Project

General

Profile

Bug #5600

OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC

Added by scaligo (Steve Caligo) over 8 years ago. Updated almost 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
openssl
Target version:
-
ruby -v:
ruby 1.9.3p0 (2011-10-30 revision 33570) [x86_64-linux]
Backport:
[ruby-core:40853]

Description

Unlike the PKey::DSA and PKey::RSA classes, PKey::EC provides a private_key?() rather than private?() method and is thus incompatible with the other OpenSSL classes that rely on them, i.e. it makes impossible to generate a certificate signing request:

key = OpenSSL::PKey::EC.new('secp521r1')
key.generate_key

req = OpenSSL::X509::Request.new
req.public_key = key
req.subject = OpenSSL::X509::Name.parse('CN=whatever')
req.sign(key, OpenSSL::Digest::SHA384.new)

which produces the error:

in sign': undefined methodprivate?' for #OpenSSL::PKey::EC:0x000000021b4980 (NoMethodError)

ossl_pkey_ec.c should either:

  • rb_define_method() the missing private? and public? methods
  • rename public_key? to public? and private_key? to private?

Judging by the source code, this should be present in branch 1.8 as well.


Related issues

Related to Ruby master - Bug #6567: Let OpenSSL::PKey::EC follow the general PKey interface ClosedopensslActions

Also available in: Atom PDF