[ext/openssl] Allow public/private key creation from arbitrary data
There is a public funtion in PKey that allowed to read arbitrary
private keys from a file regardless of the actual key type, but it
was not exposed in Ruby, only in C.
In Ruby, the only way to instantiate public/private keys is by
calling initialize on the correct PKey subclass, implying that
you need to know what kind of key you're actually dealing with.
There are situations where the key type is not known in advance,
e.g. if a certificate SubjectPublicKeyInfo shall be turned into
a public key. In that case you only know that you're dealing with
a public key, but not necessarily with what kind of key. In
situations like these it would come in handy to have methods that
create a PKey instance regardless of the underlying data.
The attached patch provides this by adding two module functions to
PKey, read_public and read_private. They allow reading generic
public/private keys from a String or a File, optionally providing
a password in the case of encrypted PEM encodings. RDoc has also
Please note that the included tests partly rely on the patches
If those were applied, the combination with this patch would
provide consistent behavior among all three public key systems
supported in Ruby.
Updated by MartinBosslet (Martin Bosslet) about 9 years ago
- Status changed from Open to Assigned
- Assignee set to MartinBosslet (Martin Bosslet)
When again looking at this I realized that there is no
need for separating creation of public and private keys, one
method is actually all it takes (cf. attachment).
This feature would add
OpenSSL::PKey.read( file | string [, pwd] )
that allows to read arbitrary keys (private or public)
that are encoded in the generic X.509 format.
1) Is it OK if I apply this?
2) Is "read" OK w.r.t naming conventions? Or should I use
initialize instead (as it is done for the sub-classes RSA,
DSA and EC) or name it differently altogether?
Updated by Anonymous about 9 years ago
- Status changed from Assigned to Closed
- % Done changed from 0 to 100
This issue was solved with changeset r32036.
Martin, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.
- ext/openssl/ossl_pkey.c: added PKey.read module function that allow reading arbitrary public/private keys from DER-/PEM-encoded File or string instances.
- ext/openssl/ossl_pkey_dh.c: improved documentation.
- test/openssl/utils.rb: added EC test key.
- test/openssl/test_pkey_rsa.rb test/openssl/test_pkey_dsa.rb: Test PKey.read. Reuse keys from OpenSSL::TestUtils.
- test/openssl/test_pkey_ec.rb: Created test file for EC tests. Test PKey.read. [Ruby 1.9 - Feature #4424] [ruby-core:35330]