Project

General

Profile

Bug #6567

Let OpenSSL::PKey::EC follow the general PKey interface

Added by MartinBosslet (Martin Bosslet) almost 8 years ago. Updated almost 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
openssl
Target version:
-
ruby -v:
trunk
Backport:
[ruby-core:45541]

Description

This is supposed to be a parent task that references several quirks and issues that came up with OpenSSL::PKey::EC. The recurring theme is that EC doesn't follow the PKey interface established by RSA and DSA at times, and this results in things failing that shouldn't. These issues should be fixed even if they break backwards compatibility - in my opinion there's nothing won by keeping an interface that doesn't follow the contract.

Related issues:

https://bugs.ruby-lang.org/issues/5600
https://bugs.ruby-lang.org/issues/6252
https://bugs.ruby-lang.org/issues/4418
https://bugs.ruby-lang.org/issues/6310


Related issues

Related to Ruby master - Bug #8177: ext/openssl/pkcs7 signing fails with EC keysClosedopensslActions
Related to Ruby master - Bug #5600: OpenSSL::X509::Request can't sign() an OpenSSL::PKey::ECClosedopensslActions
Related to Ruby master - Bug #10257: Generate X.509 certificate/request/CRL with elliptic curve keysClosedopensslActions

Updated by MartinBosslet (Martin Bosslet) almost 8 years ago

  • Category set to ext
  • Assignee set to MartinBosslet (Martin Bosslet)

Updated by mame (Yusuke Endoh) about 7 years ago

  • Target version changed from 2.0.0 to 2.6
#4

Updated by zzak (Zachary Scott) over 4 years ago

  • Assignee changed from MartinBosslet (Martin Bosslet) to openssl

Updated by rhenium (Kazuki Yamaguchi) almost 4 years ago

I want to work on this before the release of openssl gem.

  • EC#public_key returns an EC::Point, not an EC

    I think it's better to add new #dup_public (or #public_pkey ?) method for each PKey types, rather than changing EC#public_key to return an EC. Compatibility is one of the reasons, but more important, the name 'public_key' is confusing.

  • EC#private? and #public? are missing

    Adding aliases to #private_key? and #public_key? respectively should be enough.

  • EC#generate_key should be #generate_key!

    DH has #generate_key!.

  • EC.generate is missing

    This can be implemented as a shorthand for EC.new(group).generate_key.

#6

Updated by Anonymous almost 4 years ago

  • Status changed from Assigned to Closed

Applied in changeset r55098.


openssl: add OpenSSL::PKey::EC#private? and #public?

  • ext/openssl/ossl_pkey_ec.c: rename PKey::EC#private_key? and
    #public_key? to #private? and #public? for consistency with other
    PKey types. Old names remain as alias. [ruby-core:45541] [Bug #6567]

  • test/openssl/test_pkey_ec.rb (test_check_key): check private? and
    public? works correctly.

#7

Updated by rhenium (Kazuki Yamaguchi) almost 4 years ago

  • Related to Bug #5600: OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC added
#8

Updated by rhenium (Kazuki Yamaguchi) almost 4 years ago

  • Related to Bug #10257: Generate X.509 certificate/request/CRL with elliptic curve keys added

Also available in: Atom PDF