Code, Strings, and Keys

Quick script to dump info about OpenSSL in ruby

Ruby can be built with OpenSSL by default or built with an alternate OpenSSL library (for example, if you had Ruby 3.0 and wanted an OpenSSL >= 3.0.0). There are a few constants and methods to check the version and capabilities of you OpenSSL library connected to Ruby, all from the module OpenSSL documentation available online:

require 'openssl'
# https://ruby.github.io/openssl/OpenSSL.html
puts "OpenSSL::OPENSSL_FIPS = #{OpenSSL::OPENSSL_FIPS}"
puts "\t-> Boolean indicating whether OpenSSL is FIPS-capable or not"
# try to turn on fips_mode if it is marked as true
if OpenSSL::OPENSSL_FIPS
puts "-> Setting fips_mode to true"
begin
OpenSSL.fips_mode = true
puts "-> fips_mode successfully turned on"
rescue OpenSSL::OpenSSLError => e
puts "X-> turning on fips_mode failed with \"#{e.message}\""
end
end
puts
puts "OpenSSL::OPENSSL_LIBRARY_VERSION = #{OpenSSL::OPENSSL_LIBRARY_VERSION}"
puts "OpenSSL::OPENSSL_VERSION = #{OpenSSL::OPENSSL_VERSION}"
puts "-> Version of OpenSSL the ruby OpenSSL extension was built with"
puts
puts "OpenSSL::OPENSSL_VERSION_NUMBER = #{OpenSSL::OPENSSL_VERSION_NUMBER.to_s(16)}"
puts "-> Version number of OpenSSL the ruby OpenSSL extension was built with (base 16)."
puts
puts " The formats are below."
puts " ———————-"
puts " OpenSSL 3"
puts " ->0xMNN00PP0 (major minor 00 patch 0)"
puts " OpenSSL before 3"
puts " ->0xMNNFFPPS (major minor fix patch status)"
puts " LibreSSL"
puts " -> 0x20000000 (fixed value)"
puts
view raw openssl_stats.rb hosted with ❤ by GitHub

ThomasPowell

,

Leave a Reply