Project

General

Profile

Actions
Copy link

Bug #6567

closed

Let OpenSSL::PKey::EC follow the general PKey interface

Added by MartinBosslet (Martin Bosslet) over 12 years ago. Updated over 8 years ago.

Status:
Closed
Assignee:
-
Target version:
-
ruby -v:
trunk
Backport:
[ruby-core:45541]

Description

This is supposed to be a parent task that references several quirks and issues that came up with OpenSSL::PKey::EC. The recurring theme is that EC doesn't follow the PKey interface established by RSA and DSA at times, and this results in things failing that shouldn't. These issues should be fixed even if they break backwards compatibility - in my opinion there's nothing won by keeping an interface that doesn't follow the contract.

Related issues:

https://bugs.ruby-lang.org/issues/5600
https://bugs.ruby-lang.org/issues/6252
https://bugs.ruby-lang.org/issues/4418
https://bugs.ruby-lang.org/issues/6310

Related issues 3 (0 open3 closed)

Related to Ruby master - Bug #8177: ext/openssl/pkcs7 signing fails with EC keysClosedActions
Related to Ruby master - Bug #5600: OpenSSL::X509::Request can't sign() an OpenSSL::PKey::ECClosedActions
Related to Ruby master - Bug #10257: Generate X.509 certificate/request/CRL with elliptic curve keysClosedActions
Actions
Copy link
 #1 [ruby-core:45542]

Updated by MartinBosslet (Martin Bosslet) over 12 years ago

  • Category set to ext
  • Assignee set to MartinBosslet (Martin Bosslet)
Actions
Copy link
 #3 [ruby-core:52455]

Updated by mame (Yusuke Endoh) over 11 years ago

  • Target version changed from 2.0.0 to 2.6
Actions
Copy link
 #4

Updated by zzak (zzak _) about 9 years ago

  • Assignee changed from MartinBosslet (Martin Bosslet) to 7150
Actions
Copy link
 #5 [ruby-core:75503]

Updated by rhenium (Kazuki Yamaguchi) over 8 years ago

I want to work on this before the release of openssl gem.

  • EC#public_key returns an EC::Point, not an EC

    I think it's better to add new #dup_public (or #public_pkey ?) method for each PKey types, rather than changing EC#public_key to return an EC. Compatibility is one of the reasons, but more important, the name 'public_key' is confusing.

  • EC#private? and #public? are missing

    Adding aliases to #private_key? and #public_key? respectively should be enough.

  • EC#generate_key should be #generate_key!

    DH has #generate_key!.

  • EC.generate is missing

    This can be implemented as a shorthand for EC.new(group).generate_key.

Actions
Copy link
 #6

Updated by Anonymous over 8 years ago

  • Status changed from Assigned to Closed

Applied in changeset r55098.

openssl: add OpenSSL::PKey::EC#private? and #public?

  • ext/openssl/ossl_pkey_ec.c: rename PKey::EC#private_key? and
    #public_key? to #private? and #public? for consistency with other
    PKey types. Old names remain as alias. [ruby-core:45541] [Bug #6567]

  • test/openssl/test_pkey_ec.rb (test_check_key): check private? and
    public? works correctly.

Actions
Copy link
 #7

Updated by rhenium (Kazuki Yamaguchi) over 8 years ago

  • Related to Bug #5600: OpenSSL::X509::Request can't sign() an OpenSSL::PKey::EC added
Actions
Copy link
 #8

Updated by rhenium (Kazuki Yamaguchi) over 8 years ago

  • Related to Bug #10257: Generate X.509 certificate/request/CRL with elliptic curve keys added
Actions
Copy link

Also available in: Atom PDF

Like0
Like0Like0Like0Like0Like0Like0Like0Like0