.2.3 by @rhenium in #581
• Ruby/OpenSSL 3.0.2 by @rhenium in #582

New Contributors

• @bannable made their first contribution in #570

Full Changelog: v3.0.1...v3.0.2

v2.2.3

What's Changed

• pkey/ec: fix multiple ossl_raise() calls using cEC_POINT instead of eEC_POINT by @bannable in #570
• raise when EC_POINT_cmp or EC_GROUP_cmp error instead of returning true by @bannable in #564
• maint-2.2 Actions - update workflow to use OpenSSL 1.1.1, actions/checkout@v3 by @MSP-Greg in #572
• Ruby/OpenSSL 2.2.3 by @rhenium in #581

New Contributors

• @bannable made their first contribution in #570

Full Changelog: v2.2.2...v2.2.3